CN101662363B - Multi-layer rolling code encryption and decryption technology - Google Patents
Multi-layer rolling code encryption and decryption technology Download PDFInfo
- Publication number
- CN101662363B CN101662363B CN2008101431269A CN200810143126A CN101662363B CN 101662363 B CN101662363 B CN 101662363B CN 2008101431269 A CN2008101431269 A CN 2008101431269A CN 200810143126 A CN200810143126 A CN 200810143126A CN 101662363 B CN101662363 B CN 101662363B
- Authority
- CN
- China
- Prior art keywords
- decryption
- encryption
- code
- count value
- rolling code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000005096 rolling process Methods 0.000 title claims abstract description 33
- 238000005516 engineering process Methods 0.000 title abstract description 23
- 230000001360 synchronised effect Effects 0.000 claims abstract description 8
- 238000012545 processing Methods 0.000 claims abstract description 6
- 238000000034 method Methods 0.000 claims description 15
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 abstract description 9
- 239000010410 layer Substances 0.000 description 20
- 239000002356 single layer Substances 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000010076 replication Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Landscapes
- Lock And Its Accessories (AREA)
Abstract
本发明公开了一种多层滚动码加解密技术。为了克服现有同类加解密技术抗攻击能力差,适用性不强等不足,本发明加密算法将私密和密钥、厂家编码、序列号等以及两个同步计数值进行多层嵌套滚动码加密运算处理,得到最后输出密文;解密算法将接收到的密文采用私密和密钥、厂家编码、序列号等生成的密钥,分两层进行滚动码解密,得到两个同步计数值,最后,对这两个同步计数值分别进行核对,如果满足匹配要求,则通过双同步计数值时间窗口,解密有效。本发明可用于汽车、仓库、住房及其他重要场所的无钥门禁系统;也可用于银行、证券、通信等数据加密传输领域;本发明可靠性高、安全性好、抗攻击能力强、保密性高、使用方便。The invention discloses a multi-layer rolling code encryption and decryption technology. In order to overcome the shortcomings of the existing similar encryption and decryption technology, such as poor anti-attack ability and poor applicability, the encryption algorithm of the present invention performs multi-layer nested rolling code encryption on the private key, manufacturer code, serial number, etc., and two synchronous count values. Computational processing to obtain the final output ciphertext; the decryption algorithm uses the secret key, the key generated by the manufacturer's code, and the serial number to decrypt the received ciphertext in two layers to obtain two synchronous counting values, and finally , respectively check the two synchronous count values, and if the matching requirements are met, the decryption is valid through the time window of the double synchronous count values. The present invention can be used in keyless access control systems of automobiles, warehouses, houses and other important places; it can also be used in data encryption transmission fields such as banks, securities and communications; the present invention has high reliability, good security, strong anti-attack ability and confidentiality High and easy to use.
Description
技术领域 technical field
本发明涉及一种数据加密传输的加、解密技术,具体为一种多层滚动码加解密技术。The invention relates to an encryption and decryption technology for encrypted transmission of data, in particular to a multi-layer rolling code encryption and decryption technology.
背景技术 Background technique
民用点对点无线或有线数据传输技术,广泛应用于汽车、仓库、住房及其他重要场所的无钥门禁系统;也可用于银行、证券、通信等数据加密传输领域。Civilian point-to-point wireless or wired data transmission technology is widely used in keyless access control systems in automobiles, warehouses, housing and other important places; it can also be used in data encryption transmission fields such as banking, securities, and communications.
近年来,基于加密算法的编解码IC安全机制的研究取得了长足发展,推动了民用点对点数据传输编码技术由固定码向滚动码发展,基本淘汰了保密性较差的固定码技术。最成功的典型代表是美国Microship公司的KEELOQ技术,它创造了一种多变化(以每天工作10次计算,工作18年不发送重复码)、抗截获、抗复制、抗编码扫描、安全性好、可靠性高的非线性滚动码加解密技术(即单层滚动码加解密技术,其代表芯片为HCS300),是目前世界上遥控无钥门禁RKE领域的首选技术。In recent years, the research on the codec IC security mechanism based on encryption algorithms has made great progress, which has promoted the development of civilian point-to-point data transmission coding technology from fixed codes to rolling codes, and basically eliminated the fixed code technology with poor confidentiality. The most successful typical representative is the KEELOQ technology of Microship Corporation of the United States, which has created a multi-variation (calculated by working 10 times a day, without sending repeated codes for 18 years), anti-interception, anti-copying, anti-coding scanning, and good security. , Non-linear rolling code encryption and decryption technology with high reliability (that is, single-layer rolling code encryption and decryption technology, whose representative chip is HCS300), is the preferred technology in the field of remote control keyless access control RKE in the world.
固定码保密性差,只需简单的复制或扫描技术即可轻易攻破,存在巨大的安全隐患。尽管固定码技术在国外已被淘汰,但在国内一些安全性要求不太高的场所(包括某些重要的数据传输系统)仍在大量使用。The fixed code has poor confidentiality and can be easily broken through simple copying or scanning techniques, which poses a huge security risk. Although the fixed code technology has been eliminated abroad, it is still widely used in some domestic places with low security requirements (including some important data transmission systems).
基于KEELOQ非线性滚动码加解密技术(即单层滚动码加解密技术)的HCS300也存在一些不足:一是芯片的加密数据必须预先写入,用户的私人信息无法后续写入,限制了应用范围,造成使用中的诸多不便;二是HCS300存有技术漏洞,危害保密安全。例如:生产厂家密钥(核心密钥)一旦泄漏,可能造成整个系统崩溃的巨大灾难。同时,还存在利用它的漏洞进行复制,从而攻破它的安全密钥的可能。例如07年东北一盗车团伙攻破某一车型的门禁,20余秒即可打开车门,半年盗车近百辆;08年广东、湖南也发生了某一车型的门禁系统被攻破的案例;三是HCS300没有误码检测功能,使用中,数据传输一旦出现误码,后果同样很严重。HCS300 based on KEELOQ nonlinear rolling code encryption and decryption technology (i.e. single-layer rolling code encryption and decryption technology) also has some shortcomings: first, the encrypted data of the chip must be written in advance, and the user's private information cannot be written later, which limits the scope of application , causing a lot of inconvenience in use; second, there are technical loopholes in HCS300, which endanger the security of confidentiality. For example: once the manufacturer's key (core key) leaks, it may cause a huge disaster that the entire system collapses. At the same time, there is also the possibility of exploiting its loopholes for replication, thus breaking its security key. For example, in 2007, a car theft gang in Northeast China broke through the access control of a certain model, and opened the door within 20 seconds, stealing nearly 100 vehicles in half a year; in 2008, there were also cases where the access control system of a certain model was breached in Guangdong and Hunan; The reason is that HCS300 does not have the function of bit error detection. In use, once a bit error occurs in data transmission, the consequences are also very serious.
发明内容 Contents of the invention
本发明的目的就是要克服上述不足,提供一种多层滚动码加解密技术,使用这种加解密技术,用户可以灵活方便地设置或修改私密,采取私密和公密(密钥、厂家编码、序列号等)二层保护,多层嵌套滚动加密传送,可靠性更高、安全性更好、抗攻击能力更强、保密性更高、使用更方便。Purpose of the present invention will overcome above-mentioned deficiency exactly, provide a kind of multi-layer rolling code encryption and decryption technology, use this encryption and decryption technology, the user can set up or revise privately conveniently, adopt privately and public secret (key, manufacturer's code, Serial number, etc.) two-layer protection, multi-layer nested rolling encryption transmission, higher reliability, better security, stronger anti-attack ability, higher confidentiality, and more convenient to use.
为达到上述目的,本发明的技术方案是,该多层滚动码加解密技术包括如下步骤:In order to achieve the above object, the technical solution of the present invention is that the multi-layer rolling code encryption and decryption technology includes the following steps:
(1)加密算法(1) Encryption algorithm
a.用滚动码加密算法对同步计数值2和私密进行顶层滚动码加密处理,得到加密数据2;a. Use the rolling code encryption algorithm to encrypt the synchronization count value 2 and secret with the top-level rolling code encryption to obtain the encrypted data 2;
b.用密钥生成算法对加密数据2和密钥进行处理得新密钥;b. Process the encrypted data 2 and the key with a key generation algorithm to obtain a new key;
c.用新密钥对同步计数值1进行底层滚动码加密处理,得到最后输出密文,即加密数据1;c. Use the new key to encrypt the bottom layer rolling code on the synchronization count value 1 to obtain the final output ciphertext, that is, encrypted data 1;
d.该加密数据1与信息码和序列号组成发送码,一起发送。d. The encrypted data 1, the information code and the serial number form the sending code and send it together.
(2)解密算法(2) Decryption algorithm
a.核对序列号;a. Check the serial number;
b.用生成算法对私密、密钥、厂家编码进行处理,生成新密钥;b. Use the generation algorithm to process the secret, key, and manufacturer's code to generate a new key;
c.用步骤b生成的新密钥对解码器接收到的加密数据1进行底层解密,得到同步计数值1和底层解密密文;c. Use the new key generated in step b to decrypt the encrypted data 1 received by the decoder to obtain the synchronization count value 1 and the decrypted ciphertext at the bottom layer;
d.用私密对底层解密密文进行顶层解密处理,得同步计数值2;d. Perform top-level decryption processing on the bottom-level decrypted ciphertext with secret, and obtain a synchronization count value of 2;
e.对同步计数值1和同步计数值2进行核对,如果满足匹配要求,则通过双同步计数值时间窗口,解密有效;e. Check the synchronization count value 1 and the synchronization count value 2. If the matching requirements are met, the decryption is valid through the double synchronization count value time window;
f.如果解密有效,则执行信息码表示的指令。f. If the decryption is valid, execute the instruction indicated by the information code.
在底层和顶层进行解密处理的过程中,可分别得到同步计数值1和同步计数值2,这两个同步计数值均需满足各自的时间窗口匹配的要求。否则,解密过程会自动终止,解密无效。双时间窗口的转动角速度是不同的。这样,大大增强了加解密系统的保密性和抗攻击能力,也使得发送重复码的时间周期延长到了上百年。During the decryption process of the bottom layer and the top layer, a synchronization count value 1 and a synchronization count value 2 can be obtained respectively, and both of these two synchronization count values need to meet their respective time window matching requirements. Otherwise, the decryption process will be automatically terminated and the decryption will be invalid. The rotational angular velocities of the dual time windows are different. In this way, the confidentiality and anti-attack capability of the encryption and decryption system are greatly enhanced, and the time period for sending repetition codes is extended to hundreds of years.
本发明根据分组对称加密算法,并结合了多层嵌套和非线性滚动码技术,即二层嵌套滚动编码算法,顶层为私密滚动编码层,底层把私密滚动码嵌套到由序列号和厂家编码生成的密钥中,组成新的密钥,再经过滚动加密处理,得到最后发送的编码字。The present invention is based on a group symmetric encryption algorithm, and combines multi-layer nesting and nonlinear rolling code technology, that is, a two-layer nested rolling code algorithm, the top layer is a private rolling code layer, and the bottom layer nests the private rolling code into a sequence number and The key generated by the manufacturer's code is used to form a new key, and then undergo rolling encryption processing to obtain the final code word sent.
在二层嵌套滚动编码过程中,运用了双同步计数值加密处理,只有满足双同步计数值时间窗口的要求时,解码才能有效进行。In the process of two-layer nested rolling encoding, the double-synchronous count value encryption is used, and only when the time window requirements of the double-synchronous count value are met, the decoding can be carried out effectively.
双同步计数值时间窗口技术的运用,使得理论上发送重复码的时间周期延长到了上百年,大大超过现有的(单层)滚动码技术的18年时间,这样,大大增强了加解密系统的保密性和抗攻击能力,使截获、复制、编码扫描以及重发机制等可能的攻击手段完全失效。The application of double synchronous counter value time window technology makes the time period of sending repeated codes theoretically extended to hundreds of years, which greatly exceeds the 18-year time of the existing (single-layer) rolling code technology. In this way, the encryption and decryption system is greatly enhanced. Confidentiality and anti-attack capabilities completely invalidate possible attack methods such as interception, copying, code scanning, and retransmission mechanisms.
本发明将二次非线性加密算法生成的双层32位跳码与24位序列号、4位信息码以及标志位等组合在一起,形成一个64位的编码字,私密的传送采取嵌套式滚动加密方式进行(二次非线性滚动码加密技术)。用户的私密参与多层滚动码的加、解密过程,能有效防止由于公密(密钥、厂家编码、序列号等)泄漏而引发整个系统崩溃的危害,大大提高了系统的保密性和适用性。The invention combines the double-layer 32-bit hopping code generated by the secondary non-linear encryption algorithm with the 24-bit serial number, 4-bit information code and flag bits to form a 64-bit coded word, and the private transmission adopts nested Rolling encryption is carried out (secondary non-linear rolling code encryption technology). The user's private participation in the encryption and decryption process of the multi-layer rolling code can effectively prevent the damage of the entire system from collapsing due to the leakage of public secrets (keys, manufacturer codes, serial numbers, etc.), and greatly improve the confidentiality and applicability of the system .
本发明使用的密钥、序列号和其他重要数据,都存放在CPLD片内设计的各类存储器中,不能通过任何外部连接对其进行访问,可以防止任何非法窃取信息的企图,可靠性高,安全性好,保密性强。Keys, serial numbers and other important data used in the present invention are all stored in various types of memory designed in the CPLD chip, and cannot be accessed through any external connection, which can prevent any attempt to illegally steal information, and has high reliability. Good security and strong confidentiality.
具体实施方式 Detailed ways
实施例1Example 1
本发明多层滚动码加解密技术可以通过CPLD/FPGA芯片或其他可编程器件实施,步骤如下:The multi-layer rolling code encryption and decryption technology of the present invention can be implemented by CPLD/FPGA chips or other programmable devices, and the steps are as follows:
(1)加密算法(1) Encryption algorithm
a.用滚动码加密算法对同步计数值2和私密进行顶层滚动码加密处理,得到加密数据2;a. Use the rolling code encryption algorithm to encrypt the synchronization count value 2 and secret with the top-level rolling code encryption to obtain the encrypted data 2;
b.用密钥生成算法对加密数据2和密钥进行处理得新密钥;b. Process the encrypted data 2 and the key with a key generation algorithm to obtain a new key;
c.用新密钥对同步计数值1进行底层滚动码加密处理,得到最后输出密文,即加密数据1;c. Use the new key to encrypt the bottom layer rolling code on the synchronization count value 1 to obtain the final output ciphertext, that is, encrypted data 1;
d.该加密数据1与信息码和序列号组成发送码,一起发送。d. The encrypted data 1, the information code and the serial number form the sending code and send it together.
(2)解密算法(2) Decryption algorithm
a.核对序列号;a. Check the serial number;
b.用生成算法对私密、密钥、厂家编码进行处理,生成新密钥;b. Use the generation algorithm to process the secret, key, and manufacturer's code to generate a new key;
c.用步骤b生成的新密钥对解码器接收到的加密数据1进行底层解密,得到同步计数值1和底层解密密文;c. Use the new key generated in step b to decrypt the encrypted data 1 received by the decoder to obtain the synchronization count value 1 and the decrypted ciphertext at the bottom layer;
d.用私密对底层解密密文进行顶层解密处理,得同步计数值2;d. Perform top-level decryption processing on the bottom-level decrypted ciphertext with secret, and obtain a synchronization count value of 2;
e.对同步计数值1和同步计数值2进行核对,如果满足匹配要求,则通过双同步计数值时间窗口,解密有效;e. Check the synchronization count value 1 and the synchronization count value 2. If the matching requirements are met, the decryption is valid through the double synchronization count value time window;
f.如果解密有效,则执行信息码表示的指令。f. If the decryption is valid, execute the instruction indicated by the information code.
Claims (1)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101431269A CN101662363B (en) | 2008-08-30 | 2008-08-30 | Multi-layer rolling code encryption and decryption technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2008101431269A CN101662363B (en) | 2008-08-30 | 2008-08-30 | Multi-layer rolling code encryption and decryption technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101662363A CN101662363A (en) | 2010-03-03 |
| CN101662363B true CN101662363B (en) | 2012-11-07 |
Family
ID=41790171
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2008101431269A Expired - Fee Related CN101662363B (en) | 2008-08-30 | 2008-08-30 | Multi-layer rolling code encryption and decryption technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101662363B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101931523A (en) * | 2010-05-10 | 2010-12-29 | 胡章儒 | Inversed chip-stage decoding time synchronization rolling codes |
| CN102568062B (en) * | 2011-09-29 | 2014-06-18 | 浙江吉利汽车研究院有限公司 | Encryption and decryption method for remote controller |
| CN103178958B (en) * | 2012-11-23 | 2015-11-18 | 怀化学院 | Based on the file encryption-decryption device of multilayer rolling code |
| CN104283674A (en) * | 2014-10-27 | 2015-01-14 | 北海市蕴芯电子科技有限公司 | TTF RFID with both rolling code and secret key encrypted |
| CN107393277A (en) * | 2017-08-28 | 2017-11-24 | 江苏赫奕科技有限公司 | Method of sending and receiving based on low-power consumption safe mode des encryption rolling code |
| CN107579824B (en) * | 2017-10-13 | 2021-03-12 | 车展交通器材(台山)有限公司 | Automobile remote control method based on rolling code |
| CN107749795B (en) * | 2017-10-13 | 2021-03-30 | 车展交通器材(台山)有限公司 | Automobile remote control method based on rolling code secondary encryption |
| CN109309571A (en) * | 2018-11-13 | 2019-02-05 | 厦门云拓智维科技有限公司 | A kind of setting method of key |
| CN112019567A (en) * | 2020-10-14 | 2020-12-01 | 深圳瀚飞科技开发有限公司 | Repeated exclusion encryption system and communication method for networking communication equipment |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1752996A (en) * | 2004-09-24 | 2006-03-29 | 比亚迪股份有限公司 | Identity recognition system for keyless entering automobile and its recognition method |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7231041B2 (en) * | 2003-08-19 | 2007-06-12 | General Motors Corporation | Method, device, and system for secure motor vehicle remote keyless entry |
| US20070279184A1 (en) * | 2006-05-22 | 2007-12-06 | Siemens Vdo Automotive Corporation | Method Of Operating Multiple Vehicles Using Any Transmitter From A Programmed Group |
-
2008
- 2008-08-30 CN CN2008101431269A patent/CN101662363B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1752996A (en) * | 2004-09-24 | 2006-03-29 | 比亚迪股份有限公司 | Identity recognition system for keyless entering automobile and its recognition method |
Non-Patent Citations (4)
| Title |
|---|
| Keeloq滚动码加密安全系统的开发设计;唐明星等;《江西农业大学学报》;20011231;第23卷(第05期);32-35 * |
| 何此昂等.远程无钥匙进入系统的方案设计.《单片机与嵌入式系统应用》.2006,(第12期), |
| 唐明星等.Keeloq滚动码加密安全系统的开发设计.《江西农业大学学报》.2001,第23卷(第05期), |
| 远程无钥匙进入系统的方案设计;何此昂等;《单片机与嵌入式系统应用》;20061231(第12期);49-51 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101662363A (en) | 2010-03-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101662363B (en) | Multi-layer rolling code encryption and decryption technology | |
| CN106971441B (en) | Unlocking method, door lock, key and lockset | |
| CN105530263A (en) | An ultra-lightweight RFID two-way authentication method based on tag ID | |
| CN103413109B (en) | A kind of mutual authentication method of radio frequency identification system | |
| WO2007111660A3 (en) | Method and system for protecting user data in a node | |
| CN201408535Y (en) | Trusted hard disk facing to trusted computation cryptograph supporting platform | |
| CN102855161A (en) | Data interleaving scheme for an external memory of a secure microcontroller | |
| CN102682311B (en) | Passive radio frequency identification (RFID) secutiry authentication method based on cyclic redundancy check (CRC) code operation | |
| CN101388053A (en) | Method, system, and apparatus for encrypting, integrity, and anti-replay protecting data | |
| JPH086520B2 (en) | Remote access system | |
| CN104832044A (en) | Novel mechano-electronic dual-safety type safe box | |
| CN102855504A (en) | Method and device for ownership transfer of radio frequency identification (RFID) tag | |
| CN107276748A (en) | A kind of keyless entry of automobile and the key derivation process of activation system | |
| CN104883681A (en) | Mobile RFID mutual authentication method based on dynamic shared secret key | |
| WO2007053822A3 (en) | Security enabler device and method for securing data communications | |
| CN109560936A (en) | The method that private key is lost or identity data is stolen problem is protected and handled for digital asset private key | |
| CN102857503A (en) | Secure wireless transmission method for fingerprint data | |
| CN106027244A (en) | Integrated distributed electric automobile controller secure communication method and system | |
| CN101552776B (en) | Fuzzy Vault encrypting method based on secrete sharing | |
| CN107038778A (en) | A kind of smart lock based on NFC changes close control method offline | |
| CN101021973A (en) | Method for fraudelent electronic vehicle number plate preventing identifying system | |
| CN106204812A (en) | Electronic lock and unlocking verification method thereof | |
| CN104794789A (en) | Photoelectric coded lock system | |
| CN103178958B (en) | Based on the file encryption-decryption device of multilayer rolling code | |
| TWI554908B (en) | Data Encryption System |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121107 Termination date: 20170830 |