An authentication system includes an authentication unit that performs an authentication process between a first communication device and a second communication device when the first communication device and the second communication device communicate. The authentication unit performs the authentication process by transmitting authentication information from one of the first communication device and the second communication device to the other one, calculating the authentication information with an encryption code in each of the first communication device and the second communication device, and evaluating a calculation result. During a processing series in the authentication process, the authentication unit performs a first authentication based on part of the calculation result transmitted between the first and second communication device, and a second authentication based on another part of the calculation result transmitted between the first and second communication device.

Securely provisioning a System on a Chip (SoC) includes generating a public/private key pair having a public key and a private key, securely storing the private key external to the SoC, embedding the public key in Resistor Transistor Logic (RTL) of the SoC during manufacture of the SoC, encrypting provisioning data using the private key to create encrypted provisioning data, and programming the SoC using the encrypted provisioning data. The secure provisioning may further include generating a secret shared key, embedding the secret shared key in the RTL of the SoC during manufacture of the SoC, and encrypting the provisioning data using the secret shared key. The RTL may be the boot Read Only Memory (ROM) of the SoC. The secure provisioning technique may also be used for subsequent provisioning after the SoC is deployed.

Hardware appliances with multiple sensors, such as automobiles, can be authenticated on a blockchain based platform using authentication values generated data provided by the hardware appliances, such as sensor data, log data, location data. Requests for service can be managed by the blockchain based platform based on authentication values of the hardware appliances.

Systems, apparatus, methods, and techniques for facilitating privacy preserving secure communicating in a platoon of devices, such as, vehicles, roadside units, or the like is provided. A service initiator provisions a ring key-set as well as a public key-pair and distributes the keys to user equipment and service coordinators. During operation, user equipment can query, via a service coordinator, the existence of a platoon, form a platoon, or join a platoon with the ring key-set and the public key-pair. To form a platoon the service coordinator can generate a symmetric key and provide the symmetric key to the user equipment. Subsequently, user equipment can communicate using the symmetric key.

Embodiments of the present disclosure generally relate to systems, devices, and methods wherein dynamically generated symmetric keys are used for encryption and decryption of software updates for vehicles. The symmetric keys are dynamically generated using a combination of information that ties a given symmetric key to a specific combination of a vehicle and the devices installed therein. The dynamic generation of the symmetric keys also uses a piece of random data generated by an intermediary server, which allows the intermediary server to validate devices before providing the piece of random data and thereby control access to the software updates. Use of the techniques disclosed herein provide heightened security, control, safety, and reliability for over-the-air software updates for vehicles.

The present disclosure includes secure communication between a vehicle and a remote device. An embodiment includes a processing resource, memory, and a vehicular communication component configured to, in response to receiving a request from a remote communication component to switch a state of a lock, calculate a challenge count for the request, generate a vehicular private key and a vehicular public key, perform a number of verification iterations, each respective verification iteration including providing the public key to the remote communication component, receiving, from the remote communication component, code for switching the lock state, verifying the remote communication component's identity, and incrementing a counter in response to verifying the remote communication component's identity, and decrypt the code using the private key and switch the lock state in response to the counter being incremented to a value equal to or greater than the challenge count.

Embodiments described herein provide systems and methods to prevent, or provide a countermeasure, to a co-existence attack, for example, that may occur in a Security Credential Management System (SCMS) where both regular butterfly key (RBK) protocol and unified butterfly key (UBK) protocol are supported. Embodiments described herein provide, support, employ, or implement hardware acceleration for a Hardware Security Module (HSM), for example, for cryptographic operations (e.g., block ciphers, digital signature schemes, and key exchange protocols).

Systems and methods for updating remote databases are provided. In certain embodiments, a method includes determining an installed version for a remote database stored on a vehicle computer. Further, the method includes identifying an incremental update for the remote database, wherein the incremental update contains differences between a desired version for the remote database and the installed version. Additionally, the method includes providing the incremental update to the vehicle computer. Also, the method includes updating the remote database with the incremental update.

Various embodiments of a system and method for secure, authenticated communication with one or more unmanned aerial vehicles (UAVs) are described herein. The system includes at least one computing system which is operable with instructions to: receive, from an unmanned aerial vehicle of one or more unmanned vehicles, a message; extract, from the message, an unmanned aerial vehicle serial number and a secret key; compute a hash of the secret key to generate a first hashed secret key; retrieve, from an internal database located on a non-transient memory of the at least one computing system, a second hashed secret key associated with the unmanned aerial vehicle serial number; and compare the first hashed secret key with the second hashed secret key to determine whether the message is valid.

Embodiments are disclosed for secure safety-critical system log. In an embodiment, a method comprises: obtaining data to be added to a log; creating an entry for the data; and adding the entry to a sequence of chained entries in the log, wherein: the sequence of chained entries includes a number of data entries and a number of sentinels interleaved with the number of data entries, wherein each data entry in the chain of entries is appended to an error-detecting code computed for the entry and a previously computed error-detecting code of a preceding data entry or an error-detecting root, and each sentinel in the chain of entries includes an error-detecting code computed for the sentinel and a previously computed error-detecting code of a preceding data entry or the error-detecting root, and each sentinel includes a previously computed and encrypted blockchain value of a preceding sentinel or a blockchain root value.