Security for anonymous vehicular broadcast messages

US 7,742,603 B2
Filed: 03/27/2006
Issued: 06/22/2010
Est. Priority Date: 03/27/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A method for providing anonymous broadcast message security between a first wireless terminal of a vehicle and a second wireless terminal based on a public-key cryptography using a private key for encrypting a data message and a public key for decrypting the data message, the method comprising:

receiving a certificate by the first wireless terminal, the certificate including a first portion of the private key and the public key, wherein the public key is shared by a plurality of wireless terminals including at least the first wireless terminal and the second wireless terminal;

storing only a first portion of the private key in the first wireless terminal, with the private key having two portions;

generating the remaining portion of the private key in the first wireless terminal based on a configuration of a plurality of vehicle components of the vehicle, such that the remaining portion is not stored in the first wireless terminal and the remaining portion changes when the configuration of the vehicle components of the vehicle changes, with the first portion and the remaining portion being different from each other;

generating the data message at the first wireless terminal;

signing at least a portion of the data message with the private key to generate a signed message;

transmitting the signed message to the second wireless terminal; and

authenticating the signed message at the second wireless terminal by decrypting the signed message using the public key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An anonymous vehicular broadcast system that has encrypted links between the roadway infrastructure and the vehicles. The vehicles each have a common private key that is generated from a certification key, provided by a certification authority, and a configuration key that is generated at each power up of the vehicle. The configuration key is not stored in the vehicle so that the vehicle is only stores a portion of the private key.

Citations

25 Claims

1. A method for providing anonymous broadcast message security between a first wireless terminal of a vehicle and a second wireless terminal based on a public-key cryptography using a private key for encrypting a data message and a public key for decrypting the data message, the method comprising:
- receiving a certificate by the first wireless terminal, the certificate including a first portion of the private key and the public key, wherein the public key is shared by a plurality of wireless terminals including at least the first wireless terminal and the second wireless terminal;
  
  storing only a first portion of the private key in the first wireless terminal, with the private key having two portions;
  
  generating the remaining portion of the private key in the first wireless terminal based on a configuration of a plurality of vehicle components of the vehicle, such that the remaining portion is not stored in the first wireless terminal and the remaining portion changes when the configuration of the vehicle components of the vehicle changes, with the first portion and the remaining portion being different from each other;
  
  generating the data message at the first wireless terminal;
  
  signing at least a portion of the data message with the private key to generate a signed message;
  
  transmitting the signed message to the second wireless terminal; and
  
  authenticating the signed message at the second wireless terminal by decrypting the signed message using the public key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 whereinthe first wireless terminal is a radio in the vehicle and the second wireless terminal is a roadway infrastructure base station radio.
  - 3. The method of claim 2 whereineach of the vehicle components of the vehicle includes an identification, andthe remaining portion of the private key includes a configuration key generated based on a combination of the plurality of identifications.
  - 4. The method of claim 3 whereinthe configuration key further generated based on a hash value of application code related to operation of the vehicle.
  - 5. The method of claim 1 whereinthe first wireless terminal is a radio in the vehicle and the second wireless terminal is a radio in a second vehicle.
  - 6. The method of claim 1 whereinthe certificate is generated by performing a hash algorithm on a certified scope of the first wireless terminal and the public key.
  - 7. The method of claim 1 further includingthe generating of the remaining portion of the private key further includes generating the remaining portion of the private key at each power-up of the first wireless terminal.

8. A method for providing anonymous broadcast message security between a vehicle and a roadway infrastructure that is coupled to a certification authority based on a public-key cryptography using an original common private key for encrypting a message and a common public key for decrypting the message, the vehicle including a plurality of components each having an identification, the method comprising:
- the certification authority transmitting a certificate to the vehicle, the certificate having the common public key, and the common public key is shared by a plurality of vehicles including the vehicle and a second vehicle;
  
  storing the certificate in the vehicle;
  
  generating a configuration key as one portion of the original common private key in the vehicle based on the identifications of the plurality of components of the vehicle such that the configuration key is not stored in the vehicle and the configuration key changes when a configuration of the plurality of components of the vehicle changes;
  
  generating an original certification key as another portion of the original common private key in response to a common private key and the configuration key, with the configuration key and the original certification key being different from each other;
  
  storing the original certification key in the vehicle;
  
  generating the original common private key in response to the configuration key and the original certification key;
  
  signing at least a portion of the message with the original common private key to generate a signed message;
  
  transmitting the signed message from the vehicle to the second vehicle; and
  
  authenticating the message at the second vehicle by decrypting the signed message using the common public key.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 25)
- - 9. The method of claim 8 whereinthe original common private key is generated through an algorithm using the certification key and the configuration key as inputs.
  - 10. The method of claim 9 whereinthe algorithm used to generate the original common private key is stored in an encrypted form and is decrypted before use by using a separate key stored in the vehicle.
  - 11. The method of claim 8 whereinthe stored certification key is stored in an encrypted form and is decrypted before use by using a separate key stored in the vehicle.
  - 12. The method of claim 8 whereinthe generating of the configuration key further includes generating the configuration key at power up of the vehicle.
  - 13. The method of claim 8 whereinthe identification of each of the plurality of components has a unique electronic serial number, andthe generating of the configuration key includes combining the electronic serial numbers using an algorithm.
  - 14. The method of claim 8 further comprising:
    - the vehicle transmitting an encrypted configuration key to the roadway infrastructure, the encryption being performed in response to the original certification key;
      
      transmitting the configuration key to the certification authority;
      
      the certification authority comparing the received configuration key to a stored configuration key stored at the certification authority;
      
      if the received configuration key is the same as the stored configuration key, transmitting the certificate, containing the common public key, and an encrypted certification key to the vehicle;
      
      the vehicle decrypting the encrypted certification key; and
      
      the vehicle replacing the original certification key with the decrypted certification key.
  - 25. The method of claim 8 further comprisingauthenticating the vehicle prior to the transmitting of the certificate from the certification authority to the vehicle, the authenticating of the vehicle includingthe vehicle transmitting a configuration key to the roadway infrastructure,transmitting the configuration key to the certification authority, andthe certification authority comparing the received configuration key to a stored configuration key stored at the certification authority.

15. A method for providing anonymous broadcast message security between a vehicle and roadway infrastructure that is coupled to a certification authority based on a public-key cryptography using an original common private key for encrypting a message and a common public key for decrypting the message, the vehicle including a plurality of components each having an identification, the method comprising:
- the certification authority transmitting a certificate to the vehicle, the certificate having the common public key, and the common public key being shared by a plurality of vehicles including the vehicle and a second vehicle;
  
  storing the certificate in the vehicle;
  
  generating a configuration key as one portion of the original common private key in the vehicle in response to the plurality of components such that the configuration key is not stored in the vehicle;
  
  generating an original certification key as another portion of the original common private key in response to a common private key and the configuration key;
  
  storing the original certification key in the vehicle;
  
  transmitting the signed message from the vehicle to the second vehicle; and
  
  authenticating the message at the second vehicle by decrypting the signed message using the common public key.

16. A method for providing anonymous broadcast message security between a vehicle and roadway infrastructure that is coupled to a certification authority based on a public-key cryptography using an original common private key for encrypting a message and a common public key for decrypting the message, the vehicle including a plurality of components each having an identification, the method comprising:
- the certification authority transmitting a certificate to the vehicle, the certificate having the common public key, and the common public key being shared by a plurality of vehicles including the vehicle and a second vehicle;
  
  storing the certificate in the vehicle;
  
  generating a configuration key as one portion of the original common private key in the vehicle in response to the plurality of components such that the configuration key is not stored in the vehicle;
  
  generating an original certification key as another portion of the original common private key in response to a common private key and the configuration key;
  
  storing the original certification key in the vehicle;
  
  signing at least a fragment of the message with the original common private key, an effect of signing the message with the original common private key being effected by signing first with the certification key and then with the configuration key;
  
  transmitting the signed message from the vehicle to the second vehicle; and
  
  authenticating the message at the second vehicle by decrypting the signed message using the common public key.

17. A method for communicating over an anonymous broadcast message security link between a first vehicle and a roadway infrastructure base station based on a public-key cryptography using a common private key for encrypting a data message and a public key for decrypting the data message, the method comprising:
- the infrastructure base station transmitting the public key to a plurality of vehicles including the first vehicle and a second vehicle;
  
  storing only a first portion of the common private key in the first vehicle, with the common private key having two portions;
  
  generating the remaining portion of the common private key in the first vehicle based on a configuration of a plurality of vehicle components of the first vehicle in response to a power-up of the first vehicle, such that the remaining portion is not stored in the first vehicle and the remaining portion changes when the configuration of the vehicle components of the first vehicle changes, with the first portion and the remaining portion being different from each other;
  
  generating the data message;
  
  signing the data message with the common private key to generate a signed data message; and
  
  transmitting the signed data message to the second vehicle; and
  
  authenticating the message at the second vehicle by decrypting the signed message using the public key.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The method of claim 17 further comprisingcommunicating between the first vehicle and a second vehicle such that at least a fragment of each message being transmitted is encrypted with the common private key.
  - 19. The method of claim 17 whereinonly a fragment of the signed data message is encrypted with the common private key.
  - 20. The method of claim 17 whereinthe data message includes information regarding at least one of a plurality of vehicle operating parameters.
  - 21. The method of claim 17 whereinthe vehicle components of the first vehicle include a host controller, a GPS, a radio, and an application code, each component having a unique identifier.

22. A vehicular communication system based on a public-key cryptograph using a common private key for encrypting a data message and a public key for decrypting the data message, the system comprising:
- a roadway base station coupled to a certification authority configured to generate a certificate that includes a first portion of the common private key and the public key, the public key being shared by a plurality of vehicles; and
  
  a vehicle including;
  
  a plurality of components each having a unique identifier, the plurality of components including a transceiver for communicating with the roadway base station and a second vehicle;
  
  a memory that stores a first portion of the common private key; and
  
  a controller coupled to the memory and the plurality of components and adapted to;
  
  generate a configuration key based on the unique identifiers of the components such that the configuration key changes when a configuration of the vehicle components changes and the first portion of the common private key and the configuration key are different from each other,generate the common private key in response to the first portion from memory and the configuration key,erase the configuration key after generation of the entire common private keygenerate the data message;
  
  encrypt the data message using the common private key; and
  
  send the encrypted data message to the second vehicle, such that the second vehicle can authenticate the message by decrypting the message using the public key.
- View Dependent Claims (23, 24)
- - 23. The system of claim 22 whereinthe unique identifiers are electronic serial numbers.
  - 24. The system of claim 22 whereinthe controller is further adapted to generate the data message for transmission to the roadway base station.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nissan Motor Co., Ltd.
Original Assignee
Nissan Technical Center North America Incorporated (Nissan Motor Co., Ltd.)
Inventors
Andrews, Scott, Heft, Ronald, Tengler, Steve
Primary Examiner(s)
Bui; Kieu Oanh
Assistant Examiner(s)
Woldemariam; Nega

Application Number

US11/389,859
Publication Number

US 20070222555A1
Time in Patent Office

1,548 Days
Field of Search

380/200, 380/30, 709/12, 709/14, 713/192, 713/168, 713/182, 726/4, 726/13, 726/30, 726/24
US Class Current

380/270
CPC Class Codes

H04L 2209/42   Anonymization, e.g. involvi...

H04L 2209/80   Wireless

H04L 2209/84   Vehicles

H04L 9/3263   involving certificates, e.g...

Security for anonymous vehicular broadcast messages

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Security for anonymous vehicular broadcast messages

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links