Search

CN-122027211-A - Vehicle controller authentication method and device and electronic equipment

CN122027211ACN 122027211 ACN122027211 ACN 122027211ACN-122027211-A

Abstract

The vehicle controller authentication method, the vehicle controller authentication device and the electronic equipment are characterized in that authentication request information is sent to the equipment controllers according to a preset and smooth sequence based on a pre-stored vehicle configuration table, the identity authentication is carried out on the current equipment controllers in response to authentication response information returned by any equipment controller, the authentication response information comprises identity identification, authentication data and a first ciphertext of the equipment controllers, the first ciphertext is generated by the equipment controllers based on the authentication data and a first encryption algorithm, and if the identity authentication is successful, the current equipment controllers are marked as trusted controllers, and the trusted states of the current equipment controllers are broadcasted. The application actively and orderly initiates authentication through the central domain controller, solves the problem of excessive power-on concurrent load, reduces the software complexity of the equipment controller, and provides flexibility of algorithm degradation compatibility.

Inventors

  • Gan Yaojia
  • WANG XIAOMENG
  • WEI JIANYANG
  • HE LEI
  • HUANG SHANGZHU

Assignees

  • 上汽通用五菱汽车股份有限公司

Dates

Publication Date
20260512
Application Date
20251230

Claims (10)

  1. 1. A vehicle controller authentication method, wherein the method is applied to a central domain controller, comprising: based on a pre-stored vehicle configuration table, smoothly and sequentially sending authentication request information to the equipment controller according to a preset; the authentication response information comprises an identity identifier of the equipment controller, authentication data and a first ciphertext, wherein the first ciphertext is generated by the equipment controller based on the authentication data and a first encryption algorithm; If the identity authentication is successful, the current equipment controller is marked as a trusted controller, and the trusted state of the current equipment controller is broadcasted.
  2. 2. The method of claim 1, wherein authenticating the current device controller comprises: Determining a second encryption algorithm for authentication based on the identity of the device controller; Calculating the authentication data according to the second encryption algorithm to generate a second ciphertext; Comparing the first ciphertext with the second ciphertext, if the first ciphertext is consistent with the second ciphertext, confirming that the authentication is successful, otherwise, confirming that the authentication is failed.
  3. 3. The method according to claim 1, wherein the method further comprises: after sending the authentication request information to any equipment controller, starting a first timer for the current equipment controller; And executing the process of identity authentication in response to receiving the corresponding authentication response information before the first timer times out, and confirming authentication failure in response to not receiving the corresponding authentication response information after the first timer times out.
  4. 4. The method of claim 2, wherein if authentication fails, the method further comprises: updating the corresponding authentication failure times aiming at the equipment controller which fails in the authentication; And re-sending authentication request information to the equipment controller in response to the authentication failure times not reaching a first threshold value, and stopping the authentication attempt of the equipment controller in response to the authentication failure times reaching the first threshold value.
  5. 5. The method of claim 4, wherein ceasing the authentication attempt for the device controller in response to the number of authentication failures reaching the first threshold comprises: responding to authentication failure caused by inconsistent ciphertext comparison of the current equipment controller, and restarting an authentication flow aiming at the current equipment controller based on a standby encryption algorithm when the authentication failure times reach the first threshold value; and responding to authentication failure caused by inconsistent ciphertext comparison of the current equipment controller, and stopping authentication attempt of the equipment controller when the authentication failure times reach the first threshold value.
  6. 6. The method of claim 5, wherein the reinitiating the authentication procedure for the current device controller based on the backup encryption algorithm comprises: if the authentication using the spare encryption algorithm is successful, the device controller is marked as a trusted controller, and the function authority of the device controller is set to be a configuration level associated with the spare encryption algorithm.
  7. 7. A vehicle controller authentication method, characterized in that the method is applied to a device controller, comprising: In response to authentication request information sent by the central domain controller, randomly generating authentication data; Processing the authentication data based on a pre-stored first encryption algorithm to obtain a first ciphertext; constructing authentication response information based on the identity of the user, the authentication data and the first ciphertext; And sending the authentication response information to the central domain controller so that the central domain controller executes the authentication process based on the authentication data and the first ciphertext.
  8. 8. A vehicle controller authentication device, the device deployed at a central domain controller, comprising: The sending module is used for smoothly and orderly sending authentication request information to the equipment controller according to a preset vehicle configuration table; The authentication module is used for responding to authentication response information returned by any equipment controller and carrying out identity authentication on the current equipment controller, wherein the authentication response information comprises an identity identifier of the equipment controller, authentication data and a first ciphertext, and the first ciphertext is generated by the equipment controller based on the authentication data and a first encryption algorithm; And the control module is used for marking the current equipment controller as a trusted controller if the identity authentication is successful and broadcasting the trusted state of the current equipment controller.
  9. 9. A vehicle controller authentication apparatus, the apparatus being deployed at a device controller, comprising: The processing module is used for responding to the authentication request information sent by the central domain controller and randomly generating authentication data; the encryption module is used for processing the authentication data based on a pre-stored first encryption algorithm to obtain a first ciphertext; the processing module is used for constructing authentication response information based on the identity of the processing module, the authentication data and the first ciphertext; and the sending module is used for sending the authentication response information to the central domain controller so that the central domain controller can execute the authentication process based on the authentication data and the first ciphertext.
  10. 10. An electronic device comprising a memory for storing computer program instructions and a processor for executing the program instructions, wherein the computer program instructions, when executed by the processor, cause the electronic device to perform the method of any one of claims 1 to 7.

Description

Vehicle controller authentication method and device and electronic equipment Technical Field The application relates to the field of vehicle control, in particular to a vehicle controller authentication method, a device and electronic equipment. Background As automotive electronics architecture evolves from traditional distributed to domain centralization, a central domain controller serves as a gateway core of the whole vehicle network, and information security is vital. In the prior art, each executor actively initiates an identity authentication handshake to the central domain controller when starting, although safe access can be realized, the concurrent overload of the instant power-on request can be caused, and each slave node needs to independently realize a complex reconnection and state synchronization mechanism, thereby increasing the complexity of the system and the resource expense. Disclosure of Invention In view of the above, the present application provides a vehicle controller authentication method, device and electronic device, so as to solve the problems of complex flow, easy overload and high resource overhead in the prior art. In a first aspect, an embodiment of the present application provides a vehicle controller authentication method, including: based on a pre-stored vehicle configuration table, smoothly and sequentially sending authentication request information to the equipment controller according to a preset; the authentication response information comprises an identity identifier of the equipment controller, authentication data and a first ciphertext, wherein the first ciphertext is generated by the equipment controller based on the authentication data and a first encryption algorithm; If the identity authentication is successful, the current equipment controller is marked as a trusted controller, and the trusted state of the current equipment controller is broadcasted. In an alternative embodiment, the authenticating the current device controller includes: Determining a second encryption algorithm for authentication based on the identity of the device controller; Calculating the authentication data according to the second encryption algorithm to generate a second ciphertext; Comparing the first ciphertext with the second ciphertext, if the first ciphertext is consistent with the second ciphertext, confirming that the authentication is successful, otherwise, confirming that the authentication is failed. In an alternative embodiment, the method further comprises: after sending the authentication request information to any equipment controller, starting a first timer for the current equipment controller; And executing the process of identity authentication in response to receiving the corresponding authentication response information before the first timer times out, and confirming authentication failure in response to not receiving the corresponding authentication response information after the first timer times out. In an alternative embodiment, if the authentication fails, the method further includes: updating the corresponding authentication failure times aiming at the equipment controller which fails in the authentication; And re-sending authentication request information to the equipment controller in response to the authentication failure times not reaching a first threshold value, and stopping the authentication attempt of the equipment controller in response to the authentication failure times reaching the first threshold value. In an alternative embodiment, responsive to the number of authentication failures reaching the first threshold, stopping an authentication attempt to the device controller, comprising: responding to authentication failure caused by inconsistent ciphertext comparison of the current equipment controller, and restarting an authentication flow aiming at the current equipment controller based on a standby encryption algorithm when the authentication failure times reach the first threshold value; and responding to authentication failure caused by inconsistent ciphertext comparison of the current equipment controller, and stopping authentication attempt of the equipment controller when the authentication failure times reach the first threshold value. In an alternative embodiment, the reinitializing the authentication process for the current device controller based on the spare encryption algorithm includes: if the authentication using the spare encryption algorithm is successful, the device controller is marked as a trusted controller, and the function authority of the device controller is set to be a configuration level associated with the spare encryption algorithm. In a second aspect, an embodiment of the present application provides a vehicle controller authentication method, where the method is applied to a device controller, and includes: In response to authentication request information sent by the central domain controller, randomly generating auth