CN102673515A - RFID (Radio Frequency Identification Device)-based relay-attack-resisting passive keyless unlocking and starting method - Google Patents
RFID (Radio Frequency Identification Device)-based relay-attack-resisting passive keyless unlocking and starting method Download PDFInfo
- Publication number
- CN102673515A CN102673515A CN2012101609766A CN201210160976A CN102673515A CN 102673515 A CN102673515 A CN 102673515A CN 2012101609766 A CN2012101609766 A CN 2012101609766A CN 201210160976 A CN201210160976 A CN 201210160976A CN 102673515 A CN102673515 A CN 102673515A
- Authority
- CN
- China
- Prior art keywords
- key
- car
- rfid
- produces
- attack
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims description 7
- 238000005516 engineering process Methods 0.000 description 3
- 238000013459 approach Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Abstract
The invention relates to an RFID (Radio Frequency Identification Device)-based relay-attack-resisting passive keyless unlocking and starting scheme which is realized by the following stages: initializing stage, slow-speed stage, high-speed stage and verifying stage. According to a safe distance defining protocol, a ranging trick for reducing a measuring/estimating distance is prevented by limiting an upper bound of a distance between nodes, so that the threat of relay attack is effectively avoided.
Description
Technical field
The invention belongs to RFID safety guard-safeguard field, the passive no key that relates to a kind of anti-relay attack based on RFID is unblanked and the startup scheme.
Background technology
Passive keyless is unblanked and start-up system (PKES; Passive Keyless Entry and Start System) be to get into (the RKE of system in remote keyless; Remote Keyless Entry) grows up on the basis; Progressively develop as anti-theft technique of new generation; Progressively got into field, middle-grade car market at present from luxury car market, not only high-end automakers such as benz, BMW have extensively adopted PKE, also adopt this technology one after another as medium-sized vehicles such as Ford Mondeo, the sounds of nature made in Japan and novel Mazdas.PKES is not a traditional key, but an Intelligent key is similar to smart card.When the driver stepped into stated limit, this system was judged if the driver of legal authorization then opens the door automatically through identification.After getting on the bus, the driver only need get final product the starting ignition switch by a button.As the passive no key vehicle entrance guard device of a kind of heldfree type, PKES is huge in the development potentiality of automotive market, will become the mainstream configuration option gradually.
But existing P KES technology is very limited to the strick precaution ability of relay attack.
As shown in Figure 1, this figure is the relay attack illustraton of model to PKES, and the relay attack model of PKES is made up of three essential parts and four basic steps, and car is verifier's node, and the key agency is verified node.
Wherein, three essential parts comprise: the car agency: near key one end, mislead real key and think that the car agency is exactly real car; Key agency:, mislead real car and think that the key agency is exactly real key near Che Yiduan; Relaying passage: the communication channel that connects car agency and key agency.
Four basic steps comprise: car requires the key agency that authentication information is provided; Car the agency give real car key with the authentication requesting relaying; Car key provides legal authentication information to act on behalf of to car; The authentication information that key agency obtains the car agency gives real car with through authentication.
Representative type relay attack scene is the supermarket shopping scene: in the car owner of car key in shopping the pocket; And car is parked in the parking area in supermarket; The assailant passes through relay attack apparatus near the car owner, and then reaches through repeater car key unlocking and the purpose that starts function theft vehicle.
Summary of the invention
The threat of the relay attack that the objective of the invention is to exist with start-up system to unblanking based on the passive no key of RFID; Define agreement based on safety distance; The passive no key that the proposes a kind of anti-relay attack safety approach with start-up system of unblanking, wherein, adopting safety distance to define agreement is through limiting the upper bound of euclidean distance between node pair; Prevent dwindling the range finding deception that measurement/estimated distance is a purpose, thereby effectively avoided the threat of relay attack.
Unblank and the implementation procedure that starts scheme is divided into four-stage based on the passive no key of the anti-relay attack of RFID:
Initial phase: carry out initialization operations such as system parameter setting and encryption key distribution;
Stage at a slow speed: car and key carry out random number exchange and challenge-response beamhouse operation;
The quick stage: carry out some challenge-response operations of taking turns between car and the key;
Qualify Phase: car is verified the situation of replying of key.
Unblank and the concrete grammar that starts is based on the passive no key of the anti-relay attack of RFID:
Step 1: share a key x and a security parameter n between car V and the key K, and a pseudo-random function H who is output as 2n.Car V is provided with a rational time threshold values Δ t according to actual conditions
Max
Step 2: car V produces a random number N
a, and send to key K;
Step 3: key K produces a random number N
b, and send to car V;
Step 4: car V and key K calculate H respectively
2n=H (x, N
a, N
b), and it is divided into p=H according to high low level
1... H
nAnd v=H
N+1... H
2nTwo parts;
Step 5: car V produces i wheel (1≤i≤n) challenge: produce a random order C
i(value is 0 or 1) is if cooresponding p
i=1, car V sends C
iGive key K; If cooresponding p
i=0 and
Car V sends C
iGive key K; If p
i=0 and
Do not send any information;
Step 6: key K produces i to take turns (1≤i≤n) reply: if
Key K is made as a random order for replying of car V, otherwise key K gives to reply and is made as
(C
iV obtains from car);
Step 7: car V checking is during each takes turns
Whether set up, and Δ t
i≤Δ t
MaxWherein, Δ t
iBe that each takes turns the time difference that time meter begins and finishes.Otherwise report an error authentication failed.
Beneficial effect of the present invention is: through solving distance between car and the key in reasonable range; Be the real transmission time to be no more than the threat that the time threshold values has been avoided relay attack; The present invention is through adopting the security protocol verification mechanism of strengthening to the PKES system based on RFID; To improving the safety of system, resisting relay attack has effect preferably, and using value is apparent in view.
Description of drawings
Fig. 1 is a relay attack model scheme drawing according to the invention;
Fig. 2 unblanks for the passive no key of anti-relay attack of the present invention and starts the scheme drawing of method.
The specific embodiment
As shown in Figure 2, the passive no key of anti-relay attack is unblanked and the startup method is:
Step 1: share a key x and a security parameter n between car V and the key K, and a pseudo-random function H who is output as 2n.Car V is provided with a rational time threshold values Δ t according to actual conditions
Max
Step 2: car V produces a random number N
a, and send to key K.
Step 3: key K produces a random number N
b, and send to car V.
Step 4: car V and key K calculate H respectively
2n=H (x, N
a, N
b), and it is divided into p=H according to high low level
1... H
nAnd v=H
N+1... H
2nTwo parts.
Step 5: car V produces i wheel (1≤i≤n) challenge: produce a random order C
i(value is 0 or 1) is if cooresponding p
i=1, car V sends C
iGive key K; If cooresponding p
i=0 and
Car V sends C
iGive key K; If p
i=0 and
Do not send any information.
Step 6: key K produces i to take turns (1≤i≤n) reply: if
Key K is made as a random order for replying of car V, otherwise key K gives to reply and is made as
(C
iV obtains from car).
Step 7: car V checking is during each takes turns
Whether set up, and Δ t
i≤Δ t
Max
Wherein, Δ t
iBe that each takes turns the time difference that time meter begins and finishes.Otherwise report an error authentication failed.
Claims (1)
1. unblank based on the passive no key of the anti-relay attack of RFID and the startup method is:
Step 1: share a key x and a security parameter n between car V and the key K, and a pseudo-random function H who is output as 2n, car V is provided with a rational time threshold values Δ t according to actual conditions
Max
Step 2: car V produces a random number N
a, and send to key K;
Step 3: key K produces a random number N
b, and send to car V;
Step 4: car V and key K calculate H respectively
2n=H (x, N
a, N
b), and it is divided into p=H according to high low level
1... H
nAnd v=H
N+1... H
2nTwo parts;
Step 5: car V produces i wheel (1≤i≤n) challenge: produce a random order C
i(value is 0 or 1) is if cooresponding p
i=1, car V sends C
iGive key K; If cooresponding p
i=0 and
Car V sends C
iGive key K; If p
i=0 and
Do not send any information;
Step 6: key K produces i to take turns (1≤i≤n) reply: if
Key K is made as a random order for replying of car V, otherwise key K gives to reply and is made as
(C
iV obtains from car);
Step 7: car V checking is during each takes turns
Whether set up, and Δ t
i≤Δ t
Max
Wherein, Δ t
iBe that each takes turns the time difference that time meter begins and finishes, otherwise report an error authentication failed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210160976.6A CN102673515B (en) | 2012-05-23 | 2012-05-23 | The passive of anti-relay attack based on RFID is unblanked and startup method without key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210160976.6A CN102673515B (en) | 2012-05-23 | 2012-05-23 | The passive of anti-relay attack based on RFID is unblanked and startup method without key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102673515A true CN102673515A (en) | 2012-09-19 |
| CN102673515B CN102673515B (en) | 2016-08-31 |
Family
ID=46806261
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210160976.6A Active CN102673515B (en) | 2012-05-23 | 2012-05-23 | The passive of anti-relay attack based on RFID is unblanked and startup method without key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102673515B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104299295A (en) * | 2013-07-15 | 2015-01-21 | Trw汽车美国有限责任公司 | Passive remote keyless entry system with time-based anti-theft feature |
| CN110363899A (en) * | 2019-08-02 | 2019-10-22 | 华为技术有限公司 | Method and apparatus based on communication channel detection relay attack |
| CN112970049A (en) * | 2018-10-12 | 2021-06-15 | 电装国际美国公司 | Passive entry/passive start system using continuous wave tones and synchronization words to detect extended range relay attack |
| WO2021238968A1 (en) * | 2020-05-27 | 2021-12-02 | 华为技术有限公司 | Verification method and apparatus |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101131771A (en) * | 2007-09-28 | 2008-02-27 | 深圳市赛格导航科技股份有限公司 | Vehicle mounted keyless door guard system |
| US20080157929A1 (en) * | 2004-06-15 | 2008-07-03 | Koninklijke Philips Electronics N.V. | Radio Identification With an Additional Close-Range Check |
| WO2009144534A1 (en) * | 2008-05-26 | 2009-12-03 | Nxp B.V. | Decoupling of measuring the response time of a transponder and its authentication |
| CN201865426U (en) * | 2010-06-11 | 2011-06-15 | 北京握奇数据系统有限公司 | Passive keyless entry or starting system, vehicle-mounted base station and induction key |
| CN102107647A (en) * | 2010-09-15 | 2011-06-29 | 智少雷 | RFID (radio frequency identification) intelligent anti-theft system of electric motor car and control method thereof |
| CN201901107U (en) * | 2010-10-09 | 2011-07-20 | 郭华 | Passive keyless entry anti-theft system based on automobile bus control |
| CN201941719U (en) * | 2010-09-26 | 2011-08-24 | 华南理工大学 | Automobile theftproof system based on dual central processing units |
-
2012
- 2012-05-23 CN CN201210160976.6A patent/CN102673515B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080157929A1 (en) * | 2004-06-15 | 2008-07-03 | Koninklijke Philips Electronics N.V. | Radio Identification With an Additional Close-Range Check |
| CN101131771A (en) * | 2007-09-28 | 2008-02-27 | 深圳市赛格导航科技股份有限公司 | Vehicle mounted keyless door guard system |
| WO2009144534A1 (en) * | 2008-05-26 | 2009-12-03 | Nxp B.V. | Decoupling of measuring the response time of a transponder and its authentication |
| CN201865426U (en) * | 2010-06-11 | 2011-06-15 | 北京握奇数据系统有限公司 | Passive keyless entry or starting system, vehicle-mounted base station and induction key |
| CN102107647A (en) * | 2010-09-15 | 2011-06-29 | 智少雷 | RFID (radio frequency identification) intelligent anti-theft system of electric motor car and control method thereof |
| CN201941719U (en) * | 2010-09-26 | 2011-08-24 | 华南理工大学 | Automobile theftproof system based on dual central processing units |
| CN201901107U (en) * | 2010-10-09 | 2011-07-20 | 郭华 | Passive keyless entry anti-theft system based on automobile bus control |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104299295A (en) * | 2013-07-15 | 2015-01-21 | Trw汽车美国有限责任公司 | Passive remote keyless entry system with time-based anti-theft feature |
| CN112970049A (en) * | 2018-10-12 | 2021-06-15 | 电装国际美国公司 | Passive entry/passive start system using continuous wave tones and synchronization words to detect extended range relay attack |
| CN112970049B (en) * | 2018-10-12 | 2023-05-05 | 电装国际美国公司 | Passive entry/passive start system for detecting extended range relay attack using continuous wave tones and syncwords |
| CN110363899A (en) * | 2019-08-02 | 2019-10-22 | 华为技术有限公司 | Method and apparatus based on communication channel detection relay attack |
| CN110363899B (en) * | 2019-08-02 | 2021-06-15 | 华为技术有限公司 | Method and device for detecting relay attack based on communication channel |
| WO2021238968A1 (en) * | 2020-05-27 | 2021-12-02 | 华为技术有限公司 | Verification method and apparatus |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102673515B (en) | 2016-08-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105882604B (en) | A kind of electric vehicle control system | |
| CN104724057B (en) | A kind of hybrid vehicle electronic locking theft preventing method of high security | |
| CN105313837A (en) | Intelligent key matching method and system | |
| WO2019042128A1 (en) | Anti-theft authentication method for motor vehicle, key-free entrance and start system and anti-theft authentication system | |
| CN101477718A (en) | Passive non-key control system and control method thereof | |
| CN110239484B (en) | Vehicle lock remote security control system and method | |
| US10400735B2 (en) | System and method for remote starting a vehicle equipped with a smart start system | |
| CN109155087B (en) | Vehicle anti-theft system | |
| CN109495872A (en) | A kind of automobile Bluetooth comfortably enters system | |
| US10391975B2 (en) | Method to provide warning to relay attacks on keyless entry and start systems | |
| Razmjouei et al. | Ultra-lightweight mutual authentication in the vehicle based on smart contract blockchain: Case of MITM attack | |
| CN102673515A (en) | RFID (Radio Frequency Identification Device)-based relay-attack-resisting passive keyless unlocking and starting method | |
| US11605253B2 (en) | Method for securing a communication between a mobile communication apparatus and a vehicle | |
| CN206551993U (en) | A kind of PKE automobile encrypted antitheft systems based on quantum key card | |
| CN107323418B (en) | A kind of burglary-resisting system and its method of rent-a-car | |
| JP7114413B2 (en) | Authentication system and authentication method | |
| CN104442704A (en) | Attack resistant theft deterrent system | |
| CN108074299A (en) | A kind of smart mobile phone key controller method and control system | |
| Kim et al. | Vehicle relay attack avoidance methods using RF signal strength | |
| CN106515657B (en) | A kind of method and system of anti-theft security certification | |
| CN204641672U (en) | A kind of hybrid vehicle electronic locking anti-theft system of high security | |
| JP2014189221A (en) | Anti-theft security system and anti-theft method | |
| CN202141943U (en) | Vehicle-mounted diagnosis safety verification system | |
| CN106127897B (en) | System for unlocking or method based on iOS or Android | |
| CN112188431A (en) | Intelligent vehicle entering system and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| DD01 | Delivery of document by public notice |
Addressee: Yang Tao Document name: Notification of Passing Preliminary Examination of the Application for Invention |
|
| PB01 | Publication | ||
| DD01 | Delivery of document by public notice |
Addressee: Yang Tao Document name: Notification of Publication of the Application for Invention |
|
| DD01 | Delivery of document by public notice |
Addressee: Yang Tao Document name: Notification of Passing Examination on Formalities |
|
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information | ||
| CB03 | Change of inventor or designer information |
Inventor after: Zhou Yu Inventor after: Meng Dangying Inventor before: Yang Tao |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180110 Address after: 050000 No. 186, No. 186, sports South Street, Yuhua District, Yuhua District, Hebei Province, 1 unit 302 Co-patentee after: Meng Dangying Patentee after: Zhou Yu Address before: 102200 Beijing city Changping District Huilongguan lung Yeuk three District 31 Building 2 unit 501 room Patentee before: Yang Tao |
|
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180503 Address after: 100032 Chaoyang District, Beijing Shuangliu North Street 38 building -1 to 4 101 101, one layer 103 Patentee after: Guotai Bai an information technology Co., Ltd. Address before: 050000 No. 1, unit 22, 186 South Sports street, Yuhua District, Shijiazhuang, Hebei, 302 Co-patentee before: Meng Dangying Patentee before: Zhou Yu |