Search

CN-115243261-B - Encryption communication system applied between new energy automobile and charging pile

CN115243261BCN 115243261 BCN115243261 BCN 115243261BCN-115243261-B

Abstract

The invention relates to the technical field of new energy automobiles and discloses an encryption communication system applied between a new energy automobile and a charging pile, which comprises a vehicle gateway, a charging pile and a charging pile, wherein the vehicle gateway is used for generating an initial vehicle pile communication key, generating a message authentication code and sending the initial vehicle pile communication key and the message authentication code to both communication parties; and after receiving the message that the battery management system and the charging pile are successful in communication, updating the current car pile communication key and regenerating the message authentication code to be sent to both communication parties, wherein the battery management system and the charging pile, namely both communication parties, verify based on the message authentication code each time the message authentication code is received, if the verification is successful, the current car pile communication key is used for carrying out principal round communication with the opposite party, and each time the message is sent, the current car pile communication key is updated and the message that the principal round communication is successful is sent to the vehicle gateway. According to the invention, the secret key is updated for a plurality of times in the vehicle-pile communication process, and each round of communication is verified, so that the communication safety is improved.

Inventors

  • YAN HE
  • SONG KAITONG
  • ZHAO HUANHUAN
  • Wu Liangshu
  • YANG LAIXI

Assignees

  • 奇瑞新能源汽车股份有限公司

Dates

Publication Date
20260505
Application Date
20220722

Claims (8)

  1. 1. The encryption communication system applied between the new energy automobile and the charging pile is characterized by comprising a vehicle gateway, a battery management system and the charging pile, wherein the vehicle gateway and the battery management system are arranged on a vehicle, The vehicle gateway is configured to generate an initial vehicle pile communication key, send the initial vehicle pile communication key to the battery management system and the charging pile, generate a random number, generate a message authentication code based on the initial vehicle pile communication key and the random number, send the random number and the message authentication code to the battery management system and the charging pile, shift the current vehicle pile communication key after receiving a message that the battery management system and the charging pile are successfully communicated each time, and re-generate a message authentication code, send the message authentication code to the battery management system and the charging pile; The battery management system and the charging pile are respectively configured to regenerate the message authentication code based on the current car pile communication key and the random number stored in the battery management system and the charging pile, namely the communication parties, each time the message authentication code is received, the message authentication code is compared with the message authentication code received from the car gateway, if the message authentication code is consistent with the current car pile communication key, the current car pile communication key is used for carrying out primary communication with the counterpart, and each time the message transmission is completed, the current car pile communication key stored in the battery management system and the charging pile are subjected to shift operation, a counter is increased by 1, and a message for successfully counting and primary communication is sent to the car gateway; The system further comprises a TSP platform, wherein the TSP platform is configured to manage vehicle information and mobile terminal information bound with the vehicle information and distribute a shared secret key to the vehicle information and the mobile terminal information bound with the vehicle information, and distribute identity legal certificates to the vehicle and the mobile terminal bound with the vehicle, the vehicle and the mobile terminal both have NFC functions, the vehicle reads the identity legal certificates in the mobile terminal through the NFC functions before charging operation is executed, the identity legal certificates are compared with the identity legal certificates stored by the vehicle, and if the vehicle and the mobile terminal information are consistent, verification is passed.
  2. 2. The encrypted communication system according to claim 1, wherein the mobile terminal is bound to the vehicle; the mobile terminal is configured to: The method comprises the steps of obtaining identification information of a charging pile, generating a charging order request and sending the charging order request to a power grid cloud management platform, wherein the charging order request comprises the identification information of the charging pile and the identification information of the mobile terminal, receiving a charging order issued by the power grid cloud management platform, and transmitting the charging order to a vehicle gateway of a vehicle when receiving a charging starting instruction; The power grid cloud management platform is configured to: And acquiring a charging order request, carrying out validity authentication on the mobile terminal based on the white list, and if the authentication is passed, issuing a charging order to the mobile terminal and controlling the charging pile to enter a charging preparation stage.
  3. 3. The encrypted communication system of claim 2, wherein the charge order includes a temporary key between the mobile terminal and the charging stake for encryption and decryption of the charge order.
  4. 4. An encrypted communication system according to claim 3, wherein the mobile terminal and the vehicle each store a first shared key in advance for encryption and decryption of communication information therebetween.
  5. 5. The encrypted communication system of claim 4, wherein the mobile terminal further transmits the first shared key to a vehicle gateway of a vehicle upon receiving a start charging instruction, the initial stub communication key being generated based on the first shared key and a temporary key.
  6. 6. The encrypted communication system of claim 2, further comprising a grid cloud management platform configured to further assign an identity legal certificate and a second shared key to the mobile terminal in the whitelist for legal identity verification between the grid cloud management platform and the mobile terminal, and to decrypt and encrypt information between the charging stake and the mobile terminal.
  7. 7. The encrypted communication system according to claim 4, wherein the vehicle obtains the charge order and the temporary key from the mobile terminal through an NFC function.
  8. 8. A vehicle gateway, the vehicle comprising a battery management system and establishing a connection with a charging pile, characterized in that an encrypted communication system as claimed in any one of claims 1-7 is employed between a new energy vehicle and the charging pile, the vehicle gateway being configured to comprise: the vehicle stake communication key generation module is used for generating an initial vehicle stake communication key and sending the initial vehicle stake communication key to the battery management system and the charging stake; The vehicle pile communication control module is used for generating a random number, generating a message authentication code based on the initial vehicle pile communication key and the random number, transmitting the initial vehicle pile communication key and the message authentication code to the battery management system and the charging pile, and After receiving the message and the message round count of successful communication between the battery management system and the charging pile, carrying out shift operation on the current vehicle pile communication key, regenerating a message authentication code, and sending the message authentication code to the battery management system and the charging pile; And the message authentication code is used for identity authentication of the current communication round by the battery management system and the charging pile, and if the authentication is passed, the two parties carry out the communication of the current round based on the current car pile communication key.

Description

Encryption communication system applied between new energy automobile and charging pile Technical Field The invention belongs to the technical field of new energy automobiles, and particularly relates to an encryption communication system applied between a new energy automobile and a charging pile. Background The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art. Along with the gradual expansion of the development scale of new energy automobiles, the informatization level of charging facilities is higher and higher, and the new energy automobiles and charging piles are connected on the basis of the Internet to solve the problem of information safety. On the one hand, the method is characterized in that the existing charging pile usually needs to adopt a mobile phone to scan a two-dimensional code during charging, and sensitive information such as identity information, charging data, balance data and the like is at risk of interception, on the other hand, the method is characterized in that in the charging process, particularly in the direct-current charging pile, the communication protocol adopted by the direct-current charging pile is public, the charging process involves multiple times of communication between a vehicle and the charging pile, the possibility of interception by attack exists in the transmission process, and thus malicious increase or overdraft order phenomenon occurs, and therefore, safety protection is urgently needed in the communication process between the vehicle and the charging pile. Although there is a related technology of encryption communication for the charging pile at present, the existing encryption communication often adopts a fixed key, which has security risks and makes regular key replacement complicated. The identity authentication link is mainly focused on realizing identity authentication from the mobile phone end, so that the identity authentication between the vehicle and the mobile phone is ignored, and the unique determination of the mobile phone, the vehicle and the charging pile in one order is difficult to ensure. Disclosure of Invention In order to overcome the defects in the prior art, the invention provides an encryption communication system applied between a new energy automobile and a charging pile. The vehicle pile communication key can be updated for a plurality of times at different stages in the charging process, and each round of communication is verified respectively, so that the safety of the vehicle pile communication in the charging process is ensured. To achieve the above object, one or more embodiments of the present invention provide the following technical solutions: an encryption communication system applied between a new energy automobile and a charging pile comprises a vehicle gateway and a battery management system which are arranged on the vehicle and the charging pile, wherein, The vehicle gateway is configured to: generating an initial stub communication key, generating a message authentication code based on the initial stub communication key, transmitting the initial stub communication key and the message authentication code to the battery management system and the charging stub, and After receiving the message that the battery management system and the charging pile are successfully communicated each time, carrying out shift operation on the current vehicle pile communication key, regenerating a message authentication code, and sending the message authentication code to the battery management system and the charging pile; The battery management system and the charging pile, i.e., both communication parties, are respectively configured to: Each time a message authentication code is received, regenerating the message authentication code based on the current vehicle-mounted communication key stored by the vehicle-mounted communication key, comparing the message authentication code with the message authentication code received by the vehicle gateway, if the message authentication code is consistent with the message authentication code, successfully verifying, and carrying out communication with the opposite party by using the current vehicle-mounted communication key; And each time the message is sent, the shift operation is carried out on the current vehicle pile communication key stored by the vehicle pile communication key, and the message that the communication of the current vehicle pile is successful is sent to the vehicle gateway. And the vehicle gateway, the battery management system or the charging pile generates a message authentication code each time based on the current vehicle pile communication key and the random number. Further, each time the battery management system and the charging pile complete the message transmission, the counter is increased by 1, and the message of which the counting is successful along with the round of comm