Authentication of a vehicle-external device

US 8,886,943 B2
Filed: 10/27/2006
Issued: 11/11/2014
Est. Priority Date: 04/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating a vehicle-external device in a bus system of a motor vehicle comprising control units, the bus system including an authentication device, the method comprising the acts of:

transmitting, by the authentication device, an authentication request to the vehicle-external device;

signing, by the vehicle-external device, the authentication request with a signature using a secret key of an asymmetric pair of keys;

transmitting, by the vehicle-external device, only the signature to the authentication device;

determining, by the authentication device, a signature of the authentication request using a same algorithm as the vehicle-external device;

decoding the signature transmitted by the vehicle-external device using the public key, which is complementary to the secret key; and

comparing the determined signature with the transmitted signature;

wherein, when comparing the determined signature and the transmitted signature results in a positive comparison or match, the vehicle-external device obtains write and/or read access to a store of at least one of the control units by way of the authentication device,further wherein;

a first control unit transmits an authentication request to the authentication device for authenticating the control units,the authentication device signs the authentication request using a first symmetric key and transmits only the signature to the first control unit,whereinthe first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request;

orthe first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained, and the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained; and

the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive and/or if the signatures and/or the hash values match, andthe motor vehicle may be started up only after all of the control units of the bus system have executed the method for authentication with positive results from the comparison.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for authenticating a vehicle-external device in a bus system of a motor vehicle comprising control units is provided. In order to effectively and inexpensively prevent a sequence control system that is stored in a control unit from being manipulated, an authentication device is provided in the bus system. The authentication device transmits an authentication request to the vehicle-external device. The vehicle-external device signs the authentication request with a secret key of an asymmetric pair of keys, such as a pair of public keys, and transmits the signed authentication request or exclusively the signature to the authentication device. The authentication device determines a signature of the authentication request using the same algorithm as the vehicle-external device, and decodes the signature transmitted by the vehicle-external device using the public key which is complementary to the secret key, and compares the determined signature with the transmitted signature.

15 Citations

View as Search Results

6 Claims

1. A method for authenticating a vehicle-external device in a bus system of a motor vehicle comprising control units, the bus system including an authentication device, the method comprising the acts of:
- transmitting, by the authentication device, an authentication request to the vehicle-external device;
  
  signing, by the vehicle-external device, the authentication request with a signature using a secret key of an asymmetric pair of keys;
  
  transmitting, by the vehicle-external device, only the signature to the authentication device;
  
  determining, by the authentication device, a signature of the authentication request using a same algorithm as the vehicle-external device;
  
  decoding the signature transmitted by the vehicle-external device using the public key, which is complementary to the secret key; and
  
  comparing the determined signature with the transmitted signature;
  
  wherein, when comparing the determined signature and the transmitted signature results in a positive comparison or match, the vehicle-external device obtains write and/or read access to a store of at least one of the control units by way of the authentication device,further wherein;
  
  a first control unit transmits an authentication request to the authentication device for authenticating the control units,the authentication device signs the authentication request using a first symmetric key and transmits only the signature to the first control unit,whereinthe first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request;
  
  orthe first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained, and the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained; and
  
  the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive and/or if the signatures and/or the hash values match, andthe motor vehicle may be started up only after all of the control units of the bus system have executed the method for authentication with positive results from the comparison.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein one or more of the other control units of the bus system carries out the method for authentication.
  - 3. The method of claim 1 wherein the execution of the authentication method is carried out prior to starting the vehicle.
  - 4. The method of claim 1, wherein all control units use the same symmetric key in carrying out the authentication method.
  - 5. The method of claim 1, wherein the symmetric key varies from vehicle to vehicle, and in carrying out the method a control unit of a first vehicle uses a first symmetric key and the same control unit of a second vehicle uses a second symmetric key.
  - 6. The method of claim 1, wherein the asymmetric pair of keys are a pair of public keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bayerische Motoren Werke AG
Original Assignee
Bayerische Motoren Werke AG
Inventors
Kiessling, Horst, Kuhls, Burkhard
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Pan, Peiliang

Application Number

US11/588,225
Publication Number

US 20070067635A1
Time in Patent Office

2,937 Days
Field of Search

713/1, 713/2, 713/188, 713/194, 713/150, 713/168, 713/176, 380/200, 380/201, 380/255, 380/277, 726/2
US Class Current

713/176
CPC Class Codes

B60R 25/00   Fittings or systems for pre...

B60R 25/04   operating on the propulsion...

H04L 2209/84   Vehicles

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

Authentication of a vehicle-external device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

6 Claims

Specification

Solutions

Use Cases

Quick Links

Authentication of a vehicle-external device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

6 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links