Summary of the invention
The present invention provides a kind of sharing method of vehicle number key and system, mobile terminal with overcome the above problem orPerson at least is partially solved the above problem.
According to an aspect of the invention, there is provided a kind of sharing method of vehicle number key, comprising:
A kind of sharing method of vehicle number key, the first movement terminal of the car owner user applied to any vehicle, instituteThe method of stating includes:
The identity information by means of automobile-used family of its vehicle of the borrow of car owner user's input is received in the first movement terminalAfterwards, the identity information is based on using preset algorithm generate the first verification information;
The vehicle for carrying first verification information to cloud transmission lends request, is based on the vehicle by the cloudIt lends after request analysis goes out first verification information and is verified, and after first verification information is verified, generateThe digital key for the vehicle that can be obtained automatically by second mobile terminal by means of automobile-used family.
Optionally, the vehicle for carrying first verification information to cloud transmission lends request, by the cloudIt is lent after request analysis goes out first verification information and is verified based on the vehicle, comprising:
The vehicle for carrying first verification information to cloud transmission lends request, is based on the vehicle by the cloudIt lends after request analysis goes out first verification information and obtains the identity information for borrowing automobile-used family, and be based on the identity informationGenerate the second verification information with the preset algorithm, judge first verification information and second verification information whether oneIt causes.
It is optionally, described to be based on the identity information the first verification information of generation using preset algorithm, comprising:
The identity information, which is based on, using preset algorithm generates the first verification information by key of owner identity key.
Optionally, the identity information by means of automobile-used family includes: the user information by means of automobile-used family and/or to the vehicleAccess right information.
According to another aspect of the present invention, a kind of sharing method of vehicle number key is additionally provided, is applied to borrowThe second mobile terminal by means of automobile-used family of any vehicle, which comprises
Receive cloud transmission is directed to the corresponding digital key by means of the borrowed vehicle in automobile-used family of current second mobile terminal;Wherein, the vehicle that the digital key is sent by the car owner user that the cloud receives the vehicle based on its first movement terminalIt is generated after lending request;
Wireless pairing is carried out with the vehicle to establish wireless communication connection;
The digital key is sent to the vehicle based on wireless communication connection, by the vehicle to the digital keySpoon is verified;
After the digital key authentication passes through, conversate key agreement with the vehicle, generate with the vehicle intoSession key when row encryption session;
It is sent to the vehicle and is based on the encrypted control instruction of the session key, the control is referred to by the vehicleOrder executes corresponding movement after being decrypted.
It is optionally, described to carry out wireless pairing with the vehicle to establish after wireless communication connection, further includes:
It carries out feature with the vehicle to exchange, and the spy of the characteristic information based on second mobile terminal and the vehicleReference breath carries out bidirectional identity authentication with the vehicle.
Optionally, described after the digital key authentication passes through, it conversates before key agreement with the vehicle, alsoIt include: to generate authentication key in the same manner with the vehicle;
The key agreement that conversates with the vehicle, generates session when carrying out encryption session with the vehicleKey, comprising:
It conversates key agreement with the vehicle, is generated based on the authentication key and carry out encryption session with the vehicleWhen session key.
According to another aspect of the present invention, a kind of mobile terminal is additionally provided, the mobile terminal is the vehicle of any vehicleThe first movement terminal of primary user, the first movement terminal include:
Generation module, be configured to the first movement terminal receive car owner user input borrow its vehicle borrow vehicleAfter the identity information of user, the identity information is based on using preset algorithm and generates the first verification information;
Request sending module, the vehicle for being configured to carry first verification information to cloud transmission lend request, byThe cloud is lent after request analysis goes out first verification information based on the vehicle and is verified, and in first verifyingAfter Information Authentication passes through, the digital key for the vehicle that can be obtained automatically by second mobile terminal by means of automobile-used family is generatedSpoon.
Optionally, the request sending module is additionally configured to, and the vehicle for carrying first verification information is sent to cloudRequest is lent, is based on the vehicle by the cloud and lends request analysis and go out after first verification information to obtain described to borrow vehicleThe identity information of user, and the second verification information is generated with the preset algorithm based on the identity information, judge described firstWhether verification information and second verification information are consistent.
Optionally, the generation module is additionally configured to, and it is close with owner identity to be based on the identity information using preset algorithmKey is that key generates the first verification information.
Optionally, the identity information by means of automobile-used family includes: the user information by means of automobile-used family and/or to the vehicleAccess right information.
According to another aspect of the present invention, a kind of mobile terminal is additionally provided, the mobile terminal is to borrow any vehicleThe second mobile terminal by means of automobile-used family, second mobile terminal includes:
Receiving module is configured to receive being borrowed for current second mobile terminal is corresponding by means of automobile-used family for cloud transmissionThe digital key of vehicle;Wherein, the digital key by the car owner user that the cloud receives the vehicle be based on its firstThe vehicle that mobile terminal is sent generates after lending request;
Connection establishment module is configured to carry out wireless pairing with the vehicle to establish wireless communication connection;
Authentication module is configured to the wireless communication connection to the vehicle and sends the digital key, by describedVehicle verifies the digital key;
Session key agreement module is configured to after the digital key authentication passes through, understood with the vehicleKey agreement is talked about, session key when carrying out encryption session with the vehicle is generated;
Control module is configured to send to the vehicle based on the encrypted control instruction of the session key, by describedVehicle executes corresponding movement after the control instruction is decrypted.
Optionally, the authentication module is additionally configured to, and is sent based on wireless communication connection to the vehicle describedThe number key carries out feature with the vehicle and exchanges, and base before being verified by the vehicle to the digital keyBidirectional identity authentication is carried out in the characteristic information of second mobile terminal and the characteristic information of the vehicle and the vehicle.
Optionally, the authentication module is additionally configured to, and after the digital key authentication passes through, is understood with the vehicleBefore talking about key agreement, authentication key is generated in the same manner with the vehicle;
The session key agreement module is additionally configured to the key agreement that conversates with the vehicle, is based on the certificationKey generates session key when carrying out encryption session with the vehicle.
According to another aspect of the present invention, a kind of share system of vehicle number key is additionally provided, comprising:
First movement terminal described above, the second mobile terminal, with the first movement terminal and the second mobile terminalIt wirelessly communicates the cloud of connection and is controlled by the vehicle of the first movement terminal and/or the second mobile terminal.
In the sharing method scheme of vehicle number key provided by the invention, when borrowing automobile-used family to need to control vehicle,First the identity information for borrowing automobile-used family and the first verification information generated based on the identity information can be uploaded to by car owner userCloud is carried out generating the digital key for borrowing the vehicle user's control vehicle after further verifying by cloud, and then by borrowing automobile-used family to lead toIt crosses the second mobile terminal and wireless control is carried out to vehicle.Based on the sharing method of vehicle number key provided by the invention, cloudNeed to car owner user carry out authentication after can just generate by means of automobile-used family the second mobile terminal can wireless controlled vehicle numberKey, to guarantee the safety of digital key.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention,And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects of the present invention, feature and advantage canIt is clearer and more comprehensible, the followings are specific embodiments of the present invention.
According to the following detailed description of specific embodiments of the present invention in conjunction with the accompanying drawings, those skilled in the art will be brighterThe above and other objects, advantages and features of the present invention.
Specific embodiment
The exemplary embodiment that the present invention will be described in more detail below with reference to accompanying drawings.Although showing the present invention in attached drawingExemplary embodiment, it being understood, however, that may be realized in various forms the present invention without should be by embodiments set forth hereIt is limited.It is to be able to thoroughly understand the present invention on the contrary, providing these embodiments, and can be by the scope of the present inventionIt is fully disclosed to those skilled in the art.
The embodiment of the invention provides a kind of sharing methods of vehicle number key, the car owner user applied to any vehicleFirst movement terminal, as shown in Figure 1, the sharing method of vehicle number key provided in an embodiment of the present invention may include:
Step S102 receives the identity by means of automobile-used family of its vehicle of the borrow of car owner user's input in first movement terminalAfter information, the identity information is based on using preset algorithm and generates the first verification information.
Optionally, the identity information by means of automobile-used family may include: the user information by means of automobile-used family and/or borrow automobile-used family to vehicleAccess right information.Wherein, the user information by means of automobile-used family can be the phone number by means of automobile-used family;Use to vehicleAuthority information may include such as by means of the relationship at automobile-used family and car owner user, such as kith and kin's identity, temporary identity, and examination multiplies examinationIt drives, lease type etc., the entry-into-force time and end time of digital key, access times etc..
Above-mentioned steps S102 refers to that first movement terminal receives the identity information by means of automobile-used family of car owner user's inputAfterwards, it can use preset algorithm identity-based information and generate the first verification information.It is possible to further be based on using preset algorithmThe identity information generates the first verification information by key of owner identity key;The preset algorithm can be HMAC (HashMessage Authentication Code, hash message authentication code) algorithm.Wherein, cloud is TSP (TelematicsService Provider, Content Service Provider), it is possible to provide the information such as production text, image, audio, video or multimedia.
Step S104, the vehicle for carrying first verification information to cloud transmission lend request, are based on institute by cloudIt states vehicle and lends after request analysis goes out the first verification information and verified, and after first verification information is verified, it is rawAt the digital key for the vehicle that can be obtained automatically by second mobile terminal by means of automobile-used family.
After first movement terminal generates the first verification information, the vehicle for carrying the first verification information can be sent to cloudLend request.It, can be first to wherein carrying after cloud receives the vehicle lending request of first movement terminal transmission in the present embodimentThe first verification information verified, specifically, vehicle can be based on by cloud and is lent after request analysis goes out the first verification informationThe identity information for borrowing automobile-used family is obtained, and the second verification information is generated with the preset algorithm based on above-mentioned identity information, in turnIt is whether consistent with the second verification information to judge the first verification information, if the two is consistent, illustrates to be verified.
It introduces above, first movement terminal can use preset algorithm based on the identity information and be with owner identity keyKey generates the first verification information.Cloud equally can use same preset algorithm and borrow automobile-used family with the owner identity key pairIdentity information carry out encryption generate the second verification information, to be verified to the first verification information, so realize to car owner useThe authentication at family.
Further, after the authentication to car owner user passes through, that is, producing can be by described by means of the of automobile-used familyThe digital key for the vehicle that two mobile terminals obtain automatically, should when borrowing automobile-used family to need to control by its second mobile terminalWhen vehicle, the vehicle can be obtained from cloud automatically after user's login by the application program being set in the second mobile terminalDigital key.The key information that the number key is included can by key ID (key number), digital key validity period, makeWith relevant informations such as numbers, which is not limited by the present invention.
The sharing method of vehicle number key provided in an embodiment of the present invention can when borrowing automobile-used family to need to control vehicleThe first movement terminal for first passing through car owner user will be sent to based on the first verification information for borrowing the identity information at automobile-used family to generateCloud generate after further verifying by cloud and borrows automobile-used family the retrievable digital key for controlling the vehicle, and then by borrowingAutomobile-used family carries out wireless control to vehicle by the second mobile terminal.Vehicle number key based on the embodiment of the present inventionSharing method, the second mobile terminal that cloud need to carry out car owner user can just generate after authentication by means of automobile-used family can wireless controlledThe digital key of vehicle processed, to guarantee the safety of digital key.
After request is lent based on the vehicle that first movement terminal is sent in cloud generates digital key, borrow automobile-used family canTo obtain the number key from cloud by the second mobile terminal, digital key is based on by the second mobile terminal, nothing is carried out to vehicleLine traffic control.Conceived based on same one side, the present invention is implemented
Example additionally provides a kind of sharing method of vehicle number key, applied to borrow automobile-used family for borrowing any vehicleTwo mobile terminals, referring to fig. 2 it is found that this method comprises:
Step S201, receive that cloud sends is corresponding by means of the borrowed vehicle in automobile-used family for current second mobile terminalDigital key;Wherein, the digital key is based on its first movement end by the car owner user that the cloud receives the vehicleThe vehicle that end is sent generates after lending request.
Step S202 carries out wireless pairing with vehicle to establish wireless communication connection.
Wireless communication connection need to be first established when user needs and controls vehicle by the second mobile terminal, it is alternatively possible toBluetooth matching is carried out between the second mobile terminal and vehicle to establish bluetooth connection.In addition, in the second mobile terminal and vehicleBetween establish and be wirelessly connected after, in preset time period (such as 2s), the second mobile terminal can be passed through after wireless communication connection is establishedAuthentication information is sent to vehicle, after being verified by vehicle to above-mentioned authentication information, completes the nothing of vehicle and the second mobile terminalLines matching.That is, by sending authentication information to vehicle using the second mobile terminal to determine the second mobile terminal and vehicleNo lines matching is completed, and then has ensured that subsequent cipher key transmitting process can be gone on smoothly.Wherein, authentication information can beThe character string generated by Bluetooth broadcast and communication key by secure hash algorithm or the certification letter generated using other modesBreath, the second mobile terminal can be such as mobile phone, tablet computer terminal, and the present invention is without limitation.
In an alternate embodiment of the present invention, after above-mentioned steps S202, the second mobile terminal can also be with the vehicleFeature exchange is carried out, and the characteristic information of the characteristic information based on the second mobile terminal and vehicle and the vehicle carry out two-way bodyPart certification.Further, the second mobile terminal can send mutually respective characteristic information based on wireless communication connection and vehicle,The two-way of characteristic information the second mobile terminal of completion and vehicle being respectively received is based respectively on by the second mobile terminal and vehicleAuthentication.
In the present embodiment, respective characteristic information sent between the second mobile terminal and vehicle be mutually in order to both sides intoThe verifying of row identity.Optionally, it when the second mobile terminal and vehicle send mutually respective characteristic information, can specifically include:By the second mobile terminal by the fisrt feature information of the second mobile terminal encrypted in a manner of predetermined encryption and digital keyKey information be based on the wireless communication connect be sent to vehicle.Meanwhile it will be added in a manner of above-mentioned predetermined encryption by vehicleThe second feature information of vehicle after close is based on wireless communication connection and is sent to the second mobile terminal.In practical application, whenWhen user needs to control vehicle by the second mobile terminal, need first to the digital key of cloud request vehicle.It sends beyond the cloudsIt may include many information, such as the abstract relevant information of key ID (i.e. key number), digital key in digital key.When the second mobile terminal sends fisrt feature information to vehicle, the key number of digital key can be sent to vehicle simultaneously.
Optionally, fisrt feature information is the first unique ID of the second mobile terminal, such as mobile phone hardware unique identificationOr other unique IDs;Second feature information is the second unique ID of vehicle, the second unique identification ID of vehicleSuch as are as follows: vehicle identification number (or being cycle serial number) (Vehicle Identification Number), abbreviation VIN ID(or VIN code) is one group of unique number on automobile, can identify manufacturer, the engine, chassis serial number of automobileAnd the data such as other performances.
Second mobile terminal and vehicle can make a reservation in advance using AES (Advanced Encryption Standard, it is advancedEncryption standard) cipher mode or other cipher modes carry out the encrypted transmission of characteristic information, to guarantee the safety of information transmission.
After respective characteristic information is sent to opposite end respectively by the second mobile terminal and vehicle, can be further advanced byThe characteristic information that two mobile terminals and vehicle are each based on both sides generates identity key in an identical manner, and then the identity is closeKey carries out encryption key when information transmission as the next stage.That is, the second mobile terminal and vehicle are respectively received opposite endIt, can be respectively at the key information based on fisrt feature information, second feature information and/or digital key with identical after characteristic informationMode (using identical algorithm as) generate identity key.
It is mentioned above, fisrt feature information is the first unique ID of the second mobile terminal, such as mobile phone unique hardware markKnow;Second feature information is the second unique ID of vehicle, such as VIN ID.Therefore, the second movement is whole in above-mentioned steps S2When end and vehicle are each based on the characteristic information generation identity key received, it may further include: being moved respectively by secondDynamic terminal and vehicle are based on the first unique ID and/or the second unique ID generates identity key.
It is commonly used for guaranteeing the encryption of safety or encryption algorithm may include:
1, key algorithm is commonly used, such as DES (Data Encryption Standard, data encryption standards), 3DES(Triple DES), IDEA (International Data Encryption Algorithm, international data encryption algorithm),AES (Advanced Encryption Standard, Advanced Encryption Standard) etc.;
2, one-way Hash algorithm, such as MD5 (Message Digest Algorithm 5), SHA (Secure HashAlgorithm), MAC (Message Authentication Code message authentication code).
In addition to above-mentioned introduction, there are also hash algorithms, such as HMAC (Hash-based MessageAuthentication Code, ashed information authentication code), SHA1 (Secure Hash Algorithm) etc..It is raw in practical applicationWhen at identity key, other than using the first unique ID, the second unique ID, it can also be moved using other with secondOther relevant parameters of dynamic terminal, vehicle or digital key generate identity key, and the present invention is without limitation.
It is mentioned above, after the second mobile terminal and vehicle generate identity key in an identical manner, will need to respectively receiveTo characteristic information encrypted with the identity key after be back to the transmitting terminal of received characteristic information respectively and testedCard.In an embodiment of the present invention, the second mobile terminal and vehicle are special to second feature information and first with identity key respectivelyReference breath generates the second encryption information and the first encryption information after being encrypted, and is back to vehicle and the second mobile terminal;It is logicalCross the second mobile terminal and vehicle first encryption information received and the second encryption information are decrypted respectively it is laggardRow verifying.Add that is, carrying out encryption to the second feature information of vehicle using the second mobile terminal with identity key and generating secondConfidential information is back to vehicle and is verified, and is decrypted by vehicle and carries out with the second feature information of itself verification afterwards and compare, whenWhen the two is identical, then vehicle is verified above-mentioned second encryption information.
Similarly, the first encryption letter is generated after vehicle encrypts the fisrt feature information of the second mobile terminal with identity keyBreath is back to the second mobile terminal and is verified, and the second mobile terminal is compared completion with the fisrt feature information of itself and testsCard.
Step S203 sends the digital key to vehicle based on wireless communication connection, by vehicle to the numberKey is verified.
After the second mobile terminal and vehicle pass through respective authentication, the biography of the digital key of vehicle can be carried outIt is defeated.That is, the digital key that the second mobile terminal sends cloud is sent to vehicle, verified by vehicle.It is mentioned above, secondMobile terminal and vehicle can generate identity key in the same way, therefore, when carrying out digital key transmission, the second mobile terminalIt can be sent to vehicle with the encrypted digital key of identity key, be verified after being decrypted by vehicle to digital key.
Step S204 conversates key agreement after the digital key authentication passes through with vehicle, generate and vehicle intoSession key when row encryption session.
Step S205 sends to vehicle and is based on the encrypted control instruction of the session key, by vehicle to the controlInstruction executes corresponding movement after being decrypted.
After the second mobile terminal and vehicle generate session key in the same way, user passes through the second mobile terminal to vehicleSend control instruction when, can first dialogue-based key pair control instruction encrypted after transmit it to vehicle, vehicle againAfter receiving the instruction from the second mobile terminal, cipher mode of control instruction as known to it, it can be carried outDecryption is to execute movement corresponding with control instruction, such as the starting of vehicle, the unlatching of car door, closing movement.
In order to further ensure the safety of the data transmission between the second mobile terminal and vehicle.The present invention it is another canSelect in embodiment, above-mentioned steps S204 after the digital key authentication passes through, with vehicle conversate key agreement itBefore, it can also include: to generate authentication key in the same manner with vehicle;Above-mentioned steps S205 can further comprise, with vehicle intoThe capable key agreement that conversates generates session key when carrying out encryption session with vehicle based on authentication key.
, can be after vehicle be to the success of digital key authentication when generating authentication key, the second mobile terminal and vehicle pointThe key of the second feature information of characteristic information, vehicle not based on the second mobile terminal, the authentication key factor and/or digital keySpoon information generates authentication key.Wherein, the authentication key factor may include by the second mobile terminal and each self-generating first of vehicleThe authentication key factor and the second authentication key factor.In addition to this, when generating authentication key, can be combined with other with vehicle orThe relevant data of key algorithm, the present invention is without limitation.
It is carried out below by sharing method of the preferred embodiment to vehicle number key provided in an embodiment of the present invention detailedIt describes in detail bright.In the present embodiment, establish https connection between first movement terminal and the second mobile terminal and cloud, cloud withTLS (TLS, transport layer security protocol are made in Transport Layer Security, abbreviation) connection is established between vehicle.SecondWireless communication connection can be realized between mobile terminal and vehicle based on bluetooth.Wherein, first movement terminal and the second mobile terminalSide is equipped with APP program, bluetooth mould of the APP program operation to establish in first movement terminal and the second mobile terminal side and vehicleSecure communication connection between block.Cloud is TSP (Telematics Service Provider, Content Service Provider), can be mentionedFor information such as production text, image, audio, video or multimedias.
In the present embodiment, by taking first movement terminal and the second mobile terminal are mobile phone as an example, then car owner user is madeFirst movement terminal is car owner's mobile phone, and borrowing vehicle the second mobile terminal used by a user is the then car owner by means of vehicle user mobile phoneUser and can be as shown in Figure 3 by means of the sharing process of the vehicle number key between automobile-used family.
Step 1, car owner send lending vehicle request to cloud by car owner's mobile phone, carry in the request and utilize car owner's keyHMAC (the Hash Message Authentication generated is calculated based on the cell-phone number and authority information for borrowing automobile-used familyCode), and by calculated HMAC it is sent to cloud;
HMAC is verified in step 2, cloud, and is generated after being verified and borrowed automobile-used family key DK1 and key.By means of vehicleWhen user is needed using key, the relevant informations such as key DK1, key are sent to by means of vehicle user mobile phone by cloud.
Step 3 by means of the verification process of key digital between vehicle user mobile phone and vehicle includes: that initialization is exchanged with feature;Both sides' authentication, digital key transmission can send vehicle control to vehicle by car borrowing people's terminal with after verifying, session key agreementInstruction, controls vehicle.Specifically it can be such that
First stage, Bluetooth pairing connection
When borrowing vehicle user mobile phone to need to be attached with vehicle, carry out borrowing the indigo plant between vehicle user mobile phone and vehicle firstTooth pairing, as shown in figure 4, vehicle user mobile phone is borrowed to can be used as bluetooth host, vehicle is as bluetooth slave.It is borrowed after successful matching automobile-usedFamily mobile phone terminal needs to send authentication code in two seconds to vehicle, and vehicle verifies the authentication code, after being proved to be successful, completes to borrowThe preliminary matches of vehicle user mobile phone and vehicle.
Second stage, the exchange of both sides' feature
As shown in figure 4, vehicle user mobile phone is borrowed to borrow vehicle user mobile phone characteristic information to be sent to vehicle, vehicle handle encryptedEncrypted vehicle characteristic information is sent to by means of vehicle user mobile phone, is receiving the spy from other side by means of vehicle user mobile phone and vehicleAfter reference breath, corresponding identity key is generated in an identical manner.Wherein, borrow vehicle user mobile phone characteristic information can be unique with mobile phoneHardware identifier MobileID, vehicle characteristic information can be vehicle VIN ID with uniqueness, and both sides can arrange to dock in advanceThe characteristic information received carries out AES encryption.Both sides can pass through HMAC by MobileID, VIN ID etc. when generating identity keyAlgorithm carries out calculating generation.
Phase III, bidirectional identification verifying: automobile-used family handset identities are borrowed in verifying
As shown in figure 5, borrowing vehicle user mobile phone that encrypted vehicle identity information is sent to vehicle.Vehicle is done after decryptionUnanimously whether verification of data, the i.e. characteristic information with vehicle itself are checked, see, if unanimously, then it represents that check successfully, at this timeIllustrate that automobile-used family handset identities is borrowed to be proved to be successful.
Fourth stage, bidirectional identification verifying: verifying vehicle identification
As shown in figure 5, vehicle borrows automobile-used family handset identities encrypted after borrowing automobile-used family handset identities to be proved to be successfulInformation is sent to by means of vehicle user mobile phone.Verification of data is done after decryption by means of vehicle user mobile phone, after checking successfully, borrows vehicle user mobile phoneAuthentication success.
By borrowing the bidirectional identification verifying of automobile-used family mobile phone terminal and vehicle, to confirm that current vehicle user mobile phone of borrowing is desirableControl vehicle borrows vehicle user mobile phone.
5th stage, digital key transmission and verifying
After undergoing front several stages, completed by means of the verifying of the bidirectional identification of vehicle user mobile phone and vehicle.At this point, borrowingEncrypted number key DK can be sent to vehicle by vehicle user mobile phone, and vehicle verifies digital key DK, such as Fig. 6 instituteShow, vehicle verifies digital key DK, and next stage is entered after being verified.
6th stage, authentication key generate
Authentication key is generated in an identical manner by means of vehicle user mobile phone and vehicle, as shown in Figure 6.Generating authentication keyIn the process, calculating generation can be carried out by hmac algorithm with MobileID, VIN ID etc. respectively by means of vehicle user mobile phone and vehicle.
7th stage, session key agreement
As shown in fig. 7, borrowing vehicle user mobile phone and vehicle that session key factor M K and session key factor Ⅴ K is encrypted respectivelyAfter be sent to other side.After both sides all have session key factor M K and session key factor Ⅴ K, vehicle user mobile phone and vehicle are borrowedSession key SK is generated in an identical manner.Session key can specifically be passed through by MK, VK, MobileID, VIN ID etc.Hmac algorithm generates.
8th stage, vehicle control instruct transmission flow
After borrowing vehicle user mobile phone and vehicle number key authentication to pass through, borrow automobile-used family mobile phone terminal that can carry out with vehicle terminationThe transmission of control instruction, transmission flow is referring to shown in Fig. 8.
Based on the same inventive concept, the embodiment of the invention also provides one kind to additionally provide a kind of mobile terminal, the shiftingDynamic terminal is the first movement terminal of the car owner user of any vehicle, as shown in figure 9, first movement terminal 900 includes:
Generation module 910 is configured to receive its vehicle of the borrow of car owner user's input in the first movement terminalAfter the identity information at automobile-used family, the identity information is based on using preset algorithm and generates the first verification information;
Request sending module 920, the vehicle for being configured to carry first verification information to cloud transmission lend request,It is lent after request analysis goes out first verification information and is verified based on the vehicle by the cloud, and tested described firstAfter card Information Authentication passes through, the digital key for the vehicle that can be obtained automatically by second mobile terminal by means of automobile-used family is generatedSpoon.
In an alternate embodiment of the present invention, request sending module 920 is additionally configured to, and is sent to cloud and is carried described theThe vehicle of one verification information lends request, lends request analysis based on the vehicle by the cloud and goes out first verification informationThe identity information for borrowing automobile-used family is obtained afterwards, and the second verifying letter is generated with the preset algorithm based on the identity informationBreath, judges whether first verification information and second verification information are consistent.
In an alternate embodiment of the present invention, generation module 910 is additionally configured to, and is believed using preset algorithm based on the identityBreath generates the first verification information by key of owner identity key.
In an alternate embodiment of the present invention, the identity information by means of automobile-used family includes: the user for borrowing automobile-used familyInformation and/or access right information to the vehicle.
Based on the same inventive concept, the embodiment of the invention also provides a kind of mobile terminal, the mobile terminal is to borrowThe second mobile terminal by means of automobile-used family of any vehicle, as shown in Figure 10, the second mobile terminal 1000 may include:
Receiving module 1010 is configured to receive the corresponding by means of automobile-used family institute for current second mobile terminal of cloud transmissionBorrow the digital key of vehicle;Wherein, the digital key is based on it by the car owner user that the cloud receives the vehicleThe vehicle that first movement terminal is sent generates after lending request;
Connection establishment module 1020 is configured to carry out wireless pairing with the vehicle to establish wireless communication connection;
Authentication module 1030 is configured to the wireless communication connection to the vehicle and sends the digital key, byThe vehicle verifies the digital key;
Session key agreement module 1040 is configured to after the digital key authentication passes through, with the vehicle carry out intoRow session key agreement generates session key when carrying out encryption session with the vehicle;
Control module 1050 is configured to be based on the encrypted control instruction of the session key to vehicle transmission, byThe vehicle executes corresponding movement after the control instruction is decrypted.
In an alternate embodiment of the present invention, the authentication module 1030 is additionally configured to, and is based on the channel radio describedLetter connection sends the digital key to the vehicle, and described before being verified by the vehicle to the digital keyVehicle carries out feature exchange, and the characteristic information of the characteristic information based on second mobile terminal and the vehicle and the vehicleCarry out bidirectional identity authentication.
In an alternate embodiment of the present invention, the authentication module is additionally configured to, after the digital key authentication passes through,It conversates before key agreement with the vehicle, generates authentication key in the same manner with the vehicle;
Session key agreement module 1040 is additionally configured to, and is conversated key agreement with the vehicle, based on describedAuthentication key generates session key when carrying out encryption session with the vehicle.
Based on the same inventive concept, the embodiment of the invention also provides a kind of share systems of vehicle number key, such as schemeShown in 11, which may include:
First movement terminal 900 described in above-mentioned any embodiment, the second mobile terminal 1000, with first movement terminal andThe cloud 1110 and be controlled by the first movement terminal and/or the second mobile terminal that second mobile terminal wireless communication connectsVehicle 1120.
The embodiment of the invention provides a kind of sharing schemes of the higher vehicle number key of safety, and not only cloud needsThe identity of car owner user is verified, by means of be also required between second mobile terminal and vehicle at automobile-used family feature exchange, keyIt just can be carried out the transmission of vehicle control instruction after transmission and verifying, session key agreement.It is encrypted by multiple key and verifies guaranteeThe safety of digital key improves the safety during digital key is shared to vehicle control.
It is apparent to those skilled in the art that the specific work of the system of foregoing description, device and unitMake process, can refer to corresponding processes in the foregoing method embodiment, for brevity, does not repeat separately herein.
In addition, each functional unit in each embodiment of the present invention can be physically independent, can also two orMore than two functional units integrate, and can be all integrated in a processing unit with all functional units.It is above-mentioned integratedFunctional unit both can take the form of hardware realization, can also be realized in the form of software or firmware.
Those of ordinary skill in the art will appreciate that: if the integrated functional unit is realized and is made in the form of softwareIt is independent product when selling or using, can store in a computer readable storage medium.Based on this understanding,Technical solution of the present invention is substantially or all or part of the technical solution can be embodied in the form of software products,The computer software product is stored in a storage medium comprising some instructions, with so that calculating equipment (such asPersonal computer, server or network equipment etc.) various embodiments of the present invention the method is executed when running described instructionAll or part of the steps.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (ROM), random access memoryDevice (RAM), the various media that can store program code such as magnetic or disk.
Alternatively, realizing that all or part of the steps of preceding method embodiment can be (all by the relevant hardware of program instructionSuch as personal computer, the calculating equipment of server or network equipment etc.) it completes, described program instruction can store in oneIn computer-readable storage medium, when described program instruction is executed by the processor of calculating equipment, the calculating equipment is heldThe all or part of the steps of row various embodiments of the present invention the method.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extentPresent invention has been described in detail with reference to the aforementioned embodiments for pipe, those skilled in the art should understand that: at thisWithin the spirit and principle of invention, it is still possible to modify the technical solutions described in the foregoing embodiments or rightSome or all of the technical features are equivalently replaced;And these are modified or replaceed, and do not make corresponding technical solution de-From protection scope of the present invention.