METHOD FOR TRIGGERING A FIRST DEVICE AS STEP FOR ACCESSING AN ACCESSIBLE DEVICE

Abstract

A method for triggering a first device, the first device having at least one antenna for wireless communication with a second device having at least one antenna, the first device being an access device, for example, a key fob or smart device, or an accessible device, for example a vehicle, the second device being the other one of the accessible device and the access device, and the triggering of the first device being a step required for accessing the accessible device.

Claims

1. A method for triggering a first device, the first device comprising at least one antenna for wireless communication with a second device having at least one antenna, the first device being an accessible device, in particular a vehicle or an access device, in particular a key fob or smart device, the second device being the other one of the accessible device and the access device, and the triggering of the first device being a step required for accessing the accessible device, wherein the method comprises: receiving at least one pilot signal on the first device via the at least one antenna; determining whether at least one message contained in the received at least one pilot signal corresponds to at least one expected message being expected by the first device; extracting channel state information from the received at least one pilot signal; deriving at least one channel feature from the extracted channel state information; determining whether at least one derived channel feature corresponds to at least one channel feature expected by the first device; and triggering the first device, if the received at least one message corresponds to the expected at least one message and the at least one derived channel feature corresponds to the at least one expected channel feature, or, otherwise, not triggering the first device.

2. The method according to claim 1, wherein the at least one derived channel feature and/or the at least one expected channel feature is modified by an analytical and/or statistical process.

3. The method according to claim 2, wherein machine learning, in particular deep learning, is applied in the analytical and/or statistical process.

4. The method according to claim 1, wherein the first device has two or more antennas and/or the second device has two or more antennas such that the method is performed based on two or more received pilot signals.

5. The method according to claim 1, wherein the first device has two or more antennas and the second device has two or more antennas such that the method is performed based on at least four received pilot signals.

6. The method according to claim 5, wherein the channel state information is extracted as a channel matrix from the at least four received pilot signals.

7. The method according to claim 6, wherein the derived channel feature is a determinant computed from the extracted channel matrix.

8. The method according to claim 7, wherein the expected channel feature is any value of a determinant but substantially zero.

9. The method according to claim 4, wherein the at least one derived channel feature is from an adjacent channel noise, a fading characteristic and/or any channel feature specific to multiple pilot signals.

10. A method for accessing an accessible device, in particular a vehicle, the method comprising the method according to claim 1 and the further steps of: accessing the accessible device after triggering the first device, if the accessible device is the first device; or sending at least one further pilot signal to the second device via the at least one antenna of the first device after triggering the first device, if the access device is the first device.

11. The method according to claim 10, wherein the accessible device is a vehicle and the accessing is an unlocking of the vehicle or a passive unlocking of the vehicle, and/or a starting of an ignition of a vehicle.

12. A first device comprising at least one antenna for wireless communication with a second device having at least one antenna, the first device being an access device, in particular a key fob or smart device, or an accessible device, in particular a vehicle, wherein the first device is configured to execute the method according to claim 1.

13. A system comprising the first device according to claim 12 and the second device.

14. A computer program product comprising instructions to cause a first device or system to execute the method according to claim 1.

15. A computer-readable medium having stored thereon the computer program product of claim 14.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0059] The present invention will become more fully understood from the detailed description given hereinbelow and the accompanying drawings which are given by way of illustration only, and thus, are not limitive of the present invention, and wherein:

[0060] FIG. 1 is a schematic representation of keyless system according to the invention;

[0061] FIG. 2 is a schematic representation of a prior art method of the keyless system of FIG. 1;

[0062] FIG. 3 is a schematic representation of a relay attack with one relay station in the keyless system of FIG. 1;

[0063] FIG. 4 is a schematic representation of a relay attack with two relay stations in the keyless system of FIG. 1;

[0064] FIG. 5 is a schematic representation of an exemplary method of the invention for the keyless system of FIG. 1;

[0065] FIG. 6 is a schematic representation of an example of the accessible device in the keyless system of FIG. 1;

[0066] FIG. 7 is a schematic representation of an example of the access device in the keyless system of FIG. 1;

[0067] FIG. 8 is a schematic representation of a communication link between the accessible device of FIG. 6 and the access device of FIG. 7 in the keyless system of FIG. 1,

[0068] FIG. 9 is a schematic representation of a communication link between the accessible device of FIG. 6 and the access device of FIG. 7 in the keyless system of FIG. 1 having multiple transmitters and receivers;

[0069] FIG. 10 is a schematic representation of a communication link between the accessible device of FIG. 6 and the access device of FIG. 7 interrupted by a relay attack with one relay station as depicted in FIG. 3; and

[0070] FIG. 11 is a schematic representation of a communication link between the accessible device of FIG. 6 and the access device of FIG. 7 as depicted in FIG. 4.

DETAILED DESCRIPTION

[0071] FIGS. 1 to 4 are discussed in depth in the introductory portion of this patent application.

[0072] FIG. 5 schematically shows a method 200 of how the keyless system 1 of FIG. 1 functions according to an example of the invention in order to grant access to the accessible device 10 only to the rightful owner 26 or person having the original physical electronic access device 20 in his possession. The method 200 of the example of the invention is similar to the prior art method in the first steps 201 to 208.

[0073] The accessible device 10 in the further discussed examples of the invention is a vehicle 10, in particular a car 10. However, the accessible device 10 is not limited to a vehicle 10 but may be of any other type, e.g., a car garage, a door of a building, or similar. The access device 20 may be a key fob 20 or a smart device 20 like a smartphone 20, for example. However, the access device 20 is not limited to these examples but may alternatively be also of any other type, for example a key card, smart card, smart watch, or similar.

[0074] In step 201 of the method 200, at least one antenna of the accessible device 10 sends out a pilot signal. For the at least one pilot signal to be sent out it may be required to touch a handle of the vehicle 10 or perform other interactions with the vehicle 10.

[0075] That pilot signal may have a rather short range, e.g., 5 to 100 meters, in particular 10 to 50 meters. The short range of the at least one pilot signal or, in other words, communication link established between the vehicle 10 and the key fob 20 is preselected such that the vehicle 10 is only accessed, e.g., unlocks, when the vehicle owner 26 is in such a close proximity to the vehicle 10 that it is safe to predict that he will want to access the vehicle 10.

[0076] If the key fob 20 is not within the preselected range of the pilot signal, the key fob 20 cannot respond to the pilot signal sent out by the vehicle 10 and the method 200 is aborted in step 202. However, it may be provided that the vehicle 10 periodically repeats the step 201, i.e., send out pilot signals every few milliseconds, for example, if an interaction with the vehicle 10 is not required.

[0077] Once the key fob 20 is within a proximity to the vehicle 10 matching the selected range of the pilot signal, the key fob 20 receives the at least one pilot signal in step 203. The pilot signal contains a unique message or key known or identifiable only to or by the key fob 20. In step 204, the key fob 20 determines whether the message contained in the received pilot signal matches a saved or expected message. With respect to the content of the message, its identification and the particular security features, such as encryption, appliable to the content of the pilot signal there are different methods known in the prior art which may be applied.

[0078] If that is not the case, the method 200 aborts in step 205. For example, a pilot signal from a different vehicle, which is not the one of the owner 26, may have been received and that pilot signal has a different message.

[0079] If, on the other hand, the message contained in the at least one received pilot signal matches the expected message, in step 206 a pilot signal from the key fob 20 is sent back to the vehicle 10. That pilot signal contains a unique message or key known or identifiable only to or by the vehicle 10.

[0080] The vehicle 10 receives the pilot signal sent from the key fob 20 in step 207 and determines in step 208 whether the message contained therein matches an expected message expected by the vehicle 10. If this is not the case, e.g., a pilot signal from a key fob not being the one of the owner 26, has been received, the vehicle 10 does not grant access and the method 200 aborts in step 209. Otherwise, if the message contained in the received pilot signal and the expected message match, the vehicle 10 is not triggered in step 210 to grant access to the vehicle but the vehicle 10, in particular a specific component or unit in the vehicle such as a computing unit, extracts channel state information from the received at least one pilot signal.

[0081] In the consecutive step 211, at least one channel feature from the extracted channel state information is derived. In step 212, the at least one derived channel feature is compared to at least one channel feature expected by the vehicle 10. If the at least one derived channel feature, e.g., in its value, corresponds to the at least one expected channel, e.g., lies within its expected value range, the method 200 proceeds with step 214. Otherwise, the method 200 aborts in step 213.

[0082] In step 214, the vehicle 10 is triggered to grant access to the vehicle 10 in step 215, which is performed after the triggering of the vehicle 10. For example, in step 215, the locks of the vehicle 10 may be unlocked or its ignition may be started.

[0083] The method 200 may use the security feature of steps 210 to 212 in the access device 20 before sending the at least one pilot signal out in step 206 in addition to or as alternative to steps 210 to 212 in the accessible device 10.

[0084] In the method 200 according to this example of the invention, the digital processing of the at least one pilot signal by means of extracting the channel state information, deriving the at least one channel feature and comparing it to an expected at least one channel feature is a security feature designed to tackle a relay attack. An example of this and of the particular channel feature, which may be used, is given with reference to FIGS. 8, 9 and 10.

[0085] In this example, the accessible device 10 and the access device 20 may have a structure or components as explained with reference to FIGS. 6 and 7.

[0086] FIG. 6 shows an example of a possible structure of the accessible device 10 having two antennas 11, 12 and a controller unit 13 connected to them. The controller unit 13 controls the pilot signals to be send out from and received by the antennas 11, 12. The controller unit 23 is connected to a memory unit 14 and a computing unit 15. The computing unit 15 is connected to an accessible unit 16, which may be an ignition unit or locking unit of the accessible device 10, when it is designed as a vehicle, for example.

[0087] FIG. 7 shows an example of a possible structure of the access device 20 being similar to the one of the accessible device 10 of FIG. 6 but without an accessible unit 16. The access device 20 has two antennas 21, 22 and a controller unit 23 having the same function as in the accessible device 10. The controller unit 23 is connected to a memory unit 24 and a computing unit 25. The memory unit 24 and the computing unit 25 are connected to each other.

[0088] In both cases, the accessible device 10 and the access device 20, the computing units 15, 25 may be designed to perform the determinations whether at least one message contained in the received at least one pilot signal corresponds to at least one expected message being expected and/or determining whether at least one derived channel feature corresponds to at least one expected channel feature as previously explained. The computing units 15, 25 may for this purpose execute a computer program product comprising instructions stored in the memory units 14, 24. The memory units 14, 24 may also store the expected at least one message and/or the at least one expected channel feature.

[0089] Turning to FIG. 8, a specific example of the steps 210 to 212 of the method 200 is explained. In this case, the antennas 21, 22 of the access device 20 act as transmitters. They send out pilot signals t1, t2 via communication channels h11, h21, h12, h22 of the communication link 30 received as pilot signals r1, r2 by the antennas 11, 12 of the accessible device 10. As previously explained, the situation may additionally or alternatively be the other way around such that the antennas 11, 12 of the accessible device 10 may send out the pilot signals t1, t2 via the communication channels h11, h21, h12, h22 received by the antennas 21, 22 of the access device 20 as received pilot signals r1, r2.

[0090] In step 210 of the method 200 explained with reference to FIG. 5, the channel state information is extracted from the received pilot signals r1, r2 received via the communication channels h11, h21, h12, h22 of the communication link 30. This channel state information may be described in the form r1=h11×t1+h12×t2 and r2=h21×t1+h22×t2. The channel matrix H is then established, wherein the receiving vector r may be represented in frequency domain as the product of the channel matrix H and the transmitting vector t:

[00001]$\stackrel{.fwdarw.}{r}=H.Math.\stackrel{.fwdarw.}{t},$$\mathrm{or}$$\left[\begin{array}{c}r1\\ r2\end{array}\right]=\left[\begin{array}{cc}h11& h12\\ h21& h22\end{array}\right].Math.\left[\begin{array}{c}t1\\ t2\end{array}\right].$

[0091] Afterwards, in step 211, as channel feature to be derived, the determinant of the channel matrix H is formed. The determinant of the above channel matrix H for a MIMO setup, although other setups may be applied, is determinant=h11.Math.h22−h12.Math.h21.

[0092] It has been found that the determinant of such an antenna system, in particular being at least a 2×2 MIMO antenna system, has a determinant with an arbitrary value. This means, that the determinant has an arbitrary value when the accessible device 10 and the access device 20 communicate with each other without any interference by a relay station in course of a relay attack.

[0093] FIG. 9 essentially shows FIG. 8 in an alternative embodiment of the keyless system of FIG. 1. In FIG. 9, the devices 10, 20 may be provided with several transmitters and receivers as indicated by t1 . . . tm and r1 . . . rn and accordingly the devices 10, 20 may have more than two antennas 11, 12, 21, 22 each.

[0094] FIGS. 10 and 11 show cases of the communication link between the respective antennas 11, 12, 21, 22 of the devices 10, 20 having one relay station 50 or two relay stations 50, 51 forwarding the pilot signals t1, t2 via communication channels g1, g3 sent out from the antennas 21, 22 of the access device 20 in the course of an RSA. This corresponds to the schematic representations of FIGS. 3 and 4.

[0095] In FIG. 10, the pilot signals t1, t2 are sent via the communication channels g1, g3 of a first communication link 40 to a relay station 50 performing the RSA and forwarding (or relaying) the pilot signals t1, t2 to the accessible device 10 via communication channels g2, g4 of a second communication link 41 established between the relay station 50 and the accessible device 10.

[0096] In FIG. 11, the pilot signals t1, t2 are sent via the communication channels g1, g3 of a first communication link 42 to a first relay station 50 performing the RSA and forwarding (or relaying) the pilot signals t1, t2 to a second relay station 51 via communication channel g5 of a second communication link 43 established between the two relay stations 50, 51. Then, the second relay station 51 forwards the pilot signals t1, t2 to the accessible device 10 via the third communication link 44 with the communication channels g2, g4.

[0097] When an RSA is performed, gains are applied to the pilot signals. In other words, the pilot signals t1, t2 are being amplified. In the case of two relay stations 50, 51, this happens twice (gains Ga and Gb).

[0098] When the method 200 of FIG. 4 is applied to the communication according to FIG. 10 having one relay station 50 between the devices 10, 20 experiencing RSA, in step 210 the channel matrix G is established with the receiving vector r in frequency domain being:

[00002]$\left[\begin{array}{c}r1\\ r2\end{array}\right]=\mathrm{Ga}.Math.\left[\begin{array}{cc}g1.Math.g2& g3.Math.g2\\ g1.Math.g4& g3.Math.g4\end{array}\right].Math.\left[\begin{array}{c}t1\\ t2\end{array}\right].$

[0099] For the communication according to FIG. 11 having two relay stations 50, 51 between the devices 10, 20 experiencing RSA, in step 210 the channel matrix G is established with the receiving vector r in frequency domain being:

[00003]$\left[\begin{array}{c}r1\\ r2\end{array}\right]=\mathrm{Ga}.Math.g5.Math.\mathrm{Gb}.Math.\left[\begin{array}{cc}g1.Math.g2& g3.Math.g2\\ g1.Math.g4& g3.Math.g4\end{array}\right].Math.\left[\begin{array}{c}t1\\ t2\end{array}\right].$

[0100] The channel matrix G is the same for both cases of RSA.

[0101] The determinant computed in step 211 of that channel matrix G is determinant=g1.Math.g2.Math.g3.Math.g4−g3.Math.g2.Math.g1.Math.g4. Accordingly, the value of the determinant is zero or substantially zero due to noise but not an arbitrary value.

[0102] Accordingly, the step 212 in the method 200 is performed based on an expected channel feature of a determinant having an arbitrary value or, in other words, not being zero.

[0103] Therefore, when an RSA occurred, the method 200 will be aborted in step 213 and only proceeded with to access the accessible device 10 when the value of the determinant is not substantially zero.

[0104] If the devices 10 and 20 are within the predetermined reach of each other based on the communication link 30 without RSA, in addition to the communication links 40, 41, 42, 43, 44 with RSA or established due to the RSA, the communication link 30 without RSA having the communication channels h11, h21, h12, h22 may be established. The pilot signals t1, t2 may than be received by the accessible device 10, if the pilot signals t1, t2 are sufficiently strong. Then, the pilot signals t1, t2 received on the accessible device 10 via the communication link 30 may be superposed with the pilot signals t1, t2 received on the accessible device 10 via the communication links 41, 44 with RSA. The pilot signals t1, t2 received on the accessible device 10 via the communication link 30 may be negligible, if the distance is large or they are blocked by elements in between, e.g., concrete of a parking garage. Anyhow, the pilot signals t1, t2 relayed via the communication links 40, 41, 42, 43, 44 with RSA may be determined due to their channel state information not matching the expected channel state information as described above and therefore the method 200 works independent from whether the communication link 30 without RSA is established or not.

[0105] As previously explained, the antenna system is not limited to a 2×2 system as explained or the example of determinant of channel matrix as channel feature. The system may be any n by n or n by m system, wherein n and m are equal to or greater than 1.

[0106] Also, generally, the proposed technique may be applied at different frequencies within the same band and/or different frequency bands. Moreover, different wireless technologies such as wireless LAN, Bluetooth, Ultrawideband or others may be used for the communication between the devices 10, 20.

[0107] The invention being thus described, it will be obvious that the same may be varied in many ways. Such variations are not to be regarded as departure from the spirit and scope of the invention, and all such modifications as would be obvious to one skilled in the art to be included within the scope of the following claims.