Authentication of control units in a vehicle

US 20070118752A1
Filed: 10/27/2006
Published: 05/24/2007
Est. Priority Date: 04/29/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method for authenticating control units in a bus system of a motor vehicle, the method comprising the acts of:

transmitting, by a first control unit, an authentication request to an authentication device via the bus system, signing, by the authentication device, the authentication request using a first symmetric key and transmitting the signed authentication request or only the signature to the first control unit, wherein the first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request, or the first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained; and

the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained, and wherein the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive or if the signatures and/or the hash values match.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A control unit transmits an authentication request to an authentication device via the bus system. The authentication device signs the authentication request using a first symmetric key and transmits the signed authentication request or only the signature to the control unit. The control unit compares the transmitted signature of the authentication request with a signature, which is determined by the control unit by applying the symmetric key to the authentication request, and/or the control unit decodes the transmitted signature of the authentication request using the first symmetric key to obtain a first hash value; and the control unit applies a hash algorithm to the authentication request to obtain a second hash value. The control unit is rendered operational if the comparison of the signatures and/or the hash values is positive or if the signatures and/or the hash values match.

34 Citations

View as Search Results

12 Claims

1. A method for authenticating control units in a bus system of a motor vehicle, the method comprising the acts of:
- transmitting, by a first control unit, an authentication request to an authentication device via the bus system, signing, by the authentication device, the authentication request using a first symmetric key and transmitting the signed authentication request or only the signature to the first control unit, wherein the first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request, or the first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained; and
  
  the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained, and wherein the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive or if the signatures and/or the hash values match.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein one or more of the other control units of the bus system carry out or carries out the method for authentication.
  - 3. The method of claim 1, wherein the motor vehicle may be started up only after all control units of the bus system have executed the method for authentication with positive results from the comparison.
  - 4. The method of claim 1, wherein the execution of the authentication method is carried out prior to starting the vehicle.
  - 5. The method of claim 1, wherein all control units use the same symmetric key in carrying out the authentication method.
  - 6. The method of claim 1, wherein the symmetric key varies from vehicle to vehicle, and in carrying out the authentication method a control unit of a first vehicle accesses a first symmetric key and the same control unit of a second vehicle accesses a second symmetric key.

7. A method for authenticating control units in a bus system of a motor vehicle, the method comprising the acts of:
- transmitting, by an authentication device, an authentication request to a first control unit via the bus system, signing, by the first control unit, the authentication request using a first symmetric key and transmitting the signed authentication request or only the signature to the authentication device, wherein the authentication device compares the transmitted signature of the authentication request with a signature, which is determined by the authentication device by applying the symmetric key to the authentication request, or the authentication device decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained; and
  
  the authentication device applies a hash algorithm to the authentication request, whereby a second hash value is obtained, and wherein the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive or if the signatures and/or the hash values match.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7, wherein the authentication device carries out another authentication test by carrying out an asymmetric encoding method with a vehicle-external device.
  - 9. The method of claim 8, further comprising the acts of:
    - transmitting, by the authentication device, an authentication request to the vehicle-external device;
      
      signing, by the vehicle-external device, the authentication request with a secret key of an asymmetric pair of keys, and transmitting the signed authentication request or exclusively the signature to the authentication device; and
      
      determining, by the authentication device, a signature of the authentication request using the same algorithm as the vehicle-external device, decoding the signature transmitted by the vehicle-external device, using the public key, which is complementary to the secret key, and comparing the determined signature with the transmitted signature.
  - 10. The method of claim 9, wherein if the comparison is positive, the vehicle-external device obtains write and/or read access to a store of the first control unit by way of the authentication device.

11. A bus system of a motor vehicle, the bus system comprising:
- control units; and
  
  an authentication device, wherein a first control unit of the control units transmits an authentication request to the authentication device via the bus system, the authentication device signs the authentication request using a first symmetric key and transmitting the signed authentication request or only the signature to the first control unit, wherein the first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request, or the first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained; and
  
  the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained, and wherein the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive or if the signatures and/or the hash values match.

12. A bus system of a motor vehicle, the bus system comprising:
- control units; and
  
  an authentication device, wherein the authentication device and a first one of the control units includes computer program products for performing the acts of transmitting, by a first control unit, an authentication request to an authentication device via the bus system, signing, by the authentication device, the authentication request using a first symmetric key and transmitting the signed authentication request or only the signature to the first control unit, wherein the first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request, or the first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained; and
  
  the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained, and wherein the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive or if the signatures and/or the hash values match.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bayerische Motoren Werke AG
Original Assignee
Bayerische Motoren Werke AG
Inventors
Kuhls, Burkhard, Kiessling, Horst

Application Number

US11/588,235
Publication Number

US 20070118752A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/305   by remotely controlling dev...

G06F 21/31   User authentication

G06F 21/575   Secure boot

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

H04L 2209/84   Vehicles

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

Authentication of control units in a vehicle

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

34 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of control units in a vehicle

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links