SE545462C2 - Method for performing security functions of a vehicle - Google Patents

Method for performing security functions of a vehicle

Info

Publication number
SE545462C2
SE545462C2 SE1950492A SE1950492A SE545462C2 SE 545462 C2 SE545462 C2 SE 545462C2 SE 1950492 A SE1950492 A SE 1950492A SE 1950492 A SE1950492 A SE 1950492A SE 545462 C2 SE545462 C2 SE 545462C2
Authority
SE
Sweden
Prior art keywords
key
control unit
ecu1
communication node
vehicle
Prior art date
Application number
SE1950492A
Other languages
Swedish (sv)
Other versions
SE1950492A1 (en
Inventor
Hoff Jack Engström
Niklas Wiberg
Original Assignee
Scania CV AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Scania CV AB filed Critical Scania CV AB
Priority to SE1950492A priority Critical patent/SE545462C2/en
Priority to DE102020002293.6A priority patent/DE102020002293A1/en
Publication of SE1950492A1 publication Critical patent/SE1950492A1/en
Publication of SE545462C2 publication Critical patent/SE545462C2/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R16/00Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
    • B60R16/02Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
    • B60R16/023Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements for transmission of signals between vehicle parts or subsystems
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Abstract

A method for performing security functions performed by a control unit adapted to be comprised in a vehicle, the method comprising identifying a plurality of security functions of the control unit used to communicate with a communication node over a communications network, wherein each security function is associated to a unique value, obtaining a public cryptographic key from a communication node using a receiving link, determining a cryptographic object for each of the plurality of security functions, wherein each cryptographic object is generated using the public cryptographic key and the corresponding unique value, performing a security function of the plurality of security functions using the corresponding cryptographic object.

Description

METHOD FOR PERFORMING SECURITY FUNCTIONS OF A VEHICLE TECHNICAL FIELD The present invention relates to a method performed by a control unit adapted to be comprised in a vehicle, in particular to methods configured to perform security functions of the vehicle. The invention further relates to a control unit performing the method, a vehicle comprising the control unit and a system comprising the control unit.
BACKGROUND The technical development for partially or fully autonomous vehicles is progressing rapidly, and fully autonomous vehicles will soon have a place in our everyday life. Such autonomous vehicles collect large amounts of sensor data, communicate with other communication nodes and controls functions of the vehicle, e.g. based on the sensor data and date received in communication with the other communication nodes, such as servers or other vehicles.
One problem with such systems is that any third party with malicious intent, could e.g. potentially tap into the vehicle bus and intercept messages transmitted over the vehicle bus. The messages exchanged and/or data exchanged may be protected with security functions, such as encryption and authentication codes, but if the entropy of cryptographic objects, such as encryption keys, is not sufficiently high, the key could potentially be derived or cracked. False messages could e.g. then be generated and sent on the vehicle data bus using the cracked key, i.e. the third party could effectively take control of the vehicle.
Thus, there is a need for an improved method for performing security functions of a vehicle and maintaining a high level of entropy/randomness of cryptographic objects.
OBJECTS OF THE INVENTION An objective of embodiments of the present invention is to provide a solution which mitigates or solves the drawbacks described above.
SUMMARY OF THE INVENTION The above objective is achieved by the subject matter described herein. Further advantageous implementation forms of the invention are described herein.
According to a first aspect of the invention the objects of the invention are achieved by a method for performing security functions performed by a control unit adapted to be comprised in a vehicle, the method comprising identifying a plurality of security functions of the control unit used to communicate with a communication node over a communications network, wherein each security function is associated to a unique value, obtaining a public cryptographic key from a communication node using a receiving link, determining a cryptographic object for each of the plurality of security functions, wherein each cryptographic object is generated using the public cryptographic key and the corresponding unique value, performing a security function of the plurality of security functions using the corresponding cryptographic object At least one advantage of the first aspect of the invention is to increase forward and backward security of data handling and/or communication by the control unit. ln one embodiment of the first aspect, one identified security function comprises encrypted messaging, wherein the determined cryptographic object comprises a message key and an updated sending chain key generated by performing a symmetric-key ratchet step using a preceding sending chain key, wherein performing encrypted messaging comprises generating an encrypted message using the message key and transmitting the encrypted message to the communication node. ln one embodiment of the first aspect, one identified security function comprises message authentication, wherein the determined cryptographic object comprises a message authentication key, wherein performing message authentication comprises signing or authenticating data using the message authentication key and transmitting a message comprising the data to the communication node.ln one embodiment of the first aspect, one identified security function comprises security access of the control unit, wherein the determined cryptographic object comprises an unlocking key, wherein performing security access comprises verifying a received unlocking key and enable access to the control unit by the communication node.
According to a second aspect of the invention the objects of the invention are achieved by a control unit configured to perform the method according to the first aspect.
According to a third aspect of the invention the objects of the invention is achieved by a vehicle comprising the control unit according to the second aspect.
According to a fourth aspect of the invention the objects of the invention are achieved by a computer program comprising computer-executable instructions for causing a control unit, when the computer-executable instructions are executed on a processing unit comprised in the control unit, to perform any of the method steps according to the first aspect.
According to a fifth aspect of the invention the objects of the invention are achieved by a computer program product comprising a computer-readable storage medium, the computer-readable storage medium having the computer program according to the fourth aspect embodied therein.
According to a sixth aspect of the invention the objects of the invention are achieved by a system for performing security functions of a vehicle, the system comprising a control unit adapted to be comprised in the vehicle and configured to perform the method according to the first aspect. The system further comprises a communication node, a communications network, wherein the control unit is configured to communicate with the communication node using a receiving link and a transmitting link.
The scope of the invention is defined by the claims, which are incorporated into this section by reference. A more complete understanding of embodiments of the invention will be afforded to those skilled in the art, as well as a realization of additional advantages thereof, by a consideration of the following detailed description of one or more embodiments. Reference will be made to the appended sheets of drawings that will first be described briefly.
BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1A and 1B shows examples of systems for performing security functions of a vehicle according to one or more embodiments. Fig. 2 illustrates a key derivation function chain.
Fig. 3 illustrates an example of determining cryptographic objects according to one or more embodiments of the present disclosure.
Fig. 4 shows an example of encrypted messaging according to one or more embodiments of the present disclosure.
Fig. 5 shows an example of message authentication according to one or more embodiments of the present disclosure.
Fig. 6 describes an example of security access of the control unit according to one or more embodiments of the present disclosure.
Fig. 7 shows an example of data encryption according to one or more embodiments of the present disclosure.
Fig. 8 shows a control unit according to an embodiment of the present disclosure.
Fig. 9 shows a flowchart of a method performed by a control unit according to one or more embodiment of the present disclosure.
A more complete understanding of embodiments of the invention will be afforded to those skilled in the art, as well as a realization of additional advantages thereof, by a consideration of the following detailed description of one or more embodiments. lt should be appreciated that like reference numerals are used to identify like elements illustrated in one or more of the figures.
DETAILED DESCRIPTION An "or" in this description and the corresponding claims is to be understood as a mathematical OR which covers "and" and "or", and is not to be understood as anXOR (exclusive OR). The indefinite article "a" in this disclosure and claims is not limited to "one" and can also be understood as "one or more", i.e., plural. ln the present disclosure, the term "vehicle" signifies a road vehicle, such as a bus, a truck or a car. ln the present disclosure, the term "encrypting" denotes encrypting data using a cryptographic function. ln the present disclosure, the term "cryptographic object" signifies an object used to protect data, such as a message. Examples of cryptographic objects may comprise a message key used for encrypted messaging, a message authentication code used for message authentication, MAC, an unlocking key used for security access or a data used to derive public and private key pair, e.g. used for data encryption. ln the present disclosure the term "control unit" denotes an entity comprising at least processing circuitry and a memory. ln one example, control unit may be any of a central control unit and/or multiple control units configured to cooperate with each- other. ln the present disclosure, the term "indicative of" denotes data having a value that identifies a value of a data parameter or data variable. lndicative of may denote that the data represents the value of a data parameter or data variable directly, e.g. represents the value in binary format. The term "indicative of" may further denote comprising a key, index or indicia allowing identification of the value of the data parameter or the data variable in a data structure, such as a table or database. The term "indicative of" may further denote comprising the necessary data components for determining or calculating the value of the data parameter or the data variable, e.g. using a predetermined function, e.g. calculating a vector from x, y and z components. ln one example, the term "sensor output data indicative of time" denotes that the sensor output data is a representation of time.
Fig. 1A shows an example of a system 140 for performing security functions of a vehicle 100 according to one or more embodiments of the present disclosure. The system 140 comprises a vehicle 100 and a control unit ECU1 adapted to be comprised in the vehicle 100. The control unit ECU1 is configured to perform security functions of the vehicle, e.g. encrypted messaging, message authentication/l\/lessageAuthentication Code generation, security access of the ECU1 and/or data encryption of the ECU The control unit ECU1 is further configured to communicate with a communication node CN using a receiving link 110 and a transmitting link 120. The receiving link 110 is typically encrypted using a receiving key CKR derived in a receiving chain or key derivation function chain. ln a similar manner, the transmitting link 120 is typically encrypted using a transmitting key CKS derived in a transmitting chain or key derivation function chain. Key derivation function chains are further described in relation to Fig.
The communication node CN may e.g. be another electronic control unit, ECU, comprised in the vehicle 100, an ECU comprised or arranged in another vehicle or a link 110 is a ECU1 and the communication node CN and is configured to provide protected and/or messages server located externally to the vehicle 100. The receiving communications link established between the control unit from the communication node CN to the control unit ECU1. The transmitting link 120 is a communications link established between the control unit ECU1 and the communication node CN and is configured to provide protected and/or messages from the control unit ECU1 to the communication node CN. ln the example shown in Fig. 1A, the communication node CN is another ECU comprised in the vehicle 100 and the control unit ECU1 and the communication node CN communicate over communications network 130 in the form of an internal vehicle network, such as a Controller Area Network, CAN, bus or a bus compliant to the standard lSO Fig. 1B shows a further example of a system 140 for performing security functions of a vehicle 100 according to one or more embodiments of the present disclosure. ln the example shown in Fig. 1B, the communication node CN may be any of a ECU comprised or arranged in another vehicle or a server located externally to the vehicle 100 and the control unit ECU1 and the communication node CN communicate over a communications network 130 in the form of a wireless network, such as a WiFi, 2G, 3G, 4G or 5G cellular network.
Fig. 2 illustrates a key derivation function chain. The present disclosure uses key derivation function chains to derive new cryptographic objects, shown in Fig. 2 as KeyouT, C01, C02, ._ function, KDF, to derive cryptographic objects, e.g. in the form of an updated key C0ivi. The KDF is a cryptographic function that takes a secret, such as the key KeyiN, and/or the _, C0ivi. The key derivation function chain uses a key derivation KeyouT and/or additional cryptographic objects C01, C02, additional input data lData1, lData2, lDataN shown in Fig. 2, and returns output data, such as the cryptographic objects e.g. KeyouT, C01, C02, C0ivi shown in Fig. 2. The updated key KeyouT as well the cryptographic objects C01, C02, C0ivi are indistinguishable to a third party from random data, provided the key isn"t known. Thus the KDF satisfies the requirements of a cryptographic pseudo random function, PRF. Examples of KDFs are hash-based message authentication code, Hl\/lAC, and Hashed l\/lessage Authentication Code (Hl\/IAC)-based key derivation function, HKDF. ln the present disclosure, both the control unit ECU1 and the communication node CN each maintain or store keys for three separate key derivation function chains, namely a root chain, the sending chain used at least for generating keys used for the transmitting link 120, and the receiving chain used at least for generating keys used for the receiving link Fig. 3 illustrates an example of determining cryptographic objects according to one or more embodiments of the present disclosure. The control unit ECU1 typically uses a plurality of security functions, where each security function is associated to a unique value. Examples of such security functions may e.g. be encrypted messaging, message authentication/Message Authentication Code generation, security access of the ECU1 and/or data encryption of the ECU1. The control unit ECU1, as well as the communication node CN maintains a root chain, a receiving chain and a sending chain, as further described in relation to Fig. 2. An initial, latest determined or latest generated cryptographic key of each chain is kept stored in memory of control unit ECU1 and/or the communication node CN.
The present disclosure provides a method that ensures a high level of security, a high level of randomness or entropy of cryptographic objects, such as cryptographickeys, by updating some or all of the cryptographic objects each time a message is exchanged between the control unit ECU1 and the communication node CN.
The update of cryptographic objects is typically triggered in the control unit ECU1 by reception of a message from the communication node CN via the communications network 130, i.e. via the receiving link 110. The message comprises or is indicative of a public key PubcN. The reception of the message triggers updates of cryptographic objects, e.g. cryptographic keys of the the receiving chain. The reception of a new public key PubcN further triggers updates of keys of the root chain and/or the receiving chain and/or the sending chain. ln the root chain, an update of the root key to RKi is further triggered. A first key derivation function KDF11 generates an updated channel key CKFii for the receiving chain and the updated root key RKi for the root chain using input data. The input data to the first key derivation function KDF11 comprises an initial predetermined root key RKO known to both the control unit ECU1 and the communication node CN and/or the latest determined root key RKi determined by the control unit ECU1 and/or the result of a Diffie-Hellman calculation, e.g. a primitive root modulo calculation, of the received public key PubcN and a current private key of the control unit ECU1 Privizcuo. ln the receiving chain, a fourth key derivation function KDF22 generates a further updated channel key CKRz for the receiving chain and updated cryptographic objects C01, C02, C03. The updated cryptographic objects C01, C02, C03 may e.g. comprise a message key used for encrypted messaging over the receiving link 110, a message authentication code used for message authentication, l\/IAC, an unlocking key or data used to derive a public and private key pair, e.g. used for data encryption.
This updating step is referred to herein as a symmetric-key ratchet step. 0ptionally, in the root chain, a further update of the root key to RKz is further triggered. A third key derivation function KDF12 generates an updated channel key CKSi for the sending chain and the updated root key RKg for the root chain using input data. The input data to the third key derivation function KDF12 comprises the latest determined root key RKi determined by the control unit ECU1 and/or the result of a Diffie-Hellman of the received public key PubcN and a newly generated private key of the control unit ECU1 Privecui. 0ptionally, further in the sending chain, a second key derivation function KDF21 generates a further updated channel key CKS2 for the sending chain and updated cryptographic objects C04, C05, C06. The updated cryptographic objects C04, C05, C06 may e.g. comprise a message key used for encrypted messaging over the 120, authentication, MAC, a unlocking key used for security access of the control unit transmitting link a message authentication code used for message ECU1 or data used to derive a public and private key pair, e.g. used for data encryption. This updating step is referred to herein as a symmetric-key ratchet step. ln other words, the present disclosure provides update of a plurality of cryptographic objects, e.g. by performing a symmetric-key ratchet step combined with Diffie- Hellman ratchet in a solution adapted to vehicles and inspired by the double ratchet method, further described in https:flsidnal.ord/docs/specifications/doubieratchett by Perrin and l\/larlinspike. This includes encrypting every message sent or received with a unique message key. The sending and receiving chains thereby ensures that each message is encrypted with a unique key that can be deleted after encryption or decryption. Determination of the next chain key and message key from a given chain key is performed in a ratchet step. ln a first example, a received message from the CN includes a new public key of the CN. This triggers an update/"ratchet" of the root key of the root chain. This further triggers an update/"ratchet" of the receive key CKRz of the receiving chain simultaneously with determination of further cryptographic objects C01, C02, C03. Before a new message is to be sent by the ECU1 to the CN, an update/"ratchet" of the root key RKi of the root chain is triggered. This in turn triggers the update/"ratchet" of the sending key of the sending chain. ln other words the key CKS is updated for each sent message. ln a second example, a received message from the CN does not include a new public key of the CN. This only triggers an update/"ratchet" of the receive key of the receiving chain simultaneously with determination of further objects using the currentreceiving key as input and a selection/plurality of the corresponding unique values. This may be repeated for each received consecutive message, not comprising a new public key. ln other words the key CKR is updated for each received message. ln a third example, no new message from the CN is received. No update of keys or "ratchet" of chains are performed. By providing the fourth key derivation function KDF22 with further corresponding unique values, additional cryptographic objects may be determined or generated. ln other words, any of the cryptographic objects C01, C02, ._ chain or the sending chain. _, C0ivi may be generated without updating the root chain, the receiving Fig. 4 shows an example of encrypted messaging according to one or more embodiments of the present disclosure. The control unit ECU1 performs a security function comprising encrypted messaging with the communication node CN via the communications network 130, e.g. an internal vehicle bus such as a CAN bus. At least one of the determined cryptographic objects C01, C02, C0ivi comprises a message key A1 and an updated sending chain key generated by performing a symmetric-key ratchet step using a preceding sending chain key. This step is further described in relation to Fig. 3 and the description of the sending chain. Performing encrypted messaging comprises in this example to generate an encrypted message s using the message key A1 and transmitting the encrypted message to the communication node CN.
Fig. 5 shows an example of message authentication according to one or more embodiments of the present disclosure. The control unit ECU1 performs a security function comprising message authentication with the communication node CN via the communications network 130, e.g. an internal vehicle bus such as a CAN bus. At least one of the determined cryptographic objects C01, C02, C0ivi comprises a message authentication key A2 and an updated sending chain key generated by performing a symmetric-key ratchet step using a preceding sending chain key. This step is further described in relation to Fig. 3 and the description of the sending chain. Performing message authentication comprises, in this example, to generate a message authentication code l\/lAC2 for the message (l\/lAC2, message2) using the message authentication key and transmitting the authenticated message to the communication node CN, e.g. the message2 and the message authentication code |\/|AC Fig. 6 describes an example of security access of the control unit ECU1 according to one or more embodiments of the present disclosure. The control unit ECU1 performs a security function comprising security access upon request by the communication node CN via the communications network 130, e.g. an internal vehicle bus such as a CAN bus. At least one of the determined cryptographic objects C01, C02, C0ivi comprises an unlocking verification key and an updated sending chain key generated by performing a symmetric-key ratchet step using a preceding sending chain key. This step is further described in relation to Fig. 3 and the description of the sending chain.
Performing security access comprises in the example shown in Fig. 6 to receiving a message over the receiving link 110 from the communication node CN comprising a security access request AR. The control unit ECU1 then sends challenge data CNO, such as a cryptographic nonce, over the transmitting link 120. The communication node CN then processes the challenge data CNO using its corresponding identical cryptographic object or unlocking key and generates response data A3 and sends the response data A3 to the control unit ECU1 over the receiving link 110. After receiving the response data A3, the control unit ECU1 processes the challenge data CNO The control unit ECU1 then verifies the received response data A3 by comparing it to using the unlocking verification key and generates verification data A3ver. the verification data A3vef. lf the response data A3 and the verification data A3ver correspond to or are identical to each other, security access to the control unit ECU1 by the communication node CN is granted. ln other words, a challenge-response process is performed using one or more of the determined cryptographical objects.
Fig. 7 shows an example of data encryption according to one or more embodiments of the present disclosure. The control unit ECU1 performs a security function comprising data encryption. At least one of the determined cryptographic objects C01, C02, ._ an updated sending chain key generated by performing a symmetric-key ratchet step _, C0ivi comprises data used to derive a public and private key pair andusing a preceding sending chain key. This step is further described in relation to Fig. 3 and the description of the sending chain. Performing data encryption comprises in this example to receive the received public key PubcN, determine the cryptographic object. E.g to generate data used to derive public and private key pair or used as an encryption key for encrypting data locally by the ECU1, so called "data at rest".
Fig. 8 shows a control unit ECU1 according to an embodiment of the present disclosure. The control unit ECU1 may be in the form of a selection of any of one or more Electronic Control Units, a server, an on-board computer, an digital information display, a stationary computing device, a laptop computer, a tablet computer, a handheld computer, a wrist-worn computer, a smart watch, a PDA, a Smartphone, a smart TV, a telephone, a media player, a game console, a vehicle mounted computer system or a navigation device. The control unit ECU1 may comprise processing circuitry The control unit ECU1 may further comprise a communications interface 804, e.g. a wireless transceiver 804 and/or a wired/wireless communications network adapter, which is configured to send and/or receive data values or parameters as a signal to or from the processing circuitry 812 to or from other control units and/or to or from other communication network nodes or units, e.g. to/from the sensors (not shown) and/or to/from a server. ln an embodiment, the communications interface 804 communicates directly between control units, communication node, sensors and other communication network nodes or via the communications network. The communications interface 804, such as a transceiver, may be configured for wired and/or wireless communication. ln embodiments, the communications interface 804 communicates using wired and/or wireless communication techniques. The wired or wireless communication techniques may comprise any of a CAN bus, Bluetooth, WiFi, GSM, UMTS, LTE or LTE advanced communications network or any other wired or wireless communication network known in the art.
Further, the communications interface 804 may further comprise at least one optional antenna (not shown in figure). The antenna may be coupled to the communications interface 804 and is configured to transmit and/or emit and/or receive a wireless signals in a wireless communication system, e.g. send/receive control signals to/fromthe one or more sensors or any other control unit or sensor. ln one example, the processing circuitry 812 may be any of a selection of processor and/or a central processing unit and/or processor modules and/or multiple processors configured to cooperate with each-other. Further, the control unit ECU1 may further comprise a memory 815. ln embodiments, the one or more memory 815 may comprise a selection of a hard RAIVI, disk drive, a floppy disk drive, a magnetic tape drive, an optical disk drive, a CD or DVD drive (R or RW), or other removable or fixed media drive. The memory 815 may contain instructions executable by the processing circuitry to perform any of the methods and/or method steps described herein. ln one or more embodiments the control unit ECU1 may further comprise an input device 817, configured to receive input or indications from a user and send a user- input signal indicative of the user input or indications to the processing circuitry ln one or more embodiments the control unit ECU1 may further comprise a display 818 configured to receive a display signal indicative of rendered objects, such as text or graphical user input objects, from the processing circuitry 812 and to display the received signal as objects, such as text or graphical user input objects. ln one embodiment the display 818 is integrated with the user input device 817 and is configured to receive a display signal indicative of rendered objects, such as text or graphical user input objects, from the processing circuitry 812 and to display the received signal as objects, such as text or graphical user input objects, and/or configured to receive input or indications from a user and send a user-input signal indicative of the user input or indications to the processing circuitry 812. ln embodiments, the processing circuitry 812 is communicatively coupled to the memory 815 and/or the communications interface 804 and/or the input device 817 and/or the display 818 and/or one or more sensors. The control unit ECU1 may be configured to receive the sensor data directly from a sensor or via the wired and/or wireless communications network. ln a further embodiment, the control unit ECU1 may further comprise and/or be coupled to one or more additional sensors (not shown) configured to receive and/or obtain and/or measure physical properties pertaining to the vehicle 100 and send oneor more sensor signals indicative of the physical properties to the processing circuitry 812, e.g. sensor data indicative of a position of the vehicle. ln one embodiment of the present disclosure, a method for performing security functions is provided and performed by a control unit ECU1 adapted to be comprised in a vehicle 100, the method comprising: obtaining a public cryptographic key (PubCN) from a communication node (CN). The public cryptographic key may be received using a receiving link 110, determining a cryptographic object for a security function, wherein the cryptographic object is generated using the public cryptographic key, and performing a security function using the cryptographic object. ln an embodiment, the method further comprises identifying one or a plurality of security functions of the control unit ECU ln some embodiments of the present disclosure, the control unit ECU1 is performing a plurality of security functions.
Fig. 9 shows a flowchart of a method 900 performed by a control unit according to one or more embodiment of the present disclosure. The method 300 cause security functions to be performed by a control unit ECU1 adapted to be comprised in a vehicle 100, the method comprising: Step 910: identifying a plurality of security functions of the control unit ECU1, e.g. used to communicate with a communication node CN over a communications network 130. Each security function may typically be associated to a unique value. ln one example, the plurality of security functions may be predefined and identified by retrieving the plurality of security functions from memory of the control unit ECU1. ln a further example, a list of at least some of the plurality of security functions is received comprised in a message, e.g. from the communication node CN or any other node communicatively coupled to the communications network 130. Any combination of the disclosed methods for identifying the plurality of security functions may be used. ln a non-limiting example, the security function of encrypted messaging is associated to a first unique constant value, the security function of message authentication/l\/lessage Authentication Code generation is associated to a secondunique constant value, the security function of security access of the ECU1 is associated to a third unique constant value and the security function of data encryption of the ECU1 is associated to a fourth unique constant value.
Step 920: obtaining a public cryptographic key PubcN from a communication node CN using a receiving link The public cryptographic key PubcN is typically obtained by receiving a message from the communication node CN, where the message may comprise an updated public key. A new public key is typically updated in a "ratchet" step, which also triggers an update/ratchet step of the root chain key, the receiving chain key CKR and the sending chain key CKS. Updates of the keys are further described in relation to Fig.
Step 930: determining a cryptographic object for each of the plurality of security functions. Each cryptographic object may typically be generated using the public cryptographic key and the corresponding unique value. ln one example, a message comprising a public key is received by the control unit ECU1 from the communication node CN. The message may further comprise one or more of the corresponding unique values. After detecting that the public key of the communication node CN is new/updated, updates of the root chain and receiving chain is triggered. As further described in relation to Fig. 3, the plurality of cryptographic objects may be generated each time the receiving chain key CKRis updated. The update of the root key of the root chain may e.g. be based on the result of a Diffie-Hellman calculation of the received public key PubCN of the communication node CN and a current private key of the control unit ECU1 PrivEcuo, as further described in relation to Fig. 3. The update of the root key RK further triggers an update of the the receiving chain key CKR and/or the sending chain key CKS. The update of the sending chain key CKS and/or the receiving chain key CKR may further trigger an update of the plurality of cryptographic objects C01, C02, COM.
The updated cryptographic objects C01, C02, ._ message key used for encrypted messaging over the transmitting link 120, a key _, C0ivi may e.g. comprise a used for a message authentication code used for message authentication, l\/lAC, an unlocking key used for security access of the control unit ECU1 or data used to derive a public and private key pair, e.g. used for data encryption. ln example described with reference to Fig. 2, the cryptographic objects are determined/generated simultaneously as an updated channel key, using a current channel key CKS, CKR and input data lData1, lDataN, comprising the corresponding unique values. E.g. one unique value signifying encrypted messaging, a second unique value signifying message authentication, a third unique value signifying security access of the control unit ECU1 and/or a fourth unique value signifying data encryption of data stored by the control unit ECU At least one advantage of this step is to increase security of data handling and/or communication by the control unit ECU1, by providing forward and backward security for the key management between the ECU1 and the CN. Keys used in the root chain and receiving chain are updated at least every time a new public key is received from the communication node CN.
Step 940: performing a security function of the plurality of security functions using the corresponding cryptographic object. ln one example, the control unit ECU1 performs one or more security functions of the vehicle, e.g. encrypted messaging to the communication node CN and/or message authentication/Message Authentication Code generation and/or security access of the ECU1 and/or data encryption of the ECU With reference to Fig. 4, encrypted messaging is performed according to one or more embodiments of the present disclosure. ln this particular example, the control unit ECU1 and the communication node CN are both arranged or located within the vehicle and are communicating via an internal vehicle bus, such as a CAN bus. lt is understood that this particular example is not limiting to the scope of the present disclosure, and the communication node CN may as well be external to the vehicle and the communications network may be any wired or wireless network as further described in relation to Fig. 1A and Fig. 1B. ln one embodiment described in relation to Fig. 4, one identified security function comprises encrypted messaging. At least one of the determined cryptographic objects then comprise a message key A1 and an updated sending chain key CKSzgenerated by performing a symmetric-key ratchet step using a preceding sending chain key CKSi. encrypted message using the message key and transmitting the encrypted message Performing encrypted messaging comprises generating an to the communication node CN.
Additionally or alternatively, in one embodiment with reference to Fig. 5, message authentication is performed. At least one of the identified security functions comprises message authentication. At least one of the determined cryptographic objects then comprises a message authentication key. Performing message authentication then comprises signing or authenticating data (message2) using the message authentication key A2 and optionally further transmitting a message comprising the signed data to the communication node CN.
Additionally or alternatively, in one embodiment with reference to Fig. 6, security access of the control unit ECU1 is performed. At least one of the identified security functions comprises security access of the control unit ECU1. At least one of the determined cryptographic objects then comprises a unlocking verification key _ Performing security access then comprises verifying a challenge response data Aand enable access to the control unit ECU 1 by the communication node CN.
Additionally or alternatively, in one embodiment with reference to Fig. 7, data encryption, e.g. of data stored by the control unit ECU1, is performed. At least one of the identified security functions comprises data encryption. At least one of the determined cryptographic objects then comprises data used to derive a public and private key pair. Optionally the public and private key pair may be determined using or based on the public key of the communication node CN. ln this embodiment, one identified security function comprises data encryption, wherein the determined cryptographic object comprises data used to derive a public and private key pair, wherein performing data encryption comprises encrypting data using the private key of the key pair. ln one embodiment, a control unit ECU1 configured to perform any of the method steps described herein is provided. ln one embodiment, a vehicle 100 comprising the control unit ECU1 and/or the communication node CN is provided.ln one embodiment, a computer program comprising computer-executable instructions for causing a control unit ECU1, when the computer-executable instructions are executed on a processing unit comprised in the control unit ECU1, to perform any of the method steps described herein. ln one embodiment, a computer program product comprising a computer-readable storage medium, the computer-readable storage medium having the computer program above embodied therein. ln one embodiment, a carrier containing the computer program above, wherein the carrier is one of an electronic signal, optical signal, radio signal, or computer readable storage medium. ln embodiments, the communications network 130 communicate using wired or wireless communication techniques that may include at least one of a Controller Area Network ,CAN, bus network, a Local Area Network (LAN), l\/letropolitan Area Network (l\/IAN), Global System for l\/lobile Network (GSM), Enhanced Data GSM Environment (EDGE), Universal l\/lobile Telecommunications System, Long term evolution, High Speed Downlink Packet Access (HSDPA), Wideband Code Division l\/lultiple Access (W-CDl\/IA), Code Division l\/lultiple Access (CDl\/IA), Time Division l\/lultiple Access (TDl\/IA), Bluetooth®, Zigbee®, Wi-Fi, Voice over lnternet Protocol (VoIP), LTE Advanced, lEEE802.16m, Wirelessl\/IAN-Advanced, Evolved High-Speed Packet Access (HSPA+), 3GPP Long Term Evolution (LTE), l\/lobile Wil\/lAX (IEEE 802.16e), Ultra l\/lobile Broadband (Ul\/IB) (formerly Evolution-Data Optimized (EV-DO) Rev. C), Fast Low-latency Access with Seamless Handoff Orthogonal Frequency Division l\/lultiplexing (Flash-OFDl\/l), High Capacity Spatial Division l\/lultiple Access (iBurst®) and l\/lobile Broadband Wireless Access (l\/IBWA) (IEEE 802.20) systems, High Performance Radio l\/letropolitan Area Network (HlPERlVlAN), Beam-Division l\/lultiple Access (BDl\/IA), World lnteroperability for l\/licrowave Access (Wi-l\/IAX) and ultrasonic communication, etc., but is not limited thereto. l\/loreover, it is realized by the skilled person that the control unit ECU1 may comprise the necessary communication capabilities in the form of e.g., functions, means, units, elements, etc., for performing the present solution. Examples of other such means, units, elements and functions are: processors, memory, buffers, control logic,encoders, decoders, rate matchers, de-rate matchers, mapping units, multipliers, decision units, selecting units, switches, interleavers, de-interleavers, modulators, demodulators, inputs, outputs, antennas, amplifiers, receiver units, transmitter units, DSPs, l\/lSDs, encoder, decoder, power supply units, power feeders, communication interfaces, communication protocols, etc. which are suitably arranged together for performing the present solution.
Especially, the processing circuitry of the present disclosure may comprise one or more instances of processor and/or processing means, processor modules and multiple processors configured to cooperate with each-other, Central Processing Unit (CPU), a processing unit, a processing circuit, a processor, an Application Specific Integrated Circuit (ASIC), a microprocessor, a Field-Programmable Gate Array (FPGA) or other processing logic that may interpret and execute instructions. The expression "processing circuitry" may thus represent a processing circuitry comprising a plurality of processing circuits, such as, e.g., any, some or all of the ones mentioned above. The processing means may further perform data processing functions for inputting, outputting, and processing of data comprising data buffering and device control functions, such as call processing control, user interface control, or the like.
Finally, it should be understood that the invention is not limited to the embodiments described above, but also relates to and incorporates all embodiments within the scope of the appended independent claims.

Claims (14)

Claims
1. A method for performing security functions performed by a control unit (ECU1) adapted to be comprised in a vehicle (100), the method comprising: identifyingm a plurality of security functions of the control unit (ECU1) used to communicate with a communication node (CN) over a communications network (130), wherein each security function is associated to a unique value, obtaining public cryptographic key (PubcN) from a communication node (CN) using a receiving link (110), h: a cryptographic object for each of the plurality of security functions, wherein each cryptographic object is determined using a key derivation function chain, wherein the public cryptographic key and the corresponding unique value are used as input, performingmijjilïjfšgfgšjj; a security function of the plurality of security functions using the corresponding cryptographic object.
2. The method according to claim 1, wherein one identified security function comprises encrypted messaging, wherein the determined cryptographic object comprises a message key and an updated sending chain key generated by performing a symmetric-key ratchet step using a preceding sending chain key, wherein performing encrypted messaging comprises generating an encrypted message using the message key and transmitting the encrypted message to the communication node (CN).
3. The method Tggyaccording to claim 1 or 2, wherein one identified security function comprises message authentication, wherein the determined cryptographic object comprises a message authentication key, wherein performing message authentication comprises signing or authenticating data using the message authentication key and transmitting a message 5 comprising the data to the communication node (CN).
4. The according to any of c|aim 1-3, wherein one identified security function comprises security access of the control unit (ECU1), wherein the determined cryptographic object comprises a unlocking key, 10 wherein performing security access comprises verifying a received challenge response data (A3) and enable access to the control unit (ECU1) by the communication node (CN).
5. The methoduglš according to any of c|aim 1-4, wherein one identified security function comprises data encryption, 15 wherein the determined cryptographic object comprises an encryption key, wherein performing encryption of local data comprises encrypting the data using the key.
6. A control unit (ECU1) configured to perform the methodwsijåšjå according to any of claims 1- 20
7. A vehicle (100) comprising the control unit (ECU1) according to c|aim
8. A computer program comprising computer-executable instructions for causing a control unit (ECU1), when the computer-executable instructions are executed on a processing unit comprised in the control unit (ECU1), to perform any of the method steps according claims 1-
9. A computer program product comprising a computer-readable storage medium, the computer-readable storage medium having the computer program according to claim 8 embodied therein.
10. A system (140) for performing security functions of a vehicle (100), the system 5 comprising: a control unit (ECU1) adapted to be comprised in the vehicle (100) and configured to perform the methodwíš; according to any of claims 1-5, a communication node (CN), a communications network (130), 10 wherein the control unit (ECU1) is configured to communicate with the communication node (CN) using a receiving link (110) and a transmitting link (120).
11.| 11. The according to claim 10, wherein the communications node (CN) is an Electronic Control Unit arranged internally of the vehicle (100). 15
12. The according to claim 10, wherein the communications node (CN) is a computer arranged externally to the vehicle (100).
13. The system according to any of the preceding claims, wherein the communications network (130) is an internal vehicle network.
14. The system according to any of the preceding claims, wherein the 20 communications network (130) is a wireless network. 22
SE1950492A 2019-04-23 2019-04-23 Method for performing security functions of a vehicle SE545462C2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
SE1950492A SE545462C2 (en) 2019-04-23 2019-04-23 Method for performing security functions of a vehicle
DE102020002293.6A DE102020002293A1 (en) 2019-04-23 2020-04-14 Method for performing safety functions of a vehicle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SE1950492A SE545462C2 (en) 2019-04-23 2019-04-23 Method for performing security functions of a vehicle

Publications (2)

Publication Number Publication Date
SE1950492A1 SE1950492A1 (en) 2020-10-24
SE545462C2 true SE545462C2 (en) 2023-09-19

Family

ID=72840088

Family Applications (1)

Application Number Title Priority Date Filing Date
SE1950492A SE545462C2 (en) 2019-04-23 2019-04-23 Method for performing security functions of a vehicle

Country Status (2)

Country Link
DE (1) DE102020002293A1 (en)
SE (1) SE545462C2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220369109A1 (en) * 2021-05-12 2022-11-17 Harman International Industries, Incorporated Secured seamless authentication for bluetooth just works pairing

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110083011A1 (en) * 2009-10-07 2011-04-07 Telcordia Technologies, Inc. Method for a public-key infrastructure for vehicular networks with limited number of infrastructure servers
WO2014047135A2 (en) * 2012-09-18 2014-03-27 Interdigital Patent Holdings, Inc. Generalized cryptographic framework
US20160337326A1 (en) * 2007-09-14 2016-11-17 Security First Corp. Systems and methods for managing cryptographic keys

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160337326A1 (en) * 2007-09-14 2016-11-17 Security First Corp. Systems and methods for managing cryptographic keys
US20110083011A1 (en) * 2009-10-07 2011-04-07 Telcordia Technologies, Inc. Method for a public-key infrastructure for vehicular networks with limited number of infrastructure servers
WO2014047135A2 (en) * 2012-09-18 2014-03-27 Interdigital Patent Holdings, Inc. Generalized cryptographic framework

Also Published As

Publication number Publication date
SE1950492A1 (en) 2020-10-24
DE102020002293A1 (en) 2020-10-29

Similar Documents

Publication Publication Date Title
CN109076487B (en) Method and architecture for secure ranging
US8331567B2 (en) Methods and apparatuses for generating dynamic pairwise master keys using an image
KR100983050B1 (en) System, method and computer program product for authenticating a data agreement between network entities
US10057766B2 (en) Methods and systems for authentication interoperability
CN109413645B (en) Method and device for access authentication
KR101410764B1 (en) Apparatus and method for remotely deleting important information
JP2024500489A (en) Secure access methods and devices
KR20050073573A (en) Secure communications
US20160352605A1 (en) Systems and methods for distance bounding to an authenticated device
US20110093712A1 (en) Communication device supporting pairing
CN108323229B (en) Secure BLE broadcast system for location-based services
JP2022528815A (en) Systems and methods for authenticating the connection between the user device and the vehicle
WO2016003311A1 (en) Device bootstrap to wireless network
US10097352B2 (en) Electronic device and communication method thereof
US9756504B2 (en) Security authentication method, device, and system
US10666624B2 (en) Systems and methods for optimized network layer message processing
CN108011856B (en) Method and device for transmitting data
SE545462C2 (en) Method for performing security functions of a vehicle
CN115868189A (en) Method, vehicle, terminal and system for establishing vehicle safety communication
EP4250791A1 (en) Wifi security authentication method and communication apparatus
JP7410771B2 (en) Authentication system and authentication method
EP3404868A1 (en) Session key negotiation method, device, and system
JP2020032855A (en) Authentication system
JP7176451B2 (en) Wireless communication system and cryptographic key transmission/reception method
JP2022059777A (en) Communication system, communication method, and program