Method of providing security for controller using encryption and apparatus thereof

US 10,348,694 B2
Filed: 12/09/2016
Issued: 07/09/2019
Est. Priority Date: 05/17/2016
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a controller by a gateway in a vehicle, comprising:

transmitting a first symmetric key to the controller;

generating a first one-time authentication value (OTAV), encrypting the first OTAV with the first symmetric key and delivering the encrypted first OTAV to the controller;

sending a request for authentication using the first OTAV to the controller;

receiving a hash value from the controller in response to the request,wherein the first symmetric key is encrypted using a third symmetric key corresponding to a session prior to a session in which authentication using the first OTAV is performed, andwherein the method further includes;

determining a hash value using the first OTAV;

comparing the received hash value with the determined hash value; and

generating a second symmetric key when the received hash value is identical to the determined hash value; and

authenticating the controller using a prestored certificate and public key when the received hash value differs from the determined hash value.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a controller by a gateway in a vehicle may include transmitting a first symmetric key to the controller; generating a first one-time authentication value (OTAV), encrypting the first OTAV with the first symmetric key and delivering the encrypted first OTAV to the controller; sending a request for authentication using the first OTAV to the controller; and receiving a hash value from the controller in response to the request.

50 Citations

View as Search Results

13 Claims

1. A method of authenticating a controller by a gateway in a vehicle, comprising:
- transmitting a first symmetric key to the controller;
  
  generating a first one-time authentication value (OTAV), encrypting the first OTAV with the first symmetric key and delivering the encrypted first OTAV to the controller;
  
  sending a request for authentication using the first OTAV to the controller;
  
  receiving a hash value from the controller in response to the request,wherein the first symmetric key is encrypted using a third symmetric key corresponding to a session prior to a session in which authentication using the first OTAV is performed, andwherein the method further includes;
  
  determining a hash value using the first OTAV;
  
  comparing the received hash value with the determined hash value; and
  
  generating a second symmetric key when the received hash value is identical to the determined hash value; and
  
  authenticating the controller using a prestored certificate and public key when the received hash value differs from the determined hash value.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, further comprising:
    - transmitting the second symmetric key along with a first random number to the controller;
      
      receiving, from the controller, the first random number encrypted with the second symmetric key and a second random number;
      
      comparing the first random number encrypted with the second symmetric key with the first random number stored in the gateway; and
      
      encrypting the second random number with the second symmetric key and transmitting the encrypted second random number to the controller when the first random number encrypted with the second symmetric key is identical to the first random number stored in the gateway.
  - 3. The method according to claim 2, further comprising:
    - generating a second OTAV, encrypting the second OTAV with the second symmetric key and delivering the encrypted second OTAV to the controller; and
      
      sending a request for authentication using the second OTAV to the controller.
  - 4. The method according to claim 1, wherein the received hash value is in plaintext or is encrypted.
  - 5. The method according to claim 2, wherein the second symmetric key and the first random number are encrypted with the first symmetric key.
  - 6. The method according to claim 1, wherein the generating of the first OTAV comprises comparing the first OTAV with at least one previously generated and disused OTAV.
  - 7. The method according to claim 6, further comprising:
    - copying the first OTAV from a second storage to a first storage when the received hash value is identical to the determined hash value, the at least one disused OTAV being stored in the first storage; and
      
      deleting the first OTAV from the second storage.

8. A method of performing authentication by a controller with respect to a gateway in a vehicle, comprising:
- receiving a first symmetric key from the gateway;
  
  receiving a first one-time authentication value (OTAV), encrypted with the first symmetric key;
  
  receiving a request for authentication using the first OTAV from the gateway; and
  
  transmitting a hash value of the first OTAV to the gateway in response to the request,receiving a second symmetric key and a first random number from the gateway when it is determined by the gateway that the transmitted hash value is identical to a hash value determined by the gateway; and
  
  performing authentication with the gateway based on a certificate prestored in the gateway and a public key of the gateway when it is determined by the gateway that the transmitted hash value differs from the determined hash value,wherein the first symmetric key is encrypted using a third symmetric key corresponding to a session prior to a session in which authentication using the first OTAV is performed.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method according to claim 8, further comprising:
    - storing the second symmetric key and generating a second random number;
      
      encrypting the first random number and the second random number and transmitting the encrypted random numbers to the gateway; and
      
      receiving the second random number encrypted with the second symmetric key from the gateway.
  - 10. The method according to claim 9, further comprising:
    - receiving a second OTAV encrypted with the second symmetric key from the gateway;
      
      performing decryption using the second symmetric key to acquire the second OTAV; and
      
      transmitting a hash value of the second OTAV to the gateway upon reception of a request for authentication using the second OTAV from the gateway.
  - 11. The method according to claim 8, wherein the hash value is in plaintext or is encrypted.
  - 12. The method according to claim 9, wherein the second symmetric key and the first random number are encrypted with the first symmetric key.

13. A non-transitory computer readable recording medium storing a program of executing a controller authentication method, wherein thecontroller authentication method includes:
- transmitting a first symmetric key to the controller;
  
  generating a first one-time authentication value (OTAV), encrypting the first OTAV with the first symmetric key and delivering the encrypted first OTAV to the controller;
  
  sending a request for authentication using the first OTAV to the controller;
  
  receiving a hash value from the controller in response to the request,wherein the first symmetric key is encrypted using a third symmetric key corresponding to a session prior to a session in which authentication using the first OTAV is performed, andwherein the method further includes;
  
  determining a hash value using the first OTAV;
  
  comparing the received hash value with the determined hash value; and
  
  generating a second symmetric key when the received hash value is identical to the determined hash value; and
  
  authenticating the controller using a prestored certificate and public key when the received hash value differs from the determined hash value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hyundai Motor Company (Hyundai Motor Group)
Original Assignee
Hyundai Motor Company (Hyundai Motor Group)
Inventors
Cho, A Ram, Ahn, Hyun Soo, Jung, Ho Jin
Primary Examiner(s)
Waliullah, Mohammed

Application Number

US15/374,939
Publication Number

US 20170339115A1
Time in Patent Office

942 Days
Field of Search
US Class Current
CPC Class Codes

H04L 2209/84   Vehicles

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 9/0819   Key transport or distributi...

H04L 9/14   using a plurality of keys o...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/062   Pre-authentication

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

H04W 4/02   Services making use of loca...

H04W 4/40   for vehicles, e.g. vehicle-...

H04W 4/90   Services for handling of em...

Method of providing security for controller using encryption and apparatus thereof

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

50 Citations

13 Claims

Specification

Use Cases

Quick Links

Others

Method of providing security for controller using encryption and apparatus thereof

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

50 Citations

13 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others