Data transmission method, system and vehicle

By obtaining dynamic and irregular keys based on time and device information during data transmission, the security risks in wireless data transmission are solved, achieving high security and low storage space data transmission.

CN116347436BActive Publication Date: 2026-06-05NIO TECH ANHUI CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
NIO TECH ANHUI CO LTD
Filing Date
2023-04-06
Publication Date
2026-06-05

AI Technical Summary

Technical Problem

When using symmetric encryption algorithms and fixed keys for existing wireless data transmission, data packets are easily copied and misused, leading to data security risks. How can we obtain dynamic and unpredictable keys to improve data transmission security?

Method used

By obtaining real-time keys based on time and device information at both the data sending and receiving ends, the data is encrypted and decrypted. The key file is stored using a multidimensional array to ensure that the key changes irregularly over time.

Benefits of technology

It improves the security of data transmission, reduces the storage space requirements of devices, increases the difficulty of intruding into devices, and prevents data packets from being intercepted and reused.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116347436B_ABST
    Figure CN116347436B_ABST
Patent Text Reader

Abstract

The present application belongs to the technical field of computer, and specifically provides a data transmission method, system and vehicle, aiming at solving the problem of how to obtain a dynamic and non-regular secret key based on the time that is changing all the time, and use the secret key for data security transmission. For this purpose, the method of the present application comprises: generating a secret key file stored in the form of a multi-dimensional array based on future time and time granularity; and using the secret key that changes with time to encrypt and decrypt data. The present application uses the secret key that changes with time for data transmission, so that the intrusion device through the way of intercepting and re-forwarding data packets becomes impossible to achieve, and the security of data transmission is improved. The secret key file is stored in the form of a multi-dimensional array, which reduces the data volume of the secret key file, reduces the requirement for device storage space, and makes the present application have higher applicability.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention belongs to the field of computer technology, and specifically provides a data transmission method, system, and vehicle. Background Technology

[0002] With the popularization of smart cars, smart security, smart homes and other products, there are more and more application scenarios for controlling vehicles, smart door locks and other devices based on short-range wireless communication technologies such as Bluetooth and ZigBee, which brings great convenience to users.

[0003] However, such wireless data transmission often carries data security vulnerabilities. Devices can be compromised by completely capturing and forwarding data packets. This is especially true when data transmission uses symmetric encryption algorithms and fixed keys, making data packets easier to copy and repeatedly misused. Therefore, how to obtain a dynamic, unchanging key for data transmission based on constantly changing time, thereby improving data transmission security, has become an urgent problem to be solved.

[0004] Accordingly, a new solution is needed in this field to address the aforementioned problems. Summary of the Invention

[0005] The present invention aims to solve or partially solve the above-mentioned technical problem, namely, how to obtain a dynamic and unchanging key based on constantly changing time, and use the key for secure data transmission.

[0006] In a first aspect, the present invention proposes a data transmission method for data transmission between a first device and a second device, the method comprising:

[0007] Data sender:

[0008] Determine the data transmission time;

[0009] Based on the data transmission time and data receiving device information, obtain the first real-time key;

[0010] The data to be transmitted is encrypted based on the first real-time key to obtain the ciphertext data to be transmitted.

[0011] The encrypted data to be transmitted is sent at the specified data transmission time.

[0012] Data receiver:

[0013] Receive the encrypted data to be transmitted and record the time of receiving the first frame of data;

[0014] Based on the first frame data reception time and data sending terminal device information, obtain the second real-time key;

[0015] The encrypted data to be transmitted is decrypted based on the second real-time key to obtain the data to be transmitted.

[0016] In one embodiment of the above data transmission method, "obtaining the first real-time key based on the data transmission time and data receiving device information" includes:

[0017] Based on the data receiving device information, obtain the pairing device-specific key file from the first pre-stored pairing device key file;

[0018] The first real-time key is obtained from the dedicated key file of the paired device based on the data transmission time.

[0019] In one embodiment of the above data transmission method, "obtaining the second real-time key based on the first frame data reception time and the data sending terminal device information" includes:

[0020] Based on the data sending terminal device information, obtain the pairing device-specific key file from the second pre-stored pairing device key file;

[0021] The second real-time key is obtained from the dedicated key file of the paired device based on the first frame data reception time.

[0022] In one embodiment of the above data transmission method, the method further includes:

[0023] The pairing device-specific key file is generated by the first device or the second device;

[0024] After the pairing device-specific key file is generated, the first device and the second device synchronize the pairing device-specific key file.

[0025] The method for generating the dedicated key file for the pairing device includes:

[0026] Get the current time;

[0027] A dedicated key file for the paired device is generated based on the current time, the device's age, and the time granularity.

[0028] In one embodiment of the above data transmission method, the pairing device-specific key file is a multidimensional array, which includes a year-month-day dimension, an hour-minute-second dimension, and a time granularity dimension. The data in the multidimensional array is generated by a random number generator.

[0029] In one embodiment of the above data transmission method, "determining the data transmission time" includes:

[0030] Get the current time of the data sender;

[0031] The data transmission time is determined based on the current time of the data sending end, the estimated data encryption time, and the time granularity.

[0032] The estimated data encryption time is greater than the sum of the time required to find the first real-time key and the time required to encrypt the data to be transmitted.

[0033] In one embodiment of the above data transmission method, the method further includes:

[0034] The first device and the second device synchronize their time when establishing a connection.

[0035] After the first device and the second device have completed a preset number of data transmissions, they synchronize their time.

[0036] In a second aspect, the present invention proposes a data transmission system, the system comprising a first device and a second device, wherein the first device and the second device perform data transmission based on the data transmission method described in any of the above embodiments.

[0037] In a third aspect, the present invention provides a vehicle that includes the vehicle anti-theft system described above.

[0038] In one embodiment of the aforementioned vehicle, the first device is an in-vehicle T-BOX, and the second device is a vehicle smart key.

[0039] The vehicle anti-theft system of this invention includes a first control module, a second control module, a first intrusion detection sensor module, a second intrusion detection sensor module, a network module, a video module, a first power supply module, and a second power supply module. Based on different intrusion information, the relevant modules are set to a low-power state or an active state, which not only reduces the vehicle's power consumption but also reduces the occupation of system resources such as network, processor, and storage. Furthermore, different prompts, alarms, and warnings are executed for different intrusion information, allowing users to take more targeted countermeasures. This fully demonstrates the intelligence and user-friendly design of the technology, enhancing the user experience.

[0040] This invention encrypts data at the data sending end using a first real-time key obtained based on the data sending time and the data receiving end device information, and decrypts data at the data receiving end using a second real-time key obtained based on the first frame data reception time and the data sending end device information. This ensures that the encryption / decryption key used for each data transmission changes over time, making it impossible to intrude into the device by intercepting and re-forwarding data packets, thus improving data transmission security. By using a multi-dimensional array to store the key file, the data size of the key file can be greatly reduced, lowering the storage space requirements of the device and making the method of this invention highly applicable. Attached Figure Description

[0041] The disclosure of this invention will become more readily understood with reference to the accompanying drawings. It will be readily understood by those skilled in the art that these drawings are for illustrative purposes only and are not intended to limit the scope of protection of this invention.

[0042] Figure 1 This is a schematic diagram of the main steps of the data transmission method according to an embodiment of the present invention.

[0043] Figure 2 This is a schematic diagram illustrating the main steps of the method for generating a dedicated key file for a pairing device according to an embodiment of the present invention. Detailed Implementation

[0044] To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0045] Those skilled in the art should understand that these embodiments are merely illustrative of the technical principles of the present invention and are not intended to limit the scope of protection of the present invention. Those skilled in the art can make adjustments as needed to adapt to specific application scenarios.

[0046] The following example uses a certain new energy electric vehicle, combined with... Figure 1 The data transmission method of the present invention is described. Wherein, Figure 1 This is a schematic diagram of the main steps of the data transmission method according to an embodiment of the present invention.

[0047] In this embodiment of the invention, the first device is a vehicle-mounted T-BOX (Telematics BOX), and the second device is a vehicle smart key. The vehicle-mounted T-BOX and the vehicle smart key communicate via Bluetooth for data transmission, and the data is encrypted using 3DES encryption.

[0048] It should be noted that the present invention does not limit the data encryption method. It can use 3DES encryption, or DES, AES, or other encryption methods. Those skilled in the art can choose the appropriate encryption method according to the actual situation.

[0049] Before a vehicle leaves the factory, in a secure environment (such as when the radio frequency signal cannot be intercepted by external devices, or when using dedicated equipment), designated personnel must complete the device pairing between the in-vehicle T-BOX and the vehicle smart key in accordance with the relevant key security management regulations of the car manufacturer. This will generate a pairing device-specific key file that is only used for data transmission between the paired in-vehicle T-BOX and the vehicle smart key. This pairing device-specific key file is stored separately in the paired in-vehicle T-BOX and the vehicle smart key, and the key data in the pairing device-specific key file is the same.

[0050] In this embodiment of the invention, a dedicated key file for pairing devices is generated by the vehicle-mounted T-BOX (the first device). Specifically, firstly, the device service life is set according to the product lifespan of the vehicle-mounted T-BOX and the vehicle smart key (usually a shorter time is selected), and then the time granularity is set according to the data processing capabilities of the MCUs of the vehicle-mounted T-BOX and the vehicle smart key (usually a smaller time value corresponding to an MCU with higher data processing capabilities is selected).

[0051] Next, combine Figure 2 This invention describes a method for generating a dedicated key file for pairing devices. After the vehicle-mounted T-BOX obtains the current time, it generates a dedicated key file for pairing devices based on the device's service life and time granularity. The dedicated key file contains N future time points, each corresponding to a key. The number of future time points N is calculated as: N = device service life / time granularity.

[0052] The method for determining each future time point Tn is "Tn = current time + n * time granularity", where n ranges from 1 to N.

[0053] Preferably, the storage format of the pairing device-specific key file is a multidimensional array, which includes a year-month-day dimension, an hour-minute-second dimension, and a time granularity dimension. That is, the key corresponding to each future time point is determined by combining the data in the year-month-day dimension, hour-minute-second dimension, and time granularity dimension corresponding to that future time point.

[0054] As an example, based on a future time point, A is extracted from the year-month-day dimension data, B is extracted from the hour-minute-second dimension data, and C is extracted from the time granularity dimension data. Then, A, B, and C are combined to obtain the key in the dedicated key file for the paired device corresponding to that future time point.

[0055] The data in this multidimensional array is generated by the hardware or software random number generator in the vehicle-mounted T-BOX and randomly filled into each dimension array.

[0056] The reason for using a multidimensional array to store the device-specific key file is that this method can save device storage space. As an example, the device's lifespan is 10 years (10 years is taken as 3652 days, or 315532800 seconds), the time granularity is 10 milliseconds (0.01 seconds), and the key length is 128 bits.

[0057] When using the traditional storage method, where each complete future point in time corresponds to a key, the number of random numbers required for the pairing device's dedicated key file is 315532800 / 0.01 = 31553280000, and the required storage space is at least 128*(315532800 / 0.01) bits, approximately (4e+12) bits.

[0058] When using a multidimensional array for storage, the number of data points corresponding to the year, month, and day dimension of future time points is N1 = 3652, the number of data points in the hour, minute, and second dimension is N2 = 86400, and the number of data points in the time granularity dimension is N3 = 100. If the data lengths in the year, month, and day dimension, hour, minute, and second dimension, and the time granularity dimension are the same as the key length, then the number of random numbers required for the pairing device's dedicated key file is N1 + N2 + N3 = 3652 + 86400 + 100 = 90152, and the required storage space is at least (3652 + 86400 + 100) * 128 = 11539456 bits.

[0059] Based on the above comparison, the storage method of the multidimensional array of the present invention can greatly reduce the data volume of the dedicated key file for the pairing device while satisfying the data encryption security, thereby reducing the requirements for device storage space and making the method of the present invention highly applicable.

[0060] It should be noted that this invention does not limit the data length of each dimension in the multidimensional array corresponding to the pairing device's dedicated key file, nor the method of combining the data of each dimension into a key. As an example, the data length of each dimension can be set to be equal to the key length, and the combination method is to perform an XOR operation on the data of each dimension; alternatively, the sum of the data lengths of each dimension can be equal to the key length, and the combination method is data concatenation. Furthermore, the data lengths of each dimension can be the same or different. Those skilled in the art can design different data lengths and combination methods for each dimension according to actual circumstances.

[0061] After the vehicle-mounted T-BOX generates a dedicated key file for the paired device, the vehicle smart key synchronizes and stores the dedicated key file for the paired device. At this time, the vehicle-mounted T-BOX and the vehicle smart key store the same dedicated key file for the paired device.

[0062] To differentiate between different key files in the device, a key file index is created in the vehicle T-BOX with the vehicle smart key device information (such as the vehicle smart key ID) as the index item; and a key file index is created in the vehicle smart key with the vehicle T-BOX device information (such as the vehicle T-BOX ID) as the index item.

[0063] In another embodiment, the first device is an in-vehicle T-BOX and the second device is a user's mobile phone. Data transmission between the in-vehicle T-BOX and the user's mobile phone is conducted via Bluetooth communication.

[0064] After confirming that the surrounding environment is safe, the user, referring to the above embodiment, uses their mobile phone as the device to generate a pairing device-specific key file and synchronizes this pairing device-specific key file to the in-vehicle T-BOX. The in-vehicle T-BOX also stores a pairing device-specific key file with the user's mobile phone device information as an index.

[0065] When a user approaches a new energy electric vehicle with the vehicle's smart key, the smart key establishes a connection with the onboard T-BOX and successfully pairs. Furthermore, during connection, the vehicle's smart key synchronizes its time with the onboard T-BOX based on the onboard T-BOX's time.

[0066] When a user presses the vehicle unlock control button, the vehicle smart key acts as data transmitter 1, and the in-vehicle T-BOX acts as data receiver 2. The data to be transmitted is the vehicle unlock command.

[0067] In step S101, after the vehicle smart key obtains the current time of the data sender, it estimates the key lookup time in the dedicated key file of the pairing device and the time required to encrypt the data to be transmitted based on its own hardware configuration (such as MCU, memory, etc.) to obtain the estimated data encryption time. The estimated data encryption time needs to be greater than the sum of the key lookup time and the time required to encrypt the data to be transmitted, so as to leave a certain time margin and improve the reliability of data transmission.

[0068] The current time of the data sender is superimposed with the estimated data encryption time, and then adjusted according to the time granularity so that the final data transmission time is an integer multiple of the time granularity. That is, the data transmission time is a future time point in the paired device's dedicated key file.

[0069] In step S102, based on the data receiving device information (ID of the vehicle T-BOX), the first pre-stored pairing device key file stored in the vehicle smart key is searched to find the pairing device dedicated key file that can only be used for data transmission between the vehicle smart key and the vehicle T-BOX with a specific ID; then, based on the data transmission time, the first real-time key for this data transmission is retrieved from the newly obtained pairing device dedicated key file.

[0070] In step S103, the data to be transmitted is encrypted based on the first real-time key to obtain the ciphertext data to be transmitted.

[0071] In step S104, after obtaining the encrypted data to be transmitted, if the vehicle smart key's time has not yet reached the data transmission time, it waits. When the vehicle smart key's time reaches the set data transmission time, the vehicle smart key sends the encrypted data to be transmitted.

[0072] In step S105, the vehicle-mounted T-BOX receives the encrypted data to be transmitted from the vehicle smart key and records the first frame data reception time. Considering that the spatial delay of radio frequency transmission is usually much smaller than the temporal granularity, it can be assumed that the first frame data reception time of the vehicle-mounted T-BOX is the same as the data transmission time of the vehicle smart key.

[0073] In step S106, based on the data sending device information (ID of the vehicle smart key), the pairing device-specific key file that can only be used for data transmission between the vehicle T-BOX and the vehicle smart key with a specific ID is found in the second pre-stored pairing device key file stored in the vehicle T-BOX; then, based on the first frame data reception time, the second real-time key for this data transmission is retrieved from the newly obtained pairing device-specific key file.

[0074] Since the vehicle smart key and the in-vehicle T-BOX store the same pairing device key file, and the first frame data reception time is the same as the data transmission time, the first real-time key and the second real-time key are also the same.

[0075] In step S107, the second real-time key is used to decrypt the encrypted data to be transmitted to obtain the data to be transmitted.

[0076] It should be noted that if the first frame data reception time of the data receiving end is not an integer multiple of the time granularity, the value after the time granularity can be rounded to obtain the first frame data reception time that is an integer multiple of the time granularity, and the second real-time key can be obtained based on the adjusted first frame data reception time.

[0077] When the second real-time key cannot be decrypted correctly due to data transmission delays, timing errors between the two paired devices, etc., in order to improve the robustness of the system, several future time points before and after the first frame data reception time can be selected to reacquire the second real-time key and attempt to decrypt the data.

[0078] As can be seen from the encryption and decryption processes in steps S101 to S107, the acquisition of both the encryption key and the decryption key depends on the time factor, and the encryption key and the decryption key change irregularly over time. Furthermore, it is required that the data transmission time used to find the encryption key and the reception time of the first frame of data used to find the decryption key should be the same.

[0079] In this scenario, if a malicious individual intercepts the unlocking data packet sent at the first moment to unlock the vehicle, and then attempts to use the intercepted packet again to unlock the vehicle after a period of time, the vehicle will receive the packet at the second moment. Since the encryption key used for data encryption in this unlocking packet is based on the key obtained at the first moment, the decryption key obtained by the vehicle at the second moment will differ from the encryption key, preventing the vehicle from correctly decrypting the data and rendering the intercepted unlocking packet invalid. The method of this invention, where the key used for data encryption / decryption changes over time, makes it impossible to compromise the device by intercepting and re-forwarding data packets, thereby improving data transmission security.

[0080] Furthermore, obtaining the pairing device's dedicated key file requires knowledge of the device information of the devices involved in data transmission, and this device information is typically obtained automatically when the pairing devices establish a connection. Therefore, when other devices forward intercepted data packets, data transmission may fail because the pairing device's dedicated key file cannot be found. This increases the difficulty of intruding into the device and enhances the security of data transmission.

[0081] After the in-vehicle T-BOX successfully decrypts the data, it needs to return the relevant operation results to the vehicle's smart key. At this point, the in-vehicle T-BOX will become as follows: Figure 1 As shown in the data sending terminal 1, the vehicle smart key becomes as follows: Figure 1 The data receiving end 2 is shown.

[0082] Accordingly, the data receiving device information is the ID of the vehicle smart key, the first pre-stored pairing device key file is located in the vehicle T-BOX, the data sending device information is the ID of the vehicle T-BOX, and the second pre-stored pairing device key file is located in the vehicle smart key.

[0083] For the specific steps of transmitting data from the in-vehicle T-BOX to the vehicle smart key, please refer to steps S101 to S107 above. Figure 1 This will not be elaborated upon here.

[0084] After the vehicle T-BOX and vehicle smart key have completed a preset number of data transmissions (e.g., 5 times), time synchronization can be performed again to minimize the time difference between the vehicle T-BOX and vehicle smart key and improve the reliability of data transmission.

[0085] It should be noted that the first and second pre-stored pairing device key files contain one or more dedicated pairing device key files. For example, typically each vehicle smart key can only control one vehicle. When the vehicle smart key acts as data transmitter 1, the first pre-stored pairing device key file contains only one dedicated pairing device key file. Alternatively, a vehicle typically allows multiple vehicle smart keys to control it, and each vehicle smart key has a unique ID. When the in-vehicle T-BOX acts as data transmitter 1, the first pre-stored pairing device key file will contain multiple dedicated pairing device key files. In this case, the dedicated pairing device key file corresponding to each vehicle smart key is determined by the vehicle smart key's ID (data receiver device information).

[0086] Those skilled in the art will understand that, although the vehicle in this embodiment of the invention is an example of a new energy electric vehicle, the system of the present invention is also applicable to traditional fuel vehicles or other energy vehicles, as long as they have a vehicle smart key as shown in the present invention and can control the vehicle through the vehicle smart key, the method of the present invention is also applicable.

[0087] Furthermore, the method of this invention is not only applicable to vehicle applications, but also to other application scenarios. As an example, in a smart home application, the first device is a smart door lock controller, and the second device is the user's mobile phone.

[0088] It should be noted that the present invention does not limit the data communication method or networking method between the first device and the second device. The data transmission method can be Bluetooth communication as described in the embodiments of the present invention, or other wireless communication methods such as LoRa, ZigBee; the networking method can be point-to-point transmission or transmission through a local application network, as long as the network latency of the data transmission can meet the time granularity requirements.

[0089] It should be noted that the terms "first," "second," and other ordinal numbers in the specification, claims, and accompanying drawings of this invention are used only to distinguish similar objects and are not intended to describe or indicate a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of the invention described herein can be implemented in orders other than those illustrated or described herein.

[0090] Additionally, in the description of this application, the term "A and / or B" means all possible combinations of A and B, such as just A, just B, or A and B.

[0091] The technical solution of the present invention has been described above with reference to the preferred embodiments shown in the accompanying drawings. However, it will be readily understood by those skilled in the art that the scope of protection of the present invention is obviously not limited to these specific embodiments. Without departing from the principles of the present invention, those skilled in the art can make equivalent changes or substitutions to the relevant technical features, and the technical solutions after such changes or substitutions will all fall within the scope of protection of the present invention.

Claims

1. A data transmission method, wherein a first device and a second device transmit data, characterized in that, The method includes: Data sender: Get the current time of the data sender; The data transmission time is determined based on the current time of the data sending end, the estimated data encryption time, and the time granularity. Based on the data receiving device information, obtain the pairing device-specific key file from the first pre-stored pairing device key file; The first real-time key is obtained from the dedicated key file of the paired device based on the data transmission time. The data to be transmitted is encrypted based on the first real-time key to obtain the ciphertext data to be transmitted. The encrypted data to be transmitted is sent at the specified data transmission time. Data receiver: Receive the encrypted data to be transmitted and record the time of receiving the first frame of data; Based on the data sending device information, obtain the pairing device-specific key file from the second pre-stored pairing device key file; The second real-time key is obtained from the dedicated key file of the paired device based on the first frame data reception time. The encrypted data to be transmitted is decrypted based on the second real-time key to obtain the data to be transmitted. The dedicated key file for pairing devices is generated by the first device or the second device based on the current time, the device's service life, and the time granularity. The dedicated key file for pairing devices is a multi-dimensional array, which includes year-month-day, hour-minute-second, and time granularity dimensions. The data in the multi-dimensional array is generated by a random number generator. After the dedicated key file for pairing devices is generated, the first device and the second device synchronize and store the dedicated key file for pairing devices.

2. The data transmission method according to claim 1, characterized in that, The estimated data encryption time is greater than the sum of the time required to find the first real-time key and the time required to encrypt the data to be transmitted.

3. The data transmission method according to claim 1, characterized in that, The method further includes: The first device and the second device synchronize their time when establishing a connection. After the first device and the second device have completed a preset number of data transmissions, they synchronize their time.

4. A data transmission system, characterized in that, The system includes a first device and a second device, and the first device and the second device perform data transmission based on the data transmission method according to any one of claims 1 to 3.

5. A vehicle, characterized in that, The vehicle includes the data transmission system as described in claim 4.

6. The vehicle according to claim 5, characterized in that, The first device is the in-vehicle T-BOX, and the second device is the vehicle smart key.