JP2020074627A - Wireless communication system - Google Patents

Abstract

To provide a wireless communication system capable of improving a security level even while suppressing the number of bits of a wireless signal that is transmitted from portable equipment.SOLUTION: A wireless communication system comprises a vehicle ECU 23 for executing control of a door lock mechanism 21 of a vehicle 20 based on a collation signal Sv (regular signal) that is transmitted from portable equipment 10 to the vehicle 20. The vehicle ECU 23 then shifts to a guard state (guard flag set state) based on a judgement that an irregular wireless signal which is not transmitted from regular portable equipment 10, is received by the vehicle 20. In the guard state, the control of the door lock mechanism 21 is executed on a condition that processing from reception of a wireless signal to collation establishment of the wireless signal is performed multiple times.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a wireless communication system that executes control on the vehicle side based on a wireless signal from a portable device to the vehicle, for example.

  2. Description of the Related Art Conventionally, as one of wireless communication systems in vehicles, a so-called remote keyless entry system (RKE system) is known in which, for example, a vehicle door can be locked or unlocked by operating a switch provided in a portable device. ..

  As an example of the RKE system, for example, in the one disclosed in Patent Document 1, the wireless signal (key signal) transmitted by the switch operation of the portable device includes a rolling code that changes each time the switch operation of the portable device is performed. When the matching of the key signal including the rolling code is established on the vehicle side, the control for locking or unlocking the vehicle door is executed. Thus, after the vehicle side control (for example, unlocking of the vehicle door) is executed by the key signal transmitted from the portable device, even if the key signal is intercepted by a third party, the interception is performed. The key signal prevents the vehicle door from being unlocked.

JP, 2007-224663, A

  In the wireless communication system as described above, the key signal transmitted from the legitimate portable device includes the rolling code, but if, for example, a third party transmits an unauthorized wireless signal by brute force, the unauthorized wireless signal May accidentally match the key signal from the legitimate portable device, and the vehicle door may be unlocked. As a countermeasure, it is possible to increase the number of bits of the key signal to reduce the probability that an unauthorized wireless signal from a third party matches the key signal, but if the number of bits increases, the memory pressure and processing time increase. Problems such as occur.

  The present invention has been made to solve the above problems, and an object thereof is to provide a wireless communication system capable of improving the security level while suppressing the number of bits of a wireless signal transmitted from a portable device. To do.

  A wireless communication system for solving the above-mentioned problems is a wireless communication system including a control unit that controls a device mounted on the communication master based on a wireless signal transmitted from a portable device to a communication master. Shifts to the alert state based on the determination that the communication master has received an unauthorized wireless signal that is not transmitted from a legitimate portable device, and in the alert state, from the reception of the wireless signal to the wireless signal The control of the on-board device is executed on condition that the process until the verification is established is performed plural times.

  According to this configuration, for example, when a third party transmits an unauthorized wireless signal in a brute force manner, the control means on the communication master side shifts to a caution state. Then, in the alert state of the control means, in order to execute the control on the communication master side, collation of an illegal wireless signal transmitted from a third party in a brute force is established a plurality of times (a wireless signal from an authorized portable device (hereinafter, It is required to match)). Therefore, it is possible to reduce the probability that control on the communication master side is executed by an unauthorized wireless signal from a third party. In this way, the security level can be improved without increasing the number of bits of the wireless signal transmitted from the portable device.

  In the wireless communication system, the wireless signal transmitted from the portable device is an encrypted code, and an encrypted code that changes each time the portable device generates the wireless signal, and is not encrypted. It is preferable that the unauthorized wireless signal includes a non-encryption code and the unauthorized wireless signal includes the non-encryption code and does not include the encryption code.

  According to this configuration, when a third party intercepts a legitimate signal and transmits an unauthorized wireless signal including a non-encrypted code of the authorized signal while changing the encrypted code portion in a brute force manner, the unauthorized wireless signal On the side of the communication master that has received the message, the control means shifts to a warning state. In other words, when the received wireless signal includes the non-encrypted code of the regular signal and does not include the encrypted code, the wireless signal is likely to be a signal from a malicious third party. Therefore, the control means can be moved to the alert state more effectively.

  In the wireless communication system, it is preferable that the encryption code is a rolling code in which data including a counter value that is incremented each time a wireless signal is generated by the portable device is encrypted.

With this configuration, the rolling code included in the regular signal can be changed every time the regular signal is generated by the portable device.
In the wireless communication system, it is preferable that the non-encrypted code includes an ID code for individual identification of the portable device.

  According to this configuration, since the ID code included in the regular signal is a non-encrypted code, it is possible to contribute to speeding up the signal matching process.

  According to the wireless communication system of the present invention, it is possible to improve the security level while suppressing the number of bits of the wireless signal transmitted from the portable device.

1 is a block diagram showing a schematic configuration of a wireless communication system according to an embodiment. The flowchart which shows the process by the vehicle ECU of the same form. The flowchart which shows the process by the vehicle ECU of the same form. The flowchart which shows the process by the vehicle ECU of another example.

An embodiment of the wireless communication system will be described below.
As shown in FIG. 1, in the wireless communication system of the present embodiment, the vehicle is operated based on an operation (for example, a pressing operation) of the lock switch 11 or the unlock switch 12 of the portable device 10 (remote key) at a peripheral position of the vehicle 20. A door lock mechanism 21 provided on 20 doors (not shown) locks or unlocks the doors. In this embodiment, the vehicle 20 corresponds to the communication master.

  The mobile device 10 includes the lock switch 11 and the unlock switch 12, the mobile device ECU 13, and a transmission device 14 for transmitting the verification signal Sv (wireless signal). Based on the operation of the lock switch 11 or the unlock switch 12, the portable device ECU 13 centrally controls the generation of the verification signal Sv and the transmission of the verification signal Sv through the transmission device 14.

  On the other hand, the vehicle 20 is provided with a receiving device 22 for receiving the verification signal Sv transmitted from the portable device 10, a vehicle ECU 23, and the door lock mechanism 21 drive-controlled by the vehicle ECU 23. The verification signal Sv received via the receiving device 22 is input to the vehicle ECU 23. Then, the vehicle ECU 23 locks or unlocks the door through the door lock mechanism 21 based on the input verification signal Sv.

Next, the verification signal Sv generated and transmitted by the portable device ECU 13 based on the operation of the lock switch 11 or the unlock switch 12 will be described.
In the present embodiment, the collation signal Sv generated by the portable device ECU 13 includes four data (ID code Cid, switch code SW, portable device side operation count value Nm, and rolling code RC).

The ID code Cid is a code for individual identification of the portable device 10. The ID code Cid is stored in advance in the memory 15 of the portable device ECU 13.
The switch code SW is a code corresponding to each switch 11 and 12, and is a code that changes depending on whether the lock switch 11 is operated or the unlock switch 12 is operated.

  The portable device side operation count value Nm is the number of operations of the locking switch 11 and the unlocking switch 12 (total number of operations of each switch 11, 12 or each number of operations of each switch 11, 12). In the present embodiment, the portable device ECU 13 counts the total number of operations of the lock switch 11 and the unlock switch 12, and the count value (portable device side operation count value Nm) is stored in the memory 15.

  The rolling code RC is a code generated by encrypting the switch code SW and the portable device side operation count value Nm with the encryption key stored in the memory 15. That is, when the lock switch 11 or the unlock switch 12 is operated, the portable device ECU 13 causes the switch code SW and the portable device side operation according to the switch operation (whether the lock switch 11 is operated or the unlock switch 12 is operated). The count value Nm is encrypted, and data obtained by extracting a predetermined number of bits of data from this encrypted data based on a predetermined rule is defined as a rolling code RC. In this way, since the data that is the basis of the rolling code RC includes the portable machine side operation count value Nm that indicates the number of times the switches 11 and 12 have been operated, the rolling code RC changes every time the switch is operated. Is becoming The larger the number of bits of the rolling code RC is, the higher the security is. On the other hand, since the memory pressure and the communication time are increased, it is desirable to set the number of bits as small as possible within the range where the security can be secured. ..

  As described above, among the data included in the collation signal Sv, the ID code Cid, the switch code SW, and the operation count value Nm on the portable device side are unencrypted raw data, and the rolling code RC is encrypted data. ing.

Next, an authentication process (operation execution process of the door lock mechanism 21) by the vehicle ECU 23 will be described with reference to FIGS. 2 and 3. Note that this process is repeatedly executed at a predetermined cycle.
As shown in FIG. 2, in step S1, it is monitored whether a wireless signal is received via the receiving device 22. When it is determined that the wireless signal is received (step S1: YES), it is determined whether the received wireless signal includes the ID code Cid (step S2). An ID code Cid is stored in the memory 24 of the vehicle ECU 23.

  When it is determined in step S2 that the received wireless signal includes the ID code Cid (step S2: YES), the portable device side operation count value Nm included in the received wireless signal is stored in the memory. It is determined whether or not it matches the vehicle side count value Nc stored in 24 (step S3). On the other hand, when it is determined that the received wireless signal does not include the ID code Cid (step S2: NO), the process returns to step S1.

  When it is determined in step S3 that the portable device side operation count value Nm included in the received wireless signal matches the vehicle side count value Nc (step S3: YES), whether or not the warning flag is set. It is determined whether or not (step S4). At this time, when the value of the warning flag stored in the memory 24 is "1", the vehicle ECU 23 determines that the warning flag is in the set state, and when the value of the warning flag is "0". , It is determined that the warning flag is in the reset state.

  When it is determined in step S4 that the warning flag is not set (reset state) (step S4: NO), it is determined whether the rolling code RC included in the received wireless signal is correct. (Step S5). Here, the vehicle ECU 23 encrypts the vehicle-side count value Nc (or the portable-device-side operation count value Nm included in the received wireless signal) and the switch code SW included in the received wireless signal. Then, when the data of the predetermined number of bits extracted from the encrypted data based on the predetermined rule and the rolling code RC included in the received wireless signal match, the rolling code RC Is correct.

  In this step S5, it is determined that the rolling code RC included in the received wireless signal is correct, and thus the received wireless signal is the verification signal Sv (normal signal) transmitted from the authorized portable device 10. To be judged. That is, the verification of the verification signal Sv transmitted from the portable device 10 is established.

  In the processing after it is determined in step S5 that the rolling code RC included in the received wireless signal is correct (that is, after the wireless signal is verified in the reset state of the warning flag), the vehicle side is transmitted in step S6. The count value Nc is incremented (Nc ← Nc + 1), and the operation of the door lock mechanism 21 is executed in the subsequent step S7. In step S7, the door lock mechanism 21 unlocks or locks the door based on the switch code SW included in the received wireless signal.

  As described above, when the verification signal Sv from the legitimate portable device 10 is input to the vehicle ECU 23 in the reset state of the warning flag, the door lock mechanism 21 is activated by one successful verification. ing.

  On the other hand, when it is determined in step S5 that the rolling code RC included in the received wireless signal is not correct (step S5: NO), the warning flag is set in step S8 (that is, the warning flag The value is set to "1"). Then, after the processing of step S8 (setting of the warning flag), the authentication processing of the wireless signal is ended. That is, if the ID code Cid of the wireless signal and the portable device side operation count value Nm are determined to be correct through steps S2 and S3, and if the rolling code RC of the wireless signal is determined to be incorrect in step S5, the collation fails. The door lock mechanism 21 does not operate and the warning flag is set.

  Here, when the ID flag Cid and the portable device side operation count value Nm are determined to be correct through steps S2 and S3 in the state where the alert flag is set, that is, it is determined that the alert flag is set in step S4. In that case, the process proceeds to step S10. In this step S10, it is determined whether the rolling code RC included in the received wireless signal is correct or not by the same processing as in step S5. When it is determined that the rolling code RC included in the received wireless signal is not correct (step S10: NO), the collation is unsuccessful and the process proceeds to step S8, that is, the door lock mechanism 21 does not operate, And the warning flag is set.

  On the other hand, when it is determined in step S10 that the rolling code RC included in the received wireless signal is correct (step S10: YES), in the subsequent step S11, 1 is added to the portable device side operation count value Nm. The stored value is temporarily stored (that is, Nm + 1 is stored as the temporary count value Nt). The determination of YES in step S10 means that the received wireless signal has been verified in the alarm flag set state. However, in the alarm flag set state, if the verification is successful only once, the door lock mechanism is activated. The operation 21 is not executed.

  As shown in FIG. 3, in step S21 subsequent to step S11, similarly to step S1 described above, it is monitored whether or not a wireless signal is received via the reception device 22. When it is determined that the wireless signal is received (step S21: YES), it is determined whether the received wireless signal includes the ID code Cid (step S22).

  When it is determined in step S22 that the wireless signal received in step S21 includes the ID code Cid (step S22: YES), the portable device side operation count value Nm included in the received wireless signal. However, it is determined whether or not matches the temporary count value Nt stored in step S11 (step S23). On the other hand, when it is determined that the received wireless signal does not include the ID code Cid (step S22: NO), the process returns to step S21.

  If it is determined in step S23 that the portable device side operation count value Nm included in the wireless signal received in step S21 matches the provisional count value Nt (step S23: YES), it is included in the received wireless signal. It is determined whether the rolling code RC provided is correct (step S24). In this step S24, the same processing as in the above step S5 is executed. That is, here, the vehicle ECU 23 encrypts the temporary count value Nt (or the portable device side operation count value Nm included in the received wireless signal) and the switch code SW included in the received wireless signal. If the data of a predetermined number of bits extracted from the encrypted data based on the predetermined rule and the rolling code RC included in the received wireless signal match, the rolling code Judge that RC is correct. Here, when the rolling code RC included in the received wireless signal is determined to be correct (step S24: YES), the second collation is established in the set state of the warning flag.

  Then, in the processing after it is determined in this step S24 that the rolling code RC included in the received wireless signal is correct (that is, after the second collation is established in the set state of the warning flag), the processing is performed in step S25. The alarm flag is reset with (that is, the value of the alarm flag is set to "0").

  Then, in step S26, a value obtained by adding 1 to the temporary count value Nt is overwritten as the vehicle-side count value Nc (Nc ← Nt + 1), and the operation of the door lock mechanism 21 is executed in the following step S27. In step S27, the door lock mechanism 21 unlocks or locks the door based on the switch code SW included in the wireless signal received in step S21.

  On the other hand, if it is determined in the above step S23 that the portable device side operation count value Nm included in the wireless signal received in step S21 does not match the provisional count value Nt (step S23: NO), the collation is performed. If not established, the warning flag is set (step S28). Further, when it is determined in the above step S24 that the rolling code RC included in the wireless signal received in step S21 is not correct (step S24: NO), the collation is unsuccessful and the warning flag is set ( Step S28). Then, after the processing of step S28 (setting of the warning flag), the authentication processing of the wireless signal is ended.

  Further, in the present embodiment, when it is determined in step S3 that the portable device side operation count value Nm included in the received wireless signal does not match the vehicle side count value Nc (step S3: NO). Then, it is determined whether or not the portable device side operation count value Nm is larger than the vehicle side count value Nc (step S30). If it is determined that the portable device side operation count value Nm is equal to or less than the vehicle side count value Nc (step S30: NO), the process proceeds to step S8. On the other hand, when it is determined in step S30 that the portable device side operation count value Nm is larger than the vehicle side count value Nc (step S30: YES), the process proceeds to step S10.

  By including the process of step S30, the switches 11 and 12 are operated (so-called idle operation) under a situation where wireless communication cannot be established, such as when the portable device 10 is far away from the vehicle 20. , The vehicle side count value Nc remains unchanged, and becomes effective when the portable device side operation count value Nm is incremented.

  That is, when the vehicle 20 receives the collation signal Sv based on the operation of the switches 11 and 12 after the idle operation (step S1: YES), YES in step S2, NO in step S3, YES in step S30, and , YES is determined in step S10. Then, in the subsequent step S11, the value obtained by adding 1 to the operation count value Nm on the portable device side is stored as the temporary count value Nt. After that, when the verification signal Sv transmitted by the operation of the switches 11 and 12 that does not sandwich the empty operation is received by the vehicle 20 side (step S21: YES), the verification of the verification signal Sv is established by the processing of steps S22 to S24. The operation of the door lock mechanism 21 is executed (step S27). Further, in step S26, since the value obtained by adding 1 to the provisional count value Nt is overwritten as the vehicle side count value Nc, the vehicle side count value is set to follow the portable machine side operation count value Nm incremented by the empty operation. Nc is corrected.

Next, the operation of this embodiment will be described.
Raw data included in the collation signal Sv transmitted from the portable device 10, that is, the ID code Cid, the switch code SW, and the portable device side operation count value Nm are specified by a third party, and it is difficult for the third party to specify. It is considered that an unauthorized wireless signal (unauthorized signal Sf) in which the portion of the rolling code RC is changed in a brute force manner is transmitted to the vehicle 20.

  Here, first, it is assumed that the rolling code RC of the illegal signal Sf by the first brute force trial does not match the rolling code RC of the collation signal Sv (normal signal). Then, when the illegal signal Sf is received by the receiving device 22 in the reset state of the alert flag, it is determined as NO in the above step S5, and the alert flag is set in the following step S8. After that, the authentication process of the unauthorized signal Sf is ended without the operation of the door lock mechanism 21 being executed.

  After that, when the illegal signal Sf in the second and subsequent trials accidentally coincides with the collation signal Sv (regular signal) (collation is established) (step S10: YES), the process proceeds to step S11 and subsequent steps. That is, in the state where the warning flag is set, the operation of the door lock mechanism 21 is not executed only if the illegal signal Sf is verified once. Then, when the rolling code RC of the illegal signal Sf transmitted next does not match the rolling code RC of the collation signal Sv (regular signal) (step S24: NO), the warning flag is set (warning flag in the following step S28). Is maintained), and the authentication process of the unauthorized signal Sf is terminated without the operation of the door lock mechanism 21 being executed. That is, when the illegal signal Sf transmitted next is received, the process proceeds to step S2, and thus the process proceeds to the operation execution process (step S27) of the door lock mechanism 21 in the state where the warning flag is set. Requires that the illegal signal Sf tried in a brute force is verified twice consecutively. As a result, the probability that the door lock mechanism 21 is actuated by the illegal signal Sf is reduced.

Next, the characteristic effects of this embodiment will be described.
(1) The vehicle ECU 23 sets the warning flag based on the determination that the vehicle 20 has received an unauthorized wireless signal that is not transmitted from the legitimate portable device 10. Then, in the set state (alert state) of the alert flag, the control of the door lock mechanism 21 is executed on condition that the processing from the reception of the wireless signal to the establishment of the matching of the wireless signal is performed a plurality of times. According to this configuration, when the warning flag is set, verification of the illegal signal Sf from a third party is established a plurality of times to execute the control on the vehicle 20 side (matches the verification signal Sv from the legitimate portable device 10). Is required to do. Therefore, it is possible to reduce the probability that the control on the vehicle 20 side is executed by the unauthorized signal Sf from the third party. In this way, the security level can be improved without increasing the number of bits of the collation signal Sv transmitted from the portable device 10 (particularly the number of bits of the rolling code RC).

  (2) The collation signal Sv transmitted from the portable device 10 is an encrypted code and is encrypted with a rolling code RC (encrypted code) that changes every time a wireless signal is generated by the portable device 10. Not included ID code Cid and portable device side operation count value Nm. Then, the vehicle ECU 23 sets the warning flag based on the determination that the wireless signal including the ID code Cid and the portable device side operation count value Nm and not including the rolling code RC is received (step S8). That is, when the received wireless signal includes the ID code Cid and the portable device side operation count value Nm and does not include the rolling code RC, the wireless signal is a signal from a malicious third party. Since the possibility is high, it is possible to more effectively shift to the set state of the warning flag.

  (3) Since the rolling code RC as an encryption code is a code obtained by encrypting data including the portable machine side operation count value Nm that is incremented every time the portable machine 10 generates the collation signal Sv, the portable machine Each time the collation signal Sv is generated at 10, the rolling code RC included in the collation signal Sv can be changed.

(4) Since the ID code Cid is included in the verification signal Sv as raw data (non-encrypted code), it can contribute to speeding up the signal verification process in the vehicle ECU 23.
(5) In the processing of the vehicle ECU 23, when steps S1 to S7 and step S10 are the first phase and steps S21 to S27 are the second phase, when the warning flag is reset, the radio received in the first phase is received. The operation of the door lock mechanism 21 is executed on the condition that the verification of the signal is established (step S5: YES). On the other hand, in the set state of the warning flag, the second phase is shifted to the second phase on condition that the wireless signal received in the first phase is verified (step S10: YES), and then the wireless signal received in the second phase is verified. The operation of the door lock mechanism 21 is executed on the condition that the condition is satisfied (step S24: YES).

  Furthermore, when it is determined that the wireless signal received in the second phase is a signal that includes the ID code Cid and the portable device side operation count value Nm and does not include the rolling code RC (step S24: NO), The first phase is entered. As a result, when a third party who specifies the ID code Cid and the portable device side operation count value Nm sends the illegal signal Sf, the door lock mechanism 21 is tried in a brute force manner so as to be executed. It is necessary for the false signal Sf to be verified to be established twice consecutively (that is, continuously in the first and second phases). Therefore, it is possible to further reduce the probability that the operation of the door lock mechanism 21 is executed by the unauthorized signal Sf from the third party.

The above embodiment may be modified as follows.
The process of the vehicle ECU 23 (see FIGS. 2 and 3) of the above embodiment may be changed as appropriate.
For example, as shown in FIG. 4, step S3 in the process of the vehicle ECU 23 may be changed to step S103. In step S103, the portable device side operation count value Nm included in the received wireless signal is not less than the vehicle side count value Nc and smaller than the sum of the vehicle side count value Nc and the predetermined value p. It is determined whether or not.

  If it is determined that the portable device side operation count value Nm is within the range (step S103: YES), the process proceeds to step S4. On the other hand, the portable machine side operation count value Nm is out of the range (that is, the portable machine side operation count value Nm is smaller than the vehicle side count value Nc, or the portable machine side operation count value Nm is the vehicle side count value Nc. When it is determined that the sum is equal to or larger than the sum of the predetermined values p (step S103: NO), the process proceeds to step S10. When it is determined in step S10 that the rolling code RC included in the received wireless signal is correct (step S10: YES), the process proceeds to step S21 via step S11.

  According to this, in a situation in which the switches 11 and 12 of the portable device 10 are idled and the portable device side operation count value Nm is larger than the vehicle side count value Nc, the number of idle operations is larger than the predetermined value p. If the number is small, YES is determined in step S103 and the process proceeds to step S4. In this way, by allowing the verification of the portable machine side operation count value Nm to have a certain range, the operation of the door lock mechanism 21 is also executed by the verification signal Sv transmitted after the idle operation is performed less than the predetermined value p. It is supposed to be done. In this case, instead of step S6 (Nc ← Nc + 1) in the process of the vehicle ECU 23 of the above embodiment, a process of overwriting a value obtained by adding 1 to the portable device side operation count value Nm as the vehicle side count value Nc (step S106) is desirable.

  When the portable device side operation count value Nm is out of the range, it is highly possible that the received wireless signal is an invalid wireless signal. Therefore, in step S103, when it is determined that the portable device side operation count value Nm is out of the range, the process proceeds to step S10, that is, the operation of the door lock mechanism 21 is not executed depending on the wireless signal. Is desirable.

  -In the process of the vehicle ECU 23 of the above-described embodiment, if it is determined NO in step S22, the process may proceed to step S28. Further, in the process of the vehicle ECU 23 of the above-described embodiment, when it is determined NO in step S23, the process may return to step S21. Further, in the process of the vehicle ECU 23 of the above-described embodiment, when it is determined NO in step S24, the process may return to step S21.

  The content of the collation signal Sv from the portable device 10 is not limited to the above embodiment and can be changed as appropriate. For example, in the above embodiment, a part of the data of the verification signal Sv is encrypted, but the invention is not limited to this, and all the data of the verification signal Sv may be encrypted.

  In the above-described embodiment, when the number of times of determination of NO in step S21 reaches a predetermined value (that is, when a predetermined time elapses without receiving a signal), the process may be terminated and the process may proceed to step S1. ..

  In the above-described embodiment, the rolling code RC is generated based on the data obtained by encrypting the switch code SW and the portable device side operation count value Nm. However, the rolling code RC is not limited to this. For example, the switch code SW and the portable device side operation count. The rolling code RC may be generated based on the data obtained by encrypting the value Nm and the ID code Cid.

  -In the above-mentioned embodiment, although the example applied to the RKE system in the vehicle 20 is shown, the invention is not limited to this, and it is also applicable to detection of an unauthorized signal in vehicle-mounted communication such as CAN (controller area network). Further, the present invention can be applied not only to the wireless communication system of a vehicle but also to a wireless communication system of a house that locks and unlocks the entrance door through wireless communication between a lock device provided on the entrance door of a house and a portable device. Is.

-The above-mentioned embodiment and each modification may be combined appropriately.
Next, technical ideas that can be understood from the above-described embodiment and other examples will be added below.
(A) A wireless communication system including control means for executing control of equipment mounted on the communication master based on a wireless signal transmitted from the portable device to the communication master,
The control means shifts from a non-warning state to a warning state based on a determination that the unauthorized wireless signal not transmitted from a legitimate portable device is received by the communication master,
In the non-warning state, the control of the on-board device is executed on condition that the verification of the wireless signal received in the first phase is established,
In the alert state, the wireless signal received in the first phase is verified and the second phase is entered, and the control of the onboard device is executed on the condition that the wireless signal received in the second phase is verified. A wireless communication system characterized by the above.

  According to this configuration, in the non-warning state, the control of the onboard equipment is executed on condition that the verification of the wireless signal in the first phase is established (step S5: YES). On the other hand, in the alert state, the control of the on-board equipment is performed on the condition that the wireless signal verification is completed in the second phase (step S24: YES), which is shifted to the wireless signal verification in the first phase (step S10: YES). Is executed. In other words, in the alert state, the control of the communication master side needs to be verified multiple times in order to execute the control on the communication master side. Therefore, the control on the communication master side is executed by an unauthorized wireless signal from a third party. The probability of being killed can be reduced. In this way, the security level can be improved without increasing the number of bits of the wireless signal transmitted from the portable device.

(B) The wireless signal transmitted from the portable device is an encrypted code, an encrypted code that changes each time the portable device generates a wireless signal, and an unencrypted non-encrypted code. Includes and
The wireless communication system, wherein when the wireless signal received in the second phase is a signal that includes the non-encrypted code and does not include the encrypted code, the wireless communication system shifts to the first phase.

  According to this configuration, when the wireless signal received in the second phase is a signal including the non-encrypted code and not the encrypted code (step S24: NO), the first phase is entered. As a result, when the non-encrypted code is specified by a third party and the third party transmits an unauthorized wireless signal in which the part of the difficult-to-identify encrypted code is changed in a brute force manner, the communication master side In order to carry out the control of 1, the collation of the illegal wireless signal must be established continuously in the first and second phases. Therefore, it is possible to further reduce the probability that control on the communication master side is executed by an unauthorized wireless signal from a third party.

  10 ... Portable machine, 20 ... Vehicle (communication master), 21 ... Door lock mechanism (installed device), Sv ... Collation signal, Cid ... ID code (non-encryption code), SW ... Switch code (non-encryption code), Nm ... Operation count value on portable device side (non-encrypted code), RC ... Rolling code (encrypted code).

Claims (4)

A wireless communication system comprising control means for executing control of equipment mounted on the communication master based on a wireless signal transmitted from a portable device to the communication master,
The control means shifts to a warning state based on a determination that the communication master has received an unauthorized wireless signal that is not transmitted from an authorized portable device, and in the warning state, the wireless signal is received from the reception of the wireless signal. A wireless communication system, characterized in that control of the on-board equipment is executed on condition that a process up to the establishment of matching of wireless signals is performed a plurality of times. The wireless communication system according to claim 1,
The wireless signal transmitted from the portable device includes an encrypted code, an encrypted code that changes each time the portable device generates a wireless signal, and an unencrypted non-encrypted code. Out,
The wireless communication system is characterized in that the unauthorized wireless signal is a signal that includes the non-encrypted code and does not include the encrypted code. The wireless communication system according to claim 2,
The wireless communication system, wherein the encryption code is a rolling code in which data including a counter value that is incremented each time a wireless signal is generated by the portable device is encrypted. The radio communication system according to claim 2 or 3,
The non-encrypted code includes an ID code for individual identification of the portable device.

Images