Cryptographic authentication of transmitted messages using pseudorandom numbers
DCFirst Claim
1. A method of cryptographically authenticating a transmission from a transmitting unit at a receiving module, comprising:
- providing a secret initial value in said transmitter andproviding said secret initial value in said receiver;
in said transmitting unit;
generating a random number;
concatenating said random number with a key word derived from said secret initial value to provide a combined word;
performing an encryption operation on said combined word to provide an encrypted number; and
transmitting a command word derived at least in part from said encrypted number and indicative of a command;
comprising in said receiving module;
receiving said command word;
recovering said encrypted number from said received command word;
performing a decryption operation on said recovered encrypted number to recover said combined word;
comparing a second word derived from said secret initial value with the key word portion of said recovered combined word;
storing the random number portion of said recovered combined word for future use in subsequent authentication operations;
comparing the random number portion of said recovered combined word with a previously stored random number portion; and
performing the command indicated by said command word only if said second .[.secret initial value.]. .Iadd.word .Iaddend.is identical to the .[.initial value.]. .Iadd.key word .Iaddend.portion of said recovered combined word and said random number portion of said recovered combined word is different from said previously stored random number portion.
12 Assignments
Litigations
0 Petitions
Accused Products
Abstract
An automobile door receiver module (30) and a plurality of keychain fob transmitter units (16) contain identification numbers, secret initial values, and secret feedback masks so as to authenticate encrypted messages from any of the assigned fobs, indicative of commands registered by closing switches on the fob. Each fob is synchronized with the receiving module by means of a truly random number concatenated with a secret initial value and encrypted, through a linear feedback shift register or other operations. A second secret initial value is encrypted and command bits are exclusive ORed into the low order bit positions; the two encrypted numbers are concatenated and encrypted to form a key word which is transmitted with the fob ID. Synchronization includes decrypting to recover the truly random number and the secret initial value concatenated therewith; the truly random number is compared with previously received random numbers in order to avoid copying of recently transmitted synchronization commands. Successive lock-related commands utilize the number encrypted from the truly random number and the second secret initial value as starting values, employing a pseudorandom number of encryption iterations. A half-second delay between responses mitigates gaining access through numerical trials. An authenticated panic alarm command operates the headlights and horn of the vehicle but does not alter the synchronization.
54 Citations
44 Claims
-
1. A method of cryptographically authenticating a transmission from a transmitting unit at a receiving module, comprising:
-
providing a secret initial value in said transmitter and providing said secret initial value in said receiver;
in said transmitting unit;generating a random number; concatenating said random number with a key word derived from said secret initial value to provide a combined word; performing an encryption operation on said combined word to provide an encrypted number; and transmitting a command word derived at least in part from said encrypted number and indicative of a command; comprising in said receiving module; receiving said command word; recovering said encrypted number from said received command word; performing a decryption operation on said recovered encrypted number to recover said combined word; comparing a second word derived from said secret initial value with the key word portion of said recovered combined word; storing the random number portion of said recovered combined word for future use in subsequent authentication operations; comparing the random number portion of said recovered combined word with a previously stored random number portion; and performing the command indicated by said command word only if said second .[.secret initial value.]. .Iadd.word .Iaddend.is identical to the .[.initial value.]. .Iadd.key word .Iaddend.portion of said recovered combined word and said random number portion of said recovered combined word is different from said previously stored random number portion. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A method of cryptographically synchronizing a command transmitting unit with a command performing receiving module for selective response thereto, comprising:
-
providing, in both said transmitting unit and in said receiving module, a word including a key portion derived at least in part from a secret initial value; in said transmitting unit; performing an encryption operation on said word to provide an encrypted word; and transmitting a command word derived at least in part from said encrypted word and indicative of a synchronization command; comprising in said receiving module; receiving said command word; recovering said encrypted word from said received command word; performing a decryption operation on said recovered encrypted word to recover said word; comparing the key portion of said word with the key portion of said recovered word; and providing cryptographic synchronization between said receiving module and said transmitting unit only if the key portion of said word is identical to the key portion of said recovered word. - View Dependent Claims (27, 28, 29, 30, 41)
-
-
31. A method of transferring a cryptographically authenticated command from a transmitting unit to a receiving module, comprising:
-
providing, in both said transmitting unit and in said receiving module, a code word, derived from a secret initial value, including a key portion and a command portion; comprising, in said transmitting unit; providing a plurality of bits indicative of a command to be transmitted; exclusive ORing said plurality of bits into corresponding bits of said command portion to provide an altered word; performing an encryption operation on a word including said altered word to provide an encrypted word; and transmitting a command word derived at least in part from said encrypted word; comprising in said receiving module; receiving said command word; recovering said encrypted word from said received command word; performing a decryption operation on said recovered encrypted word to recover said altered word; and exclusive ORing the command portion of said code word with the command portion of said recovered altered word to recover said plurality of bits. - View Dependent Claims (32)
-
-
33. A cryptographically authenticated control system in which a command message from a transmitting unit causes a physical effect in a receiving module;
-
said transmitting unit comprising; a source of signals for providing a seed signal indicative of a secret initial value, said initial value being essentially unique to said transmitting unit; command switches that indicate a physical effect to be caused by said receiving module; and first signal processing means responsive to selected operation of said switches indicative of a command for providing a random signal indicative of a variable random number, for providing a combined number including a key word derived from said secret initial value concatenated with the random number defined by said random signal, for encrypting said combined number, and for transmitting, to said receiving module, a command word signal having a key portion derived from the encrypted combined number and including an indication of said command; said receiving module comprising; a signal source for providing a seed signal indicative of said secret initial value; and second signal processing means for receiving said command word signal, for recovering said encrypted combined number from said key portion of said received command word signal, for decrypting said recovered encrypted combined number so as to recover said combined number, for providing a key word derived from said secret initial value, for comparing said key word with an equivalent portion of said recovered combined number, for storing, in response to said initial value being identical to said equivalent portion, the random number portion of said recovered combined word for subsequent use, and for comparing said random number portion, for which said equivalent portion is equal to said key word, with a similar random number portion, previously stored for subsequent use in response to a prior key word comparison, and for selectively performing the command indicated by said command word only if said compared random number portions are not equal. - View Dependent Claims (34, 35, 36, 37)
-
-
38. A method of causing an alarm at a receiving module in response to a command from a transmitting unit, comprising:
-
providing, in both said transmitting unit and in said receiving module, a word including a key portion derived at least in part from a secret initial value; in said transmitting unit; performing an encryption operation on said word to provide an encrypted word; and transmitting a command word derived at least in part from said encrypted word and indicative of an alarm command; comprising in said receiving module; receiving said command word; recovering said encrypted word from said received command word; performing a decryption operation on said recovered encrypted word so as to recover said word; comparing the key portion of said word with the key portion of said recovered word; and setting off an alarm near said receiving module if the key portion of said word is identical to the key portion of said recovered word. - View Dependent Claims (39, 40)
-
-
42. signal. .Iaddend..Iadd.43. A system according to claim 42 wherein said word signal in said transmitter comprises a random number signal concatenated with said key portion, said decrypter operative to recover said random number signal, and said synchronization means operative to provide cryptographic synchronization only if said recovered random number signal is different from a previous random number signal recovered from a received command signal. .Iaddend..Iadd.44. A system according to claim 42 wherein said word signal comprises said key portion and a second secret initial value signal indicative of a binary number having synchronization command bits exclusive ORed into a command portion thereof;
- and
said synchronization means comprises a second signal processor for exclusive ORing a third secret initial value signal into the command portion of said recovered word signal to recover said synchronization command bits and provide cryptographic synchronization in response to said recovered synchronization command bits. .Iaddend..Iadd.45. A system according to claim 42 wherein said key portion is said secret initial value signal. .Iaddend..Iadd.46. A system according to claim 42 wherein said word signal is said secret initial value signal. .Iaddend..Iadd.47. A system according to claim 42 wherein said synchronization means comprises means for storing said recovered encrypted signal for future use in
- and
-
43. subsequent authentication. .Iaddend..Iadd.48. A command system in which a command message sent from a transmitting unit causes a physical effect in a receiving module,
said transmitting unit comprising: -
a first signal source for providing a code word signal derived from a secret initial value signal, said code word signal including a key portion and a command portion; means for providing a plurality of bits indicative of a command to be transmitted; a signal processor for exclusive ORing said plurality of bits into corresponding bits of said command portion to provide an altered word signal; an encrypter for performing an encryption operation on a word signal including said altered word signal to provide an encrypted signal; and transmission means for transmitting a command signal derived at least in part from said encrypted signal; comprising in said receiving module; a second signal source for providing a code word signal; reception means for receiving said command signal; a signal processor for recovering said encrypted signal from said command signal; a decrypter for recovering said altered word signal from said encrypted signal; and a second signal processor for exclusive ORing the command portion of said code word signal with the command portion of said recovered altered word signal to recover said plurality of bits. .Iaddend..Iadd.49. A system according to claim 48, said second signal processor comprising; means for exclusive ORing the command portion of said code word signal with the command portion of said recovered altered word signal only if said key portion of said code word signal is identical to said key portion of said recovered altered word signal. .Iaddend..Iadd.50. A system for causing an alarm at a receiving module in response to a command from a transmitting unit, said transmitting unit comprising; a first signal source for providing a word signal indicative of a word, said word signal including a key portion derived at least in part from a secret initial value signal; an encrypter for performing an encryption operation on said word signal to provide an encrypted signal indicative of an encrypted word; transmission means for transmitting a command signal derived at least in part from said encrypted signal and indicative of an alarm command; said receiving module comprising; a second signal source for providing a word signal indicative of said words reception means for receiving said command signal; a signal processor for recovering said encrypted signal from said command signal; a decrypter for recovering said word signal from said encrypted signal; means for comparing the key portion of said word signal with the key portion of said recovered word signal; and alarm means for setting off an alarm near said receiving module if the key portion of said word signal is identical to the key portion of said
-
-
44. recovered word signal. .Iaddend..Iadd.51. A system according to claim 50 wherein said alarm comprises the horn of a vehicle with which said receiving module is associated. .Iaddend..Iadd.52. A system according to claim 50 wherein said alarm comprises the headlights of a vehicle with which said receiving module is associated. .Iaddend..Iadd.53. A cryptographically authenticated control system in which a command message from a transmitting unit causes a physical effect in a receiving module;
-
said transmitting unit comprising; a first signal source for providing a word signal indicative of a word, said word signal including a key portion derived at least in part from a secret initial value signal; transmission means for transmitting a command signal derived at least in part from said word signal and indicative of a synchronization command; said receiving module comprising; a second signal source for providing a word signal indicative of said word; reception means for receiving said command signal; a signal processor for recovering said word signal from said command signal; means for comparing the key portion of said word signal with the key portion of said recovered word signal; and synchronization means for providing cryptographic synchronization between said receiving module and said transmitting unit only if the key portion of said word signal is identical to the key portion of said recovered word signal. .Iaddend..Iadd.54. A system according to claim 53 wherein said word signal in said transmitter comprises a random number signal concatenated with said key portion, said signal processor operative to recover said random number signal, and said synchronization means operative to provide cryptographic synchronization only if said recovered random number signal is different from a previous random number signal recovered from a received command signal. .Iaddend..Iadd.55. A system according to claim 53 wherein said word signal comprises said key portion and a second secret initial value signal indicative of a binary number having synchronization command bits exclusive ORed into a command portion thereof; and said synchronization means comprises a second signal processor for exclusive ORing a third secret initial value signal into the command portion of said recovered word signal to recover said synchronization command bits and provide cryptographic synchronization in response to said recovered synchronization command bits. .Iaddend..Iadd.56. A system according to claim 53 wherein said key portion is said secret initial value signal. .Iaddend..Iadd.57. A system according to claim 53 wherein said word signal is said secret initial value signal. .Iaddend..Iadd.58. A system according to claim 53 wherein said synchronization means comprises means for storing said recovered word signal for future use in subsequent authentication. .Iaddend..Iadd.59. A method of cryptographically synchrononizing a command transmitting unit with a command performing receiving module for selective response thereto, comprising; providing, in both said transmitting unit and in said receiving module, a word including a key portion derived at least in part from a secret initial value; in said transmitting unit; transmitting a command word derived at least in part from said word and indicative of a synchronization command; comprising in said receiving module; receiving said command word; recovering said word from said received command word; comparing the key portion of said word with the key portion of said recovered word; and providing cryptographic synchronization between said receiving module and said transmitting unit only if the key portion of said word is identical to the key portion of said recovered word. .Iaddend..Iadd.60. A method according to claim 59 wherein said word in said transmitter comprises a random number concatenated with said key portion, said step of recovering comprises recovering said random number, and said step of providing cryptographic synchronization is performed only if said recovered random number is different from a previous random number recovered from a received command word. .Iaddend..Iadd.61. A method according to claim 59 wherein said word comprises said key portion and a second secret initial value having bits indicative of a synchronization command exclusive ORed into a command portion thereof; and said step of providing cryptographic synchronization comprises exclusive ORing a third secret initial value into the command portion of said recovered word to recover said synchronization command bits and providing cryptographic synchronization in response to said recovered synchronization command bits. .Iaddend..Iadd.62. A method according to claim 59 wherein said key portion is said secret initial value. .Iaddend..Iadd.63. A method according to claim 59 wherein said word is said secret initial value. .Iaddend..Iadd.64. A method according to claim 59 wherein said step of providing cryptographic synchronization comprises storing said recovered word for future use in subsequent authentication. .Iaddend.
-
Specification