A method for dedicated short-range communication (DSRC) communication between such beacons and onboard units, wherein upon communications with consecutive beacons the onboard units transmit varying derivation codes, is known from the earlier European Patent Application No. 10 450 009.5, the priority of which is claimed here and the disclosure content of which is expressly incorporated herein by reference.
DSRC road toll systems are standardised in standards ISO 14906 and EN 15509, for example. In this case, DSRC communication at the radio interface can occur, for example, in accordance with the WAVE standard IEEE 1609.11. For security reasons, system-wide keys (master keys) are not stored in the onboard units (OBUs) in such DSRC road toll systems, instead these OBUs receive only individual keys derived therefrom (derived keys). Only these individual keys are transmitted or used via the DSRC radio interface.
The derivation code required for this, referred to as “key diversifier” in the standards ISO 14906 and EN 15509, represents an individual identifier for each onboard unit of the respectively used rule for derivation of the individual key (derived key) from the system-wide key (master key). According to the prior art, the derivation code (key diversifier) is made known in every communication between an onboard unit and a beacon by the onboard unit to the beacon, so that this can derive the respective individual key of the onboard unit from the system-wide key “on the fly” for communication with the onboard unit or access thereto.
The invention described in the earlier application No. 10 450 009.5 was based on the knowledge that this configuration poses a data protection problem: since in every DSRC radio communication the—onboard unit specific—derivation code is firstly transmitted from the onboard unit via the radio interface, this could be identified in each case by tapping the radio interface or by targeted fraudulent readout of a passing onboard unit and its route could thus be tracked. A movement profile of a specific onboard unit or its user in a road toll system could thus be plotted.
The invention disclosed in the earlier application No. 10 450 009.5 solved this data protection problem in that upon communications with consecutive beacons the onboard units transmit varying derivation codes, by a pool of pairs on individual keys and associated derivation codes being stored in an onboard unit and as part of a communication with a beacon an onboard unit selecting a pair from this pool and using this for the communication. Thus, it is possible to prevent onboard units from being tracked over a longer period of time or beyond multiple beacon sections on the basis of the derivation codes transmitted by them in DSRC communications.