CN108944784B - Authentication method and system for engine anti-theft unit - Google Patents

Authentication method and system for engine anti-theft unit Download PDF

Info

Publication number
CN108944784B
CN108944784B CN201810871874.2A CN201810871874A CN108944784B CN 108944784 B CN108944784 B CN 108944784B CN 201810871874 A CN201810871874 A CN 201810871874A CN 108944784 B CN108944784 B CN 108944784B
Authority
CN
China
Prior art keywords
ignition
engine
random number
control unit
theft
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810871874.2A
Other languages
Chinese (zh)
Other versions
CN108944784A (en
Inventor
李朋飞
李创举
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Jianghuai Automobile Group Corp
Original Assignee
Anhui Jianghuai Automobile Group Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Jianghuai Automobile Group Corp filed Critical Anhui Jianghuai Automobile Group Corp
Priority to CN201810871874.2A priority Critical patent/CN108944784B/en
Publication of CN108944784A publication Critical patent/CN108944784A/en
Application granted granted Critical
Publication of CN108944784B publication Critical patent/CN108944784B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/01Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens
    • B60R25/04Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens operating on the propulsion system, e.g. engine or drive motor
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/24Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/01Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens
    • B60R25/04Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens operating on the propulsion system, e.g. engine or drive motor
    • B60R2025/0405Fittings or systems for preventing or indicating unauthorised use or theft of vehicles operating on vehicle systems or fittings, e.g. on doors, seats or windscreens operating on the propulsion system, e.g. engine or drive motor from the external

Landscapes

  • Engineering & Computer Science (AREA)
  • Mechanical Engineering (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The invention relates to the field of automobile safety, in particular to an authentication method and an authentication system for an engine anti-theft unit, wherein the method comprises the following steps: detecting whether an ignition signal of an ignition lock is received; if yes, calculating the current first ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted; carrying out irreversible encryption operation on the plaintext to obtain authentication data; and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, the vehicle VIN code and the random number, then comparing the authentication data with the encrypted data, and if the authentication data and the encrypted data are consistent, controlling the engine to start and run. By the invention, the anti-theft safety level of the vehicle is improved.

Description

Authentication method and system for engine anti-theft unit
Technical Field
The invention relates to the field of automobile safety, in particular to an authentication method and an authentication system for an engine anti-theft unit.
Background
With the rapid increase of the automobile holding capacity, cases of automobile theft sometimes occur all over the country; according to the statistics of China insurance, 4255 motor vehicles are stolen in 2016 nationwide. Automobile anti-theft devices have been developed from early mechanical to electronic anti-theft devices; the anti-theft system of the engine mainly controls the starting and the running of the engine so as to achieve the anti-theft purpose.
The engine anti-theft system can be roughly divided into an authentication process and an authentication process to realize the anti-theft of the engine system; the authentication is that the engine anti-theft unit identifies the identity of a user, and the authentication is that the authentication is carried out between the engine anti-theft unit and the engine control unit; the engine control unit allows the starting and running of the engine only if both authentication and authentication are completed.
In the authentication process, the engine anti-theft unit can identify the user ID through an encrypted wireless communication mode so as to confirm the identity of the user. After the authentication is successful, the authentication process is started, the engine anti-theft unit CAN initiate authentication request information, and the authentication request information is sent to the engine control unit through the CAN bus. The engine control unit authenticates the information sent by the engine anti-theft unit, and after the authentication is completed, the engine is allowed to start and operate.
Aiming at the authentication process between an engine control unit and an engine anti-theft unit, the prior technical scheme adopts two technical means to complete the authentication process; the CAN bus technology is adopted, and the encrypted data transmission is adopted.
The application method of the CAN bus technology is that the engine control unit and the engine anti-theft unit both comprise software and hardware interfaces necessary for the CAN bus and are connected to the same CAN network of the vehicle.
In the aspect of encrypted data transmission, the method mainly comprises the steps that the engine control unit and the engine anti-theft unit respectively store the same secret key into the engine control unit and the engine anti-theft unit, the engine anti-theft unit encrypts plaintext into ciphertext by using the secret key and a certain encryption algorithm to form ciphertext at the beginning of authentication each time, the ciphertext is sent to the engine control unit through a CAN bus, the engine control unit decrypts the ciphertext by using the same secret key and a corresponding decryption algorithm to obtain the plaintext, and once the engine control unit decrypts the ciphertext successfully, the engine control unit CAN judge that the authentication is passed. Since the same key and the same encryption algorithm are used between the engine anti-theft unit and the engine control unit, the authentication between the engine anti-theft unit and the engine control unit is passed as long as the engine anti-theft unit and the engine control unit are matched.
However, the above encryption algorithm is usually a conventional encryption algorithm or a factory-defined encryption algorithm, and they are all characterized by using a secret key for encryption; but these encryption algorithms are either public or readily available. The security point of the above encryption method is the security of the key; the data encryption by using the key has the problem of key storage and distribution, and once the key is leaked and stolen, the encryption in the authentication process is cracked.
Disclosure of Invention
Aiming at the defects and shortcomings in the prior art, the invention provides an authentication method of an engine anti-theft unit, which is used for encrypting the communication between an engine control unit and the engine anti-theft unit more strictly and improving the anti-theft safety level of a vehicle.
In order to achieve the purpose, the invention provides the following technical scheme:
a method of authentication of an engine anti-theft unit, the method comprising:
detecting whether an ignition signal of an ignition lock is received;
if yes, calculating the current first ignition frequency according to the ignition signal;
combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted;
carrying out irreversible encryption operation on the plaintext to obtain authentication data;
and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, the vehicle VIN code and the random number, comparing the authentication data with the encrypted data, and controlling the engine to start and run if the authentication data and the encrypted data are consistent.
Preferably, the method further comprises:
before combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted, acquiring the ID of an ignition anti-theft device connected with the ignition lock;
detecting whether the ID is valid;
if so, combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted.
Preferably, the calculating the current first ignition number according to the ignition signal comprises:
setting a 16-bit first ignition counter before detecting whether an ignition signal of an ignition lock is received;
after receiving the ignition signal, adding 8 to the first ignition counter;
detecting whether the value of the first ignition counter is equal to a set value; if not, obtaining the current first ignition frequency;
otherwise, initializing the first ignition counter.
Preferably, the combining the vehicle VIN code and the random number according to the first ignition number to obtain the plaintext to be encrypted includes:
dividing the first ignition frequency into equal parts according to positions, adding the high setting position and the low setting position after dividing equally, and then discarding an overflow position to obtain a first shift number of the setting position;
circularly left-shifting or right-shifting the random number by the first shift number to obtain a first synchronous number;
storing the complement of the first synchronization number as a new random number;
and combining the vehicle VIN code and the first synchronous number to obtain a plaintext to be encrypted.
Preferably, the obtaining, by the engine control unit, the encrypted data according to the ignition signal, the vehicle VIN code, and the random number specifically includes:
setting a second ignition counter identical to the first ignition counter;
the engine control unit detects whether an ignition signal of the ignition lock is received;
if yes, adding 8 to the second ignition counter;
detecting whether the value of the second ignition counter is equal to a set value; if not, obtaining the current second ignition frequency;
dividing the current second ignition frequency into equal parts according to positions, adding the divided high setting positions and low setting positions, and then discarding overflow positions to obtain a second shift number of the setting positions;
circularly left-shifting or right-shifting the random number by the second shift number to obtain a second synchronous number;
storing the complement of the second synchronization number as a new random number;
and combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data.
Preferably, the combining the vehicle VIN code and the random number according to the first ignition number to obtain the plaintext to be encrypted includes:
dividing the first ignition times into 4 x 4 row-column matrixes according to the bit average to obtain a first shift matrix;
averagely splitting the random number into 4 x 4 row-column matrixes according to bytes, and circularly moving the row data of 4 rows to the left or moving the row data of 4 rows to the right by the shift number of the row corresponding to the first shift number matrix; after obtaining a new 4 x 4 row-column matrix, performing row-column setting by a method of replacing the nth column with the nth row; after a new row matrix and a new column matrix are obtained, merging the new row matrix and the new column matrix into new data according to a reverse method of the splitting method to obtain a first synchronization number;
storing the first synchronization number as a new random number;
and combining the vehicle VIN code and the first synchronization number to obtain a plaintext to be encrypted, wherein n is more than or equal to 1 and less than or equal to 4. Preferably, the obtaining, by the engine control unit, the encrypted data according to the ignition signal, the vehicle VIN code, and the random number specifically includes:
setting a second ignition counter identical to the first ignition counter;
the engine control unit detects whether an ignition signal of the ignition lock is received; if yes, adding 8 to the second ignition counter;
detecting whether the value of the second ignition counter is equal to a set value; if not, obtaining the current second ignition frequency;
dividing the second ignition times into 4 x 4 row-column matrixes according to bit average to obtain a second shift matrix;
averagely splitting the random number into 4 x 4 row-column matrixes according to bytes, and circularly moving the row data of 4 rows to the left or moving the row data of 4 rows to the right by the shift number of the corresponding row of the second shift number matrix respectively; after obtaining a new 4 x 4 row-column matrix, performing row-column setting by a method of replacing the nth column with the nth row; after a new row matrix and a new column matrix are obtained, merging the new row matrix and the new column matrix into new data according to a reverse method of the splitting method to obtain a second synchronization number;
storing the second synchronization number as a new random number;
and combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data, wherein n is more than or equal to 1 and less than or equal to 4.
An authentication system for an engine anti-theft unit, the system comprising: the ignition lock is respectively connected with the engine anti-theft unit and the engine control unit; the engine control unit is connected with an engine; the engine anti-theft unit is connected with the engine control unit through a CAN bus; vehicle VIN codes and random numbers are stored in the engine anti-theft unit and the engine control unit; the engine anti-theft unit detects whether an ignition signal of an ignition lock is received; if yes, the engine anti-theft unit calculates the current first ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted; carrying out irreversible encryption operation on the plaintext to obtain authentication data, and sending the authentication data to the engine control unit; the engine control unit detects whether an ignition signal of an ignition lock is received; if yes, the engine control unit calculates the current second ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the second ignition frequency and then carrying out irreversible encryption operation to obtain encrypted data; the engine control unit compares the authentication data with the encrypted data, and controls the engine to start and operate if the authentication data is identical to the encrypted data.
Preferably, the system further comprises:
the ignition anti-theft device is respectively connected with the ignition lock and the engine anti-theft unit, and the engine anti-theft unit acquires the ID of the ignition anti-theft device before combining the VIN code of the vehicle and random data according to the first ignition frequency to obtain a plaintext to be encrypted; detecting whether the ID is valid; if so, combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted.
Preferably, the system further comprises:
production offline detection equipment; and the VIN code and the random number of the vehicle stored in the engine anti-theft unit and the engine control unit are written by the production offline equipment after the vehicle is offline.
The invention has the beneficial effects that:
the invention provides an authentication method and system for an engine anti-theft unit, wherein the engine anti-theft unit detects whether an ignition signal of an ignition lock is received; if so, calculating the current first ignition frequency according to the ignition signal, and combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted; carrying out irreversible encryption operation on the plaintext to obtain authentication data; and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, comparing the authentication data with the encrypted data, and controlling the engine to start and run if the authentication data and the encrypted data are consistent. The invention improves the anti-theft safety level of the vehicle.
Drawings
FIG. 1 is a flow chart of a method for authenticating an engine anti-theft unit according to an embodiment of the present invention.
Fig. 2 is a schematic structural diagram of an authentication system of an engine anti-theft unit according to an embodiment of the invention.
Detailed Description
So that those skilled in the art can further understand the features and technical contents of the present invention, the following detailed description of the embodiments of the present invention is provided in conjunction with the accompanying drawings and the embodiments.
Fig. 1 is a flowchart of an authentication method of an engine anti-theft unit according to an embodiment of the present invention, including the following steps:
step 101: and starting.
Step 102: detecting whether an ignition signal of an ignition lock is received; if yes, go to step 103; otherwise, step 102 is performed.
In the embodiment of the present invention, the ignition signal is not limited to the ignition signal obtained from the ignition lock, and the ignition signal may be a signal from a mechanical ignition switch of the vehicle or an electronic switch having the same function.
Step 103: and calculating the current first ignition frequency according to the ignition signal.
It should be noted that, according to the ignition signal, calculating the current first ignition number may be implemented by a first point counter. In the embodiment of the invention, before detecting an ignition signal of an ignition lock, a 16-bit first ignition counter is set; after receiving the ignition signal, adding 8 to the first ignition counter; detecting whether the value of the first ignition counter is equal to a set value; if not, obtaining the current first ignition frequency; otherwise, initializing the first ignition counter.
It should be noted that the set value is determined by the maximum count value of the first ignition counter, for example, the set value is 65535; after the vehicle VIN code is successfully written, the initial value of a first ignition counter is 0, and data are not lost after the first ignition counter is powered off; and after the ignition signal is received, adding 8 to the first ignition counter to obtain the current first ignition frequency. In the embodiment of the invention, each time of ignition, the first ignition frequency is added with 8, the first ignition frequency is a 16-bit integer value (0-65535), when the first ignition frequency is accumulated to exceed 65535, the value is reset to 0, and the first ignition counter counts again.
Step 104: and combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted.
Specifically, the random number and the vehicle VIN code may be generated by an offline production detection device, and further, the length of the random number may be 128 bits. Each vehicle corresponds to a vehicle VIN code, the VIN code and the random number are respectively written into the memories of the engine anti-theft unit and the engine control unit by the production offline detection equipment after the vehicles are offline, and once the VIN code and the random number are written, the VIN code cannot be erased or cannot be modified by equipment which is not specially authorized by a whole factory.
Further, in another embodiment of the present invention, the random number may also be generated by the engine control unit. The engine control unit sends the random number to the engine anti-theft unit after the vehicle is off-line. Therefore, the engine anti-theft unit and the engine controller unit have the same random number, and subsequent authentication is facilitated.
Specifically, the step of combining the vehicle VIN code and the random number according to the first ignition number to obtain the plaintext to be encrypted includes steps (a) to (D):
(A) dividing the first ignition frequency into equal parts according to positions, adding the divided high setting positions and low setting positions, and then discarding overflow positions to obtain a first shift number of the setting positions; specifically, the set bit is determined by the number of bits of the first ignition count, for example, 8 bits.
(B) And circularly shifting the random number to the left or to the right by the first shift number to obtain a first synchronous number.
(C) And storing the complement of the first synchronization number as a new random number.
(D) And combining the vehicle VIN code and the first synchronous number to obtain a plaintext to be encrypted.
Further, in order to make the confidentiality of the plaintext to be encrypted stronger, in another embodiment of the present invention, the step of combining the vehicle VIN code and the random number according to the first ignition number to obtain the plaintext to be encrypted includes steps (a ') to (D'):
(a') dividing the first ignition number into a first 4 x 4 row-column matrix according to a bit average to obtain a first shift matrix.
(B') averagely splitting the random number into a second 4 x 4 row-column matrix according to bytes, and circularly shifting the row data of 4 rows to the left or shifting the shift number of the row corresponding to the first shift matrix to the right respectively; after obtaining a new 4 x 4 row-column matrix, performing row-column setting by a method of replacing the nth column with the nth row; and merging the obtained new row matrix and the new column matrix into new data according to the reverse method of the splitting method to obtain a first synchronization number.
(C') storing the first synchronization number as a new random number.
(D') combining the vehicle VIN code and the first synchronization number to obtain a plaintext to be encrypted, wherein n is more than or equal to 1 and less than or equal to 4.
The following are specific examples: for example, the first number of firings is 20, i.e. the binary representation is: 0000000000010100, the random number is 001122334455566778899AABBCCDDEEFF, and the random number is divided into the first 4 x 4 row matrix
Figure GDA0002149378250000081
The second 4 x 4 row-column matrix of byte-wise average splitting of random numbers is
Figure GDA0002149378250000082
And after the second 4X 4 row-column matrix is circularly shifted to the right according to the first 4X 4 row-column matrix, the first row of the second 4X 4 row-column matrix is circularly shifted to the right by 0 bit, the second row is circularly shifted to the right by 0 bit, the third row is circularly shifted to the right by 1 bit, and the fourth row is circularly shifted to the right by 4 bits, so that the method for obtaining the high-speed and high-speed multi-row matrix is obtained
Figure GDA0002149378250000083
Setting the rows and columns to
Figure GDA0002149378250000084
The first synchronization number was 004444FC1155CDCD226655DE3377 DCEF.
Step 105: and carrying out irreversible encryption operation on the plaintext to obtain authentication data.
It should be noted that methods such as MD4 or MD5 in the irreversible encryption algorithm can be used to determine according to the encryption requirement and the processing rate of the programming unit, encrypt the plaintext to be encrypted, obtain a 128-bit Hash value after encryption, and take the lower 64-bit Hash value as the authentication data.
Step 106: and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, the vehicle VIN code and the random number, then comparing the authentication data with the encrypted data, and if the authentication data and the encrypted data are consistent, controlling the engine to start and run.
Specifically, the process of obtaining the encrypted data by the engine control unit according to the ignition signal, the vehicle VIN code and the random number is as shown in (E) to (L):
(E) and initializing a 16-bit second ignition counter, wherein data are not lost after the second ignition counter is powered down.
In the embodiment of the invention, before detecting an ignition signal of an ignition lock, a second ignition counter which is identical to the first ignition counter is arranged; initializing the second firing counter; for example, after the vehicle VIN code is successfully written, the initial value of the second ignition counter is 0, and data is not lost after the second ignition counter is powered off; and after the ignition signal is received, adding 8 to the second ignition counter to obtain the current second ignition frequency. In the embodiment of the invention, each time of ignition, 8 is added to the second ignition frequency, when the first ignition frequency is a 16-bit integer value, the second ignition frequency is also a 16-bit integer value (0-65535), when the second ignition frequency is accumulated to exceed 65535, the value is reset to 0, and the second ignition counter accumulates the count again.
(F) The engine control unit detects whether an ignition signal of the ignition lock is received; if so, performing (G); otherwise, step 107 is performed.
(G) The second ignition counter is incremented by 8.
(H) Detecting whether the value of the second ignition counter is equal to a set value; if not, executing the step (I); otherwise, returning to the step (E).
(I) Obtaining a current second ignition frequency, dividing the current second ignition frequency into equal parts according to positions, adding the high setting position and the low setting position after dividing equally, and then discarding an overflow position to obtain a second shift number of the setting position; specifically, the set bit is determined by the number of bits of the first ignition count, for example, when the first ignition count is 16 bits, the set bit is 8 bits.
(J) And circularly shifting the random number to the left or to the right by the second shift number to obtain a second synchronous number.
(K) And storing the complement of the second synchronization number as a new random number.
And (L) combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data.
It should be noted that, the method such as MD4 or MD5 in the irreversible encryption algorithm may be used, which is determined according to the encryption requirement and the processing rate of the programming unit, and after encrypting the data of the combination of the vehicle VIN code and the second synchronization number, a 128-bit Hash value is obtained, and the lower 64-bit Hash value is taken as the encrypted data. Further, the engine control unit compares the authentication data with the encrypted data, and controls the engine to start and operate if both are identical.
In order to make the encrypted data more reliable, in another embodiment of the present invention, the engine control unit obtains the encrypted data according to the ignition signal, the vehicle VIN code, and the random number as shown in (E ') to (L'):
(E') setting a second ignition counter which is identical to the first ignition counter, and initializing the 16-bit second ignition counter, wherein data are not lost after the second ignition counter is powered down.
(F') the engine control unit detecting whether an ignition signal of the ignition lock is received; if so, performing (G'); otherwise, step 107 is performed.
(G') adding 8 to said second firing counter.
(H') detecting whether the value of the second ignition counter is equal to a set value; if not, executing the step (I'); otherwise, returning to the step (E').
(I') obtaining a current second ignition frequency, and dividing the second ignition frequency into a third 4 x 4 row matrix according to bit average to obtain a second shift matrix
(J') equally dividing the random number into a fourth 4 x 4 row-column matrix according to bytes, and circularly shifting the 4 rows of data left or right by the shift numbers of the corresponding rows of the second shift matrix; after obtaining a new 4 x 4 row-column matrix, performing row-column setting by a method of replacing the nth column with the nth row; and merging the obtained new row matrix and the new column matrix into new data according to the reverse method of the splitting method to obtain a second synchronization number.
(K') storing the second synchronization number as a new random number.
(L') combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data, wherein n is more than or equal to 1 and less than or equal to 4.
It should be noted that the forming process of the second synchronization number is the same as the first synchronization number, and is not described herein again.
Step 107: and (6) ending.
According to the authentication method of the engine anti-theft unit provided by the embodiment of the invention, the engine anti-theft unit detects whether an ignition signal of an ignition lock is received; if so, calculating the current first ignition frequency according to the ignition signal, and combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted; carrying out irreversible encryption operation on the plaintext to obtain authentication data; and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, the vehicle VIN code and the random number, then comparing the authentication data with the encrypted data, and if the authentication data and the encrypted data are consistent, controlling the engine to start and run. By the method and the device, the plaintext to be encrypted can be calculated according to the ignition frequency during each ignition, and the random numbers are different during each random number authentication, so that the condition that the random numbers cannot be obtained by equipment except an engine anti-theft unit and an engine control unit is ensured.
Further, in order to ensure the security of the authentication, in another embodiment of the present invention, the method includes the following steps:
step 201: and starting.
Step 202: detecting whether an ignition signal of an ignition lock is received; if yes, go to step 203; otherwise, step 202 is performed.
Step 203: and calculating the current first ignition frequency according to the ignition signal.
Step 204: and acquiring the ID of an ignition anti-theft device connected with the ignition lock.
It should be noted that the ignition anti-theft device can be a PEPS or an automobile anti-theft recognition coil; the automobile anti-theft recognizing coil plays a role in energy transfer and retransmission of anti-theft recognition codes. When the door of the vehicle is opened by the vehicle key, the recognition coil transmits the power supply energy of the engine anti-theft unit to the pulse transponder in the vehicle key, and then transmits the identification code of the vehicle key back to the engine anti-theft unit. The sensing coil is typically mounted outside the ignition lock.
Step 205: detecting whether the ID is valid; if so, go to step 206; otherwise, step 209 is performed.
Step 206: combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted;
step 207: and carrying out irreversible encryption operation on the plaintext to obtain authentication data.
Step 208: and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, the vehicle VIN code and the random number, then comparing the authentication data with the encrypted data, and if the authentication data and the encrypted data are consistent, controlling the engine to start and run.
Step 209: and (6) ending.
According to the authentication method of the engine anti-theft unit provided by the embodiment of the invention, before the VIN code of the vehicle and the random number are combined according to the first ignition frequency to obtain the plaintext to be encrypted, the ID of the ignition anti-theft device connected with the ignition lock is obtained; detecting whether the ID is valid; if so, combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted. By the invention, when the user ID with invalid ID is identified, encryption operation is not carried out, and authentication data is not sent to the CAN bus, thereby improving the anti-theft grade and safety of vehicles.
In view of the above method, the present invention also provides an authentication system for an engine anti-theft unit, as shown in fig. 2, the system including: the ignition lock is respectively connected with the engine anti-theft unit IMMO and the engine control unit EMS; the engine control unit is connected with an engine (not shown); the engine anti-theft unit IMMO is connected with the engine control unit EMS through a CAN bus; vehicle VIN codes and random numbers are stored in the engine anti-theft unit IMMO and the engine control unit EMS; the engine anti-theft unit IMMO detects whether an ignition signal of an ignition lock is received; if yes, the IMMO calculates the current first ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted; carrying out irreversible encryption operation on the plaintext to obtain authentication data, and sending the authentication data to the engine control unit EMS; the EMS (engine control unit) detects whether an ignition signal of an ignition lock is received; if yes, the engine control unit calculates the current second ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the second ignition frequency and then carrying out irreversible encryption operation to obtain encrypted data; the engine control unit EMS compares the authentication data with the encryption data, and if the authentication data is consistent with the encryption data, the engine control unit EMS controls the engine to start and operate.
In the embodiment of the present invention, the ignition signal is not limited to the ignition signal obtained from the ignition lock, and the ignition signal may be a signal from a mechanical ignition switch of the vehicle or an electronic switch having the same function.
Further, in another embodiment of the present invention, the system may further include: the ignition anti-theft device is respectively connected with the ignition lock and the engine anti-theft unit, and the engine anti-theft unit acquires the ID of the ignition anti-theft device before combining the VIN code of the vehicle and random data according to the first ignition frequency to obtain a plaintext to be encrypted; detecting whether the ID is valid; if so, combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted. It should be noted that, in the embodiment of the present invention, when the user ID with an invalid ID is identified, the encryption operation is not performed, and the authentication data is not sent to the CAN bus, so that the vehicle theft prevention level and the security are improved. It should be noted that the ignition anti-theft device can be a PEPS or an automobile anti-theft recognition coil; the automobile anti-theft recognizing coil plays a role in energy transfer and retransmission of anti-theft recognition codes. When the door of the vehicle is opened by the vehicle key, the recognition coil transmits the power supply energy of the engine anti-theft unit to the pulse transponder in the vehicle key, and then transmits the identification code of the vehicle key back to the engine anti-theft unit. The sensing coil is typically mounted outside the ignition lock.
Further, in another embodiment of the present invention, the random number is generated by the engine control unit and transmitted to the engine theft preventing unit by the engine control unit after the vehicle is off-line; the engine control unit sends the random number to the engine anti-theft unit after the vehicle is off line, so that the engine anti-theft unit and the engine controller unit have the same random number, and subsequent authentication is facilitated. Still further, in another embodiment of the present invention, the system may further include: production offline detection equipment; and the VIN code and the random number of the vehicle stored in the engine anti-theft unit and the engine control unit are written by the production offline equipment after the vehicle is offline. Specifically, the production offline detection device writes the vehicle VIN code and the random number into memories of an engine anti-theft unit and an engine control unit respectively after the vehicle is offline, and once the vehicle VIN code and the random number are written, the vehicle VIN code and the random number cannot be erased or modified by equipment which is not specially authorized by a whole factory.
Further, in an embodiment of the present invention, the system further includes: a first ignition counter and a second ignition counter.
The engine anti-theft unit combines the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted, and performs irreversible encryption operation to obtain authentication data according to the following process:
1) and initializing a 16-bit first ignition counter, wherein data are not lost after the first ignition counter is powered down.
2) The engine anti-theft unit detects whether an ignition signal of the ignition lock is received; if yes, adding 8 to the first ignition counter to obtain the current first ignition times.
3) And adding the upper 8 bits and the lower 8 bits of the first ignition frequency, and then discarding overflow bits to obtain 8-bit first shift numbers.
4) And circularly shifting the random number to the left or to the right by the first shift number to obtain a first synchronous number.
5) And storing the complement of the first synchronization number as a new random number.
6) And combining the vehicle VIN code and the first synchronous number to obtain a plaintext to be encrypted.
7) And carrying out irreversible encryption operation on the plaintext to obtain authentication data.
It should be noted that, the plaintext to be encrypted may be encrypted by using MD4 or MD5 in the irreversible encryption algorithm, which is determined according to the encryption requirement and the processing rate of the programming unit.
The engine control unit obtains the encrypted data according to the ignition signal, the vehicle VIN code and the random number as follows:
1) and initializing a 16-bit second ignition counter, wherein data are not lost after the second ignition counter is powered down.
2) The engine control unit detects whether an ignition signal of the ignition lock is received; if yes, the second ignition counter adds 8 to obtain the current second ignition times.
3) And adding the upper 8 bits and the lower 8 bits of the current second ignition frequency, and then discarding the overflow bits to obtain a second 8-bit shift number.
4) And circularly shifting the random number to the left or to the right by the second shift number to obtain a second synchronous number.
5) Storing the complement of the second synchronization number as a new random number;
6) and combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data.
It should be noted that the vehicle VIN code and the second synchronization code may be combined and encrypted using MD4 or MD5 in the irreversible encryption algorithm, which is determined according to the encryption requirement and the processing rate of the programming unit.
The following describes a specific process of the embodiment of the present invention with reference to fig. 2: the IMMO is mainly used for identifying the ID and initiating an authentication request; an engine control unit EMS, which is mainly used for responding the authentication request of the IMMO and controlling the starting of the engine; after receiving the ignition signal, an engine anti-theft unit IMMO and an engine control unit EMS respectively combine the vehicle VIN code and the random number which are stored in the engine anti-theft unit IMMO and the engine control unit EMS according to the ignition frequency to form a plaintext to be encrypted; the engine anti-theft unit IMMO and the engine control unit EMS respectively encrypt the plaintext through irreversible encryption operation (can perform MD4 encryption algorithm or/and MD5 encryption algorithm); an engine anti-theft unit IMMO and an engine control unit EMS respectively obtain a 128-bit Hash value after encryption; the IMMO of the engine anti-theft unit takes the lower 64 bits of the Hash value and sends the data to the EMS of the engine control unit through the CAN bus.
The engine control unit EMS takes the lower 64 bits of the Hash value obtained by self-operation and compares the lower 64 bits with the data received from the engine anti-theft unit IMMO on the CAN; when the two data are completely consistent, the authentication is judged to be passed, and the engine is allowed to start and operate.
The foregoing detailed description of the embodiments of the present invention has been presented for purposes of illustration and description, and is intended to be exemplary only of the systems and methods for understanding the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims (10)

1. A method of authenticating an engine anti-theft unit, the method comprising:
detecting whether an ignition signal of an ignition lock is received;
if yes, calculating the current first ignition frequency according to the ignition signal;
combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted;
carrying out irreversible encryption operation on the plaintext to obtain authentication data;
and sending the authentication data to an engine control unit so that the engine control unit obtains encrypted data according to the ignition signal, the vehicle VIN code and the random number, comparing the authentication data with the encrypted data, and controlling the engine to start and run if the authentication data and the encrypted data are consistent.
2. The method of authenticating an engine anti-theft unit according to claim 1, further comprising:
before combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted, acquiring the ID of an ignition anti-theft device connected with the ignition lock;
detecting whether the ID is valid;
if so, combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted.
3. The method of authenticating an engine anti-theft unit according to claim 1, wherein said calculating a current first number of firings based on said firing signal comprises:
setting a 16-bit first ignition counter before detecting whether an ignition signal of an ignition lock is received;
after receiving the ignition signal, adding 8 to the first ignition counter;
detecting whether the value of the first ignition counter is equal to a set value; if not, obtaining the current first ignition frequency;
otherwise, initializing the first ignition counter.
4. The method of authenticating an engine anti-theft unit according to claim 3, wherein the combining a vehicle VIN code and a random number according to the first number of firings to obtain a plaintext to be encrypted comprises:
dividing the first ignition frequency into equal parts according to positions, adding the high setting position and the low setting position after dividing equally, and then discarding an overflow position to obtain a first shift number of the setting position;
circularly left-shifting or right-shifting the random number by the first shift number to obtain a first synchronous number;
storing the complement of the first synchronization number as a new random number;
and combining the vehicle VIN code and the first synchronous number to obtain a plaintext to be encrypted.
5. The method of claim 4, wherein the obtaining, by the engine control unit, the encrypted data based on the ignition signal, the vehicle VIN code, and the random number specifically comprises:
setting a second ignition counter identical to the first ignition counter;
the engine control unit detects whether an ignition signal of the ignition lock is received;
if yes, adding 8 to the second ignition counter;
detecting whether the value of the second ignition counter is equal to a set value; if not, obtaining the current second ignition frequency;
dividing the current second ignition frequency into equal parts according to positions, adding the divided high setting positions and low setting positions, and then discarding overflow positions to obtain a second shift number of the setting positions;
circularly left-shifting or right-shifting the random number by the second shift number to obtain a second synchronous number;
storing the complement of the second synchronization number as a new random number;
and combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data.
6. The method of authenticating an engine anti-theft unit according to claim 3, wherein the combining a vehicle VIN code and a random number according to the first number of firings to obtain a plaintext to be encrypted comprises:
dividing the first ignition times into a first 4 x 4 row-column matrix according to the bit average to obtain a first shift matrix;
averagely splitting the random number into a second 4 x 4 row-column matrix according to bytes, and circularly shifting the row data of 4 rows to the left or to the right respectively by the shift number of the row corresponding to the first shift number matrix; after obtaining a new 4 x 4 row-column matrix, performing row-column setting by a method of replacing the nth column with the nth row; after a new row matrix and a new column matrix are obtained, merging the new row matrix and the new column matrix into new data according to a reverse method of the splitting method to obtain a first synchronization number;
storing the first synchronization number as a new random number;
and combining the vehicle VIN code and the first synchronization number to obtain a plaintext to be encrypted, wherein n is more than or equal to 1 and less than or equal to 4.
7. The method of claim 6, wherein said engine control unit obtaining said encrypted data from said ignition signal, said vehicle VIN code, and said random number specifically comprises:
setting a second ignition counter identical to the first ignition counter;
the engine control unit detects whether an ignition signal of the ignition lock is received; if yes, adding 8 to the second ignition counter;
detecting whether the value of the second ignition counter is equal to a set value; if not, obtaining the current second ignition frequency;
dividing the second ignition times into a third 4 x 4 row-column matrix according to the bit average to obtain a second shift matrix;
averagely splitting the random number into a fourth 4 x 4 row-column matrix according to bytes, and circularly moving the row data of 4 rows to the left or moving the row data of 4 rows to the right by the shift number of the corresponding row of the second shift number matrix respectively; after obtaining a new 4 x 4 row-column matrix, performing row-column setting by a method of replacing the nth column with the nth row; after a new row matrix and a new column matrix are obtained, merging the new row matrix and the new column matrix into new data according to a reverse method of the splitting method to obtain a second synchronization number;
storing the second synchronization number as a new random number;
and combining the vehicle VIN code with the second synchronous number, and then carrying out irreversible encryption operation to obtain the encrypted data, wherein n is more than or equal to 1 and less than or equal to 4.
8. An authentication system for an engine anti-theft unit, the system comprising: the ignition lock is respectively connected with the engine anti-theft unit and the engine control unit; the engine control unit is connected with an engine; the engine anti-theft unit is connected with the engine control unit through a CAN bus; vehicle VIN codes and random numbers are stored in the engine anti-theft unit and the engine control unit; the engine anti-theft unit detects whether an ignition signal of an ignition lock is received; if yes, the engine anti-theft unit calculates the current first ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted; carrying out irreversible encryption operation on the plaintext to obtain authentication data, and sending the authentication data to the engine control unit; the engine control unit detects whether an ignition signal of an ignition lock is received; if yes, the engine control unit calculates the current second ignition frequency according to the ignition signal; combining the vehicle VIN code and the random number according to the second ignition frequency and then carrying out irreversible encryption operation to obtain encrypted data; the engine control unit compares the authentication data with the encrypted data, and controls the engine to start and operate if the authentication data is identical to the encrypted data.
9. The authentication system of an engine theft prevention unit as recited in claim 8, further comprising:
the ignition anti-theft device is respectively connected with the ignition lock and the engine anti-theft unit, and the engine anti-theft unit acquires the ID of the ignition anti-theft device before combining the VIN code of the vehicle and random data according to the first ignition frequency to obtain a plaintext to be encrypted; detecting whether the ID is valid; if so, combining the vehicle VIN code and the random number according to the first ignition frequency to obtain a plaintext to be encrypted.
10. The authentication system of an engine anti-theft unit according to claim 9, characterized in that the system further comprises:
production offline detection equipment; and the VIN code and the random number of the vehicle stored in the engine anti-theft unit and the engine control unit are written by the production offline equipment after the vehicle is offline.
CN201810871874.2A 2018-08-02 2018-08-02 Authentication method and system for engine anti-theft unit Active CN108944784B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810871874.2A CN108944784B (en) 2018-08-02 2018-08-02 Authentication method and system for engine anti-theft unit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810871874.2A CN108944784B (en) 2018-08-02 2018-08-02 Authentication method and system for engine anti-theft unit

Publications (2)

Publication Number Publication Date
CN108944784A CN108944784A (en) 2018-12-07
CN108944784B true CN108944784B (en) 2020-03-24

Family

ID=64467159

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810871874.2A Active CN108944784B (en) 2018-08-02 2018-08-02 Authentication method and system for engine anti-theft unit

Country Status (1)

Country Link
CN (1) CN108944784B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110289967A (en) * 2019-06-19 2019-09-27 长城华冠汽车科技(苏州)有限公司 Communication authentication method, device and vehicle
CN112339707A (en) * 2019-08-09 2021-02-09 广州汽车集团股份有限公司 ETC vehicle-mounted unit anti-disassembly method and system and automobile
CN111976646B (en) * 2020-07-08 2021-10-15 江铃汽车股份有限公司 Engine anti-theft authentication method and system
CN113783687B (en) * 2021-09-07 2023-08-29 浙江吉利控股集团有限公司 Method and system for generating, encrypting and decrypting automobile electronic anti-theft code
CN113830024A (en) * 2021-09-22 2021-12-24 中国第一汽车股份有限公司 Anti-theft control method and device for engine

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3846045B2 (en) * 1998-07-15 2006-11-15 株式会社デンソー Vehicle anti-theft system
JP2008290656A (en) * 2007-05-28 2008-12-04 Mitsubishi Electric Corp Antitheft encryption device
CN101393658B (en) * 2008-02-27 2011-04-20 重庆长安汽车股份有限公司 Central controlled anti-theft method and system for automobile
CN101602358A (en) * 2009-06-18 2009-12-16 奇瑞汽车股份有限公司 A kind of engine anti-theft authentication method based on the AES128 cryptographic algorithm
CN105015490B (en) * 2015-07-24 2017-04-12 安徽江淮汽车集团股份有限公司 Authentication method for antitheft unit of engine

Also Published As

Publication number Publication date
CN108944784A (en) 2018-12-07

Similar Documents

Publication Publication Date Title
CN108944784B (en) Authentication method and system for engine anti-theft unit
CN108075897B (en) Controller area network message authentication
JP2860527B2 (en) Vehicle security device whose usage rights are encoded electronically
JP2673941B2 (en) Vehicle security device with usage rights electronically encoded
JP2694724B2 (en) Vehicle security device with usage rights electronically encoded
CN106899404B (en) Vehicle-mounted CAN FD bus communication system and method based on pre-shared key
US20120155636A1 (en) On-Demand Secure Key Generation
US8799657B2 (en) Method and system of reconstructing a secret code in a vehicle for performing secure operations
RU2706768C2 (en) Remote keyless entry system for vehicles (embodiments), key fob for remote keyless entry system
CN109587518B (en) Image transmission apparatus, method of operating the same, and system on chip
JP7343740B2 (en) One-way key fob and vehicle pairing authentication, retention, and deactivation
CN106972926B (en) encryption and decryption method, device and system for wireless automobile key
US20140075186A1 (en) Multiple Access Key Fob
US20030145203A1 (en) System and method for performing mutual authentications between security tokens
CN106912046B (en) One-way key fob and vehicle pairing
WO2015144747A1 (en) Method to manage a one time password key
CN104029654A (en) Car anti-theft method and system based on fingerprint secret key encryption technology
WO2007044042A2 (en) Encryption methods and apparatus
JP5073307B2 (en) Cryptographic data communication system
US20210034749A1 (en) Information processing apparatus
KR102671529B1 (en) Vehicle authentication system
US11599335B2 (en) Vehicle and method of controlling the same
EP0961438A1 (en) Authentication system, authentication device, authentication data producing device, and authentication method
EP0885502A1 (en) Authentication system and method for a remote keyless entry system
RU2274899C2 (en) Portable device and method for accessing device activated by key data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 230601 No. 99 Ziyun Road, Hefei Economic and Technological Development Zone, Anhui Province

Applicant after: Anhui Jianghuai Automobile Group Limited by Share Ltd

Address before: 230601 No. 669 Shixin Road, Taohua Industrial Park, Hefei City, Anhui Province

Applicant before: Anhui Jianghuai Automobile Group Limited by Share Ltd

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant