• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    The present invention relates to a method and system (100) for secure access to a vehicle (3). The method includes a preliminary phase, a data exchange phase and an access phase. The method implements the vehicle (3), a remote data server (30), and at least one personal electronic device (10; 20) with a dedicated application (A10; A20). The method implements an elliptic cryptographic curve (EC), a master key (MK), a primary key (K1), a secondary key (K2) and a tertiary key (K3).
    公开号:FR3050301A1
    申请号:FR1653459
    申请日:2016-04-19
    公开日:2017-10-20
    发明作者:Arnaud Georges Thooris;Mickael Roches
    申请人:Dura Automotive Systems SAS;
    IPC主号:
    专利说明:

    Egalement, la présente invention met en œuvre différentes communications sans fil, listées dans le Tableau 2 ci-après :
    Tableau 2 : Communications sans fil mises en œuvre par l’invention
    Les communications 11 et 21 utilisent de préférence un standard NFC (« Near Field Communication » en anglais) et/ou un standard Bluetooth.
    Les communications sans fil 12 et 22 utilisent de préférence un standard Wifi, LTE, ou tout autre standard mobile avancé.
    La communication 13 utilise un standard GSM, LTE, ou tout autre standard mobile. La communication 13 peut être établie directement entre les téléphones 10 et 20, ou bien transiter par le nuage en ligne (« cloud » en anglais).
    Différentes données numériques D3 sont stockées de manière sécurisée dans le véhicule 3, par exemple dans l’unité centrale du véhicule 3 et/ou dans le dispositif 4. Les données D3 incluent la clé maître MK, la clé primaire K1, la clé secondaire K2 et la clé tertiaire K3.
    Les téléphones 10 et 20 sont des téléphones intelligents (« smartphone » en anglais), configurés pour communiquer selon différents standards de communication sans fil (notamment LTE, NFC, Bluetooth, Wifi, etc...) et pour exécuter différentes applications. Chacun des téléphones 10 et 20 constitue un dispositif électronique personnel (« personai electronic device » en anglais), porté par son utilisateur 1 ou 2 respectif.
    Dans le cadre de l’invention, les téléphones 10 et 20 peuvent se connecter au dispositif d’entrée sans clé 4 du véhicule 3 via une application dédiée, sous certaines conditions détaillées ci-après. L’application est référencée A10 sur le téléphone 10 et A20 sur le téléphone 20, étant entendu qu’il s’agit de la même application informatique.
    La clé K3 est une première clé d’identification associée au véhicule 3, plus précisément au dispositif 4. Une fois reçue de manière cryptée par le téléphone 10 depuis le serveur 30, la clé K3 autorise une connexion du téléphone 10 au dispositif 4 via la communication sans fil 11. De même, une fois reçue de manière cryptée par le téléphone 20, la clé K3 autorise une connexion du téléphone 20 au dispositif 4 via la communication sans fil 21.
    La clé maître MK est une seconde clé d’identification associée au véhicule 3, plus précisément au dispositif 4. La clé maître MK est attribuée à l’utilisateur principal 1, par exemple lors de l’achat ou la location du véhicule 3. La clé MK est modifiée lorsque le véhicule 3 est attribué à un nouvel utilisateur principal, par exemple lors de la vente du véhicule 3 à un nouveau propriétaire ou la location à un nouveau loueur.
    Une fois la clé MK reçue de manière cryptée par le téléphone 10 depuis le serveur 30, et si la communication 11 a été établie grâce à la clé K3, alors la clé MK autorise l’accès du téléphone 10 au dispositif 4 via la communication sans fil 11. De même, une fois la clé MK reçue de manière cryptée par le téléphone 20 depuis le téléphone 10, et si la communication 21 a été établie grâce à la clé K3, alors la clé MK autorise l’accès du téléphone 20 au dispositif 4 via la communication sans fil 21. Ainsi, l’utilisateur 1 ou 2 peut commander au dispositif 4 l’ouverture et la fermeture des ouvrants du véhicule 3.
    Initialement, les clés K3 et MK sont enregistrées de manière sécurisée dans le véhicule 3 et dans le serveur 30.
    Après installation de l’application A10 sur le téléphone 10 : - le téléphone 10 peut établir la communication sans fil 12 avec le serveur 30 ; - les informations ID1 d’identification de l’utilisateur principal 1 sont stockées dans le serveur 30 ; - la courbe elliptique de cryptage ECest téléchargée sur le téléphone 10 depuis le serveur 30 ; - les données D10 stockées de manière sécurisée sur le téléphone 10 incluent alors les informations ID1 d’identification de l’utilisateur principal 1 et la courbe elliptique de cryptage EC ; - sans les clés K3 et MK, le téléphone 10 ne peut pas encore accéder au véhicule 3 via la communication sans fil 11.
    De même, après installation de l’application A20 sur le téléphone 20 : - le téléphone 20 peut établir la communication sans fil 22 avec le serveur 30 ; - les informations ID2 d’identification de l’utilisateur secondaire 2 sont stockées dans le serveur 30 ; - la courbe elliptique de cryptage EC est téléchargée sur le téléphone 20 depuis le serveur 30 ; - les données D20 stockées de manière sécurisée sur le téléphone 20 incluent les informations ID2 d’identification de l’utilisateur secondaire 2 et la courbe elliptique de cryptage EC ; - sans les clés K3 et MK, le téléphone 20 ne peut pas encore accéder au véhicule 3 via la communication sans fil 21.
    Le serveur 30 est dédié au stockage sécurisé de données serveur SD relatives, d’une part, au véhicule 3 et, d’autre part, aux téléphones 10 et 20 configurés pour se connecter au véhicule 3. Les données SD incluent la courbe elliptique de cryptage EC, la clé maître MK, la clé primaire K1, la clé secondaire K2 et la clé tertiaire K3. Après installation des applications A10 et A20 sur les téléphones 10 et 20, les données SD incluent également les informations ID1 et ID2.
    En pratique, le système 100 peut être conformé différemment de la figure 1 sans sortir du cadre de l’invention.
    En variante, le téléphone 10 et/ou 20 peut être remplacé par une montre électronique, une tablette numérique, ou une carte d’entrée passive (« passive entry card»), constituant alors le dispositif électronique personnel présentant les caractéristiques détaillées ci-dessus pour le téléphone 10. D’autres dispositifs électroniques personnels peuvent être mis en œuvre sans sortir du cadre de l’invention.
    Selon une autre variante, le système 100 peut comprendre plus de deux dispositifs électroniques personnels 10 et 20 associés au dispositif 4 équipant le véhicule 3.
    Selon une autre variante, le système 100 peut comprendre plusieurs véhicules 3 équipés de dispositifs d’entrée sans clé 4 associés au même téléphone 10.
    La méthode d’accès conforme à l’invention est détaillée ci-après en référence aux figures 2 et 3.
    La figure 2 illustre le premier mode de réalisation, consistant à donner accès au véhicule 3 à l’utilisateur principal 1, tandis que la figure 3 illustre le second mode de réalisation, consistant à donner accès au véhicule 3 à l’utilisateur principal 1.
    Quel que soit le mode de réalisation, la méthode d’accès comprend une phase préliminaire, une phase d’échanges de données et une phase d’accès.
    La phase préliminaire comprend des étapes a1), a2) et a3), consistant à fournir le véhicule 3, le serveur 30 et le téléphone 10.
    Dans le second mode de réalisation, la phase préliminaire comprend de plus une étape a4), consistant à fournir le téléphone 20. A ce stade, les applications A10 et A20 sont installées sur les téléphones 10 et 20.
    La phase d’échange de données comprend des étapes successives b1), b2), b3), b4) et b5).
    Dans l’étape b1), l’application A10 envoie une requête au serveur 30, accompagnée des informations ID1.
    Dans l’étape b2), le serveur 30 reconnaît les informations ID1 et autorise l’exécution de la requête.
    Dans l’étape b3), le serveur 30 crypte la clé maître MK en utilisant la clé primaire K1 pour le cryptage. Le serveur 30 génère ensuite des données serveur cryptées KEC[SD] en utilisant la courbe elliptique EC pour le cryptage. Les données serveur cryptées KEC[SD] incluent la clé secondaire K2, la clé tertiaire K3, et la clé maître cryptée K1[MK],
    Dans l’étape b4), le serveur 30 envoie les données serveur cryptées KEC[SD] au téléphone 10.
    Dans l’étape b5), l’application A10 installée sur le téléphone 10 utilise la courbe elliptique EC pour décrypter les données serveur cryptées KEC[SD], A ce stade, les données D10 stockées sur le téléphone 10 incluent la clé secondaire K2, la clé tertiaire K3, et la clé maître cryptée K1[MK], Cependant, les données D10 n’incluant pas la clé K1, de sorte que l’application A20 ne peut pas décrypter la clé maître cryptée K1[MK],
    Dans le premier mode de réalisation, l’étape b5) est suivie par la phase d’accès de l’utilisateur 1 au véhicule 3. La phase d’accès comprend alors des étapes successives c1), c2), c3) et c4).
    Dans l’étape c1), l’application A10 exécute une procédure de connexion sécurisée au véhicule 3 via la communication 11, en mettant en œuvre la clé tertiaire K3. De préférence, la communication 11 est établie automatiquement lorsque le téléphone 10 est situé à une distance prédéterminée du dispositif 4 et dispose de paramètres d’initialisation reçus du serveur 30, incluant la clé K3.
    Dans l’étape c2), si la procédure de connexion sécurisée réussit, l’application A10 transmet la clé maître cryptée K1[MK] au véhicule 3.
    Dans l’étape c3), le véhicule 3 utilise la clé primaire K1 pour décrypter la clé maître cryptée K1[MK],
    Dans l’étape c4), après décryptage, le véhicule 3 reconnaît la clé maître MK et commande le dispositif d’entrée sans clé 4, de sorte que l’utilisateur principal 1 peut accéder au véhicule grâce à l’application A10.
    Ainsi, l’invention permet à l’utilisateur 1 d’accéder de manière sécurisée au véhicule 3.
    Dans le second mode de réalisation, après l’étape b5), la phase d’échange de données comprend de plus des étapes successives b6), b7), b8), b9), b10), b11) et b12).
    Dans l’étape b6), l’application A20 envoie une requête à l’application A10, accompagnée des informations ID2.
    Dans l’étape b7), l’utilisateur principal 1 accepte de prêter le véhicule 3 à l’utilisateur secondaire 2. De préférence, cette étape b7) est réalisée manuellement par l’utilisateur 1 sur l’application A10. Par exemple, la requête envoyée par l’application s’affiche sur l’application A10, et l’utilisateur 1 appuie sur « accepter» ou « refuser». Si l’utilisateur 1 n’accepte pas de prêter le véhicule 3 à l’utilisateur 2, alors la phase d’échange de données est interrompue. Avantageusement dans l’étape b7), l’utilisateur principal 1 peut définir des conditions d’accès AC au véhicule 3, par exemple une période de temps durant laquelle l’utilisateur 2 peut avoir accès au véhicule 3.
    Dans l’étape b8), l’application A10 génère des données d’accès AK, incluant la clé maître cryptée K1[MK], Si l’utilisateur 1 a défini des conditions d’accès AC dans l’étape b7), alors les données d’accès AK incluent la clé maître cryptée K1[MK] et les conditions d’accès AC prédéfinies.
    Dans l’étape b9), l’application A10 génère des données d’accès cryptées K2[AK] en utilisant la clé secondaire K2 pour le cryptage.
    Dans l’étape b10), l’application A10 génère des données mobiles cryptées KEC[MD] en utilisant la courbe elliptique EC pour le cryptage. Les données mobiles cryptées KEC[MD] incluent la clé tertiaire K3 et les données d’accès cryptées K2[AK],
    Dans l’étape b11), l’application A10 transmet les données mobiles cryptées KEC[MD] à l’application A20.
    Dans l’étape b12), l’application A20 utilise la courbe elliptique EC pour décrypter les données mobiles cryptées KEC[MD], A ce stade, les données D20 stockées sur le téléphone 20 incluent la clé tertiaire K3 et les données d’accès cryptées K2[AK], Cependant, les données D20 n’incluant pas la clé K2, de sorte que l’application A20 ne peut pas décrypter les données d’accès cryptées K2[AK],
    Dans le second mode de réalisation, l’étape b12) est suivie par la phase d’accès de l’utilisateur 2 au véhicule 3. La phase d’accès comprend alors des étapes successives d1), d2), d3) et d4).
    Dans l’étape d1), l’application A20 exécute une procédure de connexion sécurisée au véhicule 3 via la communication 21, en mettant en œuvre la clé tertiaire K3. De préférence, la communication 21 est établie automatiquement lorsque le téléphone 20 est situé à une distance prédéterminée du dispositif 4 et dispose de paramètres d’initialisation reçus du téléphone 10, incluant la clé K3.
    Dans l’étape d2), si la procédure de connexion sécurisée réussit, l’application A20 transmet les données d’accès cryptées K2[AK] au véhicule 3.
    Dans l’étape d3), le véhicule 3 utilise la clé secondaire K2 pour décrypter les données d’accès cryptées K2[AK],
    Dans l’étape d4), après décryptage, le véhicule 3 reconnaît les données d’accès AK, incluant la clé maître cryptée K1[MK] et les conditions d’accès AC. Le véhicule 3 utilise la clé primaire K1 pour décrypter la clé maître cryptée K1[MK], Le véhicule 3 commande alors le dispositif d’entrée sans clé 4, de sorte que l’utilisateur secondaire 2 peut accéder au véhicule grâce à l’application A20.
    Ainsi, l’invention permet à l’utilisateur 1 d’autoriser de manière sécurisée l’utilisateur 2 à accéder au véhicule 3, puis à l’utilisateur 2 d’accéder de manière sécurisée au véhicule 3.
    En pratique, les caractéristiques techniques des différentes variantes mentionnées ci-dessus peuvent être, en totalité ou pour certaines d’entre elles, combinées entre elles.
    Ainsi, la méthode et le système 100 d’accès sécurisé au véhicule 3 peuvent être adaptés en termes de coûts, d’ergonomie, de fonctionnalités et de performances.
    METHOD AND SYSTEM FOR SECURE ACCESS TO A VEHICLE
    The present invention relates to a method and a system of access to a vehicle, usable by different users. The invention also relates to a dedicated computer application.
    The field of the invention is that of motor vehicles equipped with a keyless entry system ("keyless entry system" in English).
    In known manner, such a keyless entry device is associated with an electronic card, carried by a user of the vehicle. This card is configured to establish wireless communication with the keyless entry device, allowing the user access to the vehicle, when the card is located at a predetermined distance from the device.
    Nowadays, it is known to use a mobile phone to replace the electronic card. A dedicated computer application is installed on the phone, enabling it to establish wireless communication with the keyless entry device. This reduces the number of electronic devices worn by the driver.
    In practice, several users can lend and drive in turn the same vehicle. To exchange an electronic card requires a physical meeting between the users.
    However, exchanging a digital identification key to access the vehicle does not require a physical meeting. Such an exchange can be achieved for example via the mobile phones of users.
    Thus, access to vehicles is increasingly based on wireless transmission of digital data, and less and less on the use of a hardware accessory such as a metal key.
    Exchanges of digital data must be as secure as possible, to prevent their interception by a malicious third party.
    The purpose of the present invention is to provide a method and a system for secure access to a motor vehicle. To this end, the subject of the invention is a method of access to a vehicle, comprising a preliminary phase including the following steps: a1) providing the vehicle, which can be controlled by different users, including a main user and a secondary user, which is equipped with a keyless entry device, and which stores a master key, a primary key, a secondary key and a tertiary key; a2) providing a remote data server, which stores server data including primary user identification information, an elliptic encryption curve, the master key, the primary key, the secondary key, and the tertiary key; a3) providing a first personal device that belongs to the primary user, which includes an application configured to connect to the keyless entry device and the server, and stores the main user identification information and the curve elliptical encryption; the access method then comprising a data exchange phase including the following successive steps: b1) the application installed on the first personal device sends the identification information of the main user to the server; b2) the server recognizes the credentials of the primary user; b3) the server generates encrypted server data using the elliptic encryption curve for encryption, the encrypted server data including the secondary key, the tertiary key, and an encrypted master key using the primary key for encryption; b4) the server sends the encrypted server data to the first personal device; b5) the first personal device uses the elliptic encryption curve to decrypt the encrypted server data, so that the first personal device stores the secondary key, the tertiary key, and the encrypted master key; the access method then comprising an access phase including the following successive steps: c1) the application installed on the first personal device executes a secure connection procedure to the vehicle, by implementing the tertiary key; c2) if the secure connection procedure succeeds, the application installed on the first personal device transmits the encrypted master key to the vehicle; c3) the vehicle uses the primary key to decrypt the encrypted master key; c4) after decryption, the vehicle recognizes the master key and controls the keyless entry device, so that the main user can access the vehicle through the application installed on the first personal device. The invention also relates to a method of access to a vehicle, comprising a preliminary phase including the following steps: a1) providing the vehicle, which is controllable by different users, including a main user and a secondary user, who is equipped a keyless entry device, which stores a master key, a primary key, a secondary key, and a tertiary key; a2) providing a remote data server, which stores server data including primary user identification information, an elliptic encryption curve, the master key, the primary key, the secondary key, and the tertiary key; a3) providing a first personal device that belongs to the primary user, which includes an application configured to connect to the keyless entry device and the server, and stores the main user identification information and the curve elliptical encryption; a4) providing a second personal device which belongs to the secondary user, which includes an application configured to connect to the keyless entry device, and which stores secondary user identification information and the elliptical encryption curve ; the access method then comprising a data exchange phase including the following successive steps: b1) the application installed on the first personal device sends the identification information of the main user to the server; b2) the server recognizes the credentials of the primary user; b3) the server generates encrypted server data using the elliptic encryption curve for encryption, the encrypted server data including the secondary key, the tertiary key, and an encrypted master key using the primary key for encryption; b4) the server sends the encrypted server data to the first personal device; b5) the first personal device uses the elliptic encryption curve to decrypt the encrypted server data, so that the first personal device stores the secondary key, the tertiary key, and the encrypted master key; b6) the application installed on the second personal device sends the credentials of the secondary user to the application installed on the first personal device; (b7) the primary user agrees to loan the vehicle to the secondary user; b8) the application installed on the first personal device generates access data, including the encrypted master key; b9) the application installed on the first personal device generates encrypted access data by using the secondary key for encryption; fc> 10) the application installed on the first personal device generates encrypted mobile data using the elliptic encryption curve for encryption, the encrypted mobile data including the tertiary key, and the encrypted access data; b11) the application installed on the first personal device transmits the encrypted mobile data to the application installed on the second personal device; b12) the application installed on the second personal device uses the elliptic encryption curve to decrypt the encrypted mobile data, so that the second personal device stores the tertiary key and the encrypted access data; the access method then comprising an access phase including the following successive steps: d1) the application installed on the second personal device executes a secure connection procedure to the vehicle, by implementing the tertiary key; d2) if the secure connection procedure succeeds, the application installed on the second personal device transmits the encrypted access data to the vehicle; d3) the vehicle uses the secondary key to decrypt the encrypted access data; d4) after decryption, the vehicle recognizes the access data and controls the keyless entry device, so that the secondary user can access the vehicle through the application installed on the second personal device.
    Thus, the invention enables the exchange of data relating to the vehicle in a practical, efficient and secure manner. Encryption and digital data transfer operations are performed via a dedicated application, executed on a personal electronic device, such as a mobile phone. The invention makes it possible to automate these operations, without the users having to worry about their complexity. The user interface displayed on the personal electronic device is simple and intuitive. Other advantageous features of the invention, taken in isolation or in combination, will become apparent on reading the description below.
    According to preferred features, irrespective of the embodiment: In step b1), the identification information of the main user includes an email address, a name and / or a telephone number. - The master key defined for the vehicle is assigned to the primary user and is changed when the vehicle is associated with a new primary user. - The elliptic cryptographic curve is an elliptic curve of Diffie-Hellman.
    According to various possible features, in the embodiment where the secondary user has access to the vehicle: - Step b7) is performed manually by the main user on the application installed on the first personal device. In step b7), the main user defines vehicle access conditions, for example an established period of time, and in step b8), the access data includes, in a on the other hand, the encrypted master key using the primary key for encryption and, on the other hand, the predefined access conditions. In step b6), the secondary user's credentials include an email address, a name, and / or a phone number. - The application installed on the second personal device is configured to connect to the server, under certain conditions.
    Preferably, the first personal electronic device is a mobile phone. Alternatively, the first personal electronic device is an electronic watch, a digital tablet or a passive input card.
    Also, preferably, the second personal electronic device is a mobile phone. Alternatively, the second personal electronic device is an electronic watch, a digital tablet or a passive input card. The invention also relates to a vehicle access system, comprising: the vehicle which can be controlled by different users, including a main user and a secondary user, which is equipped with a keyless entry device, and which stores a master key, a primary key, a secondary key and a tertiary key; a remote data server, which stores server data including identification information of the main user, an elliptic encryption curve, the master key, the primary key, the secondary key and the tertiary key; and a first personal device that belongs to the primary user, which includes an application configured to connect to the keyless entry device and the server, and stores the elliptic encryption curve and the user's credentials. main ; wherein the vehicle, the server and the first personal device are configured to implement the access method defined above, allowing the primary user to access the vehicle.
    According to a particular embodiment, the access system comprises a second personal device that belongs to the secondary user, which includes an application configured to connect to the keyless entry device, and which stores identification information of the secondary user and the elliptical encryption curve. The vehicle, the server, the first personal device and the second personal device are configured to implement the access method defined above, allowing the secondary user to access the vehicle. The invention also relates to a computer application, configured to be installed and then executed on a personal electronic device, the application comprising portions of code to implement the steps of the access method defined above, when the application is executed on the personal electronic device. The invention will be better understood on reading the description which follows, given solely by way of nonlimiting example and with reference to the appended drawings, in which: FIG. 1 is a diagrammatic representation of a system of exchanges of data according to the invention; Figure 2 is a schematic representation similar to Figure 1, illustrating a first embodiment of the data exchange method according to the invention, allowing a main user to access the vehicle; and Figure 3 is a schematic representation similar to Figure 1, illustrating a second embodiment of the data exchange method according to the invention, allowing a secondary user to access the vehicle.
    In FIG. 1, the data exchange system 100 comprises a motor vehicle 3, a first mobile telephone 10, a second mobile telephone 20, and a remote data server 30.
    The vehicle 3 is designed to be piloted by a user, who is then the driver. The vehicle 3 can be steered alternately by different users, including a main user 1 and a secondary user 2. Generally, the main user 1 is the owner of the vehicle 3, while the secondary user 2 is a colleague, friend or a member of the family of the main user 1. The telephone 10 belongs to the user 1, while the telephone 20 belongs to the user 2.
    The vehicle 3 is equipped with a keyless entry system 4 (keyless entry system). The device 4 allows the opening and automatic closing of the opening of the vehicle 3 by the user 1 or 2, without having a key inserted in a lock. The doors include the doors and trunk of the vehicle 3.
    The present invention implements various numerical data, listed in Table 1 below:
    Table 1: Data Implemented by the Invention
    Also, the present invention implements various wireless communications, listed in Table 2 below:
    Table 2: Wireless Communications Implemented by the Invention
    The communications 11 and 21 preferably use a standard NFC ("Near Field Communication" in English) and / or a Bluetooth standard.
    Wireless communications 12 and 22 preferably use a Wifi, LTE, or other advanced mobile standard.
    The communication 13 uses a standard GSM, LTE, or any other mobile standard. The communication 13 can be established directly between the telephones 10 and 20, or pass through the cloud online ("cloud" in English).
    Different digital data D3 are stored securely in the vehicle 3, for example in the central unit of the vehicle 3 and / or in the device 4. The data D3 includes the master key MK, the primary key K1, the secondary key K2 and the tertiary key K3.
    The phones 10 and 20 are smartphones ("smartphones" in English), configured to communicate according to different wireless communication standards (including LTE, NFC, Bluetooth, Wifi, etc ...) and to run different applications. Each of the telephones 10 and 20 constitutes a personal electronic device ("personai electronic device" in English), carried by its respective user 1 or 2.
    In the context of the invention, the telephones 10 and 20 can connect to the keyless entry device 4 of the vehicle 3 via a dedicated application, under certain conditions detailed below. The application is referenced A10 on the phone 10 and A20 on the phone 20, it being understood that it is the same computer application.
    The key K3 is a first identification key associated with the vehicle 3, more precisely with the device 4. Once received in an encrypted manner by the telephone 10 from the server 30, the key K3 authorizes a connection of the telephone 10 to the device 4 via the Wireless communication 11. Similarly, once received encrypted by the telephone 20, the key K3 allows a connection of the telephone 20 to the device 4 via the wireless communication 21.
    The master key MK is a second identification key associated with the vehicle 3, more precisely with the device 4. The master key MK is assigned to the main user 1, for example when the vehicle is purchased or leased. MK key is changed when the vehicle 3 is assigned to a new main user, for example when selling the vehicle 3 to a new owner or renting to a new owner.
    Once the key MK has been received encrypted by the telephone 10 from the server 30, and if the communication 11 has been established by means of the key K3, then the key MK authorizes the access of the telephone 10 to the device 4 via the communication without Similarly, once the key MK has been encrypted by the telephone 20 from the telephone 10, and if the communication 21 has been established using the key K3, then the key MK authorizes the access of the telephone 20 to the telephone 20. device 4 via the wireless communication 21. Thus, the user 1 or 2 can control the device 4 the opening and closing of the opening of the vehicle 3.
    Initially, keys K3 and MK are stored securely in vehicle 3 and in server 30.
    After installation of the application A10 on the telephone 10: the telephone 10 can establish the wireless communication 12 with the server 30; the identifying information ID1 of the main user 1 is stored in the server 30; the elliptic EC encryption curve is downloaded to the telephone 10 from the server 30; the data D10 stored securely on the telephone 10 then include the identification information ID1 of the main user 1 and the elliptical encryption curve EC; without the keys K3 and MK, the telephone 10 can not yet access the vehicle 3 via the wireless communication 11.
    Likewise, after installation of the application A20 on the telephone 20: the telephone 20 can establish the wireless communication 22 with the server 30; the ID2 identification information of the secondary user 2 is stored in the server 30; the elliptic EC encryption curve is downloaded to the telephone 20 from the server 30; the data D20 stored securely on the telephone 20 include the ID2 identification information of the secondary user 2 and the elliptic EC encryption curve; without the keys K3 and MK, the telephone 20 can not yet access the vehicle 3 via the wireless communication 21.
    The server 30 is dedicated to the secure storage of SD server data relating, on the one hand, to the vehicle 3 and, on the other hand, to the telephones 10 and 20 configured to connect to the vehicle 3. The SD data include the elliptic curve of EC encryption, the master key MK, the primary key K1, the secondary key K2 and the tertiary key K3. After installing the A10 and A20 applications on the phones 10 and 20, the SD data also includes the ID1 and ID2 information.
    In practice, the system 100 may be shaped differently from Figure 1 without departing from the scope of the invention.
    Alternatively, the telephone 10 and / or 20 may be replaced by an electronic watch, a digital tablet, or a passive entry card, thereby constituting the personal electronic device having the features detailed above. for the telephone 10. Other personal electronic devices can be implemented without departing from the scope of the invention.
    According to another variant, the system 100 may comprise more than two personal electronic devices 10 and 20 associated with the device 4 equipping the vehicle 3.
    According to another variant, the system 100 may comprise several vehicles 3 equipped with keyless entry devices 4 associated with the same telephone 10.
    The access method according to the invention is detailed hereinafter with reference to FIGS. 2 and 3.
    FIG. 2 illustrates the first embodiment, of giving access to the vehicle 3 to the main user 1, while FIG. 3 illustrates the second embodiment of giving access to the vehicle 3 to the main user 1.
    Whatever the embodiment, the access method comprises a preliminary phase, a data exchange phase and an access phase.
    The preliminary phase comprises steps a1), a2) and a3) of providing the vehicle 3, the server 30 and the telephone 10.
    In the second embodiment, the preliminary phase further comprises a step a4) of providing the telephone 20. At this point, the A10 and A20 applications are installed on the telephones 10 and 20.
    The data exchange phase comprises successive steps b1), b2), b3), b4) and b5).
    In step b1), the application A10 sends a request to the server 30, along with the information ID1.
    In step b2), the server 30 recognizes the information ID1 and authorizes the execution of the request.
    In step b3), the server 30 encrypts the master key MK using the primary key K1 for encryption. The server 30 then generates encrypted server data KEC [SD] using the elliptic curve EC for encryption. The encrypted server data KEC [SD] includes the secondary key K2, the tertiary key K3, and the encrypted master key K1 [MK].
    In step b4), the server 30 sends the encrypted server data KEC [SD] to the telephone 10.
    In step b5), the application A10 installed on the telephone 10 uses the elliptic curve EC to decrypt the encrypted server data KEC [SD]. At this point, the data D10 stored on the telephone 10 includes the secondary key K2. the tertiary key K3, and the encrypted master key K1 [MK], However, the data D10 does not include the key K1, so that the application A20 can not decrypt the encrypted master key K1 [MK],
    In the first embodiment, step b5) is followed by the access phase of the user 1 to the vehicle 3. The access phase then comprises successive steps c1), c2), c3) and c4) .
    In step c1), the application A10 executes a secure connection procedure to the vehicle 3 via the communication 11, implementing the tertiary key K3. Preferably, the communication 11 is established automatically when the telephone 10 is located at a predetermined distance from the device 4 and has initialization parameters received from the server 30, including the key K3.
    In step c2), if the secure connection procedure succeeds, the application A10 transmits the encrypted master key K1 [MK] to the vehicle 3.
    In step c3), the vehicle 3 uses the primary key K1 to decrypt the encrypted master key K1 [MK],
    In step c4), after decryption, the vehicle 3 recognizes the master key MK and controls the keyless entry device 4, so that the main user 1 can access the vehicle through the application A10.
    Thus, the invention allows the user 1 to securely access the vehicle 3.
    In the second embodiment, after step b5), the data exchange phase further comprises successive steps b6), b7), b8), b9), b10), b11) and b12).
    In step b6), the application A20 sends a request to the application A10, accompanied by the information ID2.
    In step b7), the main user 1 agrees to lend the vehicle 3 to the secondary user 2. Preferably, this step b7) is performed manually by the user 1 on the application A10. For example, the request sent by the application is displayed on the application A10, and the user 1 presses "accept" or "refuse". If the user 1 does not accept to lend the vehicle 3 to the user 2, then the data exchange phase is interrupted. Advantageously in step b7), the main user 1 can define AC access conditions to the vehicle 3, for example a period of time during which the user 2 can have access to the vehicle 3.
    In step b8), the application A10 generates access data AK, including the encrypted master key K1 [MK], If the user 1 has defined access conditions AC in the step b7), then the access data AK includes the encrypted master key K1 [MK] and the predefined AC access conditions.
    In step b9), the application A10 generates encrypted access data K2 [AK] using the secondary key K2 for encryption.
    In step b10), the application A10 generates encrypted mobile data KEC [MD] using the elliptic curve EC for encryption. The encrypted mobile data KEC [MD] includes the tertiary key K3 and the encrypted access data K2 [AK],
    In step b11), the application A10 transmits the encrypted mobile data KEC [MD] to the application A20.
    In step b12), the application A20 uses the elliptic curve EC to decrypt the encrypted mobile data KEC [MD]. At this point, the data D20 stored on the telephone 20 includes the tertiary key K3 and the access data. encrypted K2 [AK], However, the data D20 does not include the key K2, so that the application A20 can not decrypt the encrypted access data K2 [AK],
    In the second embodiment, step b12) is followed by the access phase of the user 2 to the vehicle 3. The access phase then comprises successive steps d1), d2), d3) and d4) .
    In step d1), the application A20 executes a secure connection procedure to the vehicle 3 via the communication 21, implementing the tertiary key K3. Preferably, the communication 21 is established automatically when the telephone 20 is located at a predetermined distance from the device 4 and has initialization parameters received from the telephone 10, including the key K3.
    In step d2), if the secure connection procedure succeeds, the application A20 transmits the encrypted access data K2 [AK] to the vehicle 3.
    In step d3), the vehicle 3 uses the secondary key K2 to decrypt the encrypted access data K2 [AK],
    In step d4), after decryption, the vehicle 3 recognizes the access data AK, including the encrypted master key K1 [MK] and the access conditions AC. The vehicle 3 uses the primary key K1 to decrypt the encrypted master key K1 [MK], the vehicle 3 then controls the keyless entry device 4, so that the secondary user 2 can access the vehicle through the application A20.
    Thus, the invention allows the user 1 to securely authorize the user 2 to access the vehicle 3, then the user 2 to securely access the vehicle 3.
    In practice, the technical characteristics of the various variants mentioned above may be, in whole or in part, combined with one another.
    Thus, the method and the system 100 of secure access to the vehicle 3 can be adapted in terms of cost, ergonomics, functionality and performance.
    权利要求:
    Claims (16)
    [1" id="c-fr-0001]
    A method of accessing a vehicle (3), comprising a preliminary phase including the following steps: a1) providing the vehicle (3), which is controllable by different users, including a main user (1) and a secondary user ( 2), which is equipped with a keyless entry device (4), and which stores a master key (MK), a primary key (K1), a secondary key (K2) and a tertiary key (K3); a2) providing a remote data server (30), which stores server data (SD) including identification information (ID1) of the main user (1), an elliptical encryption curve (EC), the master key (MK), the primary key (K1), the secondary key (K2) and the tertiary key (K3); a3) providing a first personal device (10) which belongs to the primary user (1), which comprises an application (A10) configured to connect to the keyless entry device (4) and the server (30), and which stores the identification information (ID1) of the main user (1) and the elliptical encryption curve (EC); the access method then comprising a data exchange phase including the following successive steps: b1) the application (A10) installed on the first personal device (10) sends the identification information (ID1) of the user principal (1) to the server (30); b2) the server (30) recognizes the identification information (ID1) of the main user (1); b3) the server (30) generates encrypted server data (KEC [SDJ] using the elliptic encryption curve (EC) for encryption, the encrypted server data (KEC [SD]) including the secondary key (K2), the tertiary key (K3), and an encrypted master key (K1 [MK]) using the primary key (K1) for encryption; b4) the server (30) sends the encrypted server data (KEC [SD]) to the first personal device (10); b5) the first personal device (10) uses the elliptic encryption curve (EC) to decrypt the encrypted server data (KEC [SDJ], so that the first personal device (10) stores the secondary key (K2), the key tertiary (K3), and the encrypted master key (K1 [MKJ]; the access method then comprising an access phase including the following successive steps: c1) the application (A10) installed on the first personal device (10) executes a secure connection procedure to the vehicle (3), by setting works the tertiary key (K3); c2) if the secure connection procedure succeeds, the application (A10) installed on the first personal device (10) transmits the encrypted master key (K1 [MK]) to the vehicle (3); c3) the vehicle (3) uses the primary key (K1) to decrypt the encrypted master key (K1 [MK]); c4) after decryption, the vehicle (3) recognizes the master key (MK) and controls the keyless entry device (4), so that the main user (1) can access the vehicle through the application ( A10) installed on the first personal device (10).
    [2" id="c-fr-0002]
    2. Method of accessing a vehicle (3), comprising a preliminary phase including the following steps: a1) providing the vehicle (3), which is controllable by different users, including a main user (1) and a secondary user ( 2), which is equipped with a keyless entry device (4), and which stores a master key (MK), a primary key (K1), a secondary key (K2) and a tertiary key (K3); a2) providing a remote data server (30), which stores server data (SD) including identification information (ID1) of the main user (1), an elliptical encryption curve (EC), the master key (MK), the primary key (K1), the secondary key (K2) and the tertiary key (K3); a3) providing a first personal device (10) which belongs to the primary user (1), which comprises an application (A10) configured to connect to the keyless entry device (4) and the server (30), and which stores the identification information (ID1) of the main user (1) and the elliptical encryption curve (EC); a4) providing a second personal device (20) which belongs to the secondary user (2), which comprises an application (A20) configured to connect to the keyless entry device (4), and which stores information of identification (ID2) of the secondary user (2) and the elliptical encryption curve (EC); the access method then comprising a data exchange phase including the following successive steps: b1) the application (A10) installed on the first personal device (10) sends the identification information (ID1) of the user principal (1) to the server (30); b2) the server (30) recognizes the identification information (ID1) of the main user (1); b3) the server (30) generates encrypted server data (KEC [SD]) using the elliptic encryption curve (EC) for encryption, the encrypted server data (KEC [SD]) including the secondary key (K2), the tertiary key (K3), and an encrypted master key (K1 [MK]) using the primary key (K1) for encryption; b4) the server (30) sends the encrypted server data (KEC [SD]) to the first personal device (10); b5) the first personal device (10) uses the elliptic encryption curve (EC) to decrypt the encrypted server data (KEC [SD]), so that the first personal device (10) stores the secondary key (K2), the tertiary key (K3), and the encrypted master key (K1 [MK]); b6) the application (A20) installed on the second personal device (20) sends the identification information (ID2) of the secondary user (2) to the application (A10) installed on the first personal device (10) ; b7) the main user (1) agrees to lend the vehicle (3) to the secondary user (2); b8) the application (A10) installed on the first personal device (10) generates access data (AK), including the encrypted master key (K1 [MK]); b9) the application (A10) installed on the first personal device (10) generates encrypted access data (K2 [AK]) by using the secondary key (K2) for encryption; b10) the application (A10) installed on the first personal device (10) generates encrypted mobile data (KEC [MD]) using the elliptic encryption curve (EC) for encryption, the encrypted mobile data (KEC [MD] ]) including the tertiary key (K3), and the encrypted access data (K2 [AK]); b11) the application (A10) installed on the first personal device (10) transmits the encrypted mobile data (KEC [MD]) to the application (A20) installed on the second personal device (20); b12) the application (A20) installed on the second personal device (20) uses the elliptic encryption curve (EC) to decrypt the encrypted mobile data (KEC [MDJ]), so that the second personal device (20) stores the tertiary key (K3) and encrypted access data (K2 [AK]); the access method then comprising an access phase including the following successive steps: d1) the application (A20) installed on the second personal device (20) executes a secure connection procedure to the vehicle (3), by setting works the tertiary key (K3); d2) if the secure connection procedure succeeds, the application (A20) installed on the second personal device (20) transmits the encrypted access data (K2 [AK]) to the vehicle (3); d3) the vehicle (3) uses the secondary key (K2) to decrypt the encrypted access data (K2 [AK]); d4) after decryption, the vehicle (3) recognizes the access data (AK) and controls the keyless entry device (4), so that the secondary user (2) can access the vehicle through the application (A20) installed on the second personal device (20).
    [3" id="c-fr-0003]
    3. Access method according to claim 2, characterized in that step b7) is performed manually by the main user (1) on the application (A10) installed on the first personal device (10).
    [4" id="c-fr-0004]
    4. Access method according to one of claims 2 or 3, characterized in that in step b7), the main user (1) defines access conditions (AC) to the vehicle (3), by example, a set period of time, and in that in step b8), the access data (AK) includes, on the one hand, the encrypted master key (K1 [MK]) using the primary key (K1 ) for encryption and on the other hand, the predefined access conditions (AC).
    [5" id="c-fr-0005]
    5. Access method according to one of claims 2 to 4, characterized in that in step b6), the identification information (ID2) of the secondary user (2) include an email address, a name and / or a phone number.
    [6" id="c-fr-0006]
    6. Access method according to one of claims 2 to 5, characterized in that the application (A20) installed on the second personal device (20) is configured to connect to the server (30) under certain conditions.
    [7" id="c-fr-0007]
    7. Access method according to one of claims 2 to 6, characterized in that the second personal device (20) is a mobile phone.
    [8" id="c-fr-0008]
    8. Access method according to one of claims 2 to 6, characterized in that the second personal device (20) is an electronic watch, a digital tablet or a passive input card.
    [9" id="c-fr-0009]
    9. Access method according to one of claims 1 to 8, characterized in that the first personal device (10) is a mobile phone.
    [10" id="c-fr-0010]
    10. Access method according to one of claims 1 to 8, characterized in that the first personal device (10) is an electronic watch, a digital tablet or a passive input card.
    [11" id="c-fr-0011]
    11. Access method according to one of claims 1 to 10, characterized in that in step b1), the identification information (ID1) of the main user (1) includes an email address, a name and / or a phone number.
    [12" id="c-fr-0012]
    Access method according to one of claims 1 to 11, characterized in that the master key (MK) defined for the vehicle (3) is assigned to the main user (1) and is modified when the vehicle ( 3) is associated with a new primary user.
    [13" id="c-fr-0013]
    13. Access method according to one of claims 1 to 12, characterized in that the elliptic cryptographic curve (EC) is an elliptic curve of Diffie-Hellman.
    [14" id="c-fr-0014]
    14. A vehicle access system (100) (3), comprising: the vehicle (3) which is controllable by different users, including a main user (1) and a secondary user (2), which is equipped with a keyless entry device (4), and which stores a master key (MK), a primary key (K1), a secondary key (K2) and a tertiary key (K3); a remote data server (30), which stores server data (SD) including identification information (ID1) of the main user (1), an elliptical encryption curve (EC), the master key (MK) , the primary key (K1), the secondary key (K2) and the tertiary key (K3); and a first personal device (10) which belongs to the main user (1), which comprises an application (A10) configured to connect to the keyless entry device (4) and the server (30), and stores the elliptic encryption curve (EC) and the identification information (ID1) of the main user d); wherein the vehicle (3), the server (30) and the first personal device (10) are configured to implement the access method according to claim 1.
    [15" id="c-fr-0015]
    Access system (100) according to claim 14, characterized in that the access system (100) comprises a second personal device (20) which belongs to the secondary user (2), which comprises an application ( A20) configured to connect to the keyless entry device (4), and which stores identification information (ID2) of the secondary user (2) and the elliptical encryption curve (EC); and in that the vehicle (3), the server (30), the first personal device (10) and the second personal device (20) are configured to implement the access method according to claim 2.
    [16" id="c-fr-0016]
    Computer application (A10; A20), configured to be installed and then executed on a personal electronic device (10; 20), the application (A10; A20) comprising portions of code for implementing the steps of the method access according to one of claims 1 to 13, when the application (A10; A20) is executed on the personal electronic device (10; 20).
    类似技术:
    公开号 | 公开日 | 专利标题
    EP3236429B1|2019-01-09|Method and system for secure access to a vehicle
    EP1601225B1|2009-07-22|Method and apparatus for secure duplication of SIM card informations
    JP6568355B2|2019-08-28|Method and apparatus for mutual communication of accounts between apps
    CN108183972B|2019-08-30|Document handling method and terminal
    EP2957086B1|2017-04-05|Method for creating a profile in a security domain of a secured element
    EP2746984A2|2014-06-25|Method to access data in an electronic apparatus
    EP2869232A1|2015-05-06|Security key device for secure cloud services, and system and method of providing security cloud services
    US10079679B2|2018-09-18|Cryptographic encryption key escrow and recovery
    US20180183783A1|2018-06-28|Push notification activation
    CN103034811B|2016-08-03|A kind of method, system and device of file process
    CN103997730A|2014-08-20|Method for decrypting, copying and pasting encrypted data
    CN103916471A|2014-07-09|Information display method and device
    CN105429800A|2016-03-23|Network connection processing method and device and terminal equipment
    EP3195553B1|2018-12-12|Pairing method between a mobile device and an electronic module of a vehicle
    FR2821188A1|2002-08-23|SECURE STORAGE OF PERSONAL DATA AND CONSULTATION, CHIP CARD, TERMINAL AND SERVER FOR IMPLEMENTING THE PROCESS
    KR101432657B1|2014-08-25|A web based black box and a system linked with mobile device by WiFi
    EP3363178B1|2021-03-03|Electronic device comprising a secure module supporting a mode for the local management of the configuration of a subscriber profile
    CN110188556B|2022-02-18|System and method for realizing safe user data acquisition and authorization processing
    FR3048320A1|2017-09-01|METHOD AND SYSTEM FOR EXCHANGE OF DATA BETWEEN USERS OF A VEHICLE
    EP3667530A1|2020-06-17|Secure access to encrypted data from a user terminal
    CN110417638B|2021-10-26|Communication data processing method and device, storage medium and electronic device
    CN112543431A|2021-03-23|Account synchronization method, medium and server
    CN109557838B|2021-12-07|Household appliance control method and device
    EP3629544A1|2020-04-01|Digital credential revocation
    EP3239849B1|2020-12-23|Data sharing method for terminal, data sharing apparatus and terminal
    同族专利:
    公开号 | 公开日
    US10395458B2|2019-08-27|
    FR3050301B1|2018-03-30|
    US20170301167A1|2017-10-19|
    CN107305710A|2017-10-31|
    EP3236429B1|2019-01-09|
    CN107305710B|2021-08-31|
    EP3236429A1|2017-10-25|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    US20040064698A1|2002-10-01|2004-04-01|Xiaomang Zhang|Electronic seal, memory medium, advanced authentication system, mobile device, and vehicle start control apparatus|
    EP1569482A1|2004-01-29|2005-08-31|Nagracard S.A.|Method for securing the transmission of short messages|
    US20130259232A1|2010-09-28|2013-10-03|Valeo Securite Habitacle|Method for pairing a mobile telephone with a motor vehicle and locking/unlocking set|
    WO2014014945A2|2012-07-17|2014-01-23|Texas Instruments Incorporated|Id-based control unit key fob pairing|
    EP2743868A1|2012-12-14|2014-06-18|Seven Principles AG|Virtual vehicle key|
    US20140169564A1|2012-12-14|2014-06-19|GM Global Technology Operations LLC|Method and system for secure and authorized communication between a vehicle and wireless communication devices or key fobs|FR3090722A1|2018-12-19|2020-06-26|Valeo Comfort And Driving Assistance|Vehicle unlocking control system, vehicle unlocking method, method and system for storing a virtual key|JP5996872B2|2012-01-11|2016-09-21|株式会社東海理化電機製作所|Lending system|
    US8798809B2|2012-08-21|2014-08-05|GM Global Technology Operations LLC|System for passive entry and passive start using near field communication|
    US8831224B2|2012-09-14|2014-09-09|GM Global Technology Operations LLC|Method and apparatus for secure pairing of mobile devices with vehicles using telematics system|
    CN103220271A|2013-03-15|2013-07-24|福建联迪商用设备有限公司|Downloading method, management method, downloading management method, downloading management device and downloading management system for secret key|
    US9571284B2|2014-03-13|2017-02-14|GM Global Technology Operations LLC|Controlling access to personal information stored in a vehicle using a cryptographic key|US10293787B2|2017-08-10|2019-05-21|Ford Global Technologies, Llc|Vehicle key management|
    JP6635103B2|2017-10-24|2020-01-22|トヨタ自動車株式会社|Information processing apparatus, information processing method, and program|
    US10755502B2|2017-12-28|2020-08-25|Toyota Jidosha Kabushiki Kaisha|Trunk-sharing system, information processing device for trunk-sharing, information processing method for trunk-sharing, and recording medium having program stored therein|
    法律状态:
    2017-04-26| PLFP| Fee payment|Year of fee payment: 2 |
    2017-10-20| PLSC| Publication of the preliminary search report|Effective date: 20171020 |
    2018-04-25| PLFP| Fee payment|Year of fee payment: 3 |
    2019-08-26| PLFP| Fee payment|Year of fee payment: 4 |
    2020-09-25| PLFP| Fee payment|Year of fee payment: 5 |
    2021-04-26| PLFP| Fee payment|Year of fee payment: 6 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1653459A|FR3050301B1|2016-04-19|2016-04-19|METHOD AND SYSTEM FOR SECURE ACCESS TO A VEHICLE|
    FR1653459|2016-04-19|FR1653459A| FR3050301B1|2016-04-19|2016-04-19|METHOD AND SYSTEM FOR SECURE ACCESS TO A VEHICLE|
    EP17166756.1A| EP3236429B1|2016-04-19|2017-04-18|Method and system for secure access to a vehicle|
    CN201710257651.2A| CN107305710B|2016-04-19|2017-04-19|Safe vehicle access control method and system|
    US15/491,274| US10395458B2|2016-04-19|2017-04-19|Secure vehicle access method and system|
    [返回顶部]