WO2021174264A1 - Method for remotely activating a remote lock system using cryptography and the remote lock system for implementing the method - Google Patents

Method for remotely activating a remote lock system using cryptography and the remote lock system for implementing the method Download PDF

Info

Publication number
WO2021174264A1
WO2021174264A1 PCT/VN2021/000004 VN2021000004W WO2021174264A1 WO 2021174264 A1 WO2021174264 A1 WO 2021174264A1 VN 2021000004 W VN2021000004 W VN 2021000004W WO 2021174264 A1 WO2021174264 A1 WO 2021174264A1
Authority
WO
WIPO (PCT)
Prior art keywords
lock
key
command
pin
encryption
Prior art date
Application number
PCT/VN2021/000004
Other languages
French (fr)
Inventor
Khuong Tuan NGUYEN
Quang Dung Duong
Original Assignee
Vietnam Onyx Joint Stock Company
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vietnam Onyx Joint Stock Company filed Critical Vietnam Onyx Joint Stock Company
Publication of WO2021174264A1 publication Critical patent/WO2021174264A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2125Just-in-time application of countermeasures, e.g., on-the-fly decryption, just-in-time obfuscation or de-obfuscation
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C2209/00Indexing scheme relating to groups G07C9/00 - G07C9/38
    • G07C2209/08With time considerations, e.g. temporary activation, valid time window or time limitations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the present invention generally relates to a method of remotely activating a lock using a cyptographic with two-way verification mechanism between the key and the lock, and a system for implementing the method.
  • the method and system are applied in technical fields: radio frequency remote locks for various types of doors such as: doors, rolling doors, skylights, gates, windows, sliding doors, etc.; radio frequency remote locks for transportation: cars, electric cars, motorcycles, electric motorcycles, electric bicycles, etc.; remote radio-triggered controllers for electrical equipments in a unfavorable location or in an unallowable environment for controlling directly, for example: a radioactive environment, a biologically contaminated environment; remote radio-triggered controller for: activation devices of which the safety is guaranteed and errors are avoided, for example: mining detonators, etc.; application of theft alarm equipment; application for identification card used to replace the fixed code types; used to replace rolling codes (Microchip KeeLoq).
  • the orders can be: close, open, start, stop, cancel, timer, etc.
  • the method for activating a lock using a cryptographic has been applied for a long time.
  • One of the popular coding systems of this method is rolling code. Published in 1993, it is a highly secure coding system, in which each activation, the algorithm will generate a different and unique code.
  • the rolling code has a security hole that allows bad guys to exploit it, which was announced and demoed by Samy Kamkar - a security expert at the DefCon23 conference in Paris in 2015.
  • a "keying of the car” service is publicly posted on the Internet, but is not checked by the genuine or authorized by state agency. It is shown that the equipment used by the "key maker” uses a type of Keygen to crack the automaker's encryption system, of which the code information can be saved and used for other purposes after that.
  • Fix Code - the code is fixed securely by hard circuit (switch circuit, welding etc.) using specialized ICs such as PT226x/PT227x, etc. or Learning Code - a code system that allows the lock learning the model of the key with a larger number of encryption bits, so the security is also higher.
  • it can be easily copied, or it can be easily attacked to drain the full range of code, due to the fixed nature of the code.
  • SmartKey Some new types of smart keys (SmartKey) encounter a situation: if the lock receives multiple and consecutive commands that activate the wrong password or spam packets, they can result in the halt of the lock, i.e. it is not operating normally, such as the vehicle engine cannot be started. This is known as distributed denial-of-service (DDoS) attack.
  • DDoS distributed denial-of-service
  • the previous key generations all share the same one-way communication mechanism. That is, only a key transmits a cryptography, and a lock receives the cryptography and checks, if the correct code is recorded, the cryptography can be generated from simple to complex various encrypting functions.
  • the method works based on the assumption that only the key paired with the lock can transmit the correct code, without a re-verification mechanism, which is a big security weakness that makes it copyable.
  • commonly used encrypting functions have some unique mathematical properties, such as pseudo-randomness, that are intended to resist statistical attacks, and require functions that are simple enough to integrate into hardware. However, the number of such functions is not much and that is why the used encrypting functions can be traced and reversed.
  • An object of the present invention is directed to prevent behaviour of copying, cracking, and reverting encrypting functions - the basis for uncovering cryptographic, attacking and hacking, and also to prevent time-based cryptographic attacks.
  • the invention provides a method for activating a remote lock system using cryptography including the following steps: Step 1: At the user's command, the key sends a packet containing two parameters: a control command code and a key identifier to the lock to activate the lock .
  • the control command can be any instruction assigned to the conventional keyword with the corresponding value so that its set of values and its set of bit inverse values do not intersect, and the key identifier is defined by the manufacturer using the key.
  • Step 2 Being received the activation packet of the key, if the key identifier in the activation packet sent to the lock does not match the lock identifier stored on the lock or the predeterminded time for receiveing the user’s command has not ended, the lock has no response.
  • a software on chip embedded on the lock outputs any random number unduplicated with that of the previous activations at a preset time.
  • the random number is sent over the wireless protocol to the key.
  • This random number having a minimum length of 24 bits is generated randomly based on epoch-time parameters and a constant denotes the random number space size for a random generator.
  • Step 3 Concurrently with the generation of random number in step 2, the chip integrated on the lock performs encrypting according to the hash function consisting of four parameters: the random number obtained from Step 2; the control command code; the key identifier; and an cryptographic parameter.
  • the cryptographic parameter is calculated according to the hash function constituted by three components: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and a PIN is a series of random numbers automatically generated by the system each time a user requests to set it up.
  • Step 3 the lock generates a lock encryption result which is a lock encryption number.
  • Step 4 If the key receives the random number that the lock generated in step 2 via a wireless protocol, the key will load it into a key processing chip integrated on the key and perform encrypting it according to the hash function formula as mentioned in Step 3, and generate a key encryption result which is a key encryption number. Then the key sends the key encryption result via the wireless protocol to the lock for the predetermined time period.
  • Step 5 In case the lock receives the key encryption result sent by the key, and compares it with the lock encryption result calculated by the lock in step 3. If the two values match with each other, the processing chip on the lock asks the actuator to execute the control command issued by the key, and at the same time adjusts the command receipt time from the key for the next activation of the lock to a minimum predetermined time period.
  • the processing chip on the lock will not execute the control command, simultaneously record it as a fault opening time, and increase the command receipt time from the key for each failure opening time until the predetermined maximum command receipt time of the lock has been reached to prevent exhaust attacks.
  • the lock processing chip on the lock will not execute the control command, simultaneously record it as a fault opening time, and increase the command receipt time from the key for each failure opening time until the predetermined maximum command receipt time of the lock has been reached to prevent exhaust attacks.
  • the system implementing the method of remotely activating a lock using cryptography according to the invention includes:
  • the key includes buttons, each corresponds to a command such as open, close, up, down, etc., one button to set a PIN, a radio transmitter, a radio receiver and a chip containing an embedded software to perform encryption according to the preset formula; electric power.
  • the key can also include a light display, a flashing light(s), MCU.
  • the lock there are a radio transmitter; a radio receiver and a processing chip containing an embedded software to perform encryption and encryption according to pre-set formulas; the instruction execution mechanism from the processing chip; electric power.
  • the lock may include an auxiliary port for connecting a manual open/close button that can be enabled via PIN; a small light display, flashing light(s) or LCD screen for displaying information; loudspeaker or siren; Wifi module connection port to connect with smartphone, auxiliary module.
  • the formula preset in the encryption software embedded in the key coincides with the formula preset in the encryption software embedded in the lock.
  • the key and the lock are synchronized with each other by the cryptographic parameter calculated by a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and a PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up.
  • a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and a PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up.
  • Figure 1 is a flowchart of a method for activating a remote lock system using cryptography according to an embodiment of the present invention.
  • the cryptographic method of activating the remote lock in a two-way protocol between the key and the lock is implemented in the form of radio frequency signals (RF).
  • RF radio frequency signals
  • the method of activating the remote lock using cryptographic of the invention is implemented through two main components, including the key and the lock.
  • buttons on the key each button corresponds to an command such as open, close, up, down, etc.; one button to set a PIN, a radio transmitter, a radio receiver and a key processing chip containing an embedded software to perform encryption according to the preset formula.
  • the pre-installed formula in the embedded software to encrypt the key is identical to the pre-installed formula in the embedded software to encrypt in the lock;
  • the key and the lock are paired and synchronized with each other by the cryptographic parameter (CypherKey) which is calculated by a hash function constituted by three components including : a key identifier defined by the product manufacturer using the key, a parameter defined by the key manufacturer, and a PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up (PIN).
  • the encrypting function used is the SHA function, also known as one-way encryption, so collecting the ciphertexts is not helpful in reversing the parameters used to generate the cyptographic.
  • the cryptographic parameter CypherKey is built from the SHA1 hash function with the above three parameters, with the following formula:
  • - Masterkey is a parameter defined by the key manufacturer
  • - KeylD or SerialNumber is an key identifiers defined by the product manufacturer using the key, such as car manufacturers, rolling door manufacturers, etc. or any other third party manufacturera for management purposes, and is not limited to the length of the number string;
  • the PIN personal id number
  • PIN personal id number
  • the user can optionally reset the PIN by pressing a corresponding button on the key. Meanwhile, the processor on the key will output a random number and send it to the lock for storage and common use. According to the embodiment of the invention, the user indicated an order to set up a PIN without being informed of the PIN.
  • pin_lengh pin_lengh the length of the PIN, can be very long, In a preferred embodiment, the PIN is 112 bytes long, and the user does not need to remember the PIN, so there is no need to store the PIN;
  • the user can archive and save the PIN for other control purposes:
  • the 256-character PIN consists of numbers and letters distinguish upper and lower case; recording of this PIN for archives requires a separate security method for such storage for maximum security, and is not covered by the invention.
  • CypherKey SHA1 (MasterKey, SerialNumber, PIN)
  • the invention is not limited to the hash function formular. Any new functions can be used for a higher degree of security, such as the SHA3 function or the Keccak function with a larger number of bits.
  • the invention is emboded by the following steps:
  • Step 1 According to the user’s command, the key sends a packet to the lock to activate the lock, the command contains two parameters: a command code to be activated (close, open, stop, etc.), also known as the Keyword, and a key identifier, also known as a KeylD or SerialNumber.
  • a command code to be activated close, open, stop, etc.
  • a key identifier also known as a KeylD or SerialNumber.
  • KeylD or SerialNumber is a key identifier, defined by the product manufacturer using the key.
  • the activation packet is represented by the function as follows:
  • the Keyword can be any command assigned to the conventional keyword and its corresponding value, as long as the Keyword is designed so that its set of values ⁇ Keyword ⁇ and the set of bit reversed values does not intersect each other to optimize information processing in Step 2.
  • Table 2 A keyword example as shown in Table 2:
  • Table 2 A keyword example
  • the command code to be transferred may be: ‘ ⁇ 000000G’
  • Step 2 When receiving the activation packet of the key, if the key identifier in the activation packet sent to the lock does not match the lock identifier on the lock or the predeterminded time for receiveing the user’s command has not ended, the lock has no response.
  • a software on chip embedded on the lock If the key identifier in the packet sent to the lock matches the identifier pre-set on the lock, a software on chip embedded on the lock outputs any random number random_token unduplicated with that of the previous activations at a preset time. Random token is sent over the wireless protocol to the key within a predetermined commend receiving time Tprotect.
  • the random number random_token having a minimum length of 24 bits is generated randomly based on epoch-time parameters and a constant denotes the random number space size for a random number generator.
  • parameter epoch id is the reference sign of the epoch time
  • Parameter epoch_size is a constant, denoting the random number space for the random function. Specifically, the remaining size of the number space for tokens after being divided into epochs.
  • an example 0X07FCC157341A7556
  • HEX 575547432677045590
  • 256 number of button presses can be stored per day when epochs are divided by date without impairing the encryption security.
  • the algorithm in the above formula does not limit the maximum number of random token bits, but the length of random token should be chosen dependent on the processing capacity of the system; usage frequency by epoch which specifies the required memory size to store tokens used in the epoch to prevent dictionary crawling attacks.
  • Step 3 The random number in step 2 is sent via wifi protocol to the key.
  • the random parameter is input into the chip integrated on the lock to be encrypted by the hash function, which is built from the asymmetric encryption base hash function.
  • the functions can be any one of the followings including: MD5, SHA1, SHA2, SHA3 (also known as Keccak-512) and other Keccak codes.
  • the hash function consists of four components: the random_token parameter resulted from Step 2; the control command code (Keyword); the key identifier (Key ID or SerialNumber); and the cryptographic parameter (CypherKey) discussed above.
  • hash function is represented as the following formula: hash(random_token, Keyword, KeylD, CypherKey)
  • CypherKey “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
  • hash Jock SHA1(“07FCC157341A7556”, “E0”, “000001”,
  • step 3 the lock obtains a encryption number as a lock encryption result.
  • Step 4 If the key receives the random number that the lock generated in step 2 via a wireless protocol, the key will load it into a key processing chip integrated on the key and perform encrypting it according to the hash function formula as mentioned in Step 3, and generate a key encryption result which is a key encryption number. In case of a transmission error, for example, due to interference from outside, and the key may receive the wrong random number, the key also generates a encryption result that will not match with the lock encryption result of the lock in comparison at step 5 below). Then the key sends the key encryption result via the wireless protocol to the lock for the predetermined time period Tanswer.
  • random_token 0X07FCC157341A7556
  • CypherKey “c677474d4adObcc2d7f2d41566462ae3dd47d72”
  • CypherKey “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
  • the received random token is hue, open command “E0”, but the key has KeylD 000002
  • CypherKey “c677474d4adf3bcc2d7f2d41566462ae3dd47d72” That is, the received random_token is true, the key has Key ID “000001”, but the command code is Close “DO”.
  • CypherKey “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
  • CypherKey “c677474d4adf3bcc2d7f2d41566462ae3dd47d73”, that is just a little bit different.
  • CypherKey “c677474d4adf3bcc2d7f2d41566462ae3dd47d72” is a character string, represented by 40 characters, stored in a computer with a 160- bit number, i.e. 20 cells of 8-bit memory .
  • Step 5 In case the lock receives the encryption result sent by the key, and compares it with the encryption result calculated by the lock in step 3. If the two values match with each other, the processing chip on the lock asks the actuator to execute the control command issued by the key.
  • the processing chip adjusts the command receipt time Tprotect from the key for the next activation of the lock to the predetermined minimum command receipt time Tprotect min, i.e.
  • Tprotect 500ms
  • T P rotect_min 500ms
  • the processing chip on the lock will not execute the control command and simultaneously record it as a fault opening time.
  • the lock processing chip on the lock will not execute the control command, simultaneously record it as a fault opening time.
  • the processing chip increases the command receipt time Tprotect from the key to prevent exhaust attacks.
  • Tprotect 500ms
  • T pr otect_max 10s
  • the key includes buttons, each corresponds to an command such as open, close, up, down, etc., one button to set a PIN, a radio transmitter, a radio receiver and a chip containing an embedded software to perform encryption according to the preset formula; electric power.
  • the key can also include a light display, a flashing light(s), MCU.
  • the lock there are a radio transmitter; a radio receiver and a processing chip containing an embedded software to perform encryption and encryption according to the pre set formula; the instruction execution mechanism from the processing chip; electric power.
  • the lock may include an auxiliary port for connecting a manual open/close button that can be enabled via PIN; a small light display, flashing light(s) or LCD screen for displaying information; loudspeaker or siren; wifi module connection port to connect with smartphone, auxiliary module.
  • the formula preset in the encryption software embedded in the key coincides with the formula preset in the encryption software embedded in the lock.
  • the key and the lock are paired and synchronized with each other by the cryptographic parameter calculated by a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up.
  • a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up.
  • the present invention helps to completely disable security hole of the Rolling Code security method. Therefore, wiretapping and then replaying the code has no effect. Because every time the key transmits an activation packet, the lock generates a random and nonrepeating token, forming a hash function puzzle that requires the key to be answered for authentication. If the lock is blocked and not receive the activation packet, or has received the activation packet and transmit a question but not receive an answer within a preset time, then immediately protocol between the key and the lock is canceled. That is, listening and storing information exchanged between the lock and the key does not help the listener to interfere or break in later.
  • the method proposed by the invention makes fakes of the key impossible.
  • Each key is synchronized with the lock by the cryptographic parameter so-called CypherKey in this description.
  • the encrypting function used with the CypherKey parameter is the SHA function, invented in early 1993.
  • the function is also known as one-dimensional encryption. That is, collecting the ciphertexts is not helpful in reversing the parameters used to generate the cyptographic. That is, it is possible to publicly send out the ciphertext without worrying that it will reveal the CypherKey cryptographic parameter.
  • the three-component structure of the CypherKey guarantees the user ownership. Because the PIN is a very long number which was generated randomly and the user not know the PIN, so that it cannot be revealed; the key manufacturer and the product manufacturer using the key cannot forcedly interfere with the products distributed to the customer. Even if for some reason CypherKey parameters are used by the product manufacturer using this method are exposed, tampering is unlikely. Furthermore, as the PIN component is randomly generated by the system, the CypherKey cannot be duplicated between the two products.
  • the BruteForce exhaustive attack method does not work because with the Tprotect parameter, restricting the time of consecutive access to the lock with the time Tprotect from Tprotect min to Tprotect_max acts as a firewall. This blocks testing codes continuously, and exhaustive attacks of code space become difficult because it takes too much time.
  • the distributed denial-of-service (DDoS) attack method is not effective due to control of activation packet, bytes in a packet must be consecutive over time, allowing the lock to filter out unprocessed noise.
  • the invention allows the key’s hardware to be designd that is able to operate in energy saving mode.
  • An activation command is always initiated from the key, allowing the key to be in sleep state, a maximum energy-saving state, and only wakes up to be active when activated by the user.
  • the proposed method of the present invention does not impair the encryption security over time.
  • the token synchronization of the present invention uses a direct transmission method.
  • a chronograph with quartz oscillation technology for the suitable civil equipment cost is used, this technology accumulates errors over time can reach Is after 1 year, i.e. quickly reaches the level of out of synchronization.
  • the proposed method of the present invention can work on many different devices with different properties to command remote control for authentication. Thanks to the use of error correction codes and the retransmission protocol, the proposed method of the invention allows the system operating in environments with a lot of electromagnetic interference. This method has advantages over the "repeating multiple codes" method currently used on many types of keys in that in a normal environment, it only needs to transmit exactly once to the destination instead of multiple times cause the key to consume more energy, and in noisy environments, the communication is more effective or better than the repetitive transmission method.
  • the two-way key-lock protocol of the present invention is public, and formula for building a hash function with publicly available parameters can copy the implementation in a legal or illegal way, but they cannot be used to compromise the lock system using the method of remotely activating a lock using a cyptographic. This is a huge difference from Microchip's KeeLoq algorithm.

Abstract

The invention provides a method for remotely activating a remote lock system using cryptography with two-way verification mechanism between the key and the lock, and a remote lock system implementing the method. Accordingly, the key and the lock simultaneously encrypt via a hash function formula to verify the cryptography before executing the control command. In addition, the method for remotely activating a remote lock system using cryptography according to the invention further comprises a timed cryptographic attack prevention mode by increasing the command receipt time from the key for each time input wrong cryptography.

Description

METHOD FOR REMOTELY ACTIVATING A REMOTE LOCK SYSTEM USING CRYPTOGRAPHY AND THE REMOTE LOCK SYSTEM FOR IMPLEMENTING THE
METHOD
Technical Field
The present invention generally relates to a method of remotely activating a lock using a cyptographic with two-way verification mechanism between the key and the lock, and a system for implementing the method. The method and system are applied in technical fields: radio frequency remote locks for various types of doors such as: doors, rolling doors, skylights, gates, windows, sliding doors, etc.; radio frequency remote locks for transportation: cars, electric cars, motorcycles, electric motorcycles, electric bicycles, etc.; remote radio-triggered controllers for electrical equipments in a unfavorable location or in an unallowable environment for controlling directly, for example: a radioactive environment, a biologically contaminated environment; remote radio-triggered controller for: activation devices of which the safety is guaranteed and errors are avoided, for example: mining detonators, etc.; application of theft alarm equipment; application for identification card used to replace the fixed code types; used to replace rolling codes (Microchip KeeLoq). The orders can be: close, open, start, stop, cancel, timer, etc.
Background Art
The method for activating a lock using a cryptographic has been applied for a long time. One of the popular coding systems of this method is rolling code. Published in 1993, it is a highly secure coding system, in which each activation, the algorithm will generate a different and unique code. However, the rolling code has a security hole that allows bad guys to exploit it, which was announced and demoed by Samy Kamkar - a security expert at the DefCon23 conference in Paris in 2015.
At present, a "keying of the car" service is publicly posted on the Internet, but is not checked by the genuine or authorized by state agency. It is shown that the equipment used by the "key maker" uses a type of Keygen to crack the automaker's encryption system, of which the code information can be saved and used for other purposes after that.
Before the rolling code system was invented, there were a number of code systems that were widely used as a cheaper option of users like Fix Code - the code is fixed securely by hard circuit (switch circuit, welding etc.) using specialized ICs such as PT226x/PT227x, etc. or Learning Code - a code system that allows the lock learning the model of the key with a larger number of encryption bits, so the security is also higher. However, it can be easily copied, or it can be easily attacked to drain the full range of code, due to the fixed nature of the code.
In addition, some new types of smart keys (SmartKey) encounter a situation: if the lock receives multiple and consecutive commands that activate the wrong password or spam packets, they can result in the halt of the lock, i.e. it is not operating normally, such as the vehicle engine cannot be started. This is known as distributed denial-of-service (DDoS) attack.
The previous key generations all share the same one-way communication mechanism. That is, only a key transmits a cryptography, and a lock receives the cryptography and checks, if the correct code is recorded, the cryptography can be generated from simple to complex various encrypting functions. The method works based on the assumption that only the key paired with the lock can transmit the correct code, without a re-verification mechanism, which is a big security weakness that makes it copyable. On the other hand, commonly used encrypting functions have some unique mathematical properties, such as pseudo-randomness, that are intended to resist statistical attacks, and require functions that are simple enough to integrate into hardware. However, the number of such functions is not much and that is why the used encrypting functions can be traced and reversed.
Therefore, there is a demand to solve the above problems, and provide a remote lock activation method using cryptography with an improved code verification mechanism against replication, cracking, and tracing encrypting functions - the basis for uncovering cryptographic, attacking and hacking, and there are time-based cryptographic-attacked prevention modes.
Summary of Invention
An object of the present invention is directed to prevent behaviour of copying, cracking, and reverting encrypting functions - the basis for uncovering cryptographic, attacking and hacking, and also to prevent time-based cryptographic attacks.
In order to achieve the above object, the invention provides a method for activating a remote lock system using cryptography including the following steps: Step 1: At the user's command, the key sends a packet containing two parameters: a control command code and a key identifier to the lock to activate the lock .
The control command can be any instruction assigned to the conventional keyword with the corresponding value so that its set of values and its set of bit inverse values do not intersect, and the key identifier is defined by the manufacturer using the key.
Step 2: Being received the activation packet of the key, if the key identifier in the activation packet sent to the lock does not match the lock identifier stored on the lock or the predeterminded time for receiveing the user’s command has not ended, the lock has no response.
If the key identifier in the activation packet sent to the lock matchs the identifier set on the lock, a software on chip embedded on the lock outputs any random number unduplicated with that of the previous activations at a preset time.
The random number is sent over the wireless protocol to the key.
This random number having a minimum length of 24 bits is generated randomly based on epoch-time parameters and a constant denotes the random number space size for a random generator.
Step 3: Concurrently with the generation of random number in step 2, the chip integrated on the lock performs encrypting according to the hash function consisting of four parameters: the random number obtained from Step 2; the control command code; the key identifier; and an cryptographic parameter.
Wherein the cryptographic parameter is calculated according to the hash function constituted by three components: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and a PIN is a series of random numbers automatically generated by the system each time a user requests to set it up.
As a result of Step 3, the lock generates a lock encryption result which is a lock encryption number.
Step 4: If the key receives the random number that the lock generated in step 2 via a wireless protocol, the key will load it into a key processing chip integrated on the key and perform encrypting it according to the hash function formula as mentioned in Step 3, and generate a key encryption result which is a key encryption number. Then the key sends the key encryption result via the wireless protocol to the lock for the predetermined time period.
Step 5: In case the lock receives the key encryption result sent by the key, and compares it with the lock encryption result calculated by the lock in step 3. If the two values match with each other, the processing chip on the lock asks the actuator to execute the control command issued by the key, and at the same time adjusts the command receipt time from the key for the next activation of the lock to a minimum predetermined time period.
If the two values do not match with each other, the processing chip on the lock will not execute the control command, simultaneously record it as a fault opening time, and increase the command receipt time from the key for each failure opening time until the predetermined maximum command receipt time of the lock has been reached to prevent exhaust attacks.
In case the lock does not receive the key’s response within the preset time period, the lock processing chip on the lock will not execute the control command, simultaneously record it as a fault opening time, and increase the command receipt time from the key for each failure opening time until the predetermined maximum command receipt time of the lock has been reached to prevent exhaust attacks.
The system implementing the method of remotely activating a lock using cryptography according to the invention includes:
The key includes buttons, each corresponds to a command such as open, close, up, down, etc., one button to set a PIN, a radio transmitter, a radio receiver and a chip containing an embedded software to perform encryption according to the preset formula; electric power. In addition, the key can also include a light display, a flashing light(s), MCU.
On the lock, there are a radio transmitter; a radio receiver and a processing chip containing an embedded software to perform encryption and encryption according to pre-set formulas; the instruction execution mechanism from the processing chip; electric power. In addition, the lock may include an auxiliary port for connecting a manual open/close button that can be enabled via PIN; a small light display, flashing light(s) or LCD screen for displaying information; loudspeaker or siren; Wifi module connection port to connect with smartphone, auxiliary module.
Wherein, the formula preset in the encryption software embedded in the key coincides with the formula preset in the encryption software embedded in the lock.
The key and the lock are synchronized with each other by the cryptographic parameter calculated by a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and a PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up.
Brieft Discription of the Drawings
Figure 1 is a flowchart of a method for activating a remote lock system using cryptography according to an embodiment of the present invention.
Detailed Description of Embodiments
The following invention will be described in detail with specific embodiments. The specific embodiments of the invention is expressed by way of examples for the purpose of disclosing the entire invention to those skilled persons in the art. However, the present invention is not limited by the examples. The present invention includes all modifications, equivalents, and substitutions without departing from the scope and spirit of the present invention.
It would be understood that, unless otherwise indicated, terms used in the description should be construed as generally understood and widely used by those skilled in the art. Terms used in the description are intended to describe specific embodiments and are not intended to be limited to the terms. Terms such as random_token, Keyword, KeyID/SerialNumber, CypherKey, MasterKey, and PIN are used to distinguish different cryptographic parameters and the invention is not limited to the terms.
According to one embodiment of the invention, the cryptographic method of activating the remote lock in a two-way protocol between the key and the lock is implemented in the form of radio frequency signals (RF).
The method of activating the remote lock using cryptographic of the invention is implemented through two main components, including the key and the lock.
(i) There are buttons on the key, each button corresponds to an command such as open, close, up, down, etc.; one button to set a PIN, a radio transmitter, a radio receiver and a key processing chip containing an embedded software to perform encryption according to the preset formula. The pre-installed formula in the embedded software to encrypt the key is identical to the pre-installed formula in the embedded software to encrypt in the lock;
(ii) On the lock, there are a radio transmitter; a radio receiver and a lock processing chip containing an embedded software to perform encryption and encryption according to pre-set formulas; the instruction execution mechanism from the processing chip. The formula preset in embedded software to encrypt in the lock is identical to the pre-installed formula in the embedded software to encrypt the key;
The key and the lock are paired and synchronized with each other by the cryptographic parameter (CypherKey) which is calculated by a hash function constituted by three components including : a key identifier defined by the product manufacturer using the key, a parameter defined by the key manufacturer, and a PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up (PIN). The encrypting function used is the SHA function, also known as one-way encryption, so collecting the ciphertexts is not helpful in reversing the parameters used to generate the cyptographic.
In a preferred embodiment, the cryptographic parameter CypherKey is built from the SHA1 hash function with the above three parameters, with the following formula:
SHA1 (MasterKey, SerialNumber, PIN)
Wherein:
- Masterkey is a parameter defined by the key manufacturer;
- KeylD or SerialNumber is an key identifiers defined by the product manufacturer using the key, such as car manufacturers, rolling door manufacturers, etc. or any other third party manufacturera for management purposes, and is not limited to the length of the number string;
- the PIN (personal id number) is a series of random numbers that is automatically generated by the system and consistence between the lock and the key at the time the user asks to set it up. The user can optionally reset the PIN by pressing a corresponding button on the key. Meanwhile, the processor on the key will output a random number and send it to the lock for storage and common use. According to the embodiment of the invention, the user indicated an order to set up a PIN without being informed of the PIN.
In which, the formula for creating a PIN is:
- In case of the system, the user does not need to remember the PIN:
PIN = [Po - Ppin lengh]
Pi = random(0-255) for all i = 0 => pin_lengh pin_lengh: the length of the PIN, can be very long, In a preferred embodiment, the PIN is 112 bytes long, and the user does not need to remember the PIN, so there is no need to store the PIN;
- In case of the system, the user can archive and save the PIN for other control purposes:
PIN = [Po - Ppin lengh]
Pi = random(‘a’-‘z’, ‘A’-‘Z’, ‘0’-‘9’) for all i = 0 => pin_lengh pin lengh: the length of the PIN, can be very long,
In another preferred embodiment, the 256-character PIN consists of numbers and letters distinguish upper and lower case; recording of this PIN for archives requires a separate security method for such storage for maximum security, and is not covered by the invention.
An example formula for generating CypherKey with specific parameters:
MasterKey = “56464e4c48105feeddl0b652520b6bdcd0ad66b0”
SerialNumber = “0123456789ABCDEF”
PIN = “42efda2d63c5b28d827b5173722185568e076522”
Wherein:
CypherKey = SHA1 (MasterKey, SerialNumber, PIN)
= SHA1(
“56464e4c48105feeddl0b652520b6bdcd0ad66b00123456789ABCDEF42efda2d63c5b28d 827b5173722185568e076522”)
= “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
However, the invention is not limited to the hash function formular. Any new functions can be used for a higher degree of security, such as the SHA3 function or the Keccak function with a larger number of bits.
The invention is emboded by the following steps:
Step 1: According to the user’s command, the key sends a packet to the lock to activate the lock, the command contains two parameters: a command code to be activated (close, open, stop, etc.), also known as the Keyword, and a key identifier, also known as a KeylD or SerialNumber. In particular:
- Keyword is the command code that needs to be activated to distinguish the commands that need to be executed. The invention is not limited to the maximum number of command codes. KeylD or SerialNumber is a key identifier, defined by the product manufacturer using the key.
In a preferred embodiment, the activation packet is represented by the function as follows:
[Keyword] [KeylD]
Wherein, the Keyword can be any command assigned to the conventional keyword and its corresponding value, as long as the Keyword is designed so that its set of values {Keyword} and the set of bit reversed values
Figure imgf000010_0001
does not intersect each other to optimize information processing in Step 2. A keyword example as shown in Table 2:
Table 2: A keyword example
Figure imgf000010_0002
Please note that the example table above is not limited to the number of commands as well as keywords and corresponding values of the command.
According to an embodiment of the present invention, when a user chooses an Open command, then the command code to be transferred may be: ‘Έ000000G’
Wherein: Open= Έ0”, KeylD = “000001” Step 2: When receiving the activation packet of the key, if the key identifier in the activation packet sent to the lock does not match the lock identifier on the lock or the predeterminded time for receiveing the user’s command has not ended, the lock has no response.
If the key identifier in the packet sent to the lock matches the identifier pre-set on the lock, a software on chip embedded on the lock outputs any random number random_token unduplicated with that of the previous activations at a preset time. Random token is sent over the wireless protocol to the key within a predetermined commend receiving time Tprotect.
For example, if Tprotect = 500ms, after 500ms since the command was sent, if the identifier in the packet matches the identifier on the lock then the lock will respond.
The random number random_token having a minimum length of 24 bits is generated randomly based on epoch-time parameters and a constant denotes the random number space size for a random number generator.
According to one embodiment of the invention, the generated random_tokens are do not coincide, because the division of each epoch is a date of use, the epoch_id is numbered from 0-4095 corresponding to the 12 bits used and numbered for dates of more than 11 years from the start date, with token_lengh = 64 bits, epoch size remaining 64 - 12 = 52 bits, i.e. values 0 to 253-l are the random number space for the function encrypting random numbers. The formula to calculate random_token is as follows: random token = epoch id * epoch_size + random(epoch_size)
In which, the parameter epoch id is the reference sign of the epoch time Parameter epoch_size is a constant, denoting the random number space for the random function. Specifically, the remaining size of the number space for tokens after being divided into epochs. For example: token lengh = 64 bit; divided into 4096 = 212 epochs each epoch is a date epoch = 127, that is the 127th day since the system went into operation
Figure imgf000011_0001
random_token = 127 * 252 + random(0 => (253 - 1)) an example = 0X07FCC157341A7556|HEX = 575547432677045590|DEC According to the embodiment* only a very small memory is needed, for example, 256 number of button presses can be stored per day when epochs are divided by date without impairing the encryption security. The algorithm in the above formula does not limit the maximum number of random token bits, but the length of random token should be chosen dependent on the processing capacity of the system; usage frequency by epoch which specifies the required memory size to store tokens used in the epoch to prevent dictionary crawling attacks.
Step 3: The random number in step 2 is sent via wifi protocol to the key.
On the lock, the random parameter is input into the chip integrated on the lock to be encrypted by the hash function, which is built from the asymmetric encryption base hash function. The functions can be any one of the followings including: MD5, SHA1, SHA2, SHA3 (also known as Keccak-512) and other Keccak codes.
The hash function consists of four components: the random_token parameter resulted from Step 2; the control command code (Keyword); the key identifier (Key ID or SerialNumber); and the cryptographic parameter (CypherKey) discussed above.
In a preferred embodiment, the above mentioned hash function is represented as the following formula: hash(random_token, Keyword, KeylD, CypherKey)
Example of a hash function puzzle with specific parameters and the open command of Keyword = E0: random_token = 0X07FCC157341A7556|HEX
Keyword = Open = “E0”, KeylD = “000001”
CypherKey = “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
Meanwhile, the hash_lock hash function of the lock is calculated as follows: hash Jock = SHA1(“07FCC157341A7556”, “E0”, “000001”,
“c677474d4adf3bcc2d7f2d41566462ae3dd47d72”)
= “d0fba6adc7b6f7f8e7cleb6275287ae26f90d064”
As a result of step 3, the lock obtains a encryption number as a lock encryption result.
Step 4: If the key receives the random number that the lock generated in step 2 via a wireless protocol, the key will load it into a key processing chip integrated on the key and perform encrypting it according to the hash function formula as mentioned in Step 3, and generate a key encryption result which is a key encryption number. In case of a transmission error, for example, due to interference from outside, and the key may receive the wrong random number, the key also generates a encryption result that will not match with the lock encryption result of the lock in comparison at step 5 below). Then the key sends the key encryption result via the wireless protocol to the lock for the predetermined time period Tanswer.
Example of the response to the hash key hash function calculated by the key when the open command is activated:
Example a:
All the parameters match with each other: random_token = 0X07FCC157341A7556|HEX Keyword = Open = “E0”, KeylD = “000001”
CypherKey = “c677474d4adObcc2d7f2d41566462ae3dd47d72”
That is, the received random_token is true, open command “E0”, the key has KeylD 000001
At that time, the hash_key hash function is calculated by the key as follows: hash key = SHA1(“07FCC157341A7556”, “E0”, “000001”,
“c677474d4adf3bcc2d7f2d41566462ae3dd47d72”)
= “d0fba6adc7b6f7f8e7cleb6275287ae26f90d064”
It is a correct result.
Example b:
KeyID/SerialNumber of the key does not match with that of the lock: random token = 0x07FCCl 57341 A7556|HEX Keyword = Open = “E0”, KeylD of the key = “000001”
CypherKey = “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
That is, the received random token is hue, open command “E0”, but the key has KeylD 000002
At that time, the hash key hash function is calculated by the key as follows: hash key = SHA1(“07FCC157341A7556”, “E0”, “000002”, “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”)
= “ 1 £515d2cdd44d27bcdb9485a3a03b8b9835541 f0”
It is a wrong result.
This situation can happen when someone fakes the key with KeylD = "000001".
Example c:
The command code of the key does not match with the lock: random_token = 0X07FCC157341A7556|HEX Keyword = Close = “DO”, KeylD = “000001”
CypherKey = “c677474d4adf3bcc2d7f2d41566462ae3dd47d72” That is, the received random_token is true, the key has Key ID “000001”, but the command code is Close “DO”.
At that time, the hash_key hash function is calculated by the key as follows: hashjcey = SHA1(“07FCC157341A7556”, “DO”, “000001”, “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”)
= “c 17977e5696f f91286111 ee3403077dd8186467”
It is a wrong result.
This situation can happen when someone attempts to fake the command code by copying the hash function of the Close command and replacing it with the Open command.
Example d:
Cryptographic parameters CypherKey of the key and the lock does not match: random token = 0X07FCC157341A7556|HEX Keyword = Open = “E0”, KeylD = “000001”
CypherKey = “c677474d4adf3bcc2d7f2d41566462ae3dd47d72”
That is, the received random token, the received Open command are true, the key has KeylD “000001”, but the CypherKey is other number, example:
CypherKey = “c677474d4adf3bcc2d7f2d41566462ae3dd47d73”, that is just a little bit different.
At that time, the hash function hash_key is calculated by the key as follows: hashjcey = SHA1(“07FCC157341A7556”, “E0”, “000001”,
“c677474d4adf3bcc2d7f2d41566462ae3dd47d73”)
= “fl66b36c5f6545cf5cdl64b25adc28115e8ce862”
It is a wrong result.
It should be noted that the above examples are considered with numbers represented in the Hexa system of the character area in a text format. On computer and chips, these numbers are stored in smaller memory size. However, the invention is not limited to them.
For example: CypherKey = “c677474d4adf3bcc2d7f2d41566462ae3dd47d72” is a character string, represented by 40 characters, stored in a computer with a 160- bit number, i.e. 20 cells of 8-bit memory .
Step 5: In case the lock receives the encryption result sent by the key, and compares it with the encryption result calculated by the lock in step 3. If the two values match with each other, the processing chip on the lock asks the actuator to execute the control command issued by the key.
According to one embodiment of the present invention, if the values match with each other, the processing chip adjusts the command receipt time Tprotect from the key for the next activation of the lock to the predetermined minimum command receipt time Tprotect min, i.e.
Tprotect = Tprotect min.
For example, if Tprotect = 500ms, TProtect_min = 500ms, when the key is true, Tprotect =
500ms.
If the two values are different, the processing chip on the lock will not execute the control command and simultaneously record it as a fault opening time.
In case the lock does not receive the key’s response within the predetermined time Tanswer, the lock processing chip on the lock will not execute the control command, simultaneously record it as a fault opening time.
Each opening time is fault, the processing chip increases the command receipt time Tprotect from the key to prevent exhaust attacks. In a preferred embodiment, the command receipt time Tprotect increases by 01 second after each fault opening time until it reachs the predetermined maximum command receipt time TProtect_max, i.e. Tprotect = TProtect_max.
For example, if Tprotect = 500ms, Tprotect_max = 10s, with each time opening the key is fault, Tprotect increases by 01 second until reaching Tprotect = 10s.
For example, if incorrectly answering a cryptographic puzzle 10 times will cause each subsequent entry only to be accepted after 10 seconds, while the BruteForce SHA256 exhaustive attack is very difficult and almost impossible, then with Tprotect = 10 seconds, the attack is more difficult.
A remote lock system for implementing the method of remotely activating the remote lock system using cyptographic according to the embodiment of the invention comprises:
The key includes buttons, each corresponds to an command such as open, close, up, down, etc., one button to set a PIN, a radio transmitter, a radio receiver and a chip containing an embedded software to perform encryption according to the preset formula; electric power. In addition, the key can also include a light display, a flashing light(s), MCU.
On the lock, there are a radio transmitter; a radio receiver and a processing chip containing an embedded software to perform encryption and encryption according to the pre set formula; the instruction execution mechanism from the processing chip; electric power. In addition, the lock may include an auxiliary port for connecting a manual open/close button that can be enabled via PIN; a small light display, flashing light(s) or LCD screen for displaying information; loudspeaker or siren; wifi module connection port to connect with smartphone, auxiliary module.
The formula preset in the encryption software embedded in the key coincides with the formula preset in the encryption software embedded in the lock.
The key and the lock are paired and synchronized with each other by the cryptographic parameter calculated by a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and PIN which is a series of random numbers automatically generated by the system each time a user requests to set it up.
Advantageous Effects of the invention
The present invention helps to completely disable security hole of the Rolling Code security method. Therefore, wiretapping and then replaying the code has no effect. Because every time the key transmits an activation packet, the lock generates a random and nonrepeating token, forming a hash function puzzle that requires the key to be answered for authentication. If the lock is blocked and not receive the activation packet, or has received the activation packet and transmit a question but not receive an answer within a preset time, then immediately protocol between the key and the lock is canceled. That is, listening and storing information exchanged between the lock and the key does not help the listener to interfere or break in later.
The method proposed by the invention makes fakes of the key impossible. Each key is synchronized with the lock by the cryptographic parameter so-called CypherKey in this description. The encrypting function used with the CypherKey parameter is the SHA function, invented in early 1993. The function is also known as one-dimensional encryption. That is, collecting the ciphertexts is not helpful in reversing the parameters used to generate the cyptographic. That is, it is possible to publicly send out the ciphertext without worrying that it will reveal the CypherKey cryptographic parameter.
The three-component structure of the CypherKey guarantees the user ownership. Because the PIN is a very long number which was generated randomly and the user not know the PIN, so that it cannot be revealed; the key manufacturer and the product manufacturer using the key cannot forcedly interfere with the products distributed to the customer. Even if for some reason CypherKey parameters are used by the product manufacturer using this method are exposed, tampering is unlikely. Furthermore, as the PIN component is randomly generated by the system, the CypherKey cannot be duplicated between the two products.
It is also impossible to unauthorizedly copy the key from the product manufacturer using the key. This is because the key building structure including three components allows developing a speciallized software separately, which cannot be arbitrarily copied without authorization. This can also allow a government to establish a specialized agency to manage cryptographic key and lock agents.
The BruteForce exhaustive attack method does not work because with the Tprotect parameter, restricting the time of consecutive access to the lock with the time Tprotect from Tprotect min to Tprotect_max acts as a firewall. This blocks testing codes continuously, and exhaustive attacks of code space become difficult because it takes too much time.
The information in each protocol is used only once and cannot be faked with, so consecutive attacks with protocol simulation packets can only receive false results, when anti-attack mechanism using the parameter Tprotect is used to prevent and disable exhaustive attacks like BruteForce attacks.
The distributed denial-of-service (DDoS) attack method is not effective due to control of activation packet, bytes in a packet must be consecutive over time, allowing the lock to filter out unprocessed noise.
The invention allows the key’s hardware to be designd that is able to operate in energy saving mode. An activation command is always initiated from the key, allowing the key to be in sleep state, a maximum energy-saving state, and only wakes up to be active when activated by the user.
The proposed method of the present invention does not impair the encryption security over time. Unlike the synchronization method of some token types using a timer, the token synchronization of the present invention uses a direct transmission method. When a chronograph with quartz oscillation technology for the suitable civil equipment cost is used, this technology accumulates errors over time can reach Is after 1 year, i.e. quickly reaches the level of out of synchronization.
The proposed method of the present invention can work on many different devices with different properties to command remote control for authentication. Thanks to the use of error correction codes and the retransmission protocol, the proposed method of the invention allows the system operating in environments with a lot of electromagnetic interference. This method has advantages over the "repeating multiple codes" method currently used on many types of keys in that in a normal environment, it only needs to transmit exactly once to the destination instead of multiple times cause the key to consume more energy, and in noisy environments, the communication is more effective or better than the repetitive transmission method.
The two-way key-lock protocol of the present invention is public, and formula for building a hash function with publicly available parameters can copy the implementation in a legal or illegal way, but they cannot be used to compromise the lock system using the method of remotely activating a lock using a cyptographic. This is a huge difference from Microchip's KeeLoq algorithm.

Claims

WHAT IS CLAIMED IS:
1. A method for remotely activating a remote lock system including a lock and a key using cryptography, the method comprising the steps of: step 1 : at a user's command, the key sends a activation packet to the lock to activate the lock containing two parameters: a control command code and a key identifier of the key, step 2: the lock receives the activation packet of the key, if the key identifier in the activation packet sent to the lock does not match a lock identifier set on the lock or a predeterminded time for receiveing the user’s command has not ended, the lock has no response, if the key identifier in the activation packet sent to the lock matchs with the lock identifier, a software embedded on a lock processing chip integrated on the lock outputs any random number unduplicated with those of the previous activations at a preset time, the random number is sent via a wireless protocol to the key; step 3: concurrently with the generation of the random number in step 2, the processing chip integrated on the lock performs encryption according to a hash function consisting of four components: the random number obtained from step 2; the control command code; the key identifier; and an cryptographic parameter wherein the cryptographic parameter is calculated according to the hash function constituted by three components: the key identifier defined by the product manufacturer using the key, a parameter defined by the key manufacturer, and a PIN which is a series of random numbers automatically generated by the remote lock system each time a user requests to set it up; as a result of step 3, the lock generates a lock encryption result which is a lock encryption number; step 4: if the key receives the random number that the lock generated in step 2 via a wireless protocol, the key will load it into a key processing chip integrated on the key and perform encrypting it according to the hash formula as mentioned in Step 3, and generate a key encryption result which is a encryption number; and then the key sends the key encryption result via the wireless protocol to the lock within the predetermined time period; and step 5: in case the lock receives the key encryption result sent by the key, and compares it with the lock encryption result that calculated by the lock in step 3, if the two values match with each other, the processing chip on the lock asks the actuator to execute the control command issued by the key, if the two values do not match each other, the processing chip on the lock will not execute the control command; or in case the lock does not receive the key’s response within the preset time period, the lock processing chip on the lock will not execute the control command.
2. The method of claim 1, wherein at step 1, the control command code is any command assigned to a conventional keyword with a corresponding value designed so that its set of values and its set of bit reversed values do not intersect, and the key identifier is defined by the product manufacturer using the key.
3. The method of claim 1 or 2, wherein at step 2, the said random number having a minimum length of 24 bits is generated randomly based on epoch-time parameter and a constant denoting the random number space size for a random generator.
4. The method in any one of claims 1-3, wherein the used hash function includes SHA functions, MD functions or the Keccak functions.
5. The method in any one of claims 1-4, wherein the PIN is determined by the formula:
PIN = [P0 - Ppin lengh]
Pi = random(0-255) for all i = 0 => pin_lengh pin lengh: the length of the PIN.
6. The method of claim 5, wherein the PIN is 112 bytes long.
7. The method in any one of claims 1-6, wherein, at step 5, if the two values match with each other, the processing chip adjusts the command receipt time from the key for the next activation of the lock to a minimum predetermined time period.
8. The method in any one of claims 1-6, wherein, at step 5, if the two values do not match with each other or the lock receives no response within the preset time period, the lock records it as a fault opening time, and simultaneously the processing chip increases the command receipt time from the key for each failure opening time until the predetermined maximum command receipt time from the key is reached to prevent exhaust attacks.
9. The method for remotely activating a lock using cryptography of claim 5, wherein the processing chip increases the command receipt time from the key for each falure opening time by 1 second and the predetermined maximum command receipt time by 10 seconds.
10. A remote lock system for implementing the method in any one of claims 1-9, comprising: a key including buttons, each corresponds to a command, a radio transmitter, a radio receiver, a key processing chip containing an embedded software to execute encryption according to the preset formula, and an electric power; and a lock including a radio transmitter; a radio receiver and a lock processing chip containing an embedded software to execute encryption and encryption according to a pre set formula; a command execution mechanism from the lock processing chip; an electric power; wherein the key and the lock are synchronized with each other by the cryptographic parameter calculated by a hash function constituted by three components including: the key identifier defined by the product manufacturer using the key, the parameter defined by the key manufacturer, and a PIN code which is a series of random numbers automatically generated by the system each time a user requests to set it up; wherein the formula preset in the encryption software embedded in the key coincides with the formula preset in the encryption software embedded in the lock.
11. The remote lock system of claim 10, wherein the key further includes one button to set a PIN.
12. The remote lock system of claim 10 or 11, wherein the lock includes an auxiliary port for connecting a manual open/close button to be enabled via the PIN code.
13. The remote lock system in any one of claims 10-12, wherein the lock futher includes a extended connection port to connect with Internet.
PCT/VN2021/000004 2020-02-27 2021-02-24 Method for remotely activating a remote lock system using cryptography and the remote lock system for implementing the method WO2021174264A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
VN1-2020-01076 2020-02-27
VN202001076 2020-02-27

Publications (1)

Publication Number Publication Date
WO2021174264A1 true WO2021174264A1 (en) 2021-09-02

Family

ID=77492137

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/VN2021/000004 WO2021174264A1 (en) 2020-02-27 2021-02-24 Method for remotely activating a remote lock system using cryptography and the remote lock system for implementing the method

Country Status (2)

Country Link
TW (1) TW202133010A (en)
WO (1) WO2021174264A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI795148B (en) * 2021-12-28 2023-03-01 四零四科技股份有限公司 Device, method and system of handling access control

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5363448A (en) * 1993-06-30 1994-11-08 United Technologies Automotive, Inc. Pseudorandom number generation and cryptographic authentication
KR20110111661A (en) * 2010-04-05 2011-10-12 부산대학교 산학협력단 Rfid tag for protecting duplication, system and method for protecting duplication using the same on epc network
US20140223198A1 (en) * 2011-12-20 2014-08-07 Nitin V. Saranghar Secure replay protected storage
US20190075089A1 (en) * 2017-09-05 2019-03-07 Comodo Security Solutions, Inc. Device and Methods For Safe Control of Vehicle Equipment Secured By Encrypted Channel
US20200005570A1 (en) * 2018-06-29 2020-01-02 Micron Technology, Inc. Secure wireless lock-actuation exchange

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5363448A (en) * 1993-06-30 1994-11-08 United Technologies Automotive, Inc. Pseudorandom number generation and cryptographic authentication
KR20110111661A (en) * 2010-04-05 2011-10-12 부산대학교 산학협력단 Rfid tag for protecting duplication, system and method for protecting duplication using the same on epc network
US20140223198A1 (en) * 2011-12-20 2014-08-07 Nitin V. Saranghar Secure replay protected storage
US20190075089A1 (en) * 2017-09-05 2019-03-07 Comodo Security Solutions, Inc. Device and Methods For Safe Control of Vehicle Equipment Secured By Encrypted Channel
US20200005570A1 (en) * 2018-06-29 2020-01-02 Micron Technology, Inc. Secure wireless lock-actuation exchange

Also Published As

Publication number Publication date
TW202133010A (en) 2021-09-01

Similar Documents

Publication Publication Date Title
US11070364B2 (en) Secure communication method and smart lock system based thereof
US10542002B2 (en) Systems and methods for device authentication
US11947649B2 (en) Locking device biometric access
CN100387798C (en) Electric key and electric lock device and realization method thereof
US6108785A (en) Method and apparatus for preventing unauthorized usage of a computer system
CN105257145B (en) Remote safe deposit box
US20060101047A1 (en) Method and system for fortifying software
US20180131526A1 (en) Systems and methods for device authentication
WO2008014326A2 (en) Systems and methods for root certificate update
US10263782B2 (en) Soft-token authentication system
CN108460862A (en) The method and electric lockset, lock system having with palmprint authentication and Mobile phone control lock
CN107958513A (en) A kind of offline authorization method and system of electronic lock
WO2021174264A1 (en) Method for remotely activating a remote lock system using cryptography and the remote lock system for implementing the method
CN110113153B (en) NFC secret key updating method, terminal and system
CN106447835A (en) Door lock sound wave control system and method
CN112102524A (en) Unlocking method and unlocking system
US20230275768A1 (en) Synchronisation of a device for authentication
US20080046741A1 (en) Protecting signatures using collision-resistant hash functions
JP2004206258A (en) Multiple authentication system, computer program, and multiple authentication method
KR100880512B1 (en) An entrance terminal with a built-in sam
KR100631629B1 (en) How to handle illegal copy of mobile terminal
CN101461176A (en) Communication node authentication system and method, and communication node authentication program
Husain et al. Novel Technique for Secure Keyless Car Authentication using Block-Chain System
CN114724291B (en) Remote offline real-time authorization method and device for access control system and storage medium
US11616655B2 (en) Asymmetric cryptography assisted authentication and access protocols

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21760882

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2021760882

Country of ref document: EP

Effective date: 20220927

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 2005A DATED 09/12/2022)

122 Ep: pct application non-entry in european phase

Ref document number: 21760882

Country of ref document: EP

Kind code of ref document: A1