【摘要】：近年來,隨著物聯(lián)網(wǎng)技術的快速發(fā)展,各行各業(yè)都在經(jīng)歷著被物聯(lián)網(wǎng)沖刷的浪潮。小到一塊手表一部手機,大到一個工廠的自動化生產(chǎn)線,都在越來越智能化,人們的生活變的越來越輕松和便捷。而汽車作為人們?nèi)粘Ｉ畹闹匾M成部分,人們對它的需求已不再是簡單的交通工具,而是一個集出行,娛樂及社交等功能于一身的智能體。因此,為了滿足人們對汽車功能性需求的增長,在物聯(lián)網(wǎng)的推動下車聯(lián)網(wǎng)及輔助駕駛技術得到了迅猛的發(fā)展,汽車正在變的越來越強大,越來越智能,但與此同時,車載網(wǎng)絡也在變的越來越龐大,越來越復雜。如今,車載網(wǎng)絡中通常有超過上百個節(jié)點,近億行代碼,且不同的節(jié)點根據(jù)功能性的差別被劃分到不同的子網(wǎng)中,這些使得如今的汽車成為了一個非常龐大而又復雜的計算系統(tǒng)。但是在如今的車載系統(tǒng)中卻沒有形成一套成熟完善的安全體制,來保障車載網(wǎng)絡的節(jié)點及節(jié)點間通信的安全,這就使得車載網(wǎng)絡,尤其是被廣泛應用的CAN網(wǎng)絡,顯得異常脆弱,常常成為攻擊者入侵車載系統(tǒng)的入口。本文設計的CAN網(wǎng)關與關鍵實體間的認證策略,就是為了確保CAN網(wǎng)絡中通信節(jié)點的身份的安全可靠性,避免惡意切點偽裝成合法節(jié)點竊取車內(nèi)敏感信息,從而對車載網(wǎng)絡造成危害。本文采用融合改進的AES算法和HMAC-SHA256算法來完成網(wǎng)關與關鍵實體節(jié)點間的認證過程,采用Challenge-Response機制,并由網(wǎng)關節(jié)點協(xié)調(diào)該認證過程;通過AES算法保證認證過程通信的機密性,而改進的AES算法能更好的發(fā)揮基于32位處理器的CAN節(jié)點的性能;采用HMAC-SHA256算法來確保消息的完整性,并對消息的來源進行確認。本文搭建了基于MPC5646C開發(fā)板的硬件平臺,包括CAN驅動代碼的開發(fā),通信協(xié)議的實現(xiàn),認證算法的開發(fā)及測試,以驗證本文設計的認證策略的有效性。
[Abstract]:In recent years, with the rapid development of the Internet of things technology, various industries are experiencing a wave washed away by the Internet of things. As small as a watch, a mobile phone, a factory automation line, are becoming more intelligent, people's lives become more and more relaxed and convenient. As an important part of people's daily life, automobile is no longer a simple means of transportation, but an agent with the functions of travel, entertainment and social interaction. Therefore, in order to meet the growth of people's functional requirements, the Internet of things to promote the Internet of things and auxiliary driving technology has been rapid development, cars are becoming more and more powerful, more intelligent, but at the same time, Car-borne networks are also becoming more and more large, more and more complex. Nowadays, there are usually more than a hundred nodes, nearly 100 million lines of code, and different nodes are divided into different subnets according to their functional differences. This makes today's cars a very large and complex computing system. However, in today's vehicle system, there is not a mature and perfect security system to ensure the security of the nodes and the communication between the nodes of the vehicle network, which makes the vehicular network, especially the widely used can network, seem extremely fragile. It is often used as an entry point for attackers to invade vehicular systems. The authentication strategy between the can gateway and the key entities designed in this paper is to ensure the security and reliability of the identity of the communication node in the can network, and to avoid the malicious point of cutting off as a legitimate node to steal the sensitive information in the vehicle. Thus, it causes harm to the vehicular network. In this paper, we use the improved AES algorithm and HMAC-SHA256 algorithm to complete the authentication process between the gateway and the key entity nodes, adopt Challenge-Response mechanism, and coordinate the authentication process by the gateway nodes. The improved AES algorithm can improve the performance of can node based on 32-bit processor, and use HMAC-SHA256 algorithm to ensure the integrity of the message and confirm the source of the message. This paper builds a hardware platform based on MPC5646C development board, including the development of can driver code, the implementation of communication protocol, the development and testing of authentication algorithm, to verify the effectiveness of the authentication strategy designed in this paper.
【學位授予單位】：吉林大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：U463.6;TP309

【相似文獻】

相關期刊論文 前7條

1 曹晨磊;張茹;鈕心忻;周琳娜;張振濤;;3G實體認證協(xié)議及技術規(guī)范的綜述與安全分析[J];清華大學學報(自然科學版);2009年S2期

2 林四川;季新生;;CDMA實體認證機制分析[J];電子技術應用;2007年10期

3 許峰;黃皓;王志堅;;Web服務會話實體認證協(xié)議的改進[J];計算機應用與軟件;2008年11期

4 張倩;;一種WSNs中的強實體認證協(xié)議[J];傳感器與微系統(tǒng);2012年03期

5 林四川;季新生;;CDMA實體認證機制分析[J];現(xiàn)代通信;2007年Z3期

6 蘇之陽;馬皓;張曉軍;張蓓;;基于實體認證的安全DHCPv6系統(tǒng)實現(xiàn)[J];廣西大學學報(自然科學版);2011年S1期

7 李俊青;;JAAS+JXTA實體認證模型的研究[J];計算技術與自動化;2005年04期

相關博士學位論文 前1條

1 李清玉;普及計算環(huán)境中安全技術的研究[D];中國科學院研究生院（計算技術研究所）;2004年

相關碩士學位論文 前2條

1 郭森;基于車載CAN網(wǎng)關的實體認證技術研究[D];吉林大學;2017年

2 劉輝洲;WTLS分析與設計[D];山東大學;2010年

，

本文編號：2122804