Search

WO-2026090927-A1 - AUTHENTICATION METHOD, APPARATUS AND SYSTEM

WO2026090927A1WO 2026090927 A1WO2026090927 A1WO 2026090927A1WO-2026090927-A1

Abstract

An authentication method, an apparatus and a system. The method comprises: a diagnostic node sending authentication request information to a server, the authentication request information comprising a first identifier of the diagnostic node and information to be signed; the server determining, on the basis of the first identifier, a first sub-private key corresponding to the diagnostic node, and signing, on the basis of the first sub-private key, the information to be signed to obtain a first sub-signature; the server sending the first sub-signature to the diagnostic node, and the diagnostic node using a second sub-private key to sign the first sub-signature so as to obtain a first signature, the first signature being used for checking the diagnostic node; and the diagnostic node sending the first signature and the first identifier to a vehicle to be diagnosed, wherein the first sub-private key and the second sub-private key are both private key components of the diagnostic node.

Inventors

  • PENG, Jianfen
  • AN, Zongqiang

Assignees

  • 深圳引望智能技术有限公司

Dates

Publication Date
20260507
Application Date
20241030

Claims (20)

  1. An authentication method, characterized in that it includes: Receive authentication request information, the authentication request information including a first identifier of a first diagnostic node, the first diagnostic node being used to diagnose the vehicle to be diagnosed; Obtain first information to be signed, which is used by the vehicle to be diagnosed to verify the first diagnostic node. Determine the first sub-private key corresponding to the first diagnostic node based on the first identifier; The first sub-signature is obtained by signing the first information to be signed using the first sub-private key. The first sub-signature is used to generate the first signature. The first signature is used to verify the legitimacy of the first diagnostic node for the vehicle to be diagnosed. Send the first sub-signature to the first diagnostic node.
  2. The method according to claim 1, wherein the step of signing the first information to be signed based on the first sub-private key to obtain the first sub-signature includes: When the legitimacy verification of the first diagnostic node is passed, the first information to be signed is signed to obtain the first sub-signature.
  3. The method according to claim 2, characterized in that the method further comprises: Receive the third identifier of the vehicle to be diagnosed; Receive the second identifier of the first diagnostic node; The legitimacy of the first diagnostic node is verified based on the second identifier and the third identifier.
  4. The method according to claim 3, characterized in that the method further comprises: The validity verification of the first diagnostic node is deemed successful when the following conditions are met based on the second identifier and the third identifier: The vehicle to be diagnosed is powered on. The second identifier and the third identifier are bound together; The number of times the communication address corresponding to the second identifier changes within the first time period does not exceed the first threshold; and The number of times the authentication request information corresponding to the second identifier was received within the second time period did not exceed the second threshold.
  5. The method according to any one of claims 1 to 4, characterized in that the first identifier includes the first certificate of the first diagnostic node, and before receiving the authentication request information, the method further includes: Generate the first sub-private key; A first sub-public key is generated based on the first sub-private key, and the first sub-public key is used to obtain the first certificate; Send the first sub-public key to the first diagnostic node.
  6. The method according to claim 5, characterized in that the method further comprises: Store the association between the first sub-private key and the first diagnostic node.
  7. The method according to any one of claims 1 to 6, characterized in that the first sub-signature comprises a first part, a second part, and a third part, and the step of signing the first information to be signed according to the first sub-private key to obtain the first sub-signature comprises: Generate a first random number, and calculate a first value based on the base point and the first random number; Generate a second random number, and determine the first part based on the second random number and the first value; The second part is determined based on the first sub-private key and the first part; The third part is determined based on the first sub-private key and the first value.
  8. The method according to claim 7, characterized in that the method further comprises: Receive a second value from the first diagnostic node, the second value being generated based on the base point; Determining the first part based on the second random number and the first value includes: The first part is determined based on the first value, the second value, and the second random number.
  9. An authentication method, characterized in that it is applied to a first diagnostic node, the method comprising: Send authentication request information to the first server, the authentication request information including the first identifier of the first diagnostic node; Receive a first sub-signature from the first server. The first sub-signature is obtained by signing the first information to be signed. The first information to be signed is used to verify the first diagnostic node for the vehicle to be diagnosed. The first information to be signed is signed using the second sub-private key to obtain the first signature, which is used to verify the first diagnostic node. Send the first signature and the first identifier to the vehicle to be diagnosed.
  10. The method according to claim 9, characterized in that the method further comprises: Receive the first signature information from the vehicle to be diagnosed.
  11. The method according to claim 9, characterized in that the method further comprises: Generate raw data; The raw data is hashed to obtain the first information to be signed.
  12. The method according to any one of claims 9 to 11, characterized in that the first sub-signature comprises a first part, a second part, and a third part, and the step of signing the first information to be signed using a second sub-private key to obtain a first signature comprises: The first signature is obtained based on the second sub-private key, the first part, the second part, and the third part.
  13. The method according to claim 12, characterized in that the method further comprises: Generate a third random number, and generate a second value based on the third random number and the base point; The second value is sent to the first server, and the second value is used to generate the first part.
  14. The method according to any one of claims 9 to 13, characterized in that the first identifier includes the first certificate of the first diagnostic node, and the method further includes: Generate the second sub-private key; Receive the first sub-public key from the first server; Generate a first public key based on the second private key and the first public key; Obtain the first certificate based on the first public key.
  15. An authentication device, characterized in that it comprises: The transceiver unit is used to receive authentication request information, which includes a first identifier of a first diagnostic node, the first diagnostic node being used to diagnose the vehicle to be diagnosed. The transceiver unit is further configured to: obtain first information to be signed, the first information to be signed being used by the vehicle to be diagnosed to verify the first diagnostic node; The processing unit is configured to determine a first sub-private key corresponding to the first diagnostic node based on the first identifier; The processing unit is further configured to: sign the first information to be signed according to the first sub-private key to obtain a first sub-signature, the first sub-signature is used to generate a first signature, and the first signature is used by the vehicle to be diagnosed to verify the legality of the first diagnostic node; The transceiver unit is also used to: send the first sub-signature to the first diagnostic node.
  16. The apparatus according to claim 15, wherein the processing unit is configured to: When the legitimacy verification of the first diagnostic node is passed, the first information to be signed is signed to obtain the first sub-signature.
  17. The apparatus according to claim 16, wherein the transceiver unit is further configured to: Receive the third identifier of the vehicle to be diagnosed; Receive the second identifier of the first diagnostic node; The processing unit is further configured to: perform legality verification on the first diagnostic node based on the second identifier and the third identifier.
  18. The apparatus according to claim 17, wherein the processing unit is further configured to: The validity verification of the first diagnostic node is deemed successful when the following conditions are met based on the second identifier and the third identifier: The vehicle to be diagnosed is powered on. The second identifier and the third identifier are bound together; The number of times the communication address corresponding to the second identifier changes within the first time period does not exceed the first threshold; and The number of times the authentication request information corresponding to the second identifier was received within the second time period did not exceed the second threshold.
  19. The apparatus according to any one of claims 15 to 18, characterized in that the first identifier includes the first certificate of the first diagnostic node, and before the transceiver unit receives the authentication request information, the processing unit is further configured to: Generate the first sub-private key; A first sub-public key is generated based on the first sub-private key, and the first sub-public key is used to obtain the first certificate; The transceiver unit is also used to: send the first sub-public key to the first diagnostic node.
  20. The apparatus according to claim 19, wherein the processing unit is further configured to: Store the association between the first sub-private key and the first diagnostic node.

Description

Authentication methods, devices and systems Technical Field This application relates to the field of vehicle diagnostic technology, and more specifically, to an authentication method, apparatus, and system. Background Technology On-board diagnostics (OBD) is an online diagnostic system used in vehicles to monitor vehicle status and control emissions. An OBD system can include a diagnostic node and a diagnostic agent module within the vehicle. The diagnostic agent module receives diagnostic commands from the diagnostic node through a diagnostic interface. These commands are used to diagnose the target electronic control unit (ECU). Upon receiving a diagnostic command, the diagnostic agent module performs a diagnostic test on the target ECU according to the command. To avoid exposing vehicle information or introducing attacks through the diagnostic node, the vehicle needs to authenticate and authorize the diagnostic node before performing diagnostics. When diagnostics are required through the diagnostic node, the diagnostic agent node typically needs to perform OBD access authentication based on the diagnostic node's digital signature. After successful OBD access authentication, the diagnostic node can perform diagnostics other than those related to security access (0x27) services (hereinafter referred to as 27 services). When performing 27 service-related diagnostics, the diagnostic agent node needs to further authenticate the diagnostic node. However, under the current technological background, the private key used for the digital signature of the diagnostic node is easily leaked, making the diagnostic node vulnerable to being impersonated or simulated by attackers. Furthermore, impersonated or simulated diagnostic nodes are not easily detected by the diagnostic agent node, allowing attackers to obtain vehicle information through OBD access authentication. Therefore, a certification scheme for diagnostic nodes that can improve vehicle safety is urgently needed. Summary of the Invention This application provides an authentication method, apparatus, and system that helps improve the reliability of access authentication results when performing access authentication on diagnostic nodes of connected vehicles, thereby improving vehicle security and reducing the probability of vehicle information leakage. Firstly, an authentication method is provided that can be executed by a server, for example, by the server's processor, chip, or circuitry. The method includes: receiving authentication request information, the authentication request information including a first identifier of a first diagnostic node, the first diagnostic node being used to diagnose a vehicle to be diagnosed; obtaining first signature information, the first signature information being used by the vehicle to be diagnosed to verify the first diagnostic node; determining a first sub-private key corresponding to the first diagnostic node based on the first identifier; signing the first signature information based on the first sub-private key to obtain a first sub-signature, the first sub-signature being used to generate a first signature, the first signature being used by the vehicle to be diagnosed to verify the legitimacy of the first diagnostic node; and sending the first sub-signature to the first diagnostic node. In some implementations, the first information to be signed is random. For example, the first information to be signed can be randomly generated raw data (such as a string), or the first information to be signed can be a hash value (or hash value) obtained by hashing the randomly generated raw data. In some implementations, obtaining the first information to be signed includes receiving the first information to be signed from the first diagnostic node. In some implementations, obtaining the first information to be signed includes generating the first information to be signed. In this implementation, the method further includes sending the first information to be signed to the vehicle to be diagnosed; and/or sending the first information to be signed to a first diagnostic node. In the above technical solution, the server generates a portion of the signature used to verify the first diagnostic node, while the remaining portion of the signature is generated by other entities. Thus, when an attacker wants to impersonate the first diagnostic node, they need to compromise at least two entities, including the server, simultaneously. This increases the difficulty of the attack and improves the reliability of the authentication results of the vehicle under diagnosis accessing the first diagnostic node, thereby enhancing the security of the vehicle under diagnosis and reducing the risk of information leakage. In conjunction with the first aspect, in some implementations of the first aspect, the first sub-signature is obtained by signing the first information to be signed based on the first sub-private key, including: when the legitimacy verificat