WO2020169652A1 - Procédé pour sécuriser une authentification - Google Patents

Procédé pour sécuriser une authentification Download PDF

Info

Publication number
WO2020169652A1
WO2020169652A1 PCT/EP2020/054329 EP2020054329W WO2020169652A1 WO 2020169652 A1 WO2020169652 A1 WO 2020169652A1 EP 2020054329 W EP2020054329 W EP 2020054329W WO 2020169652 A1 WO2020169652 A1 WO 2020169652A1
Authority
WO
WIPO (PCT)
Prior art keywords
identification transmitter
signal
vehicle
communication module
signal transmission
Prior art date
Application number
PCT/EP2020/054329
Other languages
German (de)
English (en)
Inventor
Stefan Neuhoff
Jan BREER
Original Assignee
Huf Hülsbeck & Fürst Gmbh & Co. Kg
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huf Hülsbeck & Fürst Gmbh & Co. Kg filed Critical Huf Hülsbeck & Fürst Gmbh & Co. Kg
Priority to EP20706681.2A priority Critical patent/EP3927584A1/fr
Publication of WO2020169652A1 publication Critical patent/WO2020169652A1/fr

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/24Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
    • B60R25/246Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user characterised by the challenge triggering
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00365Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks in combination with a wake-up circuit
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00555Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks comprising means to detect or avoid relay attacks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • G07C2009/00793Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means by Hertzian waves
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/60Indexing scheme relating to groups G07C9/00174 - G07C9/00944
    • G07C2209/62Comprising means for indicating the status of the lock

Definitions

  • the present invention relates to a method for securing an authentication of a mobile identification transmitter in a vehicle after the independent
  • the invention also relates to an identification transmitter and a security system for a vehicle according to the respective independent device or system claim. It is known from the prior art that so-called passive access systems are used in vehicles to increase comfort. Such access systems make it possible to trigger the authentication by approaching the vehicle without manual operation of the electronic key, that is to say the identification transmitter (ID transmitter). As a functional extension, such systems can also have the option of starting the engine without the
  • ID transmitter must be actively used for this purpose or must be used on the vehicle. To enable the engine start, it is recognized that the user is in the interior of the vehicle with the identification transmitter. Further names for such or
  • proximity sensors are often used by the vehicle in order to send out a wake-up signal for the ID transmitter when the approach of the user to the vehicle is detected.
  • This wake-up signal causes, provided it is received by the ID transmitter within a specified range of the vehicle - i.e. in the vicinity of the vehicle - to initiate authentication with the ID transmitter.
  • the wake-up signal is transmitted from the vehicle to the ID transmitter via LF (Low Frequency) radio.
  • the ID transmitter can then transmit an authentication signal to the vehicle.
  • This authentication signal is transmitted, for example, via HF (high frequency) radio and can carry information for authentication, such as a code.
  • the object is achieved in particular by a method for securing an authentication of a mobile identification transmitter in an access system of a vehicle, preferably for detecting a manipulation attempt during authentication, specifically z. B. a relay attack or relay station attack.
  • the vehicle is designed as a motor vehicle, in particular as a flybridge vehicle or as an electric vehicle, preferably with a flochvolt electrical system and / or an electric motor. It may also be possible for the vehicle to be designed as a fuel cell vehicle and / or passenger vehicle and / or semi-autonomous or autonomous vehicle.
  • the vehicle advantageously has an access system (in particular a central locking system) and / or a security system (in particular according to the invention) which z. B. by communication with an (in particular according to the invention) identification transmitter (ID transmitter) enables authentication. Depending on the communication and / or the authentication, at least one function of the vehicle can be activated.
  • the function can be a safety-relevant function, such as unlocking the vehicle or enabling an engine start.
  • the security system and / or the access system can also provide the functionality of a passive access system, which initiates the authentication and / or the activation of the function upon detection of the approach of the ID transmitter to the vehicle without active manual actuation of the ID transmitter.
  • a wake-up signal is repeatedly sent out by the security system and / or by the access system of the vehicle, which can be received by the ID transmitter on approach, and then triggers the authentication.
  • the function can also relate to activation of vehicle lighting and / or actuation (opening and / or closing) of a flap (e.g.
  • the vehicle lighting is activated automatically when the approach is detected and / or the flap is operated when a gesture by a user is detected.
  • the following steps are carried out, preferably one after the other in the order specified or in any order, with individual steps also being able to be carried out repeatedly, if necessary:
  • the initiation of the authentication can e.g. B. then be carried out when the security feature corresponds to a predetermined feature (such as a specification), z. B. a maximum distance in a distance determination.
  • a predetermined feature such as a specification
  • z. B. a maximum distance in a distance determination.
  • the authentication can be suppressed when the security feature does not correspond to the specified feature.
  • the security feature and / or the specified feature can accordingly be specific for the presence or absence of a manipulation attempt during authentication.
  • a security feature can be provided for the identification transmitter in order to use it to secure the authentication.
  • a further security mechanism can be provided to significantly reduce the risk of manipulation, which significantly increases the security of the access system.
  • the use of the activation signal to initiate signal transmission can enable flexible use and, in particular, retrofitting of the communication module on the vehicle.
  • the at least one communication module can, for. B. be attached from the outside of the vehicle, and / or be attached to the vehicle later.
  • the respective communication module can accordingly be designed to be retrofittable. It is provided in particular that the initiation of the signal transmission takes place in that the identification transmitter sends an interrogation signal to the communication module as soon as the identification transmitter receives the activation signal from the vehicle.
  • the identification transmitter sends an interrogation signal to the communication module as soon as the identification transmitter receives the activation signal from the vehicle.
  • the communication module can advantageously also receive the activation signal.
  • the receipt of the activation signal then leads to activation for signal transmission in the communication module.
  • the receipt of the query signal by the communication module can trigger the transmission of a response signal to the ID transmitter by the communication module in order to determine the security feature on the basis of this signal transmission.
  • the signal transmission is bidirectional.
  • the signal transmission is initiated by sending a signal, such as an interrogation signal, from the communication module to the identification transmitter.
  • the sending can e.g. B. take place when the communication module receives the activation signal from the vehicle.
  • the identification transmitter can, for. B. carry out the distance determination, for example. By evaluating a signal strength of this signal.
  • the signal transmission can be unidirectional if necessary (i.e. only from the communication module to the ID transmitter)
  • the signal transmission can be a first signal transmission of a query signal from the identification transmitter to the communication module (or vice versa) and, as a reaction to the receipt of the query signal by the communication module (or by the ID transmitter), a second signal transmission of a response signal from the communication module to the identification transmitter ( or vice versa).
  • This exchange of signals enables the distance to be determined as the security feature.
  • a signal transit time and / or (also additionally) the signal strength can be measured.
  • the ID transmitter can, for example, to determine the distance, compare a transmission time of the interrogation signal with a reception time of the response signal in order to obtain information about the distance. This makes it possible to carry out a security check by the ID transmitter, which indicates an attempt at manipulation. So it is e.g. B. in the case of a relay attack or other attacks, it is possible that the signal propagation time and thus the distance determined are increased.
  • the protection by a method according to the invention takes place in parallel to the authentication originally provided on the vehicle by means of a wake-up signal and authentication signal (e.g. via LF and FIF radio) in order to additionally (e.g. via UWB radio) provide a security mechanism.
  • a wake-up signal and authentication signal e.g. via LF and FIF radio
  • UWB radio e.g. via UWB radio
  • the method according to the invention can be provided by a security system according to the invention in the sense of a retrofit solution for the access system.
  • the access system can originally be used without the protection, i. H. especially relay attack detection.
  • an inventive identification transmitter is used as a new ID transmitter (e.g. with UWB technology in addition to the existing LF and HF technology for authentication) in the access system Provide functionality of the protection.
  • the signal transmission is initiated by the communication module when the communication module is activated for the signal transmission, and for this purpose, if necessary, transmits the query signal to the ID transmitter.
  • the signal transmission can enable a distance determination to be carried out on the basis of the signal transmission. For this purpose, specific parameters of the signal transmission can be evaluated for the distance, such as a signal transit time and / or a signal strength. In this way, the security feature can be provided reliably in order to carry out the authentication with higher security.
  • a wake-up signal can be understood to mean that the wake-up signal initiates a “wake-up” of an ID transmitter and / or communication module, e.g. B. each by changing from an energy-saving mode to a normal (ready-to-receive) operating mode.
  • normal operating mode unlike in energy-saving mode, e.g. B. the signal transmission (between ID transmitter and communication module) and especially the reception via UWB be possible. This makes it possible to activate the signal transmission (especially via UWB), which requires higher energy consumption, only when required.
  • Receiving the wake-up signal can be, for. B. can be done via LF and thus energy-saving in energy-saving mode.
  • the identification transmitter as a retrofit identification transmitter replaces an original identification transmitter for the access system, with the access system preferably sending out the activation signal in order to initiate the authentication by the original identification transmitter (in particular directly), with the retrofitting being preferred - Identification transmitter as an additional function to the original identification transmitter, the security feature intended for authentication to be carried out only if the security feature corresponds to a specified feature.
  • the determination of the security feature requires the signal transmission (between the communication module and thus on the vehicle side and the ID transmitter) via a communication type such as UWB, which is not provided for in the original ID transmitter. It is also possible that the vehicle does not originally support this type of communication.
  • the at least one communication module can be attached to the vehicle and used with the ID transmitter according to the invention.
  • the communication module functionally supplements the access system as a retrofit communication module for subsequent attachment to the vehicle (in particular as a fully assembled vehicle), with the access system preferably sending the activation signal (preferably originally only) for the identification transmitter in order to initiate authentication by the identification transmitter (in particular directly), the retrofit communication module preferably using the activation signal as an additional function in order to provide the signal transmission in a retrofittable and / or self-sufficient manner to the access system for determining the security feature, in particular thereby determining the distance between the vehicle and provide identification transmitters as an additional function.
  • the authentication is originally carried out by the ID transmitter without the security feature being determined and evaluated.
  • the communication module can be designed to be self-sufficient, i. H. have no fixed signal connection to the vehicle. It is also conceivable that the respective communication module has its own energy source and is thus not only functionally designed but also self-sufficient with regard to the energy supply to the vehicle.
  • Such an energy source is, for example, a (possibly also rechargeable) battery.
  • the determination of the security feature includes the following step: Determining a (spatial) distance between the identification transmitter and the communication module as the security feature by determining the distance based on the signal transmission,
  • initiation and / or suppression of the authentication is preferably carried out as a function of the security feature that an authentication signal for authentication is only sent to the vehicle, and is otherwise suppressed if the security feature corresponds to a predetermined feature, in particular if the determined distance is less is as a predefined maximum distance, this predefined maximum distance then being the specified feature.
  • the maximum distance is determined, for example, in such a way that an attempt at manipulation can be excluded within the maximum distance.
  • a distance measurement is carried out by means of a time-of-flight analysis and / or by means of an evaluation of the signal strength during the signal transmission. This enables the distance to be reliably determined.
  • the at least one communication module is designed as a module that can be retrofitted to the vehicle and / or a module that is independent of the vehicle, with information being exchanged between the communication module and the vehicle preferably exclusively via the activation signal. In this way, subsequent installation on the vehicle can be significantly simplified. This also makes it possible to retrofit a vehicle in a simple manner with an improved safety standard.
  • the signal transmission and / or the determination of the security feature to increase security can further include the following step:
  • step a) to provide the access system as a passive access system:
  • step a) and / or b) and / or c) is automatically initiated by receiving at least one signal via the signal transmission by the identification transmitter and / or by receiving the wake-up signal by the identification transmitter, in order to carry out the authentication as a function of the Perform security feature.
  • the proximity can be detected, for example, by means of at least one proximity sensor on the vehicle in order to send out the wake-up signal in the event of a positive detection. If the (at least one) communication module is designed to receive the wake-up signal, this has the advantage that the communication module can dispense with an independent proximity detection.
  • an electrical signal via an electrical line from the access system, preferably a proximity sensor of the vehicle, and / or
  • bus signal of a bus system in particular CAN (Controller Area Network) or LIN bus system (LIN stands for Local Interconnect Network), of the vehicle, and / or
  • radio signal preferably LF radio signal
  • the assembly effort may be increased, but in favor of a reliable signal connection.
  • the LIN bus system can be used to advantage if the communication module is installed in the door handle. It can also be possible that for different communication modules at different positions of the vehicle different types of transmission paths (such as via line or radio) for the Activation signal are provided. Furthermore, the activation signal can always be transmitted to the ID transmitter by radio.
  • the signal transmission is carried out as a cryptographically secured and / or encrypted data transmission.
  • An RSA cryptosystem can offer particularly reliable protection against manipulation.
  • B. is used to encrypt and / or sign the data transmitted by means of the signal transmission.
  • the at least one communication module comprises several communication modules, all of the communication modules each receiving the activation signal and, in particular, initiating the signal transmission or being activated for signal transmission, in particular for receiving an interrogation signal, when the activation signal is received, wherein the activation signal is preferably designed as a radio signal which is identical to a wake-up signal for the identification transmitter and is sent out by the vehicle to the identification transmitter to initiate authentication.
  • the communication module it is possible here for the communication module to change from an energy-saving mode to a ready-to-receive mode when the respective communication module receives the activation signal. This change can possibly be limited in time so that the readiness to receive is terminated after a predetermined period of time. The readiness to receive can z. B.
  • a communication unit such as a UWB radio interface.
  • this communication unit can be deactivated in order to reduce energy consumption.
  • the communication unit in the ready-to-receive mode, can be activated in order to receive and / or transmit an interrogation signal, and thus the signal transmission via z. B. to provide UWB with the ID transmitter.
  • the identification transmitter carries out one of the following actions as a function of the security feature, in particular of a comparison with a hole spacing in a distance measurement: Initiation of the authentication by sending an authentication signal over a first communication interface, in particular if the maximum distance is not reached by the measured distance,
  • a relay station attack can be detected.
  • signal transmission to the vehicle can be completely suspended or possibly another signal (such as a modified authentication signal) can be transmitted to the access system, which the possible manipulation attempt (such as the possible relay station attack) z.
  • B. notifies based on a flag of the transmitted telegram.
  • the signal transmission is implemented as a contactless short-range signal transmission, preferably data transmission, preferably as UWB (i.e. ultra-broadband) communication.
  • UWB i.e. ultra-broadband
  • the communication for the transmission of the activation signal or wake-up signal can be implemented as LF communication and thus be provided in a particularly energy-saving manner.
  • the communication for the transmission of the authentication signal is z. B. HF communication.
  • the invention also relates to an identification transmitter (in the form of an electronic key) for authentication in an access system of a vehicle (particularly mobile and therefore portable with regard to the vehicle). It is provided that the identification transmitter has the following components:
  • At least one first (in particular electronic) communication interface for communication with at least one (in particular electronic) authentication interface of the access system in order to carry out the authentication of the identification transmitter in the access system and to initiate activation of a security-relevant vehicle function as a function of the authentication
  • a second (in particular electronic) communication interface for communication with at least one communication module on the vehicle, in order to provide a signal transmission between the communication module and the identification transmitter, and to use the signal transmission to provide a security feature to secure the authentication.
  • the identification transmitter according to the invention thus has the same advantages as have been described in detail with reference to a method according to the invention.
  • the identification transmitter can be suitable to be operated by a method according to the invention.
  • an identification transmitter according to the invention is designed to carry out the signal transmission according to a method according to the invention.
  • the safety-relevant vehicle function is z. B. unlocking the vehicle and / or enabling an engine start and / or opening a flap of the vehicle (such as a front or patch flap).
  • the protection relates in particular to the detection of a manipulation attempt during authentication, such as a relay station attack.
  • the respective communication interface is designed, for example, as at least one radio interface.
  • the identification transmitter can have an energy source in order to operate the components mentioned.
  • the first communication interface can differ from the second communication interface with regard to the (at least one used) communication technology. Operation of the first communication interface preferably requires less energy consumption than operation of the second communication interface.
  • the identification transmitter has an evaluation component (such as a microcontroller) in order to determine the distance to the communication module based on the signal transmission, and preferably to determine the security feature based on a comparison of the determined distance with a maximum limit, and / or in To carry out the authentication of the identification transmitter in the access system as a function of the security feature.
  • an evaluation component such as a microcontroller
  • the first communication interface for authentication is only activated when the security feature corresponds to a specification (for example, the distance falls below a predefined flat spacing).
  • the identification transmitter is designed as a retrofit component to replace an original identification transmitter of the access system, the identification transmitter preferably having an adaptation interface for this purpose in order to be adapted and / or programmed to the access system.
  • the identification transmitter preferably it is necessary for the identification transmitter to be able to transmit predetermined codes for authentication to the access system, which codes can be stored in the identification transmitter as part of the adaptation or programming.
  • the adaptation interface is, for example, a radio or cable interface, preferably a Bluetooth or NFC interface.
  • the identification transmitter has an identification feature for the at least one communication module in order to authenticate itself in addition to authentication with the access system of the vehicle via the signal transmission in the communication module, and / or that the at least one communication module has an identification feature for the identification transmitter in order to authenticate with the identification transmitter, the identification transmitter preferably having at least one further identification feature (such as a code) for authentication with the access system. Since it can be a retrofit system, it makes sense to check the authorization of the ID transmitter or the communication module to carry out the signal transmission to provide the security feature in this way.
  • the identification transmitter has an LF (low frequency) and an HF (high frequency) interface as the at least one first communication interface, and / or a UWB (ultra broadband) as the second communication interface -) Interface, the LF interface for receiving an activation signal from the access system and / or the HF interface for sending an authentication signal to the access system and / or the UWB interface for sending and / or receiving signals via the signal transmission Securing the authentication is trained.
  • the authentication can be provided through the first communication interface and the securing of the authentication can be provided using the second communication interface.
  • the first communication interface is preferably used to communicate with the Vehicle and the second communication interface (preferably exclusively) for communication with the communication module.
  • the invention also relates to a security system, in particular in the form of a retrofit system, for an access system of a vehicle in order to secure an authentication of a mobile identification transmitter in the vehicle, comprising:
  • At least one communication module preferably at least three communication modules, each for arrangement on the vehicle,
  • At least one communication unit of the respective communication module for providing signal transmission to the mobile identification transmitter, at least one activation unit of the respective communication module for receiving an activation signal,
  • the communication unit is preferably designed to provide the signal transmission as a function of the receipt of the activation signal in order to provide a security feature for securing the authentication on the basis of the signal transmission.
  • the communication unit is connected to electronics (such as an electronic circuit arrangement and / or an integrated circuit) of the communication module, the electronics transferring the communication unit to a ready-to-receive state and thus activating it upon receipt of the activation signal. Otherwise, the communication unit can, if necessary, be deactivated and / or switched to an energy-saving mode. Activation of the communication unit can enable signals to be received from the identification transmitter, thus providing the signal transmission and thus enabling the identification transmitter to determine the security feature.
  • the communication unit advantageously has a UWB radio interface.
  • the access system is designed as a passive access system.
  • the security system can be operated according to a method according to the invention and / or has the identification transmitter, which is designed as an identification transmitter according to the invention.
  • the security system according to the invention thus has the same advantages as have been described in detail with reference to a method according to the invention and / or an ID transmitter according to the invention.
  • the communication unit in the security system according to the invention, it is advantageously possible for the communication unit to be designed to provide the signal transmission by changing from an energy-saving mode to a ready-to-receive mode when the activation signal is received, in order to receive an interrogation signal from the identification transmitter, and a response signal in response to send out the identification transmitter in order to provide the security feature for securing the authentication (in particular by the identification transmitter) on the basis of this signal transmission.
  • the security system is designed as a retrofit system for the vehicle in order to subsequently provide the security feature for the access system, with the at least one communication module preferably being designed to be subsequently and / or individually manageable on the vehicle to be installed and operated independently of the access system.
  • the respective communication module can only be connected to the vehicle mechanically and therefore not electrically.
  • the ID transmitter can also be part of the security system if necessary.
  • the respective communication module is designed for short-range radio communication in order to provide the signal transmission only in a short-range area of the vehicle, in particular only when the identification transmitter is a maximum of 2 m or a maximum of 4 m or a maximum of 6 m or a maximum of 10 m from the communication module and / or is removed from the vehicle and / or has a clear line of sight to the communication module.
  • the maximum distance for determining the security feature is a maximum of 2 m or a maximum of 4 m or a maximum of 6 m or a maximum of 10 m.
  • the respective communication module is designed as an ultra-broadband communication module for ultra-broadband communication in order to transmit signals via ultra-broadband radio to provide. This enables a particularly safe and reliable determination of the security feature, e.g. B. by determining the distance.
  • the respective communication module in particular via the respective communication unit, is designed to provide the signal transmission in such a way that the security feature is designed as information about a distance and / or a line of sight between the respective communication module and the identification transmitter , preferably in that upon receipt of an interrogation signal via the communication unit (by the communication module) from the identification transmitter, a response signal (by the communication module) can be transmitted via the communication unit (to the identification transmitter).
  • the signal transmission can be used as bidirectional communication in order to determine the security feature in the identification transmitter.
  • the at least one communication module is arranged in an area of the vehicle immediately adjacent to the surroundings of the vehicle in order to provide a line of sight between the communication module and the identification transmitter (especially during authentication) for signal transmission. In this way, attempts at manipulation can be detected very reliably through the use of the security feature.
  • the at least one communication module is arranged in an area of the vehicle adjacent to the surroundings of the vehicle in order to provide the signal transmission via radio communication (especially during authentication), the radio communication preferably being a direct, obstacle-free radio transmission path between the communication module and requires the identification transmitter. This ensures that signal transmission is only possible via a line of sight.
  • the at least one communication module comprises at least or exactly three communication modules for different positions on the vehicle in order to provide a distance measurement based on the different positions via the signal transmission, preferably via Triangulation. This increases the reliability for establishing communication with the ID transmitter, even for different positions of the ID transmitter.
  • the vehicle is part of the security system, the at least one communication module having at least or exactly three communication modules which are arranged in different of the following positions on the vehicle:
  • a roof preferably a roof rail
  • Figure 1 is a schematic side view of a vehicle with a security system according to the invention
  • Figure 2 is a schematic plan view of a vehicle with an inventive
  • FIG. 3 shows a further schematic plan view of a vehicle with a security system according to the invention
  • FIG. 4 shows a schematic representation of method steps of a method according to the invention.
  • FIGS. 1 to 3 a vehicle 1 with a security system 100 according to the invention is shown in each case.
  • a safety system 100 configured in this way is particularly suitable as a retrofit system in order to provide an additional safety mechanism in the vehicle 1.
  • This security mechanism is used to authenticate a mobile device for an access system 2 of the vehicle 1
  • Security system 100 have at least one communication module 110, which is (in each case) arranged on vehicle 1.
  • a first communication module 1 10a and a second communication module 1 10b are arranged on a roof rail 1 .7, and a third communication module 1 10c in the front area of the vehicle 1.
  • At least one communication unit 1 10.1 of the respective communication module 1 10 is provided for providing a signal transmission D to the mobile identification transmitter 200.
  • the signal transmission D can be a transmission of an interrogation signal D.1 from
  • Identification transmitter 200 to the communication module 1 10 (or to the communication unit 1 10.1) and in response to this, a transmission of a
  • Response signal D.2 from communication module 1 10 (or from communication unit 1 10.1) to identification transmitter 200 is preferably a UWB transmission.
  • the communication unit 1 10.1 In order to enable the signal transmission D, the communication unit 1 10.1 must be activated.
  • the communication unit 1 10.1 In order to enable the signal transmission D, the communication unit 1 10.1 must be activated.
  • at least one activation unit 1 10.2 of the respective communication module 1 10 is provided for receiving an activation signal S.1.
  • the activation signal S.1 can serve to activate the identification transmitter 200 in the same way if the identification transmitter 200 has a first communication interface 210 for receiving the activation signal S.1.
  • a further first communication interface 210 of the identification transmitter 200 can also be provided in order to carry out the authentication on the vehicle 1 by transmitting an authentication signal S.2 to the vehicle 1.
  • the communication unit 1 10.1 can be designed to provide the signal transmission D as a function of the receipt of the activation signal S.1 in order to provide a security feature M for securing the authentication on the basis of the signal transmission D.
  • the communication unit 1 10.1 is designed, for example, to provide the signal transmission D upon receipt of the activation signal S.1 by changing from an energy-saving mode to a ready-to-receive mode in order to receive the query signal D.1 from the identification transmitter 200 and in response thereto send the response signal D.2 to the identification transmitter 200 in order to provide the security feature M for securing the authentication on the basis of this signal transmission D.
  • the change from the energy-saving mode to the ready-to-receive mode is initiated, for example, by the communication module 110 upon receipt of the activation signal S.1 via the activation unit 110.2. Only in the ready-to-receive mode is z. B. UWB communication with the ID transmitter 200 is possible.
  • the identification transmitter 200 can be designed for authentication in the access system 2 of the vehicle 1, and for this purpose have the at least one first communication interface 210 for communication with at least one authentication interface 300 of the access system 2 in order to carry out the authentication of the identification transmitter 200 in the access system 2, and initiate activation of a safety-relevant vehicle function as a function of the authentication.
  • a second communication interface 220 can be provided for communication with the at least one communication module 110 on the vehicle 1 in order to provide the signal transmission D between the communication module 110 and the identification transmitter 200, and based on the signal transmission D.
  • Provide security feature M to secure the authentication.
  • the identification transmitter 200 can have an evaluation component 240 in order to determine the distance to the communication module 110 based on the signal transmission D, and to determine the security feature based on a comparison of the determined distance with a maximum limit, and, depending on the security feature, the authentication of the identification transmitter 200 at the access system 2.
  • the identification transmitter 200 is designed, in particular, as a retrofit component to replace an original identification transmitter of the access system 2, the identification transmitter 200 having an adaptation interface 230 for this purpose in order to be adapted and / or programmed to the access system 2.
  • the identification transmitter 200 can have an LF and an HF interface as the at least one first communication interface 210, and can have a UWB interface (that is to say ultra broadband interface) as the second communication interface 210.
  • the respective communication module 110 can be designed to provide the signal transmission D such that the security feature M is designed as information about a distance A and a line of sight between the respective communication module 110 and the identification transmitter 200.
  • the security feature M is designed as information about a distance A and a line of sight between the respective communication module 110 and the identification transmitter 200.
  • an obstacle 400 is shown, which prevents the line of sight and thus the signal transmission D. In such a case, authentication by the identification transmitter 200 is suppressed.
  • the at least one communication module 110 can be arranged in an area of the vehicle 1 directly adjacent to the surroundings of the vehicle 1 in order to establish a line of sight between the communication module 110 and the identification transmitter during the authentication for the signal transmission D. 200 to be provided.
  • the at least one communication module 110 is arranged in an area of the vehicle 1 adjacent to the surroundings of the vehicle 1 in order to provide the signal transmission D via radio communication during authentication,
  • the radio communication presupposes a direct, obstacle-free radio transmission path between the communication module 110 and the identification transmitter 200.
  • a bumper 1.12 possible locations of the vehicle 1 for the at least one communication module 110 a bumper 1.12, a door handle 1.1, a door sill 1.2, a proximity and / or optical sensor 1.3, an antenna 1.4, a window 1.5, a roof 1.6, preferably a roof rail 1.7, an outside mirror 1.8, a headlight 1.9, a B-pillar 1 .1 1 and a rear light 1.10.
  • the proximity sensor 1.3 can, for. B. be designed as an optical sensor, and if an approach is detected, possibly cause the activation signal S.1 to be transmitted.
  • Another possible arrangement of a proximity sensor 1 .3 is z. B. in a door handle 1.1 or a bumper 1.12.
  • the proximity sensor 1.3 can optionally also be designed as a capacitive sensor.
  • the at least one communication module 1 10 sends the activation signal S.1 as an electrical signal via an electrical line 330 from the access system 2, preferably a proximity sensor 310 of the vehicle 1, and / or as a bus signal from a bus system 320, in particular the CAN or LIN bus system of the vehicle 1 and / or as a radio signal, preferably an LF radio signal, is received by the access system 2 and / or by the identification transmitter 200.
  • a method according to the invention for securing an authentication of a mobile identification transmitter 200 in an access system 2 of a vehicle 1 is schematically visualized in FIG.
  • a signal transmission D between at least one communication module 110 on the vehicle 1 and the identification transmitter 200 is initiated.
  • a security feature M is determined by the identification transmitter 200 based on the signal transmission D.
  • the authentication is initiated and / or suppressed by the identification transmitter 200 as a function of the security feature.
  • the first method step 500a that is to say the initiation of the signal transmission D, as is also shown in FIG. 1: Transmission of the activation signal S.1 from the access system 2 of the vehicle 1, the activation signal S.1 being transmitted by the vehicle 1 as a wake-up signal S.1 by radio,
  • the security feature M is determined, for example, by determining a distance A between the identification transmitter 200 and the communication module 110 (as the security feature M) by determining the distance based on the signal transmission D.
  • a first communication module 1 10a is used to visualize this distance determination shown. The initiation and / or suppression of the authentication can then take place depending on the security feature M that an authentication signal S.2 for authentication is only sent from the ID transmitter to the vehicle 1 if the security feature M corresponds to a predetermined feature , in particular if the determined distance A is less than a predefined surface spacing as the specified feature.

Landscapes

  • Engineering & Computer Science (AREA)
  • Mechanical Engineering (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un procédé pour sécuriser une authentification d'un émetteur d'identification (200) mobile pour un système d'accès (2) d'un véhicule (1), de préférence pour repérer une attaque par relais, les étapes suivantes étant effectuées : a) l'initiation d'une transmission de signal (D) entre au moins un module de communication (110) sur le véhicule (1) et l'émetteur d'identification (200) en fonction d'un signal d'activation (S.1), b) la détermination d'une caractéristique de sécurité (M) par l'émetteur d'identification (200) sur la base de la transmission de signal (D), c) le blocage de l'authentification par l'émetteur d'identification (200) en fonction de la caractéristique de sécurité (M).
PCT/EP2020/054329 2019-02-19 2020-02-19 Procédé pour sécuriser une authentification WO2020169652A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP20706681.2A EP3927584A1 (fr) 2019-02-19 2020-02-19 Procédé pour sécuriser une authentification

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102019104096.5 2019-02-19
DE102019104096.5A DE102019104096A1 (de) 2019-02-19 2019-02-19 Verfahren zur Absicherung einer Authentifizierung

Publications (1)

Publication Number Publication Date
WO2020169652A1 true WO2020169652A1 (fr) 2020-08-27

Family

ID=69650594

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2020/054329 WO2020169652A1 (fr) 2019-02-19 2020-02-19 Procédé pour sécuriser une authentification

Country Status (3)

Country Link
EP (1) EP3927584A1 (fr)
DE (1) DE102019104096A1 (fr)
WO (1) WO2020169652A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000012848A1 (fr) * 1998-09-01 2000-03-09 Leopold Kostal Gmbh & Co. Kg Procede pour effectuer un controle d'autorisation d'acces sans cle, et unite de controle d'autorisation d'acces sans cle
DE102015016552A1 (de) * 2015-12-18 2017-06-22 Bayerische Motoren Werke Aktiengesellschaft Autorisierung der Nutzung eines Kraftfahrzeugs
EP3335942A1 (fr) * 2016-12-14 2018-06-20 Nxp B.V. Système d'accès sécurisé de véhicule, clé, véhicule et procédé associé
EP3396640A1 (fr) * 2017-04-28 2018-10-31 HUF Hülsbeck & Fürst GmbH & Co. KG Émetteur d'identification portable pour un système d'authentification et procédé de fonctionnement d'un système d'authentification

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE4409167C1 (de) * 1994-03-17 1995-06-29 Siemens Ag Schlüssellose Zugangskontrolleinrichtung
DE102006059461A1 (de) * 2006-12-14 2008-06-19 Huf Hülsbeck & Fürst Gmbh & Co. Kg Verfahren zum Starten eines Kraftfahrzeugs und nachrüstbarer Passive-Go-Bausatz zur Durchführung des Verfahrens
US8706350B2 (en) * 2010-12-17 2014-04-22 GM Global Technology Operations LLC Secondary sensing for intelligent passive entry passive start polling
DE112014006819B4 (de) * 2014-10-15 2023-06-29 Continental Automotive Technologies GmbH Verfahren und system zum erkennen von weterleitungs-angriffen für ein passives zugangssystem
DE102017103233B4 (de) * 2017-02-16 2019-12-24 Wekomm Engineering Gmbh Nachrüstsatz für einen herkömmlichen elektronischen Schlüssel zum Verriegeln und Entriegeln eines schlüssellosen Zugangssystems
DE102017215014B4 (de) * 2017-06-23 2019-10-17 Volkswagen Aktiengesellschaft Gegenüber Relais-Station-Attack abgesichertes Aktivieren einer Fahrzeugaktion

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000012848A1 (fr) * 1998-09-01 2000-03-09 Leopold Kostal Gmbh & Co. Kg Procede pour effectuer un controle d'autorisation d'acces sans cle, et unite de controle d'autorisation d'acces sans cle
DE102015016552A1 (de) * 2015-12-18 2017-06-22 Bayerische Motoren Werke Aktiengesellschaft Autorisierung der Nutzung eines Kraftfahrzeugs
EP3335942A1 (fr) * 2016-12-14 2018-06-20 Nxp B.V. Système d'accès sécurisé de véhicule, clé, véhicule et procédé associé
EP3396640A1 (fr) * 2017-04-28 2018-10-31 HUF Hülsbeck & Fürst GmbH & Co. KG Émetteur d'identification portable pour un système d'authentification et procédé de fonctionnement d'un système d'authentification

Also Published As

Publication number Publication date
EP3927584A1 (fr) 2021-12-29
DE102019104096A1 (de) 2020-08-20

Similar Documents

Publication Publication Date Title
DE112014005238B4 (de) Fahrzeugtür-Steuerungsvorrichtung
DE102019212231B4 (de) Verfahren zur Tür- oder Klappenbedienung bei einem Fahrzeug sowie Authentifizierungselement
EP1900579B1 (fr) Agencement d'accès pour un véhicule
DE102011116157B4 (de) Verfahren zum Betreiben einer Berechtigungseinrichtung für schlüssellosen Zugang und Start eines Fahrzeugs
DE102013227204A1 (de) Verbessertes system zum passiven zugang und passivem start für ein kraftfahrzeug
EP3292027B1 (fr) Système de verrouillage avec fonctionnement de secours pour véhicule à moteur
EP2814699B1 (fr) Système de démarrage de véhicule, véhicule équipé d'un système de démarrage et procédé permettant de faire fonctionner un système de démarrage d'un véhicule
WO2012119681A1 (fr) Dispositif émetteur mobile d'un système d'accès d'un véhicule
EP3571676A1 (fr) Système d'authentification d'un véhicule
DE102006042944B4 (de) Verfahren zum Verriegeln eines Fahrzeugs
DE102015223494B4 (de) Intelligentes Zugangssystem
EP3288803B1 (fr) Système d'autorisation d'accès et de conduite présentant une plus grande sécurité contre les attaques par relais, par l'utilisation d'un dispositif de détection de mouvements intégré au moyen d'autorisation
DE102017120524A1 (de) Tragbarer ID-Geber für ein Authentifizierungssystem und Verfahren zum Betreiben eines Authentifizierungssystems
WO2020169654A1 (fr) Système de sécurité pour un véhicule
EP1879774B1 (fr) Systeme de fermeture d'automobile et procede pour permettre l'acces a une automobile au moyen d'un tel systeme
DE10160964B4 (de) Verfahren und Vorrichtung zum Diebstahlschutz von Kraftfahrzeugen
WO2020169652A1 (fr) Procédé pour sécuriser une authentification
EP2125451B1 (fr) Dispositif d'identification mobile d'un systeme de securite
DE102016215022B4 (de) Verfahren zum Betreiben eines Zugangssystems eines Kraftfahrzeugs und Zugangssystem für ein Kraftfahrzeug
DE102010048393B4 (de) Fahrzeugzugangs- und/oder Fahrberechtigungssystem
EP3734559A1 (fr) Système de sécurité pour un véhicule
DE102016008164B4 (de) Vorrichtung zum Schutz eines schlüssellosen Zugangssystems für ein Kraftfahrzeug gegen Relaisangriffe
DE102006038933A1 (de) Fernbediensystem für ein Fahrzeug und ein Garagentor
DE102012016251B4 (de) Verfahren und System zur ferngesteuerten Aktivierung
WO2019197551A1 (fr) Système pour un véhicule

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20706681

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2020706681

Country of ref document: EP

Effective date: 20210920