WO2018211815A1 - 暗号鍵の処理を行う車両用システム及び電子制御装置 - Google Patents

暗号鍵の処理を行う車両用システム及び電子制御装置 Download PDF

Info

Publication number
WO2018211815A1
WO2018211815A1 PCT/JP2018/011269 JP2018011269W WO2018211815A1 WO 2018211815 A1 WO2018211815 A1 WO 2018211815A1 JP 2018011269 W JP2018011269 W JP 2018011269W WO 2018211815 A1 WO2018211815 A1 WO 2018211815A1
Authority
WO
WIPO (PCT)
Prior art keywords
encryption key
electronic control
key
unit
control device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2018/011269
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
康治 菅野
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Denso Corp
Original Assignee
Denso Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Denso Corp filed Critical Denso Corp
Priority to EP18802621.5A priority Critical patent/EP3627756B1/en
Publication of WO2018211815A1 publication Critical patent/WO2018211815A1/ja
Priority to US16/663,225 priority patent/US11374747B2/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • This disclosure relates to processing of encryption keys for ensuring security, and mainly relates to processing of encryption keys used by electronic control devices that constitute a vehicle system.
  • a communication device installed in an automobile transmits and receives various information via a network.
  • technology to collect and analyze vehicle conditions and road conditions acquired by in-vehicle sensors via a network, and autonomous driving vehicles that control traveling by sending and receiving commands via the network Development has become active.
  • Patent Document 1 discloses a vehicle using a key management system that includes a management device mounted on a vehicle and a key management server device that is managed by a vehicle manufacturer and performs wireless communication with the management device on the vehicle side.
  • a technology for improving the security of an automobile by generating and managing an encryption key used in the system and periodically updating the encryption key is disclosed.
  • Automobiles are products that have a fostering second-hand market compared to home appliances, and it is not uncommon for owners to change. In addition, car users may frequently change in a short period of time, such as car rental and car sharing. However, if a malicious car owner or temporary user analyzes the vehicle's ECU and obtains an encryption key that is used to ensure message integrity and protect data, the next owner Alternatively, it is possible that the vehicle used by the user is illegally accessed by a malicious owner or the like and the ECU is illegally operated by inserting an illegal message.
  • This disclosure is intended to realize a vehicle system that ensures security by changing an encryption key used in an automobile to a new encryption key when the owner of the vehicle is changed.
  • the vehicle system includes a first electronic control device that manages an encryption key and a second electronic control device that uses the encryption key.
  • the first electronic control device includes a key generation unit that generates an encryption key when the owner of the vehicle including the first and second electronic control devices is changed, and an encryption key for the second electronic control device.
  • the second electronic control device includes a key holding unit that stores a first encryption key that is an encryption key in use, and a key reception unit that receives a second encryption key that is an encryption key output from the key distribution unit And a key update unit that updates the first encryption key stored in the key holding unit to the second encryption key.
  • the electronic control device can communicate with another device using the encryption key stored in the storage unit, and the owner of the vehicle including the electronic control device has changed.
  • a key generation unit that generates an encryption key
  • a key distribution unit that outputs the encryption key to another device that updates the encryption key stored in the storage unit when the encryption key is received.
  • the electronic control device can communicate with another device that generates an encryption key when the owner of the vehicle is changed, and uses the encryption key.
  • the electronic control device includes a key holding unit that stores a first encryption key that is an encryption key in use, a key receiving unit that receives a second encryption key from another device, and a first key stored in the key holding unit.
  • a key update unit that updates the first encryption key to the second encryption key.
  • an encryption key generation / updating method is performed in a vehicle system including a first electronic control device that manages an encryption key and a second electronic control device that uses the encryption key. Is called.
  • the encryption key generation / updating method generates the encryption key when the owner of the vehicle including the first and second electronic control devices changes, and the first electronic control Outputting the encryption key from the key distribution unit of the apparatus to the second electronic control unit; receiving the second encryption key that is the encryption key output from the key distribution unit in the second electronic control unit; And updating the first encryption key, which is the encryption key in use stored in the key holding unit of the second electronic control device, to the second encryption key.
  • the encryption key generation method is performed in an electronic control device that can communicate with another device that uses the encryption key stored in the storage unit.
  • the encryption key generation method generates an encryption key when the owner of the vehicle including the electronic control device is changed, and updates the encryption key stored in the storage unit when the encryption key is received. Output an encryption key.
  • the encryption key update method is communicable with another device that generates an encryption key when the owner of the vehicle is changed, and is performed in an electronic control device that uses the encryption key. Is called.
  • the second encryption key is received from another device, and the first encryption key that is being used and stored in the key holding unit is updated to the second encryption key. Including.
  • an encryption key generation / update method an encryption key generation method, or a program for executing an encryption key update method.
  • the encryption key used in the automobile can be changed to a new encryption key to ensure security.
  • FIG. 1 is a block diagram illustrating the configuration of the vehicle system according to the first embodiment.
  • FIG. 2 is a block diagram illustrating the configuration of the owner management device according to the first embodiment.
  • FIG. 3 is a block diagram illustrating the configuration of the key management device according to the first embodiment.
  • FIG. 4 is a block diagram illustrating the configuration of the vehicle control device of the first embodiment.
  • FIG. 5 is a flowchart for explaining the operation of the vehicle system according to the first embodiment.
  • FIG. 6A is a diagram illustrating a use state of an encryption key used by the vehicle control device of the first embodiment.
  • FIG. 6B is a diagram illustrating the use state of the encryption key used by the vehicle control device of the first embodiment.
  • FIG. 6C is a diagram illustrating a usage state of an encryption key used by the vehicle control device of the first embodiment.
  • FIG. 7 is a flowchart for explaining the operation of the vehicle system of the second embodiment.
  • FIG. 1 shows a configuration of a vehicle system 100 according to the first embodiment.
  • the vehicle system 100 of the present disclosure includes an owner management device 200, a key management device 300, and a plurality of vehicle control devices 400.
  • the owner management device 200, the key management device 300, and the vehicle control device 400 are all electronic control devices (ECUs) for the vehicle, and the owner management device 200, the key management device 300, the key management device 300, and the vehicle control.
  • Each of the devices 400 is connected via an in-vehicle network.
  • the owner management device 200 corresponds to the third electronic control device of the present disclosure
  • the key management device 300 corresponds to the first electronic control device of the present disclosure
  • the vehicle control device 400 corresponds to the first electronic control device of the present disclosure. This corresponds to the second electronic control unit.
  • the owner management device 200 is configured as a vehicle system mounted on a vehicle. However, the owner management device 200 is used as a server outside the vehicle so as to perform wired or wireless communication with the key management device 300. You may comprise.
  • the owner management device 200 and the key management device 300 are configured as one electronic control device, the electronic control device having both functions of the owner management device 200 and the key management device 300 is configured as a server outside the vehicle. May be.
  • the vehicle system 100 includes a description of each electronic control unit constituting the vehicle system 100.
  • the first electronic control device, the second electronic control device, and the third electronic control device of the present disclosure need only be separable as functions, regardless of whether or not they are physically separated.
  • the other device in the present disclosure corresponds to another electronic control device viewed from each electronic control device.
  • the expression for vehicles of the present disclosure includes those that are pre-installed in the vehicle, those that are retrofitted to the vehicle, and those that output signals to an electronic control device mounted on the vehicle, for example, A server provided outside the vehicle, an electronic control device used at a dealer, and the like can be included.
  • the owner management device 200 is an electronic control device that manages information related to the vehicle owner, and includes a reception unit 201, a storage unit 202, a control unit 203, and a transmission unit 204, as shown in FIG.
  • the owner management device 200 corresponds to the third electronic control device or the electronic control device of the present disclosure.
  • the receiving unit 201 receives new owner information related to the owner of the vehicle.
  • This owner information may be personal information about the vehicle owner entered via an interface such as a car navigation system installed in the vehicle or by wireless communication, for example, name, address, telephone number, email address, or Includes information such as driving position.
  • the receiving unit 201 inputs the owner information to the control unit 203.
  • the new owner information regarding the owner of the vehicle corresponds to the update information of the present disclosure.
  • the owner described in the present disclosure includes an owner who owns the vehicle and a user who occupies the vehicle temporarily.
  • the information about the owner includes information for identifying the owner, information associated with the owner, such as an attribute of the owner and an identification number.
  • the old information related to the old owner described below includes information associated with the old owner such as the attribute and identification number of the old owner in addition to the information itself specifying the old owner.
  • the storage unit 202 stores the owner information input to the receiving unit 201 in addition to the owner information related to the old owner stored from the beginning. Owner information stored in the storage unit 202 can be written, read, or erased based on an instruction from the control unit 203.
  • the storage unit 202 includes, for example, a nonvolatile memory such as an EEPROM (electrically erasable programmable read-only memory), a flash ROM, or a hard disk.
  • the owner information regarding the old owner stored from the beginning corresponds to the old information of the present disclosure.
  • the control unit 203 reads the owner information related to the old owner stored in the storage unit 202 and compares it with the new owner information. Determine if there is a change in the owner of
  • the control unit 203 determines that the owner of the vehicle has changed, the control unit 203 displays the owner change information indicating the change of the owner. Is input to the transmission unit 204.
  • the control unit 203 further outputs a signal instructing the storage unit 202 to store new owner information.
  • the transmission unit 204 outputs the owner change information to the key management apparatus 300 and notifies the key management apparatus 300 that the owner has changed.
  • the criteria for judging whether or not the vehicle owner has changed can be arbitrarily set. For example, when the changed information is the name of the owner, the control unit 203 may determine that the owner has changed. In addition, the address, telephone number, and e-mail address may be changed even if they are the same owner. However, if two or more of these pieces of information are changed, the control unit 203 informs the owner. It may be determined that there has been a change. However, the criteria as to whether or not the owner has changed is not limited to this example.
  • the key management device 300 is an electronic control device that manages an encryption key used by the vehicle control device 400 to enhance security by ensuring message integrity, data protection, etc. As shown in FIG. A key generation unit 302 and a key distribution unit 303 are provided. The key management device 300 corresponds to the first electronic control device or the electronic control device of the present disclosure.
  • the receiving unit 301 receives, from the transmission unit 204 of the owner management device 200, owner change information indicating that the vehicle owner has changed.
  • the key generating unit 302 When the receiving unit 301 determines that the owner change information has been received, the key generating unit 302 generates, for example, a 128-bit encryption key. Then, the key generation unit 302 outputs the generated encryption key to the vehicle control device 400 via the key distribution unit 303.
  • the expression “in the case of the present disclosure” includes a case where an encryption key is generated as soon as owner change information is received, and a case where an encryption key is generated when other conditions are further satisfied.
  • Vehicle control device 400 is an electronic control device that controls a mechanism including an engine or the like mounted on the vehicle using a program and performs a desired operation. As illustrated in FIG. 4, a key receiving unit 401 and a key holding unit 402 are provided. And a control unit 403. The control unit 403 includes a key switching unit 404 and a key updating unit 405. As shown in FIG. 1, the vehicle control device 400 includes a drive system control device 411 that controls a drive mechanism, a vehicle body system control device 412 that controls opening and closing of a door, and a safety control system control that controls the operation of an airbag and the like. A device 413 and an arbitrary control device are included. The vehicle control device 400 corresponds to the second electronic control device or the electronic control device of the present disclosure.
  • the key receiving unit 401 receives an encryption key from the key distribution unit 303 of the key management device 300.
  • the received new encryption key is input to the control unit 403.
  • the received new encryption key corresponds to the second encryption key of the present disclosure.
  • the key holding unit 402 stores an encryption key used for encryption and decryption of a program or data that controls a mechanism such as an engine.
  • the key holding unit 402 preferably stores two encryption keys. One of the two encryption keys is the encryption key K1 in use, and the other is not currently used, but is currently in use. Is the encryption key K2 used next to the encryption key K1.
  • the key holding unit 402 includes a nonvolatile memory such as an EEPROM, a flash ROM, and a hard disk.
  • the encryption key K1 corresponds to the first encryption key of the present disclosure
  • the encryption key K2 corresponds to the third encryption key of the present disclosure.
  • the initial encryption key K1 and encryption key K2 stored in the key holding unit 402 of the vehicle that is a new vehicle are written in a vehicle manufacturing factory, an ECU manufacturing factory, or the like before being shipped from the factory.
  • the key switching unit 404 of the control unit 403 determines that the key receiving unit 401 has received a new encryption key, the key switching unit 404 changes the encryption key to be used from the encryption key K1 that is in use to the encryption key K2. Perform the switching process.
  • the expression “in the case of the present disclosure” includes a case of performing a process of switching the encryption key immediately after receiving the second encryption key, and a case of performing a process of switching the encryption key after a predetermined time has elapsed.
  • the key update unit 405 of the control unit 403 further rewrites the encryption key K1 stored in the key storage unit 402 with a new encryption key K3 input from the key reception unit 401, and stores it in the key storage unit 402. Update the encryption key.
  • the key holding unit 402 may store only one encryption key K1.
  • the encryption key to be used is switched from the encryption key K1 to the encryption key K3, and then stored in the key holding unit 402.
  • the encryption key to be updated is updated from K1 to K3.
  • the key update unit 405 can update the encryption key at an arbitrary timing. However, it is necessary to reliably rewrite the storage area accompanying the update of the encryption key. When rewriting is performed while the vehicle is running, for example, the ignition may be turned off by the owner during the rewriting process. Therefore, there is a possibility that a rewrite error occurs when the encryption key is rewritten from K1 to K3 and updated. In view of the above, it is desirable to update the encryption key while the operation of the key holding unit 402 is more stable, for example, when the ignition of the vehicle is turned on.
  • the case where the ignition of the present disclosure is turned on from off includes the case where the ignition is turned on in a gasoline vehicle and the case where the power switch of an electric vehicle or a hybrid vehicle is turned on.
  • FIG. 5 is a flowchart showing a series of operations performed in the vehicle system 100 from when new owner information is input until the encryption key is updated.
  • FIGS. 6A, 6B, and 6C are vehicle control devices. 400 shows the use state of the encryption key stored in 400 and the encryption key to be used. 6A shows the usage status of the encryption key in S101 to S107, FIG. 6B shows the usage status of the encryption key in S108, and C in FIG. 6 shows the usage status of the encryption key in S109.
  • the receiving unit 201 of the owner management apparatus 200 receives the new owner information as update information in S101, and the update information is stored in S102 in S102. 202.
  • the control unit 203 of the owner management device 200 compares the owner information stored in the storage unit 202 with the update information, and determines whether or not the owner of the vehicle has changed. If it is determined that the owner of the vehicle has changed, the owner management device 200 outputs owner change information indicating the change of the owner to the key management device 300.
  • the key generation unit 302 When the key management device 300 receives the owner change information from the owner management device 200 in S104, the key generation unit 302 generates the encryption key K3 in S105. In S ⁇ b> 106, the generated encryption key K ⁇ b> 3 is distributed from the receiving unit 301 to the vehicle control device 400 via the in-vehicle network.
  • the vehicle control apparatus 400 receives the encryption key K3 from the key management apparatus 300 in S107, the currently used encryption key is switched from the encryption key K1 to the encryption key K2 in S108.
  • the vehicle control device 400 uses the encryption key K1 as the encryption key. Then, as shown in FIG. 6B, the encryption key in use becomes the encryption key K2 by the processing of S108.
  • the vehicle control device 400 switches the encryption key from the encryption key K1 to the encryption key K2 in S108, and then updates the encryption key K1 to the encryption key K3 received in S107 in S109 as shown in FIG. 6C.
  • the process shown in FIG. 5 is performed each time new owner information is input. Therefore, when new owner information is input to the interface or the like again, and the owner management device 200 determines that the owner has changed, the key management device 300 newly starts based on the processing shown in FIG.
  • the encryption key K4 is generated, and the encryption key K4 is distributed to the vehicle control device 400.
  • the vehicle control device 400 switches the encryption key to be used from the encryption key K2 to the encryption key K3, and updates the encryption key K2 to the encryption key K4 received from the key management device 300.
  • the owner management device 200 and the key management device 300 are configured as separate electronic control devices. However, the owner management device 200 and the key management device 300 may be configured as one electronic control device having both functions.
  • the owner management device is also called an owner information management device.
  • S104 in FIG. 5 is omitted.
  • the key generation unit When the control unit determines that the owner of the vehicle has changed, the key generation unit generates a new encryption key.
  • the expression “in the case of this disclosure” includes a case where an encryption key is generated as soon as it is determined that the owner has changed, and a case where an encryption key is generated when other conditions are further satisfied.
  • the key holding unit 402 stores only one encryption key K1
  • the encryption key currently used is the encryption key K1 in S108.
  • the encryption key stored in the key holding unit 402 is updated from the encryption key K1 to the encryption key K3.
  • the encryption key used by the vehicle control device can be updated.
  • unauthorized access to the vehicle system by the previous owner, etc. Can be secured.
  • the control part 203 of the owner management apparatus 200 compares the owner information memorize
  • the control unit 203 may determine whether or not the owner has changed using a means other than the comparison.
  • the control unit 203 when the new owner information is input and the receiving unit 201 of the owner management device 200 receives the new owner information as update information, the control unit 203 always changes the owner. You may judge.
  • the control unit 203 may determine that the owner has changed.
  • the case where it initializes may include the case where owner information is erase
  • the encryption key is updated when there is a possibility that the owner of the vehicle may be changed, so that higher security can be ensured.
  • the owner management device 200 when new owner information is input, the owner management device 200 confirms whether or not to update the encryption key to the owner of the vehicle, in other words, confirmation regarding necessity. And update the encryption key only when necessary.
  • control unit 203 of the owner management device 200 in the second embodiment receives the new vehicle owner information input through the interface or the like as the update information, as in the first embodiment, To determine if the person has changed. If the control unit 203 determines in S103 that there is a high possibility that the owner has changed based on the input update information, should the encryption key be updated for the vehicle owner in S201? In order to confirm whether or not, for example, a message such as “Do you want to update the security of the vehicle? (Yes / No)” is displayed on an interface mounted on the vehicle. When the owner of the vehicle selects Yes in S202, control unit 203 outputs owner change information indicating the change of the owner to key management device 300. And the key management apparatus 300 which received owner change information produces
  • the owner management device 200 confirms whether or not the encryption key needs to be updated with respect to the owner of the vehicle, and the owner of the key management device 300 based on the key update instruction.
  • the change information is output.
  • the key management device 300 may confirm whether or not the encryption key needs to be updated with respect to the owner of the vehicle, and may receive a key update instruction.
  • the key management device 300 determines that the owner of the vehicle Displays a message on the interface confirming whether the encryption key needs to be updated.
  • the receiving unit 301 of the key management device 300 receives an instruction to update the encryption key from the owner of the vehicle, the key management device 300 generates the encryption key K3.
  • the encryption key can be manually updated every time the user changes, so the previous It becomes possible to prevent a user from gaining unauthorized access to the vehicle.
  • the key management device 300 when the owner management device 200 determines that the owner of the vehicle has changed, the key management device 300 generates a new encryption key and the vehicle control device 400.
  • the vehicle control device 400 updates the encryption key to be used.
  • the encryption key is not necessarily generated in the vehicle system.
  • the control unit 203 may notify the owner of the vehicle that security update is necessary. . Then, the owner who has received the notice may update the encryption key at the dealer by bringing the vehicle to the dealer.
  • the expression for vehicles of the present disclosure includes those that are pre-installed in the vehicle, those that are retrofitted to the vehicle, and those that output a signal to an electronic control device mounted on the vehicle, for example, A server provided outside the vehicle and an electronic control unit used at a dealer are also included.
  • the vehicle system according to the present disclosure includes a system constituted by an electronic control device mounted on a vehicle, and a system in which a part of the electronic control device of the system is provided outside the vehicle.
  • S105, S106, S107, and S109 correspond to an example of the encryption key generation and update method of the present disclosure.
  • S105 and S106 correspond to an example of the encryption key generation method of the present disclosure.
  • S107 and S109 correspond to an example of the encryption key update method of the present disclosure.
  • the vehicle system and the electronic control device including the owner management device, the key management device, and the vehicle control device in each embodiment of the present disclosure have been described.
  • the operation of the electronic control device in each embodiment has also been described as a method description using a block diagram and a flowchart.
  • a non-transitional tangible recording medium also called a computer-readable non-transitory storage medium
  • a memory such as a RAM, a ROM, a flash memory (hereinafter referred to as a memory)
  • It can also be realized as a combination of a program recorded on a recording medium such as a hard disk and a microcomputer having a dedicated or general-purpose CPU and memory for executing the program.
  • the program can also be provided from a server via a communication line without going through a recording medium.
  • the number of microcomputers may be one or more.
  • the vehicle system and the electronic control device according to the present disclosure are mainly used to ensure the security of an automobile, but the security of a vehicle other than an automobile, for example, a motorcycle, an electrically assisted bicycle, a ship, an aircraft, etc. It may be used for securing. Further, the present disclosure is not limited to these applications.
  • the electronic control device may be able to communicate with another device that uses or generates the encryption key.
  • each step is expressed as S101, for example. Further, each step can be divided into a plurality of sub-steps, while a plurality of steps can be combined into one step.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)
  • Stored Programmes (AREA)
PCT/JP2018/011269 2017-05-16 2018-03-22 暗号鍵の処理を行う車両用システム及び電子制御装置 Ceased WO2018211815A1 (ja)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP18802621.5A EP3627756B1 (en) 2017-05-16 2018-03-22 Vehicular system for processing cipher key and electronic control device
US16/663,225 US11374747B2 (en) 2017-05-16 2019-10-24 Vehicular system for processing encryption key and electronic control device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2017097107A JP6855918B2 (ja) 2017-05-16 2017-05-16 暗号鍵の処理を行う車両用システム及び電子制御装置
JP2017-097107 2017-05-16

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US16/663,225 Continuation US11374747B2 (en) 2017-05-16 2019-10-24 Vehicular system for processing encryption key and electronic control device

Publications (1)

Publication Number Publication Date
WO2018211815A1 true WO2018211815A1 (ja) 2018-11-22

Family

ID=64274237

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2018/011269 Ceased WO2018211815A1 (ja) 2017-05-16 2018-03-22 暗号鍵の処理を行う車両用システム及び電子制御装置

Country Status (4)

Country Link
US (1) US11374747B2 (enExample)
EP (1) EP3627756B1 (enExample)
JP (1) JP6855918B2 (enExample)
WO (1) WO2018211815A1 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162959A (zh) * 2020-01-23 2021-07-23 华为技术有限公司 车载设备的升级方法和装置

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7111074B2 (ja) * 2018-08-10 2022-08-02 株式会社デンソー 車両用マスタ装置、セキュリティアクセス鍵の管理方法、セキュリティアクセス鍵の管理プログラム及び車両用電子制御システム
US11350256B2 (en) * 2019-10-30 2022-05-31 Aeris Communications, Inc. Automated detection of change of ownership of assets
EP4111350B1 (en) * 2020-04-30 2024-12-11 Sensata Technologies, Inc. Secure wireless protocol for wireless sensor networks
JP7380430B2 (ja) 2020-06-01 2023-11-15 トヨタ自動車株式会社 情報処理装置、情報処理方法、およびプログラム
JP7559415B2 (ja) * 2020-08-06 2024-10-02 株式会社リコー 情報処理装置、情報処理方法、情報処理プログラム、情報処理システム
DE102020212772A1 (de) * 2020-10-09 2022-04-14 Robert Bosch Gesellschaft mit beschränkter Haftung Verfahren und Vorrichtung zum Verwalten von kryptografischen Schlüsseln
CN117597688A (zh) * 2021-07-23 2024-02-23 华为技术有限公司 一种密钥验证方法及相关装置
EP4159555B1 (en) 2021-09-29 2024-06-12 Ningbo Geely Automobile Research & Development Co. Ltd. Updating vehicle ownership authorizations

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005341528A (ja) * 2004-04-28 2005-12-08 Denso Corp 通信システム、鍵配信装置、暗号処理装置、盗難防止装置
JP2009182897A (ja) * 2008-01-31 2009-08-13 Sharp Corp データ送信装置、通信システム、データ送信方法、通信プログラム、および該プログラムを記録する記録媒体
JP2013138320A (ja) * 2011-12-28 2013-07-11 Denso Corp 車載システム及び通信方法
WO2016075869A1 (ja) * 2014-11-13 2016-05-19 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ 鍵管理方法、車載ネットワークシステム及び鍵管理装置
JP2016092811A (ja) 2014-10-29 2016-05-23 Kddi株式会社 鍵管理システム、鍵管理サーバ装置、管理装置、車両、鍵管理方法およびコンピュータプログラム

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4682903B2 (ja) 2006-04-06 2011-05-11 株式会社デンソー 車両用リモートサービスシステム
US8578153B2 (en) * 2008-10-28 2013-11-05 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement for provisioning and managing a device
JP2011039712A (ja) * 2009-08-07 2011-02-24 Tokai Rika Co Ltd カーシェアリングシステム
US9464905B2 (en) * 2010-06-25 2016-10-11 Toyota Motor Engineering & Manufacturing North America, Inc. Over-the-air vehicle systems updating and associate security protocols
JP2012070167A (ja) * 2010-09-22 2012-04-05 Tokai Rika Co Ltd 通信装置
JP5703667B2 (ja) * 2010-10-01 2015-04-22 トヨタ自動車株式会社 認証システム及び認証方法
EP2993608A1 (en) * 2014-09-03 2016-03-09 Gemalto Sa A method for changing the ownership of a secure element
JP6183436B2 (ja) 2015-10-08 2017-08-23 住友電気工業株式会社 車載機及び共通鍵の更新の契機を得る方法
US20180012197A1 (en) * 2016-07-07 2018-01-11 NextEv USA, Inc. Battery exchange licensing program based on state of charge of battery pack

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005341528A (ja) * 2004-04-28 2005-12-08 Denso Corp 通信システム、鍵配信装置、暗号処理装置、盗難防止装置
JP2009182897A (ja) * 2008-01-31 2009-08-13 Sharp Corp データ送信装置、通信システム、データ送信方法、通信プログラム、および該プログラムを記録する記録媒体
JP2013138320A (ja) * 2011-12-28 2013-07-11 Denso Corp 車載システム及び通信方法
JP2016092811A (ja) 2014-10-29 2016-05-23 Kddi株式会社 鍵管理システム、鍵管理サーバ装置、管理装置、車両、鍵管理方法およびコンピュータプログラム
WO2016075869A1 (ja) * 2014-11-13 2016-05-19 パナソニック インテレクチュアル プロパティ コーポレーション オブ アメリカ 鍵管理方法、車載ネットワークシステム及び鍵管理装置

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP3627756A4

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162959A (zh) * 2020-01-23 2021-07-23 华为技术有限公司 车载设备的升级方法和装置
CN113162959B (zh) * 2020-01-23 2023-06-30 华为技术有限公司 车载设备的升级方法和装置

Also Published As

Publication number Publication date
US20200059359A1 (en) 2020-02-20
US11374747B2 (en) 2022-06-28
EP3627756A4 (en) 2020-05-20
EP3627756A1 (en) 2020-03-25
JP2018195932A (ja) 2018-12-06
JP6855918B2 (ja) 2021-04-07
EP3627756B1 (en) 2021-12-29

Similar Documents

Publication Publication Date Title
WO2018211815A1 (ja) 暗号鍵の処理を行う車両用システム及び電子制御装置
JP6724717B2 (ja) 車載機器判定システム
CN106056702B (zh) 用于移动电话遥控钥匙管理的系统和方法
WO2020022265A1 (ja) 車両用電子制御システム、プログラム更新の承諾判定方法及びプログラム更新の承諾判定プログラム
US20160378457A1 (en) Program update system and program update method
JP7192415B2 (ja) プログラム更新システム及び更新処理プログラム
CN113645590B (zh) 基于加密算法的远程控制车辆的方法、装置、设备及介质
JP2014182571A (ja) 車載電子制御装置のプログラム書換システム及び車載中継装置
WO2018142751A1 (ja) 制御装置、プログラム更新方法、およびコンピュータプログラム
JP7327242B2 (ja) 車載中継装置、情報処理方法及びプログラム
JP6702269B2 (ja) 制御装置、制御方法、およびコンピュータプログラム
CN112543433B (zh) 车辆操作装置、车辆操作方法以及非易失性存储介质
CN112136106B (zh) 电子控制装置以及存储介质
WO2018230084A1 (ja) 更新制御装置、制御方法、およびコンピュータプログラム
JP2014204315A (ja) 中継装置
JP5790551B2 (ja) 通信システム、中継装置、車外装置及び通信方法
JP2018069870A (ja) 制御装置、制御方法及びコンピュータプログラム
KR20150089697A (ko) 모바일 단말을 이용한 스마트 카 보안 시스템 및 그 방법
JP6274849B2 (ja) 車両制御システム
US10592457B2 (en) Universal transponder interface with a databus docking station
JP5783013B2 (ja) 車載通信システム
JP2017215889A (ja) 制御装置、プログラム更新方法、およびコンピュータプログラム
JP2020088458A (ja) 情報処理装置
JP6107716B2 (ja) 車両制御装置及び車両用パスワード設定方法
JP2009033264A (ja) 車両のデータ通信システム及び車両

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18802621

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2018802621

Country of ref document: EP

Effective date: 20191216