A data transmission method, system, device and computer readable storage medium
By using hash functions and message authentication codes to generate random numbers and credentials in the train communication system, performing two-way authentication and updating the key, the problem of network attacks in train communication is solved, and highly secure data transmission is achieved.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- NAT HIGH SPEED TRAIN QINGDAO TECH INNOVATION CENT
- Filing Date
- 2026-03-24
- Publication Date
- 2026-06-05
Smart Images

Figure CN122160050A_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of train communication technology, and more specifically, to a data transmission method, system, device, and computer-readable storage medium. Background Technology
[0002] Currently, IEC 61375-2-3 defines the Train Real-Time Data Transmission Protocol (TRDP), primarily used for data exchange between onboard equipment in train control and monitoring systems. This protocol is implemented based on the Ethernet protocol stack and aims to meet the high real-time, reliable, and interoperable communication requirements of train systems, serving as a crucial foundation for realizing the digitization and Ethernet-based transformation of train networks.
[0003] However, the TRDP protocol does not consider the reliability of train data transmission, such as threats like message corruption, message duplication, out-of-order delivery, message loss, message delay, message insertion, message spoofing, source address errors, and channel errors. Therefore, the IEC defined the Safe Data Transmission version 2 (SDTv2). This protocol, based on the basic TRDP message structure, proposes defensive measures against nine message threats. SDTv2 adds a secure data transmission protocol at the application data layer, providing a secure communication path between a security-related data source and one or more security-related data destinations. This filters out invalid data and allows users and equipment to access secure and reliable critical data, making train operation safer. However, these protocols only guarantee reliable data transmission and do not consider network attacks encountered during data transmission, resulting in lower security for train communication.
[0004] In conclusion, improving the security of train communication is a problem that urgently needs to be solved by those skilled in the art. Summary of the Invention
[0005] The purpose of this application is to provide a data transmission method that can, to a certain extent, solve the technical problem of how to improve the security of train communication. This application also provides a data transmission system, electronic equipment, and a computer-readable storage medium.
[0006] To achieve the above objectives, this application provides the following technical solution: A data transmission method, applied to the central control unit of a train, includes: Obtain the first credential, the second credential, the first verification data, and the second verification data transmitted by the train's terminal equipment; Based on the stored master key, first credential, and second credential, generate a first random number; Based on the master key, the first random number, and the first credential, generate an identifier for the terminal device and determine the shared key corresponding to the identifier of the terminal device; Based on the shared key and the first random number, a derived key is generated; Based on the derived key and the first verification data, generate a second random number; Based on the second random number, the derived key, and the identifier of the terminal device, generate third verification data; If the third verification data matches the second verification data, the authentication of the terminal device is completed. Generate a third random number, and based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, generate authentication update information carrying the session key; The authentication update information is transmitted to the terminal device so that the terminal device can complete the identity authentication of the central control unit based on the authentication update information, determine the session key, and update the stored derived key, first credential, and second credential. Data is transmitted with the terminal device based on the session key; Specifically, the terminal device acquires the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the terminal device's identifier, the second random number, and the derived key.
[0007] Preferably, before obtaining the first credential, second credential, first verification data, and second verification data transmitted by the train's terminal equipment, the method further includes: During the registration phase, the identifier of the terminal device is obtained; Based on the identifier of the terminal device, a shared key corresponding to the terminal device is generated; Generate the first random number; Generate a derived key based on the first random number and the shared key; A first credential is generated based on the master key, the first random number, and the identifier of the terminal device; Generate a second credential based on the first credential, the first random number, and the master key; The shared key, derived key, first credential, and second credential are transmitted to the terminal device for storage.
[0008] Preferably, the step of generating authentication update information carrying the session key based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device includes: Based on the master key, the third random number, and the identifier of the terminal device, generate first credential update data; Based on the master key, the third random number, and the first credential update data, generate the second credential update data; Based on the shared key and the third random number, generate derived key update data; Generate a session key based on the second random number and the derived key; Based on the third random number, the second random number, and the derived key, generate the first authentication data; Based on the first credential update data, the derived key update data, and the second random number, generate the second authentication data; Based on the second credential update data, the derived key update data, and the second random number, generate the third authentication data; Generate third verification data based on the session key, the first credential update data, and the second credential update data; The first authentication data, the second authentication data, the third authentication data, and the third verification data are used as authentication update information.
[0009] A data transmission method, applied to a terminal device on a train, comprising: Obtain the stored derived key, first credential, and second credential; Generate a second random number, and based on the second random number and the derived key, generate the first verification data; Based on the identifier of the terminal device, the second random number, and the derived key, second verification data is generated; The first verification data and the second verification data are sent to the central control unit so that the central control unit can authenticate the terminal device. Obtain the authentication update information generated by the central control unit after completing the identity authentication of the terminal device; The central control unit is authenticated based on the authentication update information. In response to the completion of authentication of the central control unit, a session key is determined and the stored derived key, first credential, and second credential are updated; Data is transmitted with the central control unit based on the session key; The central control unit generates a first random number based on the stored master key, first credential, and second credential. Based on the master key, the first random number, and the first credential, it generates an identifier for the terminal device. It then determines a shared key corresponding to the terminal device identifier. Based on the shared key and the first random number, it generates a derived key. Based on the derived key and the first verification data, it generates a second random number. Based on the second random number, the derived key, and the terminal device identifier, it generates third verification data. In response to the third verification data matching the second verification data, the authentication of the terminal device is completed. A third random number is then generated. Based on the master key, the third random number, the derived key, the shared key, the second random number, and the terminal device identifier, the authentication update information carrying the session key is generated.
[0010] Preferably, before obtaining the stored derived key, first credential, and second credential, the method further includes: During the registration phase, the shared key, derived key, first credential, and second credential transmitted by the central control unit are obtained and stored. The central control unit obtains the identifier of the terminal device, generates a shared key corresponding to the terminal device based on the identifier of the terminal device, generates a first random number, generates a derived key based on the first random number and the shared key, generates a first credential based on the master key, the first random number and the identifier of the terminal device, and generates a second credential based on the first credential, the first random number and the master key.
[0011] Preferably, the step of authenticating the central control unit based on the authentication update information includes: The authentication update information is parsed to obtain first authentication data, second authentication data, third authentication data, and third verification data; A third random number is generated based on the second random number, the derived key, and the first authentication data; Based on the third random number and the stored shared key, generate derived key update data; Based on the derived key update data, the second random number, and the second authentication data, generate the first credential update data; Based on the derived key update data, the second random number, and the third authentication data, generate the second credential update data; Generate a session key based on the derived key and the second random number; Based on the session key, the first credential update data, and the second credential update data, generate the fourth verification data; If the fourth verification data matches the third verification data, the authentication of the central control unit is completed. Specifically, the central control unit generates first credential update data based on the master key, the third random number, and the identifier of the terminal device; generates second credential update data based on the master key, the third random number, and the first credential update data; generates derived key update data based on the shared key and the third random number; generates a session key based on the second random number and the derived key; generates first authentication data based on the third random number, the second random number, and the derived key; generates second authentication data based on the first credential update data, the derived key update data, and the second random number; generates third authentication data based on the second credential update data, the derived key update data, and the second random number; and generates third verification data based on the session key, the first credential update data, and the second credential update data.
[0012] Preferably, the updated stored derived key, first credential, and second credential include: Update the derived key with the latest stored derived key; Use the updated data of the first voucher as the latest stored first voucher; Update the second credential data as the latest stored second credential.
[0013] A data transmission system, applied to the central control unit of a train, includes: The first acquisition module is used to acquire the first credential, the second credential, the first verification data, and the second verification data transmitted by the train's terminal equipment. The first random number generation module is used to generate a first random number based on the stored master key, first credential and second credential. The shared key determination module is used to generate an identifier for the terminal device based on the master key, the first random number, and the first credential, and to determine the shared key corresponding to the identifier of the terminal device; A derived key generation module is used to generate a derived key based on the shared key and the first random number; The second random number generation module is used to generate a second random number based on the derived key and the first verification data; The third verification data generation module is used to generate third verification data based on the second random number, the derived key, and the identifier of the terminal device. The first authentication module is used to complete the identity authentication of the terminal device in response to the third verification data being consistent with the second verification data. The authentication update information generation module is used to generate a third random number and, based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, generate authentication update information carrying the session key. An authentication update information sending module is used to transmit the authentication update information to the terminal device, so that the terminal device can generate a session key and update the stored derivative key, first credential and second credential after completing the identity authentication of the central control unit according to the authentication update information. The first transmission module is used to transmit data with the terminal device based on the session key; Specifically, the terminal device acquires the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the terminal device's identifier, the second random number, and the derived key.
[0014] An electronic device, comprising: Memory, used to store computer programs; A processor for implementing the data transmission method as described above when executing the computer program.
[0015] A computer-readable storage medium storing a computer program that, when executed by a processor, implements the steps of any of the data transmission methods described above.
[0016] This application provides a data transmission method applied to the central control unit of a train. The method involves acquiring a first credential, a second credential, first verification data, and second verification data transmitted by the train's terminal equipment; generating a first random number based on a stored master key, the first credential, and the second credential; generating an identifier for the terminal equipment based on the master key, the first random number, and the first credential, and determining a shared key corresponding to the identifier; generating a derived key based on the shared key and the first random number; generating a second random number based on the derived key and the first verification data; generating third verification data based on the second random number, the derived key, and the identifier of the terminal equipment; and verifying the identity of the terminal equipment by confirming that the third verification data matches the second verification data. Authentication; generating a third random number; generating authentication update information carrying a session key based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device; transmitting the authentication update information to the terminal device, so that the terminal device can complete the authentication of the central control unit based on the authentication update information, determine the session key, and update the stored derived key, first credential, and second credential; transmitting data with the terminal device based on the session key; wherein, the terminal device obtains the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the identifier of the terminal device, the second random number, and the derived key. In this application, the central control unit uses a second random number generated by the terminal device to authenticate the terminal device, while the terminal device uses a third random number generated by the central control unit to authenticate the central control unit. Since attackers cannot forge the second and third random numbers, they cannot impersonate the central control unit or the terminal device, thus preventing impersonation attacks and man-in-the-middle attacks. Furthermore, after each successful authentication, the derived key, first credential, and second credential are updated to generate the latest session key, making it impossible for attackers to deduce previous and subsequent keys. This prevents replay attacks and linkable attacks, ensuring forward and backward security and improving the security of train communication. The data transmission system, electronic device, and computer-readable storage medium provided in this application also solve the corresponding technical problems. Attached Figure Description
[0017] To more clearly illustrate the technical solutions in the embodiments of this application or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only embodiments of this application. For those skilled in the art, other drawings can be obtained based on the provided drawings without creative effort.
[0018] Figure 1 A flowchart illustrating a data transmission method provided in an embodiment of this application; Figure 2 This is a diagram illustrating the data interaction during the registration process; Figure 3 This is a diagram illustrating the data interaction during the identity authentication process. Figure 4 This is a schematic diagram illustrating the integration of this solution with the TRDP protocol; Figure 5 This is a schematic diagram of the structure of a data transmission system provided in an embodiment of this application; Figure 6 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application; Figure 7 This is another structural schematic diagram of an electronic device provided in an embodiment of this application. Detailed Implementation
[0019] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.
[0020] Please see Figure 1 , Figure 1 A flowchart illustrating a data transmission method provided in an embodiment of this application.
[0021] This application provides a data transmission method applied to the central control unit of a train, which may include the following steps: Step S101: Obtain the first credential, the second credential, the first verification data, and the second verification data transmitted by the train's terminal equipment.
[0022] In practical applications, during data transmission between the Central Control Unit (CCU) and terminal devices, authentication can be performed first, followed by data transmission only after successful authentication. This process can begin with the terminal device generating authentication information, which the CCU then authenticates. For example, the terminal device can obtain the latest derived key K1, the first credential Cert1, and the second credential Cert2. These derived keys, first and second credentials can be stored in the terminal device's secure memory. A second random number R2 is generated, and based on this random number and the derived key, first verification data I is generated, where I = H(K1) ⊕ R2, based on the terminal device's identifier ID. ed The second random number and the derived key are used to generate the second verification data F1, where F1 = H(ID). ed||H(K1)||R2, the identifier of the terminal device can be stored in the secure memory of the terminal device. H represents the hash function, which is a special mathematical function that can convert input data of arbitrary length into a fixed-length, seemingly random string hash value. This process is one-way and collision-resistant. One-way means that it is easy to calculate the hash value from the input, but it is computationally infeasible to deduce the original input from the hash value. Collision-resistant means that it is difficult to find two different inputs that will calculate the same hash value; ⊕ represents the XOR operation.
[0023] It should be noted that the CCU is the core control center and management hub of the train, responsible for coordinating the operation of various train subsystems such as traction, braking, communication, doors, and lighting. It sends instructions to other system equipment and controls their proper operation; the CCU is the active sender of control commands. Terminal devices can be physical devices outside the control units (None Central Control Unit End Device, ED). EDs are the specific executors of train functions, encompassing all terminal devices directly involved in train operation, environmental control, and status monitoring. EDs interact with the CCU through communication networks such as the train's Ethernet, receiving control commands from the CCU and providing feedback on the execution status.
[0024] In an exemplary embodiment, before acquiring the first credential, the second credential, the first verification data, and the second verification data transmitted by the train's terminal device, the central control unit may also negotiate with the terminal device, through registration, the data required for subsequent identity authentication, such as... Figure 2 As shown, the central control unit can obtain the identifier ID of the terminal device during the registration phase. ed It is stored in its own secure memory, and the terminal device's identifier can be the terminal device's device fingerprint (fp). ed Based on the identifier of the terminal device, generate a shared key K corresponding to the terminal device, K=H(fp) ed Generate a first random number R1; based on the first random number and the shared key, generate a derived key K1, K1=f1(K,R1), where f1 represents the message authentication code function. A message authentication code is a technique used to ensure the integrity and authenticity of a message. It is usually composed of a shared key and a hash function, hence also called HMAC. The sender uses the shared key to calculate a MAC tag for the message and sends it along with the message. The receiver uses the same key to perform the same calculation on the received message and verifies whether the MAC tag matches; based on the master key K... m The first random number and the identifier of the terminal device are used to generate the first credential Cert1, where Cert1 = ID. ed ⊕f2(K mf1), f2 represents the message authentication code function; based on the first credential, the first random number, and the master key, a second credential Cert2 is generated, Cert2 = Cert1 ⊕ R1 ⊕ K. m The shared key, derived key, first credential, and second credential are transmitted to the terminal device for storage, such as in the terminal device's own secure memory. The central control unit stores the master key, shared key, terminal device identifier, and central control unit identifier in its own secure memory.
[0025] It is understandable that the registration phase can take place before the train starts running; while subsequent identity authentication and data transmission can take place during train operation, and this application does not make any specific restrictions here.
[0026] Step S102: Generate a first random number based on the stored master key, first credential, and second credential.
[0027] Step S103: Based on the master key, the first random number, and the first credential, generate the identifier of the terminal device and determine the shared key corresponding to the identifier of the terminal device.
[0028] In practical applications, during the process of authenticating terminal devices using the first credential, the second credential, the first verification data, and the second verification data, the central controller can first rely on the stored master key K. m First voucher and second voucher, generate first random number R1, R1=Cert1 Cert2 K m Based on the master key, the first random number, and the first credential, generate the identifier (ID) of the terminal device. ed =Cert1 f2(K m After that, a shared key K corresponding to the identifier of the terminal device is determined for subsequent identity authentication. The shared key can be generated and stored by the central control unit during the registration stage.
[0029] Step S104: Generate a derived key based on the shared key and the first random number.
[0030] Step S105: Generate a second random number based on the derived key and the first verification data.
[0031] In practical applications, after determining the shared key, the central control unit can generate a derived key K1, K1=f1(K,R1), based on the shared key and the first random number; and generate a second random number R2, R2=I, based on the derived key and the first verification data. K1 is used for subsequent identity authentication based on the generated second random number.
[0032] Step S106: Generate third verification data based on the second random number, the derived key, and the identifier of the terminal device.
[0033] Step S107: In response to the third verification data being consistent with the second verification data, the authentication of the terminal device is completed.
[0034] In practical applications, after generating the second random number, the central control unit can generate the third verification data F1 based on the second random number, the derived key, and the identifier of the terminal device. F1 =H(ID ed ||H(K1)||R2); In response to the third verification data being consistent with the second verification data, the authentication of the terminal device is completed, and authentication update information can be generated for the terminal device to authenticate the central control unit. Correspondingly, in response to the third verification data being inconsistent with the second verification data, data transmission with the terminal device can be terminated to avoid being attacked.
[0035] Step S108: Generate a third random number. Based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, generate authentication update information carrying the session key.
[0036] Step S109: Transmit authentication update information to the terminal device so that the terminal device can complete the authentication of the central control unit based on the authentication update information, determine the session key, and update the stored derived key, first credential, and second credential.
[0037] In practical applications, to facilitate authentication of the central control unit by terminal devices, the central control unit can generate a third random number R3. Based on the master key, the third random number, the derived key, the shared key, the second random number, and the terminal device's identifier, it generates authentication update information carrying the session key. This authentication update information is transmitted to the terminal device, enabling it to complete authentication of the central control unit based on the update information, determine the session key, and update the stored derived key, first credential, and second credential. If the terminal device fails to complete authentication of the central control unit based on the authentication update information during this process, it can terminate data transmission with the central controller to avoid attacks.
[0038] In an exemplary embodiment, during the process of generating authentication update information carrying the session key based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, the central control unit may generate first credential update data Cert1 based on the master key, the third random number, and the identifier of the terminal device. new Cert1 new =ID ed f2(K m Based on the master key, the third random number, and the first credential update data, generate the second credential update data Cert2. new Cert2 new =Cert1 new R3 K m Based on the shared key and a third random number, generate derived key update data K1. new K1 new =f1(K,R3); Based on the second random number and the derived key, generate the latest session key K2, K2=H(R2||K1); Based on the third random number, the second random number, and the derived key, generate the first authentication data D1, D1=R3 R2 K1; Based on the first credential update data, the derived key update data, and the second random number, generate the second authentication data D2, where D2 = Cert1. new f2(K1 new Based on the second credential update data, the derived key update data, and the second random number, generate the third authentication data D3, where D3 = Cert2. new f2(K1 new Based on the session key, the first credential update data, and the second credential update data, generate the third verification data F2, F2=H(K2||Cert1). new ||Cert2 new The first authentication data, the second authentication data, the third authentication data, and the third verification data are used as authentication update information.
[0039] Correspondingly, during the process of authenticating the central control unit based on the authentication update information, the terminal device can parse the authentication update information to obtain the first authentication data, the second authentication data, the third authentication data, and the third verification data; based on the second random number, the derived key, and the first authentication data, a third random number R3 is generated, where R3=D1. R2 K1; Based on the third random number and the stored shared key, generate the derived key update data K1. new K1 new =f1(K,R3); Generate the first credential update data Cert1 based on the derived key update data, the second random number, and the second authentication data. new Cert1 new =D2 f2(K1 newBased on the derived key update data, the second random number, and the third authentication data, generate the second credential update data Cert2. new Cert2 new =D3 f2(K1 new Based on the derived key and the second random number, generate a session key K2, K2=H(R2||K1); based on the session key, the first credential update data, and the second credential update data, generate the fourth verification data F2. F2 =H(K2||Cert1 new ||Cert2 new If the fourth verification data matches the third verification data, the authentication of the central control unit is completed; if the fourth verification data does not match the third verification data, the authentication of the central control unit fails. Correspondingly, during the process of updating the stored derived key, first credential, and second credential, the terminal device can use the updated derived key data as the latest stored derived key, K1=K1. new The updated data of the first voucher is used as the latest stored first voucher, Cert1 = Cert1 new The updated data of the second voucher is used as the latest stored second voucher, Cert2 = Cert2 new The complete process is as follows: Figure 3 As shown.
[0040] Step S110: Data transmission is performed with the terminal device based on the session key.
[0041] In practical applications, once both the central control unit and the terminal device have completed identity authentication, they can transmit data to each other based on the session key.
[0042] In an exemplary embodiment, this application essentially designs an authentication and key negotiation protocol suitable for train-mounted Ethernet environments. This enables the TRDP protocol to possess authentication and encryption mechanisms during data transmission, allowing it to run at the application layer of the in-vehicle network architecture, such as... Figure 4 As shown, without changing the original train communication framework, only an authentication layer is added to the application layer. All communication involved in the scheme can be actively transmitted using TRDP signals. The maximum data field of TRDP is 1432 bytes, and the maximum information transmitted by this protocol is 1024 bits, making it feasible for implementation. In this way, because the terminal device needs to update its stored derived key, first credential, and second credential in each round of communication, the authentication process between the central controller and the terminal device is different each time. Data transmission can only proceed after the latest authentication is passed in each round.
[0043] This application provides a data transmission method applied to the central control unit of a train. The method involves acquiring a first credential, a second credential, first verification data, and second verification data transmitted by the train's terminal equipment; generating a first random number based on a stored master key, the first credential, and the second credential; generating an identifier for the terminal equipment based on the master key, the first random number, and the first credential, and determining a shared key corresponding to the identifier; generating a derived key based on the shared key and the first random number; generating a second random number based on the derived key and the first verification data; generating third verification data based on the second random number, the derived key, and the identifier of the terminal equipment; and verifying the identity of the terminal equipment by confirming that the third verification data matches the second verification data. Authentication; generating a third random number; generating authentication update information carrying a session key based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device; transmitting the authentication update information to the terminal device, so that the terminal device can complete the authentication of the central control unit based on the authentication update information, determine the session key, and update the stored derived key, first credential, and second credential; transmitting data with the terminal device based on the session key; wherein, the terminal device obtains the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the identifier of the terminal device, the second random number, and the derived key. In this application, the central control unit uses a second random number generated by the terminal device to authenticate the terminal device, while the terminal device uses a third random number generated by the central control unit to authenticate the central control unit. Since attackers cannot forge the second and third random numbers, they cannot impersonate the central control unit or the terminal device, thus preventing impersonation attacks and man-in-the-middle attacks. Furthermore, after each successful authentication, the derived key, the first credential, and the second credential are updated to generate the latest session key, making it impossible for attackers to deduce the previous and subsequent keys. This can prevent replay attacks and linkable attacks, ensuring forward and backward security and thus improving the security of train communication.
[0044] To facilitate understanding of the effects of this application, it will now be explained in detail: 1. This application utilizes a hash function to generate a pre-shared key and a device identity credential strongly bound to the device fingerprint, using the fingerprint of the vehicle device as input. Without changing the original vehicle network communication architecture, the pre-shared key and identity credential are used in combination with cryptographic operations such as hash functions and message authentication codes to execute a two-way authentication protocol between devices. Then, a co-key is derived using a key derivation function to construct an encrypted channel, and the key is re-authenticated and updated each time a TRDP signal is transmitted to ensure the authenticity and confidentiality of the TRDP signal transmission.
[0045] 2. The initial identity information of ED is determined by f2(K)m The masking is performed by f2(K) after each successful authentication. m R3) Remasking, since the attacker does not possess the master key K m Furthermore, it is also impossible to obtain a random number used to obtain the ED's identity, thus protecting the ED's identity privacy and achieving identity confidentiality.
[0046] 3. If an attacker wants to impersonate ED, they need to forge F1. However, the attacker cannot obtain K stored in secure memory, nor can they obtain random numbers R1 and R2. Therefore, they cannot forge F1. If the attacker wants to impersonate CCU, they need to forge F2. However, the attacker cannot obtain K1 stored in secure memory, nor random number R2, and cannot deduce session key K2. Therefore, they cannot forge F2. Thus, this method can resist impersonation attacks.
[0047] 4. In this scheme, Cert1, Cert2, and K1 are updated after each successful authentication. Similar to the analysis of linkability attacks, if an attacker sends the previous (D1, D2, D3, F2) to the ED, the ED cannot calculate the correct R3, so the obtained R3 does not match the received F2, and the authentication will fail. In other words, the scheme in this application can resist replay attacks.
[0048] 5. Attackers can launch denial-of-service attacks by replaying the ED's authentication request to the CCU. The CCU only needs to perform 3 Message Authentication Code (MAC) operations and 4 XOR operations to determine whether the request is a replay. Its computational overhead is small. Furthermore, the total number of devices in the vehicle is fixed, and the communication between devices is periodic. If a large number of identical authentication requests from the same device are encountered in a short period of time, the CCU can also identify that a denial-of-service attack has occurred. Therefore, it can resist denial-of-service attacks.
[0049] 6. Based on the reasoning of resisting spoofing attacks, it is difficult for attackers to impersonate one party to deceive another party and to carry out man-in-the-middle attacks. Even if all messages are intercepted, it is impossible to deduce R2 and K1 from the intermediate messages, and therefore impossible to obtain or tamper with the session key K2 negotiated by both parties. This can resist man-in-the-middle attacks.
[0050] 7. Consider the worst-case scenario: The ED device is compromised, and its stored Cert1, Cert2, K1, and other keys are obtained by the attacker. Even in this case, the attacker cannot deduce the previous session keys because Cert1, Cert2, and K1 are updated after each successful authentication, and each update process relies on a new random number R3 (which the attacker cannot obtain). Therefore, the protocol implemented in this application can guarantee forward security.
[0051] 8. Because the protocol re-authenticates and updates the key every time a message is sent, even if the key is leaked, an attacker cannot decrypt previous messages. Furthermore, as mentioned in the previous section on perfect security, even if the current session key K2 is leaked, an attacker cannot deduce the previous and subsequent keys. This ensures forward and backward security in the event of session key leakage.
[0052] 9. The success of a linkability attack stems from the fact that physical devices respond differently to different requests. In this protocol, Cert1, Cert2, and K1 are updated after each successful authentication. If an attacker sends the previous (D1, D2, D3, F2) to the ED, the ED cannot calculate the correct R3, resulting in a mismatch between the obtained R3 and the received F2, causing authentication to fail. Since each ED will give the same authentication failure response, the attacker cannot distinguish the target ED from other EDs. Therefore, the protocol is able to resist linkability attacks.
[0053] Therefore, this scheme first shares the device fingerprint and pre-shared key between devices and stores them in secure memory. Information used for authentication relies on these two for generation. Even if an attacker steals information exchanged between devices, they cannot generate the necessary intermediate values to impersonate the device. Secondly, during each authentication, both parties update the intermediate information and session key used for authentication with newly generated random numbers, relying on the sequence number. This application ensures that the TRDP protocol transmission satisfies identity confidentiality, resistance to linkable attacks, resistance to impersonation attacks, resistance to replay attacks, resistance to denial-of-service attacks, resistance to message interception attacks, resistance to man-in-the-middle attacks, perfect forward security, and forward and backward security even in the event of session key leakage. These designs give this protocol extremely high security. Furthermore, in this scheme, hashing is used instead of encryption, and message authentication codes are used instead of certificates to complete identity authentication. Both are extremely fast primitive operations in cryptography and are not complex to operate. Therefore, this scheme is also suitable for resource-constrained scenarios and scenarios with high real-time requirements.
[0054] Based on the above embodiments, this application provides a data transmission method applied to a train terminal device, which may include the following steps: acquiring a stored derived key, a first credential, and a second credential; generating a second random number, and generating first verification data based on the second random number and the derived key; generating second verification data based on the terminal device's identifier, the second random number, and the derived key; sending the first verification data and the second verification data to the central control unit so that the central control unit can authenticate the terminal device; acquiring authentication update information generated by the central control unit after completing the authentication of the terminal device; authenticating the central control unit based on the authentication update information; and, in response to completing the authentication of the central control unit, determining the session key and updating the stored derived key, the first credential, and the derived key. Two credentials; data transmission is performed with the central control unit based on the session key; wherein, the central control unit generates a first random number based on the stored master key, first credential, and second credential; generates an identifier for the terminal device based on the master key, the first random number, and the first credential; determines a shared key corresponding to the identifier of the terminal device; generates a derived key based on the shared key and the first random number; generates a second random number based on the derived key and the first verification data; generates third verification data based on the second random number, the derived key, and the identifier of the terminal device; in response to the third verification data being consistent with the second verification data, the identity authentication of the terminal device is completed, a third random number is generated, and authentication update information carrying the session key is generated based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device.
[0055] In an exemplary embodiment, before the terminal device obtains the stored derived key, first credential, and second credential, it may also obtain and store the shared key, derived key, first credential, and second credential transmitted by the central control unit during the registration phase. Specifically, the central control unit obtains the identifier of the terminal device, generates a shared key corresponding to the terminal device based on the identifier, generates a first random number, generates a derived key based on the first random number and the shared key, generates a first credential based on the master key, the first random number, and the identifier of the terminal device, and generates a second credential based on the first credential, the first random number, and the master key.
[0056] In an exemplary embodiment, during the process of the terminal device authenticating the central control unit based on the authentication update information, the authentication update information can be parsed to obtain first authentication data, second authentication data, third authentication data, and third verification data; a third random number is generated based on a second random number, a derived key, and the first authentication data; derived key update data is generated based on the third random number and a stored shared key; first credential update data is generated based on the derived key update data, the second random number, and the second authentication data; second credential update data is generated based on the derived key update data, the second random number, and the third authentication data; a session key is generated based on the derived key and the second random number; and fourth verification data is generated based on the session key, the first credential update data, and the second credential update data; in response to the fourth verification data being consistent with the third verification data, the authentication of the central control unit is completed. Specifically, the central control unit generates first credential update data based on the master key, a third random number, and the identifier of the terminal device; generates second credential update data based on the master key, the third random number, and the first credential update data; generates derived key update data based on the shared key and the third random number; generates a session key based on the second random number and the derived key; generates first authentication data based on the third random number, the second random number, and the derived key; generates second authentication data based on the first credential update data, the derived key update data, and the second random number; generates third authentication data based on the second credential update data, the derived key update data, and the second random number; and generates third verification data based on the session key, the first credential update data, and the second credential update data.
[0057] In an exemplary embodiment, during the process of updating the stored derived key, first credential, and second credential, the terminal device may use the updated derived key data as the latest stored derived key; the updated first credential data as the latest stored first credential; and the updated second credential data as the latest stored second credential.
[0058] The description of the corresponding steps in this embodiment can be found in the above embodiments, and will not be repeated here.
[0059] Please see Figure 5 , Figure 5 This is a schematic diagram of a data transmission system provided in an embodiment of this application.
[0060] This application provides a data transmission system applied to the central control unit of a train, which may include: The first acquisition module 101 is used to acquire the first credential, the second credential, the first verification data, and the second verification data transmitted by the terminal equipment of the train. The first random number generation module 102 is used to generate a first random number based on the stored master key, first credential and second credential. The shared key determination module 103 is used to generate an identifier for the terminal device based on the master key, the first random number, and the first credential, and to determine the shared key corresponding to the identifier of the terminal device. The derived key generation module 104 is used to generate a derived key based on the shared key and the first random number; The second random number generation module 105 is used to generate a second random number based on the derived key and the first verification data; The third verification data generation module 106 is used to generate third verification data based on the second random number, the derived key and the identifier of the terminal device; The first authentication module 107 is used to complete the identity authentication of the terminal device in response to the fact that the third verification data is consistent with the second verification data. The authentication update information generation module 108 is used to generate a third random number, and based on the master key, the third random number, the derived key, the shared key, the second random number and the identifier of the terminal device, generate authentication update information carrying the session key. The authentication update information sending module 109 is used to transmit authentication update information to the terminal device, so that the terminal device can complete the authentication of the central control unit based on the authentication update information, generate a session key, and update the stored derivative key, first credential, and second credential. The first transmission module 110 is used to transmit data with the terminal device based on the session key; Specifically, the terminal device obtains the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the terminal device's identifier, the second random number, and the derived key.
[0061] The data transmission system provided in this application embodiment, applied to the central control unit of a train, may further include: The second acquisition module is used to acquire the identifier of the terminal device during the registration phase before the first acquisition module acquires the first credential, the second credential, the first verification data, and the second verification data transmitted by the terminal device of the train. The shared key initialization module is used to generate a shared key corresponding to the terminal device based on the terminal device's identifier. The first random number initialization module is used to generate the first random number. The derived key initialization module is used to generate a derived key based on the first random number and the shared key; The first credential initialization module is used to generate the first credential based on the master key, the first random number, and the identifier of the terminal device; The second credential initialization module is used to generate a second credential based on the first credential, the first random number, and the master key; The second transmission module is used to transmit the shared key, the derived key, the first credential, and the second credential to the terminal device for storage.
[0062] This application provides a data transmission system applied to the central control unit of a train. The authentication update information generation module can be used to: generate first credential update data based on a master key, a third random number, and the identifier of the terminal device; generate second credential update data based on the master key, the third random number, and the first credential update data; generate derived key update data based on a shared key and a third random number; generate a session key based on a second random number and the derived key; generate first authentication data based on a third random number, a second random number, and the derived key; generate second authentication data based on the first credential update data, the derived key update data, and a second random number; generate third authentication data based on the second credential update data, the derived key update data, and the second random number; generate third verification data based on the session key, the first credential update data, and the second credential update data; and use the first authentication data, the second authentication data, the third authentication data, and the third verification data as authentication update information.
[0063] This application provides a data transmission system for use in train terminal equipment, which may include: The second acquisition module is used to acquire the stored derived key, first credential, and second credential. The first verification data initialization module is used to generate a second random number, and based on the second random number and the derived key, generate the first verification data; The second verification data initialization module is used to generate second verification data based on the terminal device's identifier, the second random number, and the derived key. The first sending module is used to send the first verification data and the second verification data to the central control unit so that the central control unit can authenticate the terminal device. The authentication update information acquisition module is used to acquire the authentication update information generated by the central control unit after completing the identity authentication of the terminal device; The identity authentication module is used to authenticate the central control unit based on the authentication update information. The update module is used to determine the session key and update the stored derived key, first credential and second credential in response to the completion of authentication of the central control unit; The third transmission module is used to transmit data with the central control unit based on the session key; The central control unit generates a first random number based on the stored master key, first credential, and second credential. Based on the master key, the first random number, and the first credential, it generates an identifier for the terminal device and determines the shared key corresponding to the identifier. Based on the shared key and the first random number, it generates a derived key. Based on the derived key and the first verification data, it generates a second random number. Based on the second random number, the derived key, and the identifier of the terminal device, it generates third verification data. In response to the third verification data being consistent with the second verification data, the authentication of the terminal device is completed, a third random number is generated, and based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, it generates authentication update information carrying the session key.
[0064] The data transmission system provided in this application embodiment, applied to a terminal device on a train, may further include: The third acquisition module is used to acquire and store the shared key, derived key, first credential, and second credential transmitted by the central control unit during the registration phase, before the second acquisition module acquires the stored derived key, first credential, and second credential. The central control unit obtains the identifier of the terminal device, generates a shared key corresponding to the terminal device based on the identifier of the terminal device, generates a first random number, generates a derived key based on the first random number and the shared key, generates a first credential based on the master key, the first random number and the identifier of the terminal device, and generates a second credential based on the first credential, the first random number and the master key.
[0065] This application provides a data transmission system applied to a train terminal device. The identity authentication module is used to: parse authentication update information to obtain first authentication data, second authentication data, third authentication data, and third verification data; generate a third random number based on a second random number, a derived key, and the first authentication data; generate derived key update data based on the third random number and a stored shared key; generate first credential update data based on the derived key update data, the second random number, and the second authentication data; generate second credential update data based on the derived key update data, the second random number, and the third authentication data; generate a session key based on the derived key and the second random number; generate fourth verification data based on the session key, the first credential update data, and the second credential update data; and complete identity authentication of the central control unit if the fourth verification data matches the third verification data. Specifically, the central control unit generates first credential update data based on the master key, a third random number, and the identifier of the terminal device; generates second credential update data based on the master key, the third random number, and the first credential update data; generates derived key update data based on the shared key and the third random number; generates a session key based on the second random number and the derived key; generates first authentication data based on the third random number, the second random number, and the derived key; generates second authentication data based on the first credential update data, the derived key update data, and the second random number; generates third authentication data based on the second credential update data, the derived key update data, and the second random number; and generates third verification data based on the session key, the first credential update data, and the second credential update data.
[0066] This application provides a data transmission system applied to a train terminal device. The update module is used to: update the derived key as the latest stored derived key; update the first credential as the latest stored first credential; and update the second credential as the latest stored second credential.
[0067] This application also provides an electronic device and a computer-readable storage medium, both of which have the corresponding effects of the data transmission method provided in the embodiments of this application. Please refer to... Figure 6 , Figure 6 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application.
[0068] An electronic device provided in this application includes a memory 201 and a processor 202. The memory 201 stores a computer program, and the processor 202 executes the computer program to implement the steps of the data transmission method described in any of the above embodiments.
[0069] Please see Figure 7Another electronic device provided in this application embodiment may further include: an input port 203 connected to the processor 202 for transmitting commands input from the outside to the processor 202; a display unit 204 connected to the processor 202 for displaying the processing results of the processor 202 to the outside; and a communication module 205 connected to the processor 202 for enabling communication between the electronic device and the outside. The display unit 204 may be a display panel, a laser scanning display, etc.; the communication method adopted by the communication module 205 includes, but is not limited to, Mobile High-Definition Link (MHL), Universal Serial Bus (USB), High-Definition Multimedia Interface (HDMI), wireless connection: Wireless Fidelity (WiFi), Bluetooth communication technology, Bluetooth Low Energy communication technology, and communication technology based on IEEE 802.11s.
[0070] This application provides a computer-readable storage medium storing a computer program. When the computer program is executed by a processor, it implements the steps of the data transmission method described in any of the above embodiments.
[0071] The computer-readable storage media involved in this application include random access memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disks, removable disks, CD-ROMs (compact disc read-only memory), or any other form of storage media known in the art.
[0072] This application provides a computer program product, including a computer program / instructions, which, when executed by a processor, implement the steps of the data transmission method described in any of the above embodiments.
[0073] For descriptions of relevant parts in the data transmission system, electronic device, and computer-readable storage medium provided in this application's embodiments, please refer to the detailed description of the corresponding parts in the data transmission method provided in this application's embodiments; they will not be repeated here. Furthermore, parts of the technical solutions provided in this application that are consistent with the implementation principles of corresponding technical solutions in the prior art have not been described in detail to avoid excessive elaboration.
[0074] It should also be noted that, in this document, relational terms such as "first" and "second" are used only to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes said element.
[0075] The above description of the disclosed embodiments enables those skilled in the art to make or use this application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be implemented in other embodiments without departing from the spirit or scope of this application. Therefore, this application is not to be limited to the embodiments shown herein, but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims
1. A data transmission method, characterized in that, The central control unit used in trains includes: Obtain the first credential, the second credential, the first verification data, and the second verification data transmitted by the train's terminal equipment; Based on the stored master key, first credential, and second credential, generate a first random number; Based on the master key, the first random number, and the first credential, generate an identifier for the terminal device and determine the shared key corresponding to the identifier of the terminal device; Based on the shared key and the first random number, a derived key is generated; Based on the derived key and the first verification data, generate a second random number; Based on the second random number, the derived key, and the identifier of the terminal device, generate third verification data; If the third verification data matches the second verification data, the authentication of the terminal device is completed. Generate a third random number, and based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, generate authentication update information carrying the session key; The authentication update information is transmitted to the terminal device so that the terminal device can complete the identity authentication of the central control unit based on the authentication update information, determine the session key, and update the stored derived key, first credential, and second credential. Data is transmitted with the terminal device based on the session key; Specifically, the terminal device acquires the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the terminal device's identifier, the second random number, and the derived key.
2. The method according to claim 1, characterized in that, Before obtaining the first credential, second credential, first verification data, and second verification data transmitted by the train's terminal equipment, the process further includes: During the registration phase, the identifier of the terminal device is obtained; Based on the identifier of the terminal device, a shared key corresponding to the terminal device is generated; Generate the first random number; Generate a derived key based on the first random number and the shared key; A first credential is generated based on the master key, the first random number, and the identifier of the terminal device; Generate a second credential based on the first credential, the first random number, and the master key; The shared key, derived key, first credential, and second credential are transmitted to the terminal device for storage.
3. The method according to claim 1, characterized in that, The step of generating authentication update information carrying the session key based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device includes: Based on the master key, the third random number, and the identifier of the terminal device, generate first credential update data; Based on the master key, the third random number, and the first credential update data, generate the second credential update data; Based on the shared key and the third random number, generate derived key update data; Generate a session key based on the second random number and the derived key; Based on the third random number, the second random number, and the derived key, generate the first authentication data; Based on the first credential update data, the derived key update data, and the second random number, generate the second authentication data; Based on the second credential update data, the derived key update data, and the second random number, generate the third authentication data; Generate third verification data based on the session key, the first credential update data, and the second credential update data; The first authentication data, the second authentication data, the third authentication data, and the third verification data are used as authentication update information.
4. A data transmission method, characterized in that, Terminal equipment used on trains includes: Retrieve the stored derived key, first credential, and second credential; Generate a second random number, and based on the second random number and the derived key, generate the first verification data; Based on the identifier of the terminal device, the second random number, and the derived key, second verification data is generated; The first verification data and the second verification data are sent to the central control unit so that the central control unit can authenticate the terminal device. Obtain the authentication update information generated by the central control unit after completing the identity authentication of the terminal device; The central control unit is authenticated based on the authentication update information. In response to the completion of authentication of the central control unit, a session key is determined and the stored derived key, first credential, and second credential are updated; Data is transmitted with the central control unit based on the session key; The central control unit generates a first random number based on the stored master key, first credential, and second credential. Based on the master key, the first random number, and the first credential, it generates an identifier for the terminal device. It then determines a shared key corresponding to the terminal device identifier. Based on the shared key and the first random number, it generates a derived key. Based on the derived key and the first verification data, it generates a second random number. Based on the second random number, the derived key, and the terminal device identifier, it generates third verification data. In response to the third verification data matching the second verification data, the authentication of the terminal device is completed. A third random number is then generated. Based on the master key, the third random number, the derived key, the shared key, the second random number, and the terminal device identifier, the authentication update information carrying the session key is generated.
5. The method according to claim 4, characterized in that, Before obtaining the stored derived key, first credential, and second credential, the process also includes: During the registration phase, the shared key, derived key, first credential, and second credential transmitted by the central control unit are obtained and stored. The central control unit obtains the identifier of the terminal device, generates a shared key corresponding to the terminal device based on the identifier of the terminal device, generates a first random number, generates a derived key based on the first random number and the shared key, generates a first credential based on the master key, the first random number and the identifier of the terminal device, and generates a second credential based on the first credential, the first random number and the master key.
6. The method according to claim 5, characterized in that, The step of authenticating the central control unit based on the authentication update information includes: The authentication update information is parsed to obtain first authentication data, second authentication data, third authentication data, and third verification data; A third random number is generated based on the second random number, the derived key, and the first authentication data; Based on the third random number and the stored shared key, generate derived key update data; Based on the derived key update data, the second random number, and the second authentication data, generate the first credential update data; Based on the derived key update data, the second random number, and the third authentication data, generate the second credential update data; Generate a session key based on the derived key and the second random number; Based on the session key, the first credential update data, and the second credential update data, generate the fourth verification data; If the fourth verification data matches the third verification data, the authentication of the central control unit is completed. Specifically, the central control unit generates first credential update data based on the master key, the third random number, and the identifier of the terminal device; generates second credential update data based on the master key, the third random number, and the first credential update data; generates derived key update data based on the shared key and the third random number; generates a session key based on the second random number and the derived key; generates first authentication data based on the third random number, the second random number, and the derived key; generates second authentication data based on the first credential update data, the derived key update data, and the second random number; generates third authentication data based on the second credential update data, the derived key update data, and the second random number; and generates third verification data based on the session key, the first credential update data, and the second credential update data.
7. The method according to claim 6, characterized in that, The updated stored derived key, first credential, and second credential include: Update the derived key with the latest stored derived key; Use the updated data of the first voucher as the latest stored first voucher; Update the second credential data as the latest stored second credential.
8. A data transmission system, characterized in that, The central control unit used in trains includes: The first acquisition module is used to acquire the first credential, the second credential, the first verification data, and the second verification data transmitted by the train's terminal equipment. The first random number generation module is used to generate a first random number based on the stored master key, first credential and second credential. The shared key determination module is used to generate an identifier for the terminal device based on the master key, the first random number, and the first credential, and to determine the shared key corresponding to the identifier of the terminal device; A derived key generation module is used to generate a derived key based on the shared key and the first random number; The second random number generation module is used to generate a second random number based on the derived key and the first verification data; The third verification data generation module is used to generate third verification data based on the second random number, the derived key, and the identifier of the terminal device. The first authentication module is used to complete the identity authentication of the terminal device in response to the third verification data being consistent with the second verification data. The authentication update information generation module is used to generate a third random number and, based on the master key, the third random number, the derived key, the shared key, the second random number, and the identifier of the terminal device, generate authentication update information carrying the session key. An authentication update information sending module is used to transmit the authentication update information to the terminal device, so that the terminal device can generate a session key and update the stored derivative key, first credential and second credential after completing the identity authentication of the central control unit according to the authentication update information. The first transmission module is used to transmit data with the terminal device based on the session key; Specifically, the terminal device acquires the stored derived key, first credential, and second credential, generates a second random number, generates first verification data based on the second random number and the derived key, and generates second verification data based on the terminal device's identifier, the second random number, and the derived key.
9. An electronic device, characterized in that, include: Memory, used to store computer programs; A processor, configured to implement the steps of the data transmission method as described in any one of claims 1 to 7 when executing the computer program.
10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, implements the steps of the data transmission method as described in any one of claims 1 to 7.