Key management method used in encryption processing for safely transmitting and receiving messages

US 10,530,572 B2
Filed: 07/06/2016
Issued: 01/07/2020
Est. Priority Date: 11/13/2014
Status: Active Grant

First Claim

Patent Images

1. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:

storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;

acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key; and

executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is in a particular state,wherein the particular state is a state where the vehicle is not driving and is an accessory-on state.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a key management method to secure security in an onboard network system having multiple electronic control units storing a shared key. In the key management method of the onboard network system including multiple electronic units (ECUs) that perform communication by frames via a bus, a master ECU stores a shared key to be mutually shared with one or more ECUs. Each of the ECUs acquire a session key by communication with the master ECU based on the stored shared key, and after this acquisition, executes encryption processing regarding a frame transmitted or received via the bus, using this session key. In a case where a vehicle in which the onboard network system is installed is in a particular state, the master ECU executes inspection of a security state of the shared key stored by the ECU or the like.

8 Citations

View as Search Results

28 Claims

1. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
- storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;
  
  acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key; and
  
  executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is in a particular state,wherein the particular state is a state where the vehicle is not driving and is an accessory-on state.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The key management method according to claim 1,wherein the inspection is an inspection relating to an expiration date of the shared key.
  - 3. The key management method according to claim 2,wherein the first-type electronic control unit receives, from the second-type electronic control unit, a frame including information indicating the expiration date regarding the shared key that the second-type electronic control unit holds, performs the inspection by distinguishing whether or not the expiration date has already expired, and in a case where the expiration date has not expired, performs communication to give the second-type electronic control unit a session key, but in a case where the expiration date has expired, executes control for notification.
  - 4. The key management method according to claim 1,wherein the inspection is an inspection relating to a serial ID of the second-type electronic control unit that stores the shared key.
  - 5. The key management method according to claim 4,wherein the first-type electronic control unit receives, from the second-type electronic control unit, a frame including information indicating the serial ID of the second-type electronic control unit, performs the inspection by distinguishing whether or not the security state of the shared key is appropriate based on the serial ID and predetermined matching information stored beforehand, and in a case where the security state of the shared key is appropriate, performs communication to give the second-type electronic control unit a session key, but in a case where the security state of the shared key is not appropriate, executes control for notification.
  - 6. The key management method according to claim 1,wherein, in a case where the plurality of electronic control units includes a plurality of the second-type electronic control units, the inspection is an inspection relating to a transmission order of frames at the plurality of second-type electronic control units.
  - 7. The key management method according to claim 6,wherein the first-type electronic control unit transmits a frame indicating a predetermined request and thereafter sequentially receives frames from the plurality of second-type electronic control units, and based on the IDs of the frames, performs the inspection by distinguishing whether or not the IDs have been received in an order that a predetermined order list indicates.
  - 8. The key management method according to claim 1,wherein the first-type electronic control unit executes the inspection only in a case of the particular state.
  - 9. The key management method according to claim 1,wherein the first-type electronic control unit executes the inspection by communication with a server located externally from the vehicle.
  - 10. The key management method according to claim 1,wherein the plurality of electronic control units perform communication by frames via the bus, following a Controller Area Network protocol.

11. An onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the system comprising:
- a first-type electronic control unit, out of the plurality of electronic control units, configured to store a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; and
  
  each of the second-type electronic control units configured to (i) acquire a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, (ii) execute encryption processing regarding a frame transmitted or received via the bus, using this session key,wherein the first-type electronic control unit executes inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which itself is installed is in a particular state, andwherein the particular state is a state where the vehicle is not driving and is an accessory-on state.
- View Dependent Claims (13)
- - 13. The key on-board network system according to claim 11,wherein the first-type electronic control unit executes the inspection only in a case of the particular state.

12. A key management device serving as an electronic control unit (ECU) in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the device comprising:
- a processor; and
  
  a memory having a computer program stored thereon, the computer program causing the processor to execute operations includingstoring a shared key to be mutually shared with one or more electronic control units other than itself out of the plurality of electronic control units, for transmission of a session key used for encryption relating to a frame, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit, andinspecting of a security state of the shared key stored by the electronic control units other than itself in a case where a vehicle in which itself is installed is in a particular state,wherein the particular state is a state where the vehicle is not driving and is an accessory-on state.
- View Dependent Claims (14)
- - 14. The key management device according to claim 12,wherein the first-type electronic control unit executes the inspection only in a case of the particular state.

15. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
- storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;
  
  acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key;
  
  executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is not driving, and is fueling;
  
  determining whether a fuel cap of the vehicle is open or not; and
  
  determining whether the state of the vehicle is not driving, and is fueling when the fuel cap is open.

16. An onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the system comprising:
- a first-type electronic control unit, out of the plurality of electronic control units, configured to store a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; and
  
  each of the second-type electronic control units configured to (i) acquire a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, (ii) execute encryption processing regarding a frame transmitted or received via the bus, using this session key,wherein the first-type electronic control unitexecutes inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which itself is installed is not driving, and is fueling,determines whether a fuel cap of the vehicle is open or not, anddetermines whether the state of the vehicle is not driving, and is fueling when the fuel cap is open.

17. A key management device serving as an electronic control unit (ECU) in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the device comprising:
- a processor; and
  
  a memory having a computer program stored thereon, the computer program causing the processor to execute operations includingstoring a shared key to be mutually shared with one or more electronic control units other than itself out of the plurality of electronic control units, for transmission of a session key used for encryption relating to a frame, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit,inspecting of a security state of the shared key stored by the electronic control units other than itself in a case where a vehicle in which itself is installed is not driving, and is fueling,determining whether a fuel cap of the vehicle is open or not, anddetermining whether the state of the vehicle is not driving, and is fueling when the fuel cap is open.

18. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
- storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;
  
  acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key; and
  
  executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is parked, which is indicated by the gearshift.
- View Dependent Claims (19)
- - 19. The key management method according to claim 18, further comprising:
    - determining whether the state of the vehicle is parked as indicated by the gearshift.

20. An onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the system comprising:
- a first-type electronic control unit, out of the plurality of electronic control units, configured to store a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; and
  
  each of the second-type electronic control units configured to (i) acquire a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, (ii) execute encryption processing regarding a frame transmitted or received via the bus, using this session key,wherein the first-type electronic control unit executes inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which itself is installed is parked, which is indicated by the gearshift.

21. A key management device serving as an electronic control unit (ECU) in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the device comprising:
- a processor; and
  
  a memory having a computer program stored thereon, the computer program causing the processor to execute operations includingstoring a shared key to be mutually shared with one or more electronic control units other than itself out of the plurality of electronic control units, for transmission of a session key used for encryption relating to a frame, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit, andinspecting of a security state of the shared key stored by the electronic control units other than itself in a case where a vehicle in which itself is parked, which is indicated by the gearshift.

22. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
- storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;
  
  acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key; and
  
  executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is in a stopped state before driving, which is indicated by the gearshift.
- View Dependent Claims (23)
- - 23. The key management method according to claim 22, further comprising:
    - determining whether the state of the vehicle is in a stopped state before driving, which is indicated by the gearshift.

24. An onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the system comprising:
- a first-type electronic control unit, out of the plurality of electronic control units, configured to store a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; and
  
  each of the second-type electronic control units configured to (i) acquire a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, (ii) execute encryption processing regarding a frame transmitted or received via the bus, using this session key,wherein the first-type electronic control unit executes inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which itself is installed is in a stopped state before driving, which is indicated by the gearshift.

25. A key management device serving as an electronic control unit (ECU) in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the device comprising:
- a processor; and
  
  a memory having a computer program stored thereon, the computer program causing the processor to execute operations includingstoring a shared key to be mutually shared with one or more electronic control units other than itself out of the plurality of electronic control units, for transmission of a session key used for encryption relating to a frame, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit, andinspecting of a security state of the shared key stored by the electronic control units other than itself in a case where a vehicle in which itself in a stopped state before driving, which is indicated by the gearshift.

26. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
- storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;
  
  acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key;
  
  executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where an electrical vehicle in which the onboard network system is installed is electrically charging,determining whether a charging plug is connected to the electrical vehicle or not, anddetermining whether the state of the electrical vehicle is electrically charging when the charging plug is connected to the electrical vehicle.

27. An onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the system comprising:
- a first-type electronic control unit, out of the plurality of electronic control units, configured to store a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; and
  
  each of the second-type electronic control units configured to (i) acquire a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, (ii) execute encryption processing regarding a frame transmitted or received via the bus, using this session key,wherein the first-type electronic control unitexecutes inspection of a security state of the shared key stored by the second-type electronic control units in a case where an electrical vehicle in which itself is installed is electrically charging,determines whether a charging plug is connected to the electrical vehicle or not, anddetermines whether the state of the electrical vehicle is electrically charging when the charging plug is connected to the electrical vehicle.

28. A key management device serving as an electronic control unit (ECU) in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the device comprising:
- a processor; and
  
  a memory having a computer program stored thereon, the computer program causing the processor to execute operations includingstoring a shared key to be mutually shared with one or more electronic control units other than itself out of the plurality of electronic control units, for transmission of a session key used for encryption relating to a frame, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit, andinspecting of a security state of the shared key stored by the electronic control units other than itself in a case where an electrical vehicle in which itself is installed is electrically charging,determining whether a charging plug is connected to the electrical vehicle or not, anddetermining whether the state of the electrical vehicle is electrically charging when the charging plug is connected to the electrical vehicle.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Intellectual Property Corporation of America (Panasonic Holdings Corporation)
Original Assignee
Panasonic Intellectual Property Corporation of America (Panasonic Holdings Corporation)
Inventors
Ujiie, Yoshihiro, Anzai, Jun, Kitamura, Yoshihiko, Tanabe, Masato, Kishikawa, Takeshi
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Kaplan, Benjamin A

Application Number

US15/203,622
Publication Number

US 20160315766A1
Time in Patent Office

1,280 Days
Field of Search

380277
US Class Current
CPC Class Codes

B60R 16/0231   Circuits relating to the dr...

H04L 2209/84   Vehicles

H04L 63/0428   wherein the data content is...

H04L 63/068   using time-dependent keys, ...

H04L 67/12   specially adapted for propr...

H04L 9/08   Key distribution or managem...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

H04L 9/088   Usage controlling of secret...

Y02T 10/70   Energy storage systems for ...

Y02T 10/7072   Electromobility specific ch...

Y02T 90/12   Electric charging stations

Key management method used in encryption processing for safely transmitting and receiving messages

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

8 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Key management method used in encryption processing for safely transmitting and receiving messages

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links