發(fā)布時(shí)間：2018-07-14 20:07

【摘要】：近年來,隨著物聯(lián)網(wǎng)技術(shù)的快速發(fā)展,各行各業(yè)都在經(jīng)歷著被物聯(lián)網(wǎng)沖刷的浪潮。小到一塊手表一部手機(jī),大到一個(gè)工廠的自動(dòng)化生產(chǎn)線,都在越來越智能化,人們的生活變的越來越輕松和便捷。而汽車作為人們?nèi)粘Ｉ畹闹匾M成部分,人們對(duì)它的需求已不再是簡(jiǎn)單的交通工具,而是一個(gè)集出行,娛樂及社交等功能于一身的智能體。因此,為了滿足人們對(duì)汽車功能性需求的增長(zhǎng),在物聯(lián)網(wǎng)的推動(dòng)下車聯(lián)網(wǎng)及輔助駕駛技術(shù)得到了迅猛的發(fā)展,汽車正在變的越來越強(qiáng)大,越來越智能,但與此同時(shí),車載網(wǎng)絡(luò)也在變的越來越龐大,越來越復(fù)雜。如今,車載網(wǎng)絡(luò)中通常有超過上百個(gè)節(jié)點(diǎn),近億行代碼,且不同的節(jié)點(diǎn)根據(jù)功能性的差別被劃分到不同的子網(wǎng)中,這些使得如今的汽車成為了一個(gè)非常龐大而又復(fù)雜的計(jì)算系統(tǒng)。但是在如今的車載系統(tǒng)中卻沒有形成一套成熟完善的安全體制,來保障車載網(wǎng)絡(luò)的節(jié)點(diǎn)及節(jié)點(diǎn)間通信的安全,這就使得車載網(wǎng)絡(luò),尤其是被廣泛應(yīng)用的CAN網(wǎng)絡(luò),顯得異常脆弱,常常成為攻擊者入侵車載系統(tǒng)的入口。本文設(shè)計(jì)的CAN網(wǎng)關(guān)與關(guān)鍵實(shí)體間的認(rèn)證策略,就是為了確保CAN網(wǎng)絡(luò)中通信節(jié)點(diǎn)的身份的安全可靠性,避免惡意切點(diǎn)偽裝成合法節(jié)點(diǎn)竊取車內(nèi)敏感信息,從而對(duì)車載網(wǎng)絡(luò)造成危害。本文采用融合改進(jìn)的AES算法和HMAC-SHA256算法來完成網(wǎng)關(guān)與關(guān)鍵實(shí)體節(jié)點(diǎn)間的認(rèn)證過程,采用Challenge-Response機(jī)制,并由網(wǎng)關(guān)節(jié)點(diǎn)協(xié)調(diào)該認(rèn)證過程;通過AES算法保證認(rèn)證過程通信的機(jī)密性,而改進(jìn)的AES算法能更好的發(fā)揮基于32位處理器的CAN節(jié)點(diǎn)的性能;采用HMAC-SHA256算法來確保消息的完整性,并對(duì)消息的來源進(jìn)行確認(rèn)。本文搭建了基于MPC5646C開發(fā)板的硬件平臺(tái),包括CAN驅(qū)動(dòng)代碼的開發(fā),通信協(xié)議的實(shí)現(xiàn),認(rèn)證算法的開發(fā)及測(cè)試,以驗(yàn)證本文設(shè)計(jì)的認(rèn)證策略的有效性。
[Abstract]:In recent years, with the rapid development of the Internet of things technology, various industries are experiencing a wave washed away by the Internet of things. As small as a watch, a mobile phone, a factory automation line, are becoming more intelligent, people's lives become more and more relaxed and convenient. As an important part of people's daily life, automobile is no longer a simple means of transportation, but an agent with the functions of travel, entertainment and social interaction. Therefore, in order to meet the growth of people's functional requirements, the Internet of things to promote the Internet of things and auxiliary driving technology has been rapid development, cars are becoming more and more powerful, more intelligent, but at the same time, Car-borne networks are also becoming more and more large, more and more complex. Nowadays, there are usually more than a hundred nodes, nearly 100 million lines of code, and different nodes are divided into different subnets according to their functional differences. This makes today's cars a very large and complex computing system. However, in today's vehicle system, there is not a mature and perfect security system to ensure the security of the nodes and the communication between the nodes of the vehicle network, which makes the vehicular network, especially the widely used can network, seem extremely fragile. It is often used as an entry point for attackers to invade vehicular systems. The authentication strategy between the can gateway and the key entities designed in this paper is to ensure the security and reliability of the identity of the communication node in the can network, and to avoid the malicious point of cutting off as a legitimate node to steal the sensitive information in the vehicle. Thus, it causes harm to the vehicular network. In this paper, we use the improved AES algorithm and HMAC-SHA256 algorithm to complete the authentication process between the gateway and the key entity nodes, adopt Challenge-Response mechanism, and coordinate the authentication process by the gateway nodes. The improved AES algorithm can improve the performance of can node based on 32-bit processor, and use HMAC-SHA256 algorithm to ensure the integrity of the message and confirm the source of the message. This paper builds a hardware platform based on MPC5646C development board, including the development of can driver code, the implementation of communication protocol, the development and testing of authentication algorithm, to verify the effectiveness of the authentication strategy designed in this paper.
【學(xué)位授予單位】：吉林大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2017
【分類號(hào)】：U463.6;TP309

【相似文獻(xiàn)】

相關(guān)期刊論文 前7條

1 曹晨磊;張茹;鈕心忻;周琳娜;張振濤;;3G實(shí)體認(rèn)證協(xié)議及技術(shù)規(guī)范的綜述與安全分析[J];清華大學(xué)學(xué)報(bào)(自然科學(xué)版);2009年S2期

2 林四川;季新生;;CDMA實(shí)體認(rèn)證機(jī)制分析[J];電子技術(shù)應(yīng)用;2007年10期

3 許峰;黃皓;王志堅(jiān);;Web服務(wù)會(huì)話實(shí)體認(rèn)證協(xié)議的改進(jìn)[J];計(jì)算機(jī)應(yīng)用與軟件;2008年11期

4 張倩;;一種WSNs中的強(qiáng)實(shí)體認(rèn)證協(xié)議[J];傳感器與微系統(tǒng);2012年03期

5 林四川;季新生;;CDMA實(shí)體認(rèn)證機(jī)制分析[J];現(xiàn)代通信;2007年Z3期

6 蘇之陽(yáng);馬皓;張曉軍;張蓓;;基于實(shí)體認(rèn)證的安全DHCPv6系統(tǒng)實(shí)現(xiàn)[J];廣西大學(xué)學(xué)報(bào)(自然科學(xué)版);2011年S1期

7 李俊青;;JAAS+JXTA實(shí)體認(rèn)證模型的研究[J];計(jì)算技術(shù)與自動(dòng)化;2005年04期

相關(guān)博士學(xué)位論文 前1條

1 李清玉;普及計(jì)算環(huán)境中安全技術(shù)的研究[D];中國(guó)科學(xué)院研究生院（計(jì)算技術(shù)研究所）;2004年

相關(guān)碩士學(xué)位論文 前2條

1 郭森;基于車載CAN網(wǎng)關(guān)的實(shí)體認(rèn)證技術(shù)研究[D];吉林大學(xué);2017年

2 劉輝洲;WTLS分析與設(shè)計(jì)[D];山東大學(xué);2010年

，

本文編號(hào)：2122804