In a known manner, such a keyless entry system is paired with an electronic card carried by a user of the vehicle. This card is configured in such a way as to establish a wireless link with the keyless entry system, authorizing the user to access the vehicle when the card is situated at a predetermined distance from the system.
Currently, the use of a mobile telephone as a replacement for an electronic card is known. A dedicated software application is installed on the telephone in such a way as to establish a wireless link with the keyless entry system. The number of electronic devices carried by the driver can thus be reduced.
In practice, several users can take turns borrowing and driving a single vehicle. To exchange an electronic card requires the users thereof to physically meet.
On the other hand, a physical meeting is not required in order to exchange a digital identification key with which to access the vehicle. Such an exchange can be performed, for example, by means of the mobile telephones of the users.
Access to vehicles is thus based more and more upon the wireless transmission of digital data, and less on the use of ancillary equipment such as a metal key.
Digital data exchanges must be as secure as possible in order to avoid their interception by an ill-intentioned third party.
One object of at least certain implementations of the present invention is to propose a secure automotive vehicle access method and system.
To this end, one object of at least certain implementations of the invention is a vehicle access method, comprising a preliminary phase that includes the following steps:                a1) provide the vehicle, which can be driven by different users, including a primary user and a secondary user, which is equipped with a keyless entry system, and which stores a master key, a primary key, a secondary key, and a tertiary key;        a2) provide a remote data server, which stores server data including identification information of the primary user, an elliptic encryption curve, the master key, the primary key, the secondary key and the tertiary key;        a3) provide a first personal device which belongs to the primary user, which includes an application that is configured to connect to the keyless entry system and which stores the identification information of the primary user and the elliptic encryption curve;the access method subsequently comprises a data exchange phase including the following successive steps:        b1) the application installed on the first personal device sends the identification information of the primary user to the server;        b2) the server recognizes the identification information of the primary user;        b3) the server generates encrypted server data using the elliptic encryption curve for the encryption, the encrypted server data including the secondary key, the tertiary key, and an encrypted master key using the primary key for the encryption.        b4) the server sends the encrypted server data to the first personal device;        b5) the first personal device uses the elliptic encryption curve to decrypt the encrypted server data, such that the first personal device stores the secondary key, the tertiary key, and the encrypted master key;the access method subsequently comprises an access phase including the following successive steps:        c1) the application installed on the first personal device establishes a secure connection with the vehicle, implementing the tertiary key;        c2) if the secure connection procedure is successful, the application installed on the first personal device transmits the encrypted master key to the vehicle;        c3) the vehicle uses the primary key to decrypt the encrypted master key;        c4) after decryption, the vehicle recognizes the master key and controls the keyless entry system, such that the primary user can access the vehicle using the application installed on the first personal device.        
One object of at least certain implementations of the invention is also a vehicle access method, comprising a preliminary phase that includes the following steps:                a1) provide the vehicle, which can be driven by different users, including a primary user and a secondary user, which is equipped with a keyless entry system, and which stores a master key, a primary key, a secondary key, and a tertiary key;        a2) provide a remote data server, which stores server data including identification information of the primary user, an elliptic encryption curve, the master key, the primary key, the secondary key and the tertiary key;        a3) provide a first personal device which belongs to the primary user, which includes an application that is configured to connect to the keyless entry system and which stores the identification information of the primary user and the elliptic encryption curve;        a4) provide a second personal device which belongs to the secondary user, which includes an application that is configured to connect to the keyless entry system and which stores the identification information of the secondary user and the elliptic encryption curve;the access method subsequently comprises a data exchange phase including the following successive steps:        b1) the application installed on the first personal device sends the identification information of the primary user to the server;        b2) the server recognizes the identification information of the primary user;        b3) the server generates encrypted server data using the elliptic encryption curve for the encryption, the encrypted server data including the secondary key, the tertiary key, and an encrypted master key using the primary key for the encryption.        b4) the server sends the encrypted server data to the first personal device;        b5) the first personal device uses the elliptic encryption curve to decrypt the encrypted server data, such that the first personal device stores the secondary key, the tertiary key, and the encrypted master key;        b6) the application installed on the second personal device sends the identification information of the secondary user to the application installed on the first personal device;        b7) the primary user agrees to lend the vehicle to the secondary user;        b8) the application installed on the first personal device generates access data, including the encrypted master key;        b9) the application installed on the first personal device generates encrypted access data using the secondary key for the encryption;        b10) the application installed on the first personal device generates encrypted mobile data using the elliptic encryption curve for the encryption, the encrypted mobile data including the tertiary key, and the encrypted access data;        b11) the application installed on the first personal device transmits the encrypted mobile data to the application installed on the second personal device;        
b12) the application installed on the second personal device uses the elliptic encryption curve to decrypt the encrypted mobile data, such that the second personal device stores the tertiary key, and the encrypted access data;
the access method subsequently comprises an access phase including the following successive steps:
                d1) the application installed on the second personal device establishes a secure connection with the vehicle, implementing the tertiary key;        d2) if the secure connection procedure is successful, the application installed on the second personal device transmits the encrypted access data to the vehicle;        d3) the vehicle uses the secondary key to decrypt the encrypted access data;        d4) after decryption, the vehicle recognizes the access data and controls the keyless entry system, such that the secondary user can access the vehicle using the application installed on the second personal device.        
The access method thus allows for the practical, effective and secure exchange of data regarding the vehicle. The encryption and digital data transfer operations are conducted by means of a dedicated application running on a personal electronic device, such as a mobile telephone. With at least some implementations of the invention, said exchanges can be automated without users having to worry about the complexity thereof. The user interface displayed on the personal electronic device is simple and intuitive.
Other advantageous characteristics of at least certain implementations of the invention, taken separately or in combination, will appear upon reading the following description.