WO1998026534A1 - Authentication system and method for a remote keyless entry system - Google Patents

Authentication system and method for a remote keyless entry system Download PDF

Info

Publication number
WO1998026534A1
WO1998026534A1 PCT/US1997/018814 US9718814W WO9826534A1 WO 1998026534 A1 WO1998026534 A1 WO 1998026534A1 US 9718814 W US9718814 W US 9718814W WO 9826534 A1 WO9826534 A1 WO 9826534A1
Authority
WO
WIPO (PCT)
Prior art keywords
symbolically
challenge count
authentication
changed
authentication symbol
Prior art date
Application number
PCT/US1997/018814
Other languages
French (fr)
Inventor
Louis D. Finkelstein
Ezzat Dabbish
Gerald M. Hirka
Original Assignee
Motorola Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Motorola Inc. filed Critical Motorola Inc.
Priority to EP97912769A priority Critical patent/EP0885502A4/en
Priority to JP10526637A priority patent/JP2000506947A/en
Publication of WO1998026534A1 publication Critical patent/WO1998026534A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • G07C2009/0023Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks with encription of the transmittted data signal
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00182Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks
    • G07C2009/00238Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks the transmittted data signal containing a code which is changed
    • G07C2009/00253Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with unidirectional data transmission between data carrier and locks the transmittted data signal containing a code which is changed dynamically, e.g. variable code - rolling code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/06Involving synchronization or resynchronization between transmitter and receiver; reordering of codes

Definitions

  • This invention is related to the field of remote keyless entry systems for use in vehicular applications and more particularly to an authentication system and method therefor.
  • Radio signals are transmitted from an RKE transmitter which is typically a portable device, to an RKE receiver which is typically mounted in a vehicle or in a garage.
  • RKE transmitter which is typically a portable device
  • RKE receiver which is typically mounted in a vehicle or in a garage.
  • RKE systems are made more secure by digitally encoding the radio signals transmitted between the RKE transmitter and the RKE receiver. Before the digitally encoded radio signals received by the RKE receiver can be used, their origin needs to be validated. This validation process is often called authentication. While various authentication methods and systems exist they are inadequate because they lack sufficient security to prevent unauthorized use of the RKE system. A secure system must prevent against playback attack, cryptoanalysis attack, and be resistant to cloning. To be considered secure, a change of one symbol bit induced by a command query should result in a change of at least half of the symbol bits transmitted. If this happens the system is said to have the avalanche effect - which is good. Current RKE transmission schemes inadequately address the security issue. What is needed is an improved approach to authentication for
  • FIG. 1 is a system block diagram of a transmitter side of a
  • RKE Remote Keyless Entry
  • FIG. 2 is a system block diagram of a receiver side of the RKE system in accordance with the preferred embodiment of the invention
  • FIG. 3 is a schematic block diagram of the RKE system
  • FIG. 4 is a flow chart showing a preferred method of transmitter portion of an RKE system.
  • FIG. 5 is a flow chart showing a preferred method of receiver side authentication in an RKE system. Detailed Description of a Preferred Embodiment
  • An authentication system method changes a symbolic value of a challenge count and encodes it into an authentication symbol using an encoding process. Then, the symbolically-changed challenge count and the authentication symbol are transmitted. When received, the symbolically-changed challenge count is encoded using the encoding process, and a receive-side derived authentication symbol is formed therefrom. Authentication is indicated when the authentication symbol and the receive-side derived authentication symbol match. Essentially, if an authentication symbol formed in a transmitter-side process matches an authentication symbol formed in a receiver-side process, then there must have been an authentic transmission and reception. Since the challenge count is changed with every new transmission and reception, a high level of security against a potential theft and use of the transmitted and received information is achieved. Furthermore, to increase the security against playback performance, a random number is combined with the challenge count before it is first encoded. Further security features will be introduced later with the introduction of figures covering the specific structures of the invention.
  • FIG. 1 is a system block diagram of a transmitter side of a Remote Keyless Entry (RKE) system.
  • RKE systems are often provided for automobiles as part of a convenience package.
  • the RKE system enables a driver to lock and unlock doors of the vehicle while the driver is in close proximity to the vehicle. Also, as an added convenience, some RKE systems allow the driver to remotely start his or her car.
  • FIG. 1 illustrates how the RKE transmitter collects and transmits its control information to the receiver located in the vehicle.
  • Command switches 101 located on a hand-held RKE transmitter device 100, typically include an UNLOCK switch, a LOCK switch, a TRUNK RELEASE switch, and an ENGINE START switch, and may include other switches such as an ALARM switch.
  • a switch encoder 103 encodes it and provides a command switch code 105, indicative of which of the command switches is activated.
  • a challenge counter 107 changes its symbolic value and provides a symbolically-changed challenge count 109. In a simple case the challenge counter 107 would merely be incremented.
  • the symbolic value of the challenge counter would change to another value; as long as the new value is pre-agreed- to, or computed, by both the transmitter side and the receiver side of the RKE system. This action of always changing the symbolic value of the challenge counter provides a certain level of security to the system.
  • a random number 111 is generated by a random number generator 113 that is used to further decrease the predictability and increase the complexity of the system.
  • a unit identification number 115 or unit ID. This unit ID can be conveniently generated by extracting it from a memory, such as a Electrically Erasable Programmable Read Only Memory 117 (EEPROM) located on the RKE transmitter.
  • EEPROM Electrically Erasable Programmable Read Only Memory
  • the symbolically-changed challenge count 109, the random number 111, and the unit ID 115 are used to generate an authentication symbol 121 using an encoder 123, and a unique secure, or secret key 125 provided by the EEPROM 117.
  • the encoder 123 can take many forms but it essentially hashes, whitens, or encrypts the data using the unique secret key 125. As with many robust transmission schemes a CRC or Cyclic
  • Redundancy Check symbol 127 is computed based on the switch command code 105, the symbolically-changed challenge count 109, the random number 111, and the unit ID 115, and the authentication symbol 121.
  • the CRC symbol 127 is then combined or joined with the switch command code 105, the symbolically-changed challenge count 109, the random number 111, and the unit ID 115, and the authentication symbol 121 to form an assembled data packet, or message 129 which is then transmitted using a transmitter 131.
  • a MAC or Message Authentication Code may be used instead of a CRC method.
  • FIG. 2 is a system block diagram of a receiver side of a RKE system.
  • FIG. 2 illustrates by what means the RKE receiver collects and acts on the collected information to activate action in the vehicle.
  • a scheduler 201 located in an RKE control system 200, controls the operation of several of the system's 200 elements.
  • a receiver 202 receives the assembled data packet 129 transmitted by the transmitter 131, introduced in FIG. 1.
  • the unit ID 115 is extracted from the assembled data packet 129 and compared to a receiver- side EEPROM 209 derived unit ID 215. If these two IDs match, then a unit ID match 217 is indicated.
  • the scheduler 201 aborts any operations of other control system 200 elements. Then, the scheduler 201 waits a predetermined amount of time and then again requests another assembled data packet 129 from the receiver.
  • the predetermined amount of time that the scheduler 201 waits is determined based on a rate of transmission of the assembled data packet 129. This delay is necessary to prevent the system 200 from being tied up in continuously processing the assembled data packet 129 while the received unit ID 115 knowingly does not match the receiver-side EEPROM 209 derived unit ID 215. If the unit ID match 217 is indicated, then the scheduler commands a CRC check circuit 203 to extract the he CRC symbol 127 from the assembled data packet 129 and to validate the integrity of the transmission and reception. If a valid CRC symbol 127 was not received, then the CRC check circuit 127 alerts the scheduler 201. The scheduler 201 then waits the predetermined amount of time and then again requests another assembled data packet 129 from the receiver.
  • the switch command code 105, the symbolically-changed challenge count 109, and the random number 111 are extracted from the assembled data packet 129, and with a secret, or secure key 207 provided by a receiver-side EEPROM 209, a receive-side derived authentication symbol 211 is derived in the encoder 205.
  • the receiver-side encoder 205 operates exactly in the same way that the encoder 123 operates on the transmitter side of the RKE system, and the secret key 207 is identical to the transmitter-side key 125.
  • the receive-side derived authentication symbol 211 is compared with the authentication symbol 121 received from the transmitter 131 in block 224. If the two symbols match, then a match is indicated 213. If the two symbols do not match, then the block 224 alerts the scheduler 201. The scheduler 201 then waits the predetermined amount of time and then again requests another assembled data packet 129 from the receiver.
  • the symbolically-changed challenge count 109 received by the receiver 202 is compared to an a priori determined (base) challenge count 219. If the received symbolically-changed challenge count 109 matches 221 (within a predetermined bounds as determined by block 223) the a priori determined base challenge count 219, then the a priori determined base challenge count 219 is updated (preferably made the same as - but not necessarily) to have a symbolic value equal to the symbolically-changed challenge count 109.
  • the block 223 alerts the scheduler 201.
  • the scheduler 201 then waits the predetermined amount of time and then again requests another assembled data packet 129 from the receiver.
  • system block 225 if a match is indicated between the receive- side derived authentication symbol 211 and the authentication symbol 121 as indicated at reference number 213, and (optionally) the unit IDs match as indicated at reference number 217, and received symbolically-changed challenge count 109 matches the a priori determined base challenge count 219 as indicated at reference number 221 then authentication is indicated and the switch command code 105, received by the receiver 202, is executed in the vehicle.
  • FIG. 3 is a schematic block diagram of the RKE system.
  • the hand-held RKE transmitter device 100 includes a transmit controller 301, which interprets the command switches 101, and, after executing the preferred method, transmits the assembled data packet 129 using its transmitter 131.
  • the transmit controller 301 can be constructed using digital circuitry, a microcontroller, or any other mechanism which essentially performs a portion of the preferred method.
  • a Motorola MC68HC05 microcontroller will be used.
  • the Motorola MC68HC05 microcontroller has on-board program memory used to store the portion of the preferred method described later, and an EEPROM facility for the EEPROM 117 described earlier.
  • the RKE control system 200 includes a receiver controller 303 which executes another portion of the preferred method.
  • the receiver controller 303 includes an actuator drive circuit 305, and a microcontroller 307.
  • the receiver controller 303 receives the assembled data packet 129 using its receiver 202.
  • the microcontroller 307 again preferably a Motorola MC68HC05 microcontroller with on-board program memory to store the portion of the preferred method described later, and an EEPROM facility for the EEPROM 209 described earlier, interprets the assembled data packet 129 and commands the actuator drive 305 to drive external actuators.
  • These external actuators include door lock solenoids and engine starting devices.
  • FIG. 4 is a flow chart showing a preferred method of transmitter portion of an RKE system
  • FIG. 5 is a flow chart showing a preferred method of receiver side authentication in an RKE system. Note that these flow charts are essentially encoded into each of the Motorola MC68HC05 microcontrollers of the controllers 301 and 307 respectively.
  • step 403 the microcontroller determines whether or not a command switch, has been activated. If a command switch has been activated, then, in step 405 a switch command code identifying the particular command switch activated is generated. Next, in step 407 a symbolic value of a challenge count is changed, and a symbolically-changed challenge count is provided in response to the generation of the switch command code resulting from the command switch activation.
  • the challenge count is essentially a binary counter maintained within a register of the microcontroller. In this example the symbolic value is simply the arithmetic value of the counter.
  • step 409 the microcontroller generates a random number.
  • step 411 the switch command code, the symbolically-changed challenge count, and the random number are encoded into an authentication symbol using an encoding process.
  • a unit ID, stored in the microcontroller's EEPROM can also be included in the data that is encoded.
  • the encoding process is effected using a secret key also stored in the microcontroller's EEPROM.
  • the encoding process can take the form of any process that predictably alters the essential form of the raw data.
  • this encoding process is an encryption process, but can also take the form of a filtering, whitening, or other data-altering process.
  • a data packet is formed and includes the unit ID, the random number, the symbolically-changed challenge count, the switch command code, and the authentication symbol.
  • a CRC (or MAC) symbol is computed based on the symbolic values of the unit ID, the random number, the symbolically-changed challenge count, the switch command code, and the authentication symbol and is then included forming an assembled data packet to be transmitted.
  • step 415 the assembled data packet is transmitted by the transmitter 131.
  • FIG. 5 will be described.
  • a receiver-side portion of the preferred method commences at a start step 501.
  • step 503 the assembled data packet transmitted by the transmitter 131 is received by the receiver 202 and passed to the microcontroller 307. As indicated earlier in FIG. 2, the CRC symbol 127 is checked for validity.
  • step 505 the unit ID, the random number, the symbolically-changed challenge count, and the switch command code are extracted from the data packet and are encoded in step 507 based on the receiver-side secret key to form a receive-side derived authentication symbol 211.
  • step 509 a test is made to see whether or not the received authentication symbol 121, and the receive-side derived authentication symbol 211 match. This could be an exact symbolic match, or a symbolic match within some pre-agreed-to bounds. Authentication can be indicated at this time. To make the method more robust another step 511 can be added.
  • step 511 the symbolically-changed challenge count received in the step of receiving is compared to an a priori determined base challenge count. If the symbolically-changed challenge count is different (in a pre-agreed-to way - like one symbolic count larger, or smaller), then authentication can be indicated. If authentication is indicated, then the a priori determined base challenge count can be updated based on the symbolically-changed challenge count received in the step of receiving 503.
  • a match of unit IDs can also be used in the authentication process.
  • the command indicated by the switch command code received in the step of receiving 503, is executed by having the microcontroller 307 control the actuator drive 305 which in turn unlocks a vehicle door or whatever the command is programmed to do.
  • each ID would be associated with a different secret key.
  • Novel improvements include an authentication approach that is secure because of transmission of a non-repeating code. Moreover, with the addition of the random number, the system and method will decrease the predictability and increase the complexity of the transmission and reception process which significantly improves the security of this approach over prior art schemes.

Abstract

An authentication system and method changes (407) a symbolic value of a challenge count and encodes (411) it into an authentication symbol using an encoding process. Then, the symbolically-changed challenge count and the authentication symbol are transmitted (415). When received, the symbolically-changed challenge count is encoded (507) using the encoding process, and a receive-side derived authentication symbol is formed therefrom. Authentication is indicated (511) when the authentication symbol and the receive-side derived authentication symbol match.

Description

AUTHENTICATION SYSTEM AND METHOD FOR A REMOTE KEYLESS ENTRY SYSTEM
Field of the Invention
This invention is related to the field of remote keyless entry systems for use in vehicular applications and more particularly to an authentication system and method therefor.
Background of the Invention
Contemporary vehicle's often employ Remote Keyless Entry (RKE) systems that include control functions such as those to unlock doors of the vehicle, start the engine in the vehicle, or to open a garage door. Typically radio signals are transmitted from an RKE transmitter which is typically a portable device, to an RKE receiver which is typically mounted in a vehicle or in a garage. When the radio signals are transmitted, it is feasible, using electronic eavesdropping, to record the radio signals for later re-transmission to operate the control functions of the vehicle or the garage door opener.
To dissuade unauthorized access, RKE systems are made more secure by digitally encoding the radio signals transmitted between the RKE transmitter and the RKE receiver. Before the digitally encoded radio signals received by the RKE receiver can be used, their origin needs to be validated. This validation process is often called authentication. While various authentication methods and systems exist they are inadequate because they lack sufficient security to prevent unauthorized use of the RKE system. A secure system must prevent against playback attack, cryptoanalysis attack, and be resistant to cloning. To be considered secure, a change of one symbol bit induced by a command query should result in a change of at least half of the symbol bits transmitted. If this happens the system is said to have the avalanche effect - which is good. Current RKE transmission schemes inadequately address the security issue. What is needed is an improved approach to authentication for
RKE systems that is more secure than prior implementations.
Brief Description of the Drawings
FIG. 1 is a system block diagram of a transmitter side of a
Remote Keyless Entry (RKE) system in accordance with a preferred embodiment of the invention;
FIG. 2 is a system block diagram of a receiver side of the RKE system in accordance with the preferred embodiment of the invention; FIG. 3 is a schematic block diagram of the RKE system;
FIG. 4 is a flow chart showing a preferred method of transmitter portion of an RKE system; and
FIG. 5 is a flow chart showing a preferred method of receiver side authentication in an RKE system. Detailed Description of a Preferred Embodiment
An authentication system method changes a symbolic value of a challenge count and encodes it into an authentication symbol using an encoding process. Then, the symbolically-changed challenge count and the authentication symbol are transmitted. When received, the symbolically-changed challenge count is encoded using the encoding process, and a receive-side derived authentication symbol is formed therefrom. Authentication is indicated when the authentication symbol and the receive-side derived authentication symbol match. Essentially, if an authentication symbol formed in a transmitter-side process matches an authentication symbol formed in a receiver-side process, then there must have been an authentic transmission and reception. Since the challenge count is changed with every new transmission and reception, a high level of security against a potential theft and use of the transmitted and received information is achieved. Furthermore, to increase the security against playback performance, a random number is combined with the challenge count before it is first encoded. Further security features will be introduced later with the introduction of figures covering the specific structures of the invention.
FIG. 1 is a system block diagram of a transmitter side of a Remote Keyless Entry (RKE) system. RKE systems are often provided for automobiles as part of a convenience package. The RKE system enables a driver to lock and unlock doors of the vehicle while the driver is in close proximity to the vehicle. Also, as an added convenience, some RKE systems allow the driver to remotely start his or her car.
FIG. 1 illustrates how the RKE transmitter collects and transmits its control information to the receiver located in the vehicle. Command switches 101, located on a hand-held RKE transmitter device 100, typically include an UNLOCK switch, a LOCK switch, a TRUNK RELEASE switch, and an ENGINE START switch, and may include other switches such as an ALARM switch. When one of the command switches is activated, a switch encoder 103 encodes it and provides a command switch code 105, indicative of which of the command switches is activated. Also, when the command switch is activated, a challenge counter 107 changes its symbolic value and provides a symbolically-changed challenge count 109. In a simple case the challenge counter 107 would merely be incremented. In a more complex application, the symbolic value of the challenge counter would change to another value; as long as the new value is pre-agreed- to, or computed, by both the transmitter side and the receiver side of the RKE system. This action of always changing the symbolic value of the challenge counter provides a certain level of security to the system.
To further increase the security of the system, a random number 111 is generated by a random number generator 113 that is used to further decrease the predictability and increase the complexity of the system. Also, many vehicle manufacturers prefer to include a unit identification number 115 (or unit ID). This unit ID can be conveniently generated by extracting it from a memory, such as a Electrically Erasable Programmable Read Only Memory 117 (EEPROM) located on the RKE transmitter.
Before transmitting the switch command code 105, the symbolically-changed challenge count 109, the random number 111, and the unit ID 115, these data are used to generate an authentication symbol 121 using an encoder 123, and a unique secure, or secret key 125 provided by the EEPROM 117. The encoder 123 can take many forms but it essentially hashes, whitens, or encrypts the data using the unique secret key 125. As with many robust transmission schemes a CRC or Cyclic
Redundancy Check symbol 127 is computed based on the switch command code 105, the symbolically-changed challenge count 109, the random number 111, and the unit ID 115, and the authentication symbol 121. The CRC symbol 127 is then combined or joined with the switch command code 105, the symbolically-changed challenge count 109, the random number 111, and the unit ID 115, and the authentication symbol 121 to form an assembled data packet, or message 129 which is then transmitted using a transmitter 131. Alternatively a MAC or Message Authentication Code may be used instead of a CRC method.
FIG. 2 is a system block diagram of a receiver side of a RKE system. FIG. 2 illustrates by what means the RKE receiver collects and acts on the collected information to activate action in the vehicle. A scheduler 201, located in an RKE control system 200, controls the operation of several of the system's 200 elements. At the request of the scheduler 201, a receiver 202 receives the assembled data packet 129 transmitted by the transmitter 131, introduced in FIG. 1. For efficiency reasons the unit ID 115 is extracted from the assembled data packet 129 and compared to a receiver- side EEPROM 209 derived unit ID 215. If these two IDs match, then a unit ID match 217 is indicated. If the two IDs do not match, then the scheduler 201 aborts any operations of other control system 200 elements. Then, the scheduler 201 waits a predetermined amount of time and then again requests another assembled data packet 129 from the receiver. The predetermined amount of time that the scheduler 201 waits is determined based on a rate of transmission of the assembled data packet 129. This delay is necessary to prevent the system 200 from being tied up in continuously processing the assembled data packet 129 while the received unit ID 115 knowingly does not match the receiver-side EEPROM 209 derived unit ID 215. If the unit ID match 217 is indicated, then the scheduler commands a CRC check circuit 203 to extract the he CRC symbol 127 from the assembled data packet 129 and to validate the integrity of the transmission and reception. If a valid CRC symbol 127 was not received, then the CRC check circuit 127 alerts the scheduler 201. The scheduler 201 then waits the predetermined amount of time and then again requests another assembled data packet 129 from the receiver.
If a valid CRC symbol 127 was transmitted and received, then the switch command code 105, the symbolically-changed challenge count 109, and the random number 111 are extracted from the assembled data packet 129, and with a secret, or secure key 207 provided by a receiver-side EEPROM 209, a receive-side derived authentication symbol 211 is derived in the encoder 205. Note that the receiver-side encoder 205 operates exactly in the same way that the encoder 123 operates on the transmitter side of the RKE system, and the secret key 207 is identical to the transmitter-side key 125.
Once encoded, the receive-side derived authentication symbol 211 is compared with the authentication symbol 121 received from the transmitter 131 in block 224. If the two symbols match, then a match is indicated 213. If the two symbols do not match, then the block 224 alerts the scheduler 201. The scheduler 201 then waits the predetermined amount of time and then again requests another assembled data packet 129 from the receiver.
If block 224 indicated a match, then the symbolically-changed challenge count 109, received by the receiver 202 is compared to an a priori determined (base) challenge count 219. If the received symbolically-changed challenge count 109 matches 221 (within a predetermined bounds as determined by block 223) the a priori determined base challenge count 219, then the a priori determined base challenge count 219 is updated (preferably made the same as - but not necessarily) to have a symbolic value equal to the symbolically-changed challenge count 109.
If the received symbolically-changed challenge count 109 does not match the a priori determined (base) challenge count 219, then the block 223 alerts the scheduler 201. The scheduler 201 then waits the predetermined amount of time and then again requests another assembled data packet 129 from the receiver. In system block 225, if a match is indicated between the receive- side derived authentication symbol 211 and the authentication symbol 121 as indicated at reference number 213, and (optionally) the unit IDs match as indicated at reference number 217, and received symbolically-changed challenge count 109 matches the a priori determined base challenge count 219 as indicated at reference number 221 then authentication is indicated and the switch command code 105, received by the receiver 202, is executed in the vehicle.
Now that the overall system has been described a hardware platform will be detailed. FIG. 3 is a schematic block diagram of the RKE system. The hand-held RKE transmitter device 100, includes a transmit controller 301, which interprets the command switches 101, and, after executing the preferred method, transmits the assembled data packet 129 using its transmitter 131. The transmit controller 301 can be constructed using digital circuitry, a microcontroller, or any other mechanism which essentially performs a portion of the preferred method. In the preferred embodiment a Motorola MC68HC05 microcontroller will be used. The Motorola MC68HC05 microcontroller has on-board program memory used to store the portion of the preferred method described later, and an EEPROM facility for the EEPROM 117 described earlier.
The RKE control system 200 includes a receiver controller 303 which executes another portion of the preferred method. The receiver controller 303 includes an actuator drive circuit 305, and a microcontroller 307. According to the preferred method, the receiver controller 303 receives the assembled data packet 129 using its receiver 202. The microcontroller 307, again preferably a Motorola MC68HC05 microcontroller with on-board program memory to store the portion of the preferred method described later, and an EEPROM facility for the EEPROM 209 described earlier, interprets the assembled data packet 129 and commands the actuator drive 305 to drive external actuators. These external actuators include door lock solenoids and engine starting devices. Now that the hardware platform has been detailed, the preferred method steps for both the RKE transmitter device 100, and the RKE control system 200 will be introduced.
FIG. 4 is a flow chart showing a preferred method of transmitter portion of an RKE system, and FIG. 5 is a flow chart showing a preferred method of receiver side authentication in an RKE system. Note that these flow charts are essentially encoded into each of the Motorola MC68HC05 microcontrollers of the controllers 301 and 307 respectively.
Commencing with FIG. 4, the Motorola MC68HC05 microcontroller, of the transmit controller 301 embedded within the RKE transmitter device 100, invokes a transmitter-side portion of the preferred method.
In step 403 the microcontroller determines whether or not a command switch, has been activated. If a command switch has been activated, then, in step 405 a switch command code identifying the particular command switch activated is generated. Next, in step 407 a symbolic value of a challenge count is changed, and a symbolically-changed challenge count is provided in response to the generation of the switch command code resulting from the command switch activation. In a simple case, the challenge count is essentially a binary counter maintained within a register of the microcontroller. In this example the symbolic value is simply the arithmetic value of the counter. So, if at a particular moment the arithmetic value of the counter is 345, and a command switch is activated, the counter is incremented by one, and therefore the symbolically-changed challenge count is now 346. Of course, other symbolic representations and/or incremental values can be used. In step 409 the microcontroller generates a random number.
Then, in step 411 the switch command code, the symbolically-changed challenge count, and the random number are encoded into an authentication symbol using an encoding process. Optionally, for more security, a unit ID, stored in the microcontroller's EEPROM can also be included in the data that is encoded. The encoding process is effected using a secret key also stored in the microcontroller's EEPROM. The encoding process can take the form of any process that predictably alters the essential form of the raw data. Preferably, this encoding process is an encryption process, but can also take the form of a filtering, whitening, or other data-altering process.
Next, in step 413 a data packet is formed and includes the unit ID, the random number, the symbolically-changed challenge count, the switch command code, and the authentication symbol. Preferably, a CRC (or MAC) symbol is computed based on the symbolic values of the unit ID, the random number, the symbolically-changed challenge count, the switch command code, and the authentication symbol and is then included forming an assembled data packet to be transmitted.
Then, in step 415, the assembled data packet is transmitted by the transmitter 131. Essentially, the method described in FIG. 4, executed on the microcontroller embedded within the transmit controller 301 of the RKE transmitter device 100 emulates the system block diagram introduced in FIG. 1. Next, FIG. 5 will be described. A receiver-side portion of the preferred method commences at a start step 501. Next, in step 503, the assembled data packet transmitted by the transmitter 131 is received by the receiver 202 and passed to the microcontroller 307. As indicated earlier in FIG. 2, the CRC symbol 127 is checked for validity. If valid, in step 505 the unit ID, the random number, the symbolically-changed challenge count, and the switch command code are extracted from the data packet and are encoded in step 507 based on the receiver-side secret key to form a receive-side derived authentication symbol 211.
Next, in accordance with the system block diagram in FIG. 2, in step 509 a test is made to see whether or not the received authentication symbol 121, and the receive-side derived authentication symbol 211 match. This could be an exact symbolic match, or a symbolic match within some pre-agreed-to bounds. Authentication can be indicated at this time. To make the method more robust another step 511 can be added.
For instance, if the symbols match, then in step 511 the symbolically-changed challenge count received in the step of receiving is compared to an a priori determined base challenge count. If the symbolically-changed challenge count is different (in a pre-agreed-to way - like one symbolic count larger, or smaller), then authentication can be indicated. If authentication is indicated, then the a priori determined base challenge count can be updated based on the symbolically-changed challenge count received in the step of receiving 503.
Optionally, as described in FIG. 2 a match of unit IDs can also be used in the authentication process. Once authentication is indicated in step 511, in step 513, the command, indicated by the switch command code received in the step of receiving 503, is executed by having the microcontroller 307 control the actuator drive 305 which in turn unlocks a vehicle door or whatever the command is programmed to do.
Although the RKE control system 200 described here relies on one unit ID, one could easily use several unit IDs. In this case, each ID would be associated with a different secret key.
In conclusion the improved approach to authentication for RKE systems that is more secure than prior implementations. Novel improvements include an authentication approach that is secure because of transmission of a non-repeating code. Moreover, with the addition of the random number, the system and method will decrease the predictability and increase the complexity of the transmission and reception process which significantly improves the security of this approach over prior art schemes.
What is claimed is:

Claims

Claims
1. An authentication method comprising the steps of: changing a symbolic value of a challenge count and providing a symbolically-changed challenge count responsive thereto; providing a unique secret key; encoding the symbolically-changed challenge count into an authentication symbol using an encoding process dependent on the unique secret key; transmitting the symbolically-changed challenge count and the authentication symbol; receiving the symbolically-changed challenge count and the authentication symbol; encoding the symbolically-changed challenge count received in the step of receiving using the encoding process dependent on the unique secret key, and forming a receive-side derived authentication symbol therefrom; and indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol match.
2. A method in accordance with claim 1 wherein the step of indicating comprises a step of: indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol have a symbolically equivalent symbolic value.
3. A method in accordance with claim 1 wherein the step of changing a symbolic value of a challenge count comprises a step of: increasing a symbolic value of the challenge count and providing a symbolically-changed challenge count.
4. A method in accordance with claim 1 wherein the step of changing a symbolic value of a challenge count comprises a step of: decreasing a symbolic value of the challenge count and providing a symbolically-changed challenge count.
5. A method in accordance with claim 1 wherein the step of indicating comprises a step of: indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol have a symbolically equivalent symbolic value, and the symbolic value of the symbolically-changed challenge count received in the step of receiving, has a symbolic value bounded within a predetermined proximity of an a priori determined base challenge count.
6. A method in accordance with claim 5 further comprising a step of: replacing the a priori determined base challenge count with the symbolically-changed challenge count received in the step of receiving, responsive to the step of indicating authentication.
7. A method in accordance with claim 5 wherein the predetermined proximity is defined as greater than the symbolic value of the a priori determined base challenge count, and less than five symbolic values greater than the symbolic value of the a priori determined base challenge count.
8. An authentication method comprising the steps of: changing a symbolic value of a challenge count and providing a symbolically-changed challenge count responsive thereto; generating a random number; encoding the symbolically-changed challenge count and the random number into an authentication symbol using an encoding process; forming a data packet comprising the symbolically-changed challenge count, the random number, and the authentication symbol; transmitting the data packet; receiving the data packet; extracting the symbolically-changed challenge count, and the random number, received in the step of receiving the data packet; encoding the symbolically-changed challenge count and the random number, both extracted in the step of extracting, using the encoding process, and forming a receive-side derived authentication symbol therefrom; and indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol match.
9. A method in accordance with claim 8 wherein the step of indicating comprises a step of: indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol have a symbolically equivalent symbolic value.
10. A method in accordance with claim 9 wherein the step of changing a symbolic value of a challenge count comprises a step of: increasing a symbolic value of the challenge count and providing a symbolically-changed challenge count.
11. A method in accordance with claim 8 wherein the step of changing a symbolic value of a challenge count comprises a step of: decreasing a symbolic value of the challenge count and providing a symbolically-changed challenge count.
12. A method in accordance with claim 9 wherein the step of indicating comprises a step of: indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol have a symbolically equivalent symbolic value, and the symbolic value of the symbolically-changed challenge count received in the step of receiving, has a symbolic value bounded within a predetermined proximity of an a priori determined base challenge count.
13. A method in accordance with claim 12 further comprising a step of: replacing the a priori determined base challenge count with the symbolically-changed challenge count received in the step of receiving, responsive to the step of indicating authentication.
14. A method in accordance with claim 8 further comprising the step of: activating a command switch, and generating a command code responsive thereto; and wherein the step of changing a symbolic value of a challenge count comprises a step of changing a symbolic value of a challenge count responsive to the step of generating a command code, and wherein the step of forming a data packet comprises a step of forming a data packet comprising the symbolically-changed challenge count, the authentication symbol, and the command code.
15. A method in accordance with claim 8 further comprising the step of: providing a unique secret key; and wherein the step of encoding the symbolically-changed challenge count into the authentication symbol comprises encoding the symbolically-changed challenge count into an authentication symbol using an encoding process dependent on the unique secret key, and the step of encoding the symbolically-changed challenge count received in the step of receiving comprises encoding the symbolically-changed challenge count received in the step of receiving using the encoding process dependent on the unique secret key, and forming the receive- side derived authentication symbol therefrom.
16. An authentication method for a secure remote keyless entry system comprising the steps of: activating a command switch, and generating a command code responsive thereto; changing a symbolic value of a challenge count and providing a symbolically-changed challenge count in response to the generation of the command code resulting from the step of activating; generating a random number; providing a unique secret key; encoding the symbolically-changed challenge count, the command code, and the random number into an authentication symbol using an encoding process dependent on the unique secret key; forming a data packet comprising the random number, the command code, the symbolically-changed challenge count, and the authentication symbol; transmitting the data packet; receiving the data packet; encoding the symbolically-changed challenge count, the command code, and the random number, received in the step of receiving, using the encoding process dependent on the unique secret key, and forming a receive-side derived authentication symbol therefrom; and indicating authentication when the authentication symbol received in the step of receiving, and the receive-side derived authentication symbol have a symbolically equivalent symbolic value, and the symbolic value of the symbolically-changed challenge count received in the step of receiving, has a symbolic value larger than an a priori determined base challenge count.
17. A portable transmission device comprising: a command switch for generating a command code responsive to activation thereof; a symbolic counter, operatively coupled to the command switch, the counter for changing a symbolic value of a challenge count and providing a symbolically-changed challenge count responsive to the activation of the command switch; a random number generator for generating a random number; an encoder, coupled to the symbolic counter, the encoder providing an authentication symbol dependent on the symbolically- changed challenge count provided by the symbolic counter and the random number; a device for joining the command code, the symbolically-changed challenge count, the random number, and the authentication symbol into a data message; a transmitter for transmitting the data message; a receiver, for receiving the transmitted data message; another encoder, coupled to the receiver, the encoder for encoding the symbolically-changed challenge count, and the random number received by the receiver, and forming a receive-side derived authentication symbol therefrom; and a device for indicating authentication when the authentication symbol received by the receiver, and the receive-side derived authentication symbol have a symbolically equivalent value, and the symbolic value of the symbolically-changed challenge count received by the receiver, has a symbolic value larger than an a priori determined base challenge count.
PCT/US1997/018814 1996-11-29 1997-10-15 Authentication system and method for a remote keyless entry system WO1998026534A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP97912769A EP0885502A4 (en) 1996-11-29 1997-10-15 Authentication system and method for a remote keyless entry system
JP10526637A JP2000506947A (en) 1996-11-29 1997-10-15 Authentication system and method for remote keyless entry system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US75853096A 1996-11-29 1996-11-29
US08/758,530 1996-11-29

Publications (1)

Publication Number Publication Date
WO1998026534A1 true WO1998026534A1 (en) 1998-06-18

Family

ID=25052070

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1997/018814 WO1998026534A1 (en) 1996-11-29 1997-10-15 Authentication system and method for a remote keyless entry system

Country Status (3)

Country Link
EP (1) EP0885502A4 (en)
JP (1) JP2000506947A (en)
WO (1) WO1998026534A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0998095A2 (en) * 1998-07-31 2000-05-03 Lucent Technologies Inc. Method for two party authentication and key agreement
FR2842053A1 (en) * 2002-07-04 2004-01-09 Siemens Ag PROCESS FOR THE AUTHENTICATION OF A FIRST OBJECT TO AT LEAST ONE OTHER OBJECT, IN PARTICULAR OF A VEHICLE IN RELATION TO AT LEAST ONE KEY.
JP2012044675A (en) * 1999-09-30 2012-03-01 Qualcomm Inc Method and apparatus for encrypting transmissions in communication system
CN102951115A (en) * 2011-08-09 2013-03-06 通用汽车环球科技运作有限责任公司 Systems and methods for interference reduction during keyless ignition authentication
JP2014116985A (en) * 1998-07-14 2014-06-26 United Video Properties Inc Client-server based interactive television program guide system with remote server recording

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102010011022A1 (en) * 2010-03-11 2012-02-16 Siemens Aktiengesellschaft Method for secure unidirectional transmission of signals
JP6295961B2 (en) * 2012-11-13 2018-03-20 日本電気株式会社 Message authentication system and message authentication method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5144667A (en) * 1990-12-20 1992-09-01 Delco Electronics Corporation Method of secure remote access
US5191610A (en) * 1992-02-28 1993-03-02 United Technologies Automotive, Inc. Remote operating system having secure communication of encoded messages and automatic re-synchronization
US5420925A (en) * 1994-03-03 1995-05-30 Lectron Products, Inc. Rolling code encryption process for remote keyless entry system
US5619573A (en) * 1994-04-01 1997-04-08 Mercedes-Benz Ag Vehicle security device with electronic use authorization coding
US5708712A (en) * 1994-04-01 1998-01-13 Mercedes-Benz Ag Vehicle security device with electronic use authorization coding

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0719369B1 (en) * 1993-09-13 1998-12-09 Rockwell International Corporation Apparatus for remote implementation of a command
JPH07226979A (en) * 1994-02-10 1995-08-22 Alpha Corp Remote controller
DE4416705C1 (en) * 1994-05-11 1995-04-27 Siemens Ag Electronic security device and method for operating it
US5506905A (en) * 1994-06-10 1996-04-09 Delco Electronics Corp. Authentication method for keyless entry system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5144667A (en) * 1990-12-20 1992-09-01 Delco Electronics Corporation Method of secure remote access
US5191610A (en) * 1992-02-28 1993-03-02 United Technologies Automotive, Inc. Remote operating system having secure communication of encoded messages and automatic re-synchronization
US5420925A (en) * 1994-03-03 1995-05-30 Lectron Products, Inc. Rolling code encryption process for remote keyless entry system
US5619573A (en) * 1994-04-01 1997-04-08 Mercedes-Benz Ag Vehicle security device with electronic use authorization coding
US5708712A (en) * 1994-04-01 1998-01-13 Mercedes-Benz Ag Vehicle security device with electronic use authorization coding

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP0885502A4 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014116985A (en) * 1998-07-14 2014-06-26 United Video Properties Inc Client-server based interactive television program guide system with remote server recording
EP0998095A2 (en) * 1998-07-31 2000-05-03 Lucent Technologies Inc. Method for two party authentication and key agreement
EP0998095A3 (en) * 1998-07-31 2001-02-07 Lucent Technologies Inc. Method for two party authentication and key agreement
US6918035B1 (en) 1998-07-31 2005-07-12 Lucent Technologies Inc. Method for two-party authentication and key agreement
JP2012044675A (en) * 1999-09-30 2012-03-01 Qualcomm Inc Method and apparatus for encrypting transmissions in communication system
US8787578B2 (en) 1999-09-30 2014-07-22 Qualcomm Incorporated Method and apparatus for encrypting transmissions in a communication system
FR2842053A1 (en) * 2002-07-04 2004-01-09 Siemens Ag PROCESS FOR THE AUTHENTICATION OF A FIRST OBJECT TO AT LEAST ONE OTHER OBJECT, IN PARTICULAR OF A VEHICLE IN RELATION TO AT LEAST ONE KEY.
CN102951115A (en) * 2011-08-09 2013-03-06 通用汽车环球科技运作有限责任公司 Systems and methods for interference reduction during keyless ignition authentication
US8930087B2 (en) 2011-08-09 2015-01-06 GM Global Technology Operations LLC Systems and methods for interference reduction during keyless ignition authentication

Also Published As

Publication number Publication date
EP0885502A4 (en) 2000-11-08
EP0885502A1 (en) 1998-12-23
JP2000506947A (en) 2000-06-06

Similar Documents

Publication Publication Date Title
Garcia et al. Lock it and still lose it—on the ({In) Security} of automotive remote keyless entry systems
KR100503492B1 (en) Code signal transmitter, especially for an anti-theft system in a motor vehicle
US8174357B2 (en) System and method for training a transmitter to control a remote control system
AU710682B2 (en) Rolling code security system
JP4190152B2 (en) User-independent automatic resynchronization of keyless entry system
US6980655B2 (en) Rolling code security system
US4758835A (en) System for the locking and/or unlocking of a security device
US5506905A (en) Authentication method for keyless entry system
JP2673941B2 (en) Vehicle security device with usage rights electronically encoded
US6130622A (en) System and method for remote convenience function control having a rekey security feature
US5905445A (en) Keyless entry system with fast program mode
US20040066936A1 (en) Rolling code security system
US5940002A (en) Security system with random number remote communication
US5978483A (en) Securely encrypted remote keyless entry system
JP2000516313A (en) Improved secure self-learning system
JP4594227B2 (en) Equipment control system
CN107276748A (en) A kind of keyless entry of automobile and the key derivation process of activation system
US5631962A (en) Circuit and method of encrypting key validation
EP0885502A1 (en) Authentication system and method for a remote keyless entry system
JPH07226979A (en) Remote controller
CA2443452C (en) Rolling code security system
US6834179B2 (en) Method for operating an access control system, in particular for a motor vehicle, and access control system
US6850146B2 (en) Device for controlling a security device
JPH1030367A (en) Identification signal checking device and identification signal checking method
EP0887497B1 (en) RF based theft deterrent system and method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

WWE Wipo information: entry into national phase

Ref document number: 1997912769

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWP Wipo information: published in national office

Ref document number: 1997912769

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1997912769

Country of ref document: EP