Securing a command path between a vehicle and personal wireless device

US 9,276,737 B2
Filed: 03/14/2013
Issued: 03/01/2016
Est. Priority Date: 03/14/2013
Status: Active Grant

First Claim

Patent Images

1. A method of establishing a secure communication channel between a vehicle and a mobile device, comprising the steps of:

providing to a call center a unique mobile device identifier and a unique vehicle telematics unit (VTU) identifier;

receiving at the mobile device a first private key that is associated at least in part with the unique mobile identifier and that is associated at least in part with the unique VTU identifier, wherein the first private key is generated at a wireless service provider (WSP) and received by the mobile device within a first cryptographic envelope signed with a first cryptographic key by the WSP; and

establishing a secure communication channel between the VTU and mobile device, wherein the mobile device transmits message(s) to the VTU signed with the first private key and the mobile device receives message(s) from the VTU which are signed with a second private key, wherein the second private key is associated at least in part with the unique mobile identifier and at least in part with the unique VTU identifier, wherein the VTU received the second private key from the call center or the WSP within a second cryptographic envelope signed with a second cryptographic key, wherein the second cryptographic envelope is different than the first cryptographic envelope.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and a method using that system is provided for establishing a secure communication channel between a vehicle and a mobile device. The method may include providing at least one unique mobile device identifier and at least one unique vehicle telematics unit identifier associated with the mobile device identifier to a call center. At least one of the two identifiers may be provided to a wireless service provider. Two private keys may be generated—a first private key based on the at least one unique mobile identifier and a second private key based on the at least one unique vehicle telematics unit identifier. The first private key may be provided to the mobile device within a first cryptographic envelope signed with a first cryptographic key. And the second private key may be provided to the vehicle telematics unit within a second cryptographic envelope signed with a second cryptographic key.

28 Citations

View as Search Results

20 Claims

1. A method of establishing a secure communication channel between a vehicle and a mobile device, comprising the steps of:
- providing to a call center a unique mobile device identifier and a unique vehicle telematics unit (VTU) identifier;
  
  receiving at the mobile device a first private key that is associated at least in part with the unique mobile identifier and that is associated at least in part with the unique VTU identifier, wherein the first private key is generated at a wireless service provider (WSP) and received by the mobile device within a first cryptographic envelope signed with a first cryptographic key by the WSP; and
  
  establishing a secure communication channel between the VTU and mobile device, wherein the mobile device transmits message(s) to the VTU signed with the first private key and the mobile device receives message(s) from the VTU which are signed with a second private key, wherein the second private key is associated at least in part with the unique mobile identifier and at least in part with the unique VTU identifier, wherein the VTU received the second private key from the call center or the WSP within a second cryptographic envelope signed with a second cryptographic key, wherein the second cryptographic envelope is different than the first cryptographic envelope.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the mobile device provides to the call center the unique mobile device identifier and the unique VTU identifier.
  - 3. The method of claim 2 wherein the mobile device receives the VTU identifier from the VTU using short range wireless communication (SRWC).
  - 4. The method of claim 1 wherein the unique mobile device identifier includes a first international mobile subscriber identity (IMSI), wherein the unique VTU identifier includes a second IMSI.
  - 5. The method of claim 1 wherein the call center provides the unique mobile identifier to the WSP which in turn generates the first private key, wherein the second private key is generated at the call center or the WSP, wherein, when the WSP generates the second private key, the call center provides the unique VTU identifier to the WSP.
  - 6. The method of claim 1 wherein the first and second private keys are identical according to a shared key infrastructure or are different according to a public key infrastructure (PKI).
  - 7. The method of claim 1 wherein the first and second cryptographic keys are based on one of a private key infrastructure or a public key infrastructure.

8. A method of receiving a secure communication at a vehicle from a mobile device, comprising the steps of:
- establishing short range wireless communication (SRWC) between a mobile device and a vehicle telematics unit (VTU);
  
  receiving at the VTU at least one communication via SRWC from the mobile device, wherein the at least one communication is digitally signed using a first private key, wherein the first private key is associated at least in part with a unique identifier associated with a first subscriber identity module (SIM) within the mobile device, wherein the at least one communication includes a first public key associated with the first private key; and
  
  decrypting the at least one communication at the VTU using the first public key, wherein the first private key was received by the mobile device previous to the receiving step in a first cryptographic envelope signed by a wireless service provider (WSP) using a first cryptographic key and transmitted from the WSP to the mobile device via cellular transmission, wherein the WSP provides cellular services using infrastructure associated with a wireless carrier system.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of claim 8 wherein the at least one communication is a command to perform at least one vehicle function, wherein the at least one vehicle function includes one of unlocking a vehicle door or starting the vehicle'"'"'s engine.
  - 10. The method of claim 8 wherein the first cryptographic key is based on private key infrastructure between the WSP and the mobile device that existed prior to generating the first private key.
  - 11. The method of claim 8 wherein the at least one communication received at the VTU is enabled by a user actuation of a hard switch on the mobile device at the time of the at least one communication.
  - 12. The method of claim 11 wherein the switch actuation enables a transmission antenna on the mobile device or enables the first SIM in the mobile device to an operative state.

13. A method of receiving a secure communication at a vehicle from a mobile device, comprising the steps of:
- establishing short range wireless communication (SRWC) between a mobile device and a vehicle telematics unit (VTU);
  
  receiving at the VTU at least one communication from the mobile device, wherein the at least one communication is digitally signed using a first private key, wherein the first private key is associated at least in part with a unique identifier associated with a first subscriber identity module (SIM) within the mobile device, wherein the at least one communication includes a first public key associated with the first private key;
  
  decrypting the at least one communication at the VTU using the first public key, wherein the first private key was received by the mobile device previous to the receiving step in a first cryptographic envelope signed with a first cryptographic key from a wireless service provider (WSP); and
  
  validating the at least one communication by sending a challenge message from the VTU to the mobile device via SRWC, wherein the challenge message is digitally signed using a second private key, wherein the second private key was received by the VTU previous to the receiving step in a second cryptographic envelope signed with a second cryptographic key, wherein the challenge message includes a challenge query and a second public key associated with the second private key whereby the mobile device may decipher the challenge message.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method of claim 13 wherein the second cryptographic envelope is associated with a private key infrastructure between either the VTU and the call center or the VTU and the WSP that existed prior to generating the second private key.
  - 15. The method of claim 13 wherein the challenge query includes a nonce challenge.
  - 16. The method of claim 13 further comprising receiving a response message from the mobile device in response to the challenge query, wherein the response message is signed using the first private key.
  - 17. The method of claim 16 wherein the at least one communication received at the VTU from the mobile device has a first time stamp, the challenge message has a second time stamp, and the response message has a third time stamp, wherein the validating step further comprises the duration of time between any two of time stamps is less than or equal to a predetermined value.
  - 18. The method of claim 13 wherein the second private key is associated at least in part with a unique identifier associated with a first subscriber identity module (SIM) having a computer processing unit (CPU) within the VTU, wherein the digital signature is based on the second private key and random data accessible to the SIM CPU.
  - 19. The method of claim 18 wherein second private key accessible only to the SIM CPU.

20. A method of secure communication between a vehicle and a mobile device, comprising the steps of:
- (a) establishing short range wireless communication (SRWC) between a mobile device and a vehicle telematics unit (VTU);
  
  (b) receiving at the VTU a command communication to perform a vehicle function via SRWC from the mobile device, wherein the command communication is digitally signed using a first private key associated with a unique identifier of the mobile device, wherein the first private key was transmitted to the mobile device from a wireless service provider (WSP) previous to step (a) in a first cryptographic envelope signed by the WSP;
  
  (c) decrypting the command communication at the VTU;
  
  (d) in response to step (c), generating a challenge communication at the VTU using a second private key, wherein the second private key is associated with a unique identifier of the VTU, wherein the second private key was received by the VTU from the WSP previous to step (a) in a second cryptographic envelope signed by the WSP;
  
  (e) providing the challenge communication from the VTU to the mobile device via SRWC;
  
  (f) receiving at the VTU an accurate response communication from the mobile device via SRWC, wherein the response communication is associated with the mobile device receiving the challenge communication; and
  
  (g) based on the accuracy of the response communication, executing the command communication to perform the vehicle function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
General Motors LLC (General Motors Company)
Original Assignee
General Motors LLC (General Motors Company)
Inventors
Peirce, Kenneth L.
Primary Examiner(s)
Okeke, Izunna
Assistant Examiner(s)
WRIGHT, BRYAN F

Application Number

US13/804,533
Publication Number

US 20140270172A1
Time in Patent Office

1,083 Days
Field of Search

380/277
US Class Current

1/1
CPC Class Codes

G07C 5/008   communicating information t...

H04L 2209/80   Wireless network architectu...

H04L 2209/84   Vehicles

H04L 63/062   for key distribution, e.g. ...

H04L 63/08   for authentication of entit...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 67/12   specially adapted for propr...

H04L 9/0819   Key transport or distributi...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/083   involving central third par...

H04L 9/3297   involving time stamps, e.g....

H04W 12/04   Key management, e.g. using ...

H04W 12/0431   Key distribution or pre-dis...

H04W 12/06   Authentication

H04W 12/72   Subscriber identity

H04W 4/40   for vehicles, e.g. vehicle-...

Securing a command path between a vehicle and personal wireless device

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Securing a command path between a vehicle and personal wireless device

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others