METHOD AND APPARATUS FOR PROVIDING SECURITY SERVICE FOR VEHICLE-DEDICATED DATA CHANNEL IN LINKING BETWEEN VEHICLE HEAD UNIT AND EXTERNAL DEVICE

US 20170142078A1
Filed: 02/26/2016
Published: 05/18/2017
Est. Priority Date: 11/17/2015
Status: Active Grant

First Claim

Patent Images

1. A method of providing a security service for a vehicle-dedicated data channel in linking with a terminal by a vehicle head unit, the method comprising:

transmitting, to the terminal, a predetermined integrity verification request message for requesting integrity verification of application software and an operating system included in the terminal;

receiving an integrity verification result message from the terminal;

exchanging a plaintext symmetric key with the terminal when integrity of the operating system and the application software is successfully verified according to the integrity verification result message; and

establishing a vehicle-dedicated data channel to the terminal, and transmitting and receiving a packet encrypted using the plaintext symmetric key through the established vehicle-dedicated data channel when the plaintext symmetric key is successfully exchanged.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for providing a security service for a vehicle-dedicated data channel in linking between a vehicle head unit and an external device is disclosed. The method of providing the security service for the vehicle-dedicated data channel may include: transmitting, to the terminal, a predetermined integrity verification request message for requesting integrity verification of application software and an operating system included in the terminal; receiving an integrity verification result message from the terminal, exchanging a plaintext symmetric key with the terminal when integrity of the operating system and the application software is successfully verified according to the integrity verification result message; and establishing a vehicle-dedicated data channel to the terminal and transmitting and receiving a packet encrypted using the plaintext symmetric key through the established vehicle-dedicated data channel when the plaintext symmetric key is successfully exchanged.

Citations

20 Claims

1. A method of providing a security service for a vehicle-dedicated data channel in linking with a terminal by a vehicle head unit, the method comprising:
- transmitting, to the terminal, a predetermined integrity verification request message for requesting integrity verification of application software and an operating system included in the terminal;
  
  receiving an integrity verification result message from the terminal;
  
  exchanging a plaintext symmetric key with the terminal when integrity of the operating system and the application software is successfully verified according to the integrity verification result message; and
  
  establishing a vehicle-dedicated data channel to the terminal, and transmitting and receiving a packet encrypted using the plaintext symmetric key through the established vehicle-dedicated data channel when the plaintext symmetric key is successfully exchanged.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 20)
- - 2. The method according to claim 1, wherein the exchanging includes:
    - generating a first plaintext symmetric key;
      
      encrypting the first plaintext symmetric key using a public key of the terminal to transmit the encrypted first plaintext symmetric key to the terminal;
      
      receiving the first plaintext symmetric key encrypted using a public key of the vehicle head unit; and
      
      decrypting the received first plaintext symmetric key using a private key of the vehicle head unit,wherein the plaintext symmetric key is determined to be successfully exchanged when the generated first plaintext symmetric key is identical to the decrypted first plaintext symmetric key.
  - 3. The method according to claim 2, wherein the exchanging of the plaintext symmetric key is determined to fail when the generated first plaintext symmetric key is different from the decrypted first plaintext symmetric key,wherein establishment of the vehicle-dedicated data channel is interrupted when the exchanging of the plaintext symmetric key fails.
  - 4. The method according to claim 3, wherein the establishment of the vehicle-dedicated data channel is interrupted when the integrity verification of at least one of the application software and the operating system fails.
  - 5. The method according to claim 2, wherein the plaintext symmetric key is generated by inputting a random value to a predetermined symmetric key generation function.
  - 6. The method according to claim 1, wherein the packet transmitted and received through the vehicle-dedicated data channel includes at least one of a control instruction configured to control an operation of a vehicle including the vehicle head unit, and vehicle information collected from controllers in the vehicle.
  - 7. The method according to claim 6, wherein the vehicle information includes at least one of driving information, fuel efficiency information, breakdown information, steering information, steering wheel control information, tire inflation pressure information, engine oil state information, fuel state information, or air conditioning equipment information.
  - 8. The method according to claim 1, wherein, when the integrity of the application software is successfully verified in the terminal, the integrity of the operating system is verified by the integrity-verified application software.
  - 9. The method according to claim 2, wherein the transmitting and receiving includes:
    - dividing a packet to be transmitted into blocks having predetermined sizes;
      
      generating a second plaintext symmetric key using the first plaintext symmetric key according to a predefined rule; and
      
      encrypting the respective divided blocks using the second plaintext symmetric key to generate encrypted blocks, padding the encrypted blocks with data generated by hashing the divided blocks using the first plaintext symmetric key, and transmitting the blocks.
  - 10. The method according to claim 2, wherein the transmitting and receiving includes:
    - generating a second plaintext symmetric key using the first plaintext symmetric key according to a predefined rule when the packet is received through the vehicle-dedicated data channel;
      
      extracting first data by decrypting respective encrypted blocks included in the received packet using the second plaintext symmetric key; and
      
      extracting second data by decrypting padding data connected to the respective encrypted blocks using the first plaintext symmetric key,wherein an man in the middle (MITM) attack is determined to occur in the terminal when the first data is different from the second data.
  - 11. The method according to claim 10, wherein the established vehicle-dedicated data channel is canceled when the MITM attack is determined to occur.
  - 12. The method according to claim 10, wherein a packet is generated by connecting the first data extracted from the respective encrypted blocks when the first data is identical to the second data.
  - 20. A computer-readable recording medium recording a program configured to execute the method according to claim 1.

13. A method of providing a security service for a vehicle-dedicated data channel in a terminal linked with a vehicle head unit, the method comprising:
- receiving an integrity verification request message from the vehicle head unit;
  
  verifying integrity of application software and an operating system included in the terminal;
  
  transmitting an integrity verification result message to the vehicle head unit;
  
  exchanging a plaintext symmetric key generated by the vehicle head unit when the integrity of the application software and the operating system is successfully verified; and
  
  establishing a vehicle-dedicated data channel to the vehicle head unit, and transmitting and receiving a packet encrypted using the plaintext symmetric key through the established vehicle-dedicated data channel when the plaintext symmetric key is successfully exchanged.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The method according to claim 13, wherein the exchanging includes:
    - receiving a first plaintext symmetric key encrypted using a public key of the terminal from the vehicle head unit; and
      
      encrypting the first plaintext symmetric key using a public key of the vehicle head unit after decrypting the first plaintext symmetric key using a private key of the terminal, and transmitting the encrypted first plaintext symmetric key to the vehicle head unit.
  - 15. The method according to claim 13, wherein establishment of the vehicle-dedicated data channel is interrupted when the integrity verification of at least one of the application software and the operating system fails.
  - 16. The method according to claim 14, wherein the transmitting and receiving includes:
    - dividing a packet to be transmitted into blocks having predetermined sizes;
      
      generating a second plaintext symmetric key using the first plaintext symmetric key according to a predefined rule; and
      
      encrypting the respective divided blocks using the second plaintext symmetric key to generate encrypted blocks, padding the encrypted blocks with data generated by hashing the divided blocks using the first plaintext symmetric key, and transmitting the blocks.
  - 17. The method according to claim 14, wherein the transmitting and receiving includes:
    - generating a second plaintext symmetric key using the first plaintext symmetric key according to a predefined rule when the packet is received through the vehicle-dedicated data channel;
      
      extracting first data by decrypting respective encrypted blocks included in the received packet using the second plaintext symmetric key; and
      
      extracting second data by decrypting padding data connected to the respective encrypted blocks using the first plaintext symmetric key,wherein an man in the middle (MITM) attack is determined to occur and the received packet is discarded when the first data is different from the second data.

18. A vehicle head unit linked with a terminal through a wired or wireless communication connection to transmit and receive a packet, comprising:
- a vehicle information provision module configured to transmit, to the terminal, a predetermined integrity verification request message to verify integrity of application software and an operating system included in the terminal, and configured to exchange a first plaintext symmetric key with the terminal based on a result of the integrity verification received from the terminal, and the vehicle information provision module configured to establish a vehicle-dedicated data channel to the terminal to transmit and receive the packet when the first plaintext symmetric key is successfully exchanged; and
  
  an MITM attack detection module configured to detect whether an MITM attack occurs in the packet when the packet is received through the vehicle-dedicated data channel by decrypting the received packet using the first plaintext symmetric key and a second plaintext symmetric key modulated by the first plaintext symmetric key,wherein the received packet is discarded and the established vehicle-dedicated data channel is canceled when the MITM attack is detected to occur.

19. A terminal linked with a vehicle head unit through a wired or wireless communication connection, comprising:
- an integrity verification module configured to verify integrity of application software when an integrity verification request message is received from the vehicle head unit; and
  
  a vehicle information management application configured to verify integrity of an included operating system when the integrity of the application software is successfully verified, and configured to transmit a result of verifying integrity of the application software and the operating system to the vehicle head unit, and the vehicle information management application configured to exchange a plaintext symmetric key with the vehicle head unit,wherein a vehicle-dedicated data channel is established between the vehicle head unit and the vehicle information management application, and a packet encrypted using the plaintext symmetric key is transmitted and received through the established vehicle-dedicated data channel when the plaintext symmetric key is successfully exchanged.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hyundai Motor Company (Hyundai Motor Group)
Original Assignee
Hyundai Motor Company (Hyundai Motor Group)
Inventors
LEE, Seung Cheol

Granted Patent

US 9,900,292 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0435   wherein the sending and rec...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/12   Applying verification of th...

H04L 67/04   specially adapted for termi...

H04L 67/12   specially adapted for propr...

H04L 67/125   involving control of end-de...

H04W 12/04   Key management, e.g. using ...

H04W 12/10   Integrity

H04W 12/128   Anti-malware arrangements, ...

H04W 12/50   Secure pairing of devices

H04W 88/02   Terminal devices

METHOD AND APPARATUS FOR PROVIDING SECURITY SERVICE FOR VEHICLE-DEDICATED DATA CHANNEL IN LINKING BETWEEN VEHICLE HEAD UNIT AND EXTERNAL DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR PROVIDING SECURITY SERVICE FOR VEHICLE-DEDICATED DATA CHANNEL IN LINKING BETWEEN VEHICLE HEAD UNIT AND EXTERNAL DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links