WO2016031607A1 - Electronic key system and matching device - Google Patents

Electronic key system and matching device Download PDF

Info

Publication number
WO2016031607A1
WO2016031607A1 PCT/JP2015/073029 JP2015073029W WO2016031607A1 WO 2016031607 A1 WO2016031607 A1 WO 2016031607A1 JP 2015073029 W JP2015073029 W JP 2015073029W WO 2016031607 A1 WO2016031607 A1 WO 2016031607A1
Authority
WO
WIPO (PCT)
Prior art keywords
challenge
electronic key
response
code
pairs
Prior art date
Application number
PCT/JP2015/073029
Other languages
French (fr)
Japanese (ja)
Inventor
耕平 岸本
Original Assignee
株式会社東海理化電機製作所
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社東海理化電機製作所 filed Critical 株式会社東海理化電機製作所
Publication of WO2016031607A1 publication Critical patent/WO2016031607A1/en

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/20Means to switch the anti-theft system on or off
    • B60R25/24Means to switch the anti-theft system on or off using electronic identifiers containing a code not memorised by the user
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B49/00Electric permutation locks; Circuits therefor ; Mechanical aspects of electronic locks; Mechanical keys therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to an electronic key system and a verification device that perform ID verification via wireless communication between an electronic key and a communication target.
  • an electronic key system for operating a vehicle by performing ID collation of the electronic key via wireless communication is known (see, for example, Patent Document 1).
  • a request signal is transmitted from a transmission antenna mounted on a vehicle, for example, by radio waves in the LF (Low Frequency) band.
  • the electronic key transmits a key ID signal written in the electronic key to the vehicle using radio waves in, for example, a UHF (Ultra High Frequency) band.
  • the vehicle verification ECU When the vehicle verification ECU receives the key ID signal transmitted from the electronic key at the reception antenna of the vehicle, the vehicle verification ECU performs ID verification based on the key ID signal, and if the ID verification can be confirmed, for example, the vehicle door Permit / execute locking / unlocking and engine starting. At the time of ID verification, challenge response authentication is performed to enhance security.
  • a third party who has entered the vehicle may analyze the operation status of the device and illegally acquire information necessary for challenge-response authentication.
  • Such illegal information acquisition is called a side channel attack.
  • a method for generating a response code in challenge response authentication may be analyzed.
  • information obtained by a third party who does not carry the electronic key is communicated to establish challenge response authentication, so that the third party can unlock the vehicle door without permission.
  • engine start may be permitted or executed.
  • An object of the present invention is to provide an electronic key system and a verification device that can prevent unauthorized challenge response authentication due to a side channel attack.
  • an electronic key system is provided.
  • the electronic key system is provided in a communication target capable of communicating with the electronic key and the electronic key, executes challenge response authentication via wireless communication with the electronic key, and performs the communication based on establishment of the challenge response authentication.
  • a control device for controlling the object.
  • the control device is configured to generate and store a plurality of pairs of challenge code and response code in advance.
  • the control device generates a response code for each pair by encrypting a corresponding challenge code with an encryption key.
  • the control device is further configured to read one of the plurality of previously stored pairs and transmit the challenge code of the read pair.
  • the control device is further configured to receive the response code generated by the electronic key by encrypting the challenge code read and transmitted with an encryption key.
  • the controller is further configured to determine that challenge response authentication has been established when the response code paired with the read and transmitted challenge code matches the response code received from the electronic key. Has been.
  • the communication target In the conventional system, the communication target generates a response code by encrypting the challenge code with an encryption key after transmitting the challenge code.
  • a conventional system is exposed to a side channel attack that attempts to identify an encryption key and thus a challenge code by analyzing power consumption and the like when a communication target encrypts the challenge code.
  • a plurality of pairs of challenge code and response code are generated and stored in advance. Then, one of a plurality of pairs stored in advance is read out, and challenge response authentication is performed.
  • the communication target control device does not perform the encryption process for generating the response code after transmitting the challenge code. Therefore, it is possible to prevent the power consumption and the like when encrypting the challenge code from being acquired during challenge response authentication. Therefore, unauthorized challenge response authentication due to side channel attacks can be prevented.
  • a verification device includes a computer processor that can communicate with the electronic key via a communication device.
  • the computer processor includes a non-transitory computer readable medium that stores instructions for performing challenge response authentication via wireless communication with the electronic key.
  • the instruction group includes an instruction configured to cause the computer processor to generate and store a plurality of pairs of challenge codes and response codes in advance.
  • the instruction includes an instruction configured to cause the computer processor to generate a response code for each pair by encrypting a corresponding challenge code with an encryption key.
  • the group of instructions further includes instructions configured to cause the computer processor to read one of the plurality of prestored pairs and to transmit the challenge code of the read pair.
  • the instructions are further configured to cause the computer processor to determine whether the response code paired with the challenge code read and transmitted matches the response code received from the electronic key. Included directives.
  • the response code received from the electronic key is a response code generated by the electronic key by encrypting the challenge code read and transmitted with an encryption key.
  • the block diagram which shows schematic structure of an electronic key system.
  • the flowchart which shows the production
  • the flowchart which shows the authentication process by the control apparatus of a vehicle.
  • FIG. 1 shows an electronic key system including a control device provided in a vehicle 20 that is a communication target and an electronic key 10 that can wirelessly communicate with the control device.
  • the control device of the vehicle 20 performs various ID verifications such as challenge response authentication via wireless communication with the electronic key 10.
  • ID collation is performed via narrow-area wireless communication when the control device of the vehicle 20 starts communication.
  • narrow area wireless communication performed by the electronic key system is referred to as “smart communication”
  • ID verification performed by smart communication is described as “smart verification”.
  • the electronic key 10 includes a key control unit 11 that controls the operation of the electronic key 10, a receiving antenna 12 that enables radio reception by the electronic key 10, and a transmission antenna 13 that enables radio transmission by the electronic key 10. ing.
  • An electronic key ID unique to the electronic key 10 is stored in the memory 11 a of the key control unit 11.
  • the receiving antenna 12 can receive, for example, radio waves in the LF (Low Frequency) band.
  • the transmission antenna 13 can transmit a radio wave of, for example, a UHF (Ultra High Frequency) band.
  • the vehicle 20 includes a verification ECU (Electric Control Unit) 21 that performs various verifications via wireless communication with the electronic key 10, a body ECU 22 that manages the power source of the on-vehicle electrical components, and an engine ECU 23 that controls the engine 24. I have. These are electrically connected through a communication line 25 in the vehicle.
  • the communication line 25 is, for example, CAN (Controller Area Network) or LIN (Local Interconnect Network).
  • the memory 21 a of the verification ECU 21 stores the electronic key ID of the electronic key 10, and thus the usable electronic key 10 is registered in the vehicle 20.
  • the vehicle 20 transmits from the outside transmitter 26 capable of transmitting radio waves outside the vehicle in ID verification communication, the in-vehicle transmitter 27 capable of transmitting radio waves inside the vehicle in ID verification communication, and the electronic key 10 in ID verification communication. And a vehicle receiver 28 capable of receiving received radio waves. These are electrically connected to the verification ECU 21.
  • the vehicle transmitter 26 and the vehicle transmitter 27 can transmit, for example, LF band radio waves.
  • the vehicle receiver 28 can receive, for example, UHF radio waves.
  • Each of the transmitters 26, 27, and 28 is an example of a communication device.
  • the vehicle 20 includes a door lock mechanism 29 as a mechanical mechanism that switches between locking and unlocking the vehicle door.
  • the body ECU 22 switches between locking and unlocking of the door lock mechanism 29 based on the result of ID verification controlled by the verification ECU 21.
  • Each door of the vehicle 20 is provided with a door button 40 serving as a trigger for locking and unlocking the door.
  • the vehicle 20 includes an engine switch 30 that is operated when the power state of the vehicle 20 is switched.
  • the engine switch 30 includes an operation detection unit 31 that detects, for example, a push operation (on operation) to the engine switch 30.
  • the operation detection unit 31 may be either a switch element (for example, a micro switch) or a sensor (a magnetic sensor or an optical sensor).
  • the operation detection unit 31 outputs the operation signal Ssw to the verification ECU 21.
  • an ON signal is output as the operation signal Ssw.
  • the verification ECU 21 determines the power state of the vehicle 20 based on the operation signal Ssw supplied from the operation detection unit 31.
  • the verification ECU 21 switches the power state of the vehicle 20 based on the determination result of the power state.
  • the power supply state of the vehicle 20 is switched to any of IG off, ACC on, IG on, and engine start, for example.
  • the verification ECU 21 transmits a wake signal from the vehicle-mounted transmitter 26, and when the electronic key 10 receives this wake signal, it activates and returns an acknowledgment signal.
  • the verification ECU 21 executes various verifications such as vehicle code verification, challenge response authentication, and electronic key ID verification.
  • vehicle code verification the verification ECU 21 transmits a vehicle code, which is an ID unique to the vehicle 20, to the electronic key 10, and the electronic key 10 confirms the vehicle code.
  • the verification ECU 21 transmits to the electronic key 10 a challenge code whose code content changes every time it is transmitted.
  • the electronic key 10 encrypts the challenge code with an encryption key to generate a response code (electronic key side response code), and returns the response code to the vehicle 20.
  • the verification ECU 21 also generates a response code (vehicle-side response code) by encrypting the transmitted challenge code with the encryption key, and the vehicle-side response code is the electronic key side. Check if the response code matches.
  • the electronic key 10 transmits the electronic key ID to the vehicle 20, and the verification ECU 21 confirms the electronic key ID. In this embodiment, when the verification ECU 21 confirms that all of these verifications are established, the verification ECU 21 determines that the smart verification outside the vehicle has been established, and permits or executes locking / unlocking of the vehicle door by the body ECU 22.
  • the outside transmitter 26 forms a communication area (internal communication area) inside the vehicle. Is executed.
  • the collation ECU 21 confirms that the in-vehicle smart collation is established with the electronic key 10 located in the vehicle, the verification ECU 21 permits or executes switching of the power state (engine switching, etc.) by operating the engine switch 30.
  • the electronic key system includes an immobilizer system that can perform ID verification via wireless communication with the vehicle 20 even if the electronic key 10 does not have a battery.
  • immobilizer system near field communication, for example, RFID (Radio Frequency Identification) communication with a communication distance of several to several tens of centimeters is used.
  • RFID Radio Frequency Identification
  • communication performed in the immobilizer system is referred to as “immobilizer communication”
  • ID verification performed through immobilizer communication is referred to as “immobilizer verification”.
  • the vehicle 20 includes a communication antenna 32 that can transmit and receive short-range radio waves in the vehicle 20.
  • the electronic key 10 also includes a communication antenna 14 that can transmit and receive short-range radio waves in the electronic key 10.
  • Each of the memories 11a and 21a stores a transponder ID confirmed in the immobilizer system.
  • the communication antenna 32 is, for example, a bobbin provided around the engine switch 30 and wound with an antenna wire.
  • the communication antenna 32 is an example of a communication device.
  • the electronic key 10 runs out of battery, narrow area wireless communication cannot be used, so an immobilizer verification is performed.
  • the transponder ID of the electronic key 10 is transmitted to the vehicle 20 by load modulation communication, for example.
  • the verification ECU 21 compares the transponder ID of the electronic key 10 with the transponder ID registered in the memory 21a, and if they match, for example, the switching of the power supply state (switching of the engine start, etc.) by operating the engine switch 30 is permitted. To do.
  • a third party who has entered the vehicle 20 illicitly acquires information necessary for challenge response authentication by analyzing the operation status (eg, processing time, power consumption, etc.) of a device such as the verification ECU 21.
  • the operation status e.g., processing time, power consumption, etc.
  • the response code generation method may be analyzed.
  • the collation ECU 21 of the vehicle 20 generates and stores a plurality of pairs of challenge codes and response codes in advance in order to prevent side channel attacks.
  • the verification ECU 21 reads out one of the stored pairs of challenge code and response code, and performs challenge response authentication using the code of the pair.
  • the verification ECU 21 reads out and uses one of a plurality of pairs of challenge codes and response codes generated and stored in advance, not in the order in which the plurality of pairs are generated. By doing this, even if power consumption etc. is acquired when multiple response codes are generated in advance, the encryption key is analyzed by side channel attack by making the order of reading the codes random Can be prevented.
  • the verification ECU 21 generates and stores challenge codes in advance so that each challenge code has the same hamming weight. By doing in this way, it can prevent that the challenge code of encryption object is specified from the acquired power consumption etc. resulting from the difference in Hamming weight.
  • the collation ECU 21 generates a pair of challenge code and response code until the number of pairs reaches a predetermined value when a specific condition is satisfied.
  • the specific condition is a stored challenge code and response code in addition to when the vehicle 20 is turned on (for example, when a vehicle battery is electrically connected) or when a challenge code is transmitted. This is when the number of pairs becomes less than a predetermined value.
  • the verification ECU 21 newly generates a pair of challenge C and response R when the power of the vehicle 20 is turned on or when the challenge C is transmitted. For example, when the vehicle 20 is powered on, the pair of challenge C and response R is not stored in the memory 21a. Further, when one challenge C is transmitted after generating a plurality of pairs, the number of stored pairs of the challenge C and the response R is reduced by at least one from the predetermined value N. For this reason, in such a case, the verification ECU 21 generates a pair of challenge C and response R until the number of pairs stored in the memory 21a reaches a predetermined value N.
  • the verification ECU 21 generates the challenge C when the power of the vehicle 20 is turned on or when the challenge C is transmitted (step S11). At this time, the verification ECU 21 generates a random code having the same Hamming weight as the challenge C. Therefore, all generated challenges C have the same Hamming weight. By doing in this way, even if N power consumption values (that is, power consumption when encrypting each of the N challenges C) are acquired, the difference in the Hamming weight of the challenge C It is possible to prevent the challenge C to be encrypted from being identified from each power consumption value due to the difference in power consumption that occurs.
  • N power consumption values that is, power consumption when encrypting each of the N challenges C
  • the verification ECU 21 generates a response R (step S12).
  • collation ECU21 produces
  • the verification ECU 21 stores a pair of challenge C and response R (step S13).
  • the verification ECU 21 stores the pair of challenge C and response R in the memory 21a in the order in which the pair was generated.
  • the verification ECU 21 determines whether or not the stored number of pairs of challenge C and response R (stored number) is less than a predetermined value N (step S14). That is, the verification ECU 21 determines whether or not the number of pairs of challenge C and response R stored in the memory 21a is a predetermined value N.
  • step S14 YES
  • the verification ECU 21 determines that the number of stored pairs of challenge C and response R is less than the predetermined value N (step S14: YES)
  • the verification ECU 21 proceeds to step S11 and newly sets the challenge C and response R. Create a pair.
  • step S14 NO
  • the process is terminated. That is, the verification ECU 21 ends the generation of the challenge C and the response R.
  • the verification ECU 21 performs various verifications when an operation is performed on the door button 40 or the engine switch 30 provided on the door of the vehicle 20.
  • descriptions of vehicle code verification and electronic key ID verification will be omitted, and only challenge response authentication will be described.
  • the collation ECU 21 selects one of a plurality of challenges C stored in the memory 21a at random when an operation is performed on the door button 40 or the engine switch 30 (step S21). That is, the verification ECU 21 selects and reads a pair of the challenge C and the response R at random so that the order is different from the order stored in the memory 21a.
  • the verification ECU 21 transmits the selected challenge C (step S22). For example, if the door button 40 is operated, the verification ECU 21 transmits the challenge C of the selected pair from the outside transmitter 26. Alternatively, if the engine switch 30 has been operated, the verification ECU 21 transmits the selected pair of challenges C from the in-vehicle transmitter 27.
  • the verification ECU 21 compares the response R of the selected pair with the response R received from the electronic key 10 (step S23). That is, the verification ECU 21 compares the response R read from the memory 21a and paired with the challenge C used for the current transmission with the response R returned from the electronic key 10 in response to the challenge C.
  • step S24 determines whether or not the two responses R compared in step S24 match. That is, the verification ECU 21 checks whether or not the response R read from the memory 21a matches the received response R.
  • step S24 NO
  • the process ends.
  • the verification ECU 21 has received a response code from an electronic key corresponding to another vehicle, that is, has not received an appropriate response code, so challenge response authentication is not established. For this reason, collation ECU21 complete
  • step S24 determines that the two responses R match (step S24: YES)
  • the verification ECU 21 determines that challenge response authentication has been established and executes a request for vehicle operation (step S25). For example, if the door button 40 is operated, the verification ECU 21 permits or executes door locking / unlocking. Or if engine switch 30 was operated, collation ECU21 will permit or perform change of a power supply state.
  • a plurality of pairs of challenge C and response R are generated and stored in advance, and one of the plurality of pairs is read and challenge response authentication is performed. For this reason, since the encryption for generating the response R is not performed after the challenge C is transmitted, it is possible to prevent the power consumption and the like when the challenge C is encrypted from being acquired. Therefore, unauthorized challenge response authentication due to side channel attacks can be prevented.
  • the said embodiment can also be implemented with the following forms which changed this suitably.
  • the verification ECU 21 determines whether or not the number of stored pairs of challenge C and response R is less than a predetermined value N, and when the number of stored pairs is less than the predetermined value N, the challenge C And a response R may be generated and stored.
  • a new pair of challenge C and response R is generated and stored.
  • the comparison process with the predetermined value N may be omitted, and a new pair of challenge C and response R may be generated and stored each time the challenge C is transmitted. Further, the comparison process with the predetermined value N may be omitted, and a new pair of challenge C and response R may be generated and stored each time the response R is read.
  • the challenge C having the same Hamming weight is generated and stored. However, if there is no risk of guessing the challenge C due to a difference in the Hamming weight, a challenge C having a different Hamming weight may be generated and stored.
  • the pair of challenge C and response R is stored in order, and the pair of challenge C and response R is read at random so that the order is different from the stored order.
  • the pair of challenge C and response R may be stored randomly, and the pair of challenge C and response R may be read in the stored order.
  • one of a plurality of pairs of challenge C and response R is randomly read and used.
  • the pair of the challenge C and the response R may be read out and used in the stored order.
  • At least one of a plurality of stored pairs of challenge C and response R is a pair of challenge C and response R newly generated at a predetermined timing or at an arbitrary timing; It may be replaced.
  • N the number of stored pairs of challenge C and response R
  • n of the stored pairs (N) is replaced with a new pair of challenge C and response R
  • each challenge C It is necessary to check the power consumption when encrypting in order. That is, in order to intercept the challenge C, it is necessary to acquire (N + n) power consumption values. Therefore, it can be made more difficult to specify which challenge C the acquired power consumption is for encrypting.
  • the verification ECU 21, the outside transmitter 26, the in-vehicle transmitter 27, and the vehicle receiver 28 function as a control device that executes challenge response authentication.
  • the verification ECU 21 and the communication antenna 32 function as a control device that performs challenge-response authentication, and challenge codes and response codes are transmitted and received between the vehicle 20 and the electronic key 10 via the communication antenna 32. Is done.
  • the structure of the said embodiment was applied to the electronic key system with which the vehicle 20 is equipped, you may apply to the electronic key system with which buildings, such as a house, are equipped. That is, the communication target may be a home security system or the like.
  • the processing executed by the verification ECU 21 of the above embodiment can be realized by a dedicated hardware circuit or a command group (software) executed by a computer processor such as a CPU.
  • a computer processor can perform a verification process, such as challenge-response authentication, by reading instructions stored in a non-transitory computer-readable medium (eg, working memory such as RAM).
  • the instruction group includes a command configured to cause the computer processor to generate and store a plurality of pairs of challenge code and response code in advance.
  • the command includes a command configured to cause the computer processor to generate each pair of response codes by encrypting a corresponding challenge code with an encryption key.
  • the instructions further include instructions configured to cause the computer processor to read one of a plurality of prestored pairs and send the challenge code of the read pair.
  • the group of instructions further determines whether the response code paired with the challenge code read and transmitted to the computer processor (ie, the pre-stored response code) matches the response code received from the electronic key. Including instructions configured to cause the determination.
  • the response code received from the electronic key is a response code generated by the electronic key by encrypting the challenge code read and transmitted with the encryption key.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Mechanical Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)

Abstract

An electronic key system is provided with a control device. The control device is provided to a communication target that is capable of communicating with an electronic key, and said control unit controls the communication target on the basis of the establishment of challenge-response authentication. The control device generates a plurality of pairs of challenge codes (C) and response codes (R) in advance and stores the result. The control device generates the response code of each pair by using an encryption key to encrypt the corresponding challenge code. The control device reads one of the plurality of pairs that are stored in advance, transmits the challenge code of the read pair, and determines that challenge-response authentication has been established when the response code that forms a pair with the read and transmitted challenge code matches the response code that is received from the electronic key.

Description

電子キーシステム及び照合装置Electronic key system and verification device
 本発明は、電子キーと通信対象との間で無線通信を介してID照合を行う電子キーシステム及び照合装置に関する。 The present invention relates to an electronic key system and a verification device that perform ID verification via wireless communication between an electronic key and a communication target.
 従来、無線通信を介して電子キーのID照合を行うことにより車両を作動させる電子キーシステムが知られている(例えば、特許文献1参照)。この種の電子キーシステムでは、車両に搭載された送信アンテナから例えばLF(Low Frequency)帯の電波でリクエスト信号を送信する。電子キーは、このリクエスト信号を受信すると、自身に書き込まれているキーID信号を例えばUHF(Ultra High Frequency)帯の電波で車両に送信する。車両の照合ECUは、電子キーから送信されたキーID信号を車両の受信アンテナで受信すると、このキーID信号を基にID照合を行い、ID照合の成立が確認することができれば、例えば車両ドアの施解錠やエンジンの始動等を許可又は実行する。また、このID照合時には、チャレンジレスポンス認証を行い、セキュリティ性を高めている。 Conventionally, an electronic key system for operating a vehicle by performing ID collation of the electronic key via wireless communication is known (see, for example, Patent Document 1). In this type of electronic key system, a request signal is transmitted from a transmission antenna mounted on a vehicle, for example, by radio waves in the LF (Low Frequency) band. When receiving the request signal, the electronic key transmits a key ID signal written in the electronic key to the vehicle using radio waves in, for example, a UHF (Ultra High Frequency) band. When the vehicle verification ECU receives the key ID signal transmitted from the electronic key at the reception antenna of the vehicle, the vehicle verification ECU performs ID verification based on the key ID signal, and if the ID verification can be confirmed, for example, the vehicle door Permit / execute locking / unlocking and engine starting. At the time of ID verification, challenge response authentication is performed to enhance security.
特開2005-262915号公報JP 2005-262915 A
 ところで、上記のような電子キーシステムでは、車両に侵入した第三者が、装置の動作状況を解析してチャレンジレスポンス認証に必要な情報を不正に取得することがある。このような不正な情報取得はサイドチャネル攻撃と呼ばれる。例えば、チャレンジレスポンス認証でのレスポンスコードの生成方法が解析されるおそれがある。そして、サイドチャネル攻撃を受けた場合には、電子キーを携帯しない第三者によって取得された情報が通信されてチャレンジレスポンス認証が成立することで、第三者によって勝手に車両ドアの解錠やエンジンの始動が許可又は実行されるおそれがある。そこで、サイドチャネル攻撃を受けたとしても、不正なチャレンジレスポンス認証を防ぐことができる電子キーシステムが求められている。 By the way, in the electronic key system as described above, a third party who has entered the vehicle may analyze the operation status of the device and illegally acquire information necessary for challenge-response authentication. Such illegal information acquisition is called a side channel attack. For example, a method for generating a response code in challenge response authentication may be analyzed. When a side channel attack is received, information obtained by a third party who does not carry the electronic key is communicated to establish challenge response authentication, so that the third party can unlock the vehicle door without permission. There is a risk that engine start may be permitted or executed. Thus, there is a need for an electronic key system that can prevent unauthorized challenge-response authentication even when subjected to a side channel attack.
 本発明の目的は、サイドチャネル攻撃による不正なチャレンジレスポンス認証を防ぐことができる電子キーシステム及び照合装置を提供することにある。 An object of the present invention is to provide an electronic key system and a verification device that can prevent unauthorized challenge response authentication due to a side channel attack.
 本発明の一態様により、電子キーシステムが提供される。電子キーシステムは、電子キーと、前記電子キーと通信可能な通信対象に設けられ、前記電子キーとの無線通信を介してチャレンジレスポンス認証を実行し、該チャレンジレスポンス認証の成立に基づいて前記通信対象を制御する制御装置とを備える。前記制御装置は、チャレンジコードとレスポンスコードとの複数のペアを予め生成して記憶するように構成されている。ここで、前記制御装置は、各ペアのレスポンスコードを、対応するチャレンジコードを暗号鍵によって暗号化することで生成する。前記制御装置はさらに、予め記憶された前記複数のペアのうちの1つを読み出して、その読み出したペアの前記チャレンジコードを送信するように構成されている。前記制御装置はさらに、読み出されて送信された前記チャレンジコードを暗号鍵によって暗号化することにより前記電子キーが生成したレスポンスコードを受信するように構成されている。前記制御装置はさらに、読み出されて送信された前記チャレンジコードとペアを組む前記レスポンスコードが前記電子キーから受信した前記レスポンスコードと一致したときにチャレンジレスポンス認証が成立したと判断するように構成されている。 According to one aspect of the present invention, an electronic key system is provided. The electronic key system is provided in a communication target capable of communicating with the electronic key and the electronic key, executes challenge response authentication via wireless communication with the electronic key, and performs the communication based on establishment of the challenge response authentication. And a control device for controlling the object. The control device is configured to generate and store a plurality of pairs of challenge code and response code in advance. Here, the control device generates a response code for each pair by encrypting a corresponding challenge code with an encryption key. The control device is further configured to read one of the plurality of previously stored pairs and transmit the challenge code of the read pair. The control device is further configured to receive the response code generated by the electronic key by encrypting the challenge code read and transmitted with an encryption key. The controller is further configured to determine that challenge response authentication has been established when the response code paired with the read and transmitted challenge code matches the response code received from the electronic key. Has been.
 従来のシステムでは、通信対象は、チャレンジコードを送信した後に、暗号鍵によって該チャレンジコードを暗号化することでレスポンスコードを生成する。しかし、このような従来のシステムは、通信対象がチャレンジコードを暗号化する際の消費電力等を解析することによって暗号鍵ひいてはチャレンジコードを特定しようとするサイドチャネル攻撃に曝されている。これに対し、上記構成では、チャレンジコードとレスポンスコードとの複数のペアが予め生成されて記憶される。そして、予め記憶された複数のペアのうちの1つが読み出されてチャレンジレスポンス認証が行われる。このため、通信対象の制御装置は、チャレンジコードを送信した後にレスポンスコードを生成するための暗号化処理を行わない。従って、チャレンジレスポンス認証が行われる間に、チャレンジコードを暗号化する際の消費電力等が取得されることを防ぐことができる。よって、サイドチャネル攻撃による不正なチャレンジレスポンス認証を防ぐことができる。 In the conventional system, the communication target generates a response code by encrypting the challenge code with an encryption key after transmitting the challenge code. However, such a conventional system is exposed to a side channel attack that attempts to identify an encryption key and thus a challenge code by analyzing power consumption and the like when a communication target encrypts the challenge code. In contrast, in the above configuration, a plurality of pairs of challenge code and response code are generated and stored in advance. Then, one of a plurality of pairs stored in advance is read out, and challenge response authentication is performed. For this reason, the communication target control device does not perform the encryption process for generating the response code after transmitting the challenge code. Therefore, it is possible to prevent the power consumption and the like when encrypting the challenge code from being acquired during challenge response authentication. Therefore, unauthorized challenge response authentication due to side channel attacks can be prevented.
 本発明の他の態様により、照合装置が提供される。照合装置は、通信機を介して電子キーと通信可能なコンピュータプロセッサを備える。前記コンピュータプロセッサは、前記電子キーとの無線通信を介してチャレンジレスポンス認証を実行するための命令群を格納する非一時的コンピュータ可読媒体を含む。前記命令群は、前記コンピュータプロセッサに、チャレンジコードとレスポンスコードとの複数のペアを予め生成して記憶させるように構成された指令を含む。ここで、当該指令は、前記コンピュータプロセッサに、各ペアのレスポンスコードを、対応するチャレンジコードを暗号鍵によって暗号化することで生成させるように構成された指令を含む。前記命令群はさらに、前記コンピュータプロセッサに、予め記憶された前記複数のペアのうちの1つを読み出して、その読み出したペアの前記チャレンジコードを送信させるように構成された指令を含む。前記命令群はさらに、前記コンピュータプロセッサに、読み出されて送信された前記チャレンジコードとペアを組む前記レスポンスコードが、前記電子キーから受信したレスポンスコードと一致するか否かを判定させるように構成された指令を含む。ここで、前記電子キーから受信した前記レスポンスコードは、読み出されて送信された前記チャレンジコードを暗号鍵によって暗号化することにより前記電子キーが生成したレスポンスコードである。 According to another aspect of the present invention, a verification device is provided. The verification device includes a computer processor that can communicate with the electronic key via a communication device. The computer processor includes a non-transitory computer readable medium that stores instructions for performing challenge response authentication via wireless communication with the electronic key. The instruction group includes an instruction configured to cause the computer processor to generate and store a plurality of pairs of challenge codes and response codes in advance. Here, the instruction includes an instruction configured to cause the computer processor to generate a response code for each pair by encrypting a corresponding challenge code with an encryption key. The group of instructions further includes instructions configured to cause the computer processor to read one of the plurality of prestored pairs and to transmit the challenge code of the read pair. The instructions are further configured to cause the computer processor to determine whether the response code paired with the challenge code read and transmitted matches the response code received from the electronic key. Included directives. Here, the response code received from the electronic key is a response code generated by the electronic key by encrypting the challenge code read and transmitted with an encryption key.
 この照合装置によれば、上記電子キーシステムと同様に、サイドチャネル攻撃による不正なチャレンジレスポンス認証を防ぐことができる。 According to this verification device, as in the above electronic key system, it is possible to prevent unauthorized challenge response authentication due to a side channel attack.
 本発明によれば、サイドチャネル攻撃による不正なチャレンジレスポンス認証を防ぐことができる。 According to the present invention, it is possible to prevent an unauthorized challenge response authentication due to a side channel attack.
電子キーシステムの概略構成を示すブロック図。The block diagram which shows schematic structure of an electronic key system. 車両の制御装置によるチャレンジコード及びレスポンスコードの生成処理を示すフローチャート。The flowchart which shows the production | generation process of the challenge code and response code by the vehicle control apparatus. 車両の制御装置による認証処理を示すフローチャート。The flowchart which shows the authentication process by the control apparatus of a vehicle.
 以下、図1~図3を参照して、電子キーシステムの一実施形態について説明する。
 図1は、通信対象である車両20に設けられた制御装置と、制御装置と無線通信可能な電子キー10とを備えた電子キーシステムを示している。本実施形態において、車両20の制御装置は、電子キー10との無線通信を介してチャレンジレスポンス認証などの各種のID照合を行う。例えば、電子キーシステムでは、車両20の制御装置による通信開始を契機に、狭域無線通信を介してID照合が行われる。なお、以降の説明では、電子キーシステムで行われる狭域無線通信を「スマート通信」と記し、スマート通信によって行われるID照合を「スマート照合」と記す。 Hereinafter, an embodiment of an electronic key system will be described with reference to FIGS.
FIG. 1 shows an electronic key system including a control device provided in a vehicle 20 that is a communication target and an electronic key 10 that can wirelessly communicate with the control device. In the present embodiment, the control device of the vehicle 20 performs various ID verifications such as challenge response authentication via wireless communication with the electronic key 10. For example, in an electronic key system, ID collation is performed via narrow-area wireless communication when the control device of the vehicle 20 starts communication. In the following description, narrow area wireless communication performed by the electronic key system is referred to as “smart communication”, and ID verification performed by smart communication is described as “smart verification”.
 電子キー10は、電子キー10の動作を制御するキー制御部11と、電子キー10において電波受信を可能とする受信アンテナ12と、電子キー10において電波送信を可能とする送信アンテナ13とを備えている。キー制御部11のメモリ11aには、電子キー10に固有の電子キーIDが格納されている。受信アンテナ12は、例えばLF(Low Frequency)帯の電波を受信可能である。送信アンテナ13は、例えばUHF(Ultra High Frequency)帯の電波を送信可能である。 The electronic key 10 includes a key control unit 11 that controls the operation of the electronic key 10, a receiving antenna 12 that enables radio reception by the electronic key 10, and a transmission antenna 13 that enables radio transmission by the electronic key 10. ing. An electronic key ID unique to the electronic key 10 is stored in the memory 11 a of the key control unit 11. The receiving antenna 12 can receive, for example, radio waves in the LF (Low Frequency) band. The transmission antenna 13 can transmit a radio wave of, for example, a UHF (Ultra High Frequency) band.
 車両20は、電子キー10との無線通信を介して各種照合を実行する照合ECU(Electric Control Unit)21と、車載電装品の電源を管理するボディECU22と、エンジン24を制御するエンジンECU23とを備えている。これらは、車内の通信線25を通じて電気接続されている。通信線25は、例えばCAN(Controller Area Network)やLIN(Local Interconnect Network)である。照合ECU21のメモリ21aには、電子キー10の電子キーIDが格納されており、これにより、使用可能な電子キー10が車両20に登録されている。 The vehicle 20 includes a verification ECU (Electric Control Unit) 21 that performs various verifications via wireless communication with the electronic key 10, a body ECU 22 that manages the power source of the on-vehicle electrical components, and an engine ECU 23 that controls the engine 24. I have. These are electrically connected through a communication line 25 in the vehicle. The communication line 25 is, for example, CAN (Controller Area Network) or LIN (Local Interconnect Network). The memory 21 a of the verification ECU 21 stores the electronic key ID of the electronic key 10, and thus the usable electronic key 10 is registered in the vehicle 20.
 車両20は、ID照合の通信において車外に電波を送信可能な車外送信機26と、ID照合の通信において車内に電波を送信可能な車内送信機27と、ID照合の通信において電子キー10から送信される電波を受信可能な車両受信機28とを備えている。これらは、照合ECU21に電気接続されている。車外送信機26及び車内送信機27は、例えばLF帯の電波を送信可能である。車両受信機28は、例えばUHF帯の電波を受信可能である。送信機26,27,28はそれぞれ通信機の一例である。 The vehicle 20 transmits from the outside transmitter 26 capable of transmitting radio waves outside the vehicle in ID verification communication, the in-vehicle transmitter 27 capable of transmitting radio waves inside the vehicle in ID verification communication, and the electronic key 10 in ID verification communication. And a vehicle receiver 28 capable of receiving received radio waves. These are electrically connected to the verification ECU 21. The vehicle transmitter 26 and the vehicle transmitter 27 can transmit, for example, LF band radio waves. The vehicle receiver 28 can receive, for example, UHF radio waves. Each of the transmitters 26, 27, and 28 is an example of a communication device.
 車両20は、車両ドアの施解錠を切り替えるメカニカル機構としてドアロック機構29を備えている。ボディECU22は、照合ECU21によって制御されるID照合の結果に基づき、ドアロック機構29の施解錠を切り替える。車両20の各ドアには、ドアの施解錠のトリガとなるドアボタン40が備えられている。 The vehicle 20 includes a door lock mechanism 29 as a mechanical mechanism that switches between locking and unlocking the vehicle door. The body ECU 22 switches between locking and unlocking of the door lock mechanism 29 based on the result of ID verification controlled by the verification ECU 21. Each door of the vehicle 20 is provided with a door button 40 serving as a trigger for locking and unlocking the door.
 車両20は、車両20の電源状態を切り替えるときに操作されるエンジンスイッチ30を備える。エンジンスイッチ30は、エンジンスイッチ30への例えばプッシュ操作(オン操作)を検出する操作検出部31を備えている。操作検出部31は、スイッチ素子(例えばマイクロスイッチ)や、センサ(磁気センサや光学センサ)のいずれでもよい。操作検出部31は、エンジンスイッチ30が操作されると、その操作信号Sswを照合ECU21に出力する。エンジンスイッチ30の操作時には、操作信号Sswとして例えばオン信号が出力される。 The vehicle 20 includes an engine switch 30 that is operated when the power state of the vehicle 20 is switched. The engine switch 30 includes an operation detection unit 31 that detects, for example, a push operation (on operation) to the engine switch 30. The operation detection unit 31 may be either a switch element (for example, a micro switch) or a sensor (a magnetic sensor or an optical sensor). When the engine switch 30 is operated, the operation detection unit 31 outputs the operation signal Ssw to the verification ECU 21. When the engine switch 30 is operated, for example, an ON signal is output as the operation signal Ssw.
 照合ECU21は、操作検出部31から供給された操作信号Sswを基に、車両20の電源状態を判定する。照合ECU21は、電源状態の判定結果を基に車両20の電源状態を切り替える。車両20の電源状態は、例えばIGオフ、ACCオン、IGオン、エンジンスタートのいずれかの状態に切り替えられる。 The verification ECU 21 determines the power state of the vehicle 20 based on the operation signal Ssw supplied from the operation detection unit 31. The verification ECU 21 switches the power state of the vehicle 20 based on the determination result of the power state. The power supply state of the vehicle 20 is switched to any of IG off, ACC on, IG on, and engine start, for example.
 車外送信機26が車外にLF電波の通信エリア(外部通信エリア)を形成するとき、この通信エリアに電子キー10が進入すると、車外スマート通信が実行される。本実施例では、照合ECU21は車外送信機26からウェイク信号を送信し、電子キー10はこのウェイク信号を受信すると起動してアックノレッジ信号を返信する。そして、続く通信プロセスにおいて、照合ECU21は、車両コード照合、チャレンジレスポンス認証、電子キーID照合等の各種照合を実行する。車両コード照合では、照合ECU21は、車両20に固有のIDである車両コードを電子キー10に送信し、電子キー10はその車両コードを確認する。チャレンジレスポンス認証では、照合ECU21は、送信度にコードの内容が毎回変わるチャレンジコードを電子キー10に送信する。電子キー10は、そのチャレンジコードを暗号鍵により暗号化することでレスポンスコード(電子キー側レスポンスコード)を生成し、このレスポンスコードを車両20に返信する。また、電子キー10での演算と同様に、照合ECU21も、送信したチャレンジコードを暗号鍵により暗号化することでレスポンスコード(車両側レスポンスコード)を生成し、この車両側レスポンスコードが電子キー側レスポンスコードと一致するか否かを確認する。電子キーID照合では、電子キー10は電子キーIDを車両20に送信し、照合ECU21はその電子キーIDを確認する。本実施例では、照合ECU21は、これら照合が全て成立することを確認すると、車外スマート照合が成立したと判断して、ボディECU22による車両ドアの施解錠を許可又は実行する。 When the external transmitter 26 forms an LF radio wave communication area (external communication area) outside the vehicle, when the electronic key 10 enters the communication area, smart communication outside the vehicle is executed. In this embodiment, the verification ECU 21 transmits a wake signal from the vehicle-mounted transmitter 26, and when the electronic key 10 receives this wake signal, it activates and returns an acknowledgment signal. In the subsequent communication process, the verification ECU 21 executes various verifications such as vehicle code verification, challenge response authentication, and electronic key ID verification. In the vehicle code verification, the verification ECU 21 transmits a vehicle code, which is an ID unique to the vehicle 20, to the electronic key 10, and the electronic key 10 confirms the vehicle code. In the challenge response authentication, the verification ECU 21 transmits to the electronic key 10 a challenge code whose code content changes every time it is transmitted. The electronic key 10 encrypts the challenge code with an encryption key to generate a response code (electronic key side response code), and returns the response code to the vehicle 20. Similarly to the calculation with the electronic key 10, the verification ECU 21 also generates a response code (vehicle-side response code) by encrypting the transmitted challenge code with the encryption key, and the vehicle-side response code is the electronic key side. Check if the response code matches. In the electronic key ID verification, the electronic key 10 transmits the electronic key ID to the vehicle 20, and the verification ECU 21 confirms the electronic key ID. In this embodiment, when the verification ECU 21 confirms that all of these verifications are established, the verification ECU 21 determines that the smart verification outside the vehicle has been established, and permits or executes locking / unlocking of the vehicle door by the body ECU 22.
 電子キー10が車内に進入すると、車外送信機26に代えて、今度は車外送信機26が車内に通信エリア(内部通信エリア)を形成することにより、車外スマート照合と同様な方法で車内スマート照合が実行される。照合ECU21は、車内に位置する電子キー10との間で車内スマート照合が成立することを確認すると、エンジンスイッチ30の操作による電源状態の切り替え(エンジン始動の切り替え等)を許可又は実行する。 When the electronic key 10 enters the inside of the vehicle, instead of the outside transmitter 26, this time the outside transmitter 26 forms a communication area (internal communication area) inside the vehicle. Is executed. When the collation ECU 21 confirms that the in-vehicle smart collation is established with the electronic key 10 located in the vehicle, the verification ECU 21 permits or executes switching of the power state (engine switching, etc.) by operating the engine switch 30.
 電子キーシステムは、電子キー10に電池がなくとも、車両20との無線通信を介したID照合が可能なイモビライザーシステムを備えている。このイモビライザーシステムでは、近距離無線通信、例えば通信距離が数~数十cmのRFID(Radio Frequency Identification)通信が用いられる。以降の説明においては、イモビライザーシステムで行われる通信を「イモビライザー通信」と記し、イモビライザー通信によって行われるID照合を「イモビライザー照合」と記す。 The electronic key system includes an immobilizer system that can perform ID verification via wireless communication with the vehicle 20 even if the electronic key 10 does not have a battery. In this immobilizer system, near field communication, for example, RFID (Radio Frequency Identification) communication with a communication distance of several to several tens of centimeters is used. In the following description, communication performed in the immobilizer system is referred to as “immobilizer communication”, and ID verification performed through immobilizer communication is referred to as “immobilizer verification”.
 車両20は、車両20において近距離無線の電波を送受信可能な通信アンテナ32を備えている。また、電子キー10は、電子キー10において近距離無線の電波を送受信可能な通信アンテナ14を備えている。各メモリ11a,21aには、イモビライザーシステムにおいて確認されるトランスポンダIDが格納されている。通信アンテナ32は、例えばエンジンスイッチ30の外周に設けられ、アンテナ線が巻き付けられたボビンなどである。通信アンテナ32は通信機の一例である。 The vehicle 20 includes a communication antenna 32 that can transmit and receive short-range radio waves in the vehicle 20. The electronic key 10 also includes a communication antenna 14 that can transmit and receive short-range radio waves in the electronic key 10. Each of the memories 11a and 21a stores a transponder ID confirmed in the immobilizer system. The communication antenna 32 is, for example, a bobbin provided around the engine switch 30 and wound with an antenna wire. The communication antenna 32 is an example of a communication device.
 電子キー10が電池切れになったとき、狭域無線通信は使用することができないので、イモビライザー照合を行う。このとき、電子キー10を車両20の通信アンテナ32にかざすと、例えば負荷変調通信により電子キー10のトランスポンダIDが車両20に送信される。照合ECU21は、電子キー10のトランスポンダIDを、メモリ21aに登録されたトランスポンダIDと比較し、これらが一致すれば、例えばエンジンスイッチ30の操作による電源状態の切り替え(エンジン始動の切り替え等)を許可する。 狭 When the electronic key 10 runs out of battery, narrow area wireless communication cannot be used, so an immobilizer verification is performed. At this time, when the electronic key 10 is held over the communication antenna 32 of the vehicle 20, the transponder ID of the electronic key 10 is transmitted to the vehicle 20 by load modulation communication, for example. The verification ECU 21 compares the transponder ID of the electronic key 10 with the transponder ID registered in the memory 21a, and if they match, for example, the switching of the power supply state (switching of the engine start, etc.) by operating the engine switch 30 is permitted. To do.
 ここで、電子キーシステムでは、車両20に侵入した第三者が、照合ECU21などの装置の動作状況(例えば処理時間や消費電力など)を解析してチャレンジレスポンス認証に必要な情報を不正に取得することがある。このような動作解析に基づく不正な情報取得はサイドチャネル攻撃と呼ばれる。例えば、レスポンスコードの生成方法が解析されるおそれがある。本実施形態では、サイドチャネル攻撃を防止すべく、車両20の照合ECU21は、チャレンジコードとレスポンスコードとの複数のペアを予め生成して記憶している。そして、照合ECU21は、記憶されているチャレンジコードとレスポンスコードとのペアのうちの1つを読み出して、そのペアのコードを用いてチャレンジレスポンス認証を行う。このようにすることで、照合ECU21は、チャレンジレスポンス認証が行われる間においてチャレンジコードを送信した後にレスポンスコードを生成しないので、送信されたチャレンジコードに対応するレスポンスコードを生成する際の消費電力等が取得されることが防止される。 Here, in the electronic key system, a third party who has entered the vehicle 20 illicitly acquires information necessary for challenge response authentication by analyzing the operation status (eg, processing time, power consumption, etc.) of a device such as the verification ECU 21. There are things to do. Such illegal information acquisition based on behavior analysis is called a side channel attack. For example, the response code generation method may be analyzed. In the present embodiment, the collation ECU 21 of the vehicle 20 generates and stores a plurality of pairs of challenge codes and response codes in advance in order to prevent side channel attacks. Then, the verification ECU 21 reads out one of the stored pairs of challenge code and response code, and performs challenge response authentication using the code of the pair. By doing in this way, since verification ECU21 does not generate a response code after transmitting a challenge code while challenge response authentication is performed, power consumption at the time of generating a response code corresponding to the transmitted challenge code, etc. Is prevented from being acquired.
 さらに、照合ECU21は、予め生成して記憶したチャレンジコードとレスポンスコードとの複数のペアのうちの1つを、それら複数のペアを生成した順ではなく、ランダムに読み出して使用する。このようにすることで、万が一複数のレスポンスコードを予め生成する際に消費電力等が取得されたとしても、コードを読み出す順をランダムとすることで、サイドチャネル攻撃によって暗号鍵が解析されることを防ぐことができる。 Furthermore, the verification ECU 21 reads out and uses one of a plurality of pairs of challenge codes and response codes generated and stored in advance, not in the order in which the plurality of pairs are generated. By doing this, even if power consumption etc. is acquired when multiple response codes are generated in advance, the encryption key is analyzed by side channel attack by making the order of reading the codes random Can be prevented.
 さらに、照合ECU21は、各チャレンジコードが同じハミング重みを有するようにチャレンジコードを予め生成して記憶する。このようにすることで、ハミング重みの違いに起因して、取得された消費電力等から、暗号化対象のチャレンジコードが特定されることを防ぐことができる。 Further, the verification ECU 21 generates and stores challenge codes in advance so that each challenge code has the same hamming weight. By doing in this way, it can prevent that the challenge code of encryption object is specified from the acquired power consumption etc. resulting from the difference in Hamming weight.
 照合ECU21は、特定の条件が成立したときに、チャレンジコードとレスポンスコードとのペアをそのペアの数が所定値に達するまで生成する。特定の条件とは、車両20の電源が投入されたとき(例えば車両バッテリが電気的に接続されたとき)や、チャレンジコードが送信されたときに加えて、記憶されているチャレンジコードとレスポンスコードとのペアの数が所定値未満となったときである。 The collation ECU 21 generates a pair of challenge code and response code until the number of pairs reaches a predetermined value when a specific condition is satisfied. The specific condition is a stored challenge code and response code in addition to when the vehicle 20 is turned on (for example, when a vehicle battery is electrically connected) or when a challenge code is transmitted. This is when the number of pairs becomes less than a predetermined value.
 次に、図2及び図3を参照して、上記のように構成された電子キーシステムの動作について説明する。
 まず、図2を参照して、照合ECU21によって実行されるチャレンジC(チャレンジコード)及びレスポンスR(レスポンスコード)の生成処理について説明する。 Next, the operation of the electronic key system configured as described above will be described with reference to FIGS.
First, with reference to FIG. 2, the process of generating a challenge C (challenge code) and a response R (response code) executed by the verification ECU 21 will be described.
 照合ECU21は、車両20の電源が投入されたときや、チャレンジCを送信したときに、チャレンジCとレスポンスRとのペアを新たに生成する。例えば、車両20の電源が投入されたときには、メモリ21aにチャレンジCとレスポンスRとのペアは記憶されていない。また、複数のペアを生成した後、それらペアのうちの1つのチャレンジCを送信したときには、チャレンジCとレスポンスRとのペアの記憶数が所定値Nから少なくとも1つ減っている。このため、このようなときには、照合ECU21は、チャレンジCとレスポンスRとのペアを、メモリ21aにおけるペアの記憶数が所定値Nに達するまで生成する。 The verification ECU 21 newly generates a pair of challenge C and response R when the power of the vehicle 20 is turned on or when the challenge C is transmitted. For example, when the vehicle 20 is powered on, the pair of challenge C and response R is not stored in the memory 21a. Further, when one challenge C is transmitted after generating a plurality of pairs, the number of stored pairs of the challenge C and the response R is reduced by at least one from the predetermined value N. For this reason, in such a case, the verification ECU 21 generates a pair of challenge C and response R until the number of pairs stored in the memory 21a reaches a predetermined value N.
 このように、照合ECU21は、車両20の電源が投入されたときや、チャレンジCが送信されたときに、チャレンジCを生成する(ステップS11)。このとき、照合ECU21は、ハミング重みが同じであるランダムコードを、チャレンジCとして生成する。従って、生成されたチャレンジCは全て同じハミング重みを有する。このようにすることで、N個の消費電力値(つまり、N個のチャレンジCをそれぞれ暗号化する際の消費電力)等が取得された場合であっても、チャレンジCのハミング重みの違いから生じる消費電力の違いに起因して暗号化対象のチャレンジCが各消費電力値から特定されることを防ぐことができる。 Thus, the verification ECU 21 generates the challenge C when the power of the vehicle 20 is turned on or when the challenge C is transmitted (step S11). At this time, the verification ECU 21 generates a random code having the same Hamming weight as the challenge C. Therefore, all generated challenges C have the same Hamming weight. By doing in this way, even if N power consumption values (that is, power consumption when encrypting each of the N challenges C) are acquired, the difference in the Hamming weight of the challenge C It is possible to prevent the challenge C to be encrypted from being identified from each power consumption value due to the difference in power consumption that occurs.
 続いて、照合ECU21は、レスポンスRを生成する(ステップS12)。本実施形態では、照合ECU21は、先に生成したチャレンジCを暗号鍵によって暗号化することでレスポンスRを生成する。 Subsequently, the verification ECU 21 generates a response R (step S12). In this embodiment, collation ECU21 produces | generates the response R by encrypting the challenge C produced | generated previously with an encryption key.
 続いて、照合ECU21は、チャレンジCとレスポンスRとのペアを記憶する(ステップS13)。照合ECU21は、チャレンジCとレスポンスRとのペアを生成すると、チャレンジCとレスポンスRとのペアを生成した順にメモリ21aに記憶する。 Subsequently, the verification ECU 21 stores a pair of challenge C and response R (step S13). When the pair of challenge C and response R is generated, the verification ECU 21 stores the pair of challenge C and response R in the memory 21a in the order in which the pair was generated.
 続いて、照合ECU21は、記憶したチャレンジCとレスポンスRとのペアの数(記憶数)が所定値N未満か否かを判断する(ステップS14)。すなわち、照合ECU21は、メモリ21aに記憶されているチャレンジCとレスポンスRとのペアの数が所定値Nであるか否かを判断する。 Subsequently, the verification ECU 21 determines whether or not the stored number of pairs of challenge C and response R (stored number) is less than a predetermined value N (step S14). That is, the verification ECU 21 determines whether or not the number of pairs of challenge C and response R stored in the memory 21a is a predetermined value N.
 照合ECU21は、チャレンジCとレスポンスRとのペアが記憶されている数が所定値N未満と判断した場合には(ステップS14:YES)、ステップS11に移行してチャレンジCとレスポンスRとの新たなペアを生成する。 When the verification ECU 21 determines that the number of stored pairs of challenge C and response R is less than the predetermined value N (step S14: YES), the verification ECU 21 proceeds to step S11 and newly sets the challenge C and response R. Create a pair.
 一方、照合ECU21は、チャレンジCとレスポンスRとのペアが記憶されている数が所定値N以上であると判断した場合には(ステップS14:NO)、処理を終了する。すなわち、照合ECU21は、チャレンジCとレスポンスRとの生成を終了する。 On the other hand, when the verification ECU 21 determines that the number of stored pairs of challenge C and response R is greater than or equal to the predetermined value N (step S14: NO), the process is terminated. That is, the verification ECU 21 ends the generation of the challenge C and the response R.
 次に、図3を参照して、照合ECU21によって実行されるチャレンジレスポンス認証の処理について説明する。
 照合ECU21は、車両20のドアに設けられたドアボタン40又はエンジンスイッチ30に対して操作があったときに各種の照合を行う。ここでは、車両コード照合及び電子キーID照合の説明を割愛し、チャレンジレスポンス認証のみを説明する。 Next, a challenge response authentication process executed by the verification ECU 21 will be described with reference to FIG.
The verification ECU 21 performs various verifications when an operation is performed on the door button 40 or the engine switch 30 provided on the door of the vehicle 20. Here, descriptions of vehicle code verification and electronic key ID verification will be omitted, and only challenge response authentication will be described.
 照合ECU21は、ドアボタン40又はエンジンスイッチ30に対して操作があると、メモリ21aに記憶されている複数のチャレンジCのうちの1つをランダムに選択する(ステップS21)。すなわち、照合ECU21は、メモリ21aに記憶された順と異なる順となるようにランダムにチャレンジCとレスポンスRとのペアを選択して読み出す。 The collation ECU 21 selects one of a plurality of challenges C stored in the memory 21a at random when an operation is performed on the door button 40 or the engine switch 30 (step S21). That is, the verification ECU 21 selects and reads a pair of the challenge C and the response R at random so that the order is different from the order stored in the memory 21a.
 続いて、照合ECU21は、選択したチャレンジCを送信する(ステップS22)。例えば、ドアボタン40が操作されたのであれば、照合ECU21は、選択したペアのチャレンジCを車外送信機26から送信する。あるいは、エンジンスイッチ30が操作されたのであれば、照合ECU21は、選択したペアのチャレンジCを車内送信機27から送信する。 Subsequently, the verification ECU 21 transmits the selected challenge C (step S22). For example, if the door button 40 is operated, the verification ECU 21 transmits the challenge C of the selected pair from the outside transmitter 26. Alternatively, if the engine switch 30 has been operated, the verification ECU 21 transmits the selected pair of challenges C from the in-vehicle transmitter 27.
 続いて、照合ECU21は、選択したペアのレスポンスRを、電子キー10から受信したレスポンスRと比較する(ステップS23)。すなわち、照合ECU21は、メモリ21aから読み出され、今回の送信に使用したチャレンジCとペアを組むレスポンスRを、そのチャレンジCに応答して電子キー10から返信されたレスポンスRと比較する。 Subsequently, the verification ECU 21 compares the response R of the selected pair with the response R received from the electronic key 10 (step S23). That is, the verification ECU 21 compares the response R read from the memory 21a and paired with the challenge C used for the current transmission with the response R returned from the electronic key 10 in response to the challenge C.
 続いて、照合ECU21は、上記ステップS24で比較した2つのレスポンスRが一致するか否かを判断する(ステップS24)。すなわち、照合ECU21は、メモリ21aから読み出したレスポンスRと、受信したレスポンスRとが一致するか否かを確認する。 Subsequently, the verification ECU 21 determines whether or not the two responses R compared in step S24 match (step S24). That is, the verification ECU 21 checks whether or not the response R read from the memory 21a matches the received response R.
 照合ECU21は、2つのレスポンスRが一致しないと判断した場合には(ステップS24:NO)、処理を終了する。この場合、照合ECU21は、他の車両に対応する電子キーからのレスポンスコード等を受信している、つまり、適切なレスポンスコードを受信していないので、チャレンジレスポンス認証が成立しない。このため、照合ECU21は、車両操作に関する要求を実行することなく、処理を終了する。 If the verification ECU 21 determines that the two responses R do not match (step S24: NO), the process ends. In this case, the verification ECU 21 has received a response code from an electronic key corresponding to another vehicle, that is, has not received an appropriate response code, so challenge response authentication is not established. For this reason, collation ECU21 complete | finishes a process, without performing the request | requirement regarding vehicle operation.
 一方、照合ECU21は、2つのレスポンスRが一致すると判断した場合には(ステップS24:YES)、チャレンジレスポンス認証が成立したと判断して、車両操作に関する要求を実行する(ステップS25)。例えばドアボタン40が操作されたのであれば、照合ECU21はドアの施解錠を許可又は実行する。あるいは、エンジンスイッチ30が操作されたのであれば、照合ECU21は電源状態の変更を許可又は実行する。 On the other hand, if the verification ECU 21 determines that the two responses R match (step S24: YES), the verification ECU 21 determines that challenge response authentication has been established and executes a request for vehicle operation (step S25). For example, if the door button 40 is operated, the verification ECU 21 permits or executes door locking / unlocking. Or if engine switch 30 was operated, collation ECU21 will permit or perform change of a power supply state.
 このように、チャレンジCとレスポンスRとの複数のペアが予め生成されて記憶されることで、チャレンジCが送信された後にレスポンスRが生成されない。このため、チャレンジCに対応するレスポンスRの生成方法が解析されることを防ぐことができる。 In this way, a plurality of pairs of challenge C and response R are generated and stored in advance, so that response R is not generated after challenge C is transmitted. For this reason, it is possible to prevent the method of generating the response R corresponding to the challenge C from being analyzed.
 以上説明したように、本実施形態によれば、以下の効果を奏することができる。
 (1)チャレンジCとレスポンスRとの複数のペアが予め生成されて記憶され、それら複数のペアのうちの1つが読み出されてチャレンジレスポンス認証が行われる。このため、チャレンジCを送信した後にレスポンスRを生成するための暗号化が行われないので、チャレンジCを暗号化する際の消費電力等が取得されることを防ぐことができる。よって、サイドチャネル攻撃による不正なチャレンジレスポンス認証を防ぐことができる。 As described above, according to this embodiment, the following effects can be obtained.
(1) A plurality of pairs of challenge C and response R are generated and stored in advance, and one of the plurality of pairs is read and challenge response authentication is performed. For this reason, since the encryption for generating the response R is not performed after the challenge C is transmitted, it is possible to prevent the power consumption and the like when the challenge C is encrypted from being acquired. Therefore, unauthorized challenge response authentication due to side channel attacks can be prevented.
 (2)チャレンジCとレスポンスRとの複数のペアから1つがランダムに読み出されることで、それらコードの読み出す順番に規則性がなくなる。このため、チャレンジCとレスポンスRとのペアが生成又は記憶された順番からチャレンジCと消費電力等との組み合せが特定されることを防ぐことができる。 (2) When one of a plurality of pairs of challenge C and response R is read at random, there is no regularity in the order of reading those codes. For this reason, it is possible to prevent the combination of the challenge C and the power consumption from being specified in the order in which the pair of the challenge C and the response R is generated or stored.
 (3)チャレンジCとレスポンスRとの全てのペアにおいて各チャレンジCのハミング重みが同じであるので、ハミング重みの違いに起因してチャレンジCと消費電力等との組み合せが特定されることを防ぐことができる。 (3) Since the hamming weight of each challenge C is the same in all pairs of challenge C and response R, it is possible to prevent the combination of challenge C and power consumption from being identified due to the difference in hamming weight. be able to.
 (4)チャレンジCとレスポンスRとのペアの記憶数が所定値N未満となると、記憶数が所定値Nに達するまでチャレンジCとレスポンスRとの新たなペアが生成されて記憶される。このため、車両20の電源投入後において、チャレンジCとレスポンスRとのペアの記憶数が所定値Nとなる状態を殆どの期間で維持することができる。その結果、チャレンジCとレスポンスRとのペアを読み出すときには、複数のペアから選択することができる。 (4) When the number of stored pairs of challenge C and response R is less than the predetermined value N, a new pair of challenge C and response R is generated and stored until the stored number reaches the predetermined value N. For this reason, after the vehicle 20 is turned on, the state in which the number of stored pairs of challenge C and response R is the predetermined value N can be maintained for most of the period. As a result, when reading a pair of challenge C and response R, it is possible to select from a plurality of pairs.
 (5)チャレンジCを送信した直後に、チャレンジCとレスポンスRとのペアの記憶数が所定値Nであるか否かが確認されるため、チャレンジCを送信した直後にチャレンジCとレスポンスRとの新たなペアが直ぐに生成されることとなる。このため、送信したチャレンジCと、生成したチャレンジC(チャレンジCとレスポンスRとの新たなペア)とが混在することとなるので、サイドチャネル攻撃による解析を妨げることができる。 (5) Immediately after transmitting the challenge C, since it is confirmed whether or not the number of stored pairs of the challenge C and the response R is a predetermined value N, the challenge C and the response R Will be created soon. For this reason, since the transmitted challenge C and the generated challenge C (a new pair of challenge C and response R) are mixed, analysis by a side channel attack can be prevented.
 なお、上記実施形態は、これを適宜変更した以下の形態にて実施することもできる。
 ・上記実施形態では、車両20の電源が投入されたときや、チャレンジCが送信されたときに、チャレンジCとレスポンスRとのペアを生成して記憶した。しかしながら、ステップS11の前に、照合ECU21は、チャレンジCとレスポンスRとのペアの記憶数が所定値N未満か否かを判定して、ペアの記憶数が所定値N未満のときにチャレンジCとレスポンスRとのペアを生成して記憶してもよい。 In addition, the said embodiment can also be implemented with the following forms which changed this suitably.
In the above embodiment, when the power of the vehicle 20 is turned on or when the challenge C is transmitted, a pair of the challenge C and the response R is generated and stored. However, before step S11, the verification ECU 21 determines whether or not the number of stored pairs of challenge C and response R is less than a predetermined value N, and when the number of stored pairs is less than the predetermined value N, the challenge C And a response R may be generated and stored.
 ・上記実施形態では、チャレンジCを送信したときにチャレンジCとレスポンスRとの新たなペアを生成して記憶したが、レスポンスRを電子キー10から受信したときにチャレンジCとレスポンスRとの新たなペアを生成して記憶してもよい。 In the above embodiment, when the challenge C is transmitted, a new pair of the challenge C and the response R is generated and stored. However, when the response R is received from the electronic key 10, the challenge C and the response R are newly created. A pair may be generated and stored.
 ・上記実施形態では、チャレンジCとレスポンスRとのペアの記憶数が所定値N未満のときにチャレンジCとレスポンスRとの新たなペアを生成して記憶した。しかしながら、所定値Nとの比較処理を省略し、チャレンジCを送信する度にチャレンジCとレスポンスRとの新たなペアを生成して記憶してもよい。また、所定値Nとの比較処理を省略し、レスポンスRを読み出す度にチャレンジCとレスポンスRとの新たなペアを生成して記憶してもよい。 In the above embodiment, when the number of stored pairs of challenge C and response R is less than a predetermined value N, a new pair of challenge C and response R is generated and stored. However, the comparison process with the predetermined value N may be omitted, and a new pair of challenge C and response R may be generated and stored each time the challenge C is transmitted. Further, the comparison process with the predetermined value N may be omitted, and a new pair of challenge C and response R may be generated and stored each time the response R is read.
 ・上記実施形態では、ハミング重みが同じとなるチャレンジCを生成して記憶した。しかしながら、ハミング重みの違いによるチャレンジCの推測のおそれがなければ、ハミング重みが異なるチャレンジCを生成して記憶してもよい。 In the above embodiment, the challenge C having the same Hamming weight is generated and stored. However, if there is no risk of guessing the challenge C due to a difference in the Hamming weight, a challenge C having a different Hamming weight may be generated and stored.
 ・上記実施形態では、チャレンジCとレスポンスRとのペアを順に記憶し、記憶した順と異なる順となるようにランダムにチャレンジCとレスポンスRとのペアを読み出した。しかしながら、チャレンジCとレスポンスRとのペアをランダムに記憶して、記憶した順にチャレンジCとレスポンスRとのペアを読み出してもよい。 In the above embodiment, the pair of challenge C and response R is stored in order, and the pair of challenge C and response R is read at random so that the order is different from the stored order. However, the pair of challenge C and response R may be stored randomly, and the pair of challenge C and response R may be read in the stored order.
 ・上記実施形態では、チャレンジCとレスポンスRとの複数のペアから1つをランダムに読み出して使用した。しかしながら、チャレンジCとレスポンスRとのペアを記憶した順番からチャレンジCが推測されるおそれがなければ、記憶した順にチャレンジCとレスポンスRとのペアを読み出して使用してもよい。 In the above embodiment, one of a plurality of pairs of challenge C and response R is randomly read and used. However, if there is no possibility that the challenge C is inferred from the order in which the pair of the challenge C and the response R is stored, the pair of the challenge C and the response R may be read out and used in the stored order.
 ・上記実施形態において、記憶されたチャレンジCとレスポンスRとの複数のペアのうちの少なくとも1つを、予め決められたタイミング或いは任意のタイミングで新たに生成したチャレンジCとレスポンスRとのペアと置き換えてもよい。例えば、チャレンジCとレスポンスRとのペアの記憶数がN個のときに、その記憶されたペア(N個)のうちのn個がチャレンジCとレスポンスRとの新たなペアで置き換えられた場合を仮定する。このような場合には、第三者がいずれかのチャレンジCを傍受するには、元々記憶されていたN個のチャレンジCに加えて、置き換え後のn個のチャレンジCについても、各チャレンジCを暗号化する際の消費電力を順番に調べる必要がある。つまり、チャレンジCを傍受するには、(N+n)個の消費電力値を取得する必要がある。従って、取得した消費電力等がどのチャレンジCを暗号化する際のものであるか特定することを更に困難にすることができる。 In the above embodiment, at least one of a plurality of stored pairs of challenge C and response R is a pair of challenge C and response R newly generated at a predetermined timing or at an arbitrary timing; It may be replaced. For example, when the number of stored pairs of challenge C and response R is N, n of the stored pairs (N) is replaced with a new pair of challenge C and response R Assuming In such a case, in order for a third party to intercept any challenge C, in addition to the N challenges C that were originally stored, each challenge C It is necessary to check the power consumption when encrypting in order. That is, in order to intercept the challenge C, it is necessary to acquire (N + n) power consumption values. Therefore, it can be made more difficult to specify which challenge C the acquired power consumption is for encrypting.
 ・上記実施形態の構成は、スマート通信におけるスマート照合に適用したが、イモビライザー通信におけるイモビライザー照合に適用してもよい。例えば、スマート照合では、照合ECU21、車外送信機26、車内送信機27、及び車両受信機28が、チャレンジレスポンス認証を実行する制御装置として機能する。一方、イモビライザー照合においては、照合ECU21及び通信アンテナ32が、チャレンジレスポンス認証を実行する制御装置として機能し、通信アンテナ32を介して車両20と電子キー10との間でチャレンジコードやレスポンスコードが送受信される。 -Although the structure of the said embodiment was applied to the smart collation in smart communication, you may apply to the immobilizer collation in immobilizer communication. For example, in smart verification, the verification ECU 21, the outside transmitter 26, the in-vehicle transmitter 27, and the vehicle receiver 28 function as a control device that executes challenge response authentication. On the other hand, in immobilizer verification, the verification ECU 21 and the communication antenna 32 function as a control device that performs challenge-response authentication, and challenge codes and response codes are transmitted and received between the vehicle 20 and the electronic key 10 via the communication antenna 32. Is done.
 ・上記実施形態の構成は、車両20に備えられる電子キーシステムに適用したが、住宅等の建物に備えられる電子キーシステムに適用してもよい。つまり、通信対象は住宅セキュリティシステム等でもよい。 -Although the structure of the said embodiment was applied to the electronic key system with which the vehicle 20 is equipped, you may apply to the electronic key system with which buildings, such as a house, are equipped. That is, the communication target may be a home security system or the like.
 ・上記実施形態の照合ECU21により実行される処理は、専用のハードウェア回路、もしくはCPUなどのコンピュータプロセッサによって実行される命令群(ソフトウェア)によって実現することができる。ソフトウェアを用いる場合は、コンピュータプロセッサが、非一時的コンピュータ可読媒体(例えば、RAM等のワーキングメモリ)に格納された命令群を読み出すことによって照合処理、例えばチャレンジレスポンス認証を実行することができる。この場合、命令群は、コンピュータプロセッサに、チャレンジコードとレスポンスコードとの複数のペアを予め生成して記憶させるように構成された指令を含む。ここで、この指令は、コンピュータプロセッサに、各ペアのレスポンスコードを、対応するチャレンジコードを暗号鍵によって暗号化することで生成させるように構成された指令を含む。命令群はさらに、コンピュータプロセッサに、予め記憶された複数のペアのうちの1つを読み出して、その読み出したペアのチャレンジコードを送信させるように構成された指令を含む。命令群はさらに、コンピュータプロセッサに、読み出されて送信されたチャレンジコードとペアを組むレスポンスコード(つまり、予め記憶されたレスポンスコード)が、電子キーから受信したレスポンスコードと一致するか否かを判定させるように構成された指令を含む。ここで、電子キーから受信したレスポンスコードとは、読み出されて送信されたチャレンジコードを暗号鍵によって暗号化することにより電子キーが生成したレスポンスコードである。 The processing executed by the verification ECU 21 of the above embodiment can be realized by a dedicated hardware circuit or a command group (software) executed by a computer processor such as a CPU. When using software, a computer processor can perform a verification process, such as challenge-response authentication, by reading instructions stored in a non-transitory computer-readable medium (eg, working memory such as RAM). In this case, the instruction group includes a command configured to cause the computer processor to generate and store a plurality of pairs of challenge code and response code in advance. Here, the command includes a command configured to cause the computer processor to generate each pair of response codes by encrypting a corresponding challenge code with an encryption key. The instructions further include instructions configured to cause the computer processor to read one of a plurality of prestored pairs and send the challenge code of the read pair. The group of instructions further determines whether the response code paired with the challenge code read and transmitted to the computer processor (ie, the pre-stored response code) matches the response code received from the electronic key. Including instructions configured to cause the determination. Here, the response code received from the electronic key is a response code generated by the electronic key by encrypting the challenge code read and transmitted with the encryption key.

Claims (9)

  1.  電子キーシステムであって、
     電子キーと、
     前記電子キーと通信可能な通信対象に設けられ、前記電子キーとの無線通信を介してチャレンジレスポンス認証を実行し、該チャレンジレスポンス認証の成立に基づいて前記通信対象を制御する制御装置と、を備え、
     前記制御装置が、
      チャレンジコードとレスポンスコードとの複数のペアを予め生成して記憶し、ここで、前記制御装置は、各ペアのレスポンスコードを、対応するチャレンジコードを暗号鍵によって暗号化することで生成するものであり、
      予め記憶された前記複数のペアのうちの1つを読み出して、その読み出したペアの前記チャレンジコードを送信し、
      読み出されて送信された前記チャレンジコードを暗号鍵によって暗号化することにより前記電子キーが生成したレスポンスコードを受信し、
      読み出されて送信された前記チャレンジコードとペアを組む前記レスポンスコードが前記電子キーから受信した前記レスポンスコードと一致したときにチャレンジレスポンス認証が成立したと判断する
    ように構成されていることを特徴とする電子キーシステム。     An electronic key system,
    An electronic key,
    A control device that is provided in a communication target capable of communicating with the electronic key, performs challenge response authentication via wireless communication with the electronic key, and controls the communication target based on establishment of the challenge response authentication; Prepared,
    The control device is
    A plurality of pairs of challenge code and response code are generated and stored in advance, and the control device generates the response code of each pair by encrypting the corresponding challenge code with an encryption key. Yes,
    Read one of the plurality of previously stored pairs and send the challenge code of the read pair;
    Receiving the response code generated by the electronic key by encrypting the challenge code transmitted by being read with an encryption key;
    It is configured to determine that challenge response authentication has been established when the response code paired with the challenge code that has been read and transmitted matches the response code received from the electronic key. And electronic key system.
  2.  前記制御装置は、前記チャレンジコードと前記レスポンスコードとの複数のペアのうちの1つをランダムに読み出して使用するように構成されている、
     請求項1に記載の電子キーシステム。     The control device is configured to randomly read and use one of a plurality of pairs of the challenge code and the response code.
    The electronic key system according to claim 1.
  3.  前記制御装置は、前記複数のペアの各々における前記チャレンジコードが同じハミング重みを有するように前記複数のペアを生成して記憶するように構成されている、
     請求項1又は2に記載の電子キーシステム。     The control device is configured to generate and store the plurality of pairs such that the challenge code in each of the plurality of pairs has the same Hamming weight.
    The electronic key system according to claim 1 or 2.
  4.  前記制御装置は、前記チャレンジコードと前記レスポンスコードとのペアを記憶した数が所定値に達するまで前記複数のペアを生成して記憶するように構成されている、
     請求項1~3のいずれか一項に記載の電子キーシステム。     The control device is configured to generate and store the plurality of pairs until the number of stored pairs of the challenge code and the response code reaches a predetermined value.
    The electronic key system according to any one of claims 1 to 3.
  5.  前記制御装置は、前記チャレンジコードを送信した直後に、前記チャレンジコードと前記レスポンスコードとのペアの記憶数が前記所定値であるか否かを確認するように構成されている、
     請求項4に記載の電子キーシステム。     The control device is configured to check whether the stored number of pairs of the challenge code and the response code is the predetermined value immediately after transmitting the challenge code,
    The electronic key system according to claim 4.
  6.  前記制御装置は、予め決められたタイミングでチャレンジコードとレスポンスコードとの新たなペアを生成し、前記チャレンジコードと前記レスポンスコードとの前記複数のペアのうちの少なくとも1つを前記新たなペアで置き換えるように構成されている、
     請求項1~5のいずれか一項に記載の電子キーシステム。     The control device generates a new pair of a challenge code and a response code at a predetermined timing, and at least one of the plurality of pairs of the challenge code and the response code is used as the new pair. Configured to replace,
    The electronic key system according to any one of claims 1 to 5.
  7.  前記制御装置は、前記電子キーとの狭域無線通信を介したスマート照合において前記チャレンジレスポンス認証を実行する照合装置を含む、請求項1~6のいずれか一項に記載の電子キーシステム。 The electronic key system according to any one of claims 1 to 6, wherein the control device includes a verification device that performs the challenge-response authentication in smart verification via narrow-area wireless communication with the electronic key.
  8.  前記制御装置は、前記電子キーとの近距離無線通信を介したイモビライザー照合において前記チャレンジレスポンス認証を実行する照合装置を含む、請求項1~6のいずれか一項に記載の電子キーシステム。 The electronic key system according to any one of claims 1 to 6, wherein the control device includes a verification device that executes the challenge-response authentication in immobilizer verification via short-range wireless communication with the electronic key.
  9.  照合装置であって、
     通信機を介して電子キーと通信可能なコンピュータプロセッサを備え、
     前記コンピュータプロセッサは、前記電子キーとの無線通信を介してチャレンジレスポンス認証を実行するための命令群を格納する非一時的コンピュータ可読媒体を含み、前記命令群が、
      前記コンピュータプロセッサに、チャレンジコードとレスポンスコードとの複数のペアを予め生成して記憶させるように構成された指令であって、当該指令が、前記コンピュータプロセッサに、各ペアのレスポンスコードを、対応するチャレンジコードを暗号鍵によって暗号化することで生成させるように構成された指令を含むことと、
      前記コンピュータプロセッサに、予め記憶された前記複数のペアのうちの1つを読み出して、その読み出したペアの前記チャレンジコードを送信させるように構成された指令と、
      前記コンピュータプロセッサに、読み出されて送信された前記チャレンジコードとペアを組む前記レスポンスコードが、前記電子キーから受信したレスポンスコードと一致するか否かを判定させるように構成された指令であって、前記電子キーから受信したレスポンスコードは、読み出されて送信された前記チャレンジコードを暗号鍵によって暗号化することにより前記電子キーが生成したレスポンスコードであることと、
    を含む、照合装置。     A verification device,
    A computer processor capable of communicating with an electronic key via a communicator;
    The computer processor includes a non-transitory computer readable medium storing instructions for performing challenge response authentication via wireless communication with the electronic key, the instructions being:
    A command configured to previously generate and store a plurality of pairs of challenge code and response code in the computer processor, the command corresponding to the response code of each pair to the computer processor Including a directive configured to cause the challenge code to be generated by encrypting with a cryptographic key;
    An instruction configured to cause the computer processor to read one of the plurality of prestored pairs and to transmit the challenge code of the read pair;
    An instruction configured to cause the computer processor to determine whether the response code paired with the challenge code read and transmitted matches the response code received from the electronic key. The response code received from the electronic key is a response code generated by the electronic key by encrypting the challenge code read and transmitted with an encryption key;
    Including verification device.
PCT/JP2015/073029 2014-08-29 2015-08-17 Electronic key system and matching device WO2016031607A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2014-175647 2014-08-29
JP2014175647A JP6441615B2 (en) 2014-08-29 2014-08-29 Electronic key system

Publications (1)

Publication Number Publication Date
WO2016031607A1 true WO2016031607A1 (en) 2016-03-03

Family

ID=55399503

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/073029 WO2016031607A1 (en) 2014-08-29 2015-08-17 Electronic key system and matching device

Country Status (2)

Country Link
JP (1) JP6441615B2 (en)
WO (1) WO2016031607A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019203306A1 (en) * 2018-04-20 2019-10-24 株式会社東海理化電機製作所 Sharing system
JP2020031351A (en) * 2018-08-23 2020-02-27 株式会社東海理化電機製作所 Communication fraud prevention system and communication fraud prevention method
CN117315826A (en) * 2023-10-12 2023-12-29 山东泽鹿安全技术有限公司 Automobile key data interaction method and device

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6447610B2 (en) 2016-10-28 2019-01-09 トヨタ自動車株式会社 Vehicle control system and vehicle control device
KR102485246B1 (en) * 2017-12-05 2023-01-06 현대자동차주식회사 Vehicle and control method thereof
JP2020026190A (en) * 2018-08-10 2020-02-20 株式会社カーメイト Remote starting device for vehicle
KR20200059930A (en) 2018-11-22 2020-05-29 현대자동차주식회사 Vehicle and controlling method thereof
JP7197373B2 (en) * 2019-01-15 2022-12-27 文化シヤッター株式会社 Remote controller, opening/closing control system, and opening/closing control method
JP7324303B2 (en) * 2019-10-15 2023-08-09 日立Astemo株式会社 Authentication system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010180596A (en) * 2009-02-04 2010-08-19 Tokai Rika Co Ltd Electronic key system and key authentication method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5423088B2 (en) * 2009-03-25 2014-02-19 ソニー株式会社 Integrated circuit, encryption communication device, encryption communication system, information processing method, and encryption communication method
JP5356584B2 (en) * 2012-07-26 2013-12-04 株式会社三菱東京Ufj銀行 Authentication system, authentication method, and program
JP2014116897A (en) * 2012-12-12 2014-06-26 Nec Corp Encryption device, encryption method and program

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2010180596A (en) * 2009-02-04 2010-08-19 Tokai Rika Co Ltd Electronic key system and key authentication method

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019203306A1 (en) * 2018-04-20 2019-10-24 株式会社東海理化電機製作所 Sharing system
JP2019191753A (en) * 2018-04-20 2019-10-31 株式会社東海理化電機製作所 Sharing system
US11142166B2 (en) 2018-04-20 2021-10-12 Kabushiki Kaisha Tokai Rika Denki Seisakusho Sharing system using valet key
JP2020031351A (en) * 2018-08-23 2020-02-27 株式会社東海理化電機製作所 Communication fraud prevention system and communication fraud prevention method
JP6997053B2 (en) 2018-08-23 2022-01-17 株式会社東海理化電機製作所 Communication fraud prevention system and communication fraud prevention method
US11273793B2 (en) * 2018-08-23 2022-03-15 Kabushiki Kaisha Tokai Rika Denki Seisakusho System for preventing unauthorized establishment of communication, and method for preventing unauthorized establishment of communication
CN117315826A (en) * 2023-10-12 2023-12-29 山东泽鹿安全技术有限公司 Automobile key data interaction method and device

Also Published As

Publication number Publication date
JP2016050409A (en) 2016-04-11
JP6441615B2 (en) 2018-12-19

Similar Documents

Publication Publication Date Title
WO2016031607A1 (en) Electronic key system and matching device
JP6036638B2 (en) Electronic key system, in-vehicle device, and portable device
JP6588518B2 (en) Car sharing system
US11228600B2 (en) Car sharing system
JP5248930B2 (en) Cryptographic communication system and cryptographic key update method
US11356264B2 (en) Authentication system
US10661752B2 (en) Car sharing system
US9698980B2 (en) One-way key fob and vehicle pairing verification, retention, and revocation
US20220217534A1 (en) Authentication system and authentication method
JP5254697B2 (en) Communications system
US11605253B2 (en) Method for securing a communication between a mobile communication apparatus and a vehicle
JP2011052412A (en) Electronic key system of vehicle
WO2019098020A1 (en) Car sharing system
CN113449285A (en) Authentication system and authentication method
JP6702840B2 (en) Wireless communication correctness determination system
CN107215308B (en) Keyless system and control method of keyless system
JP2010250748A (en) Authentication system and authentication method
JP2020088408A (en) Authentication system and authentication method
Hamadaqa et al. Clone-resistant vehicular RKE by deploying SUC
JP2020170993A (en) Communication system and communication method
JP6212437B2 (en) Electronic key system
WO2019136332A1 (en) Multilane message counters to ensure order
JP2015151039A (en) key information registration system
JP6457333B2 (en) Communication fraud prevention system
JP5313754B2 (en) Authentication system and authentication method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15835065

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15835065

Country of ref document: EP

Kind code of ref document: A1