Remote control via radio frequency or infra red media is well known and very popular for the control of car alarms, building alarms and automatic garage door equipment. Conventional remote control systems which are based on a uni-directional transmission with limited security features, are in common use and are available at relatively low prices. More sophisticated devices based on bi-directional transmission systems and extensive handshaking, are also available on the market and are known to the applicant. However, because of their high cost and certain practical disadvantages, they are not widely used in commercial remote control devices. The aforementioned conventional devices based on uni-directional transmission systems have two important shortcomings in the context of a security application, namely firstly—the codes they are able to transmit are usually fixed and—secondly, the number of combinations of codes that they can transmit, is relatively small. Either of these shortcomings can lead to access being given to unauthorized persons. Such unauthorized access can be obtained by way of an exhaustive search, in which all the different combinations are tested to see if they are accepted, something which could be done in a matter of minutes if an appropriate apparatus is used. As an alternative, a recording could be made of a transmission and this could be retransmitted to gain access. As a result, such conventional uni-directional systems can be accessed without the use of authorized remote control or other security devices.
Improved security can be derived from the known principle of code stepping or code hopping. U.S. Pat. Nos. 4,835,407 and 4,847,614, German Patent No. 3,244,049 and German. Patent Publications DE-OS-33 20 721, DE-OS-32 34 538, DE-OS-34 07 436 and DE-OS-34 07 469 describe this principle in more detail. South African Patent Specification No. 89/8225 also describes a code hopping remote control system which is similar to the one described in U.S. Pat. No. 4,847,614.
U.S. Pat. No. 4,847,614 describes the generation, by a transmitter, of a different code word after each previous transmitting operation. Such new code word is produced anew by linking, according to a given function, starting from a stored original code word and the previously transmitted code word. The receiver operates in exactly the same way and compares the new code word it generates, by the same method, with the code word received from the transmitter. If the two code words agree, the centrally controlled locking system of the vehicle in which the apparatus is installed, is activated. If there is non-agreement, additional code words, say “n” code words produced in sequence by the receiver, are compared. Thereafter, if non-agreement persists after the “n” code words, the receiver switches over to an increased security mode wherein two successive code words transmitted in sequence must be successfully compared before the central locking system of the vehicle is activated. This double comparison must take place within the next m code words generated at the receiver. If the transmitting device and the receiving device are out of step by more than m+n, another signal is used to indicate to the receiver that it must search through its entire set of code words in an attempt to synchronize.
An essential feature of this remote control apparatus is that the receiver merely compares the received code word with the code word generated by itself without decoding the received code word to its original elements. Thus, in the event of non-agreement, and this will occur very often if the system is widely used in RF-devices, because of accidental reception from other users, this apparatus changes to an increased security mode, which is user unfriendly. When it is in the high security mode, the receiver will force the user to operate his/her transmitter more than once.
A further essential feature of this remote control device is that the “window” of disagreement which is still acceptable to the apparatus, is applied to the received code word and the code word generated by the receiver. If the code words are not the same with the first attempt, the receiver generates a second code word which is then compared with the received code word. This process may have to be repeated as many times as the size of the “window” which has been built into the receiver algorithm. Depending on the electronics in which this process is carried out, the size of the “window” and also the extent of disagreement between the first received code word and the first code word generated by the receiver, the reaction time for this apparatus could vary from transmission to transmission, and could be lengthy. However, a serious problem in the operation of the system results when the situation occurs that the transmitter and receiver are out of step by more than n+m steps.
It is taught by the aforementioned patent that another signal is to be supplied to the receiver to indicate to it that a total search must be done to achieve synchronization. Because of the enormous number of possible code words (>109), it could take several minutes to succeed. This patent even suggests that the user opens the transmitter and removes its batteries to facilitate a short search.
Both of the above situations are user unfriendly. If this process is repeated often, it also presents a security risk. The battery removal suggestion further precludes the use of non-volatile memory elements (EEPROM) for the counter of the transmitter. The use of EEPROM in the transmitter would have offered several advantages such as the elimination of standby power requirements, a longer battery life, fewer synchronization actions required and a guaranteed forward stepping (higher security). If this system must be expanded to decode two or more transmitters it will have to step through 2 (or more)×n code words if an unauthorized code word is received.
In addition, the above-described systems are also vulnerable to a newly developed sophisticated “code grabber.” The new code grabber intercepts a piece or portion of the code word being transmitted when an authentic transmitter, e.g. the transmitter of a standard one button garage door opener remote control, is activated and jams the remaining portion of the code word being transmitted. During the same transmission, the code grabber then jams the portion of the code word it has already “grabbed” or recorded and then intercepts and records the remaining portion of the code word previously jammed. The code grabber then completely jams the signal until the user releases the button on the authentic transmitter. As a result, the code grabber now has one full complete authentic code word and the receiver in the garage door opener has not received a signal transmission. The above process is repeated by the code grabber until the user releases the button a second time, at which time the code grabber has two valid code words and the garage door opener receiver has received nothing. After the user releases the button the second time, the code grabber transmits the first code word it has captured and the door closes. The user thinks that the first transmission was simply noise, i.e., not received, and drives away to work for instance. The code grabber now has a second valid code word that can be transmitted in the future to open the garage door.