Certificating vehicle public key with vehicle attributes
First Claim
Patent Images
1. A method for providing secure connection between a first vehicle and a second vehicle over a channel of a wireless communication network, comprising the steps of:
- a) providing to each vehicle, its own unique pair of digitally signed public key and private key;
b) providing to each vehicle, additional vehicle-related data being a collection of its own visual attributes, at least one of which being an executable procedure, executed by a verifier and monolithically signed with its said own public key, for identifying itself;
c) for each vehicle, generating its own unique certificate with a unique certificate number, said executable procedure being embedded in said own unique certificate, to identify said each vehicle upon being in communication with another vehicle;
d) signing monolithic data consisting of said own public key, said certificate number and said visual attributes of said first vehicle by a trusted Certificate generating Authority (CA) that solely restores any manipulations being changes in attributes or in security credentials of said first vehicle;
e) prior to wireless communication between said first vehicle and said second vehicle, performing an out of band verification step of said visual attributes of said first vehicle, during which;
e.1) the signed monolithic data is mutually verified by said second vehicle while exchanging authentication identification session key, simultaneously and in one communication round, where said first vehicle sends its unique certificate to said second vehicle over a communication channel;
e.2) said second vehicle verifies the authenticity of received unique certificate of said first vehicle and its visual attributes by a visual capturing device being capable of capturing attributes of said first vehicle which are visible, using image processing means;
f) if said captured visual attributes are verified successfully via out of band communication, generating a secret session key with neighboring authenticated vehicles for a current session independently at one party, said second vehicle sends its unique certificate to said first vehicle over a communication channel, along with said secret session key, which is valid for the current session only using only two communication rounds;
g) said first vehicle verifies the authenticity of received unique certificate of said second vehicle and its attributes by a visual capturing device, for capturing attributes of said second vehicle which are visible, using signal processing means; and
h) as a result of successful authentication, allowing both vehicles to securely exchange message or data using said secret session key.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for providing secure connection between vehicles. A unique pair of digitally signed public key and private key is provided to each vehicle, along with additional vehicle-related data. A certificate number is generated for each vehicle and the public key, the certificate number and the attributes of the vehicle is signed by a trusted certificate generating authority. Before communicating with a second vehicle, the first vehicle sends its unique certificate to a second vehicle; the second vehicle verifies the authenticity of received unique certificate number and visible attributes by a camera. If the attributes are verified successfully, the second vehicle sends its unique certificate number to the first vehicle, along with a secret key, which is valid for the current session only. Then the first vehicle verifies the authenticity of received certificate of the second vehicle and attributes by a camera that captures visible attributes of the second vehicle.
17 Citations
6 Claims
-
1. A method for providing secure connection between a first vehicle and a second vehicle over a channel of a wireless communication network, comprising the steps of:
-
a) providing to each vehicle, its own unique pair of digitally signed public key and private key; b) providing to each vehicle, additional vehicle-related data being a collection of its own visual attributes, at least one of which being an executable procedure, executed by a verifier and monolithically signed with its said own public key, for identifying itself; c) for each vehicle, generating its own unique certificate with a unique certificate number, said executable procedure being embedded in said own unique certificate, to identify said each vehicle upon being in communication with another vehicle; d) signing monolithic data consisting of said own public key, said certificate number and said visual attributes of said first vehicle by a trusted Certificate generating Authority (CA) that solely restores any manipulations being changes in attributes or in security credentials of said first vehicle; e) prior to wireless communication between said first vehicle and said second vehicle, performing an out of band verification step of said visual attributes of said first vehicle, during which; e.1) the signed monolithic data is mutually verified by said second vehicle while exchanging authentication identification session key, simultaneously and in one communication round, where said first vehicle sends its unique certificate to said second vehicle over a communication channel; e.2) said second vehicle verifies the authenticity of received unique certificate of said first vehicle and its visual attributes by a visual capturing device being capable of capturing attributes of said first vehicle which are visible, using image processing means; f) if said captured visual attributes are verified successfully via out of band communication, generating a secret session key with neighboring authenticated vehicles for a current session independently at one party, said second vehicle sends its unique certificate to said first vehicle over a communication channel, along with said secret session key, which is valid for the current session only using only two communication rounds; g) said first vehicle verifies the authenticity of received unique certificate of said second vehicle and its attributes by a visual capturing device, for capturing attributes of said second vehicle which are visible, using signal processing means; and h) as a result of successful authentication, allowing both vehicles to securely exchange message or data using said secret session key. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeLukasz Krzywiecki, Michael Segal, Nisha Panwar, Shlomi Dolev
-
Original AssigneeLukasz Krzywiecki, Nisha Panwar
-
InventorsDolev, Shlomi, Panwar, Nisha, Segal, Michael, Krzywiecki, Lukasz
-
Primary Examiner(s)Colin, Carl
-
Assistant Examiner(s)LITTLE, VANCE M
-
Application NumberUS14/309,990Publication NumberTime in Patent Office1,187 DaysField of SearchUS Class CurrentCPC Class CodesH04L 2209/84 VehiclesH04L 63/0823 using certificates cryptogr...H04L 9/3215 using a plurality of channe...H04L 9/3268 using certificate validatio...H04L 9/3278 using physically unclonable...H04W 12/04 Key management, e.g. using ...H04W 12/06 AuthenticationH04W 12/50 Secure pairing of devicesH04W 12/65 Environment-dependent, e.g....H04W 84/005 Moving wireless networks
