Security for anonymous vehicular broadcast messages
First Claim
Patent Images
1. A method for providing anonymous broadcast message security between a first wireless terminal of a vehicle and a second wireless terminal based on a public-key cryptography using a private key for encrypting a data message and a public key for decrypting the data message, the method comprising:
- receiving a certificate by the first wireless terminal, the certificate including a first portion of the private key and the public key, wherein the public key is shared by a plurality of wireless terminals including at least the first wireless terminal and the second wireless terminal;
storing only a first portion of the private key in the first wireless terminal, with the private key having two portions;
generating the remaining portion of the private key in the first wireless terminal based on a configuration of a plurality of vehicle components of the vehicle, such that the remaining portion is not stored in the first wireless terminal and the remaining portion changes when the configuration of the vehicle components of the vehicle changes, with the first portion and the remaining portion being different from each other;
generating the data message at the first wireless terminal;
signing at least a portion of the data message with the private key to generate a signed message;
transmitting the signed message to the second wireless terminal; and
authenticating the signed message at the second wireless terminal by decrypting the signed message using the public key.
2 Assignments
0 Petitions
Accused Products
Abstract
An anonymous vehicular broadcast system that has encrypted links between the roadway infrastructure and the vehicles. The vehicles each have a common private key that is generated from a certification key, provided by a certification authority, and a configuration key that is generated at each power up of the vehicle. The configuration key is not stored in the vehicle so that the vehicle is only stores a portion of the private key.
-
Citations
25 Claims
-
1. A method for providing anonymous broadcast message security between a first wireless terminal of a vehicle and a second wireless terminal based on a public-key cryptography using a private key for encrypting a data message and a public key for decrypting the data message, the method comprising:
-
receiving a certificate by the first wireless terminal, the certificate including a first portion of the private key and the public key, wherein the public key is shared by a plurality of wireless terminals including at least the first wireless terminal and the second wireless terminal; storing only a first portion of the private key in the first wireless terminal, with the private key having two portions; generating the remaining portion of the private key in the first wireless terminal based on a configuration of a plurality of vehicle components of the vehicle, such that the remaining portion is not stored in the first wireless terminal and the remaining portion changes when the configuration of the vehicle components of the vehicle changes, with the first portion and the remaining portion being different from each other; generating the data message at the first wireless terminal; signing at least a portion of the data message with the private key to generate a signed message; transmitting the signed message to the second wireless terminal; and authenticating the signed message at the second wireless terminal by decrypting the signed message using the public key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing anonymous broadcast message security between a vehicle and a roadway infrastructure that is coupled to a certification authority based on a public-key cryptography using an original common private key for encrypting a message and a common public key for decrypting the message, the vehicle including a plurality of components each having an identification, the method comprising:
-
the certification authority transmitting a certificate to the vehicle, the certificate having the common public key, and the common public key is shared by a plurality of vehicles including the vehicle and a second vehicle; storing the certificate in the vehicle; generating a configuration key as one portion of the original common private key in the vehicle based on the identifications of the plurality of components of the vehicle such that the configuration key is not stored in the vehicle and the configuration key changes when a configuration of the plurality of components of the vehicle changes; generating an original certification key as another portion of the original common private key in response to a common private key and the configuration key, with the configuration key and the original certification key being different from each other; storing the original certification key in the vehicle; generating the original common private key in response to the configuration key and the original certification key; signing at least a portion of the message with the original common private key to generate a signed message; transmitting the signed message from the vehicle to the second vehicle; and authenticating the message at the second vehicle by decrypting the signed message using the common public key. - View Dependent Claims (9, 10, 11, 12, 13, 14, 25)
-
-
15. A method for providing anonymous broadcast message security between a vehicle and roadway infrastructure that is coupled to a certification authority based on a public-key cryptography using an original common private key for encrypting a message and a common public key for decrypting the message, the vehicle including a plurality of components each having an identification, the method comprising:
-
the certification authority transmitting a certificate to the vehicle, the certificate having the common public key, and the common public key being shared by a plurality of vehicles including the vehicle and a second vehicle; storing the certificate in the vehicle; generating a configuration key as one portion of the original common private key in the vehicle in response to the plurality of components such that the configuration key is not stored in the vehicle; generating an original certification key as another portion of the original common private key in response to a common private key and the configuration key; storing the original certification key in the vehicle; transmitting the signed message from the vehicle to the second vehicle; and authenticating the message at the second vehicle by decrypting the signed message using the common public key.
-
-
16. A method for providing anonymous broadcast message security between a vehicle and roadway infrastructure that is coupled to a certification authority based on a public-key cryptography using an original common private key for encrypting a message and a common public key for decrypting the message, the vehicle including a plurality of components each having an identification, the method comprising:
-
the certification authority transmitting a certificate to the vehicle, the certificate having the common public key, and the common public key being shared by a plurality of vehicles including the vehicle and a second vehicle; storing the certificate in the vehicle; generating a configuration key as one portion of the original common private key in the vehicle in response to the plurality of components such that the configuration key is not stored in the vehicle; generating an original certification key as another portion of the original common private key in response to a common private key and the configuration key; storing the original certification key in the vehicle; signing at least a fragment of the message with the original common private key, an effect of signing the message with the original common private key being effected by signing first with the certification key and then with the configuration key; transmitting the signed message from the vehicle to the second vehicle; and authenticating the message at the second vehicle by decrypting the signed message using the common public key.
-
-
17. A method for communicating over an anonymous broadcast message security link between a first vehicle and a roadway infrastructure base station based on a public-key cryptography using a common private key for encrypting a data message and a public key for decrypting the data message, the method comprising:
-
the infrastructure base station transmitting the public key to a plurality of vehicles including the first vehicle and a second vehicle; storing only a first portion of the common private key in the first vehicle, with the common private key having two portions; generating the remaining portion of the common private key in the first vehicle based on a configuration of a plurality of vehicle components of the first vehicle in response to a power-up of the first vehicle, such that the remaining portion is not stored in the first vehicle and the remaining portion changes when the configuration of the vehicle components of the first vehicle changes, with the first portion and the remaining portion being different from each other; generating the data message; signing the data message with the common private key to generate a signed data message; and transmitting the signed data message to the second vehicle; and authenticating the message at the second vehicle by decrypting the signed message using the public key. - View Dependent Claims (18, 19, 20, 21)
-
-
22. A vehicular communication system based on a public-key cryptograph using a common private key for encrypting a data message and a public key for decrypting the data message, the system comprising:
-
a roadway base station coupled to a certification authority configured to generate a certificate that includes a first portion of the common private key and the public key, the public key being shared by a plurality of vehicles; and a vehicle including; a plurality of components each having a unique identifier, the plurality of components including a transceiver for communicating with the roadway base station and a second vehicle; a memory that stores a first portion of the common private key; and a controller coupled to the memory and the plurality of components and adapted to; generate a configuration key based on the unique identifiers of the components such that the configuration key changes when a configuration of the vehicle components changes and the first portion of the common private key and the configuration key are different from each other, generate the common private key in response to the first portion from memory and the configuration key, erase the configuration key after generation of the entire common private key generate the data message; encrypt the data message using the common private key; and send the encrypted data message to the second vehicle, such that the second vehicle can authenticate the message by decrypting the message using the public key. - View Dependent Claims (23, 24)
-
Specification