| 摘要 |
A method for authenticating a vehicle-external device in a bus system of a motor vehicle comprising control units is provided. In order to effectively and inexpensively prevent a sequence control system that is stored in a control unit from being manipulated, an authentication device is provided in the bus system. The authentication device transmits an authentication request to the vehicle-external device. The vehicle-external device signs the authentication request with a secret key of an asymmetric pair of keys, such as a pair of public keys, and transmits the signed authentication request or exclusively the signature to the authentication device. The authentication device determines a signature of the authentication request using the same algorithm as the vehicle-external device, and decodes the signature transmitted by the vehicle-external device using the public key which is complementary to the secret key, and compares the determined signature with the transmitted signature. |
| 主权项 |
1. A method for authenticating a vehicle-external device in a bus system of a motor vehicle comprising control units, the bus system including an authentication device, the method comprising the acts of:
transmitting, by the authentication device, an authentication request to the vehicle-external device; signing, by the vehicle-external device, the authentication request with a signature using a secret key of an asymmetric pair of keys; transmitting, by the vehicle-external device, only the signature to the authentication device; determining, by the authentication device, a signature of the authentication request using a same algorithm as the vehicle-external device; decoding the signature transmitted by the vehicle-external device using the public key, which is complementary to the secret key; and comparing the determined signature with the transmitted signature; wherein, when comparing the determined signature and the transmitted signature results in a positive comparison or match, the vehicle-external device obtains write and/or read access to a store of at least one of the control units by way of the authentication device, further wherein: a first control unit transmits an authentication request to the authentication device for authenticating the control units, the authentication device signs the authentication request using a first symmetric key and transmits only the signature to the first control unit, wherein the first control unit compares the transmitted signature of the authentication request with a signature, which is determined by the first control unit by applying the symmetric key to the authentication request; or the first control unit decodes the transmitted signature of the authentication request using the first symmetric key, and a first hash value is obtained, and the first control unit applies a hash algorithm to the authentication request, whereby a second hash value is obtained; and the first control unit is rendered operational if the comparison of the signatures and/or the hash values is positive and/or if the signatures and/or the hash values match, and the motor vehicle may be started up only after all of the control units of the bus system have executed the method for authentication with positive results from the comparison. |
