The present invention relates to a passive function control system for a motor vehicle. More particularly, the present invention relates to a passive entry system for a keyless vehicle.
Passive entry systems for gaining access to the interior of a vehicle are known. Known passive entry systems include a vehicle based transceiver and a portable transceiver that is carried by an authorized user. When the authorized user approaches the vehicle, the vehicle based transceiver transmits a low frequency challenge signal. In one known system, the challenge signal is transmitted in response to the authorized user triggering a sensor in a door handle of the vehicle. The challenge signal is a random number.
In response to receiving the challenge signal, the portable transceiver generates a challenge response signal. In generating the challenge response signal, the portable transceiver encrypts the random number using an encryption key. The encrypted random number is transmitted as the challenge response signal.
While the vehicle based transceiver is waiting for the challenge response signal, the vehicle based transceiver encrypts the random number using an encryption key that is identical to the encryption key of the portable transceiver. The result of the encrypted random number is an expected response. Upon receiving the challenge response signal from the portable transceiver, the vehicle based transceiver compares the challenge response signal received to the expected response. The vehicle based transceiver controls a locking mechanism of the vehicle to allow access into the interior of the vehicle when the challenge response signal matches the expected response.
Known passive entry systems are susceptible to xe2x80x9cdictionaryxe2x80x9d attacks. In a dictionary attack, an unauthorized user uses a device to transmit a plurality of random challenge messages in the vicinity of the portable transceiver. The portable transceiver responds to each random challenge message with a challenge response signal. The unauthorized user uses another device to record the challenge response signals transmitted from the portable transceiver. After building a database or dictionary of challenge response signals, the unauthorized user goes to the vehicle and begins triggering the vehicle based transceiver to transmit challenge signals. The unauthorized user transmits responses from the dictionary. If the unauthorized user""s dictionary has the valid challenge response signal to the challenge signal transmitted from the vehicle based transceiver, the unauthorized user is allowed to access the interior of the vehicle.
The dictionary attack is a statistical approach to gaining access to the vehicle. The probability of gaining access through the use of the dictionary attack is dependent upon the number of challenge response signals stored in the dictionary and the word size or number of bits dedicated to the random number of the challenge signal. A need exists for a passive entry system that is not susceptible to a dictionary attack.
In accordance with an exemplary embodiment of the present invention, a passive function control system for a vehicle is provided. The system comprises a vehicle based transceiver for transmitting a challenge signal. The vehicle based transceiver includes a first controller, a random number generator, a first encryption key, and a memory for storing an identification code. The first controller provides the challenge signal having a random number from the random number generator and the identification code from the memory. The first controller encrypts at least a portion of the random number and at least a portion of the identification code of the challenge signal using the first encryption key. The system also comprises a portable transceiver for receiving the challenge signal and for transmitting a challenge response signal. The portable transceiver comprises a second controller, a second memory for storing a reference identification code, and a decryption key corresponding to the first encryption key of the vehicle based transceiver. The second controller decrypts the encrypted portions of the challenge signal using the decryption key, compares the identification code to the reference identification code, and outputs the challenge response signal having the random number only in response to identification code comparison indicating a match. The first controller responds to the challenge response signal when the random number of the challenge response signal is related to the random number from the random number generator.
In accordance with the present invention, an exemplary method of operation of a passive function control system of a vehicle is provided. During the method, a challenge signal is provided which includes a random number and an identification code. At least a portion of the random number and at least a portion of the identification code of the challenge signal are encrypted. The challenge signal is transmitted from a vehicle based transceiver. The challenge signal is received at a portable transceiver. The encrypted portions of the challenge signal are decrypted. The identification code is compared to a reference identification code. A challenge response signal having the random number is transmitted only in response to identification code comparison indicating a match. The challenge response signal is received at the vehicle based transceiver. The vehicle based transceiver responds to the challenge response signal when the random number of the challenge response signal is related to the random number.