METHOD AND APPARATUS FOR SECURE PAIRING OF MOBILE DEVICES WITH VEHICLES USING TELEMATICS SYSTEM
First Claim
1. A method for secure pairing of mobile devices with a vehicle, said method comprising:
- providing a first secure communications channel between the vehicle and a telematics server, and a second secure communications channel between a mobile device and the telematics server.requesting access to a vehicle'"'"'s Wi-Fi network by the mobile device;
providing information about the vehicle and the mobile device to the telematics server over the secure communications channels;
providing security data to the vehicle and the mobile device by the telematics server over the secure communications channels, where the security data can be used to establish a trust between the vehicle and the mobile device;
issuing a secrecy challenge by the vehicle to the mobile device, where the secrecy challenge is encrypted using a secret key included in or derived from the security data from the telematics server;
responding to the secrecy challenge by the mobile device to the vehicle, where the secret key is also known and used by the mobile device; and
establishing secure Wi-Fi communications between the vehicle and the mobile device upon a valid response to the secrecy challenge.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for establishing secure wireless communications between a mobile device and a vehicle, where a user is not required to enter a password, but instead the telematics system is used to bootstrap the trust between the mobile device and the vehicle. The user initiates the process by pressing a button on the mobile device to request pairing. The vehicle uses its secure OnStar cellular communication link to verify the mobile device with the OnStar server, which generates and sends a session key to the vehicle via the vehicle-OnStar cellular connection, and also sends the session key to the mobile device via the device'"'"'s own cellular connection. The session key serves as a shared secret, such that the vehicle can issue a secrecy challenge to the mobile device. When the mobile device responds appropriately, a trusted wireless communications link can be established between the mobile device and the vehicle.
-
Citations
20 Claims
-
1. A method for secure pairing of mobile devices with a vehicle, said method comprising:
-
providing a first secure communications channel between the vehicle and a telematics server, and a second secure communications channel between a mobile device and the telematics server. requesting access to a vehicle'"'"'s Wi-Fi network by the mobile device; providing information about the vehicle and the mobile device to the telematics server over the secure communications channels; providing security data to the vehicle and the mobile device by the telematics server over the secure communications channels, where the security data can be used to establish a trust between the vehicle and the mobile device; issuing a secrecy challenge by the vehicle to the mobile device, where the secrecy challenge is encrypted using a secret key included in or derived from the security data from the telematics server; responding to the secrecy challenge by the mobile device to the vehicle, where the secret key is also known and used by the mobile device; and establishing secure Wi-Fi communications between the vehicle and the mobile device upon a valid response to the secrecy challenge. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for secure pairing of a mobile device with a vehicle, said method comprising:
-
providing a first secure communications channel between the vehicle and an OnStar server, and a second secure communications channel between the mobile device and the OnStar server; requesting access to a vehicle'"'"'s Wi-Fi network by the mobile device; providing information about the vehicle and the mobile device to the OnStar server, including the vehicle sending a digitally signed message to the OnStar server identifying a device address of the vehicle and a device address of the mobile device; providing security data to the vehicle and the mobile device by the OnStar server, including sending a session key generated by the OnStar server in an encrypted, digitally signed message to both the vehicle and the mobile device; issuing a secrecy challenge by the vehicle to the mobile device, including generating a random number and symmetrically encrypting the random number by the vehicle using the session key as the secret key; responding to the secrecy challenge by the mobile device to the vehicle, including the mobile device using the session key as the secret key to decrypt the secrecy challenge from the vehicle, and using the session key as the secret key to symmetrically encrypt a message to the vehicle containing the random number; and establishing secure Wi-Fi communications between the vehicle and the mobile device upon a valid response to the secrecy challenge. - View Dependent Claims (13)
-
-
14. A method for secure pairing of a mobile device with a vehicle, said method comprising:
-
providing a first secure communications channel between the vehicle and an OnStar server, and a second secure communications channel between the mobile device and the OnStar server. requesting access to a vehicle'"'"'s Wi-Fi network by the mobile device; providing information about the vehicle and the mobile device to the OnStar server, including each of the vehicle and the mobile device generating an ephemeral private/public key pair, and each of the vehicle and the mobile device creating a digitally signed message including its ephemeral public key, its device address, a counter and a timestamp, and sending the message to the telematics server; providing security data to the vehicle and the mobile device by the OnStar server, including sending the ephemeral public key and the device address of the mobile device to the vehicle, and sending the ephemeral public key and the device address of the vehicle to the mobile device; issuing a secrecy challenge by the vehicle to the mobile device, including generating a random number and symmetrically encrypting the random number by the vehicle using a session key, generated by performing a Diffie-Hellman calculation on the ephemeral private key of the vehicle and the ephemeral public key of the mobile device, as the secret key; responding to the secrecy challenge by the mobile device to the vehicle, including the mobile device using the session key, generated by performing the Diffie-Hellman calculation on the ephemeral public key of the vehicle and the ephemeral private key of the mobile device, as the secret key to decrypt the secrecy challenge from the vehicle, and using the session key as the secret key to symmetrically encrypt a message to the vehicle containing the random number; and establishing secure Wi-Fi communications between the vehicle and the mobile device upon a valid response to the secrecy challenge. - View Dependent Claims (15)
-
-
16. A system for secure pairing of mobile devices with vehicles, said system comprising:
-
a vehicle hosting a Wi-Fi network; a mobile device desiring access to the vehicle'"'"'s Wi-Fi network; a telematics server configured to provide security data to the vehicle and the mobile device, where the security data can be used to establish a trust between the vehicle and the mobile device; a first secure communications channel between the vehicle and the telematics server; and a second secure communications channel between the mobile device and the telematics server. - View Dependent Claims (17, 18, 19, 20)
-
Specification