Abstract: The present disclosure relates to an authentication method. An example method includes: a first authentication device obtaining first signal feature information according to a first wireless signal sent by a second authentication device, receiving second signal feature information from the second authentication device, and determining whether authentication is successful according to the first signal feature information and the second signal feature information.

Abstract: The present disclosure provides an intrusion monitoring system, an intrusion monitoring method and related products. The intrusion monitoring system includes: a first monitoring component deployed in a controller area network, a second monitoring component deployed in an Ethernet network, and a first control component; the first monitoring component is configured to obtain first CAN reporting information on data traffic in the system and transmit the first CAN reporting information to the first control component; the second monitoring component is configured to obtain second Ethernet reporting information on the data traffic and transmit the second Ethernet reporting information to the first control component; and the first control component is configured to receive the first CAN reporting information from the first monitoring component and the second Ethernet reporting information from the second monitoring component, and determine whether the data traffic is an attack.

Abstract: A vehicle-mounted device upgrade method and a related device. The method may be applied to a vehicle-mounted system, a vehicle-mounted control device and one or more to-be-upgraded vehicle-mounted devices, and the method may include: obtaining, by the vehicle-mounted control device, a vehicle-mounted upgrade package, where the vehicle-mounted upgrade package includes a plurality of upgrade files, and each upgrade file is used to upgrade at least one to-be-upgraded vehicle-mounted device; performing, by the vehicle-mounted control device, security verification on the plurality of upgrade files; and sending, by the vehicle-mounted control device, a target upgrade file to a target to-be-upgraded vehicle-mounted device that is to be upgraded by using the target upgrade file, where the target upgrade file is an upgrade file on which security verification succeeds in the plurality of upgrade files. According to this application, the vehicle-mounted device can be securely and efficiently upgraded.

Abstract: A random number generation apparatus includes an electric network frequency (ENF) extractor, an entropy generation module, and an entropy pool. The random number generation apparatus may generate a true random number and a pseudo random number based on an ENF signal of an electric network without using a hardware entropy source.

Abstract: A camera authentication method and a control apparatus are provided, and are applicable to an identity authentication of an on-board camera in the autonomous driving field. The method includes: obtaining one or more frames of a first image shot by a to-be-authenticated camera; determining one or more light intensity offset values of N photosensitive units based on the one or more frames of the first image; determining a matching degree between the light intensity offset values of the N photosensitive units and a preset N-dimensional vector; and if the matching degree meets a preset condition, determining that authentication of the to-be-authenticated camera succeeds, where the N photosensitive units are in a photosensitive layer of the to-be-authenticated camera, and the photosensitive layer includes M photosensitive units, where N?M. This technical solution is used to improve camera security.

Abstract: A vehicle communication access framework and a method are provided. The vehicle communication access framework comprises: a first device residing in a vehicle, a first processing system operated by a trusted third party, a second processing system operated by an original equipment manufacturer (OEM) of the vehicle, and a third processing system operated by a third party provider; wherein communication accesses among the first device, second processing system and third processing system are based on Identity Based Cryptography (IBC) private keys generated by the first processing system to respective first device, second processing system and third processing system.

Abstract: A charging authentication method and apparatus are provided, to improve security of communication between an electric vehicle and a charging spot. When the method is performed by an electric vehicle, a first connection is established between the electric vehicle and a charging spot by using a controller area network CAN bus, a second connection is established between the electric vehicle and a charging management system by using a mobile communication network, and the method includes: The electric vehicle sends a charging request message to the charging spot by using the first connection; and the electric vehicle performs identity authentication and key negotiation with the charging spot by using the second connection and a third connection between the charging spot and the charging management system.

Abstract: This disclosure provide a vehicle control method. A first terminal device obtains first biometric information of a first user, generates a first key based on the first biometric information and identifier information of the first terminal device, and generates first verification information based on the first key. Further, the first terminal device sends the first verification information to an in-vehicle device. When successfully verifying the first verification information, the in-vehicle device controls a vehicle to start. If the first user loses the first terminal device, an unauthorized user that obtains the first terminal device cannot control the vehicle based on only the identifier information of the first terminal device. Because different users have different biometric information, a key generated by the first terminal device is different from the first key, and the in-vehicle device cannot control the vehicle to start. This improves vehicle security.

Abstract: A camera identification method comprises identifying a to-be-identified camera using a light sensitivity deviation of each pixel in the to-be-identified camera; generating corresponding identification data; identifying a target camera using a light sensitivity deviation of each pixel in the target camera; and identifying the target camera by comparing a similarity between data that identifies the target camera and identification data of a known camera.

Abstract: A radar authentication method includes after obtaining output data of a to-be-authenticated radar, a computer device that first invokes a prediction model to obtain predicted data of the to-be-authenticated radar based on the output data of the to-be-authenticated radar, where the prediction model is obtained through training based on output data of a target radar. Then the computer device verifies, based on the predicted data of the to-be-authenticated radar and the output data of the to-be-authenticated radar, whether the to-be-authenticated radar and the target radar are the same radar.

Abstract: Embodiments of this application provide a method for managing software versions of an electronic device in a vehicle and a relevant device, the method including: transmitting an update bundle to a target vehicle; receiving an update response from the target vehicle, wherein the update response is used to indicate one or more patches which have been successfully installed among the N patches; updating a vehicle version tree corresponding to the target vehicle according to the update response to obtain an updated VVT. The above-mentioned technical solution provides a lightweight and efficient version control mechanism for maintaining the software versions for each the electronic devices in a vehicle.

Abstract: A method for authenticating a connection between a user device and a vehicle includes sending, by the vehicle, a first wireless signal through a connection channel, receiving, by the vehicle, a second wireless signal through the connection channel, and acquiring, by the vehicle, a second signal strength sequence from second N continuous signal strength characteristics (PFVeh) of the second wireless signal, receiving, by the user device from the vehicle, the first wireless signal, acquiring a first signal strength sequence from first N continuous signal strength characteristics (PFUDev) of the first wireless signal, and communicating, by the user device, the first signal strength sequence to the vehicle.

Abstract: A vehicle-mounted device upgrade method and a related apparatus, where the method includes an on-board unit (Tbox) of a vehicle that processes a first data segment according to a first algorithm to obtain a first check value, where the first data segment is any data segment in a plurality of data segments included in an upgrade file of a control unit, and the first check value is sent to the control unit, and the Tbox encrypts the first data segment by using a first key to obtain a first encrypted segment, and sends the first encrypted segment to the control unit, so that the control unit stores, in the control unit, the first data segment obtained by decrypting the first encrypted segment by using the first key, where the first data segment is used by the control unit to form the upgrade file for upgrade.

Abstract: A smart lock unlocking method and a related device are provided, and may be specifically applied to an intelligent vehicle and a self-driving vehicle, to implement an unlocking function of a smart lock of the vehicle. The method includes: A terminal device monitors a distance change trend between the terminal device and an intelligent device, where the intelligent device includes a smart lock (S401). If the terminal device determines that the terminal device is approaching the intelligent device and a distance between the terminal device and the intelligent device is less than a first distance threshold, the terminal device enables an identity authentication process between the terminal device and the intelligent device (S402). The terminal device unlocks the smart lock when identity authentication between the terminal device and the intelligent device succeeds (S403).

Abstract: A controller area network bus based security communications system includes a gateway electronic control unit (ECU) and at least one control area network (CAN) bus ECU. The gateway ECU generates a random number, and sends the random number to the at least one CAN bus ECU. A first CAN bus ECU obtains the random number sent by the gateway ECU, and generates a first information authentication code based on a key of a first CAN identifier, the random number sent by the gateway ECU, a count value of the first CAN identifier, and data of a first CAN packet.

Abstract: This document describes a system and method for generating two types of session keys for encoding digital communications between two devices. In particular, the first type of session key possesses escrow properties whereby a trusted third party will be able to generate the first type of session key to decode the digital communications between the two devices while the second type of session key does not possess escrow properties.

Abstract: A symmetric key-based generation and distribution system and method for a vehicle access authentication framework is provided, the framework comprising: a first device operated by a car owner, a second device operated by a delegated user, and a third device residing in a vehicle. The first device is configured to: request for an authentication key from the third device, the request for the authentication key comprising an ID of the first device, idO; receive an authentication key KidO from the third device; and generate a delegated authentication key KidU based on authentication key KidO and an ID of the second device in response to receiving a request for delegated authentication key from the second device, the request for delegated authentication key comprising the ID of the second device.

Abstract: This document describes a system and method for managing communications between modules in a Controller Area Network (CAN) in a secure manner. In particular, the system employs a hierarchical key generation method that allows a module in the CAN to use a single ascendant key together with relevant identifiers to generate descendant keys for CAN identities in the Controller Area Network. These keys are then used by the broadcasting and receiving CAN modules to authenticate published messages.

Abstract: A method for authenticating a connection between a user device and a vehicle includes sending, by the vehicle, a first wireless signal through a connection channel, receiving, by the vehicle, a second wireless signal through the connection channel, and acquiring, by the vehicle, a second signal strength sequence from second N continuous signal strength characteristics (PFVeh) of the second wireless signal, receiving, by the user device from the vehicle, the first wireless signal, acquiring a first signal strength sequence from first N continuous signal strength characteristics (PFUDev) of the first wireless signal, and communicating, by the user device, the first signal strength sequence to the vehicle.

Abstract: A first apparatus sends a first random number to a second apparatus, where a vehicle carries the first apparatus and a first set. The second apparatus belongs to the first set. The first set further includes a third apparatus. The first apparatus communicates with the third apparatus using the second apparatus. The first apparatus receives a first message from the second apparatus. The first message includes first verification information to perform identity verification on the second apparatus. The first verification information is based on identity information of the second apparatus and the first random number. The first apparatus determines, based on the first verification information and the first random number, that the identity verification on the second apparatus has succeeded.