The GB/T 27930-2015 protocol is the communication protocol between the non-vehicle-mounted charger and the battery management system (BMS) stipulated by the state. However, as the protocol adopts the way of broadcast ...The GB/T 27930-2015 protocol is the communication protocol between the non-vehicle-mounted charger and the battery management system (BMS) stipulated by the state. However, as the protocol adopts the way of broadcast communication and plaintext to transmit data, the data frame does not contain the source address and the destination address, making the Electric Vehicle (EV) vulnerable to replay attack in the charging process. In order to verify the security problems of the protocol, this paper uses 27,655 message data in the complete charging process provided by Shanghai Thaisen electric company, and analyzes these actual data frames one by one with the program written by C++. In order to enhance the security of the protocol, Rivest-Shamir-Adleman (RSA) digital signature and adding random numbers are proposed to resist replay attack. Under the experimental environment of Eclipse, the normal charging of electric vehicles, RSA digital signature and random number defense are simulated. Experimental results show that RSA digital signature cannot resist replay attack, and adding random numbers can effectively enhance the ability of EV to resist replay attack during charging.展开更多
Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the...Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the authentication and confidentiality, it leaves a lot of vulnerabilities and threats. This paper proposes a protocol called SPRNG for wireless data-link layer security. SPRNG is based on the sender and receiver who generate in a synchronized way a pseudo-random number sequence. In each transmission, the sender and receiver use a pair of random numbers, one for data frame authentication, and the other for encryption key. The random numbers are used as 'one-time passwords' for sender authentication and as fresh encryption keys for each frame. SPRNG is designed to be compatible with the existing 802.11 products. Like WEP, the current 802.11 security protocol, SPRNG uses a symmetric key as its seed. SPRNG has already been simulated and tested in experiment, it shows that SPRNG has stronger Security than WEP because it reveals little information for attackers. The key problem of SPRNG, synchronization loss problem, is also presented. Though motivated by wireless security, SPRNG is generic for many other applications, especially in the point to point communication.展开更多
文摘The GB/T 27930-2015 protocol is the communication protocol between the non-vehicle-mounted charger and the battery management system (BMS) stipulated by the state. However, as the protocol adopts the way of broadcast communication and plaintext to transmit data, the data frame does not contain the source address and the destination address, making the Electric Vehicle (EV) vulnerable to replay attack in the charging process. In order to verify the security problems of the protocol, this paper uses 27,655 message data in the complete charging process provided by Shanghai Thaisen electric company, and analyzes these actual data frames one by one with the program written by C++. In order to enhance the security of the protocol, Rivest-Shamir-Adleman (RSA) digital signature and adding random numbers are proposed to resist replay attack. Under the experimental environment of Eclipse, the normal charging of electric vehicles, RSA digital signature and random number defense are simulated. Experimental results show that RSA digital signature cannot resist replay attack, and adding random numbers can effectively enhance the ability of EV to resist replay attack during charging.
文摘Wireless transmission is becoming increasing ubiquitous, but there is a big black hole in the security of this kind of network. Although IEEE 802.11 provides an optional Wired Equivalent Privacy (WEP) to implement the authentication and confidentiality, it leaves a lot of vulnerabilities and threats. This paper proposes a protocol called SPRNG for wireless data-link layer security. SPRNG is based on the sender and receiver who generate in a synchronized way a pseudo-random number sequence. In each transmission, the sender and receiver use a pair of random numbers, one for data frame authentication, and the other for encryption key. The random numbers are used as 'one-time passwords' for sender authentication and as fresh encryption keys for each frame. SPRNG is designed to be compatible with the existing 802.11 products. Like WEP, the current 802.11 security protocol, SPRNG uses a symmetric key as its seed. SPRNG has already been simulated and tested in experiment, it shows that SPRNG has stronger Security than WEP because it reveals little information for attackers. The key problem of SPRNG, synchronization loss problem, is also presented. Though motivated by wireless security, SPRNG is generic for many other applications, especially in the point to point communication.