摘要
针对智能网联时代控制器局域网络(CAN)总线传输轻量化安全加密的需求,提出了一种响应快、安全性高的CAN总线数据加密方法,针对64位CAN报文周期性发送特点,设计与报文传输周期耦合的在线离线分组加密方案,离线段利用高级加密标准生成动态会话密钥,在线段则利用动态会话密钥快速响应报文的分组加解密请求。通过离线段的预加密计算大幅降低在线计算时延,实现低时延、轻量化;同时,基于CAN各车载单元属性,利用基于密文策略的属性加密方法对CAN报文的分组密码进行加密、分发,通过数据发送单元制定的访问控制策略确保仅目标单元可解密分组密码,实现针对性加密。
In the intelligent connected age, CAN bus transmission faces the urgent demand of light weighted security encryption. Based on this, a fast response and high security CAN bus data encryption method was proposed. Since the 64 bit CAN packets were sent periodically, an online-offline block encryption algorithm coupled with message transmission cycle was proposed. In offline phase, the dynamic session key was generated by using advanced encryption standard. In online phase, the dynamic session key was used to quickly respond to encryption and decryption requests. The online computation delay was greatly reduced by the pre-encryption computation in offline phase, which helped achieving low latency and lightweight computation. At the same time,the ciphertext policy attribute based encryption was used to encrypt the block cipher. The access control policy made by the data sending OBU ensures that only the target OBU can decrypt the block cipher, so as to achieve targeted encryption.
作者
秦武韬
王鹏
李玉峰
QIN Wutao;WANG Peng;LI Yufeng(Purple Mountain Laboratories,Nanjing 211111,China;School of Computer Engineering and Science,Shanghai University,Shanghai 200444,China)
出处
《通信学报》
EI
CSCD
北大核心
2023年第1期29-38,共10页
Journal on Communications
基金
国家自然科学基金资助项目(No.61702547)
河南省重大科技专项资金资助项目(No.221100240100)。
关键词
CAN总线
在线离线
分组加密
低时延加密
网联汽车
CAN bus
online-offline
block encryption
low latency encryption
connected vehicle
