CN114374516B - Certificate revocation list distribution method and device, storage medium, server and vehicle networking device - Google Patents
Certificate revocation list distribution method and device, storage medium, server and vehicle networking device Download PDFInfo
- Publication number
- CN114374516B CN114374516B CN202111458608.5A CN202111458608A CN114374516B CN 114374516 B CN114374516 B CN 114374516B CN 202111458608 A CN202111458608 A CN 202111458608A CN 114374516 B CN114374516 B CN 114374516B
- Authority
- CN
- China
- Prior art keywords
- sub
- authentication
- list
- global
- revocation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The application provides a certificate revocation list distribution method, equipment, a storage medium, a server and vehicle networking equipment, wherein the certificate revocation list distribution method comprises the following steps: a server of a sub-authentication domain to which the Internet of vehicles equipment belongs sends an acquisition request aiming at a first global revoke list; receiving the first global revoke list sent by the server of the sub-authentication domain aiming at the acquisition request, wherein the first global revoke list comprises download addresses of a plurality of sub-authentication domains and a file name list; and selecting one sub-authentication domain from the plurality of sub-authentication domains as a first downloading node based on the file name list and the downloading addresses of the revoke certificates of the plurality of sub-authentication domains, and downloading the revoke certificates of the plurality of sub-authentication domains from the first downloading node. The method and the device can improve the distribution efficiency of the certificate revocation list and reduce the network resource consumption of the distribution of the certificate revocation list.
Description
Technical Field
The application relates to the field of computers, in particular to a certificate revocation list distribution method and device, a storage medium, a server and a vehicle networking device.
Background
The V2X (Vehicle to evolution) internet of vehicles is a new network for connecting and communicating vehicles with other vehicles, road side facilities and other road users by means of a new generation of information communication technology. The dynamic interaction of basic vehicle safety information, roadside facility information, traffic accident information and other information can be realized through V2X, so that the traffic efficiency is improved, the resources are saved, the pollution is reduced, the accident rate is reduced, and the traffic management is improved.
The V2X Internet of vehicles brings intelligent traffic convenience to people and simultaneously generates a plurality of new network safety problems. A malicious attacker can imitate the identity of a legal vehicle, send forged information, influence the normal operation of a system and a service, and harm the road traffic safety of surrounding vehicles and pedestrians; by utilizing the openness of the PC5/V5 wireless interface, information transmitted between the Internet of vehicles terminal and the road side facility and between the Internet of vehicles terminal can be forged, tampered or replayed, so that service interruption or service data errors are caused, the normal operation of the Internet of vehicles service is influenced, and the road traffic safety of surrounding vehicles and pedestrians is seriously damaged; the method can acquire the information such as the vehicle identification, the position and the like broadcasted through the PC5/V5 interface, further cause the disclosure of the privacy information such as the user identity, the position and the like, and in severe cases, the vehicle can be illegally tracked, and the personal safety of the user is directly threatened.
For the above technical problems, an electronic authentication technology based on Public Key Infrastructure (PKI) can implement V2X internet of vehicles security guarantee, but a Certificate Revocation List (CRL) distribution method in this scheme may bring huge network resource overhead to each authentication domain, and especially when a new CRL is frequently and continuously downloaded, a great performance degradation may be caused in terms of network resources of each authentication domain CA.
Disclosure of Invention
The embodiment of the application aims to provide a certificate revocation list distribution method, equipment, a storage medium, a server and vehicle networking equipment, which are used for improving the distribution efficiency of the certificate revocation list and reducing the network resource consumption of the distribution of the certificate revocation list.
To this end, in a first aspect of the present application, a certificate revocation list distribution method is provided, where the method is applied to a vehicle networking device, and the method includes:
sending an acquisition request aiming at a first global revoke list to a server of a sub-authentication domain to which the Internet of vehicles equipment belongs;
receiving the first global revocation list sent by the server of the sub-authentication domain aiming at the acquisition request, wherein the first global revocation list comprises download addresses of a plurality of sub-authentication domains and file name lists of revocation certificates of the plurality of sub-authentication domains;
selecting one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on a file name list of revoke certificates of the plurality of sub-authentication domains and download addresses of the plurality of sub-authentication domains, and downloading the revoke certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates revoke certificates of itself in advance and downloads revoke certificates of other sub-authentication domains in advance based on the first global revoke list, the first global revoke list is generated by a server of the sub-authentication domains based on a second global revoke list, and the second global revoke list is generated by the server in the global authentication domain based on the revoke certificate lists in the domains sent by the plurality of sub-authentication domains.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
In this embodiment, as an optional implementation manner, after the selecting a sub-authentication domain from the sub-authentication domains as a download node and downloading the revocation certificates of the sub-authentication domains from the first download node, the method further includes:
acquiring the downloading speed of the first downloading node;
when the downloading speed of the first downloading node is smaller than a preset threshold value, selecting one sub-authentication domain from the plurality of sub-authentication domains as a second downloading node;
-downloading the remaining data of the revocation certificate from the second download node based on the currently downloaded data of the revocation certificate.
The optional implementation manner can realize a breakpoint resume downloading mechanism.
A second aspect of the present application discloses a certificate revocation list distribution method that applies to a server in a sub-authentication domain, the method including:
receiving an acquisition request aiming at a first universe revoke list sent by the Internet of vehicles equipment in the sub-authentication domain;
and sending the first global revocation list to the vehicle networking equipment, wherein the first global revocation list comprises download addresses of a plurality of sub-authentication domains and file name lists of revocation certificates of the plurality of sub-authentication domains, so that the vehicle networking equipment selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name lists of the revocation certificates of the plurality of sub-authentication domains and the download addresses of the plurality of sub-authentication domains, and downloads the revocation certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates revocation certificates of the first download node in advance, and downloads the revocation certificates of other sub-authentication domains in advance based on the first global revocation list, the first global revocation list is generated by a server of the sub-authentication domains based on a second global revocation list, and the second global revocation list is generated by a server in the global authentication domain based on the revocation certificate lists in the domains sent by the plurality of sub-authentication domains.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
In the second aspect of the present application, as an optional implementation manner, before the receiving an acquisition request for a first global revocation list sent by a device in a sub-authentication domain, the method further includes:
receiving a download address of the second global revocation list sent by a server of a global authentication domain;
downloading the second global pin list according to the download address of the second global pin list;
downloading the revoke certificate of each sub-authentication domain from the servers of the plurality of sub-authentication domains according to the second universe revoke list;
and when the downloading of the revoke certificates of all the sub-authentication domains is completed, updating the second global revoke list based on the second global revoke list, and obtaining the first global revoke list.
This optional embodiment can update the second global pin list based on the second global pin list and obtain the first global pin list.
In the second aspect of the present application, as an optional implementation manner, before the receiving the download address of the second global revocation list sent by the server of the global authentication domain, the method further includes:
and sending the revoke certificate list in the domain to a server of the global authentication domain, so that the server of the global authentication domain constructs the second global revoke list according to the revoke certificate lists of the plurality of sub-authentication domains.
In the optional implementation method, the server in the global authentication domain can construct the second global revocation list according to the revocation certificate lists of the plurality of sub-authentication domains by sending the revocation certificate list in the domain to the server in the global authentication domain.
In the second aspect of the present application, as an optional implementation manner, before the sending the revocation certificate list in the domain to the server of the global authentication domain, the method further includes:
dividing the revocation certificate in the domain into a plurality of data blocks;
determining a file name of each data block;
determining a download address of each data block;
and constructing a revocation certificate list in the domain based on the file name of each data block and the download address of each data block.
This optional implementation mode is through cutting apart into a plurality of data blocks with the certificate of revoking, can avoid second universe certificate of revoking itself data bulk too big to realize realizing load balancing between many authentication domains, thereby solve when a CRL is too big, the problem that the V2X equipment download CRL that leads to is slow, the interruption is heavily downloaded, thereby promotes network resource utilization efficiency.
In the second aspect of the present application, as an optional implementation, after the constructing a revocation certificate list in the domain based on the file name of each of the data blocks and the download address of each of the data blocks, the method further includes:
obtaining a private key in a domain;
performing digital signature on the revocation certificate list in the domain according to the private key in the domain, and obtaining a first signature value;
writing the first signature value to a revocation certificate list within the domain.
In this optional embodiment, by performing digital signature on the revocation certificate list in the domain, the legitimacy of the source of the revocation certificate list in the domain and the integrity of the content can be ensured.
In the second aspect of the present application, as an optional implementation manner, the determining a file name of each of the data blocks includes:
calculating a hash value of each of the data blocks based on a hash function;
and determining the hash value of the data block as the file name of the data block.
In this optional embodiment, since the hash function has the characteristics of unidirectionality and collision resistance, determining the hash value of the data block as the file name of the data block can ensure the integrity of the data block, and prevent an attacker from tampering.
A third aspect of the present application discloses a certificate revocation list distribution method, where the method is applied to a server in a global authentication domain, and the method includes:
receiving revocation certificate lists in a domain sent by a plurality of sub-authentication domains;
constructing a second universe revoke list according to the revoke certificate list in the domain of the plurality of sub-authentication domains;
issuing the download address of the second global revoke list to the plurality of sub-authentication domains based on a preset period, so that the plurality of sub-authentication domains generate a first global revoke list based on the second global revoke list, and enabling the internet-of-vehicles equipment to select one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name list of the revoke certificates of the plurality of sub-authentication domains in the first global revoke list and the download addresses of the plurality of sub-authentication domains, and download the revoke certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates the revoke certificate of the first download node in advance, and downloads the revoke certificates of other sub-authentication domains based on the first global revoke list in advance.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
In the third aspect of the present application, as an optional implementation manner, after the constructing a second global revocation list according to a revocation certificate list in the domain of the plurality of sub-authentication domains, the method further includes:
determining a private key of a global authentication domain;
performing digital signature on the second global revocation list according to the private key of the global authentication domain to obtain a second signature value;
updating the signature value of the second global revocation list based on the second signature value.
In the embodiment, the second global revocation list is used for digital signature, so that the source validity and the content integrity of the second global revocation list can be ensured.
In the third aspect of the present application, as an optional implementation manner, after the constructing a second global revocation list according to revocation certificate lists in the domain of the plurality of sub-authentication domains, the method further includes:
detecting whether the sub-authentication domain updates the revocation certificate list in the domain within the preset period, and if so, updating the second global revocation list according to the updating result of the revocation certificate list in the domain;
and when the second global revoke list is updated, issuing the updated download address of the second global revoke list to the sub-authentication domains.
The optional implementation manner can realize that the GCRLA can also timely issue the updated second global revoke list in an irregular manner after which authentication domain issues a new CRL in a preset period.
The fourth aspect of the present application discloses a car networking device, car networking device includes:
the first sending module is used for sending an acquisition request aiming at the first global revoke pin list to a server of a sub-authentication domain to which the Internet of vehicles equipment belongs;
a first receiving module, configured to receive the first global revocation list sent by the server of the sub-authentication domain for the acquisition request, where the first global revocation list includes download addresses of a plurality of sub-authentication domains and a file name list of revocation certificates of the plurality of sub-authentication domains;
and the downloading module is used for selecting one sub-authentication domain from the plurality of sub-authentication domains as a first downloading node based on the file name lists of the revoke certificates of the plurality of sub-authentication domains and the downloading addresses of the plurality of sub-authentication domains, and downloading the revoke certificates of the plurality of sub-authentication domains from the first downloading node, wherein the first downloading node generates the revoke certificate of the first downloading node in advance, and downloads the revoke certificates of other sub-authentication domains based on the first global revoke list in advance.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
A fifth aspect of the present application discloses a server, comprising:
the second receiving module is used for receiving an acquisition request aiming at a first global revoke pin list sent by the Internet of vehicles equipment in the sub-authentication domain;
a second sending module, configured to send the first global revocation list to the car networking device, where the first global revocation list includes a download address of a plurality of sub-authentication domains and a file name list of revocation certificates of the plurality of sub-authentication domains, so that the car networking device selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name list of the revocation certificates of the plurality of sub-authentication domains and the download address of the plurality of sub-authentication domains, and downloads the revocation certificates of the plurality of sub-authentication domains from the first download node, where the first download node generates its own revocation certificate in advance, and downloads revocation certificates of other sub-authentication domains in advance based on the first global revocation list, where the first global revocation list is generated by a server of the sub-authentication domain based on a second global revocation list, and the second revocation list is generated by a server in a global authentication domain based on the revocation certificate list of the plurality of sub-authentication domains.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
A sixth aspect of the present application discloses another server, comprising:
the third receiving module is used for receiving revocation certificate lists in the domains sent by the plurality of sub-authentication domains;
a construction module for constructing a second global revocation list according to the revocation certificate list in the domain of the plurality of sub-authentication domains;
the issuing module is used for issuing the download addresses of the second global revoke list to the plurality of sub-authentication domains based on a preset period, so that the plurality of sub-authentication domains generate a first global revoke list based on the second global revoke list, and the vehicle networking equipment selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name list of the revoke certificates of the plurality of sub-authentication domains in the first global revoke list and the download addresses of the plurality of sub-authentication domains, and downloads the revoke certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates the revoke certificate of the first download node in advance, and downloads the revoke certificates of other sub-authentication domains based on the first global revoke list in advance.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
A seventh aspect of the present application discloses a certificate revocation list distribution apparatus, including:
a memory storing executable program code;
a processor coupled with the memory;
the processor calls the executable program code stored in the memory to execute the certificate revocation list distribution method of the present application.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from the plurality of sub-authentication domains as the download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
An eighth aspect of the present application discloses a storage medium storing a computer instruction for executing the certificate revocation list distribution method of the present application when the computer instruction is invoked.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a schematic architecture diagram of a certificate revocation list distribution system disclosed in an embodiment of the present application;
FIG. 2 is a flowchart illustrating a CRL (cross-domain certificate revocation list) distribution method applied to the certificate revocation list distribution system shown in FIG. 1, according to the present disclosure;
FIG. 3 is a schematic structural diagram of a vehicle networking communication security entity relationship reference model of a 2X vehicle networking system provided in an embodiment of the present application;
fig. 4 is a schematic flowchart of a certificate revocation list distribution method according to an embodiment of the present application;
fig. 5 is a schematic flowchart of a certificate revocation list distribution method disclosed in the second embodiment of the present application;
fig. 6 is a schematic flowchart of a certificate revocation list distribution method disclosed in the third embodiment of the present application;
FIG. 7 is a functional module schematic diagram of a vehicle networking device disclosed in the fourth embodiment of the present application;
fig. 8 is a functional module schematic diagram of a server disclosed in the fifth embodiment of the present application;
fig. 9 is a functional module schematic diagram of a server according to a sixth embodiment of the present application;
fig. 10 is a schematic structural diagram of a certificate revocation list distribution apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
Before describing embodiments of the present application in detail, the present application is directed to a certificate revocation listThe table distribution system is explained in detail. Referring to fig. 1, fig. 1 is a schematic diagram illustrating an architecture of a certificate revocation list distribution system according to an embodiment of the present application. As shown in FIG. 1, the certificate revocation list distribution system includes a global CRL list issuing authority GCRLA (i.e., global certificate domain), a certificate domain D 1 Authentication Domain D 2. Authentication Domain D n. The verification system comprises a plurality of sub-verification domains and V2X equipment (namely car networking equipment), wherein the revoke list distribution system comprises a global CRL list release management mechanism GCRLA and a verification domain management module and a global CRL information list release module, and specifically, the verification domain management module is responsible for registering, managing and releasing download addresses of the global CRL information list to all verification domains and receiving the download addresses of the CRL information list uploaded by all verification domains. And the global CRL information list issuing module is responsible for providing download of the global CRL information list T for each authentication domain.
On the other hand, please refer to fig. 2, fig. 2 is a flowchart illustrating a cross-authentication-domain CRL distribution method applied to the certificate revocation list distribution system shown in fig. 1. As shown in FIG. 2, in the certificate revocation list distribution system, the authentication domain D 1 Being able to download authentication Domain D according to Global CRL information List 2 Data block of (2), authentication field D 2 The authentication domain D can also be downloaded according to the global CRL information list 1 The data blocks of other authentication domains can be downloaded by analogy of each authentication domain, and thus, each authentication domain stores the data blocks of the authentication domain and the other authentication domains, so that when V2X equipment under one authentication domain needs to download revoke certificates of all the authentication domains, one authentication domain is selected from a plurality of authentication domains, revoke certificates of all the authentication domains can be downloaded from the selected authentication domain, all the authentication domains do not need to be accessed, the data blocks of each authentication domain are downloaded, and further, the consumption of network resources is reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all the authentication domains, i.e. the network resource consumption is m1 × m2, but compare with m1 × 2In other words, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, which significantly reduces the network consumption.
In the application, the certificate revocation list distribution system is applied to a V2X vehicle networking system, wherein the V2X vehicle networking system realizes security guarantee of a vehicle network based on an electronic authentication technology of Public Key Infrastructure (PKI). Specifically, please refer to fig. 3, fig. 3 is a schematic structural diagram of a relationship reference model of a communication security entity in a 2X car networking system according to an embodiment of the present application. As shown in fig. 3, the car networking communication security entity relationship reference model includes an authentication management entity, a service provider, a road side device, and a plurality of vehicle-mounted devices. The application certificate revocation list distribution system is applied to a vehicle networking communication security entity relationship reference model, can avoid the problems that the normal operation of vehicle networking services is influenced and the road traffic safety of surrounding vehicles and pedestrians is seriously damaged due to service interruption or service data errors caused by counterfeiting, tampering or replaying information transmitted between a vehicle networking terminal and road side facilities and between the vehicle networking terminals by utilizing the openness of a PC5/V5 wireless interface, and further privacy information such as user identity, position and the like is leaked by acquiring information such as vehicle identification, position and the like broadcasted through the PC5/V5 interface, vehicles are illegally tracked, and the personal safety of users is threatened, and meanwhile, the distribution efficiency of revocation certificates can be improved and the consumption of network resources can be reduced.
Specifically, in the car networking communication security entity relationship reference model, an On Board Unit (OBU): the entity installed on a vehicle and responsible for V2X communication is one of V2X devices, and in this application, for convenience of description, the V2X device is referred to as an internet of vehicle device. Further, when the data of the vehicle-mounted equipment is transmitted, the OBU uses a digital certificate issued by the CA to digitally sign the information broadcasted by the OBU and/or uses a certificate of a data receiver to encrypt the data; on data reception, the OBU verifies the message using the sender's public key and/or decrypts the encrypted message using the local private key.
Specifically, in the car networking communication security entity relationship reference model, a Road Side device (RSU): installed in roadside traffic control devices and traffic information distribution devices, which are entities responsible for V2X communication, are one type of V2X devices. When the roadside device data is sent, the RSU uses a digital certificate signed by a CA to digitally sign the information broadcasted by the RSU and/or uses a certificate of a data receiver to encrypt the data; on data reception, the RSU uses the sender's public key to authenticate the message and/or uses the local private key to decrypt the encrypted message.
Specifically, in the car networking communication security entity relationship reference model, a Service Provider (V2X Service Provider, VSP): a regulatory agency responsible for road traffic and a service agency providing some business service in an internet of vehicles system. When data is sent, the VSP uses a digital certificate signed by the CA to digitally sign the information broadcasted by the VSP and/or uses a certificate of a data receiver to encrypt the data; upon data reception, the VSP verifies the message using the sender's public key and/or decrypts the encrypted message using the local private key. VSP requires the transmission and reception of safety messages by road side devices with forwarding capability.
Specifically, in the car networking communication security entity relationship reference model, a Certificate Authority (CA): is responsible for issuing various V2X digital certificates to the car networking devices (OBUs, RSUs, VSPs), such as registration CAs, pseudonym CAs, application CAs, certificate Revocation Authority (CRA), and the like.
In particular, in the car networking communication security entity relationship reference model, certificate revocation is a critical operation in PKI. Distributing V2X Certificate Revocation information currently uses a Certificate Revocation List (CRL) issued by a CA. When verifying the validity of a certificate it must be checked whether it has been revoked, i.e. whether the certificate is in the CRL. The CRL data file is a list containing information about revoked digital certificates. The V2X certificate comprises a registration certificate, a pseudonym certificate, an application certificate and an identity certificate. The revoking of the V2X certificate is mainly realized based on an abnormal behavior mechanism. And after the CA receives the abnormal behavior report information aiming at a certain V2X device, judging whether the V2X certificate needs to be cancelled or not according to the abnormal behavior decision strategy of the CA. When the V2X certificate is judged to need to be revoked, the CA is responsible for issuing the pseudonym, the application and the identity certificate CRL of the equipment.
In the car networking system, a plurality of independent PKI systems may provide certificate services for the car networking devices, and the service range of each PKI is called an authentication domain. The authentication domain refers to a trusted domain formed by all certificates of a PKI system. The CA of each authentication domain will issue a CRL within that authentication domain. The cross-authentication domain authentication means that the vehicle networking equipment in one authentication domain can authenticate a certificate issued to the vehicle networking equipment in the other authentication domain. When the cross-authentication domain is authenticated, the vehicle-mounted V2X equipment needs to download the CRL of each authentication domain, and whether the certificate in a certain authentication domain is invalid or not needs to be checked when the certificate is verified to be valid, namely whether the certificate is in the CRL or not is checked.
In this application, a CRL is, in particular, a structured data file in a PKI system that contains the serial number of a certificate that has been revoked by a Certificate Authority (CA) and its revocation date. The CRL file also contains certificate authority information, revocation list expiration time and next update time, and the signature algorithm used. The shortest validity period of the certificate revocation list is one hour, and the longest time period is generally 1 day. Set up by each certificate authority at the time of setting up its certificate authority system according to the certificate service policy.
Example one
Referring to fig. 4, fig. 4 is a schematic flowchart illustrating a certificate revocation list distribution method according to an embodiment of the present application. As shown in fig. 4, the method of the embodiment of the present application includes the following steps:
101. sending an acquisition request aiming at the first universe revoke list to a server of a sub-authentication domain to which the Internet of vehicles equipment belongs;
102. receiving a first global revoke list sent by a server of the sub-authentication domain aiming at the acquisition request, wherein the first global revoke list comprises download addresses of a plurality of sub-authentication domains and file name lists of revoke certificates of the sub-authentication domains;
103. based on the file name lists of the revocation certificates of the plurality of sub-authentication domains and the download addresses of the plurality of sub-authentication domains, selecting one sub-authentication domain from the plurality of sub-authentication domains as a first download node, and downloading the revocation certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates the revocation certificate of the first download node in advance, and downloads the revocation certificates of other sub-authentication domains in advance based on the first universe revocation list.
In the embodiment of the present application, the sub-authentication domain refers to a lower-level authentication domain managed in the Global authentication domain, relative to the Global authentication domain, where the Global authentication domain refers to the Global CRL List issuance Authority (GCRLA) shown in fig. 1, and the sub-authentication domain refers to the authentication domain D shown in fig. 1 1 Or authentication domain D 2 Or authentication Domain D n 。
In the embodiment of the present application, the data structure of the first global revoke list may be { version number, issuer, serial number, present issuance time, next issuance time, download address list of each authentication domain, h i List, signature value, where the version number indicates the version of the global pin list, for example, the version of the global pin list released at the first time is V1, and the version of the global pin list released at the second time is V2, and the version number of the global pin list may be used to record the update iteration process of the global pin list. Further, h i The list is a file name list of revoke certificates, which includes the file name of the revoke certificate for each sub-authentication domain.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from the plurality of sub-authentication domains as the download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
In the embodiment of the present application, as an optional implementation manner, in the step: after selecting one sub-authentication domain from the sub-authentication domains as a download node and downloading revoke certificates of the sub-authentication domains from the first download node, the method of the embodiment of the application further includes the following steps:
acquiring the downloading speed of a first downloading node;
when the downloading speed of the first downloading node is smaller than a preset threshold value, selecting one sub-authentication domain from the plurality of sub-authentication domains as a second downloading node;
the remaining data of the revocation certificate is downloaded from the second download node based on the currently downloaded data of the revocation certificate.
This alternative embodiment enables a breakpoint resume download mechanism.
Example two
Referring to fig. 5, fig. 5 is a flowchart illustrating a certificate revocation list distribution method according to an embodiment of the present application, where the method applies a server in a sub-authentication domain. As shown in fig. 5, the method of the embodiment of the present application includes the following steps:
201. receiving an acquisition request aiming at a first universe revoke pin list sent by the vehicle networking equipment in the sub-authentication domain;
202. and sending a first global revoke list to the vehicle networking equipment, wherein the first global revoke list comprises download addresses of a plurality of sub-authentication domains and file name lists of revoke certificates of the sub-authentication domains, so that the vehicle networking equipment selects one sub-authentication domain from the sub-authentication domains as a first download node based on the file name lists of the revoke certificates of the sub-authentication domains and the download addresses of the revoke certificates of the sub-authentication domains, and downloads the revoke certificates of the sub-authentication domains from the first download node, wherein the first download node generates own revoke certificates in advance, and downloads the revoke certificates of other sub-authentication domains in advance based on the first global revoke list.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from the plurality of sub-authentication domains as the download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
In the embodiment of the present application, as an optional implementation manner, in step 201: before receiving an acquisition request for a first global revocation list sent by the vehicle networking device in the sub-authentication domain, the method in the embodiment of the application further includes the following steps:
receiving a download address of a second global revoke pin list sent by a server of the global authentication domain;
downloading the second global overhead pin list according to the download address of the second global overhead pin list;
downloading revoke certificates of each sub-authentication domain from servers of a plurality of sub-authentication domains of the server of the sub-authentication domain according to the second universe revoke list;
and when the downloading of the revoke certificates of all the sub-authentication domains is completed, updating the second global revoke list based on the second global revoke list, and obtaining the first global revoke list.
In this alternative embodiment, the second global revoke list has a data structure of { version number, issuer, serial number, issue time, next issue time (D) } i Identification, d i Download Address, h i List), signature value }, where D i Each sub-authentication domain is represented with subscripts representing the number of the sub-authentication domain, d representing the data block of the sub-authentication domain, and subscripts in d representing the number of the data block.
This optional embodiment can update the second global pin list based on the second global pin list and get the first global pin list.
In this embodiment, as an optional implementation manner, before receiving the download address of the second global revocation list sent by the server in the global authentication domain in step 201, the method in this embodiment further includes the following steps:
and sending the revoke certificate list in the domain to a server of the global authentication domain, so that the server of the global authentication domain constructs a second global revoke list according to the revoke certificate lists of the plurality of sub-authentication domains.
Illustratively, assume that the revocation certificate list of the sub-authentication domain uses t i Indicating that the server of the global authentication domain receives the list t i (i =1.. N). Further, t i The data structure of (1) is { version number, issuer, serial number, issue time, next issue time, d i Download Address, h i List, signature value }.
In the embodiment of the present application, as an optional implementation manner, in the step: before sending the revocation certificate list in the domain to the server of the global authentication domain, the method of the embodiment of the application further includes the following steps:
dividing the revoke certificate in the domain into a plurality of data blocks;
determining a file name of each data block;
determining a download address of each data block;
a list of revocation certificates within the domain is constructed based on the file name of each data block and the download address of each data block.
In the embodiment of the present application, as an example, dividing the revoke certificate in the domain into several data blocks means dividing the revoke certificate in the domain into several data blocks according to the data amount of the revoke certificate in the domain, for example, assuming that the data amount of the revoke certificate in the domain is 5M, the revoke certificate in the 5M domain may be divided into 5 data blocks, where the data amount of each data block is 1M. This optional implementation mode is through cutting apart into a plurality of data blocks with the certificate of revoking, can avoid second universe certificate of revoking itself data bulk too big to realize realizing load balancing between many authentication domains, thereby solve when a CRL is too big, the problem that the V2X equipment download CRL that leads to is slow, the interruption is heavily downloaded, thereby promotes network resource utilization efficiency.
In this embodiment, as an optional implementation manner, after the step of constructing the revocation certificate list in the domain based on the file name of each data block and the download address of each data block, the method of this embodiment further includes the following steps:
obtaining a private key in a domain;
digitally signing the revocation certificate list in the domain according to a private key in the domain, and obtaining a first signature value;
the first signature value is written to a revocation certificate list within the domain.
In the optional embodiment, the revocation of the source of the revocation certificate list in the domain and the integrity of the content can be ensured by digitally signing the revocation certificate list in the domain.
In this embodiment of the present application, as an optional implementation manner, determining a file name of each data block includes:
calculating a hash value of each data block based on a hash function;
and determining the hash value of the data block as the file name of the data block.
Further, in this embodiment of the present application, the hash function may be one of an SM3 function and an SHA256 function, or another type of hash function, which is not limited to this embodiment of the present application.
In this optional embodiment, since the hash function has the characteristics of unidirectionality and collision resistance, determining the hash value of the data block as the file name of the data block can ensure the integrity of the data block, and prevent an attacker from tampering.
EXAMPLE III
Referring to fig. 6, fig. 6 is a flowchart illustrating a certificate revocation list distribution method according to an embodiment of the present application, where the method is applied to a server in a global authentication domain. As shown in fig. 6, the method of the embodiment of the present application includes the following steps:
301. receiving a revocation certificate list in a domain sent by a plurality of sub-authentication domains;
302. constructing a second universe revoke list according to revoke certificate lists in the domains of the plurality of sub-authentication domains;
303. and issuing the download address of the second universe revoke list to the plurality of sub-authentication domains based on a preset period.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from the plurality of sub-authentication domains as the download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
In the embodiment of the present application, as an optional implementation manner, in step 302: after constructing the second global revocation list according to the revocation certificate lists in the domains of the plurality of sub-authentication domains, the method of the embodiment of the present application further includes:
determining a private key of a global authentication domain;
performing digital signature on the second global revocation list according to a private key of the global authentication domain to obtain a second signature value;
the signature value of the second global revocation list is updated based on the second signature value.
In the embodiment, the second global revocation list is used for digital signature, so that the source validity and the content integrity of the second global revocation list can be ensured.
In the embodiment of the present application, as an optional implementation manner, in the step: after constructing a second global revocation list according to revocation certificate lists in domains of a plurality of sub-authentication domains, the method of the embodiment of the present application further includes the following steps:
detecting whether the sub-authentication domain updates the revocation certificate list in the domain in a preset period, and if so, updating the second global revocation list according to the updating result of the revocation certificate list in the domain;
and when the second global revoke list is updated, issuing the updated download address of the second global revoke list to the plurality of sub-authentication domains.
The optional implementation manner can realize that the GCRLA can also issue the updated second global revoke pin list in time and irregularly after which authentication domain issues the new CRL in the preset period.
Example four
Referring to fig. 7, fig. 7 is a schematic diagram of functional modules of a car networking device disclosed in an embodiment of the present application. As shown in fig. 7, the embodiment of the present application includes:
a first sending module 401, configured to send an acquisition request for a first global revoke list to a server of a sub-authentication domain to which the car networking device belongs;
a first receiving module 402, configured to receive a first global revocation list sent by a server of a sub-authentication domain for an acquisition request, where the first global revocation list includes download addresses of a plurality of sub-authentication domains and a file name list of revocation certificates of the plurality of sub-authentication domains;
a downloading module 403, configured to select one sub-authentication domain from the multiple sub-authentication domains as a first downloading node based on the file name lists of the revocation certificates of the multiple sub-authentication domains and the downloading addresses of the multiple sub-authentication domains, and download the revocation certificates of the multiple sub-authentication domains from the first downloading node, where the first downloading node generates its own revocation certificate in advance, and downloads the revocation certificates of other sub-authentication domains in advance based on the first global revocation list.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from the plurality of sub-authentication domains as the download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
Please refer to the first embodiment of the present application for other descriptions about the embodiments of the present application, which are not described herein again.
EXAMPLE five
Referring to fig. 8, fig. 8 is a schematic functional module diagram of a server according to an embodiment of the present disclosure. As shown in fig. 8, the server according to the embodiment of the present application includes:
a second receiving module 501, configured to receive an acquisition request for a first global revocation list sent by an internet of vehicles device in a sub-authentication domain;
a second sending module 502, configured to send a first global revocation list to the car networking device, where the first global revocation list includes download addresses of a plurality of sub-authentication domains and file name lists of revocation certificates of the plurality of sub-authentication domains, so that the car networking device selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name lists of the revocation certificates of the plurality of sub-authentication domains and the download addresses of the plurality of sub-authentication domains, and downloads the revocation certificates of the plurality of sub-authentication domains from the first download node, where the first download node generates its revocation certificate in advance, and downloads the revocation certificates of other sub-authentication domains in advance based on the first global revocation list.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
Please refer to embodiment two of the present application for further description of the embodiments of the present application, which is not described herein again.
EXAMPLE six
Referring to fig. 9, fig. 9 is a functional module schematic diagram of a server according to an embodiment of the present disclosure. As shown in fig. 9, the server according to the embodiment of the present application includes:
a third receiving module 601, configured to receive revocation certificate lists sent by multiple sub-authentication domains in a domain;
a constructing module 602, configured to construct a second global revocation list according to revocation certificate lists in domains of the plurality of sub-authentication domains;
the issuing module 603 is configured to issue the download address of the second global revoke list to a plurality of sub-authentication domains based on a preset period.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
Please refer to embodiment three of the present application for other descriptions about the embodiments of the present application, which are not described herein again.
EXAMPLE seven
Referring to fig. 10, fig. 10 is a schematic structural diagram of a certificate revocation list distribution apparatus according to an embodiment of the present application. As shown in fig. 10, the certificate revocation list distribution apparatus includes:
a memory 701 in which executable program code is stored;
a processor 702 coupled to the memory;
the processor 702 calls the executable program code stored in the memory 701 to execute the certificate revocation list distribution method disclosed in the first, second, and third embodiments of the present application.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from the plurality of sub-authentication domains as the download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure that each V2X device can identify the reliability or security of other V2X devices in the global, each V2X device needs to access all the authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, and thus the network consumption is significantly reduced.
Example eight
The embodiment of the application discloses a storage medium, wherein the storage medium stores computer instructions, and when the computer instructions are called, the computer instructions are used for executing the certificate revocation list distribution method disclosed in the first, second and third embodiments of the application.
In the embodiment of the application, since the server of each sub-authentication domain stores the revocation certificate of the server and the revocation certificates of other authentication domains, when the car networking equipment needs to revoke the revocation certificates in order to ensure whether other car networking equipment is safe and reliable, the current car networking equipment can download the revocation certificate list in the global authentication domain only by selecting one authentication domain from a plurality of sub-authentication domains as a download node, and thus, the current car networking equipment does not need to access all the authentication domains to obtain the revocation certificate list of each authentication domain, and further, the consumption of network resources can be reduced. For example, assuming that there are m1 authentication domains and m 2V 2X devices under each authentication domain, according to the prior art, in order to ensure the reliability or security that each V2X device can identify other V2X devices in the global, each V2X device needs to access all authentication domains, that is, the network resource consumption is m1 × m2, however, in contrast, m 2V 2X devices in the certificate revocation list distribution system of the present application only need to access one authentication domain, that is, the network resource consumption is (1/m 1) × m2, so that the network consumption is significantly reduced.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical division, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
In addition, units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
Furthermore, the functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
It should be noted that, if the functions are implemented in the form of software functional modules and sold or used as independent products, the functions may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
In this document, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (16)
1. A certificate revocation list distribution method is applied to a vehicle networking device, and comprises the following steps:
sending an acquisition request aiming at a first global revoke pin list to a server of a sub-authentication domain to which the Internet of vehicles equipment belongs;
receiving the first global revocation list sent by the server of the sub-authentication domain aiming at the acquisition request, wherein the first global revocation list comprises download addresses of a plurality of sub-authentication domains and file name lists of revocation certificates of the plurality of sub-authentication domains;
selecting one sub-authentication domain from the sub-authentication domains as a first download node based on the file name list of the revocation certificates of the sub-authentication domains and the download addresses of the sub-authentication domains, and downloading the revocation certificates of the sub-authentication domains from the first download node, wherein the first download node generates revocation certificates of itself in advance and downloads revocation certificates of other sub-authentication domains in advance based on the first global revocation list, the first global revocation list is generated by a server of the sub-authentication domains based on a second global revocation list, and the second global revocation list is generated by the server in the global authentication domain based on the revocation certificate lists in the domains sent by the sub-authentication domains.
2. The method of claim 1, wherein after said selecting one of the sub-authentication domains from the plurality of sub-authentication domains as a first download node and downloading revocation certificates for the plurality of sub-authentication domains from the first download node, the method further comprises:
acquiring the downloading speed of the first downloading node;
when the downloading speed of the first downloading node is smaller than a preset threshold value, selecting one sub-authentication domain from the sub-authentication domains as a second downloading node;
downloading the remaining data of the revoke certificate from the second download node based on the currently downloaded data of the revoke certificate.
3. A certificate revocation list distribution method applied to a server in a sub-authentication domain, the method comprising:
receiving an acquisition request aiming at a first global revoke pin list sent by the Internet of vehicles equipment in the sub-authentication domain;
sending the first global revocation list to the vehicle networking equipment, wherein the first global revocation list comprises download addresses of a plurality of sub-authentication domains and file name lists of revocation certificates of the plurality of sub-authentication domains, so that the vehicle networking equipment selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name lists of the revocation certificates of the plurality of sub-authentication domains and the download addresses of the plurality of sub-authentication domains, and downloads the revocation certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates revocation certificates of itself in advance, and downloads the revocation certificates of other sub-authentication domains in advance based on the first global revocation list, the first global revocation list is generated by a server of the sub-authentication domains based on a second global revocation list, and the second global revocation list is generated by a server in the global authentication domain based on the revocation certificate lists in the domains sent by the plurality of sub-authentication domains.
4. The method of claim 3, wherein prior to said receiving a get request for a first global hitching list sent by a vehicle networking device within the sub-authentication domain, the method further comprises:
receiving a download address of the second global revocation list sent by a server of a global authentication domain;
downloading the second global pin list according to the download address of the second global pin list;
downloading the revoke certificate of each sub-authentication domain from the servers of the plurality of sub-authentication domains according to the second universe revoke list;
and when the downloading of the revoke certificates of all the sub-authentication domains is completed, updating the second global revoke list based on the second global revoke list, and obtaining the first global revoke list.
5. The method of claim 4, wherein before the receiving of the download address of the second global revocation list sent by the server of the global authentication domain, the method further comprises:
and sending the revocation certificate list in the domain to a server of the global authentication domain, so that the server of the global authentication domain constructs the second global revocation list according to the revocation certificate lists of the plurality of sub-authentication domains.
6. The method of claim 5, wherein prior to the sending the list of revocation certificates within a domain to the server of the global authentication domain, the method further comprises:
dividing the revocation certificate in the domain into a plurality of data blocks;
determining a file name of each data block;
determining a download address of each data block;
and constructing a revocation certificate list in the domain based on the file name of each data block and the download address of each data block.
7. The method of claim 6, wherein after said constructing a list of revocation certificates within the domain based on a file name of each of the data blocks and a download address of each of the data blocks, the method further comprises:
obtaining a private key in a domain;
performing digital signature on the revocation certificate list in the domain according to the private key in the domain, and obtaining a first signature value;
writing the first signature value to a revocation certificate list within the domain.
8. The method of claim 6, wherein said determining a file name for each of said data blocks comprises:
calculating a hash value of each of the data blocks based on a hash function;
and determining the hash value of the data block as the file name of the data block.
9. A certificate revocation list distribution method, wherein the method is applied to a server in a global authentication domain, and the method includes:
receiving revocation certificate lists in a domain sent by a plurality of sub-authentication domains;
constructing a second universe revoke list according to the revoke certificate list in the domain of the plurality of sub-authentication domains;
issuing the download address of the second global revoke list to the plurality of sub-authentication domains based on a preset period, so that the plurality of sub-authentication domains generate a first global revoke list based on the second global revoke list, and enabling the internet-of-vehicles equipment to select one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name list of the revoke certificates of the plurality of sub-authentication domains in the first global revoke list and the download addresses of the plurality of sub-authentication domains, and download the revoke certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates the revoke certificate of the first download node in advance, and downloads the revoke certificates of other sub-authentication domains based on the first global revoke list in advance.
10. The method of claim 9, wherein after said constructing a second global revocation list from revocation certificate lists within said domain of said plurality of sub-authentication domains, said method further comprises:
determining a private key of a global authentication domain;
performing digital signature on the second global revocation list according to the private key of the global authentication domain to obtain a second signature value;
updating the signature value of the second global revocation list based on the second signature value.
11. The method of claim 9, wherein after said constructing a second global revocation list from revocation certificate lists within said domain of said plurality of sub-authentication domains, said method further comprises:
detecting whether the sub-authentication domain updates the revocation certificate list in the domain in the preset period, and if so, updating the second global revocation list according to the updating result of the revocation certificate list in the domain;
and when the second global revoke list is updated, issuing the updated download address of the second global revoke list to the sub-authentication domains.
12. A vehicle networking device, comprising:
the first sending module is used for sending an acquisition request aiming at a first global revoke pin list to a server of a sub-authentication domain to which the Internet of vehicles equipment belongs;
a first receiving module, configured to receive the first global revocation list sent by the server in the sub-authentication domain for the acquisition request, where the first global revocation list includes download addresses of a plurality of sub-authentication domains and a file name list of revocation certificates of the plurality of sub-authentication domains;
and the downloading module is used for selecting one sub-authentication domain from the plurality of sub-authentication domains as a first downloading node based on the file name list of the revoke certificates of the plurality of sub-authentication domains and the downloading addresses of the plurality of sub-authentication domains, and downloading the revoke certificates of the plurality of sub-authentication domains from the first downloading node, wherein the first downloading node generates the revoke certificate of the first downloading node in advance, and downloads the revoke certificates of other sub-authentication domains in advance based on the first global revoke list, the first global revoke list is generated by the server of the sub-authentication domains based on a second global revoke list, and the second global revoke list is generated by the server in the global authentication domain based on the revoke certificate lists in the domains sent by the plurality of sub-authentication domains.
13. A server, characterized in that the server comprises:
the second receiving module is used for receiving an acquisition request aiming at the first universe revoke pin list sent by the Internet of vehicles equipment in the sub-authentication domain;
a second sending module, configured to send the first global revocation list to the vehicle networking device, where the first global revocation list includes download addresses of a plurality of sub-authentication domains and a file name list of revocation certificates of the plurality of sub-authentication domains, so that the vehicle networking device selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name list of the revocation certificates of the plurality of sub-authentication domains and the download addresses of the plurality of sub-authentication domains, and downloads the revocation certificates of the plurality of sub-authentication domains from the first download node, where the first download node generates a revocation certificate of itself in advance, and downloads revocation certificates of other sub-authentication domains in advance based on the first global revocation list, where the first global revocation list is generated by a server in the global authentication domain based on a second global revocation list generated by a server in the global authentication domain based on the revocation certificate list in the domains sent by the plurality of sub-authentication domains.
14. A server, characterized in that the server comprises:
the third receiving module is used for receiving revocation certificate lists in the domains sent by the plurality of sub-authentication domains;
a construction module for constructing a second global revocation list according to revocation certificate lists in the domain of the plurality of sub-authentication domains;
the issuing module is used for issuing the download addresses of the second global revoke list to the plurality of sub-authentication domains based on a preset period, so that the plurality of sub-authentication domains generate a first global revoke list based on the second global revoke list, and the vehicle networking equipment selects one sub-authentication domain from the plurality of sub-authentication domains as a first download node based on the file name list of the revoke certificates of the plurality of sub-authentication domains in the first global revoke list and the download addresses of the plurality of sub-authentication domains, and downloads the revoke certificates of the plurality of sub-authentication domains from the first download node, wherein the first download node generates the revoke certificate of the first download node in advance, and downloads the revoke certificates of other sub-authentication domains based on the first global revoke list in advance.
15. A certificate revocation list distribution apparatus, characterized by comprising:
a memory storing executable program code;
a processor coupled with the memory;
the processor invokes the executable program code stored in the memory to perform the certificate revocation list distribution method of any of claims 1 to 11.
16. A storage medium storing computer instructions which, when invoked, perform the certificate revocation list distribution method of any of claims 1 to 11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111458608.5A CN114374516B (en) | 2021-12-02 | 2021-12-02 | Certificate revocation list distribution method and device, storage medium, server and vehicle networking device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111458608.5A CN114374516B (en) | 2021-12-02 | 2021-12-02 | Certificate revocation list distribution method and device, storage medium, server and vehicle networking device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114374516A CN114374516A (en) | 2022-04-19 |
| CN114374516B true CN114374516B (en) | 2022-10-21 |
Family
ID=81140220
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111458608.5A Active CN114374516B (en) | 2021-12-02 | 2021-12-02 | Certificate revocation list distribution method and device, storage medium, server and vehicle networking device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114374516B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115802350B (en) * | 2023-02-07 | 2023-05-05 | 中汽智联技术有限公司 | Certificate revocation status verification system, method and storage medium |
| CN116668098A (en) * | 2023-05-17 | 2023-08-29 | 中国工业互联网研究院 | Root of Trust Data Collection Method and Control System |
| CN120569939A (en) * | 2023-12-29 | 2025-08-29 | 深圳引望智能技术有限公司 | Certificate revocation list updating method and related device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020035137A1 (en) * | 2018-08-14 | 2020-02-20 | Huawei Technologies Co., Ltd. | Lightweight certificate status checking system for large number of certificates |
| CN113395160A (en) * | 2020-03-11 | 2021-09-14 | 大唐移动通信设备有限公司 | Certificate management method and device, issuing entity, management entity and vehicle networking equipment |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8090949B2 (en) * | 2008-03-13 | 2012-01-03 | GM Global Technology Operations LLC | Certificate assignment strategies for efficient operation of the PKI-based security architecture in a vehicular network |
| TWI600334B (en) * | 2016-03-23 | 2017-09-21 | 財團法人工業技術研究院 | Security certificate management method for a vehicular network node and vehicular network node applying the same |
| US11184178B2 (en) * | 2018-09-28 | 2021-11-23 | Blackberry Limited | Method and system for intelligent transportation system certificate revocation list reduction |
-
2021
- 2021-12-02 CN CN202111458608.5A patent/CN114374516B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020035137A1 (en) * | 2018-08-14 | 2020-02-20 | Huawei Technologies Co., Ltd. | Lightweight certificate status checking system for large number of certificates |
| CN113395160A (en) * | 2020-03-11 | 2021-09-14 | 大唐移动通信设备有限公司 | Certificate management method and device, issuing entity, management entity and vehicle networking equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114374516A (en) | 2022-04-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114374516B (en) | Certificate revocation list distribution method and device, storage medium, server and vehicle networking device | |
| JP5747981B2 (en) | System and method for remote maintenance of multiple clients in an electronic network using virtual machines | |
| CN103685138B (en) | The authentication method of the Android platform application software that mobile interchange is online and system | |
| Studer et al. | Flexible, extensible, and efficient VANET authentication | |
| US12192383B2 (en) | Method and system for establishing trust for a cybersecurity posture of a V2X entity | |
| CN112651037B (en) | Out-of-chain data access method and system for block chain system | |
| JP5099139B2 (en) | How to get and check public key certificate status | |
| CN110769393A (en) | Identity authentication system and method for vehicle-road cooperation | |
| US7516326B2 (en) | Authentication system and method | |
| WO2021222448A1 (en) | Method and system for handling dynamic cybersecurity posture of a v2x entity | |
| Khodaei et al. | Scaling pseudonymous authentication for large mobile systems | |
| Förster et al. | Rewire–revocation without resolution: A privacy-friendly revocation mechanism for vehicular ad-hoc networks | |
| CN112738761B (en) | Automobile electronic identification and V2X authentication combination method | |
| CN113938857B (en) | Vehicle pseudonym management mechanism for vehicle privacy protection of Internet of vehicles | |
| CN112600707A (en) | Internet of things equipment authentication method and device, electronic equipment and storage medium | |
| CN113395160B (en) | Certificate management method and device, issuing entity, management entity and vehicle networking equipment | |
| CN113824566A (en) | Certificate authentication method, code number downloading method, device, server and storage medium | |
| Angelogianni et al. | Comparative evaluation of pki and daa-based architectures for v2x communication security | |
| Chen et al. | C-V2X Security Technology | |
| Bar-El | Intra-vehicle information security framework | |
| Foo et al. | Security issues for future intelligent transport systems | |
| CN116846561B (en) | Digital certificate management method and system based on V2X communication | |
| CN113225733A (en) | User identification module, certificate acquisition method, device and storage medium | |
| CN112448809B (en) | Key configuration system and related methods and products | |
| Mushrall III | Segmented viral distribution of certificate revocation lists for the security credential management system: a thesis in Computer Engineering. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |