The present invention describes the configuration of an entry security system, hereinafter also referred to as passive keyless entry system (PKE), having a greatly improved resistance against external attacks. PKE systems are increasingly used in the field of motor vehicle entry systems.
The system according to the invention is also suitable for realizing chip card-based secure entry systems used in the field of security for buildings.
A possible configuration for realizing PKE systems is shown in FIG. 1 for an entry system for a motor vehicle 1. An up-link frame 2 constituted, for example, by a LF channel via which signals are transmitted from the vehicle to a chip card, here denoted as PKE card, and a down-link frame 3 constituted, for example, by a UHF channel via which the signals are transmitted from the PKE card to the vehicle are present as signal transmission connections between the vehicle 1 and the PKE card.
After activating, for example, the door handle of the vehicle, or a pushbutton on the door, a PKE base station in the vehicle starts generating a signal denoted as xe2x80x9cchallengexe2x80x9d, which signal is transmitted to the PKE card via the up-link frame 2 (preferably constituted as LF channel with an inductive coupling). Subsequently, a circuit arrangement preferably including a microprocessor in the PKE card computes a signal sequence denoted as xe2x80x9cresponsexe2x80x9d from the xe2x80x9cchallengexe2x80x9d by means of a cryptographic algorithm and a secret key. This xe2x80x9cresponsexe2x80x9d signal is then transmitted to the PKE base station from the PKE card via the down-link frame 3 (preferably using a UHF channel). The PKE base station compares the xe2x80x9cresponsexe2x80x9d by means of a similar crypto-algorithm and a similar secret key. In the case of identity, the PKE base station allows opening of the vehicle.
The drawback of this arrangement is that an external attacker trying to open the vehicle can perform the so-called xe2x80x9crelay attackxe2x80x9d with relatively small technical effort.
FIG. 2 shows diagrammatically an arrangement for performing such a xe2x80x9crelay attackxe2x80x9d. For this purpose, the configuration in FIG. 1 comprises an additional transmission path consisting of an emulator PKE card, denoted as relay 1, an emulator PKE base station, denoted as relay 2, and a communication line between relay 1 and relay 2. An attacker with relay 1 is near the vehicle. The second attacker with relay 2 is within adequate distance from the valid PKE card. When the door handle is activated, the vehicle sends its xe2x80x9cchallengexe2x80x9d which is transmitted from relay 1 to relay 2 via said communication line. Relay 2 emulates the up-link frame and thus passes on the xe2x80x9cchallengexe2x80x9d to the valid PKE card. After computing the xe2x80x9cresponsexe2x80x9d in the PKE card, the PKE card responds to the relay 2 by transmitting this xe2x80x9cresponsexe2x80x9d, i.e. the relay 2 transmits the xe2x80x9cresponsexe2x80x9d via said communication line to the relay 1 and from this relay to the PKE base station in the vehicle 1. Since the xe2x80x9cresponsexe2x80x9d was generated by the authentic PKE card on the basis of the authentic xe2x80x9cchallengexe2x80x9d of the PKE base station with the aid of the correct crypto algorithm and the correct key, the xe2x80x9cresponsexe2x80x9d is recognized as being valid so that the door of the vehicle opens.
It is an object of the invention to provide an arrangement of the type described above, making a xe2x80x9crelay attackxe2x80x9d at least essentially more difficult or perhaps even impossible.
According to the invention, this object is solved by an arrangement for a passive keyless entry system comprising a base station arranged on an object to be secured against unauthorized access, for example, a vehicle, and a data carrier (xe2x80x9cPKE cardxe2x80x9d) particularly a chip card which can be carried preferably by an authorized user, and, together with the base station, is adapted to determine authorized access and corresponding control of the base station for exchanging signals with the base station, a signal transmission from the base station to the data carrier being preferably performed by low-frequency, magnetic alternating fields and a signal transmission from the data carrier to the base station being preferably performed by high-frequency, electromagnetic alternating fields (UHF range), in which
the base station comprises a first number (N) of LF transmitter stages and an antenna coil associated with each LF transmitter stage for transmitting low-frequency, magnetic alternating fields, and a second number of UHF receiver stages,
the data carrier comprises a second number (M) of orthogonally aligned antenna coils each being coupled to an LF receiver stage for receiving low-frequency, magnetic alternating fields,
the data carrier further comprises a UHF transmitter stage for transmitting a UHF signal,
the base station comprises a third number of UHF receiver stages for receiving the UHF signal transmitted by the UHF transmitter stage of the data carrier,
the base station and the data carrier comprise a control stage each for controlling the LF and UHF transmitter and receiver stages and for generating signals to be transmitted and evaluating received signals,
first position information about the relative position of the data carrier with respect to the antenna coils of the base station is gained from a measurement of the low-frequency, magnetic alternating fields transmitted by the LF transmitter stages of the base station to the data carrier via the antenna coils of the data carrier in the control stage of the data carrier, which information is transmitted in a preferably encrypted form in the UHF signal from the data carrier to the base station,
second position information about the relative position of the data carrier with respect to the UHF receiver stages of the base station is gained from a subsequent measurement of the UHF signal transmitted by the UHF transmitter stage of the data carrier to the base station via the UHF receiver stages of the base station in the control stage of the base station,
a signal representing authorized access is generated by comparing both position information components in the control stage of the base station, which signal is only generated when both position information components differ by less than a predetermined extent.
The arrangement according to the invention thus provides an improved passive keyless entry system in which additional information is gained about the relative orientation and positioning between a data carrier (PKE card) and a base station which is preferably arranged in a vehicle. This information, denoted as position information, is used to verify the origin of data during the authentication process in the entry system. The data carrier comprises M antenna coils which are orthogonally arranged with respect to each other, as well as a UHF transmitter stage. The base station comprises N antenna coils which, in an arrangement of the entry system according to the invention, are arranged in the vehicle. Additionally, the base station is provided with a further numberxe2x80x94typically but not necessarily equal to Nxe2x80x94of UHF receiver stages. In a first step, the data carrier (PKE card) measures and computes its own orientation relative to the antenna coils of the base station. In a second step, the position information thus obtained is transmitted, preferably in an encrypted form, from the data carrier to the base station. The base station measures and computes the orientation of the data carrier from the phase or amplitude differences in the UHF signal received by the UHF receiver stages of the base station. The two position information components thus obtained independently of each other are compared and access is only granted when they correspond within predetermined measuring tolerances.
This arrangement can be advantageously used in access systems of general types, but particularly in vehicles, and for contactless triangulation.
The arrangement according to the invention is preferably constituted in such a way that the two position information components are determined by measuring the field strengths and/or the phase differences of the magnetic alternating fields at the locations of the antenna coils of the data carrier coupled to the respective LF receiver stages, or by measuring the UHF signal at the locations of the UHF receiver stages of the base station.
The described determination of the position information components in the arrangement according to the invention ensures that authorized entry can only be correctly granted to the authorized person and cannot be simulated by a xe2x80x9crelay attackxe2x80x9d.
FIG. 3 shows diagrammatically the construction of an embodiment of a PKE system which is substantially resistant to external attacks.
In this system, a PKE card formed as a chip card in a similar conventional way as with antenna coils comprises a number of M antenna coils which are orthogonally aligned with respect to each other so that 3 antenna coils being at least equal to a number of M xe2x80x9ccoverxe2x80x9d the three-dimensional space. Each of the M antenna coils on the PKE card is connected to a receiver stage, denoted as xe2x80x9cLF receiverxe2x80x9d, for receiving an LF channel.
The arrangement according to the invention further comprises a PKE base station having a number of N antenna coils. These N antenna coils should be possibly separated spatially on or in the vehicle and (in the case of a number N of at least 3) should preferably also xe2x80x9ccoverxe2x80x9d a space. Each of the N antenna coils of the PKE base station is connected to an associated transmitter stage, denoted as xe2x80x9cLF transmitterxe2x80x9d, for supplying an LF channel.
The PKE base station further comprises a number of UHF receiver stages denoted as xe2x80x9cUHF receiversxe2x80x9d. For positioning the xe2x80x9cUHF receiversxe2x80x9d of the PKE base station on the vehicle, the same applies as for the N antenna coils of the PKE base station connected to the xe2x80x9cLF transmittersxe2x80x9d. In the embodiment of FIG. 3, the number and positions of the xe2x80x9cUHF receiversxe2x80x9d are chosen to correspond to the number and the positions of the xe2x80x9cLF transmittersxe2x80x9d and the antenna coils connected thereto, but the number and positions of the xe2x80x9cUHF receiversxe2x80x9d need not necessarily correspond to those of the xe2x80x9cLF transmittersxe2x80x9d. The minimum numbers are N=2 and M=3; the security of the system according to the invention can be further improved by increasing the xe2x80x9cLF transmittersxe2x80x9d and xe2x80x9cUHF receiversxe2x80x9d to N=3.
The xe2x80x9cUHF receiversxe2x80x9d of the base station in the PKE card face a UHF transmitter stage denoted as xe2x80x9cUHF transmitterxe2x80x9d. This stage transmits a UHF signal which is received by the xe2x80x9cUHF receiversxe2x80x9d of the base station.
The system according to the invention further comprises, both in the PKE card and in the PKE base station, a control stage each, denoted as xe2x80x9ccontrolling and evaluating electronicsxe2x80x9d for controlling the transmitter and receiver stages and the signal transmissions to be effected by means thereof.