CN111314275A - Method for encrypting CAN (controller area network) of drive-by-wire chassis - Google Patents
Method for encrypting CAN (controller area network) of drive-by-wire chassis Download PDFInfo
- Publication number
- CN111314275A CN111314275A CN201911091214.3A CN201911091214A CN111314275A CN 111314275 A CN111314275 A CN 111314275A CN 201911091214 A CN201911091214 A CN 201911091214A CN 111314275 A CN111314275 A CN 111314275A
- Authority
- CN
- China
- Prior art keywords
- plaintext
- controller
- drive
- encrypting
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 230000003993 interaction Effects 0.000 claims abstract description 4
- 238000004364 calculation method Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000005265 energy consumption Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L12/40169—Flexible bus arrangements
- H04L12/40176—Flexible bus arrangements involving redundancy
- H04L12/40182—Flexible bus arrangements involving redundancy by using a plurality of communication lines
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/40—Bus networks
- H04L2012/40208—Bus networks characterized by the use of a particular bus standard
- H04L2012/40215—Controller Area Network CAN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Small-Scale Networks (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
Abstract
The invention discloses a method for encrypting a CAN network of a drive-by-wire chassis, which comprises the following steps: the sending controller encrypts a CAN message plaintext by using a DES encryption algorithm to form a CAN encrypted message; the sending controller splits the encrypted message according to a specified rule; the signals are simultaneously sent to a receiving controller through two paths of CAN; the receiving controller combines the messages according to the specified rule, and the CAN plaintext is obtained through the DES decryption algorithm, so that bus control and information interaction are realized.
Description
The technical field is as follows:
the invention relates to a method for encrypting a CAN (controller area network) of a drive-by-wire chassis, belonging to the technical field of telecommunication.
Background art:
with the technical advance of intelligent networking, automatic driving and unmanned platforms, the CAN network security requirement of the wire control chassis system is more and more urgent, and the CAN network security plays a very important role in the development of the automobile industry towards the direction of intellectualization and automation. The native automobile drive-by-wire chassis system adopts a plaintext type bus for communication without any safety processing. Therefore, hackers CAN acquire the authority of controlling the functions of automobile steering, braking and the like through the CAN bus, and the system has great risk. At present, the adopted encryption method is based on message authentication codes of encryption and complex key management to protect CAN communication, but the CAN bus load, message delay and calculation energy consumption are increased.
The invention content is as follows:
the invention provides a CAN network encryption method for a wire-controlled chassis, which aims to solve the problems in the prior art, and adopts a double-CAN network to realize bus encryption, encrypted messages are dispersed on two CAN networks, and the encrypted messages CAN be analyzed into plaintext after being synchronously received and combined.
The technical scheme adopted by the invention is as follows: a method for encrypting a CAN network of a drive-by-wire chassis is characterized by comprising the following steps: the method comprises the following steps:
(1) the sending controller encrypts the CAN plaintext by using a DES encryption algorithm to form a CAN encrypted message;
(2) the sending controller splits the encrypted message according to the specified rule;
(3) sending to the receiving controller through two paths of CAN simultaneously;
(4) and the receiving controller combines the messages according to the specified rule, and obtains the CAN plaintext through a DES decryption algorithm, thereby realizing bus control and information interaction.
Further, the specified rule is specifically as follows: the CAN plaintext 1 frame message comprises 8 bytes, the encrypted information is 16 bytes, the encrypted information is divided into two messages according to a dislocation principle, and the two messages are sent on two CAN buses
The invention has the following beneficial effects:
1. the CAN encryption function CAN be quickly realized, the message encryption is realized by utilizing the current mature and quick encryption algorithm, and the computational power requirement of the controller is reduced;
2. performance indexes such as CAN bus load rate, message delay, calculation energy consumption and the like of the system are not influenced;
3. the double CAN network enhances the network robustness, increases the network cracking difficulty, improves the encryption characteristic of the CAN bus and achieves the aim of safety protection;
4. the double CAN messages are synchronous, and the signal integrity and consistency check CAN be completed.
Description of the drawings:
FIG. 1 is a schematic diagram of a chassis-by-wire CAN network encryption method of the present invention.
The specific implementation mode is as follows:
the invention will be further described with reference to the accompanying drawings.
The invention relates to a method for encrypting a Controller Area Network (CAN) of a drive-by-wire chassis, which comprises the following steps of:
(1) the sending controller encrypts the CAN message plaintext by using a DES encryption algorithm to form a CAN encrypted message;
(2) the sending controller splits the encrypted message according to the specified rule;
(3) sending to the receiving controller through two paths of CAN simultaneously;
(4) and the receiving controller combines the messages according to the specified rule, and obtains the CAN plaintext through a DES decryption algorithm, thereby realizing bus control and information interaction.
The specific rule is as follows: the CAN plaintext 1 frame message comprises 8 bytes, the encrypted information is 16 bytes, and the encrypted information is divided into two messages according to a dislocation principle and is sent on two CAN buses.
The encryption method of the CAN network of the drive-by-wire chassis CAN realize message encryption, improve the system cracking complexity, effectively improve the safety of the CAN network and realize the aim of CAN network encryption.
The foregoing is only a preferred embodiment of this invention and it should be noted that modifications can be made by those skilled in the art without departing from the principle of the invention and these modifications should also be considered as the protection scope of the invention.
Claims (2)
1. A method for encrypting a CAN network of a drive-by-wire chassis is characterized by comprising the following steps: the method comprises the following steps:
(1) the sending controller encrypts the CAN plaintext by using a DES encryption algorithm to form a CAN encrypted message;
(2) the sending controller splits the encrypted message according to the specified rule;
(3) sending to the receiving controller through two paths of CAN simultaneously;
(4) and the receiving controller combines the messages according to the specified rule, and obtains the CAN plaintext through a DES decryption algorithm, thereby realizing bus control and information interaction.
2. The chassis-by-wire CAN network encryption method of claim 1, wherein: the specified rule is specifically as follows: the CAN plaintext 1 frame message comprises 8 bytes, the encrypted information is 16 bytes, and the encrypted information is divided into two messages according to a dislocation principle and is sent on two CAN buses.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911091214.3A CN111314275A (en) | 2019-11-09 | 2019-11-09 | Method for encrypting CAN (controller area network) of drive-by-wire chassis |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911091214.3A CN111314275A (en) | 2019-11-09 | 2019-11-09 | Method for encrypting CAN (controller area network) of drive-by-wire chassis |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111314275A true CN111314275A (en) | 2020-06-19 |
Family
ID=71161330
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911091214.3A Pending CN111314275A (en) | 2019-11-09 | 2019-11-09 | Method for encrypting CAN (controller area network) of drive-by-wire chassis |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111314275A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115296861A (en) * | 2022-07-15 | 2022-11-04 | 智己汽车科技有限公司 | Network security communication method and control device of vehicle-mounted CAN bus |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5784547A (en) * | 1995-03-16 | 1998-07-21 | Abb Patent Gmbh | Method for fault-tolerant communication under strictly real-time conditions |
| CN101286940A (en) * | 2008-05-12 | 2008-10-15 | 北京邮电大学 | Dual redundant CAN bus communication system and its communication method |
| CN102238046A (en) * | 2010-05-06 | 2011-11-09 | 上海固泰科技有限公司 | CAN (Controller Area Network) bus physical layer testing method |
| CN103051507A (en) * | 2013-01-21 | 2013-04-17 | 普华基础软件股份有限公司 | Method for data transmission based on multichannel CAN (Controller Area Network) bus bundling |
| CN106143364A (en) * | 2016-07-22 | 2016-11-23 | 北京航空航天大学 | A kind of electric automobile distributed director information security method and system |
| CN106789509A (en) * | 2016-12-21 | 2017-05-31 | 中国船舶重工集团公司第七研究所 | A kind of data communications method of redundant CAN bus communication system |
| CN106945632A (en) * | 2016-01-06 | 2017-07-14 | 陕西重型汽车有限公司 | A kind of method and system of the remote control vehicle based on AES |
-
2019
- 2019-11-09 CN CN201911091214.3A patent/CN111314275A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5784547A (en) * | 1995-03-16 | 1998-07-21 | Abb Patent Gmbh | Method for fault-tolerant communication under strictly real-time conditions |
| CN101286940A (en) * | 2008-05-12 | 2008-10-15 | 北京邮电大学 | Dual redundant CAN bus communication system and its communication method |
| CN102238046A (en) * | 2010-05-06 | 2011-11-09 | 上海固泰科技有限公司 | CAN (Controller Area Network) bus physical layer testing method |
| CN103051507A (en) * | 2013-01-21 | 2013-04-17 | 普华基础软件股份有限公司 | Method for data transmission based on multichannel CAN (Controller Area Network) bus bundling |
| CN106945632A (en) * | 2016-01-06 | 2017-07-14 | 陕西重型汽车有限公司 | A kind of method and system of the remote control vehicle based on AES |
| CN106143364A (en) * | 2016-07-22 | 2016-11-23 | 北京航空航天大学 | A kind of electric automobile distributed director information security method and system |
| CN106789509A (en) * | 2016-12-21 | 2017-05-31 | 中国船舶重工集团公司第七研究所 | A kind of data communications method of redundant CAN bus communication system |
Non-Patent Citations (1)
| Title |
|---|
| 黄宏伟等: "《枫林学院 21》", 30 April 2018, 上海:同济大学出版社 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115296861A (en) * | 2022-07-15 | 2022-11-04 | 智己汽车科技有限公司 | Network security communication method and control device of vehicle-mounted CAN bus |
| CN115296861B (en) * | 2022-07-15 | 2023-06-06 | 智己汽车科技有限公司 | Network safety communication method and control device of vehicle-mounted CAN bus |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107846395B (en) | Method, system, medium, and vehicle for securing communications on a vehicle bus | |
| CN109033862A (en) | A kind of distributed locomotive electronic system protecting information safety method | |
| CN104811427B (en) | A kind of safe industrial control system communication means | |
| CN106685653A (en) | A vehicle remote firmware update method and device based on information security technology | |
| CN112636923B (en) | Engineering machinery CAN equipment identity authentication method and system | |
| US11218309B2 (en) | Vehicle communication system and vehicle communication method | |
| CN112688945A (en) | Transmission method and transmission system for terminal data of Internet of things | |
| CN104811434A (en) | Data transmission method and data reception method between controllers in vehicle network | |
| CN105337954A (en) | Method and device for encryption and decryption of IP message in satellite communication | |
| CN114157489A (en) | Communication domain controller safety communication method based on periodic authentication handshake mechanism | |
| CN112073193B (en) | Information safety processing method, device and system and engineering vehicle | |
| CN111314275A (en) | Method for encrypting CAN (controller area network) of drive-by-wire chassis | |
| CN110035080B (en) | Encryption and decryption system and method for vehicle-mounted terminal | |
| CN103368742A (en) | Intelligent distribution terminal security protection method based on asymmetric digital signature authentication | |
| CN110222519A (en) | A kind of data processing system and method in configurable channel | |
| CN104734846A (en) | Quantum cryptographic key distribution control device and method | |
| CN108879963B (en) | Power load management device and method | |
| CN116707993A (en) | A lightweight data encryption method for smart light pole system | |
| CN114938272B (en) | Ship-shore data communication encryption device and method based on SM2 encryption algorithm | |
| CN105162825A (en) | Safe file transmission method | |
| CN113434181B (en) | Software upgrading method and device, electronic equipment and storage medium | |
| CN114362997A (en) | Data transmission method and device for intelligent equipment of transformer substation, intelligent equipment and medium | |
| CN115085925A (en) | Method and device for processing security chip through combination encryption of key information | |
| CN114499958A (en) | Control method and device, vehicle and storage medium | |
| CN113542254A (en) | A fusion terminal security access system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200619 |
|
| RJ01 | Rejection of invention patent application after publication |