KEY MANAGEMENT METHOD USED IN ENCRYPTION PROCESSING FOR SAFELY TRANSMITTING AND RECEIVING MESSAGES
First Claim
1. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
- storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit;
acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key; and
executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is in a particular state.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided is a key management method to secure security in an onboard network system having multiple electronic control units storing a shared key. In the key management method of the onboard network system including multiple electronic units (ECUs) that perform communication by frames via a bus, a master ECU stores a shared key to be mutually shared with one or more ECUs. Each of the ECUs acquire a session key by communication with the master ECU based on the stored shared key, and after this acquisition, executes encryption processing regarding a frame transmitted or received via the bus, using this session key. In a case where a vehicle in which the onboard network system is installed is in a particular state, the master ECU executes inspection of a security state of the shared key stored by the ECU or the like.
52 Citations
12 Claims
-
1. A key management method in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the method comprising:
-
storing, in a first-type electronic control unit out of the plurality of electronic control units, a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; acquiring, by each of the second-type electronic control units, a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, executing encryption processing regarding a frame transmitted or received via the bus, using this session key; and executing, by the first-type electronic control unit, inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which the onboard network system is installed is in a particular state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the system comprising:
-
a first-type electronic control unit, out of the plurality of electronic control units, configured to store a shared key to be mutually shared with one or more second-type electronic control units other than the first-type electronic control unit, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit; and each of the second-type electronic control units configured to (i) acquire a session key by communication with the first-type electronic control unit based on the stored shared key, and after this acquisition, (ii) execute encryption processing regarding a frame transmitted or received via the bus, using this session key, wherein the first-type electronic control unit executes inspection of a security state of the shared key stored by the second-type electronic control units in a case where a vehicle in which itself is installed is in a particular state.
-
-
12. A key management device serving as an electronic control unit (ECU) in an onboard network system having a plurality of electronic control units (ECUs) that perform communication by frames via a bus, the device comprising:
-
a processor; and a memory having a computer program stored thereon, the computer program causing the processor to execute operations including; storing a shared key to be mutually shared with one or more electronic control units other than itself out of the plurality of electronic control units, for transmission of a session key used for encryption relating to a frame, the shared key also being stored in the one or more second-type electronic control units other than the first-type electronic control unit, inspecting of a security state of the shared key stored by the electronic control units other than itself in a case where a vehicle in which itself is installed is in a particular state.
-
Specification