Abstract: Objective In response to the issues in city railway train control systems, such as the insufficient security, operational complexity, and low cross-domain running efficiency associated with the offline management of vehicle-wayside communication authentication keys, a comprehensive online key management technology solution is proposed. Method Centered on the online key management and supplemented by the offline key management, the proposed solution establishes a secure management framework covering the entire key lifecycle. It employs cryptographic algorithms compliant with national standards, integrating digital envelope and digital signature mechanisms to ensure secure data transmission and identity authentication. The solution also clearly defines technical procedures for key management in same-domain, cross-domain, and special scenarios. Result ＆ Conclusion The proposed solution demonstrates high feasibility and scalability. By establishing a new KMC（key management center） and the CMC（certificate management center）, the existing signaling equipment—key management authentication key（KMAC）—is revamped and integrated. The research result provides technical support for secure and stable operation of city railway train control systems across various scenarios, as well as reference for further optimization of key management technologies in rail transit systems.