Offline authentication method and apparatus for on-board controller unit diagnostic secure access
By employing multi-level key derivation and offline authentication methods, the problem of insufficient vehicle information security protection caused by a single static MKS is solved. This enables the restriction of secure access permissions to the ECU within a limited scope, reduces the impact of key leakage, and improves vehicle information security.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- WUHAN JIANGXIA CHUNENG AUTOMOBILE TECHNOLOGY R&D CO LTD
- Filing Date
- 2026-03-18
- Publication Date
- 2026-06-26
AI Technical Summary
In existing technologies, a single static MKS of a vehicle ECU is shared among a group of vehicles or a class of ECUs. This means that once the MKS is obtained, attackers can reuse a large number of vehicle ECUs within the key domain to initiate secure access, resulting in large-scale unauthorized flashing or data theft, and significantly reducing the vehicle's information security protection capabilities.
A multi-level key derivation rule is adopted to derive control unit keys that are bound to attribute identifiers such as vehicle model, region, year, and control unit category from the root key. An offline verification file is generated, which includes an authorization policy field and an encrypted payload. After digital signing, the file is distributed offline to ensure that the key is used only within the limited attribute domain.
By employing multi-level key derivation and offline authentication, the impact of key leaks is limited, the risk of large-scale unauthorized flashing or data theft is reduced, and the information security of mass-produced vehicles is improved.
Smart Images

Figure CN122284569A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of vehicle information security technology, and in particular to an offline authentication method and device for secure access to vehicle controller unit diagnostics. Background Technology
[0002] During vehicle after-sales diagnostics and software maintenance, diagnostic equipment needs to communicate with the vehicle's electronic control unit (ECU) to perform operations such as fault diagnosis, parameter configuration, program flashing, and remote upgrades. Since these operations often involve reading and writing critical ECU data, and may even alter control strategies or update firmware, unauthorized use could lead to security risks such as vehicle malfunctions, control logic tampering, and sensitive data leakage. To address this, OEMs generally introduce the UDS secure access service (0x27) based on the ISO 14229 standard on the ECU side. This service uses a challenge-response mechanism to authenticate diagnostic equipment, allowing it to access higher security levels only when it has legitimate access rights, thus ensuring ECU access security during after-sales diagnostics and remote upgrades.
[0003] In existing technologies, the core of security relies on the Master Key Seed (MKS). A single static MKS is burned into the ECU of a mass-produced vehicle by brand, vehicle model, or ECU type, and the MKS is packaged into an offline license file (.lic) and distributed to authorized diagnostic devices. When performing secure access, the diagnostic device directly uses the MKS in combination with vehicle information to generate an encryption key to complete the challenge-response verification.
[0004] However, since the same MKS is often shared among a batch of vehicles or a type of ECU, once the single-layer MKS is obtained, attackers can reuse the obtained MKS to launch secure access to a large number of vehicle ECUs within the same key domain, thereby bypassing access control and carrying out large-scale unauthorized flashing or data theft, causing the scope of key leakage to expand dramatically and significantly reducing the vehicle information security protection capability. Summary of the Invention
[0005] This invention provides an offline authentication method and device for secure access to vehicle controller unit diagnostics, which solves the problem of insufficient vehicle information security protection caused by burning a single static MKS into the vehicle ECU by brand or vehicle model in the prior art.
[0006] A first aspect of the present invention provides an offline authentication method for secure access to a vehicle controller unit for diagnostics, applied to a first terminal device, comprising: performing key derivation on the root key according to a preset multi-level derivation rule based on a pre-configured root key and at least one attribute identifier corresponding to a second terminal device, and determining the final-level key as the control unit key of the second terminal device; generating an offline verification file, writing an authorization policy field into the offline verification file, the authorization policy field being suitable for limiting the scope of application of the offline verification file; encapsulating the control unit key or a derivation context used to derive the control unit key into an encrypted payload and writing it into the offline verification file; digitally signing the offline verification file to generate a signature field; and offline distributing the offline verification file to an authorized third terminal device.
[0007] According to an offline authentication method provided by the present invention, the multi-level derivation rules include: deriving a vehicle model key based on the root key and the vehicle model identifier; deriving a region key based on the vehicle model key and the region identifier; obtaining a model year key based on the region key and the model year identifier; and deriving the control unit key based on the model year key and the category identifier of the second terminal device.
[0008] According to an offline authentication method provided by the present invention, the authorization policy field includes the identity identification number matching rule of the second terminal device.
[0009] According to an offline authentication method provided by the present invention, the identity identification number rules include: a set of regular expression rules for pattern matching of the identity identification number, or a prefix list for prefix matching of the identity identification number.
[0010] According to an offline authentication method provided by the present invention, the key derivation is implemented through a key derivation function, and the input of the key derivation function includes the encoded value of the previous level key and the corresponding attribute identifier.
[0011] According to an offline authentication method provided by the present invention, the derived context includes one or more of the following: a year identifier, a region identifier, and a second terminal device category identifier, used to characterize the key domain to which the control unit key belongs.
[0012] According to an offline authentication method provided by the present invention, the offline verification file includes an authorization policy field, an encrypted payload field, and a signature field, wherein the signature field is used to perform integrity verification on the authorization policy field and the encrypted payload field.
[0013] A second aspect of the present invention also provides an offline authentication method for secure access to a vehicle controller unit for diagnostic purposes, applied to a second terminal device, comprising: receiving a secure access request initiated by a third terminal device and returning a seed for secure access to the third terminal device; receiving a secure access response value returned by the third terminal device based on the seed; generating an expected response value based on a control unit key preset in the second terminal device, and matching and verifying the expected response value with the secure access response value; and, if the matching is successful, switching the second terminal device to the corresponding diagnostic secure access level; wherein the control unit key is a final-level key derived by the first terminal device based on a pre-configured root key and based on at least one attribute identifier corresponding to the second terminal device, according to a preset multi-level derivation rule.
[0014] A third aspect of the present invention also provides an offline authentication method for secure access to a vehicle controller unit for diagnostics, applied to a third terminal device, comprising: obtaining an offline verification file distributed offline by a first terminal device and verifying the signature field of the offline verification file; obtaining an identity identification number matching rule based on the authorization policy field in the offline verification file and obtaining the identity identification number of a second terminal device, and performing a matching verification according to the identity identification number matching rule; when the signature verification and matching verification pass, decrypting the encrypted payload in the offline verification file to obtain a control unit key or a derivation context for deriving the control unit key; initiating a secure access seed request to the second terminal device to obtain a seed, performing a secure access response calculation on the seed based on the control unit key or the derivation context to obtain a secure access response value; and sending the secure access response value to the second terminal device to trigger secure access verification of the second terminal device; wherein the control unit key is a final-level key derived by the first terminal device based on a pre-configured root key and based on at least one attribute identifier corresponding to the second terminal device according to a preset multi-level derivation rule.
[0015] A fourth aspect of the present invention also provides an offline authentication device for secure access to a vehicle controller unit for diagnostics, applied to a first terminal device, comprising: a control unit key derivation module, configured to perform key derivation on the root key based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device, according to a preset multi-level derivation rule, and determine the final-level key as the control unit key of the second terminal device; an offline verification file generation module, configured to write an authorization policy field into the offline verification file, the authorization policy field being suitable for limiting the scope of application of the offline verification file; an encapsulation module, configured to encapsulate the control unit key or a derivation context used to derive the control unit key into an encrypted payload and write it into the offline verification file; a signature module, configured to digitally sign the offline verification file to generate a signature field; and a distribution module, configured to offline distribute the offline verification file to an authorized third terminal device.
[0016] The offline authentication method for secure access to vehicle controller unit diagnostics provided by this invention derives a root key level by level based on multiple attribute identifiers according to a multi-level derivation rule, and determines the derived final-level key as the control unit key corresponding to the second terminal device, so that different attribute combinations correspond to different control unit keys. Compared with the existing single static MKS scheme where the same key is used extensively, in this invention, the final-level key is only applicable to the attribute domain defined by the corresponding attribute identifier, thereby restricting access to the ECU to a smaller scope. Thus, even if a final-level key is leaked or cracked, its impact is limited to the ECUs within the attribute domain corresponding to that final-level key, and is unlikely to spread to ECUs corresponding to other models, regions, years, or controller categories. Therefore, it can effectively reduce the risk of large-scale unauthorized flashing or data theft and improve the information security of mass-produced vehicles. Attached Figure Description
[0017] To more clearly illustrate the technical solutions in this invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of this invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.
[0018] Figure 1 The flowchart illustrates an embodiment of the present invention of an offline authentication method for diagnosing secure access to an onboard controller unit applied to a first terminal device. Figure 2 This schematically illustrates an offline authentication method for secure access to the onboard controller unit for diagnostics, applied to a second terminal device. Figure 3The flowchart illustrates an embodiment of the present invention of an offline authentication method for diagnosing secure access to an onboard controller unit in a third terminal device. Figure 4 The diagram schematically illustrates the structure of an offline authentication device for secure access diagnostics of an onboard controller unit applied to a first terminal device. Detailed Implementation
[0019] To make the objectives, technical solutions, and advantages of this invention clearer, the technical solutions of this invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some, not all, of the embodiments of this invention. All other embodiments obtained by those skilled in the art based on the embodiments of this invention without creative effort are within the scope of protection of this invention.
[0020] In related technologies, the same MKS is often shared among a group of vehicles or a type of ECU. Once this single-layer MKS is obtained, the attacker can reuse the obtained MKS to launch secure access to a large number of vehicle ECUs within the same key domain.
[0021] In view of this, the present invention provides an offline authentication method for diagnosing secure access to an onboard controller unit.
[0022] Figure 1 The flowchart illustrates an embodiment of the present invention of an offline authentication method for diagnostic secure access to an onboard controller unit applied to a first terminal device.
[0023] like Figure 1 As shown, the method includes operations S110~S150.
[0024] In operation S110, based on the pre-configured root key and at least one attribute identifier corresponding to the second terminal device, key derivation is performed on the root key according to the preset multi-level derivation rules, and the final key is determined as the control unit key of the second terminal device.
[0025] The root key refers to the master key material that is pre-configured and stored by the OEM in a controlled and secure environment, and is not used to be directly distributed to external terminals.
[0026] Attribute identifiers refer to context parameters used to characterize the group domain to which the second terminal device belongs. They can include, but are not limited to, any one or a combination of vehicle model, region, model year, control unit category, etc.
[0027] According to an embodiment of the present invention, the first terminal device may be a key management and authorization issuing terminal of the host manufacturer, and the second terminal device may be a target vehicle controller unit.
[0028] According to an embodiment of the present invention, a multi-level derivation rule can be to introduce one or more attribute identifiers into the key derivation process in a preset order, such that the output of each level of derivation serves as the input of the next level of derivation, thereby obtaining a derivation key bound to the attribute identifier. The final-level key refers to the derivation result obtained after introducing attribute identifiers at predetermined levels.
[0029] According to an embodiment of the present invention, when generating the control unit key, the first terminal device first obtains a pre-configured root key and obtains the value of at least one attribute identifier corresponding to the second terminal device. To ensure that the key derivation is deterministic and reproducible, the value of the attribute identifier can be normalized and encoded into a byte sequence before participating in the derivation, for example, by using a fixed character set encoding and including attribute type markers and length information in the encoding, so as to avoid ambiguity caused by concatenation of different attribute values.
[0030] Subsequently, the first terminal device performs key derivation on the root key according to a preset multi-level derivation rule. In the first-level derivation, the root key is used as the input of the previous-level key, and the encoded value of the first-level attribute identifier is used as the derivation input data. The first-level derivation key is calculated through the key derivation function. In subsequent levels of derivation, the previous-level derivation key is used as the key input, and the encoded value of the previous unintroduced attribute identifier is used as the derivation input data. The key derivation function is executed repeatedly until the attribute identifiers of the predetermined levels are introduced, and the final-level key is obtained.
[0031] According to embodiments of the present invention, the key derivation function can be implemented using a message authentication code-based derivation method or a hash-based derivation method to ensure that the derivation result is sensitive to the input and that it is difficult to deduce the upper-level key from the lower-level key, thereby achieving key isolation between different attribute domains.
[0032] According to an embodiment of the present invention, after the control unit key is generated, the control unit key can be burned to the second terminal device.
[0033] According to an embodiment of the present invention, since the first terminal device can generate different control unit keys for the second terminal devices corresponding to different attribute domains without changing the root key, when a certain final level is leaked, its impact is limited to the key domain corresponding to the corresponding attribute identifier, thereby reducing the risk of large-scale unauthorized writing or data theft caused by a single key leak.
[0034] In operation S120, an offline verification file is generated, and an authorization policy field is written into the offline verification file. The authorization policy field is used to limit the scope of application of the offline verification file.
[0035] An offline verification file refers to an offline data carrier that contains authorization information and key material encapsulation information. It can be a file, a data block, or a structured data object. The authorization policy field refers to the set of policy information written into the offline verification file, which defines the applicable boundaries of the offline verification file when used offline.
[0036] According to embodiments of the present invention, the scope of application includes at least the target object range and / or the permission range to which the offline verification file is applicable, thereby preventing the improper reuse of the offline verification file.
[0037] According to an embodiment of the present invention, when generating an offline verification file, the first terminal device can create structured data containing multiple fields, wherein the authorization policy field can be written into the structured data as an independent field.
[0038] According to an embodiment of the present invention, the authorization policy field may include one or more policy elements for defining the scope of application, such as identification information for characterizing the identity or group domain of the second terminal device, permission information for defining the authentication or access types that are allowed to be performed, and identification information for identifying the policy version, etc.
[0039] According to an embodiment of the present invention, to ensure cross-device parsing consistency, the first terminal device may serialize the authorization policy field according to a preset encoding rule, for example, using a key-value pair format. Furthermore, a unified agreement is made regarding the field order, encoding character set, length, and verification rules, enabling the third terminal device to accurately parse the authorization policy field offline and determine whether the offline verification file meets the usage conditions.
[0040] According to an embodiment of the present invention, by writing the authorization policy field into the offline verification file, the first terminal device can enable the offline verification file to have executable scope restrictions when it is loaded by the third terminal device: the third terminal device can perform consistency verification on whether the second terminal device belongs to the allowed scope based on the authorization policy field without relying on network queries, and only after the verification is passed will it further execute the key material activation and subsequent secure access process.
[0041] In operation S130, the control unit key or the derived context used to derive the control unit key is encapsulated as an encrypted payload and written to the offline verification file.
[0042] Encrypted payloads refer to sensitive data units stored in encrypted form in offline verification files.
[0043] According to an embodiment of the present invention, the derived context refers to context information used to characterize the key domain and derivation path of the control unit key. It may include attribute identifier values or tag information related to the derivation of the control unit key, so as to determine or derive the target control unit key when needed.
[0044] In one embodiment, the encrypted payload may directly contain the control unit key. In another embodiment, the encrypted payload contains a derived context (e.g., identification information reflecting the domain to which the target control unit belongs) for deriving the control unit key, and may also contain necessary parameter information for assisting in the deriving or verification.
[0045] In this embodiment, the encrypted payload is written as an independent field in the offline verification file and, together with the authorization policy field, serves as the input object for subsequent integrity protection (such as digital signature). This ensures that the encrypted payload not only maintains confidentiality during distribution but also prevents it from being replaced or tampered with, thereby further enhancing the security and trustworthiness of the offline authentication file.
[0046] In one illustrative embodiment, the derived context includes one or more of a year identifier, a region identifier, and a second terminal device category identifier used to characterize the key domain to which the control unit key belongs.
[0047] In operation S140, the offline verification file is digitally signed to generate a signature field.
[0048] According to an embodiment of the present invention, the first terminal device first determines the scope of the data to be signed. To ensure that the authorization policy field and the encryption payload field cannot be tampered with or replaced, the data to be signed may include at least the contents of the authorization policy field and the encryption payload field, excluding the signature field, from the offline verification file. The first terminal device may serialize the data to be signed according to a preset encoding rule, for example, by concatenating the fields in a fixed order or by using a structured encoding format (such as TLV / key-value pairs) to output a deterministic byte sequence, so as to avoid verification failure due to differences in field order or encoding. Subsequently, the first terminal device performs a hash calculation on the byte sequence to generate a digest value, and uses the signing private key held by the first terminal device to perform a digital signature operation on the digest value to obtain a signature value.
[0049] According to an embodiment of the present invention, the first terminal device writes the signature value into the signature field of the offline verification file. The signature field may further include metadata such as a signature algorithm identifier, a signature key identifier, or a certificate chain identifier, so that the third terminal device can select the correct verification public key and complete the verification process during offline verification. Before using the offline verification file, the third terminal device reads the signature field and recalculates the digest of the data to be signed using the corresponding verification public key and performs signature verification. If the verification passes, it confirms that the offline verification file has not been tampered with and was indeed issued by the first terminal device; if the verification fails, it refuses to use the offline verification file, thereby preventing attackers from expanding the scope of application or implanting forged key materials by tampering with the authorization policy field or replacing the encryption payload.
[0050] In operation S150, the offline verification file is distributed offline to authorized third-party terminal devices.
[0051] Through the above configuration, the first terminal device starts with a pre-configured root key and, in conjunction with the attribute identifier of the second terminal device, generates and determines the control unit key corresponding to the second terminal device according to a preset multi-level derivation rule. This isolates the control unit keys of different attribute domains from each other, thereby limiting the impact to the corresponding control unit or its domain in the event of a key leak. This reduces the risk of large-scale unauthorized writes or data theft caused by a single-layer static MKS leak. At the same time, the authorization policy field, control unit key, and / or derivation context are encapsulated in the form of encrypted payloads and written into the offline verification file. The offline verification file is then digitally signed and distributed offline, ensuring confidentiality and immutability during distribution and use. This enables trusted distribution and boundary constraints of offline authentication credentials even without a network connection, improving the security and controllability of secure access for after-sales diagnostics.
[0052] In one illustrative embodiment, the multi-level derivation rules include: deriving a vehicle model key based on the root key and the vehicle model identifier; deriving a region key based on the vehicle model key and the region identifier; deriving a model year key based on the region key and the model year identifier; and deriving a control unit key based on the model year key and the category identifier of the second terminal device.
[0053] According to an embodiment of the present invention, the vehicle model identifier is used to characterize the vehicle model or platform series to which the target vehicle belongs, such as the vehicle model code, platform code, etc.
[0054] According to an embodiment of the present invention, the regional identifier is used to characterize the market area where the vehicle is deployed or configured, such as country / region code, market area code, etc.
[0055] According to an embodiment of the present invention, the model year identifier is used to indicate the model year or version batch of the vehicle, such as the year value or model year code.
[0056] According to an embodiment of the present invention, the category identifier of the second terminal device is used to characterize the control unit type of the target ECU.
[0057] Through the aforementioned hierarchical derivation method, with each level of attribute identifier introduced, the scope of application of the derived key is further limited to the subdomain defined by the corresponding attribute combination. For example, it converges from the "same vehicle model domain" to the "subdomain of the same vehicle model and the same region," then to the "subdomain of the same vehicle model, the same region, and the same model year," and finally to the key domain of "the same vehicle model, the same region, the same model year, and the same control unit category." Thus, the control unit keys between different domains are independent of each other, reducing the risk of cross-vehicle / cross-region / cross-model year / cross-control unit category diffusion when a single-layer static key is leaked, thereby improving the key isolation effect in offline diagnostic secure access scenarios.
[0058] In one illustrative embodiment, the authorization policy field includes a matching rule for the identification number of the second terminal device.
[0059] According to an embodiment of the present invention, when generating an offline verification file, the first terminal device, in addition to writing other policy information for limiting the scope of application, further writes the identification number matching rule of the second terminal device in the authorization policy field to impose offline constraints on the applicable objects of the offline verification file. The identification number is an identifier that can characterize the identity of the vehicle or control unit to which the second terminal device belongs; it can be a vehicle-side identifier (e.g., vehicle identification number) or a unique or semi-unique identifier associated with the vehicle / control unit. The matching rule is a set of rules used to determine whether the identification number of the second terminal device falls within the authorization scope; by writing this matching rule as part of the authorization policy field into the offline verification file, the third terminal device can perform consistency verification on the applicable objects of the authorization file under offline conditions.
[0060] According to an embodiment of the present invention, the first terminal device determines the target scope that the offline verification file is allowed to cover based on authorization requirements, and generates a corresponding identity number matching rule accordingly, which is then written into the authorization policy field. For example, the matching rule can express restrictions such as "only a certain set of numbers is allowed," "only a certain range of numbers is allowed," or "only numbers that meet specific format or prefix characteristics are allowed." Before using the offline verification file, the third terminal device can obtain the identity number of the second terminal device and perform a matching verification according to the matching rule in the authorization policy field; only when the matching verification passes will the third terminal device continue to use the key material encapsulated in the offline verification file and participate in the subsequent secure access process. In this way, even if the offline verification file is copied or disseminated, it is difficult to use it on a second terminal device that is not within the authorized scope, thereby achieving constraint and control over the applicable boundaries of offline authorization in scenarios without network connection.
[0061] In one illustrative embodiment, the identification number rules include: a set of regular expression rules for pattern matching of identification numbers, or a prefix list for prefix matching of identification numbers.
[0062] In one embodiment, the matching rule is a set of regular expression rules. The first terminal device can write one or more regular expressions as strings into the authorization policy field, and optionally configure a rule number or priority for each regular expression. During offline verification, the third terminal device obtains the identification number of the second terminal device and matches the identification number with each regular expression in the rule set one by one; when any regular expression matches successfully, it is determined that the identification number meets the authorization scope. Through the regular expression rule set, constraints such as "specified prefix + specified character range + any other characters" can be expressed more precisely, thereby achieving a fine division of the scope of authorized objects.
[0063] In another embodiment, the matching rule is a prefix list. The first terminal device can write one or more allowed prefixes into the authorization policy field. The prefixes can be a fixed-length string set or a prefix set sorted according to a preset rule. During offline verification, the third terminal device determines whether the identification number of the second terminal device starts with any prefix in the prefix list; if so, the matching verification is considered successful. Compared to regular expression rule sets, prefix list matching generally has lower computational complexity and a simpler rule maintenance method, making it suitable for scenarios where the authorization scope can be clearly described by prefix features.
[0064] In the above implementation, the matching rules can all be parsed and executed offline by the third terminal device as part of the authorization policy field, thereby effectively constraining the applicable objects of the offline verification file under the condition of no network connection, and preventing the offline verification file from being improperly used by unauthorized second terminal devices.
[0065] In one illustrative embodiment, key derivation is implemented through a key derivation function, the input of which includes the encoded values of the parent key and the corresponding attribute identifier.
[0066] According to an embodiment of the present invention, in the first level of derivation, the next-level key is the root key; in subsequent derivation levels, the next-level key is the derived key obtained from the previous level of derivation. The encoded value of the attribute identifier refers to the deterministic byte sequence obtained by converting the attribute identifier used to limit the key field according to a preset encoding rule. This encoded value is used as the input data of the key derivation function in the derivation calculation.
[0067] For example, the first terminal device can perform standardized encoding on the attribute identifiers to ensure that different attribute identifiers and their values do not produce ambiguity after encoding. For instance, the encoded value of the attribute identifier may include an attribute type marker (used to distinguish different attributes such as vehicle model / region / year / category) and an attribute value (such as vehicle model code, region code, etc.), and may further include length information or separators to avoid collisions or inconsistent parsing after different values are concatenated. After encoding, the first terminal device uses the previous level key as the key input of the key derivation function, and the encoded value of the attribute identifier as the data input of the key derivation function to perform derivation operations to obtain the next level key.
[0068] According to embodiments of the present invention, the key derivation function can be implemented using any derivation mechanism that satisfies the requirements of determinism and security. This ensures that the same derivation output can be obtained under the same parent key and the same attribute identifier encoding value, while making it difficult to deduce the parent key from the derivation output, thereby guaranteeing the security boundary of the parent key. The length of the derivation output can be formatted according to the needs of subsequent authentication calculations, for example, a predetermined length can be truncated from the derivation output as the next-level key or as the control unit key.
[0069] In one illustrative embodiment, the offline verification file includes an authorization policy field, an encrypted payload field, and a signature field, wherein the signature field is used to perform integrity verification on the authorization policy field and the encrypted payload field.
[0070] According to an embodiment of the present invention, when generating the signature field, the first terminal device signs the content corresponding to the authorization policy field and the encrypted payload field, such that the signature covers the combined data of the two. This ensures that, on the one hand, the authorization policy field cannot be tampered with, thus expanding the applicability of offline verification files; and on the other hand, the encrypted payload field cannot be replaced with a payload constructed by an attacker or replaced with other key materials.
[0071] Figure 2 This illustration schematically demonstrates an offline authentication method for secure access to the onboard controller unit for diagnostics, applied to a second terminal device.
[0072] like Figure 2 As shown, the method includes operations S210~S230.
[0073] In operation S210, a security access request initiated by a third terminal device is received, and a seed for security access is returned to the third terminal device.
[0074] According to an embodiment of the present invention, when secure access to a second terminal device, such as an in-vehicle ECU, is required, a secure access request can be sent to the second terminal device through a third terminal device, such as a diagnostic tool in a 4S store. At this time, the second terminal device receives the secure access request sent by the third terminal device and checks the current session status (e.g., whether it is in a session that allows secure access, whether the time delay or failure lockout conditions are met, etc.). When the conditions for issuing a seed are met, a seed for this secure access is generated and returned to the third terminal device.
[0075] According to an embodiment of the present invention, when the second terminal device returns a seed, it may send the seed as part of the security access response data, and simultaneously record information such as the session identifier, target security access level, and generation time corresponding to this seed when necessary, so as to perform consistency verification and validation when receiving the security access response value returned by the third terminal device. If the current state is such that the number of failures has exceeded the limit or the delay has not arrived, the second terminal device will not return a valid seed, but will return a corresponding failure response to prompt the third terminal device to retry later or terminate the security access process.
[0076] In operation S220, a security access response value returned by a third terminal device based on a seed is received.
[0077] According to an embodiment of the present invention, after returning a seed to the third terminal device, the second terminal device enters a waiting-for-response phase and receives a security access response value sent by the third terminal device within a preset time window. The security access response value is calculated by the third terminal device based on the seed. Therefore, when the second terminal device receives the response value, it can first check its association with the current session, for example, verifying whether the response value corresponds to the seed already issued, and can associate and record the response value with the current security access level identifier, session identifier, etc.
[0078] In operation S230, a desired response value is generated based on the control unit key preset in the second terminal device, and the desired response value is matched and verified with the security access response value; if the match is successful, the second terminal device is switched to the corresponding diagnostic security access level.
[0079] The control unit key is a final-level key derived by the first terminal device based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device according to a preset multi-level derivation rule.
[0080] According to an embodiment of the present invention, the second terminal device uses the seed already issued in the current session as the challenge input and the control unit key as the key material. It calculates the seed according to the same response calculation rules as the third terminal device to generate the expected response value corresponding to the current session. Subsequently, the second terminal device compares the expected response value with the received secure access response value. If they match, the third terminal device is determined to have the ability to obtain and correctly use the control unit key through offline authorization, thus authentication is successful. If they do not match, authentication fails and a failure response is output. Simultaneously, security policies such as failure count, trigger delay, or locking can be updated.
[0081] Figure 3 The flowchart illustrates an embodiment of the present invention of an offline authentication method for secure access to a vehicle controller unit for diagnostic purposes, applied to a third terminal device.
[0082] like Figure 3 As shown, the method includes operations S310~S350.
[0083] In operation S310, the offline verification file distributed offline by the first terminal device is obtained, and the signature field of the offline verification file is verified.
[0084] According to an embodiment of the present invention, the third terminal device first obtains an offline verification file issued and distributed by the first terminal device offline, for example, by reading the file from a local authorized medium, an offline download package, or preset storage. Subsequently, the third terminal device parses the offline verification file, locates the signature field and necessary metadata related to the signature, and constructs the data to be verified according to preset encoding rules.
[0085] After constructing the data to be verified, the third terminal device calls the verification public key corresponding to the first terminal device's signing private key to verify the signature value in the signature field: the third terminal device recalculates the digest of the data to be verified and uses the verification public key to verify whether the signature value is consistent with the digest. If the verification passes, it confirms that the offline verification file was indeed issued by the first terminal device and has not been tampered with during offline storage, transmission, or distribution; if the verification fails, the offline verification file is determined to be untrustworthy, the third terminal device terminates the subsequent process and refuses to use the offline verification file, thereby preventing attackers from expanding the scope of application or implanting forged key materials by forging or tampering with the authorization policy field or replacing the encryption payload.
[0086] When operating S320, the identity identification number matching rule is obtained based on the authorization policy field in the offline verification file, and the identity identification number of the second terminal device is obtained. Matching and verification are performed according to the identity identification number matching rule.
[0087] According to an embodiment of the present invention, after completing the signature verification of the offline verification file, the third terminal device further parses the authorization policy field in the offline verification file and extracts the identity identification number matching rule used to limit the scope of application. The third terminal device then obtains the identity identification number corresponding to the second terminal device. For example, this acquisition process can be completed by establishing a diagnostic communication session with the second terminal device and sending a request to read the identifier. The identifier data returned by the second terminal device serves as the identity identification number.
[0088] After obtaining the identification number, the third terminal device performs a matching and verification process according to the identification number matching rules: for example, comparing the identification number with each matching item in the rule set to determine whether it meets the range conditions defined by the rules. When the matching rule is a regular expression rule set, the third terminal device can perform pattern matching on each identification number; when the matching rule is a prefix list, the third terminal device can determine whether the identification number starts with any prefix in the list. If the matching verification passes, the second terminal device is considered to fall within the authorized scope of the offline verification file; if the matching verification fails, the second terminal device is considered not to be within the authorized scope, and the third terminal device stops the subsequent key payload decryption and secure access response calculation process, thereby preventing the offline verification file from being used by unauthorized second terminal devices.
[0089] When operating S330, if the signature verification and matching verification pass, the encrypted payload in the offline verification file is decrypted to obtain the control unit key or a derived context for deriving the control unit key.
[0090] According to an embodiment of the present invention, the third terminal device parses the encrypted payload field in the offline verification file and simultaneously obtains the metadata required for decryption related to the encrypted payload, such as the encryption algorithm identifier, initialization vector / random number, payload version number, or key index identifier, to ensure that the subsequent decryption process can be executed correctly. The third terminal device then calls a preset or securely stored decryption key to decrypt the encrypted payload and recover the plaintext payload data.
[0091] According to an embodiment of the present invention, the decryption key may be an authorization key pre-set locally on the third terminal device, or a key selected from the local key library based on the key index carried in the offline verification file.
[0092] In one implementation, the plaintext payload data directly contains the control unit key, which the third terminal device extracts for subsequent secure access response calculation. In another implementation, the plaintext payload data contains a derived context (e.g., attribute identifier values or tag information representing the key field) for deriving the control unit key. The third terminal device extracts the derived context and determines the required control unit key locally accordingly, or uses the derived context for subsequent key deriving processes.
[0093] In operation S340, a secure access seed request is initiated to the second terminal device to obtain the seed. Based on the control unit key or derived context, a secure access response calculation is performed on the seed to obtain the secure access response value.
[0094] According to an embodiment of the present invention, after successfully obtaining the control unit key or derived context, the third terminal device enters the security access challenge-response phase. The third terminal device first establishes a diagnostic communication session with the second terminal device and sends a security access seed request to the second terminal device, indicating that it needs to obtain the seed corresponding to the target security access level. Upon receiving the request, the second terminal device generates a seed for the current session and returns it to the third terminal device. The third terminal device receives and saves the seed, and may also record information such as the session identifier, target security access level, or request sequence number associated with the seed to ensure that subsequent response calculations are consistent with the current session.
[0095] The third terminal device uses the control unit key or derived context as key material, takes the seed as calculation input, and performs calculations on the seed according to the preset response calculation rules to obtain the secure access response value.
[0096] In operation S350, a secure access response value is sent to the second terminal device to trigger secure access verification on the second terminal device.
[0097] The control unit key is a final-level key derived by the first terminal device based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device according to a preset multi-level derivation rule.
[0098] According to an embodiment of the present invention, after sending the security access response value to the second terminal device, if the security access response value can match the expected response value of the second terminal device, the second terminal device correspondingly grants the corresponding access permission; if they cannot match, the access of the third terminal device is denied.
[0099] The offline authentication device for secure access to vehicle controller unit diagnostics in a first terminal device, as provided by the present invention, is described below. The offline authentication device for secure access to vehicle controller unit diagnostics in a first terminal device described below can be referred to in correspondence with the offline authentication method for secure access to vehicle controller unit diagnostics in a first terminal device described above.
[0100] Figure 4 The diagram schematically illustrates the structure of an offline authentication device for secure access diagnostics of an onboard controller unit applied to a first terminal device.
[0101] like Figure 4As shown, the offline authentication device 400 for secure access to vehicle controller unit diagnostics includes a control unit key derivation module 410, an offline verification file generation module 420, an encapsulation module 430, a signature module 440, and a distribution module 450.
[0102] The control unit key derivation module 410 is used to perform key derivation on the root key based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device, according to a preset multi-level derivation rule, and determine the final key as the control unit key of the second terminal device.
[0103] The offline verification file generation module 420 is used to write the authorization policy field into the offline verification file. The authorization policy field is used to limit the scope of application of the offline verification file.
[0104] The encapsulation module 430 is used to encapsulate the control unit key or the derived context used to derive the control unit key as an encrypted payload and write it to the offline verification file.
[0105] The signature module 440 is used to digitally sign offline verification files to generate signature fields.
[0106] The distribution module 450 is used to distribute the offline verification file offline to authorized third-party terminal devices.
[0107] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims
1. An offline authentication method for diagnosing safety access of a vehicle-mounted controller unit, applied to a first terminal device, characterized in that, include: Based on the pre-configured root key and based on at least one attribute identifier corresponding to the second terminal device, the root key is deduced according to the preset multi-level derivation rules, and the final key is determined as the control unit key of the second terminal device. Generate an offline verification file, and write an authorization policy field into the offline verification file. The authorization policy field is used to limit the scope of application of the offline verification file. The control unit key or the derived context used to derive the control unit key is encapsulated as an encrypted payload and written into the offline verification file; The offline verification file is digitally signed to generate a signature field; The offline verification file is distributed offline to authorized third-party terminal devices.
2. The off-line authentication method of claim 1, wherein, The multi-level derivation rules include: The vehicle key is derived from the root key and the vehicle identifier; A region key is derived based on the vehicle key and the region identifier; The year key is obtained based on the regional key and the year identifier; The control unit key is derived based on the year key and the category identifier of the second terminal device.
3. The off-line authentication method of claim 1, wherein, The authorization policy field includes the matching rules for the identification number of the second terminal device.
4. The off-line authentication method of claim 3, wherein, The identification number rules include: a set of regular expression rules for pattern matching of the identification number, or a prefix list for prefix matching of the identification number.
5. The off-line authentication method of claim 1, wherein, The key derivation is implemented through a key derivation function, the input of which includes the encoded value of the previous key and the corresponding attribute identifier.
6. The off-line authentication method of claim 1, wherein, The derived context includes one or more of the following: a year identifier, a region identifier, and a second terminal device category identifier, used to characterize the key domain to which the control unit key belongs.
7. The off-line authentication method of claim 1, wherein, The offline verification file includes an authorization policy field, an encrypted payload field, and a signature field. The signature field is used to perform integrity verification on the authorization policy field and the encrypted payload field.
8. An offline authentication method for vehicle controller unit diagnostic secure access, applied to a second terminal device, characterized in that, include: Receive a security access request initiated by a third terminal device and return a seed for security access to the third terminal device; Receive the security access response value returned by the third terminal device based on the seed; A desired response value is generated based on the control unit key preset in the second terminal device, and the desired response value is matched and verified with the secure access response value; If the match is successful, the second terminal device is switched to the corresponding diagnostic security access level; The control unit key is a final-level key derived by the first terminal device based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device, according to a preset multi-level derivation rule.
9. An offline authentication method for vehicle controller unit diagnostic secure access, applied to a third terminal device, characterized in that, include: Obtain the offline verification file distributed offline by the first terminal device, and verify the signature field of the offline verification file; Based on the authorization policy field in the offline verification file, the identity recognition number matching rule is obtained, and the identity recognition number of the second terminal device is obtained. Matching and verification are performed according to the identity recognition number matching rule. When the signature verification and the matching verification pass, the encrypted payload in the offline verification file is decrypted to obtain the control unit key or a derived context for deriving the control unit key; A secure access seed request is initiated to the second terminal device to obtain a seed, and a secure access response calculation is performed on the seed based on the control unit key or the derived context to obtain a secure access response value; The secure access response value is sent to the second terminal device to trigger the secure access verification of the second terminal device; The control unit key is a final-level key derived by the first terminal device based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device according to a preset multi-level derivation rule.
10. An off-line authentication apparatus for diagnosing security access of an in-vehicle controller unit, applied to a first terminal device, characterized by, include: The control unit key derivation module is used to perform key derivation on the root key based on a pre-configured root key and at least one attribute identifier corresponding to the second terminal device, according to a preset multi-level derivation rule, and determine the final key as the control unit key of the second terminal device. An offline verification file generation module is used to write an authorization policy field into the offline verification file, wherein the authorization policy field is used to limit the scope of application of the offline verification file; An encapsulation module is used to encapsulate the control unit key or a derived context used to derive the control unit key into an encrypted payload and write it into the offline verification file; The signature module is used to digitally sign the offline verification file to generate a signature field; The distribution module is used to distribute the offline verification file offline to authorized third-party terminal devices.