METHOD FOR PREVENTING SECURITY BREACHES OF A PASSIVE REMOVE KEYLESS ENTRY SYSTEM

Abstract

The present invention relates to a method for preventing security breaches of a passive remote keyless entry system for authorizing access to a vehicle. The passive remote keyless entry system comprises a base station located at the vehicle and a mobile device, in particular a remote key, wherein the base station comprises a first processor unit and a first transceiver unit, the first transceiver unit comprises a timing device, the mobile device comprises a second processor unit and a second transceiver unit, an air travel time T of a single message sent back and forth from the base station to the mobile device is measured, and access to the vehicle is granted depending on the measured air travel time T.

Claims

1. A method for preventing security breaches of a passive remote keyless entry system configured for authorizing access to a vehicle, the passive remote keyless entry system comprising a base station located at the vehicle and a mobile device, wherein the base station comprises a first processor unit and a first transceiver unit, the first transceiver unit comprises a timing device, the mobile device comprises a second processor unit and a second transceiver unit, said method comprising: measuring an air travel time of a single message sent back and forth from the base station to the mobile device; and granting access to the vehicle depending on the measured air travel time.

2. The method in accordance with claim 1, wherein the method comprises: sending, by the first transceiver unit, a start signal to the timing device at a time of sending a request message to the second transceiver unit; sending, by the first transceiver unit, a stop signal to the timing device at a time of receiving a return message from the second transceiver unit; and determining the air travel time based on a time difference between the start signal and the stop signal.

3. The method in accordance with claim 1, wherein the method comprises: measuring, by the first transceiver unit, the air travel time with a time resolution equal to or less than 500 ps.

4. The method in accordance with claim 3, wherein the method comprises: measuring, by the first transceiver unit, the air travel time with a time resolution equal to or less than 100 ps.

5. The method in accordance with any of claim 1, wherein the method comprises: authorizing, by the base station, access to the vehicle by sending an access signal to the vehicle in response to a determination that the air travel time is shorter than a predetermined time limit.

6. The method in accordance with any of claim 1, wherein the second transceiver unit (26) comprises a Phase-Locked-Loop oscillator (PLL), wherein the method comprises: broadcasting, by the first transceiver unit, an activation signal to activate the PLL before sending the start signal to the timing device.

7. The method in accordance with any of claim 1, wherein the method comprises: generating, by the first processor unit, an encrypted request code; and generating, by the second processor unit, an encrypted access code.

8. The method in accordance with any of claim 7, wherein a request message is the encrypted request code.

9. The method in accordance with claim 8, wherein the first transceiver unit comprises a first memory unit and the second transceiver unit comprises a second memory unit, wherein the method comprises: storing the encrypted request code and the encrypted access code in the second memory unit.

10. The method in accordance with claim 9, wherein the method comprises: comparing, by the second transceiver unit, the encrypted request code and the encrypted access code; and in response to a determination that the encrypted request code and the encrypted access code match, sending an acceptance signal to the base station.

11. The method in accordance with any of claim 10, wherein the method comprises: calculating a reduced time interval TD=(TTC4TC5TC6TC7)/2, wherein TC4 is a time interval required to send the request code, TC5 is a time interval required to receive and store the request code and compare it with the access code, TC6 is a time interval required to send the acceptance signal (56), TC7 is a time interval required to receive the acceptance signal; and calculating a distance (D) between the base station and the mobile device during the authorization process, wherein the distance D=(TD/33.3 ps) cm.

12. The method in accordance with claim 11, wherein the method comprises: sending the access signal to the vehicle, by the base station, in response to a determination that the distance between the base station and the mobile device is less than a maximum allowed distance DL=(TL/33.3 ps) cm between the base station and the mobile device.

13. A passive remote keyless entry system for authorizing access to a vehicle by performing the method in accordance with claim 1, said system comprising: a base station located at the vehicle and a mobile device, wherein the base station comprises a first processor unit, a first transceiver unit and a data link between the first processor unit and the first transceiver unit; the mobile device comprises a second processor unit, a second transceiver unit and a data link between the second processor unit and the second transceiver unit; the first transceiver unit comprises a transmitter, a receiver, a first memory unit, a control unit and a timing device; and the second transceiver unit comprises a transmitter, a receiver, a second memory unit, and a control unit.

14. The passive remote keyless entry system in accordance with claim 13, wherein the mobile device is a remote key.

15. The passive remote keyless entry system in accordance with claim 13, wherein the second transceiver unit further comprises a Phase-Locked-Loop oscillator (PLL).

16. The passive remote keyless entry system in accordance with claim 13, wherein the timing device is a Time to Digital Converter (TDC) with a time resolution equal to or less than 500 ps.

16. The passive remote keyless entry system in accordance with claim 16, wherein the timing device is a Time to Digital Converter (TDC) with a time resolution equal to or less than 100 ps.

17. The passive remote keyless entry system in accordance with any of claim 13, wherein the transmitter of the second transceiver unit emits low frequency (LF) signals.

Description

BRIEF DESCRIPTION OF DRAWINGS

[0036] Further details will now be described, by way of example with reference to the accompanying drawings, in which:

[0037] FIG. 1 is a schematic view of an embodiment of a passive remote keyless entry system;

[0038] FIG. 2 is a schematic view of the first transceiver unit of the embodiment of FIG. 1;

[0039] FIG. 3 is a schematic view of the second transceiver unit of the embodiment of FIG. 1; and

[0040] FIG. 4 is a flowchart representing an embodiment of a method for preventing security breaches of the passive remote keyless entry system of FIG. 1.

DETAILED DESCRIPTION

[0041] Reference will now be made in detail to embodiments, examples of which are illustrated in the accompanying drawings. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the various described embodiments. However, it will be apparent to one of ordinary skill in the art that the various described embodiments may be practiced without these specific details. In other instances, well-known methods, procedures, components, circuits, and networks have not been described in detail so as not to unnecessarily obscure aspects of the embodiments.

[0042] One or more includes a function being performed by one element, a function being performed by more than one element, e.g., in a distributed fashion, several functions being performed by one element, several functions being performed by several elements, or any combination of the above.

[0043] It will also be understood that, although the terms first, second, etc. are, in some instances, used herein to describe various elements, these elements should not be limited by these terms. These terms are only used to distinguish one element from another. For example, a first contact could be termed a second contact, and, similarly, a second contact could be termed a first contact, without departing from the scope of the various described embodiments. The first contact and the second contact are both contacts, but they are not the same contact.

[0044] The terminology used in the description of the various described embodiments herein is for describing embodiments only and is not intended to be limiting. As used in the description of the various described embodiments and the appended claims, the singular forms a, an and the are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will also be understood that the term and/or as used herein refers to and encompasses all possible combinations of one or more of the associated listed items. It will be further understood that the terms includes, including, comprises, and/or comprising, when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.

[0045] As used herein, the term if is, optionally, construed to mean when or upon or in response to determining or in response to detecting, depending on the context. Similarly, the phrase if it is determined or if [a stated condition or event] is detected is, optionally, construed to mean upon determining or in response to determining or upon detecting [the stated condition or event] or in response to detecting [the stated condition or event], depending on the context.

[0046] FIG. 1 shows a schematic view of an embodiment of an inventive passive remote keyless entry (RKE) system 12. The passive RKE system 12 comprises a base station 14 to be located at a vehicle 10 and a mobile device 16, in particular a remote key, which for example can be carried along by a driver (not shown). The base station 14 comprises a first processor unit 18, a first transceiver unit 20 and a data link 22 between the first processor unit 18 and the first transceiver unit 20. The mobile device 16 comprises a second processor unit 24, a second transceiver unit 26 and a data link 28 between the second processor unit 24 and the second transceiver unit 26.

[0047] In FIG. 2 a schematic view of the first transceiver unit 20 is shown in greater detail. The first transceiver unit 20 comprises a transmitter 30, a receiver 32, a first memory unit 34, a control unit 36, a PLL oscillator 38 and a timing device (timer) 40. The first memory unit 34 is made up by two registers and includes an entry register 34a and an exit register 34b. The first transceiver unit 20 and the control unit 36 are connected by a control interface 36a.

[0048] FIG. 3 shows a schematic view of the second transceiver unit 26 in greater detail. The second transceiver unit 26 comprises a transmitter 42, a receiver 44, a second memory unit 46, a control unit 48 and a PLL oscillator 50. The second memory unit 46 is made up by three registers and includes a key register 46a, an entry register 46b and a comparison register 46c. The second transceiver unit 26 and the control unit 48 are connected by a control interface 48a.

[0049] The first transceiver unit 20 and the second transceiver unit 26 can be included in the base station 14 or the mobile device 16 as application-specific integrated circuit (ASIC), comprising all components of the respective transceiver unit 20, 26.

[0050] In FIG. 4 a flowchart of the inventive method for preventing security breaches of a passive RKE system is shown, comprising the steps S1 to S8. All steps of the inventive method, including the steps S1 to S8, are controlled by the control units 36 and 48 of the first and second transceiver units 20 and 26.

[0051] In step S1 a driver requests access to the vehicle, for example by actuation of an actuation device (not shown) at the vehicle 10. The actuation device can include optical sensors, proximity sensors or sensors for detecting manual interaction. For example, the request for access can be initiated by pressing a dedicated button at the vehicle or by pressing a door handle.

[0052] As the request for access is initiated by the driver in step S1, an encrypted request code 52 is generated by the first processor unit 18 and forwarded to the first transceiver unit 20 in step S2. The first transceiver unit 20 receives the request code 52 via the data link 22 from the first processor unit 18 and stores the code 52 in the entry register 34a of the first memory unit 34.

[0053] Similarly to the first processor unit 18, the second processor unit 24 generates an encrypted access code 54 and stores the code 54 in the key register 46a of the second memory unit 46. The access code 54 can be generated and be available already, as the request for access is initiated by the driver and the request code 52 is generated. For example, the second processor unit 24 can generate the access code 54 immediately after a previous communication of the base station 14 and the mobile device 16 during a previous negotiation of an access to the vehicle 10.

[0054] In step S3, the first transceiver unit 20 sends an activation signal to the PLL oscillator 50 of the second transceiver unit 26. The activation signal can be a short unencrypted message to wake-up the PLL 50. As the PLL is only needed during a communication between the base station 14 and the mobile device 16, the PLL 50 is deactivated most of the time to reduce the energy consumption of the second transceiver unit 26. After a communication between the first and second transceiver unit 20, 26 has ended in step S7, the PLL 50 is deactivated once again, for example by an internal sleep message sent by the second transceiver unit 26 to the PLL 50.

[0055] The PLL 50 has the effect of increasing the frequency of an oscillator by a factor, shifting the frequencies of an oscillator for example from the low frequency (LF) to the high frequency (HF) range. This is used in the shown embodiment to shift the emitted frequencies of the LF transmitter 42 to the HF range. By the combination of the PLL 50 and a LF transmitter 42 it is possible to operate the second transceiver unit 26 in an energy-efficient and cost-effective way.

[0056] The PLL 50 is also used to synchronize the base station 14 and the mobile device 16. This is done by synchronizing a phase of a clock signal of the second transceiver unit with an external timing signal from the base station 14.

[0057] In the shown embodiment, a PLL 38 is also included in the first transceiver unit 20.

[0058] In step S4 the first transceiver unit 20 sends the request code 52 to the second transceiver unit. A time TC4 to finish the transmission is calculated from a known size of the transmitted request code 52 and a known clock frequency of the first transceiver unit 20.

[0059] Simultaneously with starting the transmission of the request code 52, the first transceiver unit 20 sends a start signal to the timing device 40, which does not form part of the first processor unit 18. The timing device 40 is for example a Time to Digital Converter (TDC), with a preferred time resolution of e.g. 500 ps, advantageously of equal or better than 100 ps. This time resolution allows measuring a distance D between the base station 14 and the mobile device 16 very accurately, with a resolution of about 15 cm and 3 cm, respectively.

[0060] Upon reception, the second transceiver unit 26 stores in step S5 the request code 52 in an entry register 46b of the second memory unit 46 and compares the request code 52 with the access code 54 in an comparison register 46c of the second memory unit 46. A time TC5 to finish the reception and storage of the request code 52 and its comparison with the access code 54 is calculated from known sizes of the request code 52 and the access code 54 and the known clock frequency of the second transceiver unit 26.

[0061] In case of a match of the request code 52 and the access code 54, an acceptance signal 56 is sent from the second transceiver unit 26 to the first transceiver unit 20 in step S6. The acceptance signal 56 can be an encrypted or an unencrypted message or code, preferably it is an unencrypted short acknowledgment message of known length. A time TC6 to finish the transmission is calculated from a known size of the acceptance signal 56 and the known clock frequency of the second transceiver unit 26.

[0062] Immediately after the acceptance signal 56 has been fully received and has been stored in the entry register 34a of the first memory unit 34, the first transceiver unit sends a stop signal to the timing device 40 in step S7. A time TC7 to finish the reception is calculated from the known size of the acceptance signal 56 and the known clock frequency of the first transceiver unit 20.

[0063] In step S8, an air travel time T is obtained as a time difference between the start signal (see step S4) and the stop signal (see step S7). As the start and the stop signal are sent simultaneously with the transmission of the request code 52 and the reception of the acceptance signal 56, it is assured that the air travel time T is determined very accurately.

[0064] In a final step, the distance D between the base station 14 and the mobile device 16 during the authorization process is determined. This includes the calculation of a reduced time interval TD=(TTC4TC5TC6TC7)/2, wherein T is the measured air travel time, TC4 is the time interval required to send the request code 52 (see step S4), TC5 is a time interval required to receive and store the request code 52 and compare it with the access code 54 (see step S5), TC6 is the time interval required to send the acceptance signal (see step S6) and TC7 is the time interval required to receive the acceptance signal (see step S7).

[0065] From the reduced time interval a distance D between the mobile device 16 and the base station 14 is calculated according to D=(TD/33.3 ps) cm. These calculations assume that the distance D between the mobile device 16 and the base station 14 stays constant during an authorization process.

[0066] In case the distance D between the base station 14 and the mobile device 16 is less than a predetermined maximum allowed distance between the base station 14 and the mobile device 16, the base station 14 authorizes the request for access and sends an access signal to the vehicle 10.

[0067] While this invention has been described in terms of the preferred embodiments thereof, it is not intended to be so limited, but rather only to the extent set forth in the claims that follow.

METHOD FOR PREVENTING SECURITY BREACHES OF A PASSIVE REMOVE KEYLESS ENTRY SYSTEM

Inventors

Cpc classification

Classification Explorer

G07C2009/00539

PHYSICS

Classification Explorer

G07C9/00309

PHYSICS

Classification Explorer

H03L7/0805

ELECTRICITY

Classification Explorer

G07C2009/00555

PHYSICS

Classification Explorer

G07C2009/0038

PHYSICS

Classification Explorer

G07C2009/00333

PHYSICS

Classification Explorer

G07C2209/61

PHYSICS

Classification Explorer

B60R25/245

PERFORMING OPERATIONS; TRANSPORTING

Classification Explorer

G07C2209/63

PHYSICS

Classification Explorer

G07C2209/64

PHYSICS

International classification

Classification Explorer

G07C9/00

PHYSICS

Classification Explorer

B60R25/24

PERFORMING OPERATIONS; TRANSPORTING

Classification Explorer

H03L7/08

ELECTRICITY

Abstract

Claims

Description