Search

KR-102964159-B1 - SECURE COMMUNICATION METHOD OF VEHICLE KEY FOB FOR PREVENTING REPLAY ATTACK AND SECURE COMMUNICATION SYSTEM THEREOF

KR102964159B1KR 102964159 B1KR102964159 B1KR 102964159B1KR-102964159-B1

Abstract

A secure communication method for a smart key for a vehicle is disclosed, which is performed by electronic devices of the vehicle and the smart key, respectively. The secure communication method comprises the steps of: the smart key and the vehicle sharing parameters based on a key exchange protocol; the smart key generating a shared value (A) based on the parameters; the vehicle and the smart key each generating a common secret key (K) based on the shared value (A) and the parameters; and the vehicle verifying the integrity of the security authentication of the smart key based on the common secret key (K).

Inventors

  • 전상훈
  • 조성민
  • 강보근

Assignees

  • 국민대학교산학협력단

Dates

Publication Date
20260513
Application Date
20240205

Claims (20)

  1. In a secure communication method for a smart key for a vehicle, performed by electronic devices of the vehicle and the smart key, respectively, A step in which the smart key and the vehicle share parameters based on a key exchange protocol; The smart key generates a shared value (A) based on the parameters, and the vehicle and the smart key each generate a common secret key (K) based on the shared value (A) and the parameters; and The vehicle includes a step of verifying the integrity of the security authentication of the smart key based on the common secret key (K), and The step of generating the above common secret key (K) is, The step of the smart key generating a random number (a) for each security authentication session; A step in which the smart key applies the random number (a) to the first modular operation to generate the shared value (A); A step in which the smart key transmits the shared value (A) to the vehicle; The step of generating the common secret key (K) by applying the private key (b) to the second modular operation using the smart key; and A secure communication method for a smart key for a vehicle, comprising the step of the vehicle applying the shared value (A) to a third modular operation and a second modular operation to generate the common secret key (K).
  2. In Article 1, The above key exchange protocol is a secure communication method for a smart key for a vehicle, comprising a Diffie-Hellman protocol.
  3. In Article 1, A secure communication method for a smart key for a vehicle, wherein the above parameters include a large prime number (p), a root module (g), and a private key (b).
  4. In Paragraph 3, A secure communication method for a smart key for a vehicle, wherein the above root module (g) is a primitive root of the above large prime number (p) and is a number smaller than the above large prime number (p).
  5. delete
  6. In Article 1, The above first modular operation includes ga(mod p), and The above second modular operation includes gab(mod p), and The above third modular operation is a secure communication method for a smart key for a vehicle, comprising Ab(mod p).
  7. In Article 1, The step of verifying the integrity mentioned above is, The step of the smart key generating a random number (a) for each session of security authentication; A step in which the smart key applies the random number (a) to a hash algorithm to generate a first hash value; The step of the smart key generating a security authentication message including the first hash value; The step of transmitting the security authentication message, encrypted with the common secret key (K), to the vehicle using the smart key; A step in which the vehicle decrypts the security authentication message using the common secret key (K) to calculate a second hash value; The step of the vehicle comparing the first hash value and the second hash value; and A secure communication method for a smart key for a vehicle, comprising the step of verifying the integrity of the security authentication message according to the comparison result of the vehicle.
  8. In Article 7, The above hash algorithm is a secure communication method for a smart key for a vehicle, comprising a SHA-256 hash algorithm.
  9. In Article 7, The step of verifying the integrity of the security authentication message based on the above comparison result is, A secure communication method for a smart key for a vehicle, comprising the step of determining the security authentication message received from the smart key as intact when the first hash value and the second hash value match.
  10. In Article 7, The step of verifying the integrity of the security authentication message based on the above comparison result is, The step of creating a hash table by storing at least one hash value received in the past by the vehicle; If the first hash value and the second hash value match, the vehicle searches for a hash value that overlaps with the first hash value from the hash table; and A secure communication method for a vehicle smart key, comprising a step of determining a retransmission attack based on search results.
  11. In Article 10, The step of determining a replay attack based on the above search results is, A step in which, if a hash value duplicates the first hash value, the vehicle determines the security authentication message as the retransmission attack; and A secure communication method for a smart key for a vehicle, comprising the step of the vehicle refusing to receive the security authentication message.
  12. In a secure communication system including electronic devices for a vehicle and a smart key, respectively, An electronic device of a smart key that generates a shared value (A) and a common secret key (K) based on parameters, encrypts a security authentication message with the common secret key (K), and transmits the security authentication message to the vehicle; An electronic device of a vehicle that generates the common secret key (K) based on the above parameters and the above shared value (A), and verifies the integrity of the smart key by decoding the security authentication message received with the common secret key (K); and It includes a database server that supports a key exchange protocol for the vehicle and the smart key, stores parameters based on the key exchange protocol, and shares them with the electronic device of the vehicle and the electronic device of the smart key. The electronic device of the smart key above is, A first memory storing the above parameters and the above common secret key (K); and It includes a first processor configured to control the operation of the smart key, and The above-mentioned first processor is, A random number (a) is generated for each security authentication session, and The above random number (a) is applied to the first modular operation to generate the above shared value (A), and The private key (b) is applied to the second modular operation to generate the common secret key (K), and The above random number (a) is applied to a hash algorithm to generate a first hash value, and A security authentication message including the above-mentioned first hash value is generated, and A secure communication system for a vehicle smart key that encrypts the security authentication message using the above common secret key (K).
  13. In Article 12, The above key exchange protocol is a secure communication system for a vehicle smart key, comprising the Diffie-Hellman protocol.
  14. In Article 13, The above parameters include a large prime number (p), a root module (g), and a private key (b), in a secure communication system for a smart key for a vehicle.
  15. In Article 14, A secure communication system for a smart key for a vehicle, wherein the above root module (g) is a primitive root of the above large prime number (p) and is a number smaller than the above large prime number (p).
  16. delete
  17. In Article 12, The electronic device of the above vehicle is, A second memory storing the above parameters and the above common secret key (K); and It includes a second processor configured to control the operation of the vehicle with respect to the smart key, and The above second processor is, The shared value (A) received from the smart key is applied to the third modular operation and the second modular operation to generate the common secret key (K), and The above security authentication message is decrypted using the above common secret key (K) to calculate a second hash value, and Compare the first hash value and the second hash value, A secure communication system for a vehicle smart key that verifies the integrity of the above security authentication message based on a comparison result.
  18. In Article 17, The above second processor is, A secure communication system for a vehicle smart key that determines the security authentication message received from the smart key as having integrity when the first hash value and the second hash value match.
  19. In Article 17, The above second memory is, Create a hash table by storing at least one hash value received in the past, and The above second processor is, If the first hash value and the second hash value match, a hash value that duplicates the first hash value is searched from the hash table, and If a hash value duplicated with the first hash value is found, the security authentication message is determined to be a retransmission attack, and A secure communication system for a vehicle smart key that refuses to receive the above security authentication message.
  20. In a non-transient computer-readable recording medium storing computer instructions that cause each electronic device to perform an operation when executed by a processor of each electronic device of a vehicle and a smart key, The above operation is, A step in which the smart key and the vehicle share parameters based on a key exchange protocol; The smart key generates a shared value (A) based on the parameters, and the vehicle and the smart key each generate a common secret key (K) based on the shared value (A) and the parameters; and The vehicle includes a step of verifying the integrity of the security authentication of the smart key based on the common secret key (K), and The step of generating the above common secret key (K) is, The step of the smart key generating a random number (a) for each security authentication session; A step in which the smart key applies the random number (a) to the first modular operation to generate the shared value (A); A step in which the smart key transmits the shared value (A) to the vehicle; The step of generating the common secret key (K) by applying the private key (b) to the second modular operation using the smart key; and A recording medium comprising the step of the vehicle applying the shared value (A) to the third modular operation and the second modular operation to generate the common secret key (K).

Description

Secure communication method of a vehicle smart key for preventing replay attacks and secure communication system thereof The present invention relates to a secure communication method between a vehicle and a smart key performed by an electronic device, and a secure communication system for the same. Recently, vehicle keyless entry systems have become widely adopted due to the convenience and efficiency they offer by eliminating the need for physical keys. Keyless entry systems and smart keys (Key Pob) are closely related; a keyless entry system is a system that provides the functionality to unlock and start a vehicle using a smart key. It consists of two main elements: a receiver installed in the vehicle and a smart key carried by the driver. A smart key is a wireless key used to perform functions such as locking the vehicle doors, starting the engine, and honking the horn. Smart keys communicate with the vehicle using Low Frequency (LF) and RF communication. LF communication is a low-frequency signal characterized by a short propagation range and low power consumption. Therefore, LF communication is primarily used to verify whether the vehicle and the smart key are within a valid range. RF communication is a high-frequency signal characterized by a long propagation range and high security. Consequently, RF communication is mainly used to transmit control messages related to opening and closing the vehicle doors. While smart keys provide convenience and efficiency to vehicle owners, they have a security vulnerability in that messages can be easily intercepted by attackers. Even if the actual driver is not near the vehicle, an attacker can use an amplifier near the driver to make it appear as if the smart key is within the vehicle's valid range. In other words, an attacker can perform an attack from outside the smart key's communication range. For example, if the communication between the smart key and the vehicle is not encrypted, an attacker can intercept and reverse the communication to decrypt the contents of control messages and control the vehicle. Alternatively, an attacker could block the vehicle from receiving signals sent by the driver or send a large number of signals to confuse the vehicle. Furthermore, if wireless firmware update technology is applied to the smart key, maliciously modified firmware can be updated, and attacks involving physically injecting firmware into the smart key via Chip Off technology are also possible. In addition, unlike car keys, smart keys are small and easy to carry, so they are at high risk of loss or theft. Furthermore, an attacker can eavesdrop on the smart key's wireless communication signals and control the vehicle. To address this, conventional keyless entry systems have utilized a blockchain-based approach. This approach uses a private blockchain to treat the smart key and the vehicle as two separate users, allowing miners to use smart contracts to permit or deny the smart key access to the corresponding vehicle. However, this approach has limitations, such as potential overhead in embedded systems, and can be vulnerable to replay attacks. Alternatively, conventional keyless entry systems employ time-based authentication for communication between the vehicle and the smart key. This method involves the vehicle and the smart key sharing time information to ensure message integrity. However, this approach has a limitation in that an attacker can succeed if they intercept the time information of both the vehicle and the smart key. Accordingly, there is a need for security mechanisms to prevent man-in-the-middle and replay attacks that may occur in vehicle keyless entry systems. FIG. 1 is a drawing for explaining a secure communication system for a vehicle smart key according to one embodiment of the present invention. FIG. 2 is a block diagram illustrating a secure communication system for a smart key for a vehicle according to one embodiment of the present invention. FIG. 3 is a block diagram of an electronic device of a smart key according to one embodiment of the present invention. FIG. 4 is a block diagram of an electronic device of a vehicle according to one embodiment of the present invention. FIG. 5 is an example of a message generation unit of an electronic device of a smart key according to one embodiment of the present invention. FIG. 6 is a flowchart illustrating a secure communication method for a smart key for a vehicle according to one embodiment of the present invention. FIG. 7 is a flowchart illustrating the step of generating a common secret key (K) of a secure communication method for a smart key for a vehicle according to one embodiment of the present invention. FIG. 8 is a flowchart illustrating the steps for verifying the integrity of a secure communication method for a smart key for a vehicle according to one embodiment of the present invention. FIG. 9 is a flowchart illustrating the steps for verifying the integrity of a secure communication