Search

CN-116094754-B - Encryption and decryption method and device, electronic equipment and storage medium

CN116094754BCN 116094754 BCN116094754 BCN 116094754BCN-116094754-B

Abstract

The invention relates to the technical field of computers, and discloses an encryption and decryption method, an encryption and decryption device, electronic equipment and a storage medium. The encryption and decryption method is applied to a first control unit in a vehicle, the method comprises the steps of obtaining an encryption and decryption request, carrying data to be encrypted and decrypted and corresponding encryption and decryption algorithm types, conducting sub-packaging processing on the data to be encrypted and decrypted to obtain a plurality of data packets, sending the data packets to a corresponding second control unit based on the encryption and decryption algorithm types corresponding to the data to be encrypted and decrypted, wherein encryption and decryption hardware is arranged in the second control unit, the first control unit and the second control unit are located in the same control local area network, receiving encryption and decryption data sent by the second control unit, the encryption and decryption data are obtained by conducting encryption and decryption processing on each data packet based on the encryption and decryption hardware of the second control unit, and determining encryption and decryption results based on the encryption and decryption data. The processing efficiency of encryption and decryption tasks in the vehicle is improved.

Inventors

  • HU HONGXING
  • MIAO TING
  • QU HONGDA
  • SONG QIANLI

Assignees

  • 中汽创智科技有限公司

Dates

Publication Date
20260508
Application Date
20221129

Claims (10)

  1. 1. An encryption and decryption method, characterized in that it is applied to a first control unit in a vehicle, comprising: acquiring an encryption and decryption request, wherein the encryption and decryption request carries data to be encrypted and decrypted and a corresponding encryption and decryption algorithm type; The data to be encrypted and decrypted are subjected to sub-packaging processing, and a plurality of data packets are obtained; Acquiring attribute information of each second control unit in a plurality of second control units, wherein the attribute information comprises an identifier of the second control unit, an encryption and decryption algorithm type and a load weight value, and the load weight value characterizes the capability of the second control unit for providing encryption and decryption services; based on the encryption and decryption algorithm type corresponding to the data to be encrypted and the attribute information of each second control unit in the plurality of second control units, sending the plurality of data packets to the corresponding second control unit, wherein encryption and decryption hardware is arranged in the second control unit; the encryption and decryption data are obtained by encrypting and decrypting each data packet based on encryption and decryption hardware of the second control unit; And determining encryption and decryption results based on the encryption and decryption data.
  2. 2. The encryption and decryption method according to claim 1, wherein the sending the plurality of data packets to the corresponding second control unit based on the type of encryption and decryption algorithm corresponding to the data to be encrypted and attribute information of each of the plurality of second control units includes: determining an initial target second control unit from the plurality of second control units based on the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted, wherein the encryption and decryption algorithm type of the initial target second control unit comprises the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted; And transmitting the data packets to the corresponding initial target second control unit based on the load weight value and the identifier of the initial target second control unit.
  3. 3. The encryption and decryption method according to claim 2, wherein, in the case that the initial target second control unit includes at least two second control units, the sending the plurality of data packets to the corresponding initial target second control units based on the load weight value and the identifier of the initial target second control unit includes: selecting an identification of a quasi-target second control unit from the identifications of the initial target second control units, wherein the quasi-target second control unit is the second control unit with the largest load weight value in the initial target second control unit; Based on the identification of the quasi-target second control unit, a first data packet in the plurality of data packets is sent to the quasi-target second control unit, wherein the first data packet is any one data packet in the plurality of data packets; and transmitting the residual data packet to the residual second control unit based on the identification of the residual second control unit, wherein the residual second control unit is a second control unit of the initial target second control unit except the quasi target second control unit, and the residual data packet is a data packet of the plurality of data packets except the first data packet.
  4. 4. The encryption and decryption method according to claim 3, wherein in a case where the remaining second control units include at least two second control units and the remaining data packet includes at least two data packets, the sending the remaining data packet to the remaining second control units based on the identification of the remaining second control units includes: selecting an identifier of a target second control unit from the identifiers of the remaining second control units, wherein the target second control unit is the second control unit with the largest load weight value in the remaining second control units; And executing the steps of selecting the identification of the target second control unit from the identifications of the residual second control units, and transmitting any one of the residual data packets to the target second control unit based on the identification of the target second control unit until no data packet which is not transmitted exists.
  5. 5. The encryption and decryption method according to claim 2, wherein the receiving the encryption and decryption data sent by the second control unit, determining the encryption and decryption result based on the encryption and decryption data, includes: receiving encryption and decryption data sent by each second control unit in the plurality of second control units; and determining the encryption and decryption result based on the encryption and decryption data sent by each second control unit in the plurality of second control units.
  6. 6. The encryption and decryption method according to any one of claims 1 to 5, wherein encryption and decryption hardware is provided in the first control unit; The method comprises the steps of receiving encryption and decryption data sent by a second control unit, wherein the encryption and decryption data are obtained by encrypting and decrypting each data packet based on encryption and decryption hardware of the second control unit, and determining encryption and decryption results based on the encryption and decryption data, wherein the encryption and decryption algorithm types are corresponding to the data to be encrypted and decrypted: Based on the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted, sending a first type of data packet in the plurality of data packets to a corresponding second control unit; Receiving first encryption and decryption data sent by the second control unit, wherein the first encryption and decryption data is obtained by encrypting and decrypting a first type of data packet based on encryption and decryption hardware of the second control unit; Encrypting and decrypting the second type of data packet by using the encrypting and decrypting hardware of the first control unit to obtain second encrypting and decrypting data, wherein the second type of data packet is a data packet except the first type of data in the plurality of data packets; and determining the encryption and decryption result based on the first encryption and decryption data and the second encryption and decryption data.
  7. 7. The encryption and decryption method according to claim 1, further comprising, before the obtaining the encryption and decryption request: Generating a trust list constructing request, wherein the trust list constructing request carries an identifier of a first control unit, an identifier of a local area network to which the request belongs and an encryption and decryption algorithm type; sending the trust list construction request to the second control unit; If the form response information sent by the second control unit is received, sending an encrypted file containing an encryption and decryption key of a first control unit to the second control unit, wherein the form response information comprises an identifier of the second control unit, an identifier of a local area network to which the first control unit belongs and an encryption and decryption algorithm type; If the encrypted file containing the encryption and decryption key of the second control unit, which is sent by the second control unit, is received, the encrypted file containing the encryption and decryption key of the second control unit is subjected to decryption processing, and the encryption and decryption key of the second control unit is obtained; And constructing a trust list based on the identification of the first control unit, the identification of the second control unit, the encryption and decryption algorithm type of the first control unit, the encryption and decryption algorithm type of the second control unit, the local area network identification of the first control unit, the local area network identification of the second control unit, the encryption and decryption key of the first control unit and the encryption and decryption key of the second control unit.
  8. 8. An encryption and decryption device, characterized by being applied to a first control unit in a vehicle, the device comprising: the acquisition module is used for acquiring an encryption and decryption request, wherein the encryption and decryption request carries data to be encrypted and decrypted and a corresponding encryption and decryption algorithm type; the packetizing module is used for packetizing the data to be encrypted and decrypted to obtain a plurality of data packets; The system comprises a transmission module, a plurality of second control units, a first control unit, a second control unit, a first control unit and a second control unit, wherein the transmission module is used for transmitting a plurality of data packets to the corresponding second control units based on the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted and the attribute information of each second control unit in the plurality of second control units; The receiving module is used for receiving the encryption and decryption data sent by the second control unit, wherein the encryption and decryption data is obtained by encrypting and decrypting each data packet based on the encryption and decryption hardware of the second control unit; The determining module is used for determining encryption and decryption results based on the encryption and decryption data; The sending module is further configured to obtain attribute information of each second control unit in the plurality of second control units, where the attribute information includes an identifier of the second control unit, an encryption and decryption algorithm type, and a load weight value, and the load weight value characterizes a capability of the second control unit to provide encryption and decryption services.
  9. 9. An electronic device, comprising a processor and a memory, wherein at least one instruction or at least one program is stored in the memory, and the at least one instruction or the at least one program is loaded and executed by the processor to implement the encryption and decryption method according to any one of claims 1 to 7.
  10. 10. A computer readable storage medium, wherein at least one instruction or at least one program is stored in the computer readable storage medium, and the at least one instruction or the at least one program is loaded and executed by a processor to implement the encryption and decryption method according to any one of claims 1 to 7.

Description

Encryption and decryption method and device, electronic equipment and storage medium Technical Field The present application relates to the field of computer technologies, and in particular, to an encryption and decryption method, an encryption and decryption device, an electronic device, and a storage medium. Background At present, in the implementation of the encryption algorithm, the encryption algorithm can be divided into software implementation and hardware (hardware Security Module, abbreviated as HSM) implementation, and compared with the software implementation, the HSM (built-in hardware encryption and decryption accelerator) has the characteristic of an encryption and decryption speed block. However, for files with larger data volume, even if the HSM module is used, a large amount of time is required to be consumed, so that user experience is affected, and the existing distributed computation requires the central management scheduling module to uniformly manage the intra-domain computing resources, and the management scheduling module itself needs to be deployed independently, so that the computation amount of the system itself in the vehicle is increased. Disclosure of Invention In order to solve at least one technical problem, the embodiment of the application provides an encryption and decryption method, an encryption and decryption device, electronic equipment and a storage medium. The technical scheme is as follows: In one aspect, an encryption and decryption method is provided, and the method is applied to a first control unit in a vehicle, and includes: obtaining an encryption and decryption request, wherein the encryption and decryption request carries data to be encrypted and decrypted and a corresponding encryption and decryption algorithm type; the data to be encrypted and decrypted are subjected to sub-packaging processing, and a plurality of data packets are obtained; based on the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted, the data packets are sent to a corresponding second control unit, wherein encryption and decryption hardware is arranged in the second control unit; The encryption and decryption data are obtained by encrypting and decrypting each data packet based on encryption and decryption hardware of the second control unit; and determining an encryption and decryption result based on the encryption and decryption data. In an exemplary embodiment, the sending the plurality of data packets to the corresponding second control unit based on the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted includes: acquiring attribute information of each second control unit in the plurality of second control units, wherein the attribute information comprises an identifier of the second control unit, an encryption and decryption algorithm type and a load weight value, and the load weight value characterizes the capability of the second control unit for providing encryption and decryption services; Determining an initial target second control unit from the plurality of second control units based on the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted, wherein the encryption and decryption algorithm type of the initial target second control unit comprises the encryption and decryption algorithm type corresponding to the data to be encrypted and decrypted; and transmitting the data packets to the corresponding initial target second control unit based on the load weight value and the identifier of the initial target second control unit. In an exemplary embodiment, in a case that the initial target second control unit includes at least two second control units, the transmitting the plurality of data packets to the corresponding initial target second control units based on the load weight value and the identifier of the initial target second control unit includes: Selecting an identification of a quasi-target second control unit from the identifications of the initial target second control units, wherein the quasi-target second control unit is the second control unit with the largest load weight value in the initial target second control unit; based on the identification of the quasi-target second control unit, a first data packet in the plurality of data packets is sent to the quasi-target second control unit; and transmitting the residual data packet to the residual second control unit based on the identification of the residual second control unit, wherein the residual second control unit is the second control unit except the quasi-target second control unit in the initial target second control unit, and the residual data packet is the data packet except the first data packet in the plurality of data packets. In an exemplary embodiment, in a case that the remaining second control units include at least two second control units and the remaining dat