JP5219279B2 - Mobile communication device, roadside communication device, communication system including these devices, communication method between these devices, and information collecting method - Google Patents

Description

  The present invention relates to a mobile-side communication device, a road-side communication device, a communication system including these devices, a communication method between these devices, and an information collecting method, and more specifically, between a mobile-side communication device and a road-side communication device. Concerning secret communication between.

As a conventional technique in a wireless communication system, a technique for ensuring the confidentiality of a user is known (for example, see Patent Document 1). In Patent Document 1, (a) a step of generating a temporary address set in a wireless connection node using a MAC address of each wireless terminal and transmitting the temporary address set to the corresponding wireless terminal; and (b) selected from the temporary address set. And transmitting data packets between each wireless terminal and the wireless connection node using a temporary address as a source address or a destination address.
Japanese Patent Laid-Open No. 2004-40806

  However, in the above-described conventional technology, when the wireless terminal is first connected to the wireless connection node, the wireless terminal needs to transmit a connection request message having its own MAC address as a source address to the wireless connection node. If the MAC address is intercepted, the confidentiality of the user cannot be ensured.

  Therefore, the present invention provides a mobile communication device, a road communication device, a communication system including these devices, and a communication method between these devices, with improved confidentiality of communication between the mobile communication device and the road communication device. The purpose is to provide an information collection method.

In order to achieve the above object, a mobile communication device according to a first invention is:
A mobile communication device that transmits and receives data to and from a road communication device,
Receiving means for receiving identification information of the roadside communication device itself or its constituent devices;
Generating means for generating indefinite source information to be given to data to be transmitted to the roadside communication device;
Encryption means for encrypting data required for generation of the transmission source information using identification information received by the reception means;
Transmission means for transmitting data to which the indefinite transmission source information generated by the generation means is added and encrypted by the encryption means to the roadside communication device.

A roadside communication device according to a second invention is
A roadside communication device that transmits and receives data to and from a mobile communication device,
Transmitting means for transmitting identification information of the roadside communication device itself or its constituent devices to the mobile side communication device;
Receiving means for receiving transmission data from the mobile communication device to which indefinite source information is assigned, and
The receiving means receives data that is necessary for generating the indefinite source information and is encrypted using the identification information.

A communication system according to a third invention is
The transmission source information given to the transmission data from the mobile communication device to the road communication device is periodically generated, and the data required for the generation of the transmission source information is the road communication device itself or its data It is encrypted using the identification information of the component device and transmitted as the transmission data.

A communication method according to a fourth invention is:
A communication method between a mobile communication device and a road communication device,
A generation step of periodically generating transmission source information to be given to transmission data from the mobile communication device to the road communication device;
An encryption step of encrypting data required for generating the transmission source information using identification information of the roadside communication device itself or its component device transmitted from the roadside communication device;
An adding step of adding the generated transmission source information to the transmission data including the encrypted data.

The information collecting method according to the fifth invention is:
An information collection method for collecting information from a mobile communication device via a road communication device,
A transmission step of transmitting identification information of the roadside communication device or the component device; and
A reception step of receiving transmission data from the mobile communication device to which indefinite transmission source information is assigned,
The receiving step includes
A first reception step of receiving, as the transmission data, a session key and data required for generating the indefinite transmission source information encrypted using the identification information;
And a second reception step of receiving data encrypted using the session key as the transmission data.

  ADVANTAGE OF THE INVENTION According to this invention, the secrecy of communication between a mobile body side communication apparatus and a roadside communication apparatus can be improved.

  The best mode for carrying out the present invention will be described below with reference to the drawings. FIG. 1 is a schematic configuration diagram of a road-vehicle communication system which is an embodiment of a communication system according to the present invention. The road-to-vehicle communication system performs communication between a mobile communication device (on-vehicle device 10) mounted on a mobile vehicle and a road communication device (road device 20) provided at base stations scattered on the road side. It is a system to do. The road-to-vehicle communication system is based on information transmitted or received by transmitting information acquired or possessed by the roadside device 20 to the vehicle-mounted device 10 or transmitting information acquired or possessed by the vehicle-mounted device 10 to the roadside device 20. This makes it possible to perform various controls such as cooperative control.

  The road-to-vehicle communication system uses, for example, a beacon such as a radio wave beacon or an optical beacon to provide the same information (for example, whether there are stopped vehicles, low-speed vehicles, pedestrians, road surfaces, etc.) Status, road shape information, traffic jam information, and signal information), or individual communication that provides information to individual vehicles. Specifically, the roadside device 20 transmits traffic information such as signal information of the traffic signal to the in-vehicle device 10 to cause the vehicle to perform a braking operation, or the signal at the intersection in the traveling direction is a red signal to the driver. It will be possible to inform you that there is. In addition, a server 30 (for example, installed in a facility such as a dealer or an information management center) connected to the roadside device 20 via a wired or wireless communication network 40 is provided with positional information and probes of each vehicle via the in-vehicle device 10. By collecting the vehicle information from the roadside machine 20 that has acquired the vehicle information such as information, it is possible to grasp the situation of each vehicle such as the location on the server 30 side. Based on the collected information, the server 30 can generate information to be provided such as traffic jam information, and can transmit the provided information to each vehicle including the in-vehicle device 10 via the roadside device 20. It becomes like this.

  For example, Ethernet (registered trademark) is used as a communication standard for a road-vehicle communication system. FIG. 2 is a diagram showing an Ethernet frame structure. The Ethernet frame has a 64-bit preamble for recognizing the start of frame transmission and synchronizing, a 6-byte destination address field dst for storing a destination MAC address (Media Access Control address) as a destination address, A 6-byte source address field src for storing the source MAC address as a source address, a 2-byte type field for setting the Ethernet type, a data field capable of storing a data payload from 46 bytes to 1500 bytes, And a 4-byte FCS field for setting a CRC value for detecting a frame error.

  However, in an application in which a communication device mounted on a mobile body such as the vehicle-mounted device 10 provides vehicle information such as position information to a base station such as the roadside device 20, the vehicle-mounted device 10 or a component of the vehicle-mounted device 10 (hereinafter, referred to as a component) When communication is performed using its own identification information (ID) such as the MAC address assigned to the Ethernet interface section of “vehicle equipment 10” collectively, the data stored in the data field is concealed by encryption. Even if the ID is not concealed, there is a risk that the behavior of the moving body may be captured by a third party due to the interception of the ID, and privacy infringement may occur. In particular, even if the data stored in the data field is concealed, the MAC address is not concealed.

  Therefore, in the road-to-vehicle communication system according to the present embodiment, the transmission data of the vehicle-mounted device 10 is transmitted periodically (for example, in units of packets transmitted from the vehicle-mounted device 10 to the roadside device 20, for example, at predetermined time intervals). The MAC address given as information indicating the original is disposable, and the data payload is encrypted with the identification information of the roadside device obtained based on the unique MAC address of the roadside device 20. That is, the MAC address of the in-vehicle device 10 is left undefined.

  Here, “encrypt with identification information” means ID-based encryption. In this ID-based encryption, the receiver obtains in advance a secret key corresponding to his / her ID from a third party, and the sender encrypts and receives the message based on the third party's public key and the receiver's ID. Is a general term for a method of decrypting an encrypted message using the secret key.

  In FIG. 2, a unique code (vendor code) for each vendor managed by IEEE is assigned to the upper 24 bits of the MAC address, and each vendor can arbitrarily set the remaining lower 24 bits. Therefore, in the roadside communication system of the present embodiment, when the MAC address of the roadside device 20 is assigned to the destination address field dst and the source address field src, the serial number assigned to each roadside device 20 in the lower 24 bits. Set an individual number such as. Thereby, the roadside machine 20 as a transmission source or a transmission destination can be specified. On the other hand, when assigning the MAC address of the vehicle-mounted device 10 to the destination address field dst or the source address field src, a random number is set in the lower 24 bits. Accordingly, it is possible to conceal the inherent MAC address and make it difficult to capture the behavior of the in-vehicle device 10 as a transmission source or a transmission destination.

  FIG. 3 is a diagram for explaining a data transmission / reception procedure between the in-vehicle device 10 and the roadside device 20.

Procedure (1):
The roadside device sets its own MAC address in src, and sets all the “1” in dst to make it a broadcast address, so that each in-vehicle device that can receive the Ethernet frame has its own MAC address. introduce.

Procedure (2):
Each in-vehicle device that has received the MAC address of the road-side device from the road-side device acquires identification information (hereinafter referred to as “road-side device ID”) regarding the road-side device in accordance with a predetermined rule common to each in-vehicle device. For example, a 512-bit roadside device ID related to the roadside device is acquired by adding a 488-bit specified value to the MAC address. The roadside machine ID may be expanded or shortened to an arbitrary number of bits (for example, expanded to 1024 bits) according to the required confidentiality.

Procedure (3):
When the in-vehicle device transmits vehicle information to the roadside device, a disposable MAC address An is generated by a random number generator provided in the in-vehicle device. The random number generator includes a random number generation function func, and generates a 24-bit random number by substituting reference data random_seed for generating a random number into the random number generation function func. Based on this random number, the lower 24 bits of the in-vehicle device disposable MAC address An are determined. As described above, the upper 24 bits of the disposable MAC address An are unique values.

The disposable MAC address An is updated, for example, for each packet transmitted from the in-vehicle device to the roadside device (A1: first transmission packet, A2: second transmission packet, and so on). Therefore, the following recurrence formula An + 1 = func (An) (n is an integer equal to or greater than 1) (1)
A1 = random_seed (2)
Can be expressed as

Procedure (4):
The in-vehicle device that has received the broadcast packet from the roadside device,
src = A1
dst = Roadside MAC address (acquired in step (1))
Payload = {continuation identifier p1 + session key and reference data random_seed}
A packet set to be encrypted with the roadside machine ID is transmitted to the roadside machine. The in-vehicle device generates a session key and reference data random_seed based on, for example, random numbers. Here, the continuation identifier p1 indicates the first transmission packet.

Step (5):
The in-vehicle device that has transmitted the first transmission packet sets the continuation identifier to p2 when the transmission data ends with one packet, sets it to p3 when continuously transmitting multiple packets, and the case of the last transmission packet Set to p2,
src = An (updated according to equations (1) and (2) when multiple packets are consecutive)
dst = Roadside machine MAC address Payload = {Continuation identifier p2 or p3, n, data to be transmitted by upper protocol}
A packet set to be encrypted with the session key is transmitted to the roadside device. n indicates the number of transmissions. Further, the data desired to be transmitted by the higher level protocol is, for example, the above vehicle information.

Procedure (6):
The roadside device that has received the indefinite disposable MAC address An as the source address can acquire the vehicle information of each vehicle by decrypting the encrypted data using the secret key. Also, the session key and the reference data random_seed can be obtained by decrypting the encrypted data using the secret key. And the roadside machine
src = own roadside device MAC address dst = An (updated according to equations (1) and (2) when multiple packets are consecutive)
Payload = {Continuation identifier + Data to be transmitted by upper protocol}
A packet set to be encrypted with the session key is returned to the in-vehicle device. Since the roadside machine has the same random number generator as the vehicle-mounted device, the disposable MAC address An of the vehicle-mounted device that has transmitted the data can be generated based on the reference data random_seed acquired by decoding (procedure) (See (3)). Further, the continuation identifier included in the payload transmitted by the roadside device is the same as the above-described continuation identifier included in the payload transmitted by the in-vehicle device. Further, the data to be transmitted by the higher level protocol included in the payload transmitted by the roadside device is information that the roadside device should provide to the in-vehicle device and information that should be instructed, and is not particularly limited. Further, the roadside device transmits information obtained from each vehicle to the server 30 and transmits information to be provided to the vehicle-mounted device and information to be instructed based on the information from the server 30 that has received the information. Good.

  The vehicle-mounted device that has received a response from the roadside device can decrypt the data by decrypting the data encrypted with the session key of the roadside device with the session key of the vehicle-mounted device.

  As described above, according to the above-described embodiment, communication between the roadside device and the vehicle-mounted device can be performed while ensuring the confidentiality of the MAC address of the vehicle-mounted device. In addition, according to the above-described embodiment, the present invention can be applied to a system that has already been made based on IP / Ethernet by simply changing the Ethernet driver and below while maintaining a format compatible with standard Ethernet frames. It becomes possible. In other words, the secrecy of communication can be ensured while maintaining the reliability of Ethernet and reducing the number of design steps.

  The preferred embodiments of the present invention have been described in detail above. However, the present invention is not limited to the above-described embodiments, and various modifications and substitutions can be made to the above-described embodiments without departing from the scope of the present invention. Can be added.

  For example, although the road-to-vehicle communication system has been described as an example of the embodiment of the present invention, the embodiment of the present invention is not limited to this system. For example, in the application system in which a mobile terminal is considered a pedestrian and a portable terminal possessed by the pedestrian is regarded as an in-vehicle device, the portable terminal provides personal information such as pedestrian location information to the base station. Can be applied as well.

It is a schematic block diagram of the road-vehicle communication system which is one Embodiment of the communication system which concerns on this invention. It is the figure which showed the frame structure of Ethernet. It is a figure for demonstrating the transmission / reception procedure of the data between the vehicle equipment 10 and the roadside machine 20. FIG.

10 in-vehicle device 20 roadside device 30 server 40 communication network

Claims (17)

A mobile communication device that transmits and receives data to and from a road communication device,
Receiving means for receiving identification information of the roadside communication device itself or its constituent devices;
Generating means for generating indefinite source information to be given to data to be transmitted to the roadside communication device;
Encryption means for encrypting data required for generation of the transmission source information using identification information received by the reception means;
Transmitting means for transmitting data encrypted by the encryption means to the roadside communication device, to which the indefinite source information generated by the generation means is attached, Mobile communication device.   The mobile unit communication apparatus according to claim 1, wherein the generation unit generates the transmission source information based on a random number.   The mobile communication device according to claim 2, wherein the generation unit generates lower 24 bits of a source address field in an Ethernet frame constituting transmission data of the transmission unit based on a random number. A roadside communication device that transmits and receives data to and from a mobile communication device,
Transmitting means for transmitting identification information of the roadside communication device itself or its constituent devices to the mobile side communication device;
Receiving means for receiving transmission data from the mobile communication device to which indefinite source information is assigned, and
The roadside communication apparatus, wherein the receiving means receives data that is necessary for generating the indefinite source information and is encrypted using the identification information.   The roadside communication apparatus according to claim 4, wherein data is transmitted using the indefinite source information as a destination address.   The roadside communication device according to claim 5, wherein the destination address is stored in a destination address field in an Ethernet frame.   The roadside communication apparatus according to any one of claims 4 to 6, further comprising a transmission unit configured to transmit information obtained based on transmission data from the mobile body side communication apparatus to a server. A communication system comprising a mobile communication device and a road communication device,
The transmission source information given to the transmission data from the mobile communication device to the road communication device is periodically generated, and the data required for the generation of the transmission source information is the road communication device itself or its data A communication system that is encrypted using identification information of a component device and is transmitted as the transmission data.   The communication system according to claim 8, wherein the transmission source information is generated based on a random number.   The communication system according to claim 9, wherein lower 24 bits of a source address field in an Ethernet frame constituting the transmission data are generated based on a random number.   The communication system according to any one of claims 8 to 10, comprising a server that collects information obtained based on the transmission data via the roadside communication device. A communication method between a mobile communication device and a road communication device,
A generation step of periodically generating transmission source information to be given to transmission data from the mobile communication device to the road communication device;
An encryption step of encrypting data required for generating the transmission source information using identification information of the roadside communication device itself or its component device transmitted from the roadside communication device;
And a granting step of granting the generated transmission source information to the transmission data including the encrypted data.   The communication method according to claim 12, wherein in the generation step, the transmission source information is generated based on a random number.   The communication method according to claim 13, wherein in the generation step, lower 24 bits of a source address field in an Ethernet frame constituting the transmission data are generated based on a random number. An information collection method for collecting information from a mobile communication device via a road communication device,
A transmission step of transmitting identification information of the roadside communication device or the component device; and
A reception step of receiving transmission data from the mobile communication device to which indefinite transmission source information is assigned,
The receiving step includes
A first reception step of receiving, as the transmission data, a session key and data required for generating the indefinite transmission source information encrypted using the identification information;
And a second reception step of receiving data encrypted using the session key as the transmission data.   The information collection method according to claim 15, wherein the indefinite source information is generated based on a random number.   The information collecting method according to claim 16, wherein the lower 24 bits of a source address field in an Ethernet frame constituting the transmission data are generated based on a random number.