Method for communicating and checking authentication data between a portable transponder device and a vehicle reader unit

US 7,734,046 B2
Filed: 02/06/2006
Issued: 06/08/2010
Est. Priority Date: 02/04/2005
Status: Active Grant

First Claim

Patent Images

1. A method for communicating and checking wireless authentication data between a transponder device and a reader unit placed in particular in a vehicle in order to authorize access to said vehicle, said transponder device comprising a logic circuit, a non-volatile memory, an encryption and/or decryption circuit and a first module for transmitting and receiving data signals, said reader unit comprising a microprocessor unit, a memory, a random number generator able to provide a first random number to the microprocessor unit, and a second module for transmitting and receiving data signals, said method including steps of:

a) transmitting a data signal including a first random number generated in the reader unit, the number of bits of said random number to be transmitted being configured in a first length chosen among a certain number of determined lengths according to configuration parameters for transmission, and a first encrypted function based on a secret key and the first random number, the number of bits of said first encrypted function being configured in a second length chosen among a certain number of determined lengths for transmission,b) receiving and demodulating data signals transmitted by the reader unit in the transponder device,c) calculating a new first encrypted function in the transponder device based on the first received random number and a secret key stored in the non-volatile memory corresponding to the secret key of the reader unit, the new first encrypted function being calculated in the encryption circuit using a bit bloc encryption algorithm,d) comparing the new first encrypted function with the first received encrypted function,e) transmitting to the reader unit a second encrypted function obtained on the basis of the first random number and the secret key in the encryption circuit, solely if the new first encrypted function is equal to the first received encrypted function, the number of bits of the second encrypted function being configured by the logic circuit according to configuration parameters from memory in a third length chosen among a certain number of determined lengths for transmission, andf) checking the validity of the second encrypted function received in the reader unit in order to authorize access to the vehicle,wherein the first random number received in the transponder device is placed in an input register of the encryption circuit, which is of defined dimensions, for example 128 bits, greater than or equal to the configured length of the first random number, a certain number of filler bits from the non-volatile memory being placed in the input register in order to complete said register to enable an encryption unit to encrypt the binary word of the input register in blocks.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The method enables authentication data to be communicated and checked between a transponder device (1) and a reader unit (2) of a vehicle in order to authorize access to the vehicle. The device includes a logic circuit (11), a non-volatile memory (13), an encryption and/or decryption circuit (12) and a first transmission and reception module (14, 16) of data signals (S_D). The reader unit includes a microprocessor unit (21), a memory (22), a random number generator (24) and a second module (23, 25) for transmitting and receiving data signals (S_D). A random number (RN1) generated in the reader unit is transmitted with a first encrypted function obtained using the random number and a secret key. The transponder device receives the random number and the first encrypted function. A new first encrypted function is calculated in the transponder device using a secret key identical to the secret key of the reader unit. This new first function is compared with the first received encrypted function. A second encrypted function is also calculated in the transponder device in order to be transmitted to the reader unit solely if the new first encrypted function is equal to the first received encrypted function. The validity of the second encrypted function is checked in the reader unit in order to authorize access to the vehicle. The number of bits of the random number, of the first and second encrypted functions can be configured in the transponder device and/or in the reader unit with a determined length.

31 Citations

View as Search Results

7 Claims

1. A method for communicating and checking wireless authentication data between a transponder device and a reader unit placed in particular in a vehicle in order to authorize access to said vehicle, said transponder device comprising a logic circuit, a non-volatile memory, an encryption and/or decryption circuit and a first module for transmitting and receiving data signals, said reader unit comprising a microprocessor unit, a memory, a random number generator able to provide a first random number to the microprocessor unit, and a second module for transmitting and receiving data signals, said method including steps of:
- a) transmitting a data signal including a first random number generated in the reader unit, the number of bits of said random number to be transmitted being configured in a first length chosen among a certain number of determined lengths according to configuration parameters for transmission, and a first encrypted function based on a secret key and the first random number, the number of bits of said first encrypted function being configured in a second length chosen among a certain number of determined lengths for transmission,b) receiving and demodulating data signals transmitted by the reader unit in the transponder device,c) calculating a new first encrypted function in the transponder device based on the first received random number and a secret key stored in the non-volatile memory corresponding to the secret key of the reader unit, the new first encrypted function being calculated in the encryption circuit using a bit bloc encryption algorithm,d) comparing the new first encrypted function with the first received encrypted function,e) transmitting to the reader unit a second encrypted function obtained on the basis of the first random number and the secret key in the encryption circuit, solely if the new first encrypted function is equal to the first received encrypted function, the number of bits of the second encrypted function being configured by the logic circuit according to configuration parameters from memory in a third length chosen among a certain number of determined lengths for transmission, andf) checking the validity of the second encrypted function received in the reader unit in order to authorize access to the vehicle,wherein the first random number received in the transponder device is placed in an input register of the encryption circuit, which is of defined dimensions, for example 128 bits, greater than or equal to the configured length of the first random number, a certain number of filler bits from the non-volatile memory being placed in the input register in order to complete said register to enable an encryption unit to encrypt the binary word of the input register in blocks.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, wherein the length of each data packet exchanged between the transponder device and the reader unit is formed of a number of bits, which is a multiple of 8.
  - 3. The method according to claim 2, wherein the length of each data packet to be transmitted can be configured as required in 32 bits, 64 bits, 96 bits or 128 bits in order to speed up the authentication data exchange the shorter the length of each data packet.
  - 4. The method according to claim 1, wherein a data reception confirmation signal is transmitted from the transponder device to the reader unit upon reception of the data signal from the reader unit, or after comparison between the first encrypted function and the new first encrypted function.
  - 5. The method according to claim 1, wherein the encryption unit sends an encryption result into an output register which is of defined dimensions, for example 128 bits, said output register being divided into four successive groups of bits, and wherein the new first encrypted function and the second encrypted function are produced by different combinations of groups of bits from the output register via a respective operator of the logic circuit, the configured lengths of the first and second encrypted functions being equal.
  - 6. The method according to claim 1, in which the transponder device includes another random number generator able to produce a second random number, wherein before step a), the transponder device transmits the second random number to the reader unit, wherein the reader unit calculates and transmits a first encrypted function on the basis of a secret key and the first and second random numbers, wherein in step c), a new first encrypted function is calculated in the transponder device using the first and second random numbers and a secret key corresponding to the secret key of the reader unit, and wherein in step e), the transponder device transmits to the reader unit a second encrypted function obtained on the basis of the first and second random numbers and the secret key in the encryption circuit, but solely if the new first encrypted function is equal to the first received encrypted function.

7. A method for communicating and checking wireless authentication data between a transponder device and a reader unit placed in particular in a vehicle in order to authorize access to said vehicle, said transponder device comprising a logic circuit, a non-volatile memory, an encryption and/or decryption circuit and a first module for transmitting and receiving data signals, said reader unit comprising a microprocessor unit, a memory, a random number generator able to provide a first random number to the microprocessor unit, and a second module for transmitting and receiving data signals, said method including steps of:
- a) transmitting a data signal including a first random number produced in the reader unit, the number of bits of said random number to be transmitted being configured in a first length chosen among a certain number of determined lengths according to configuration parameters, and a first encrypted function on the basis of a secret key and the first random number, the number of bits of said first encrypted function being configured in a second length chosen among a certain number of determined lengths for transmission,b) receiving and demodulating data signals transmitted by the reader unit in the transponder device,c) decrypting the first encrypted function in the configured decryption circuit using a secret key stored in the non-volatile memory corresponding to the secret key of the reader unit to obtain a new first random number,d) comparing the new first random number with the first received random number,e) transmitting to the reader unit a second encrypted function obtained on the basis of the first random number and the secret key in the encryption circuit, solely if the new first encrypted function is equal to the first received encrypted function, the number of bits of the second encrypted function being configured by the logic circuit according to configuration parameters from memory in a third length chosen among a certain number of determined lengths, andf) checking the validity of the second encrypted function received in the reader unit in order to authorize access to the vehicle,wherein the first random number received in the transponder device is placed in an input register of the encryption circuit, which is of defined dimensions, for example 128 bits, greater than or equal to the configured length of the first random number, a certain number of filler bits from the non-volatile memory being placed in the input register in order to complete said register to enable an encryption unit to encrypt the binary word of the input register in blocks.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SMARTRAC TECHNOLOGY GERMANY GmbH (Avery Dennison Corporation)
Original Assignee
SMARTRAC TECHNOLOGY GERMANY GmbH (Avery Dennison Corporation)
Inventors
Gyger, Thomas, Urban, Volker
Primary Examiner(s)
Song; Hosuk

Application Number

US11/275,931
Publication Number

US 20070174612A1
Time in Patent Office

1,583 Days
Field of Search

713168-170, 713/189, 713193-194, 701/1, 370/465, 345/163, 340/572.8, 250/221, 606/052, 380/263, 380/268, 380/270, 380/277, 380/44, 380/46
US Class Current

380/46
CPC Class Codes

G07C 2009/00388   code verification carried o...

G07C 2009/00412   the transmitted data signal...

G07C 2009/00769   with data transmission perf...

G07C 9/00309   operated with bidirectional...

Method for communicating and checking authentication data between a portable transponder device and a vehicle reader unit

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

7 Claims

Specification

Solutions

Use Cases

Quick Links

Method for communicating and checking authentication data between a portable transponder device and a vehicle reader unit

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

7 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links