1. Field of the Invention
The subject invention concerns a procedure for increasing the manipulation security for a bi-directional contactless data transmission by means of a first transmission and receiver unit (BA) and a second transmission and receiver unit.
2. Description of the Related Technology
Systems for bi-directional contactless data transmission are preferably used for identification systems. These consist of a transponder, which is either integrated in a key fob or a so-called Smart card, and a stationary base unit. In vehicle engineering—one of the principal areas of application for transponder technology, the base unit is fitted into vehicles. The communication between transponder and base unit is based on an inductive coupling, with generally either the unidirectional or the bi-directional protocol being used for communication between transponder and base unit. The complete identification process for the transponder or base units is designated as authentication. If the transponder does not have its own power supply, or if this is empty, it will obtain its energy from the LF field emitted by the base unit. In these cases, the data transmission range will be restricted to just a few centimeters. In other cases, the range is determined by security requirements and system limitations. Inasmuch as a particularly high level of security is demanded with regard to identification—for example when obtaining so-called “passive entry”, i.e. when opening the vehicle by pulling on the door handle,—the communication distance will be limited to 2.5 m when using the bi-directional protocol. To this end, preferably a LF carrier frequency of 125 kHz is used for the communication between motor vehicle and key, whilst for the communication from key to motor vehicle a carrier frequency is used which is preferably within the UHF range of 433.92 MHz. In the case of reduced security requirements, such as e.g. for active opening by pressing the key switch when being in the vicinity of the motor car, a range of up to 30 m is permitted. To this end, the unidirectional protocol will generally be used in connection with a UHF carrier frequency near 433.92 MHz. The greater security of the bi-directional protocol during the authentication process is that in comparison to the unidirectional protocol—which only provides for a single authorization check of the transponder—the base unit will also be authenticated. For all applications in transponder technology, it is important that the time required for the authentication process is kept as short as possible. In particular in motor vehicle engineering, the entire time period taken for authentication should not exceed 130 ms. Due to the high security requirements, a bi-directional protocol is used as a matter of preference. In order to further increase manipulation security, in particular for the bi-directional protocol, new solutions are being searched for.
With the present state of the art, as described for instance in VDI Report No. 1415, 1998, an authentication with a bi-directional protocol will be effected according to the following pattern:    As soon as the transponder has been activated by means of an activation command sent out by a base unit, e.g. by operating the door handle on the motor vehicle, an authentication can be effected by means of a mutual identification check. To this end, random numbers—so-called “Challenges”—will be exchanged, from which, in the transponder as well as in the base unit, a permanently programmed algorithm will calculate numbers that are designated as a response. Then the calculated response between transponder and base unit will be replaced again and checked for agreement with the user calculated response. If these checks are positive for the transponder as well as the base units, authentication is successful. The data sequences exchanged for identification will be modulated onto the UHF carrier frequency. The carrier frequency will be generated by means of a quartz. The precision of the latter will typically be ±100 ppm; relative to the carrier frequency of 433.92 MHz, this corresponds to a precision of ±43.392 KHz. As both the transponder as well as the base unit operate with their own frequency stabilization, and as even the respective exciter circuits for the quartzes feature a frequency imprecision, the input bandwidth in the respective receiver unit is designed for approximately 300-600 kHz in order to ensure stable communications.
Due to the significant bandwidth of the input filters, however, it is possible to provide for an additional extension of the communication distance between transponder and base unit, using suitable aids, without any interference in the authentication process for a bi-directional protocol. But as the extension allows distances to be bridged that are significantly greater than 2.5 m, a manipulation cannot be excluded either. To this end, the signals emitted from the base unit and the transponder will be forwarded by means of two trade standard repeaters, such that one repeater will be located in the vicinity of the base unit whilst the other repeater is located in the vicinity of the transponder. In order to avoid feedback, both repeaters mix the signals emitted at e.g. 433.92 MHz onto another frequency band. The minor frequency shift which occurs will not be noticeable due to the relatively wide input filters. Depending on the transmission power of the repeater, great distances can be bridged in this way in order to obtain within the shortest possible time (130 ms) quite unnoticed unauthorized access—to a motor vehicle, for instance. In order to close this significant security gap during authentication on the basis of a bi-directional data transmission, solutions need to be found by means of which any unintended extension of the communication distance will be detected.