%0 Journal Article
%T 车载控制器局域网络总线的 动态口令身份认证方法<br>A Method for Identifying Authentication of Dynamic Passwords for In？？Vehicle Controller Area Network Buses
%A 吴尚则
%A 秦贵和
%A 刘毅
%A 郭森
%A 戚琦
%A 刘恬佳
%J 西安交通大学学报
%D 2017
%R 10.7652/xjtuxb201706016
%X 针对车载控制器局域网络(CAN)总线存在缺陷、严重威胁车载信息安全的问题,提出了一种基于挑战/应答模式的车载CAN总线动态口令身份认证方法。该方法考虑到CAN总线是使用极为广泛的标准车载总线及广播形式发送消息的特点,通过利用身份认证技术来确认消息的身份,保证了总线上消息传输的可信任性;根据对身份认证实现模式的研究,采用基于挑战/应答模式的动态认证方法,由于每次认证的挑战值都是随机的,因此每次生成的口令都是不同的;在每次通信时,所使用的认证码都是根据口令生成的,并通过哈希函数生成下次使用的口令。实验结果表明,与传统的CAN总线的方法相比,使用该方法后可以在保证CAN总线真实性的同时,保证传输消息的完整性,从而大幅度提高了车载信息安全级别。<br>A method for identifying authentication of dynamic passwords for in？？vehicle controller area network (CAN) buses is proposed based on the challenge/response mode to deal with the problem that in？？vehicle CAN buses are defective, which poses a serious threat to the in？？vehicle information security. The method makes use of the peculiarity that the in？？vehicle CAN buses are the widely used standard vehicle bus and broadcast messages, and uses the identity authentication technique to confirm the identity of a message, thus ensures the trustworthiness of the message transmission. According to the research on the implementation patterns of identity authentication, the dynamic authentication method is employed. Since the challenge value of every authentication is random, each generated password is different. The authentication code used in each communication is generated based on a password, and the hash function is used to generate a new password for next use. Experiments and a comparison with the traditional CAN show that the proposed method ensures both the integrity of the messages and the authenticity of the CAN bus. Hence, the degree of security of vehicle information is substantially raised through using the proposed method
%K 车载信息安全
%K 车载控制器局域网络总线
%K 身份认证&lt
%K br&gt
%K in？？vehicle information security
%K controller area network bus
%K identity authentication
%U http://zkxb.xjtu.edu.cn/oa/DArticle.aspx?type=view&id=201706016