An internet of vehicles information protection system and an internet of vehicles information protection method

By using a quantum random number generator to generate quantum random numbers as encryption keys in the vehicle network information protection system, the security problem in vehicle network data transmission is solved, distributed key generation and transmission are realized, and the security of vehicle control commands and the system's resistance to attacks are improved.

CN116032471BActive Publication Date: 2026-06-19HEFEI SIZHEN CHIP TECH CO LTD +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
HEFEI SIZHEN CHIP TECH CO LTD
Filing Date
2023-01-06
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

In vehicle-to-everything (V2X) data transmission, the security of remotely sent commands cannot be guaranteed, posing a risk to V2X data transmission, especially in fully or semi-autonomous vehicles, which may threaten the lives of passengers and pedestrians.

Method used

A quantum random number generator is used to generate quantum random numbers as the target encryption key. Through communication between the key generation device and the key receiving device, a vehicle network information protection system is realized, including a cloud control platform, smart roadbed equipment, electric vehicle charging piles and smart vehicles, to perform distributed key generation and transmission, thereby improving the security of the encryption key.

Benefits of technology

It improves the security of vehicle network data transmission, reduces the deployment cost of vehicle network information protection systems, enhances the system's resistance to attacks, and ensures the security of vehicle control commands.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116032471B_ABST
    Figure CN116032471B_ABST
Patent Text Reader

Abstract

This application discloses a vehicle-to-everything (V2X) information protection system and method. The system comprises four components: M components are key generation devices, and N components are key receiving devices. The key generation and receiving devices each include at least one of the following: a cloud control platform, a smart roadbed device, a vehicle charging pile, and a smart vehicle. The key generation and receiving devices are different devices communicating within the system. Vehicle-to-everything (V2X) communication is performed between the key generation and receiving devices. The key generation device generates quantum random numbers and generates a target encryption key based on these quantum random numbers. The key generation device sends the encryption key to the key receiving device. This approach, by not limiting the key generation device in the V2X information protection system, improves the security of the encryption key, thereby enhancing the security of V2X data transmission.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of data security, and in particular to a vehicle network information protection system and method. Background Technology

[0002] Vehicle safety is a matter of life and death for passengers and pedestrians. Today, a car is increasingly resembling a "computer on four wheels," with fully functional onboard computers and semi-autonomous driving technology becoming standard features in new energy vehicles, and autonomous driving technology expected to be widely applied in the near future. Under this trend, the security of vehicle-to-everything (V2X) data communication between onboard computers and various network terminals and servers becomes paramount.

[0003] Fully autonomous or semi-autonomous vehicles require remote control via commands during operation. However, remote command transmission cannot guarantee the security of the commands and poses a risk to the transmission of vehicle network data. Summary of the Invention

[0004] In view of this, this application provides a vehicle network information protection system and a vehicle network information protection method that do not limit the key generation device, thereby improving the security of the key and thus improving the security of vehicle network data transmission.

[0005] In a first aspect, this application provides a vehicle network information protection system, the system comprising four components, wherein M of the four components are key generation devices, and the other N of the four components are key receiving devices, the key generation devices and the key receiving devices communicate with each other via vehicle network, the key generation devices and the key receiving devices each comprising at least one of the following: a cloud central control platform, a smart roadbed device, a vehicle charging pile and a smart vehicle, and the key generation devices and the key receiving devices are different devices in the system capable of communicating;

[0006] The key generation device is used to generate quantum random numbers and use the quantum random numbers as the target encryption key;

[0007] The key generation device sends the target encryption key to the key receiving device.

[0008] In one possible implementation, the key generation device is the cloud control platform, and the key receiving device is the smart roadbed device, the car charging pile, and the smart car; the cloud control platform is used to generate a first encryption key and send the first encryption key to the smart roadbed device and the car charging pile; the car charging pile is used to send the first encryption key to the smart car after receiving it.

[0009] In one possible implementation, the key generation device comprises the smart roadbed device and the intelligent vehicle, and the key receiving device comprises the vehicle charging pile and the cloud control platform. The smart roadbed device generates a second encryption key and sends it to the cloud control platform. The cloud control platform, upon receiving the second encryption key, sends it to the vehicle charging pile. The vehicle charging pile, upon receiving the second encryption key, sends it to the intelligent vehicle. The intelligent vehicle generates a third encryption key and sends it to the vehicle charging pile. The vehicle charging pile, upon receiving the third encryption key, sends it to the cloud control platform. The cloud control platform, upon receiving the third encryption key, sends it to the smart roadbed device.

[0010] In one possible implementation, the key generation device is the car charging pile and the cloud control platform, and the key receiving device is the smart roadbed device and the smart car; the car charging pile is used to generate a fourth encryption key and send the fourth encryption key to the smart car and the cloud control platform; the cloud control platform is used to receive the fourth encryption key and send the fourth encryption key to the smart roadbed device; the cloud control platform is used to generate a fifth encryption key and send the fifth encryption key to the smart roadbed device and the car charging pile; the car charging pile is used to receive the fifth encryption key and send the fifth encryption key to the smart car.

[0011] In one possible implementation, the key generation device includes a quantum random number generator module, a first key storage module, a first key management module, and a first key synchronization module;

[0012] The quantum random number generator module is used to generate quantum random numbers using a quantum random number generation method, generate a target encryption key based on the quantum random numbers, store the target encryption key, and send the target encryption key to the first key storage module.

[0013] The first key storage module is used to receive and store the target encryption key sent by the quantum random number generator module, and send the target encryption key to the first key management module;

[0014] The first key management module is used to receive the target encryption key sent by the first key storage module, classify the target encryption key according to the preset number of the target encryption key to obtain a first category target encryption key, and send the first category target encryption key to the first key synchronization module;

[0015] The first key synchronization module is used to receive the first classification target encryption key sent by the first key management module, and synchronize the first classification target encryption key to the key receiving device.

[0016] In one possible implementation, the key generation device further includes an encryption module and a first communication module;

[0017] The encryption module is used to encrypt the vehicle network data to be encrypted using the first classification target encryption key in the first key management module to obtain target encrypted vehicle network data;

[0018] The first communication module is used to send the target encrypted vehicle network data to the key receiving device.

[0019] In one possible implementation, the key receiving device includes a second key storage module, a second key management module, and a second key synchronization module;

[0020] The second key synchronization module is used to receive the first classification target encryption key sent by the key generation device, and send the first classification target encryption key to the second key management module;

[0021] The second key management module is used to receive the first classification target encryption key sent by the second key synchronization module, classify the first classification target encryption key based on the preset number of the first classification target encryption key to obtain the second classification target encryption key, and then send the second classification target encryption key to the second key storage module.

[0022] The second key storage module is used to receive the second category target encryption key sent by the second key management module and store the second category target encryption key.

[0023] In one possible implementation, the key receiving device includes a decryption module and a second communication module;

[0024] The second communication module is used to receive the target encrypted vehicle network data sent by the first communication module and send the target encrypted vehicle network data to the decryption module; the decryption module is used to receive the target encrypted vehicle network data and decrypt the target encrypted vehicle network data using a preset decryption algorithm and a target decryption key;

[0025] In one possible implementation, the preset decryption algorithm includes symmetric encryption algorithms and Chinese national cryptographic algorithms.

[0026] Secondly, this application provides a method for protecting vehicle network information. This method is executed by a vehicle network protection system as described in the first aspect. The vehicle network information protection system comprises four components, of which M components are key generation devices, and the remaining N components are key receiving devices. The key generation devices and the key receiving devices communicate via vehicle network. Each key generation device and key receiving device includes at least one of the following: a cloud control platform, a smart roadbed device, a vehicle charging pile, and a smart vehicle. Furthermore, the key generation device and the key receiving device are different devices within the system capable of communication. The vehicle network information protection method includes:

[0027] The key generation device generates quantum random numbers and generates a target encryption key based on the quantum random numbers;

[0028] The key generating device sends the target encryption key to the key receiving device; the key receiving device receives the target encryption key from the key generating device and stores the target encryption key.

[0029] Therefore, this application has the following beneficial effects:

[0030] This application provides a vehicle-to-everything (V2X) information protection system and method. The system comprises four components: M components are key generation devices, and N components are key receiving devices. The key generation and key receiving devices each include at least one of the following: a cloud control platform, a smart roadbed device, a vehicle charging pile, and a smart vehicle. The key generation and key receiving devices are different devices within the system capable of communication. Vehicle-to-everything (V2X) communication is established between the key generation and key receiving devices. The key generation device generates quantum random numbers and generates a target encryption key based on these quantum random numbers. The key generation device sends the encryption key to the key receiving device. This approach, by not limiting the key generation device in the V2X information protection system, improves the security of the encryption key, thereby enhancing the security of V2X data transmission. Attached Figure Description

[0031] To more clearly illustrate the technical solutions in the embodiments of this application or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only embodiments of this application. For those skilled in the art, other drawings can be obtained based on the provided drawings without creative effort.

[0032] Figure 1 A schematic diagram of a vehicle network information protection system provided in this application embodiment;

[0033] Figure 2 This is a schematic diagram of another vehicle network information protection system structure provided in an embodiment of this application;

[0034] Figure 3 This is a schematic diagram of another vehicle network information protection system provided in the embodiments of this application;

[0035] Figure 4 This is a schematic diagram of another vehicle network information protection system structure provided in an embodiment of this application;

[0036] Figure 5 A schematic diagram of a vehicle network information protection system provided in this application embodiment;

[0037] Figure 6 This application provides a schematic diagram of the key distribution process for a vehicle network information protection system according to an embodiment of the present application.

[0038] Figure 7 This is a schematic diagram of the key distribution process of another vehicle network information protection system provided in an embodiment of this application;

[0039] Figure 8 A schematic diagram illustrating the key distribution process of another vehicle network information protection system provided in this application embodiment;

[0040] Figure 9 This application provides a schematic diagram illustrating the usage process of a built-in factory key in an embodiment of the present application.

[0041] Figure 10 This application provides a schematic diagram of a built-in factory key update process.

[0042] Figure 11 This is a schematic diagram of an encrypted information transmission structure provided in an embodiment of this application;

[0043] Figure 12 This is a schematic diagram of an encrypted information transmission process provided in an embodiment of this application;

[0044] Figure 13This is a schematic flowchart of a vehicle network information protection method for a vehicle network information protection system provided in an embodiment of this application. Detailed Implementation

[0045] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of this application, and not all of them. All other embodiments obtained by those skilled in the art based on the embodiments of this application without creative effort are within the scope of protection of this application.

[0046] To facilitate understanding and explanation of the technical solutions provided in the embodiments of this application, the background technology of this application will be described first.

[0047] Vehicle safety is a matter of life and death for passengers and pedestrians. Today, a car is increasingly resembling a "computer on four wheels," with fully functional onboard computers and semi-autonomous driving technology becoming standard features in new energy vehicles, and fully autonomous driving technology expected to be widely applied in the near future. In this context, the secure communication between onboard computers and various network terminals and servers becomes paramount.

[0048] Random numbers are a crucial resource in cryptography. Both classical and quantum cryptography impose extremely strict requirements on the randomness of random numbers, which directly determines the security of most cryptographic systems. Furthermore, random numbers have wide applications outside of cryptography, playing a vital role in sampling statistics, Monte Carlo simulations, and various aspects of computational science.

[0049] The randomness of physical random numbers is based on the randomness of some nondeterministic objective physical phenomena, including atmospheric noise, electronic noise, circuit jitter, etc. These random number generators produce random numbers by detecting the results of these physical phenomena. Furthermore, if these physical phenomena are quantum phenomena, then this type of physical random number generator is called a quantum random number generator. These physical phenomena include quantum physical processes such as vacuum fluctuations, phase noise, and radiative decay. Due to the intrinsic randomness of quantum mechanics in quantum physical processes, quantum random numbers are generally considered to possess true randomness, are unpredictable, and are an ideal type of random number generator.

[0050] With the introduction of this concept, significant progress has been made in the theoretical and experimental work on quantum random number generators. This can provide a higher level of security for real-time key sources in vehicle-to-cloud communication and vehicle-to-infrastructure (V2I) communication in the Internet of Vehicles (IoV), enabling encryption protection of sensitive data.

[0051] It should be noted that different vehicle-to-everything (V2X) encryption scenarios have different requirements and characteristics. Table 1 below illustrates typical V2X encryption scenarios:

[0052]

[0053] Table 1

[0054] In fully or semi-autonomous vehicles, some functions require remote control via commands during operation. These commands must be encrypted as securely as possible; otherwise, if the vehicle is remotely hijacked by criminals, it could lead to catastrophic consequences. Therefore, the encryption of remote control commands is directly related to the safety of passengers and the personal property of vehicle owners. For vehicle-to-everything (V2X) information protection systems, this type of data represents the highest level of security.

[0055] High-speed vehicle-to-cloud communication is a crucial requirement for the Internet of Vehicles (IoV) and a significant application scenario for 5G mobile communication technology in IoV. As the terminal for collecting data in the IoV, vehicles need to use cameras to capture a large number of high-definition images in real time while driving. These images are then processed locally for image recognition and uploaded to a cloud server to improve map positioning, road condition reporting, and autonomous driving image recognition algorithms.

[0056] Vehicle-road cooperation is an important component of the Internet of Vehicles. By embedding edge computing devices in roadside equipment (such as streetlights and traffic lights) and communicating with vehicle terminals in real time, it can obtain vehicle driving data, provide better navigation for vehicles, and optimize traffic conditions in real time.

[0057] In summary, this application proposes a comprehensive vehicle network information security protection scheme based on a quantum random number generator module or chip as its core, addressing the information security needs of the vehicle network. Compared with existing vehicle network information security schemes, it has the characteristics of key-provable security, as well as advantages such as easy deployment and lower cost.

[0058] This application provides a vehicle-to-everything (V2X) information protection system and method. The system comprises four components: M components are key generation devices, and N other components are key receiving devices. The key generation devices and the key receiving devices communicate via the V2X network. The key generation devices generate quantum random numbers and generate a target encryption key based on these quantum random numbers. The key generation devices then send the target encryption key to the key receiving devices. This approach avoids limiting the key generation devices in the V2X information protection system, thereby improving key security and ultimately enhancing the security of V2X data transmission.

[0059] To facilitate understanding of the technical solutions provided in the embodiments of this application, the following description, in conjunction with the accompanying drawings, illustrates a vehicle network information protection system and a vehicle network information protection method provided in the embodiments of this application.

[0060] First, it should be noted that the vehicle network information protection system provided in the embodiments of this application has the following components as shown in Table 2:

[0061]

[0062] Table 2

[0063] It should be noted that the key generation device in this application can be executed by at least one component of the vehicle network information protection system. For example, it could be executed by a cloud control platform, smart roadbed equipment and intelligent vehicles, or a vehicle charging pile and cloud control platform, etc. No specific limitations are made here.

[0064] Furthermore, the specific structure of the vehicle network information protection system shown in Table 2 is as follows: Figure 1 As shown.

[0065] The vehicle-to-everything (V2X) information protection system of this application comprises four components. M of these components are key generation devices 101, and the remaining N components are key receiving devices 102. The key generation devices and key receiving devices communicate via the V2X network. Each key generation device and key receiving device includes at least one of the following: a cloud control platform, a smart roadbed device, a vehicle charging pile, and a smart vehicle. Furthermore, the key generation devices and key receiving devices are different devices within the system capable of communication. The specific structure is as follows: Figure 2 As shown.

[0066] A key generation device 101 is used to generate quantum random numbers and generate a target encryption key based on the quantum random numbers;

[0067] The key generation device sends the target encryption key to the key receiving device 102.

[0068] It is understood that the key generation device in this application can be at least one component of the vehicle network information protection system in Table 1 above. When the key generation device 101 is any component of the vehicle network information protection system in Table 1, that is, any one of the cloud control platform, smart roadbed equipment, electric vehicle charging pile, and intelligent vehicle, then the key receiving device 102 is any other component of the vehicle network information protection system other than the key generation device 101.

[0069] It is understandable that when the key generation device 101 is a cloud control platform, the key receiving device 102 can be a smart roadbed device, a car charging pile, or a smart car, thus forming a vehicle-to-everything (V2X) information protection system. The structure of the V2X information protection system is as follows: Figure 3 As shown.

[0070] At this time, the cloud control platform generates the first encryption key and sends the first encryption key to the smart roadbed equipment and the car charging pile;

[0071] After receiving the first encryption key, the car charging station sends the first encryption key to the smart car.

[0072] In this embodiment, the vehicle-to-everything (V2X) information protection system uses a quantum random number generator in the cloud control platform to generate quantum keys, which are theoretically unpredictable. The key for the crucial intelligent vehicle component of the entire V2X information protection system is forwarded through the vehicle charging station. For the intelligent vehicle, key injection can occur during charging, similar to dedicated line key distribution, ensuring the security of subsequent encrypted communication.

[0073] It should be noted that the specific interaction process of this vehicle network information protection system can be found in Scenario Example 1 in the following content.

[0074] In one possible implementation, the key generation device 101 can also be a smart roadbed device and an intelligent vehicle. In this case, the key receiving device 102 can be a car charging pile and a cloud control platform, thus forming a vehicle network information protection system. The structure of the vehicle network information protection system is as follows: Figure 4 As shown.

[0075] At this time, the smart roadbed device generates a second encryption key and sends the second encryption key to the cloud control platform. After receiving the second encryption key, the cloud control platform sends the second encryption key to the car charging pile. After receiving the second encryption key, the car charging pile sends the second encryption key to the smart car.

[0076] The intelligent vehicle generates a third encryption key and sends the third encryption key to the vehicle charging pile. After receiving the third encryption key, the vehicle charging pile sends the third encryption key to the cloud control platform. After receiving the third encryption key, the cloud control platform sends the third encryption key to the intelligent roadbed equipment.

[0077] Thus, for the vehicle network information protection system in this embodiment, since the generation of quantum keys is distributed, it is difficult for an attacker to attack the entire system simultaneously.

[0078] It should be noted that the specific interaction process of this vehicle network information protection system can be found in Scenario Example 2 in the following content.

[0079] In another possible implementation, the key generation device 101 can also be a car charging station and a cloud control platform. In this case, the key receiving device 102 can be a smart roadbed device and a smart car, thus forming a vehicle network information protection system. The structure of the vehicle network information protection system is as follows: Figure 5 As shown.

[0080] At this time, the car charging pile generates a fourth encryption key and sends the fourth encryption key to the smart car and the cloud control platform. After receiving the fourth encryption key, the cloud control platform sends the fourth encryption key to the smart roadbed device.

[0081] The cloud control platform generates a fifth encryption key and sends the fifth encryption key to the smart roadbed equipment and the car charging pile. After receiving the fifth encryption key, the car charging pile sends the fifth encryption key to the smart car.

[0082] The vehicle network information protection system in this embodiment avoids the obstacles to deployment time caused by vehicle standard review, etc. It uses the car charging pile as a distributed quantum key generation terminal. The cloud control platform and the smart car synchronize keys with the cloud control platform and the smart car respectively through the above-mentioned key transmission method. The car charging pile itself does not store quantum keys.

[0083] It should be noted that the specific interaction process of this vehicle network information protection system can be found in Scenario Example 3 in the following content.

[0084] In this embodiment of the application, the key generation device 101 may include a quantum random number generator module, a first key storage module, a first key management module, and a first key synchronization module;

[0085] The quantum random number generator module is used to generate quantum random numbers using a quantum random number generation method, then generate a target encryption key based on the quantum random numbers, store the target encryption key, and send the target encryption key to a first key storage module. Furthermore, for cloud control platforms, the quantum random number generator module can be in the form of a board, a surface-mount module, or a chip. For electric vehicle charging piles, smart cars, and smart road infrastructure equipment, the main module form is a surface-mount module or a chip. Internally, it contains a quantum random process to generate a quantum key that can be proven to be truly random.

[0086] The first key storage module receives and stores the target encryption key sent by the quantum random number generator module, and then sends the target encryption key to the first key management module. The first key storage module can store the target encryption key generated by the quantum random number module, or encryption keys synchronized with other vehicle-to-everything (V2X) components. For electric vehicle charging stations, smart cars, and smart road infrastructure equipment, the first key storage module also stores the built-in factory key. The typical form of the first key storage module is similar to a solid-state storage medium such as a hard drive.

[0087] The first key management module receives target encryption keys sent by the first key storage module, classifies the target encryption keys based on preset numbers to obtain first-category target encryption keys, and sends the first-category target encryption keys to the first key synchronization module. Furthermore, the first key management module can provide appropriate keys to the encryption / decryption modules for the encryption and decryption of sensitive information during encrypted communication. This module can typically take the form of a portion of software code or a lookup table.

[0088] The first key synchronization module is used to synchronize the encryption key of the first category target to the key receiving device. The main key synchronization methods include some commonly used asymmetric algorithms, such as RSA and SM2 algorithms. In addition to these typical public algorithms, encryption can also be performed using the built-in factory key (key encrypt key, KEK).

[0089] It is understandable that the key generation device includes an encryption module and a first communication module;

[0090] The encryption module can encrypt the vehicle network data to be encrypted using the first-category target encryption key from the first key management module, thus obtaining the target encrypted vehicle network data. It is understandable that when secure communication is required among various components of the vehicle network, sensitive data can be encrypted or decrypted based on the quantum key provided by the key management module, combined with algorithms including the Data Encryption Standard (DES), symmetric cryptographic algorithms such as the Chinese national cryptographic standard SM1 or SM4, or one-time pad encryption methods. A typical form could be a dedicated cryptographic algorithm chip, or a set of custom encryption and decryption code running in the CPU.

[0091] The first communication module is used to send the target encrypted vehicle network data to the key receiving device.

[0092] Furthermore, the key receiving device includes a second key storage module, a second key management module, and a second key synchronization module.

[0093] The second key synchronization module is used to receive the first category target encryption key sent by the key generation device and send the first category target encryption key to the second key management module.

[0094] The second key management module is used to receive the first category target encryption key sent by the second key synchronization module, classify the first category target encryption key according to the preset number of the first category target encryption key to obtain the second category target encryption key, and then send the second category target encryption key to the second key storage module.

[0095] The second key storage module is used to receive and store the second category target encryption key.

[0096] Furthermore, the key receiving device includes a decryption module and a second communication module. The second communication module is used to receive the target encrypted vehicle network data sent by the first communication module and send the target encrypted vehicle network data to the decryption module.

[0097] The decryption module is used to receive target encrypted vehicle network data and decrypt the target encrypted vehicle network data using a preset decryption algorithm and a target decryption key.

[0098] In this embodiment of the application, the preset decryption algorithm may include symmetric encryption algorithms and national cryptographic algorithms, etc., and is not specifically limited here.

[0099] In other embodiments of this application, the system further includes:

[0100] Automotive CPU: A standard module in intelligent vehicles, it is the core of information processing in intelligent vehicles and the core of the entire intelligent vehicle information system. After receiving decrypted remote commands, it controls the vehicle's driving status or various settings parameters.

[0101] Equipment CPU: A standard module in intelligent roadbed equipment, it is the core of information processing within the intelligent roadbed equipment. After receiving decrypted remote commands, it controls various settings parameters of the roadbed equipment.

[0102] Communication module: Used for sending and receiving encrypted data. Typical communication methods include 5G wireless communication, NB-IoT wireless communication, and fiber optic communication.

[0103] Signaling Center Platform: Responsible for generating and receiving signaling sent by the cloud control platform or other IoT components.

[0104] Video cloud storage server: Used to store data sent by smart cars and smart roadbed equipment.

[0105] Information collection modules such as car cameras: These mainly include in-vehicle cameras, in-vehicle radar, in-vehicle recording equipment, and other devices that acquire data in the vehicle. This data needs to be sent to the cloud control platform in intelligent driving mode.

[0106] Equipment data acquisition module: mainly includes cameras, speed sensors and other equipment mounted on the intelligent roadbed equipment.

[0107] The vehicle network information protection system provided in this application does not limit the key generation device of the vehicle network information protection system, thereby improving the security of the key and thus improving the security of vehicle network data transmission.

[0108] The following three specific application scenarios will be used to provide a detailed explanation of the vehicle network information protection system in this application.

[0109] Application Scenario Example 1:

[0110] If the key generation device of the vehicle network information protection system in this application is a cloud central control platform, then the corresponding key receiving device is a smart roadbed device, a car charging pile, and a smart car.

[0111] In this embodiment, a quantum random number can be generated using the quantum random number generator module in the cloud control platform, and a target encryption key can be generated based on this quantum random number. The target encryption key is then stored in the key storage module of the cloud control platform, and classified and managed according to key number by the key management module of the cloud control platform.

[0112] After classification and management, the cloud control platform synchronizes the keys to the key synchronization modules of the electric vehicle charging piles and smart roadbed equipment through the key synchronization module in the cloud control platform. This enables the key management modules of the electric vehicle charging piles and smart roadbed equipment to classify the keys according to their numbers and store them in the key storage modules of the electric vehicle charging piles and smart roadbed equipment.

[0113] Finally, the key is synchronized to the key synchronization module in the smart car via the key synchronization module in the car charging station. This allows the smart car's key management module to classify the key and store it in the smart car's key storage module. This reduces the cost of distributed devices, including smart cars and charging stations, and also helps to shorten the time required for the solution to be deployed.

[0114] Furthermore, for a specific implementation process of key distribution in a vehicle network information protection system according to this embodiment, please refer to [link to relevant documentation]. Figure 6 .

[0115] The quantum random number generator module in the cloud control platform generates quantum keys and then sends the quantum keys to the key storage module for storage. The key management module extracts a certain number of keys from the key storage module as needed and provides them to the key synchronization module. The key synchronization module synchronizes keys with the car charging piles and smart roadbed equipment.

[0116] The key synchronization module in the smart roadbed equipment completes quantum key synchronization with the cloud control platform. The synchronization method can include asymmetric cryptographic algorithms such as RSA and SM2, or a KEK key update scheme based on the built-in factory key. The key is then sent to the key management module in the smart roadbed equipment. After receiving the key, the key management module numbers and groups the key, and then sends the key to the key storage module so that the key storage module can save the received key.

[0117] The key synchronization module in the car charging pile and the key synchronization module of the cloud control platform complete quantum key synchronization. The synchronization method can include asymmetric cryptographic algorithms such as RSA algorithm and SM2 algorithm, or a KEK key update scheme based on the built-in factory key.

[0118] Furthermore, the key synchronization module in the car charging station synchronizes keys with the smart car via the charging cable. After the key synchronization is completed, the car charging station deletes the synchronized key. The key synchronization module in the smart car synchronizes keys with the charging station via the charging cable. Upon receiving the key, the key synchronization module in the smart car sends the key to the key management module for numbering and grouping, and then sends the key to the key storage module so that the key storage module can save the received key.

[0119] After the above key distribution process, the synchronous distribution process of the quantum key for the entire vehicle network information protection system is completed.

[0120] Application Scenario Example 2:

[0121] If the key generation device of the vehicle network information protection system in this application is a smart roadbed device and a smart car, then the corresponding key receiving device is a car charging pile and a cloud control platform.

[0122] In this embodiment, a quantum random number generator module in the smart roadbed equipment and intelligent vehicle can generate a quantum random number based on a quantum random number generation method, and use this quantum random number as the target encryption key. The target encryption key is stored in the key storage module of the smart roadbed equipment and intelligent vehicle, and then classified and managed according to key number by the key management module of the smart roadbed equipment and intelligent vehicle.

[0123] After classification and management, smart roadbed equipment and intelligent vehicles synchronize their keys through key synchronization modules in the smart roadbed equipment and intelligent vehicles.

[0124] It should be noted that the smart roadbed equipment, cloud control platform, electric vehicle charging piles, and smart cars are connected sequentially. The keys generated by the smart roadbed equipment are first synchronized to the cloud control platform, then synchronized to the electric vehicle charging piles via the cloud control platform, and finally synchronized to the smart cars via the electric vehicle charging piles. During the key synchronization process between the electric vehicle charging piles and the smart cars, since it is done through the charging cable, it can be considered a temporary secure dedicated line, so key transmission can also be performed directly. In this case, both the cloud control platform and the electric vehicle charging piles include a key storage module, a key synchronization module, and a key management module. For the specific synchronization process, please refer to Application Scenario Example 1, which will not be elaborated here.

[0125] Furthermore, the key generated by the intelligent vehicle is first synchronized to the vehicle charging station, then synchronized to the cloud control platform through the vehicle charging station, and finally synchronized to the smart roadbed equipment through the cloud control platform.

[0126] Because the generation of keys is distributed, it is difficult for attackers to attack the entire system simultaneously, thus improving the system's security.

[0127] Furthermore, for the specific implementation process of key distribution in another vehicle network information protection system in this embodiment, please refer to... Figure 7 .

[0128] The quantum random number module in the smart roadbed equipment generates a quantum key and sends it to the key storage module. After the key storage module stores the key, the key management module extracts a certain number of keys from the key storage module as needed and provides them to the key synchronization module. The key synchronization module receives the keys and completes quantum key synchronization with the cloud control platform. The synchronization methods include asymmetric cryptographic algorithms such as RSA and SM2, or a KEK key update scheme based on the built-in factory key.

[0129] After the key synchronization module in the cloud control platform synchronizes the key with the smart roadbed equipment, the key synchronization module in the cloud control platform sends the key to the key management module. After receiving the key, the key management module of the cloud control platform numbers and groups the received key, and then sends the key to the key storage module so that the key storage module can save the key.

[0130] The quantum random number module in the smart car generates a quantum key and sends the key to the key storage module. The key storage module stores the key. The key management module extracts a certain number of keys from the key storage module as needed and provides them to the key synchronization module. The key synchronization module and the car charging station transmit keys synchronously via the charging cable.

[0131] After the key synchronization module in the car charging station synchronizes its key with the smart car via the charging cable, it obtains the key and then performs quantum synchronization with the key synchronization module of the cloud control platform. The synchronization method can include asymmetric cryptographic algorithms such as RSA and SM2, or a KEK key update scheme based on the built-in factory key. After completing key synchronization with the cloud control platform, the synchronized key is deleted. Upon receiving the synchronized key from the car charging station, the cloud control platform uses its key management module to number and group the received keys, and then uses its key storage module to save the received keys.

[0132] The quantum key synchronization distribution of the entire vehicle network information protection system is completed through the above key distribution process.

[0133] Application Scenario Example 3:

[0134] If the key generation device of the vehicle network information protection system in this application is a car charging pile and a cloud control platform, then the corresponding key receiving device is a smart roadbed device and a smart car.

[0135] In this embodiment, a quantum random number can be generated based on a quantum random number generation method using the quantum random number generator module in the car charging pile and the cloud control platform, and this quantum random number is used as the target encryption key. The target encryption key is stored in the key storage module in the car charging pile and the cloud control platform, and the key is classified and managed according to key number and key purpose by the key management module in the car charging pile and the cloud control platform.

[0136] After classification and management, the electric vehicle charging piles and the cloud control platform synchronize their keys through the key synchronization module in both the electric vehicle charging piles and the cloud control platform.

[0137] It should be noted that the smart roadbed equipment, cloud control platform, electric vehicle charging piles, and smart cars are connected in sequence.

[0138] The keys generated by the cloud control platform can be synchronized to smart roadbed equipment and electric vehicle charging stations, and then synchronized to smart vehicles via the charging stations. The keys generated by the charging stations can also be synchronized to the cloud control platform and smart vehicles, enabling the cloud control platform to synchronize the keys to the smart roadbed equipment. In this case, both the smart roadbed equipment and the smart vehicles include a key storage module, a key synchronization module, and a key management module. For a detailed synchronization process, please refer to Application Scenario Example 1, which will not be elaborated upon here.

[0139] Furthermore, for a specific implementation process of key distribution in another vehicle-to-everything (V2X) information protection system in this embodiment, please refer to [link to relevant documentation]. Figure 8 .

[0140] The quantum random number generation module in the cloud control platform generates quantum keys and sends them to the key storage module for storage. The key management module retrieves a certain number of keys from the key storage module as needed and provides them to the key synchronization module for key synchronization with the car charging piles and smart roadbed equipment. Simultaneously, the key synchronization module sends a certain number of keys to the key management module. The cloud control platform then uses the key management module to number and group the received keys before sending them to the key storage module for storage.

[0141] The synchronization module of the smart roadbed equipment completes quantum key synchronization with the cloud control platform to obtain the key, and then sends the key to the key management module. The synchronization methods include asymmetric cryptographic algorithms such as RSA and SM2, or a KEK key update scheme based on the built-in factory key. The key management module of the smart roadbed equipment numbers and groups the received keys. The key management module then sends the keys to the key storage module, which stores the received keys.

[0142] The quantum random number generator module in the car charging station generates a quantum key and sends it to the key storage module, which stores the key. The key management module retrieves a certain number of keys from the key storage module as needed and provides them to the key synchronization module. The key synchronization module synchronizes the quantum keys with the cloud control platform. Synchronization methods include asymmetric cryptographic algorithms such as RSA and SM2, or a KEK key update scheme based on the built-in factory key. This allows the key synchronization module of the cloud control platform to synchronize with the quantum random number generator module in the car charging station. The key synchronization module in the cloud control platform then sends the obtained key to the key management module, which numbers and groups the key, and then sends the key to the key storage module for receipt and storage. Furthermore, the key synchronization module in the car charging station and the smart car can synchronize keys via the charging cable. After all the above key synchronizations are completed, the synchronized keys are deleted.

[0143] The key synchronization module of the intelligent vehicle transmits the key synchronously with the key synchronization module of the vehicle charging pile to obtain the key, and then sends the obtained key to the key management module of the intelligent vehicle. The key management module numbers and groups the received key, and then sends the key to the key storage module so that the key storage module can save the received key.

[0144] The quantum key synchronization distribution of the entire vehicle network information protection system is completed through the above key distribution process.

[0145] In one possible implementation, the built-in factory key (KEK) key synchronization method consists of two parts: the use of the built-in key and the updating of the built-in key, as detailed below. Figure 9 The built-in factory key usage process demonstrates a key encryption transmission scheme that uses the built-in factory key to perform one-time pad encryption on the quantum key.

[0146] Furthermore, since the cloud control platform pre-stores the factory-installed keys for intelligent roadbed equipment and intelligent charging piles, these keys can be used for one-time pad encryption transmission using quantum keys. To ensure security, the built-in keys can be updated after a specified time period, as follows: Figure 10 The built-in factory key update process is shown in the diagram.

[0147] It should be noted that after key distribution is completed using the three key distribution methods described above, the cloud control platform, smart roadbed equipment, and intelligent vehicles will use the synchronously generated quantum key distribution combined with encryption algorithms to encrypt the information. The encrypted data will then be transmitted via 5G wireless communication or fiber optic channels. For the specific encrypted information transmission structure between the cloud control platform, smart roadbed equipment, and intelligent vehicles, please refer to [link to relevant documentation]. Figure 11 .

[0148] For further details on the encrypted information transmission process, please refer to [link / reference]. Figure 12 The specific details are as follows:

[0149] The signaling platform center or data acquisition module such as cameras in the data generator / signaling sender publishes signaling or sends confidential data transmission requests. The encryption module obtains the encryption key from the key management module and encrypts it using the one-time pad encryption algorithm or the SM1 and SM4 symmetric encryption algorithms. The encrypted information is then sent to the communication module, which transmits the encrypted data according to the specified communication protocol.

[0150] The communication module in the data receiver / signaling receiver receives the encrypted data and sends it to the encryption / decryption module. The encryption / decryption module receives the encrypted data, decrypts it, stores it, and sends the decrypted signaling to the CPU of the relevant device, enabling the CPU to operate on the device status according to the signaling instructions. The encryption / decryption module obtains the decryption key from the key management module and performs decryption using a one-time pad algorithm (generating one key at a time) or SM1 and SM4 symmetric encryption algorithms.

[0151] This application also provides a vehicle network information protection method executed by the aforementioned vehicle network information protection system. Since the principle of this method in solving the problem is similar to that of the aforementioned vehicle network information protection system, the implementation of this method can refer to the implementation of the vehicle network information protection system, and the repeated parts will not be described again.

[0152] like Figure 13 As shown, the vehicle network information protection method of the vehicle network information protection system in this application is executed by the aforementioned vehicle network protection system. The vehicle network information protection system includes four components, of which M components are key generation devices and N components are key receiving devices. The key generation devices and the key receiving devices communicate with each other via the vehicle network. The key generation devices and the key receiving devices each include at least one of the following: a cloud control platform, a smart roadbed device, a vehicle charging pile, and a smart car. The key generation devices and the key receiving devices are different devices in the system capable of communication. The vehicle network information protection method includes the following steps:

[0153] S201. The key generation device generates a quantum random number and generates a target encryption key based on the quantum random number.

[0154] S202, The key generation device sends the target encryption key to the key receiving device.

[0155] S203. The key receiving device receives the target encryption key from the key generating device and stores the target encryption key.

[0156] In this embodiment of the application, the key generation device can be the cloud control platform, and the key receiving device can be the smart roadbed device, the car charging pile, and the smart car.

[0157] The cloud control platform generates a first encryption key and sends the first encryption key to the smart roadbed equipment and the car charging pile; after receiving the first encryption key, the car charging pile sends the first encryption key to the smart car.

[0158] The key generation device is the smart roadbed device and the smart car, and the key receiving device is the car charging pile and the cloud control platform;

[0159] The smart roadbed device generates a second encryption key and sends it to the cloud control platform. Upon receiving the second encryption key, the cloud control platform sends it to the vehicle charging station. Upon receiving the second encryption key, the vehicle charging station sends it to the smart vehicle. The smart vehicle generates a third encryption key and sends it to the vehicle charging station. Upon receiving the third encryption key, the vehicle charging station sends it to the cloud control platform. Upon receiving the third encryption key, the cloud control platform sends it to the smart roadbed device.

[0160] The key generation device is the car charging pile and the cloud control platform, and the key receiving device is the smart roadbed equipment and the smart car;

[0161] The car charging pile generates a fourth encryption key and sends the fourth encryption key to the smart car and the cloud control platform; after receiving the fourth encryption key, the cloud control platform sends the fourth encryption key to the smart roadbed device; the cloud control platform generates a fifth encryption key and sends the fifth encryption key to the smart roadbed device and the car charging pile; after receiving the fifth encryption key, the car charging pile sends the fifth encryption key to the smart car.

[0162] It should be noted that the key generation device includes a quantum random number generator module, a first key storage module, a first key management module, and a first key synchronization module;

[0163] The quantum random number generator module generates quantum random numbers using a quantum random number generation method, generates a target encryption key based on the quantum random numbers, stores the target encryption key, and sends the target encryption key to the first key storage module.

[0164] The first key storage module receives and stores the target encryption key sent by the quantum random number generator module, and sends the target encryption key to the first key management module;

[0165] The first key management module receives the target encryption key sent by the first key storage module, classifies the target encryption key according to the preset number of the target encryption key to obtain a first category of target encryption key, and sends the first category of target encryption key to the first key synchronization module.

[0166] The first key synchronization module receives the first category target encryption key sent by the first key management module and synchronizes the first category target encryption key to the key receiving device.

[0167] The key generation device further includes an encryption module and a first communication module;

[0168] The encryption module uses the first classification target encryption key in the first key management module to encrypt the vehicle network data to be encrypted, thereby obtaining the target encrypted vehicle network data;

[0169] The first communication module sends the target encrypted vehicle network data to the key receiving device.

[0170] The key receiving device includes a second key storage module, a second key management module, and a second key synchronization module;

[0171] The second key synchronization module receives the first classification target encryption key sent by the key generation device and sends the first classification target encryption key to the second key management module;

[0172] The second key management module receives the first classification target encryption key sent by the second key synchronization module, classifies the first classification target encryption key based on the preset number of the first classification target encryption key to obtain the second classification target encryption key, and then sends the second classification target encryption key to the second key storage module.

[0173] The second key storage module receives the second category target encryption key sent by the second key management module and stores the second category target encryption key.

[0174] The key receiving device includes a decryption module and a second communication module; the second communication module receives the target encrypted vehicle network data sent by the first communication module and sends the target encrypted vehicle network data to the decryption module; the decryption module receives the target encrypted vehicle network data and decrypts the target encrypted vehicle network data using a preset decryption algorithm and a target decryption key, wherein the preset decryption algorithm includes a symmetric encryption algorithm and a national cryptographic algorithm.

[0175] The vehicle network information protection method of the vehicle network information protection system provided in this application generates a quantum random number and uses the quantum random number as the target encryption key. The target encryption key is then sent to a key receiving device so that the key receiving device stores the target encryption key. This does not limit the key generation device of the vehicle network information protection system, thereby improving the security of the key and thus improving the security of vehicle network data transmission.

[0176] It should be noted that the various embodiments in this specification are described in a progressive manner, with each embodiment focusing on the differences from other embodiments. Similar or identical parts between embodiments can be referred to interchangeably. Regarding the methods disclosed in the embodiments, since they correspond to the systems disclosed in the embodiments, the descriptions are relatively simple, and relevant parts can be referred to the method section.

[0177] It should be understood that in this application, "at least one (item)" means one or more, and "more than" means two or more. "And / or" is used to describe the relationship between related objects, indicating that three relationships can exist. For example, "A and / or B" can represent three cases: only A exists, only B exists, and both A and B exist simultaneously, where A and B can be singular or plural. The character " / " generally indicates that the preceding and following related objects are in an "or" relationship. "At least one (item) of the following" or similar expressions refer to any combination of these items, including any combination of single or plural items. For example, at least one (item) of a, b, or c can represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", where a, b, and c can be single or multiple.

[0178] It should also be noted that, in this document, relational terms such as "first" and "second" are used only to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes said element.

[0179] The above description of the disclosed embodiments enables those skilled in the art to make or use this application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of this application. Therefore, this application is not to be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims

1. A vehicle-to-everything information protection system, characterized in that, The system comprises four components: a cloud control platform, smart roadbed equipment, a vehicle charging station, and a smart vehicle. Each of these four components includes a key generation device and a key receiving device, which communicate with each other via vehicle-to-everything (V2X) communication. The key generation device and the key receiving device each include at least one of the following: the cloud control platform, the smart roadbed equipment, the vehicle charging station, and the smart vehicle. Furthermore, the key generation device and the key receiving device are different devices within the system capable of communication. The system is configured to operate in multiple key distribution modes, wherein, in different key distribution modes, M devices are selected from the cloud control platform, smart roadbed equipment, car charging piles and smart cars as current key generation devices, and the remaining N devices are selected as current key receiving devices. The key generation device is used to generate quantum random numbers and generate a target encryption key based on the quantum random numbers; the key generation device is used to send the target encryption key to the current key receiving device according to a predetermined distribution path corresponding to the identities of the current key generation device and the current key receiving device; The predetermined distribution path includes at least one of the following: When the current key generating device is the cloud control platform, the current key receiving device is the smart roadbed device, the car charging pile, and the smart car; the cloud control platform is used to generate a first encryption key and send the first encryption key to the smart roadbed device and the car charging pile; the car charging pile is used to send the first encryption key to the smart car after receiving it. When the current key generating device is the smart roadbed device and the intelligent vehicle, the current key receiving device is the vehicle charging pile and the cloud control platform; the smart roadbed device is used to generate a second encryption key and send the second encryption key to the cloud control platform; the cloud control platform is used to receive the second encryption key and send the second encryption key to the vehicle charging pile; the vehicle charging pile is used to receive the second encryption key and send the second encryption key to the intelligent vehicle; the intelligent vehicle is used to generate a third encryption key and send the third encryption key to the vehicle charging pile; the vehicle charging pile is used to receive the third encryption key and send the third encryption key to the cloud control platform; the cloud control platform is used to receive the third encryption key and send the third encryption key to the smart roadbed device; When the current key generating device is the car charging pile and the cloud control platform, the current key receiving device is the smart roadbed device and the smart car; the car charging pile is used to generate a fourth encryption key and send the fourth encryption key to the smart car and the cloud control platform; the cloud control platform is used to receive the fourth encryption key and send the fourth encryption key to the smart roadbed device; the cloud control platform is used to generate a fifth encryption key and send the fifth encryption key to the smart roadbed device and the car charging pile; the car charging pile is used to receive the fifth encryption key and send the fifth encryption key to the smart car; The key generation device includes a quantum random number generator module, a first key storage module, a first key management module, and a first key synchronization module. The quantum random number generator module is used to generate the quantum random number using a quantum random number generation method, generate a target encryption key based on the quantum random number, store the target encryption key, and send the target encryption key to the first key storage module. The first key storage module is used to receive and store the target encryption key sent by the quantum random number generator module, and send the target encryption key to the first key management module; The first key storage module is also used to store keys obtained synchronously by other vehicle network components, as well as the built-in factory keys of the vehicle charging pile, the smart car, or the smart roadbed equipment; The first key management module is used to receive the target encryption key sent by the first key storage module, classify the target encryption key according to the preset number of the target encryption key to obtain a first category target encryption key, and send the first category target encryption key to the first key synchronization module; The first key synchronization module is used to receive the first classification target encryption key sent by the first key management module, and synchronize the first classification target encryption key to the key receiving device.

2. The system of claim 1, wherein, The key generation device further includes an encryption module and a first communication module; The encryption module is used to encrypt the vehicle network data to be encrypted using the first classification target encryption key in the first key management module, so as to obtain the target encrypted vehicle network data. The first communication module is used to send the target encrypted vehicle network data to the key receiving device.

3. The system of claim 2, wherein, The key receiving device includes a second key storage module, a second key management module, and a second key synchronization module; The second key synchronization module is used to receive the first classification target encryption key sent by the key generation device, and send the first classification target encryption key to the second key management module; The second key management module is used to receive the first classification target encryption key sent by the second key synchronization module, classify the first classification target encryption key based on the preset number of the first classification target encryption key to obtain the second classification target encryption key, and then send the second classification target encryption key to the second key storage module. The second key storage module is used to receive the second category target encryption key sent by the second key management module and store the second category target encryption key.

4. The system of claim 3, wherein, The key receiving device includes a decryption module and a second communication module; The second communication module is used to receive the target encrypted vehicle network data sent by the first communication module, and to send the target encrypted vehicle network data to the decryption module; The decryption module is used to receive the target encrypted vehicle network data and decrypt the target encrypted vehicle network data using a preset decryption algorithm and a target decryption key.

5. The system of claim 4, wherein, The preset decryption algorithm includes symmetric encryption algorithm and Chinese national cryptographic algorithm. 6.A method for protecting information of Internet of Vehicles, characterized in that, The vehicle network information protection method is executed by the vehicle network information protection system according to any one of claims 1 to 5. The vehicle network information protection system comprises four components: a cloud control platform, a smart roadbed device, a vehicle charging pile, and a smart vehicle. Among the four components, a key generation device and a key receiving device are included. The key generation device and the key receiving device communicate with each other via the vehicle network. The key generation device and the key receiving device each include at least one of the following: the cloud control platform, the smart roadbed device, the vehicle charging pile, and the smart vehicle. Furthermore, the key generation device and the key receiving device are different devices within the system capable of communication. The vehicle network information protection method includes: In different key distribution modes, M devices are selected from the cloud control platform, smart roadbed equipment, car charging piles and smart cars as the current key generation devices, and the remaining N devices are selected as the current key receiving devices. The key generation device generates quantum random numbers and generates a target encryption key based on the quantum random numbers; The target encryption key is sent to the current key receiving device according to a predetermined distribution path corresponding to the identities of the current key generating device and the current key receiving device; The predetermined distribution path includes at least one of the following: When the current key generating device is the cloud control platform, the current key receiving device is the smart roadbed device, the car charging pile, and the smart car; the cloud control platform generates a first encryption key and sends the first encryption key to the smart roadbed device and the car charging pile; after receiving the first encryption key, the car charging pile sends the first encryption key to the smart car; When the current key generating device is the smart roadbed device and the intelligent vehicle, the current key receiving device is the vehicle charging pile and the cloud control platform; the smart roadbed device generates a second encryption key and sends the second encryption key to the cloud control platform; the cloud control platform, after receiving the second encryption key, sends the second encryption key to the vehicle charging pile; the vehicle charging pile, after receiving the second encryption key, sends the second encryption key to the intelligent vehicle; the intelligent vehicle generates a third encryption key and sends the third encryption key to the vehicle charging pile; the vehicle charging pile, after receiving the third encryption key, sends the third encryption key to the cloud control platform; the cloud control platform, after receiving the third encryption key, sends the third encryption key to the smart roadbed device; When the current key generating device is the car charging pile and the cloud control platform, the current key receiving device is the smart roadbed device and the smart car; the car charging pile generates a fourth encryption key and sends the fourth encryption key to the smart car and the cloud control platform; after receiving the fourth encryption key, the cloud control platform sends the fourth encryption key to the smart roadbed device; the cloud control platform generates a fifth encryption key and sends the fifth encryption key to the smart roadbed device and the car charging pile; after receiving the fifth encryption key, the car charging pile sends the fifth encryption key to the smart car; The key receiving device receives the target encryption key from the key generating device and stores the target encryption key; The key generation device includes a quantum random number generator module, a first key storage module, a first key management module, and a first key synchronization module. The quantum random number generator module generates quantum random numbers using a quantum random number generation method, generates a target encryption key based on the quantum random numbers, stores the target encryption key, and sends the target encryption key to the first key storage module. The first key storage module receives and stores the target encryption key sent by the quantum random number generator module, and sends the target encryption key to the first key management module; it also stores keys synchronously obtained by other vehicle network components, as well as the built-in factory keys of the vehicle charging pile, the smart car, or the smart roadbed equipment. The first key management module receives the target encryption key sent by the first key storage module, classifies the target encryption key according to the preset number of the target encryption key to obtain a first category of target encryption key, and sends the first category of target encryption key to the first key synchronization module. The first key synchronization module receives the first category target encryption key sent by the first key management module and synchronizes the first category target encryption key to the key receiving device.