JP2022076704A - Authentication system and authentication method - Google Patents

Abstract

To provide an authentication system and an authentication method capable of improving security against unauthorized use.SOLUTION: In a key terminal 3, a plurality of pieces of ID information Did are stored so that a plurality of operation objects 1 can be operated by one key. When operating a first operation object 1a by the key terminal 3, first ID information Did 1 is authenticated. When operating a second operation object 1b by the key terminal 3, second ID information Did 2 is authenticated. A determination part 21 determines a positional relation of the operation object 1 and the key terminal 3 by communication between the operation object 1 and the key terminal 3. In the case where the key terminal 3 receives radio waves from communication modules 12 of the plurality of operation objects 1, out of the plurality of operation objects 1, a setting part 22 sets the operation object 1 based on a determination result of the determination part 21 as a communication partner of the key terminal 3.SELECTED DRAWING: Figure 1

Description

The present invention relates to an authentication system and an authentication method for authenticating a key terminal.

Conventionally, many vehicles are equipped with an electronic key system that authenticates an electronic key by wireless communication to operate a device (see Patent Document 1 and the like). In this type of electronic key system, for example, radio waves in the LF band are used for transmitting radio waves of an electronic key from a vehicle, and a stable communication area is formed in the vicinity of the vehicle. When the electronic key enters the communication area of the LF band radio wave, the UHF band radio wave is transmitted from the electronic key, and the electronic key is authenticated through a series of radio wave exchanges. Once the electronic key is authenticated, the vehicle doors can be locked and unlocked and the engine can be started.

Japanese Unexamined Patent Publication No. 2005-262915

In recent years, for example, a technique has been envisioned in which one electronic key can be used as a key for a plurality of vehicles by registering ID information for each vehicle in one electronic key. At this time, for example, when high-frequency radio waves are used for both the outward and return paths of the electronic key and the communication of the vehicle, not only the radio waves from the vehicle that the user intends to operate but also other vehicles that can be operated with the same key. Radio waves may also be received by the electronic key. In this case, it leads to unauthorized operation of other vehicles, so some measures have been required.

The authentication system that solves the above problems is configured to wirelessly communicate the key terminal with the communication module to be operated to authenticate the key terminal and operate the device to be operated based on the authentication result. A determination unit that determines the positional relationship between the operation target and the key terminal by communication between the key terminal capable of operating the operation target and the operation target, and the communication in which the key terminals are a plurality of the operation targets. In the case of receiving radio waves from the module, the operation target is provided as a setting unit for setting the operation target based on the determination result of the determination unit as the communication partner of the key terminal among the plurality of operation targets.

The authentication method for solving the above problem is a method of an authentication system in which a key terminal is wirelessly communicated with a communication module to be operated to authenticate the key terminal, and the device to be operated is operated based on the authentication result. By communication between the key terminal capable of operating a plurality of the operation targets and the operation target, the positional relationship between the operation target and the key terminal is determined, and the key terminal is a plurality of the operation targets. In the case of receiving radio waves from the communication module, the authentication system is instructed to set the operation target based on the determination result of the positional relationship among the plurality of operation targets as the communication partner of the key terminal. Let it run.

According to the present invention, security against unauthorized use can be improved.

The block diagram of the authentication system of 1st Embodiment. Illustration of unauthorized communication by a third party. Communication sequence diagram of key terminal and operation target. The illustration of the unauthorized communication by a third party in 2nd Embodiment. Illustration of unauthorized communication by a third party. The block diagram of the authentication system of 3rd Embodiment. Authentication communication sequence diagram. Communication sequence diagram of key terminal and operation target. The block diagram of the authentication system of 4th Embodiment. Communication sequence diagram of key terminal and operation target.

Hereinafter, an embodiment of the authentication system and the authentication method will be described.
As shown in FIG. 1, the vehicle 2 as the operation target 1 includes an authentication system 5 that authenticates the key terminal 3 by wireless communication and operates the device 4 of the operation target 1. The authentication system 5 wirelessly authenticates the operation target 1 and the key terminal 3 to operate the device 4 of the operation target 1. In the case of this example, the authentication system 5 is an electronic key system 6 that mainly authenticates the key terminal 3 having a key function with the operation target 1. The key terminal 3 is, for example, a FOB (Frequency Operated Button) key. The device 4 is, for example, a door lock device, a steering lock device, an engine device, and the like.

The electronic key system 6 includes, for example, a smart system that executes an authentication process triggered by a communication from a vehicle 2, and a wireless key system that executes an authentication process triggered by a communication from a key terminal 3. The smart system is, for example, a system that authenticates the key terminal 3 by smart communication using radio waves in the UHF (Ultra High Frequency) band for communication between the vehicle 2 and the key terminal 3. The wireless key system is a system in which the key terminal 3 remotely controls the vehicle 2 by, for example, wireless communication in which a UHF band radio wave is transmitted to the vehicle 2 triggered by the operation of the key terminal 3.

The vehicle 2 which is the operation target 1 includes an authentication unit 9 that authenticates the key terminal 3 by wireless communication. The ID information Did of the key terminal 3 registered in the vehicle 2 is stored in the memory 10 of the vehicle 2. The authentication unit 9 is connected to the device 4 via a communication bus 11 provided in the vehicle 2. The communication bus 11 is, for example, LIN (Local Interconnect Network), CAN (Controller Area Network), or the like. The authentication unit 9 wirelessly communicates with the key terminal 3 via the communication module 12. The authentication unit 9 controls the device 4 by outputting an operation command to the device 4 via the communication bus 11 based on the authentication result when the key terminal 3 is authenticated.

The vehicle 2 includes an operation unit 13 that is operated when the device 4 is operated. The operation unit 13 includes, for example, an outside door handle that is touched when the vehicle door is unlocked, a door switch for locking the vehicle door provided on the outside door handle, an engine switch that is operated when the vehicle power supply is changed, and the like. When operated, the operation unit 13 outputs the operation signal Ssw to the authentication unit 9.

The key terminal 3 includes a key control unit 16 that controls the operation of the key terminal 3. When authenticating the key terminal 3, the key control unit 16 communicates with the authentication unit 9 of the vehicle 2 via the antenna 17. In the key terminal 3, the ID information Did is stored in the memory 18 as a unique ID of the key terminal 3. The ID information Did includes, for example, a unique ID code of the key terminal 3, an encryption key used for authentication such as challenge response authentication, and the like.

The authentication performed by the authentication system 5 includes, for example, ID authentication for authenticating the ID information Did registered in the key terminal 3. As this ID authentication, the authentication unit 9 executes wireless communication with the key terminal 3 via the communication module 12, and authenticates the ID information Did of the key terminal 3 by this communication. In the case of this example, the authentication of the ID information Did by smart communication is referred to as "smart collation", and the authentication of the ID information Did by wireless communication is referred to as "wireless collation".

The authentication performed by the authentication system 5 includes a position determination for determining a positional relationship by communication between the key terminal 3 and the communication module 12. In this case, the authentication system 5 includes a determination unit 21 that executes position determination. The determination unit 21 includes, for example, a first determination unit 21a of the operation target 1 and a second determination unit 21b of the key terminal 3. The position determination may be performed by using a radio wave in the UHF band transmitted / received by ID authentication, or by transmitting / receiving a radio wave different from this radio wave. Position determination using another radio wave includes, for example, a method of transmitting and receiving a Bluetooth (Bluetooth: registered trademark) radio wave, a method of transmitting and receiving a UWB (Ultra Wide Band) band radio wave, and the like.

In the case of this example, the determination unit 21 determines the position of the key terminal 3 with respect to the communication module 12 as this position determination. Specifically, the determination unit 21 measures the received signal strength (RSSI: Received Signal Strength Indicator) of the radio wave received in the communication between the key terminal 3 and the communication module 12, and from this received signal strength, the communication module. The position of the key terminal 3 with respect to 12 is determined. The received signal strength is a value corresponding to the positional relationship between the key terminal 3 and the communication module 12. Therefore, the determination unit 21 determines the position of the key terminal 3 with respect to the communication module 12 from the magnitude of the received signal strength. Further, it is preferable that the determination unit 21 determines whether the key terminal 3 is located outside the vehicle or inside the vehicle.

In the position determination, for example, if the radio wave is transmitted a plurality of times, a characteristic value may be obtained from a plurality of received signal intensities, and the position determination may be executed based on the characteristic value. For this characteristic value, various parameters such as an average value, a weighted average, an arithmetic average, a synergistic average, and a harmonic mean may be used. Further, as the radio wave used for the position determination, a radio wave transmitted at any timing may be used as long as it is a radio wave exchanged between the key terminal 3 and the communication module 12.

The authentication unit 9 determines that the key terminal 3 is located outside the vehicle by the position determination, and when the ID authentication with the key terminal 3 is established, the smart collation outside the vehicle is established and the locking / unlocking of the vehicle door is permitted or executed. do. Therefore, when the unlocking operation unit 13 is operated in the door locked state, the vehicle door is unlocked. Further, when the locking operation unit 13 is operated in the door unlocked state, the vehicle door is locked.

The authentication unit 9 determines that the key terminal 3 is located in the vehicle by the position determination, and when the ID authentication with the key terminal 3 is established, the in-vehicle smart collation is established and the transition operation of the vehicle power supply by the engine switch is performed. to approve. Therefore, when the smart collation outside the vehicle is established and the engine switch is pushed while the brake pedal (not shown) is depressed, the engine of the vehicle 2 is started.

The key terminal 3 of this example stores a plurality of ID information Dids so that a plurality of operation targets 1 (vehicles 2) can be operated with one key. The ID information Did of this example includes the first ID information Did1 registered in the first operation target 1a and the second ID information Did2 registered in the second operation target 1b. When operating the first operation target 1a with the key terminal 3, the first ID information Did1 is authenticated. When the second operation target 1b is operated by the key terminal 3, the second ID information Did2 is authenticated.

As shown in FIG. 2, the authentication system 5 has a function of setting the priority order of the operation target 1 that can be operated by the key terminal 3 when a plurality of operation targets 1 can be operated by one key terminal 3. (Priority order setting function) is provided. The priority order setting function of this example uses, for example, the operation target 1 as a communication partner when the key terminal 3 exists in the specified position or the specified area of a certain operation target 1 (first operation target 1a in FIG. 2). In order to give priority to this, even if a radio wave is received from another operation target 1 (second operation target 1b in FIG. 2), communication with this operation target 1 is not performed. In the case of this example, the first operation target 1a is the first vehicle 2a, and the second operation target 1b is the second vehicle 2b.

In the case of the example of FIG. 2, the specified position or the specified area is an in-vehicle area (one-dot chain line area) in which the entire in-vehicle area is the area. The specified position or the specified area is not limited to the inside area of the vehicle, and may be another area such as an outside area of the vehicle 2 having an area outside the vehicle.

As shown in FIG. 1, the determination unit 21 of this example determines the positional relationship via communication between the communication module 12 of the operation target 1 and the key terminal 3. The determination unit 21 determines whether or not the determination result of the position determination at the time of the authentication process is maintained by periodically executing the communication between the operation target 1 and the key terminal 3 after the authentication process of the key terminal 3, for example. judge. Specifically, the second determination unit 21b determines the position of the key terminal 3 through the authentication process of the key terminal 3, and then periodically transmits the position determination radio wave S1 from the operation target 1. By monitoring, it is monitored whether or not the judgment result of the position judgment at the time of the authentication process is maintained.

The authentication system 5 includes a setting unit 22 for setting an operation target 1 to be a communication partner when the key terminal 3 receives radio waves from a plurality of communication modules 12 of the operation target 1. The setting unit 22 is provided in, for example, the key control unit 16. When the key terminal 3 receives radio waves from the communication modules 12 of the plurality of operation targets 1, the setting unit 22 selects the operation target 1 based on the determination result of the determination unit 21 among the plurality of operation targets 1 as the key terminal. Set as the communication partner of 3. For example, when the key terminal 3 exists in the specified position or the specified area of one operation target 1, the setting unit 22 receives radio waves from the communication module 12 of another operation target 1, but the setting unit 22 of another operation target 1. Do not communicate with the communication module 12.

Next, the operation of the authentication system 5 of the present embodiment will be described.
FIG. 3 illustrates a procedure diagram when a user possessing a key terminal 3 operates a first operation target 1a (first vehicle 2a). FIG. 3 cites, for example, an example in which a user in a vehicle pushes an engine switch in an attempt to start the engine.

In step 101, the authentication unit 9 of the first operation target 1a detects the operation of the operation unit 13 based on the operation signal Ssw input from the operation unit 13. For example, when the operation signal Ssw is input from the engine switch as the operation unit 13, the authentication unit 9 detects that the engine switch has been pushed.

In step 102, when the authentication unit 9 of the first operation target 1a detects the operation of the operation unit 13, the request radio wave Sreq is transmitted from the communication module 12. That is, the authentication unit 9 of the first operation target 1a transmits the request radio wave Sreq to the key terminal 3 and starts the authentication of the key terminal 3. Since the request radio wave Sreq is transmitted by a high frequency radio wave in the UHF band, it reaches a wide range to some extent. The request radio wave Sreq is, for example, a radio wave including a wake signal for activating the key terminal 3 in the standby state, a unique ID (communication module ID) possessed by the communication module 12, and a challenge code used for challenge response authentication.

In step 103, when the key terminal 3 receives the request radio wave Sreq transmitted from the communication module 12 of the first operation target 1a, the key terminal 3 transmits the response radio wave Sres to the communication module 12 of the first operation target 1a in response to the request radio wave Sreq. do. The response radio wave Sres includes, for example, an ID information Did (here, the first ID information Did 1) possessed by the key terminal 3 and a response code generated by calculating a challenge code with an encryption key. The key terminal 3 selects the first ID information Did1 from the received communication module IDs from the plurality of ID information Dids in the memory 18, and transmits the first ID information Did1 to the first operation target 1a.

Upon receiving the response radio wave Sres transmitted from the key terminal 3, the authentication unit 9 of the first operation target 1a authenticates the response radio wave Sres. In the case of this example, the authentication unit 9 confirms the correctness of the ID information Did and the response code included in the response radio wave Sres. If these are correct, the authentication unit 9 establishes the authentication and continues the process. On the other hand, if at least one of these is incorrect, the authentication unit 9 forcibly terminates the communication.

In step 104, the determination unit 21 executes a position determination for determining the position of the key terminal 3 with respect to the communication module 12. In the case of this example, the determination unit 21 measures, for example, the received signal strength of the radio wave communicated between the key terminal 3 and the first operation target 1a, and from the received signal strength, the key terminal 3 and the communication module 12 Determine the positional relationship. The radio wave for measuring the received signal strength may be the above-mentioned request radio wave Sreq or response radio wave Sres, or may be another newly transmitted radio wave different from this. Further, the radio waves may be transmitted a plurality of times, and the position may be determined from the received signal strength of these radio waves. In the case of this example, the authentication unit 9 determines whether the key terminal 3 is located inside or outside the first vehicle 2a.

Then, the determination unit 21 acquires the position determination result at this time and recognizes which operation target 1 is located in the specified position or the specified area. In the case of this example, the determination unit 21 identifies which operation target 1 is from the ID (communication module ID) acquired from the communication module 12 during communication, and here, the specified position or definition of the first operation target 1a. It is preferable to recognize that the key terminal 3 exists in the area.

In step 105, the authentication unit 9 of the first operation target 1a operates the device 4 when the key terminal 3 is authenticated. For example, when the authentication unit 9 authenticates with the key terminal 3 located outside the vehicle, the authentication unit 9 permits or executes the locking / unlocking of the vehicle door. Further, when the authentication unit 9 authenticates with the key terminal 3 located in the vehicle, the authentication unit 9 permits the transition operation of the vehicle power supply.

In step 106, the determination unit 21 monitors the position of the key terminal 3 when a series of authentications of the first operation target 1a and the key terminal 3 are completed. In the case of this example, the communication module 12 of the first operation target 1a repeatedly transmits the radio wave S1 for position monitoring at a predetermined cycle. The radio wave S1 may be any data content as long as it is a radio wave whose received signal strength can be measured. Each time the key terminal 3 receives the radio wave S1, the key terminal 3 measures the received signal strength of the radio wave S1.

The determination unit 21 monitors whether or not the key terminal 3 is located in the specified position or the specified area of the first vehicle 2a from the received signal strength of the radio waves S1. Whether or not the communication partner is the operation target 1 can be identified from, for example, an ID (communication module ID or the like) included in the radio wave transmitted from the communication module 12. At this time, the second determination unit 21b recognizes that the key terminal 3 is located in the vehicle of the first vehicle 2a if the user who possesses the key terminal 3 is in the vehicle.

When the key terminal 3 has a specified position or a specified area, the setting unit 22 sets an operation target 1 that forms a specified position or a specified area with respect to the key terminal 3 as a communication partner of the key terminal 3. In the case of this example, the setting unit 22 sets the first operation target 1a as the communication partner of the key terminal 3.

Here, as shown in FIG. 2, when the key terminal 3 is located in the vehicle of the first operation target 1a, a third party attempts to illegally board the second vehicle 2b as the second operation target 1b located nearby. Imagine a situation to do. Here, for example, it is assumed that a third party touch-operates the outside door handle of the second vehicle 2b in which the vehicle door is locked to illegally unlock the vehicle door.

As shown in FIG. 3, in step 107, the authentication unit 9 of the second operation target 1b detects the touch operation of the operation unit 13 (here, the door handle outside the vehicle of the vehicle door) of the second operation target 1b.

In step 108, when the authentication unit 9 of the second operation target 1b detects the operation of the operation unit 13, the request radio wave Sreq is transmitted from the communication module 12. That is, the authentication unit 9 of the second operation target 1b transmits the request radio wave Sreq to the key terminal 3 and starts the authentication of the key terminal 3.

When the key terminal 3 receives the request radio wave Sreq from the second operation target 1b, the setting unit 22 determines which operation target 1 should be set as the communication partner of the key terminal 3. In the case of this example, since it is determined that the key terminal 3 exists in the specified position or the specified area of the first operation target 1a, the setting unit 22 sets the first operation target 1a as the communication partner of the key terminal 3. That is, even if the setting unit 22 receives the request radio wave Sreq from the second operation target 1b, the setting unit 22 maintains a state in which the first operation target 1a is the communication partner instead of the second operation target 1b as the communication partner. ..

In step 109, the key terminal 3 responds to the request radio wave Sreq when it receives the request radio wave Sreq from the communication module 12 of the second operation target 1b and the communication partner is set to the first operation target 1a. do not. That is, even if the key terminal 3 receives the request radio wave Sreq from the second operation target 1b, the key terminal 3 does not take an operation of returning the response radio wave Sres. Therefore, it is possible to improve the security against unauthorized use of the second operation target 1b.

According to the authentication system 5 of the above embodiment, the following effects can be obtained.
(1) The authentication system 5 wirelessly communicates the key terminal 3 with the communication module 12 of the operation target 1 to authenticate the key terminal 3, and operates the device 4 of the operation target 1 based on the authentication result. The determination unit 21 determines the positional relationship between the operation target 1 and the key terminal 3 by communication between the key terminal 3 capable of operating a plurality of operation targets 1 and the operation target 1. When the key terminal 3 receives radio waves from the communication modules 12 of the plurality of operation targets 1, the setting unit 22 selects the operation target 1 based on the determination result of the determination unit 21 among the plurality of operation targets 1 as the key terminal. Set as the communication partner of 3.

According to the configuration of this example, even when the key terminal 3 receives radio waves from a plurality of operation targets 1, the operation target 1 to be communicated (for example, the first operation target 1a) can be appropriately set. It will be possible. Therefore, for example, it is assumed that a third party tries to operate another operation target 1 (for example, the second operation target 1b) that can be operated by the same key terminal 3 and causes another operation target 1 to communicate with the key terminal 3. However, it is not necessary to carry out this communication. Therefore, the security against unauthorized use can be improved.

(2) The determination unit 21 determines the positional relationship via communication between the communication module 12 of the operation target 1 and the key terminal 3. According to this configuration, the position determination can be executed using the configuration of the authentication system 5, so that it is not necessary to provide a separate member for the position determination. Therefore, it contributes to the simplification of the system configuration.

(3) The determination unit 21 determines whether or not the key terminal 3 exists in the specified position or the specified area with respect to the operation target 1. When the key terminal 3 exists in the specified position or the specified area of a certain operation target 1, the setting unit 22 receives radio waves from the communication module 12 of another operation target 1, but the key terminal 3 is another operation target. Do not communicate with the communication module 12 of 1. According to this configuration, when the key terminal 3 exists in a clear area such as a specified position or a specified area of the operation target 1, the operation target 1 can be set as the correct communication partner of the key terminal 3.

(4) When the key terminal 3 receives a radio wave from the operation target 1 that is not the communication partner, the setting unit 22 prevents the key terminal 3 from executing a response to the operation target 1. According to this configuration, even if the first barn attempts to illegally connect another operation target 1 to the key terminal 3, the unauthorized communication can be forcibly terminated by a simple format of disconnecting the communication in the middle. can.

(5) When there are a plurality of candidates for the communication partner of the key terminal 3, the setting unit 22 sets only one operation target 1 determined to have the highest priority as the communication partner. In the case of this example, the operation target 1 having the highest received signal strength is set as the communication partner of the key terminal 3. Therefore, the key terminal 3 can be communicated only with the operation target 1 of the optimum communication partner, which further contributes to ensuring security.

(Second Embodiment)
Next, the second embodiment will be described. The second embodiment is an example in which the combination of the operation target 1 of the first embodiment is replaced. Therefore, the same parts as those in the first embodiment are designated by the same reference numerals, detailed description thereof will be omitted, and only different parts will be described in detail.

As shown in FIGS. 4 and 5, in the operation target 1, the first operation target 1a is the vehicle 2 and the second operation target 1b is the building 25. The device 4 operated by the second operation target 1b is a building door 26 which is an entrance / exit of the building 25. As described above, in the case of this example, the vehicle 2 can be operated with one key terminal 3, and the building door 26 can also be operated. The building door 26 wirelessly communicates with the key terminal 3 via the communication module 12 installed in the building 25.

FIG. 4 shows, for example, an example of a situation in which a third party attempts to illegally invade a nearby building 25 when the key terminal 3 is located inside the vehicle 2. Here, for example, it is assumed that a third party operates the doorknob 27 (the button of the doorknob 27 is also possible) of the building door 26 of the locked building 25 to illegally unlock the building door 26.

When the doorknob 27 of the building door 26 (or the button of the doorknob 27 is also possible) is operated by a third party, the request radio wave Thrq is transmitted from the communication module 12 of the building door 26. At this time, the request radio wave Sreq transmitted from the communication module 12 of the building door 26 reaches the key terminal 3 located in the vehicle of the nearby vehicle 2, and if no measures are taken, the response radio wave from the key terminal 3 The Sres will be transmitted to the communication module 12 of the building door 26, and the building door 26 will be unlocked illegally.

However, in the case of this example, when the key terminal 3 exists in the specified position or the specified area of the vehicle 2 and the communication partner of the key terminal 3 is set to the vehicle 2, the key terminal 3 is the building door 26. Even if the request radio wave Sreq transmitted from the communication module 12 is received, it does not respond to this request radio wave Sreq. Therefore, it is possible to improve the security against unauthorized unlocking of the building door 26.

FIG. 5 shows an example of a situation in which a third party attempts to illegally operate a nearby vehicle 2 when the key terminal 3 is located near the building door 26, for example. Here, for example, it is assumed that a third party touch-operates the outside door handle of the vehicle 2 in which the vehicle door is locked to illegally unlock the vehicle door.

When the door handle outside the vehicle of the vehicle 2 is operated by a third party, the request radio wave Sreq is transmitted from the communication module 12 of the vehicle 2. At this time, the request radio wave Sreq transmitted from the communication module 12 of the vehicle 2 reaches the key terminal 3 located near the building door 26, and if no measures are taken, the response radio wave Sres is transmitted from the key terminal 3. It will be transmitted to the communication module 12 of the vehicle 2, and the vehicle door will be unlocked illegally.

However, in the case of this example, when the key terminal 3 exists in the specified position or the specified area of the building door 26 and the communication partner of the key terminal 3 is set to the building door 26, the key terminal 3 is the vehicle 2. Even if the request radio wave Sreq transmitted from the communication module 12 of the above is received, it does not respond to this request radio wave Sreq. Therefore, it is possible to improve the security against unauthorized unlocking of the vehicle door.

According to the authentication system 5 of the above embodiment, the following effects can be obtained in addition to the effects described in the first embodiment.
(6) Even when the type of the operation target 1 is different, such as the vehicle 2 and the building 25, the optimum communication partner of the key terminal 3 can be appropriately set.

(Third Embodiment)
Next, the third embodiment will be described. The third embodiment will also be described only with respect to the parts different from the first embodiment and the second embodiment.

As shown in FIG. 6, the authentication system 5 of this example is a multifunctional terminal key system 30 that uses a multifunctional terminal or the like as the key terminal 3. In the case of this example, the key terminal 3 has a main function different from the key function, and is a terminal to which the key function is separately added, for example, a high-performance mobile phone. The multifunctional terminal key system 30 enables the operation target 1 to be operated by a key terminal 3 such as a high-performance mobile phone instead of the dedicated key of the operation target 1, for example. For example, the multifunction terminal key system 30 downloads the key information Dk required for authentication from the outside to the key terminal 3, and enables the operation target 1 to be operated by the key terminal 3.

The key information Dk is, for example, a one-time key (one-time password) that is permitted to be used only once or for a certain period of time. The key information Dk is registered in the key terminal 3 from, for example, a server connected to a network, an electronic key positioned as a main key, or the like. The key information Dk is not limited to downloading from the server, and may be acquired, for example, by communicating with the main key of the vehicle 2 or reading an image of code information (QR code: registered trademark).

The key terminal 3 includes a key control unit 31 that controls the operation of the key terminal 3, an antenna 32 that wirelessly communicates with the operation target 1, a memory 33, and an input unit 34 that is used when performing an input operation on the key terminal 3. , A display unit 35 including a display and the like, and a network communication unit 36 that communicates with the outside through network communication. The key terminal 3 performs network communication with, for example, a server (not shown) via the network communication unit 36, and downloads the key information Dk to the memory 33. The key terminal 3 executes short-range wireless communication with the operation target 1 (vehicle 2) via the antenna 32. The display unit 35 is, for example, a touch panel.

In the key terminal 3, the application 37 required for operating the key terminal 3 as the key of the operation target 1 is registered in the memory 33. The application 37 is acquired from, for example, a server or the like through network communication, and is written and stored in the memory 33. By registering the application 37 in the key terminal 3, it is possible to download the key information Dk to the key terminal 3 and operate the operation target 1 in the key terminal 3.

The short-range wireless communication may be either PAN (Personal Area Network) communication or short-range wireless communication. Personal area network communication includes, for example, Bluetooth (Bluetooth: registered trademark) communication, UWB (Ultra Wide Band) communication, Wi-Fi (registered trademark) communication, and the like. Further, the Bluetooth communication is preferably BLE (Bluetooth Low Energy). Short-range wireless communication includes, for example, NFC (Near Field Communication) as a kind of RFID.

The operation target 1 includes a wireless authentication device 40 that authenticates the key terminal 3 by short-range wireless communication. The wireless authentication device 40 includes an authentication unit 41 that executes authentication processing, and a communication module 42 that executes short-range wireless communication. The authentication unit 41 executes short-range wireless communication with the key terminal via the communication module 42, and authenticates the key information Dk registered in the key terminal 3.

The operation target 1 includes a control device 43 that controls the device 4 based on the authentication result of the authentication unit 41. The control device 43 is connected to the device 4 and the authentication unit 41 via the communication bus 11. The control device 43 controls the device 4 by outputting an operation command to the device 4 via the communication bus 11.

The key terminal 3 of this example stores a plurality of key information Dk so that a plurality of operation targets 1 (vehicle 2) can be operated with one key. The key information Dk of this example includes the first key information Dk1 authenticated by the first operation target 1a and the second key information Dk2 authenticated by the second operation target 1b. In this way, when the key terminal 3 operates the first operation target 1a, the first key information Dk1 is authenticated. When the second operation target 1b is operated by the key terminal 3, the second key information Dk2 is authenticated.

FIG. 7 illustrates an example of an authentication procedure for the key information Dk registered in the key terminal 3.
In step 201, the authentication unit 41 periodically repeatedly transmits advertisements for notifying information related to communication of the own machine from the communication module 42. The advertisement is, for example, a kind of packet data.

In step 202, when the key terminal 3 receives the advertisement transmitted from the communication module 42, the key terminal 3 executes the scan process if the received signal strength at the time of receiving the advertisement is equal to or higher than the connection threshold value. The scan process is a process in which the key terminal 3 requests the authentication unit 41 to provide the details of the short-range wireless communication and acquires the details.

In step 203, after the scan process, the key terminal 3 transmits a connection request for connecting the short-range wireless communication to the authentication unit 41 through the short-range wireless communication in order to perform pairing with the authentication unit 41.

In step 204, when the authentication unit 41 receives the connection request from the key terminal 3, the authentication unit 41 transmits a response notification to the connection request to the key terminal 3 via short-range wireless communication.
In step 205, when the above pairing is correctly executed, the key terminal 3 and the authentication unit 41 are in the state of the communication connection to which the Bluetooth communication is connected.

In step 206, when the Bluetooth is in the communication connection state, the key terminal 3 transmits the key information Dk registered in the memory 33 to the authentication unit 41 via short-range wireless communication.

In step 207, the authentication unit 41 authenticates the key information Dk received from the key terminal 3. In the case of this example, when the authentication of the key information Dk shifts to the establishment because the authentication unit 41 can correctly decrypt the key information Dk, for example, the usage time (use start time / use end time) of the operation target 1 or , The session key used in the subsequent short-range wireless communication and the terminal ID which is a unique ID of the key terminal 3 can be acquired. On the other hand, if the key information Dk is not correct, the authentication unit 41 waits as it is and does not allow the vehicle operation by the key terminal 3.

In step 208, when the key information Dk is authenticated, the authentication unit 41 transmits a key information authentication establishment notification to that effect to the key terminal 3 via short-range wireless communication.
In step 209, when the key terminal 3 receives the key information authentication establishment notification transmitted from the authentication unit 41, both the key terminal 3 and the authentication unit 41 are in the authentication completion state recognizing the authentication establishment. The authentication completion state means a state in which both the key terminal 3 and the authentication unit 41 know the session key and the terminal ID common to each other. This enables vehicle operation (door lock / unlock operation and engine start operation) using the key terminal 3.

For example, when the short-range wireless communication is reconnected after the authentication of the key information Dk has already been completed, the key terminal 3 and the authentication unit 41 are authenticated by the session key acquired at the time of decrypting the key information Dk. Is preferable. Then, if the authentication by the session key is established, the key terminal 3 and the authentication unit 41 shift to the authentication completed state. Therefore, also in this case, the vehicle operation (door lock / unlock operation and engine start operation) using the key terminal 3 is possible. This session key is preferably updated every time the communication is reconnected, for example.

In FIG. 8, the key terminal 3 possessed by the user takes an authentication completed state with the wireless authentication device 40 of the first operation target 1a (first vehicle 2a), and a third party enters the second operation target 1b (second vehicle 2b). Here is an example of trying to tamper with.

In step 301, when the key terminal 3 approaches the first operation target 1a and the key terminal 3 is authenticated, both the authentication unit 41 and the key terminal 3 of the first operation target 1a are in the authentication completed state. When communicating with the first operation target 1a, the key terminal 3 recognizes that the communication partner is the first operation target 1a from the received identification information such as the communication module ID, and authenticates the first key information Dk1. Execute the process. Then, the authentication unit 41 of the first operation target 1a authenticates the first key information Dk1, and both the authentication unit 41 of the first operation target 1a and the key terminal 3 shift to the authentication completed state.

In step 302, when the authentication unit 41 of the first operation target 1a shifts to the authentication completion state, the data packet S2 is periodically transmitted at a predetermined connection interval, and the key terminal 3 set as the communication partner is around. Monitor if it exists in. In the case of this example, when the key terminal 3 receives the data packet S2, it is preferable that the key terminal 3 returns a response to the wireless authentication device 40. While the key terminal 3 can receive the data packet S2, the communication connection state is maintained. On the other hand, when the key terminal 3 does not receive the data packet S2, the communication connection is disconnected.

In step 303, the determination unit 21 monitors the position of the key terminal 3 by using the data packet S2 periodically transmitted from the communication module 42 of the first operation target 1a. The data packet S2 may be any data content as long as it is a radio wave whose received signal strength can be measured. Each time the key terminal 3 receives the data packet S2, the key terminal 3 measures the received signal strength of the data packet S2.

The determination unit 21 determines whether or not the key terminal 3 is located in the specified position or the specified area of the first vehicle 2a from the received signal strength of the data packet S2. For the position determination, for example, if the data packet S2 is transmitted / received a plurality of times, a characteristic value may be obtained from a plurality of received signal strengths, and the position determination may be executed based on the characteristic value. For this characteristic value, various parameters such as an average value, a weighted average, an arithmetic average, a synergistic average, and a harmonic mean may be used. Further, the data packet S2 may use a radio wave transmitted at any timing during communication between the key terminal 3 and the communication module 12. Here, since it is assumed that the key terminal 3 is located in the vehicle, the determination unit 21 determines that the key terminal 3 is located in the vehicle of the first vehicle 2a.

When the key terminal 3 has a specified position or a specified area, the setting unit 22 sets an operation target 1 that forms a specified position or a specified area with respect to the key terminal 3 as a communication partner of the key terminal 3. In the case of this example, the setting unit 22 sets the first operation target 1a as the communication partner of the key terminal 3.

Then, when the operation unit 13 of the first operation target 1a is operated, the authentication unit 41 of the first operation target 1a executes the operation of the device 4 if the authentication is completed. For example, if the vehicle 2 which is the first operation target 1a is locked and the vehicle door is operated while the authentication is completed, the vehicle door is unlocked if it is determined that the key terminal 3 is located outside the vehicle. The door. When the door switch of the vehicle door handle is operated while the vehicle 2 is in the unlocked state, the vehicle door is locked if it is determined that the key terminal 3 is located outside the vehicle. Further, when the engine switch of the driver's seat is operated under the authentication completed state, if it is determined that the key terminal 3 is located in the vehicle, the vehicle power supply is changed.

Here, for example, when the authentication unit 41 of the first operation target 1a and the key terminal 3 shift to the authentication completed state, the key is also applied to the second operation target 1b existing near the first operation target 1a. It is assumed that the terminal 3 has moved to the authentication completed state. At this time, the radio wave transmitted from the second operation target 1b also reaches the key terminal 3, which leads to an unauthorized operation of the second operation target 1b, so that some measures are required.

In step 304, the authentication unit 9 of the second operation target 1b takes an operation of transmitting a predetermined request radio wave Sreq. The predetermined request radio wave Sreq includes, for example, advertisement, response notification to a connection request, key information authentication establishment notification which is an authentication result of key information Dk, and a data packet for position monitoring.

In step 305, when the key terminal 3 receives the predetermined request radio wave Sreq from the communication module 12 of the second operation target 1b, and the communication partner is set to the first operation target 1a, the predetermined request radio wave Does not respond to Sreq. That is, even if the key terminal 3 receives the predetermined request radio wave Sreq from the second operation target 1b, the key terminal 3 does not take an operation of replying to the request radio wave Sreq. Therefore, even if the second operation target 1b and the key terminal 3 are in a communication connection state, the communication is disconnected after a while. Therefore, since it is not necessary to operate the second operation target 1b with the key terminal 3, it is possible to improve the security against unauthorized use of the second operation target 1b.

According to the authentication system 5 of the above embodiment, the following effects can be obtained in addition to the effects described in the first embodiment.
(7) Even if the key terminal 3 is a multifunctional terminal (high-performance mobile phone or the like), the optimum communication partner of the key terminal 3 can be appropriately set.

(Fourth Embodiment)
Next, a fourth embodiment will be described. The fourth embodiment will also be described only with respect to the parts different from the first to third embodiments.

As shown in FIG. 9, in the case of this example, the setting unit 22 is provided in the operation target 1 (for example, the authentication units 9 and 41). As described above, the embodiment of this example is a specific example in which the setting of the communication partner of the key terminal 3 is executed not by the key terminal 3 but by the operation target 1.

FIG. 10 illustrates an example in which, for example, communication between the first operation target 1a and the key terminal 3 has already been established, and the second operation target 1b starts communication with the key terminal 3 under that state.
In step 401, the first operation target 1a and the key terminal 3 are in a state where communication has been established. The communication established state is, for example, a state in which authentication between the first operation target 1a and the key terminal 3 has been completed and position monitoring communication is being executed (for example, the state of step 106 and step 303). At this time, the setting unit 22 of the first operation target 1a (authentication units 9, 41) recognizes that the communication partner of the key terminal 3 is itself because the communication with the key terminal 3 is established.

In step 402, the authentication unit 9 of the second operation target 1b takes an operation of transmitting a predetermined request radio wave Sreq. When the key terminal 3 is a FOB key, the predetermined request radio wave Sreq is a radio wave including, for example, a wake signal, a communication module ID, a challenge code, and the like. Further, when the key terminal 3 is a multifunctional terminal, the predetermined request radio wave Sreq includes, for example, advertisement, response notification to a connection request, key information authentication establishment notification, data packet for position monitoring, and the like.

In step 403, when the key terminal 3 receives the request radio wave Sreq from the second operation target 1b, the key terminal 3 notifies the reception status notification Su of the currently received radio wave of the first operation target 1a and the second operation target 1b. Send to both sides. The reception status notification Su of this example includes a notification that radio waves are being received from both the first operation target 1a and the second operation target 1b.

In step 403, when the first operation target 1a receives the reception status notification Su from the key terminal 3, the first operation target 1a determines the communication partner by its own setting unit 22. At this time, the setting unit 22 of the first operation target 1a takes a state in which the key terminal 3 communicates with both the first operation target 1a and the second operation target 1b from the reception status notification Su received from the key terminal 3. Recognize. However, in the case of this example, since the setting unit 22 of the first operation target 1a recognizes that communication with the key terminal 3 has already been established, it is assumed that there is no problem with itself, and the first operation target 1a is used as a key. Maintain as a communication partner of terminal 3.

In step 404, when the second operation target 1b receives the reception status notification Su from the key terminal 3, the second operation target 1b determines the communication partner by its own setting unit 22. At this time, the setting unit 22 of the first operation target 1a takes a state in which the key terminal 3 communicates with both the first operation target 1a and the second operation target 1b from the reception status notification Su received from the key terminal 3. Recognize. In the case of this example, the setting unit 22 of the second operation target 1b indicates that the key terminal 3 and the second operation target 1b have not been established for communication, and the key terminal 3 is communicating with the first operation target 1a. Since it is recognized, the second operation target 1b is not set as the communication partner of the key terminal 3.

Therefore, when the communication partner of the key terminal 3 is set as the first operation target 1a, the communication between the second operation target 1b and the key terminal 3 does not shift to establishment. Therefore, since it is not necessary to operate the second operation target 1b with the key terminal 3, it is possible to improve the security against unauthorized use of the second operation target 1b.

According to the authentication system 5 of the above embodiment, in addition to the effects described in the first to third embodiments, the following effects can be obtained.
(8) The communication partner can be set in the operation target 1 instead of the key terminal 3. Therefore, since it is not necessary to provide this kind of setting function in the key terminal 3, the processing load of the key terminal 3 can be reduced.

In addition, this embodiment can be changed and carried out as follows. The present embodiment and the following modified examples can be implemented in combination with each other within a technically consistent range.
-In each embodiment, when the key terminal 3 receives a radio wave from an operation target 1 that is not a communication partner, the setting unit 22 may transmit a communication disapproval notification to the operation target 1 from the key terminal 3. good. When the operation target 1 that is not a communication partner receives the communication disapproval notification, the operation target 1 forcibly terminates the communication. According to this configuration, for example, when a third party is trying to illegally operate another operation target 1, a communication disapproval notification is sent from the key terminal 3 to the operation target 1 to prevent the communication from being established. Will be notified directly. Therefore, it is more advantageous to suppress the illegal establishment of communication.

-In each embodiment, when there are a plurality of candidates for communication partners of the key terminal 3, the setting unit 22 may set 1 or a plurality of operation targets 1 that satisfy the specified conditions to be communication partners as communication partners. good. The specified condition is, for example, that the received signal strength of the radio wave to be communicated is equal to or higher than the specified value. According to this configuration, it is not necessary to limit the set of the operation target 1 and the key terminal 3 to one, which contributes to the improvement of the versatility of the system.

-In each embodiment, the communication modules 12 and 42 are not limited to one provided in the operation target 1, and a plurality of communication modules 12 and 42 may be provided. In this case, the position is determined by each of the communication modules 12 and 42 and the key terminal 3, and the positional relationship between them is comprehensively determined to determine the position of the key terminal 3 with respect to the operation target 1. In this case, the position of the key terminal 3 can be accurately determined.

-In the first embodiment, when monitoring whether the determination result is maintained, for example, the vehicle 2 performs the position determination process, and the determination result is transmitted from the vehicle 2 to the key terminal 3, and the specified position or the specified position or the specified. The key terminal 3 may be made to know whether or not the key terminal 3 is located in the area.

-In the second embodiment, the vehicle 2 may be a sharing car shared by a plurality of people. In this case, the application 37 makes the vehicle 2 usable as a sharing car, for example.

-In the third embodiment, the authentication does not impose the authentication of the key information Dk, and may be configured only by the authentication by the session key, for example.
-In each embodiment, the position determination is not limited to using the same hardware configuration as the authentication, and for example, a hardware configuration different from the authentication may be used. An example of this is a method using UWB communication.

-In each embodiment, the determination unit 21 and the setting unit 22 are not limited to those that perform software processing for all the processing executed by themselves. For example, the determination unit 21 and the setting unit 22 may include a dedicated hardware circuit (for example, an integrated circuit for a specific application: ASIC) that performs hardware processing for at least a part of the processing executed by itself. That is, the determination unit 21 and the setting unit 22 are [1] one or more processors that operate according to a computer program (software), and [2] one or more dedicated hardware that executes at least a part of various processes. It can be configured as a circuitry including a wear circuit or [3] a combination thereof. The processor includes a CPU and a memory such as a RAM and a ROM, and the memory stores a program code or a command configured to cause the CPU to execute a process. Memory or computer readable media includes any available medium accessible by a general purpose or dedicated computer.

-In each embodiment, the determination unit 21 and the setting unit 22 can be provided in various microcomputers, processors, ECUs, and the like other than those described in the examples.
-In each embodiment, the operation target 1 is not limited to the vehicle 2. The operation target 1 may have a function of communicating with the key terminal 3 and performing authentication, and the device 4 may be operated by the authentication via the communication.

• In each embodiment, the present disclosure has been described in accordance with the examples, but it is understood that the present disclosure is not limited to the examples and structures. The present disclosure also includes various variations and variations within a uniform range. In addition, various combinations and forms, as well as other combinations and forms that include only one element, more, or less, are within the scope and scope of the present disclosure.

1 ... Operation target, 3 ... Key terminal, 4 ... Device, 12 ... Communication module, 21 ... Judgment unit, 21a ... First judgment unit, 21b ... Second judgment unit, 22 ... Setting unit, 42 ... Communication module.

Claims (8)

An authentication system that wirelessly communicates a key terminal with a communication module to be operated to authenticate the key terminal and operates the device to be operated based on the authentication result.
A determination unit that determines the positional relationship between the operation target and the key terminal by communication between the key terminal capable of operating a plurality of the operation targets and the operation target.
When the key terminal receives radio waves from the communication module of the operation target, the operation target based on the determination result of the determination unit is set as the communication partner of the key terminal among the plurality of operation targets. An authentication system with a setting unit to set. The authentication system according to claim 1, wherein the determination unit determines the positional relationship via communication between the communication module to be operated and the key terminal. The determination unit determines whether or not the key terminal exists in the specified position or the specified area with respect to the operation target, and determines whether or not the key terminal exists in the specified position or the specified area.
In the setting unit, when the key terminal exists in the specified position or the specified area of the operation target, even if the key terminal receives a radio wave from the communication module of another operation target, the key terminal is different. The authentication system according to claim 1 or 2, which prevents communication with the communication module to be operated. The setting unit is any one of claims 1 to 3 for preventing the key terminal from executing a response to the operation target when the key terminal receives a radio wave from the operation target that is not a communication partner. The authentication system described in. The setting unit is any one of claims 1 to 3 for transmitting a communication disapproval notification from the key terminal to the operation target when the key terminal receives a radio wave from the operation target that is not a communication partner. The authentication system described in the section. The setting unit is any one of claims 1 to 5 in which when there are a plurality of candidates for communication partners of the key terminal, only one operation target determined to have the highest priority is set as the communication partner. The authentication system described in. When there are a plurality of candidates for communication partners of the key terminal, the setting unit may be either one that satisfies a predetermined condition to be a communication partner or one of claims 1 to 5 that sets the plurality of operation targets as communication partners. The authentication system described in one paragraph. It is an authentication method of an authentication system that wirelessly communicates a key terminal with a communication module to be operated to authenticate the key terminal and operates the device to be operated based on the authentication result.
By communicating between the key terminal capable of operating a plurality of the operation targets and the operation target, the positional relationship between the operation target and the key terminal is determined.
When the key terminal receives radio waves from the communication module of the operation target, the operation target based on the determination result of the positional relationship among the plurality of operation targets is set as the communication partner of the key terminal. To set,
An authentication method to be executed by the authentication system.

Images