[go: up one dir, main page]

CN114928817A - Vehicle remote control method based on encrypted short message - Google Patents

Vehicle remote control method based on encrypted short message Download PDF

Info

Publication number
CN114928817A
CN114928817A CN202210442674.1A CN202210442674A CN114928817A CN 114928817 A CN114928817 A CN 114928817A CN 202210442674 A CN202210442674 A CN 202210442674A CN 114928817 A CN114928817 A CN 114928817A
Authority
CN
China
Prior art keywords
vehicle
certificate
short message
encrypted
remote control
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210442674.1A
Other languages
Chinese (zh)
Inventor
赵志定
周洪涛
王国政
乔尚平
颜诗敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Zero Run Technology Co Ltd
Original Assignee
Zhejiang Zero Run Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Zero Run Technology Co Ltd filed Critical Zhejiang Zero Run Technology Co Ltd
Priority to CN202210442674.1A priority Critical patent/CN114928817A/en
Publication of CN114928817A publication Critical patent/CN114928817A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明公开了一种基于加密短信的车辆远程控制方法,包括以下步骤:以短信形式对远程车辆唤醒功能进行加密和编码;通过运营商短信网关下发到车载智能终端;车载智能终端接收加密短信并进行判断、校验和解密;确认唤醒短信后车载智能终端执行车辆唤醒功能;通过MQTT协议连接到车辆TSP云端并进行证书校验;更新可信任加密短信来源列表及可信任服务器列表。上述技术方案基于成熟的短信技术,融合加密技术和数字证书认证体系,建立一车一证安全机制,实现安全、可靠的车辆远程控制方法。

Figure 202210442674

The invention discloses a vehicle remote control method based on encrypted short messages, which comprises the following steps: encrypting and encoding a remote vehicle wake-up function in the form of short messages; delivering to a vehicle-mounted intelligent terminal through a short message gateway of an operator; and receiving the encrypted short message by the vehicle-mounted intelligent terminal And carry out judgment, verification and decryption; after confirming the wake-up SMS, the in-vehicle intelligent terminal executes the vehicle wake-up function; connects to the vehicle TSP cloud through the MQTT protocol and performs certificate verification; updates the list of trusted encrypted SMS sources and trusted servers. The above technical solution is based on mature short message technology, integrates encryption technology and digital certificate authentication system, establishes a security mechanism for one vehicle, one certificate, and realizes a safe and reliable vehicle remote control method.

Figure 202210442674

Description

一种基于加密短信的车辆远程控制方法A vehicle remote control method based on encrypted short message

技术领域technical field

本发明涉及车辆控制技术领域,尤其涉及一种基于加密短信的车辆远程控制方法。The invention relates to the technical field of vehicle control, in particular to a vehicle remote control method based on encrypted short messages.

背景技术Background technique

在整个汽车产业升级的背景下,网联汽车发展是必然的趋势,远程车辆控制逐渐普及,对车辆安全唤醒和控制功能提出了更高的要求。利用成熟的短信技术作为载体,融合了数字签名证书系统和加密技术,由云端TSP服务器和车端智能终端构成一车一证方案,对短信内容进行加密后,通过运营商短信网关下发到车载智能终端,终端接收到加密短信,在车载智能终端系统中和通讯链路层调用PKI SDK进行解密和数字验签,获取远程唤醒指令和高优先级车辆控制指令,实现对车辆远程唤醒,及具备高优先级远程车辆控制功能。In the context of the upgrading of the entire automobile industry, the development of connected vehicles is an inevitable trend, and remote vehicle control is gradually becoming popular, which puts forward higher requirements for vehicle safety wake-up and control functions. Using the mature SMS technology as the carrier, it integrates the digital signature certificate system and encryption technology. The cloud TSP server and the vehicle-end intelligent terminal form a one-vehicle-one-certificate scheme. After encrypting the SMS content, it is sent to the vehicle through the operator's SMS gateway. Intelligent terminal, the terminal receives the encrypted short message, calls the PKI SDK in the vehicle intelligent terminal system and the communication link layer for decryption and digital signature verification, obtains the remote wake-up command and high-priority vehicle control command, realizes the remote wake-up of the vehicle, and has High priority remote vehicle control function.

传统基于短信的车辆远程控制,对短信内容未进行加密或认证处理,存在内容容易被截获的风险,存在安全隐患。基于无线数据通讯的车辆远程唤醒功能,车辆终端无法长时间保持常连接,而且存在无线数据网络拥堵和数据连接不稳定情况,导致车辆远程唤醒失败,从而影响其他车辆远程控制功能实现。The traditional short message-based vehicle remote control does not encrypt or authenticate the content of the short message, so there is a risk of the content being easily intercepted, and there is a potential security risk. The vehicle remote wake-up function based on wireless data communication, the vehicle terminal cannot maintain a constant connection for a long time, and the wireless data network is congested and the data connection is unstable, which leads to the failure of the vehicle remote wake-up, thus affecting the realization of other vehicle remote control functions.

中国专利文献CN106292449B公开了一种“基于加密短信远程控制车辆的系统及方法”。包括:客户端,用于对短信进行加密,将短信发送给GSM通信模块;GSM通信模块,用于传送短信和汽车数据,对新的短信进行校验;汽车防盗器,用于根据短信内容采集汽车数据,并将汽车数据发送给GSM通信模块。本发明通过所述客户端对短信进行加密,在每个短信中添加序列号;所述客户端通过GSM网络将短信发送至GSM通信模块,所述GSM通信模块通过序列号和时间戳对短信进行校验,并将校验后的短信发送给汽车防盗器。上述技术方案仅通过短信加密进行通信加密,加密方式单一,难以满足一车一证的唯一性。Chinese patent document CN106292449B discloses a "system and method for remotely controlling vehicles based on encrypted short messages". Including: client, used to encrypt short messages and send short messages to GSM communication module; GSM communication module, used to transmit short messages and car data, and verify new short messages; car anti-theft device, used to collect according to the content of short messages car data, and send the car data to the GSM communication module. In the present invention, the short message is encrypted by the client, and a serial number is added to each short message; the client sends the short message to the GSM communication module through the GSM network, and the GSM communication module processes the short message through the serial number and the time stamp. Verification, and send the verified SMS to the car alarm. The above technical solution only encrypts communication through SMS encryption, and the encryption method is single, and it is difficult to satisfy the uniqueness of one vehicle, one certificate.

发明内容SUMMARY OF THE INVENTION

本发明主要解决原有的技术方案加密方式单一,难以满足一车一证的唯一性的技术问题,提供一种基于加密短信的车辆远程控制方法,基于成熟的短信技术,融合加密技术和数字证书认证体系,建立一车一证安全机制,实现安全、可靠的车辆远程控制方法。The invention mainly solves the technical problem that the original technical scheme has a single encryption method and is difficult to satisfy the uniqueness of one vehicle, one certificate, and provides a vehicle remote control method based on encrypted short messages. Based on mature short message technology, the invention integrates encryption technology and digital certificate. Certification system, establish a safety mechanism for one vehicle, one certificate, and realize a safe and reliable vehicle remote control method.

本发明的上述技术问题主要是通过下述技术方案得以解决的:本发明包括以下步骤:The above-mentioned technical problems of the present invention are mainly solved by the following technical solutions: the present invention comprises the following steps:

S1以短信形式对远程车辆唤醒功能进行加密和编码;S1 encrypts and encodes the remote vehicle wake-up function in the form of SMS;

S2通过运营商短信网关下发到车载智能终端;S2 is sent to the vehicle intelligent terminal through the operator's SMS gateway;

S3车载智能终端接收加密短信并进行判断、校验和解密;S3 vehicle-mounted intelligent terminal receives encrypted short messages and performs judgment, verification and decryption;

S4确认唤醒短信后车载智能终端执行车辆唤醒功能;After S4 confirms the wake-up message, the vehicle-mounted intelligent terminal executes the vehicle wake-up function;

S5通过MQTT协议连接到车辆TSP云端并进行证书校验;S5 connects to the vehicle TSP cloud through the MQTT protocol and performs certificate verification;

S6更新可信任加密短信来源列表及可信任服务器列表;S6 updates the list of trusted encrypted SMS sources and trusted servers;

S7更新车载智能终端内置设备证书和公钥证书。S7 updates the built-in device certificate and public key certificate of the in-vehicle smart terminal.

加密短信的车辆远程控制方法,能够执行优先级高的远程车辆控制指令及业务,包括并不局限于解锁车辆、闪灯鸣笛、开启后备箱等。能够与基于无线数据通讯的车辆远程唤醒方法相融合,在确保安全性的前提下,能够提高车辆远程控制成功率。The vehicle remote control method with encrypted text messages can execute high-priority remote vehicle control commands and services, including but not limited to unlocking the vehicle, flashing the lights and whistle, and opening the trunk. It can be integrated with the vehicle remote wake-up method based on wireless data communication, and under the premise of ensuring safety, it can improve the success rate of vehicle remote control.

作为优选,所述的步骤S3车载智能终端接收到加密短信后,先判断加密短信发送者是否来自可信任的服务器,然后进行短信合法性校验。首先判断是否来自可信任的服务器,以进行第一次判断筛选,提高工作效率。Preferably, after receiving the encrypted short message in step S3, the vehicle-mounted intelligent terminal first judges whether the sender of the encrypted short message is from a trusted server, and then performs the validity check of the short message. First determine whether it is from a trusted server, so as to conduct the first judgment and screening to improve work efficiency.

作为优选,所述的短信合法性校验包括时间有效性校验,T终端当前时间-T解密后获取发送时间≤T时间有效性阈值,避免发生短信重复发送或者短信延迟产生的车辆远程控制误操作情况。通过时间校验保证加密短信内容不能重复使用。Preferably, the validity check of the short message includes time validity check, the current time of the terminal T-T is decrypted to obtain the sending time≤T time validity threshold , so as to avoid vehicle remote control errors caused by repeated short message sending or short message delay. operating conditions. Time verification ensures that the encrypted message content cannot be reused.

作为优选,所述的步骤S3解密具体包括,车载智能终端系统底层和通讯链路层调用内置PKI SDK进行对加密短信解密运算和数字验签,确认为可信的唤醒功能短信。加密算法包括AES、SM1等,能够配合数字证书认证体系,对车辆远程唤醒信息等进行有效加密和解密,并且在加密短信被截获情况下,不容易被破解等,留下安全隐患。Preferably, the decryption in step S3 specifically includes that the bottom layer of the vehicle intelligent terminal system and the communication link layer call the built-in PKI SDK to perform decryption operations on the encrypted short message and digital signature verification, and confirm that it is a credible wake-up function short message. The encryption algorithms include AES, SM1, etc., which can cooperate with the digital certificate authentication system to effectively encrypt and decrypt the vehicle's remote wake-up information, etc., and when the encrypted short message is intercepted, it is not easy to be cracked, leaving security risks.

作为优选,所述的步骤S5车载智能终端通过MQTT协议连接到车辆TSP云端,首先对车辆内置的证书与CA的二级证书服务器验证其有效性,包括车辆设备证书是否在合法在有效期范围内、是否符合一车一证的唯一性,实现车辆与TSP平台的双向身份认证,确保MQTT通信链路的安全性。Preferably, in step S5, the vehicle-mounted intelligent terminal is connected to the vehicle TSP cloud through the MQTT protocol, and firstly, the validity of the vehicle's built-in certificate and the CA's secondary certificate server is verified, including whether the vehicle equipment certificate is legal and within the validity period, Whether it conforms to the uniqueness of one vehicle, one certificate, realizes the two-way identity authentication between the vehicle and the TSP platform, and ensures the security of the MQTT communication link.

作为优选,所述的车辆TSP云端证书系统使用二级证书链架构,由根证书—二级证书—平台证书—车载终端证书组成,平台证书、接入网关证书、车载终端内置证书、设备证书均由二级证书机构来签发,实现一车一证认证体系。Preferably, the vehicle TSP cloud certificate system uses a secondary certificate chain structure, which is composed of a root certificate-secondary certificate-platform certificate-vehicle terminal certificate. The platform certificate, the access gateway certificate, the built-in certificate of the vehicle terminal, and the device certificate are all It is issued by a secondary certificate agency to realize the certification system of one vehicle, one certificate.

作为优选,所述的步骤S6车载智能终端通过MQTT协议连接到车辆TSP云端,车载智能终端能够对内置设备证书、公钥证书进行更新,更新可信任加密短信来源列表,在车辆设备证书超出合法的有效期范围、或被CA证书系统吊销、不符合一车一证的身份认证要求时,由车辆发起证书更新请求服务,TSP平台审核车辆的设备信息,向CA二级服务器申请设备证书更新,并签发新的设备证书下发给车辆。通过加密短信远程控制车辆之后,车载智能终端通过MQTT协议连接到车辆TSP云端,车载智能终端能够对内置设备证书、公钥证书等进行更新。Preferably, the in-vehicle intelligent terminal in step S6 is connected to the vehicle TSP cloud through the MQTT protocol, and the in-vehicle intelligent terminal can update the built-in device certificate and public key certificate, and update the list of trusted encrypted short message sources. When the validity period, or revoked by the CA certificate system, does not meet the identity authentication requirements of one vehicle, one certificate, the vehicle initiates a certificate update request service, the TSP platform reviews the vehicle's equipment information, and applies to the CA secondary server for equipment certificate update, and issues a certificate. A new equipment certificate is issued to the vehicle. After remotely controlling the vehicle through encrypted short messages, the vehicle-mounted intelligent terminal is connected to the vehicle TSP cloud through the MQTT protocol, and the vehicle-mounted intelligent terminal can update the built-in device certificate, public key certificate, etc.

作为优选,当TSP平台更新可信任加密短信来源列表,在完成车辆与TSP平台的双向身份认证后,由TSP平台通过MQTT协议对可信任加密短信来源列表内的IP地址和端口下发至车辆终端对其进行更新。Preferably, when the TSP platform updates the list of trusted encrypted SMS sources, after completing the two-way identity authentication between the vehicle and the TSP platform, the TSP platform sends the IP addresses and ports in the list of trusted encrypted SMS sources to the vehicle terminal through the MQTT protocol. Update it.

本发明的有益效果是:The beneficial effects of the present invention are:

通过加密短信远程控制车辆,车载智能终端通过MQTT协议连接到车辆TSP云端,响应优先级高控车指令,包括并不局限于解锁车辆、闪灯鸣笛、开启后备箱等。响应车主手机APP控车指令,实现车载智能终端执行完整的远程车辆控制功能。车载智能终端能够更新可信任加密短信来源列表,对可信任服务器列表进行更新。车载智能终端能够对内置设备证书、公钥证书等进行更新。车载智能终端结合车辆上下电情况,能够反馈给车辆TSP云端,车辆是否处于低功耗状态。The vehicle is remotely controlled by encrypted SMS, and the in-vehicle intelligent terminal is connected to the vehicle TSP cloud through the MQTT protocol, and responds to high-priority vehicle control commands, including but not limited to unlocking the vehicle, flashing the lights and whistle, and opening the trunk. In response to the car owner's mobile phone APP control command, the vehicle intelligent terminal can perform complete remote vehicle control functions. The in-vehicle intelligent terminal can update the list of trusted encrypted short message sources and update the list of trusted servers. The in-vehicle smart terminal can update the built-in device certificate, public key certificate, etc. The in-vehicle intelligent terminal can feed back to the vehicle TSP cloud whether the vehicle is in a low power consumption state based on the power-on and power-off conditions of the vehicle.

附图说明Description of drawings

图1是本发明的一种流程图。Figure 1 is a flow chart of the present invention.

图2是本发明的一种车辆唤醒功能图。FIG. 2 is a function diagram of a vehicle wake-up function of the present invention.

图3是本发明的一种二级证书链架构图。FIG. 3 is a structural diagram of a secondary certificate chain according to the present invention.

具体实施方式Detailed ways

下面通过实施例,并结合附图,对本发明的技术方案作进一步具体的说明。The technical solutions of the present invention will be further described in detail below through embodiments and in conjunction with the accompanying drawings.

实施例:本实施例的一种基于加密短信的车辆远程控制方法,如图1、图2所示,包括以短信形式对远程车辆唤醒功能进行加密和编码,加密算法包括AES、SM1等,能够配合数字证书认证体系,对车辆远程唤醒信息等进行有效加密和解密,并且在加密短信被截获情况下,不容易被破解等,留下安全隐患。通过运营商短信网关下发到车载智能终端,车载智能终端系统底层和通讯链路层调用内置PKI SDK进行对加密短信解密运算和数字验签,确认为可信的唤醒车辆功能信息后,车载智能终端执行车辆唤醒功能,随后建立移动数据连接,通过MQTT协议连接到车辆TSP云端。加密短信的车辆远程控制方法,能够执行优先级高的远程车辆控制指令及业务,包括并不局限于解锁车辆、闪灯鸣笛、开启后备箱等。Embodiment: A vehicle remote control method based on encrypted short messages in this embodiment, as shown in Figure 1 and Figure 2, includes encrypting and encoding the remote vehicle wake-up function in the form of short messages. The encryption algorithm includes AES, SM1, etc., which can Cooperate with the digital certificate authentication system to effectively encrypt and decrypt the vehicle's remote wake-up information, etc., and when the encrypted short message is intercepted, it is not easy to be cracked, leaving security risks. It is sent to the vehicle intelligent terminal through the operator's SMS gateway. The bottom layer of the vehicle intelligent terminal system and the communication link layer call the built-in PKI SDK to decrypt the encrypted SMS and perform digital signature verification. The terminal performs the vehicle wake-up function, then establishes a mobile data connection, and connects to the vehicle TSP cloud through the MQTT protocol. The vehicle remote control method with encrypted text messages can execute high-priority remote vehicle control commands and services, including but not limited to unlocking the vehicle, flashing the lights and whistle, and opening the trunk.

加密短信通过可信度高的运营商短信网关下发到车载智能终端,车载智能终端接收到加密短信后,先判断加密短信发送者是否来自可信任的服务器,并通过时间校验保证加密短信内容不能重复使用。The encrypted short message is sent to the in-vehicle intelligent terminal through the operator's SMS gateway with high reliability. After receiving the encrypted short message, the in-vehicle intelligent terminal first judges whether the sender of the encrypted short message is from a trusted server, and ensures the content of the encrypted short message through time verification. Cannot be reused.

车载智能终端系统底层和通讯链路层调用内置PKI SDK进行对加密短信解密运算和数字验签,确认为可信的唤醒功能短信后,车载智能终端执行车辆唤醒功能,随后建立移动数据连接,能够通过MQTT协议连接到车辆TSP云端。The bottom layer of the vehicle intelligent terminal system and the communication link layer call the built-in PKI SDK to perform decryption operations on the encrypted SMS and digital signature verification. After confirming that the SMS is a credible wake-up function, the vehicle-mounted intelligent terminal performs the vehicle wake-up function, and then establishes a mobile data connection. Connect to the vehicle TSP cloud through the MQTT protocol.

以远程唤醒加密短信报文为例:Take the remote wake-up encrypted SMS message as an example:

1234567899870478;asdfghjkl;201802271643591234567899870478;asdfghjkl;20180227164359

短信内容采用AES方式进行加密,车机收到加密短信后从休眠状态唤醒,依次执行如下动作:对短信进行解密,短信合法性进行校验,执行条件判断。其中,短信合法性包含时间有效性检验,T(终端当前时间)-T(解密后获取发送时间)≤T(时间有效性阈值),避免重复短信发送情况或者短信延迟产生的车辆远程控制误操作情况发生。The content of the short message is encrypted by AES. After receiving the encrypted short message, the car wakes up from the dormant state and performs the following actions in sequence: decrypt the short message, verify the validity of the short message, and execute condition judgment. Among them, the validity of the short message includes the time validity test, T (the current time of the terminal) -T (the sending time obtained after decryption) ≤ T (the time validity threshold) , to avoid the repeated short message sending or the wrong operation of the vehicle remote control caused by the delay of the short message situation happens.

车辆TSP云端证书系统使用二级证书链架构,由根证书—二级证书—平台证书—车载终端证书组成,平台证书、接入网关证书、车载终端内置证书、设备证书均由二级证书机构来签发,实现一车一证认证体系。The vehicle TSP cloud certificate system uses a secondary certificate chain structure, which consists of a root certificate—secondary certificate—platform certificate—vehicle terminal certificate. Issuance to realize the certification system of one vehicle, one certificate.

车载智能终端通过MQTT协议连接到车辆TSP云端,首先对车辆内置的证书与CA的二级证书服务器验证其有效性,包括车辆设备证书是否在合法在有效期范围内、是否符合一车一证的唯一性等,实现车辆与TSP平台的双向身份认证,确保MQTT通信链路的安全性,并可执行优先级高的远程车辆控制指令及业务,包括并不局限于解锁车辆、闪灯鸣笛、开启后备箱等。The in-vehicle intelligent terminal is connected to the vehicle TSP cloud through the MQTT protocol. First, it verifies the validity of the vehicle's built-in certificate and the CA's secondary certificate server, including whether the vehicle equipment certificate is legal and within the validity period, and whether it conforms to the uniqueness of one vehicle, one certificate. It can realize the two-way identity authentication between the vehicle and the TSP platform, ensure the security of the MQTT communication link, and execute high-priority remote vehicle control commands and services, including but not limited to unlocking the vehicle, flashing the lights and whistle, turning on trunk etc.

通过加密短信远程唤醒车辆之后,车载智能终端通过MQTT协议连接到车辆TSP云端,车载智能终端能够对内置设备证书、公钥证书等进行更新,更新可信任加密短信来源列表。在车辆设备证书超出合法的有效期范围、或被CA证书系统吊销、不符合一车一证的身份认证要求时,由车辆发起证书更新请求服务,TSP平台审核车辆的设备信息等,向CA二级服务器申请设备证书更新,并签发新的设备证书下发给车辆。同样,当TSP平台更新可信任加密短信来源列表,在完成车辆与TSP平台的双向身份认证后,由TSP平台通过MQTT协议对可信任加密短信来源列表内的IP地址和端口等,下发至车辆终端对其进行更新。After remotely waking up the vehicle through encrypted SMS, the vehicle intelligent terminal connects to the vehicle TSP cloud through the MQTT protocol. The vehicle intelligent terminal can update the built-in device certificate, public key certificate, etc., and update the list of trusted encrypted SMS sources. When the vehicle equipment certificate exceeds the legal validity period, or is revoked by the CA certificate system, or does not meet the identity authentication requirements of one vehicle, one certificate, the vehicle initiates the certificate update request service, and the TSP platform reviews the vehicle equipment information, etc., to the CA level 2 The server applies for device certificate update, and issues a new device certificate to the vehicle. Similarly, when the TSP platform updates the list of trusted encrypted SMS sources, after completing the two-way identity authentication between the vehicle and the TSP platform, the TSP platform sends the IP addresses and ports in the list of trusted encrypted SMS sources to the vehicle through the MQTT protocol. terminal to update it.

本文中所描述的具体实施例仅仅是对本发明精神作举例说明。本发明所属技术领域的技术人员可以对所描述的具体实施例做各种各样的修改或补充或采用类似的方式替代,但并不会偏离本发明的精神或者超越所附权利要求书所定义的范围。The specific embodiments described herein are merely illustrative of the spirit of the invention. Those skilled in the art to which the present invention pertains can make various modifications or additions to the described specific embodiments or substitute in similar manners, but will not deviate from the spirit of the present invention or go beyond the definitions of the appended claims range.

尽管本文较多地使用了车载智能终端、TSP云端等术语,但并不排除使用其它术语的可能性。使用这些术语仅仅是为了更方便地描述和解释本发明的本质;把它们解释成任何一种附加的限制都是与本发明精神相违背的。Although this article uses more terms such as vehicle intelligent terminal and TSP cloud, it does not rule out the possibility of using other terms. These terms are used only to more conveniently describe and explain the essence of the present invention; it is contrary to the spirit of the present invention to interpret them as any kind of additional limitation.

Claims (8)

1.一种基于加密短信的车辆远程控制方法,其特征在于,包括以下步骤:1. a vehicle remote control method based on encrypted short message, is characterized in that, comprises the following steps: S1以短信形式对远程车辆唤醒功能进行加密和编码;S1 encrypts and encodes the remote vehicle wake-up function in the form of SMS; S2通过运营商短信网关下发到车载智能终端;S2 is sent to the vehicle intelligent terminal through the operator's SMS gateway; S3车载智能终端接收加密短信并进行判断、校验和解密;S3 vehicle-mounted intelligent terminal receives encrypted short messages and performs judgment, verification and decryption; S4确认唤醒短信后车载智能终端执行车辆唤醒功能;After S4 confirms the wake-up message, the vehicle-mounted intelligent terminal executes the vehicle wake-up function; S5通过MQTT协议连接到车辆TSP云端并进行证书校验;S5 connects to the vehicle TSP cloud through the MQTT protocol and performs certificate verification; S6更新可信任加密短信来源列表及可信任服务器列表;S6 updates the list of trusted encrypted SMS sources and trusted servers; S7更新车载智能终端内置设备证书和公钥证书。S7 updates the built-in device certificate and public key certificate of the in-vehicle smart terminal. 2.根据权利要求1所述的一种基于加密短信的车辆远程控制方法,其特征在于,所述步骤S3车载智能终端接收到加密短信后,先判断加密短信发送者是否来自可信任的服务器,然后进行短信合法性校验。2. a kind of vehicle remote control method based on encrypted short message according to claim 1, is characterized in that, after described step S3 vehicle-mounted intelligent terminal receives encrypted short message, first judges whether encrypted short message sender is from trusted server, Then check the validity of the SMS. 3.根据权利要求2所述的一种基于加密短信的车辆远程控制方法,其特征在于,所述短信合法性校验包括时间有效性校验,T终端当前时间-T解密后获取发送时间≤T时间有效性阈值,避免发生短信重复发送或者短信延迟产生的车辆远程控制误操作情况。3. a kind of vehicle remote control method based on encrypted short message according to claim 2, is characterized in that, described short message legitimacy check comprises time validity check, T terminal current time -T obtains sending time after decryption≤ T time validity threshold to avoid misoperation of vehicle remote control caused by repeated SMS sending or SMS delay. 4.根据权利要求1或2或3所述的一种基于加密短信的车辆远程控制方法,其特征在于,所述步骤S3解密具体包括,车载智能终端系统底层和通讯链路层调用内置PKI SDK进行对加密短信解密运算和数字验签,确认为可信的唤醒功能短信。4. a kind of vehicle remote control method based on encrypted short message according to claim 1 or 2 or 3, is characterized in that, described step S3 decryption specifically comprises, the bottom layer of vehicle intelligent terminal system and communication link layer call built-in PKI SDK Perform decryption operation and digital signature verification on the encrypted short message, and confirm that it is a credible wake-up function short message. 5.根据权利要求1所述的一种基于加密短信的车辆远程控制方法,其特征在于,所述步骤S5车载智能终端通过MQTT协议连接到车辆TSP云端,首先对车辆内置的证书与CA的二级证书服务器验证其有效性,包括车辆设备证书是否在合法在有效期范围内、是否符合一车一证的唯一性,实现车辆与TSP平台的双向身份认证,确保MQTT通信链路的安全性。5. a kind of vehicle remote control method based on encrypted short message according to claim 1, is characterized in that, described step S5 vehicle-mounted intelligent terminal is connected to vehicle TSP cloud by MQTT protocol, at first to vehicle built-in certificate and CA's two. The level certificate server verifies its validity, including whether the vehicle equipment certificate is legal and within the validity period, and whether it conforms to the uniqueness of one vehicle, one certificate, realizes the two-way identity authentication between the vehicle and the TSP platform, and ensures the security of the MQTT communication link. 6.根据权利要求1或5所述的一种基于加密短信的车辆远程控制方法,其特征在于,所述车辆TSP云端证书系统使用二级证书链架构,由根证书—二级证书—平台证书—车载终端证书组成,平台证书、接入网关证书、车载终端内置证书、设备证书均由二级证书机构来签发,实现一车一证认证体系。6. A kind of vehicle remote control method based on encrypted short message according to claim 1 or 5, it is characterized in that, described vehicle TSP cloud certificate system uses secondary certificate chain structure, is composed of root certificate-secondary certificate-platform certificate -Composed of vehicle terminal certificate, platform certificate, access gateway certificate, vehicle terminal built-in certificate, and device certificate are all issued by the secondary certificate authority to realize one vehicle one certificate certification system. 7.根据权利要求1所述的一种基于加密短信的车辆远程控制方法,其特征在于,所述步骤S6车载智能终端通过MQTT协议连接到车辆TSP云端,车载智能终端能够对内置设备证书、公钥证书进行更新,更新可信任加密短信来源列表,在车辆设备证书超出合法的有效期范围、或被CA证书系统吊销、不符合一车一证的身份认证要求时,由车辆发起证书更新请求服务,TSP平台审核车辆的设备信息,向CA二级服务器申请设备证书更新,并签发新的设备证书下发给车辆。7. a kind of vehicle remote control method based on encrypted short message according to claim 1, is characterized in that, described step S6 vehicle-mounted intelligent terminal is connected to vehicle TSP cloud by MQTT protocol, vehicle-mounted intelligent terminal The key certificate is updated, and the list of trusted encrypted SMS sources is updated. When the vehicle equipment certificate exceeds the legal validity period, or is revoked by the CA certificate system, and does not meet the identity authentication requirements of one vehicle, one certificate, the vehicle initiates the certificate update request service. The TSP platform reviews the equipment information of the vehicle, applies to the CA secondary server for the renewal of the equipment certificate, and issues a new equipment certificate to the vehicle. 8.根据权利要求5或7所述的一种基于加密短信的车辆远程控制方法,其特征在于,当TSP平台更新可信任加密短信来源列表,在完成车辆与TSP平台的双向身份认证后,由TSP平台通过MQTT协议对可信任加密短信来源列表内的IP地址和端口下发至车辆终端对其进行更新。8. a kind of vehicle remote control method based on encrypted short message according to claim 5 or 7, is characterized in that, when TSP platform updates trustworthy encrypted short message source list, after completing the two-way identity authentication of vehicle and TSP platform, by The TSP platform sends the IP address and port in the trusted encrypted short message source list to the vehicle terminal through the MQTT protocol to update it.
CN202210442674.1A 2022-04-25 2022-04-25 Vehicle remote control method based on encrypted short message Pending CN114928817A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210442674.1A CN114928817A (en) 2022-04-25 2022-04-25 Vehicle remote control method based on encrypted short message

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210442674.1A CN114928817A (en) 2022-04-25 2022-04-25 Vehicle remote control method based on encrypted short message

Publications (1)

Publication Number Publication Date
CN114928817A true CN114928817A (en) 2022-08-19

Family

ID=82807553

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210442674.1A Pending CN114928817A (en) 2022-04-25 2022-04-25 Vehicle remote control method based on encrypted short message

Country Status (1)

Country Link
CN (1) CN114928817A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116347368A (en) * 2022-12-16 2023-06-27 伯泰克汽车电子(芜湖)有限公司 Vehicle remote control system and method based on mobile phone short message
CN119172416A (en) * 2023-06-20 2024-12-20 深圳联友科技有限公司 A wake-up method for a vehicle-mounted intelligent terminal and related equipment

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101881104A (en) * 2010-06-18 2010-11-10 烟台麦特电子有限公司 Vehicle-mounted terminal used for remotely unlocking vehicle central lock and unlocking method thereof
CN104363266A (en) * 2014-10-23 2015-02-18 北京远特科技有限公司 Remote vehicle control method, TSP (telematics service provider) backstage system and vehicular terminal
US20160075293A1 (en) * 2014-09-16 2016-03-17 Hyundai Motor Company Method and system for remotely controlling telematics unit of vehicle
KR20160058546A (en) * 2014-11-17 2016-05-25 현대자동차주식회사 Communication device of vehicle
US20170180330A1 (en) * 2015-12-18 2017-06-22 Le Holdings (Beijing) Co., Ltd. Method and electronic device for vehicle remote control and a non-transitory computer readable storage medium
CN107566464A (en) * 2017-08-22 2018-01-09 济宁中科先进技术研究院有限公司 The automobile double mode automatic switch door device and its method of attack resistance
CN109727358A (en) * 2019-02-21 2019-05-07 深圳四海万联科技有限公司 Vehicle share system based on bluetooth key
US20190159026A1 (en) * 2017-11-20 2019-05-23 Valeo North America, Inc. Hybrid authentication of vehicle devices and/or mobile user devices
CN110581882A (en) * 2019-07-31 2019-12-17 华为技术有限公司 A service implementation method and electronic device
CN111065081A (en) * 2019-12-30 2020-04-24 上海博泰悦臻网络技术服务有限公司 A Bluetooth-based information exchange method and device
CN111638704A (en) * 2020-06-03 2020-09-08 上海蔚来汽车有限公司 Method, system and device for remotely waking up a vehicle
US20210185495A1 (en) * 2019-12-13 2021-06-17 Hyundai Motor Company Apparatus for controlling a vehicle using low power communication and method thereof
CN113709695A (en) * 2021-08-04 2021-11-26 一汽解放汽车有限公司 Vehicle use authorization method and system
CN113873448A (en) * 2021-08-24 2021-12-31 江铃汽车股份有限公司 Method for remotely waking up vehicle-mounted intelligent terminal after sleeping

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101881104A (en) * 2010-06-18 2010-11-10 烟台麦特电子有限公司 Vehicle-mounted terminal used for remotely unlocking vehicle central lock and unlocking method thereof
US20160075293A1 (en) * 2014-09-16 2016-03-17 Hyundai Motor Company Method and system for remotely controlling telematics unit of vehicle
CN104363266A (en) * 2014-10-23 2015-02-18 北京远特科技有限公司 Remote vehicle control method, TSP (telematics service provider) backstage system and vehicular terminal
KR20160058546A (en) * 2014-11-17 2016-05-25 현대자동차주식회사 Communication device of vehicle
US20170180330A1 (en) * 2015-12-18 2017-06-22 Le Holdings (Beijing) Co., Ltd. Method and electronic device for vehicle remote control and a non-transitory computer readable storage medium
CN107566464A (en) * 2017-08-22 2018-01-09 济宁中科先进技术研究院有限公司 The automobile double mode automatic switch door device and its method of attack resistance
US20190159026A1 (en) * 2017-11-20 2019-05-23 Valeo North America, Inc. Hybrid authentication of vehicle devices and/or mobile user devices
CN109727358A (en) * 2019-02-21 2019-05-07 深圳四海万联科技有限公司 Vehicle share system based on bluetooth key
CN110581882A (en) * 2019-07-31 2019-12-17 华为技术有限公司 A service implementation method and electronic device
US20210185495A1 (en) * 2019-12-13 2021-06-17 Hyundai Motor Company Apparatus for controlling a vehicle using low power communication and method thereof
CN111065081A (en) * 2019-12-30 2020-04-24 上海博泰悦臻网络技术服务有限公司 A Bluetooth-based information exchange method and device
CN111638704A (en) * 2020-06-03 2020-09-08 上海蔚来汽车有限公司 Method, system and device for remotely waking up a vehicle
CN113709695A (en) * 2021-08-04 2021-11-26 一汽解放汽车有限公司 Vehicle use authorization method and system
CN113873448A (en) * 2021-08-24 2021-12-31 江铃汽车股份有限公司 Method for remotely waking up vehicle-mounted intelligent terminal after sleeping

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
夏宝华;李佳;胡孟永;: "UDP穿透NAT技术实现数据唤醒车联网T-Box设备的方案", 电子技术与软件工程 *
胡文;姜立标;: "智能网联汽车的多级安全防护方案设计和分析", 网络安全技术与应用 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116347368A (en) * 2022-12-16 2023-06-27 伯泰克汽车电子(芜湖)有限公司 Vehicle remote control system and method based on mobile phone short message
CN119172416A (en) * 2023-06-20 2024-12-20 深圳联友科技有限公司 A wake-up method for a vehicle-mounted intelligent terminal and related equipment

Similar Documents

Publication Publication Date Title
US20230007484A1 (en) Wireless access credential system
CN107846395B (en) Method, system, medium, and vehicle for securing communications on a vehicle bus
US9990783B2 (en) Regulating vehicle access using cryptographic methods
CN104363266B (en) Method, TSP background systems and the car-mounted terminal of remote control vehicle
US20150264017A1 (en) Secure vehicle data communications
CN110324335B (en) Automobile software upgrading method and system based on electronic mobile certificate
WO2017101310A1 (en) Remote control method, device and system for vehicle
KR102065138B1 (en) Method and system for providing security for establishing initial contact between mobile device and device
CN111638704A (en) Method, system and device for remotely waking up a vehicle
CN113572795B (en) Vehicle safety communication method, system and vehicle-mounted terminal
CN117097462B (en) Vehicle-mounted intelligent software upgrading encryption system based on quantum key system
CN101663903A (en) Secure soft sim credential transfer
CN113556710B (en) Vehicle Bluetooth key method and device and vehicle
CN114928817A (en) Vehicle remote control method based on encrypted short message
WO2024002143A1 (en) Root certificate updating method and apparatus
CN101345723B (en) Management authentication method and system of client gateway
CN118842648B (en) Quantum Fusion 5G Encryption Method for IoT Terminals
JP2018041200A (en) In-vehicle communication device, management device, management method, and monitoring program
KR102224726B1 (en) METHOD FOR ISSUING TEMPORAY CERTIFICATE FOR IoT DEVICE
WO2025004126A1 (en) In-vehicle device and vehicle authentication system
CN108933761A (en) A kind of the control flow encryption method and system of Intelligent hardware product
CN109426512A (en) Monitor terminal, the monitor supervision platform, system and method for vehicle components program upgrading
JP2007104733A (en) COMMUNICATION SECURITY MAINTAINING METHOD, APPARATUS THEREOF, AND PROCESSING PROGRAM THEREOF
CN116055109A (en) Encryption method and system for remote activation of edge computing
CN115996375A (en) A method and system for realizing over-the-air vehicle downloading

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20220819

RJ01 Rejection of invention patent application after publication