The present invention relates to a portable authentication means and a vehicle security system for a motor vehicle.
From the prior art, for example from document EP 0 984 123 B1, access and use authorization systems for motor vehicles are known which do not require a conventional key.
Vehicle security systems of this type are often referred to as “keyless”. Here, the user of a vehicle receives a portable authentication means, without handling operations, which is simply carried by the user and is associated with his vehicle. When the user looks for his vehicle and thus brings the authentication means into the operational area of a control system built into the motor vehicle, an access authorization control mechanism is activated without the user having to control it manually. The access authorization control mechanism is based on a wireless signal transmission between the motor vehicle and the control system. It then suffices for the user to carry the authentication means on his person, for example in a pocket or in a bag. With the access authorization control mechanism, an encoded signal is, for example, then sent from the control system to the authentication means, and the authentication means decodes this signal and returns it with a new code. The two codes are stored in the control apparatus on-board the vehicle in such a way that the control apparatus can carry out a comparison of the actual coded signal with the signal immediately received from the authentication means. If the codes match, an authentication is carried out and the motor vehicle door locks are automatically unlocked in such a way that the user has access to the motor vehicle without having to open the motor vehicle for that purpose via a manual opening operation. lf, on the other hand, the codes do not match, the motor vehicle remains locked so that no unauthorized person can have access to the motor vehicle. So that the motor vehicle can be unlocked only when the user actually wishes to be able to access the vehicle, the on-board control apparatus is coupled to on-board antennas which have a very short transmit range. When the user carrying the authentication means moves further away from the vehicle, no unlocking takes place. In the same way, the vehicle immobilizer is controlled in such a way that the user carrying the authentication means can cause the engine to start by means of a simple switch and the immobilizer is deactivated when it is detected that the “correct” authentication means is located, for example, inside the vehicle. To increase security, it is furthermore known, for example from document EP 1 033 585 A2, for the distance separating the authentication means and the vehicle to be determined by means of transit time measurements.
A problem with such access and use authorization systems is that known mechanisms exist for circumventing the aforementioned security barriers. For example, it is known to circumvent the system by the fact that an unauthorized person closely follows the authorized user who leaves the vehicle that he has just parked, while a second unauthorized person remains near to the vehicle. The first and the second unauthorized persons each carry radio signal transmission means to increase the signal transmission range between the authentication means and the control apparatus in such a way that the encoded signal transmitted by the control apparatus is guided by the radio signal transmission means to the authentication means of the authorized user and the signal newly encoded by the authentication means is returned to the control apparatus by the radio signal transmission means without the user being near to the vehicle or noticing anything. The vehicle is then unlocked without the true code having to be known to the unauthorized persons. The second unauthorized person then has access to the vehicle. An attack of this type is normally known as a “Relay Station Attack (RSA)”.
The object of the present invention is to obtain a portable authentication means and a vehicle security system for a motor vehicle which offers increased security against abuse and, in particular, effectively reduces the possibility of a relay station attack.
This object is achieved by a portable authentication means, notably for use with a motor vehicle, the authentication means including a transmit unit and a receive unit for wireless signal transmission between the authentication means and a control apparatus built into the motor vehicle for the access authorization control and/or use authorization for a motor vehicle, in which the authentication means furthermore has an encoding and decoding unit for decoding the received signals and for encoding the transmitted signals, the authentication means including an inertial detector and/or a movement detector.
This object is also achieved by a portable authentication means which has a transmit unit and a receive unit for wireless signal transmission with a control unit built into a vehicle to control the access authorization and/or use authorization for the vehicle, in which the authentication means furthermore has an encoding and decoding unit for decoding the received signals and for encoding the transmitted signals, in which the authentication means furthermore has an inertial detector and/or a movement detector.
It is advantageously possible to carry out a measurement by means of the inertial detector and/or the movement detector in order to ascertain whether the authentication means is moving. In this way, it is possible to check whether the authorized user, who is carrying the authentication means, is moving during the access and/or use authorization check (referred to below as the “authorization check”). If a movement of the user is detected during the authorization check, it must be considered that a relay station attack is in progress, since the user, who is located outside his vehicle in order to be able to access the vehicle, has normally stopped moving. In the same way, an authorized user carrying the authentication means who would like to start the engine and who needs to disengage the immobilizer should have stopped moving because he is seated on the driver's seat (or a bag containing the authentication means should be motionless in the vehicle). The use authorization check is preferably interrupted when a movement of the authentication means is detected via the inertial detector and/or the movement detector. It is conceivable for the authentication means not to send a (newly encoded) signal to the control apparatus when a movement is detected, or for the movement information to be transmitted from the authentication means to the control apparatus and for the control apparatus to interrupt the use authorization check when the movement information indicates a movement of the authentication means. It is conceivable here for a comparison with a threshold value to be carried out.
According to the present invention, it is preferred that the inertial detector and/or the movement detector includes an acceleration sensor and/or a rotational speed sensor.
According to one variant of the present invention, it is preferred that the inertial detector and/or the movement detector includes a sensor to recognize a change of position of the authentication means.
With an acceleration sensor and/or a rotational speed sensor and/or a sensor for recognizing a change of position of the authentication means, it is advantageously possible according to the present invention that the position or the movement status of the user carrying the authentication means can be determined precisely and at moderate cost.
Moreover, it is preferred according to the present invention that the inertial detector and/or the movement detector generates a signal which is transmitted to the control apparatus.
Via an implementation of this type, it is advantageously possible according to the present invention that the movement status of the authentication means can be taken into consideration by the control apparatus.
Another subject-matter of the present invention is a vehicle security system for a motor vehicle which includes the control apparatus built into the vehicle and the described portable authentication means which is configured for wireless signal transmission with the control apparatus for the performance of the access authorization and/or use authorization control for the vehicle.
Another subject-matter of the present invention is a method for controlling the access authorization and/or use authorization for a vehicle, in which, in a first step, a first encoded signal is transmitted wirelessly from the control apparatus built into the vehicle to the portable authentication means in which, in a second step, a second encoded signal is transmitted wirelessly from the authentication means to the control apparatus, in which the control apparatus compares the first signal and the second signal with one another and, on the basis of the comparison, permits or prevents access to the vehicle and or use of the vehicle, in which, moreover, access to the vehicle and or use of the vehicle is permitted or prevented on the basis of information relating to the movement of the authentication means. The movement information is preferably produced by an inertial detector and/or a movement detector built into the authentication means. The movement information is further preferably transmitted wirelessly to the control apparatus.
According to one preferred embodiment of the present invention, the inertial detector includes an acceleration sensor and/or a rotational speed sensor. The movement detector preferably includes a sensor for recognizing a change of position, for example a GPS sensor, and/or a magnetic field detector, for example an electronic compass.
According to one preferred embodiment, the vehicle security system has a position recognition unit which is configured to recognize the movement of the authentication means using field measurements. The intensity of the field of the second signal sent by the authentication means is measured here and compared with a preceding signal and/or with a threshold value. A comparison of the second signal with second signals received previously in time advantageously permits the building of a movement profile of the authentication means. To permit the use of the vehicle (the engine starts up, the immobilizer is disengaged), it is preferably provided that the movement profile of the authentication means is observed between the vehicle access authorization (unlocking of the doors) and the engine start-up command. The use of the vehicle is, in particular, authorized only when the movement profile essentially corresponds to a typical change of position of the user or a bag from the position outside the vehicle outside the driver's door to the inside of the vehicle. The movement information of the inertial detector and/or the movement detector is also preferably used to determine the actual movement profile. In this way, it is ensured that a departure with the vehicle is possible only when the authentication means describes a typical movement for the step of a vehicle driver getting into a vehicle.
Other details, characteristics and advantages of the invention will be evident from the drawings, and also from the description which follows of preferred embodiments shown in the drawings. Here, the drawings only illustrate example embodiments of the invention, which do not limit the essential inventive idea.
The invention will be better understood from the following description which relates to preferred embodiments, given as non-limiting examples and explained with reference to the attached schematic drawing, in which:
Example embodiments of the invention are explained in more detail below with reference to drawings.
In all the drawings, corresponding parts are indicated by the same references.
The authentication means 4 according to the invention furthermore has an inertial detector 7 intended to prevent abuse. The inertial detector 7 detects acceleration forces acting on the authentication means 4 which are due to a movement of the authentication means 4. The corresponding acceleration signals are transmitted to the control apparatus 3 at the same time as the second signal 6. The control apparatus 3 is configured in such a way that the authentication is effected only if the authentication means 4 has stopped moving during the access authorization and/or use authorization control procedure. In this way, it is ensured that the user 8 is actually standing outside the vehicle 2 when the access is released, and/or that the authentication means 4 is actually inside the vehicle 2 when a start-up of the engine is released.
Optionally, the vehicle security system 1 has a position recognition unit which is configured to recognize the movement of the authentication means 4 using field measurements. The field intensity of the second signal 6 sent by the authentication means 4 is measured here and compared with preceding signals and/or with a threshold value. A comparison of the second signal 6 with second signals received previously in time enables the building of a movement profile of the authentication means 4. This movement profile may optionally be optimized by using the acceleration signals from the inertial detector 7. A movement profile of the authentication means 4 is produced between the access authorization and the request to start up the engine (pressing the start button) by the user 8. Using this movement profile, it is possible to evaluate whether the movement profile is typical of a movement of the user 8 between the time when he is standing outside the door of the vehicle and the time when he sits down on the vehicle seat. It is of course conceivable to check whether the movement profile is typical of a bag in which the use means 4 has been placed and which is set down by the user 8 in the vehicle 2, for example on the rear seat or in the trunk. The immobilizer of the vehicle 2 is then disengaged only when such a typical movement profile is detected. When the authentication means 4 moves, for example, uniformly and at high speed between the access authorization and the request to start up the engine, this indicates that an attempt at abuse is in progress, for example a relay station attack (explained in more detail with reference to
It is conceivable that, in order to optimize a movement profile, the authentication means furthermore has a sensor for recognizing a change of position, for example a GPS sensor, and/or a magnetic field detector. The inertial detector 7 includes, in particular, an acceleration sensor.
1 vehicle security system
2 vehicle
3 control apparatus
4 authentication means
5 first signal
5′ first retransmitted signal
6 second signal
6′ second retransmitted signal
7 inertial detector
8 user
9 road
10 first unauthorized person
11 first radio signal transmission means
12 range
13 second radio signal transmission means
14 second unauthorized person
Number | Date | Country | Kind |
---|---|---|---|
10-2012-001442.2 | Jan 2012 | DE | national |
12/01294 | May 2012 | FR | national |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/EP2013/051120 | 1/22/2013 | WO | 00 | 7/25/2014 |