US2023224145A1PendingUtilityA1

End-to-end communication security

74
Assignee: KARAMBA SECURITY LTDPriority: Dec 7, 2017Filed: Mar 16, 2023Published: Jul 13, 2023
Est. expiryDec 7, 2037(~11.4 yrs left)· nominal 20-yr term from priority
H04L 9/0841H04L 12/40H04L 63/061H04L 2463/061H04W 4/44H04L 9/3242H04L 9/16H04L 63/0442H04L 2012/40215H04L 9/0869H04L 9/0866H04L 2209/84H04W 12/03H04W 12/041H04W 12/0471H04L 63/0464H04L 63/166H04L 9/3278H04L 9/08
74
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

In one implementation, a method for providing end-to-end communication security for a controller area network (CANbus) in an automotive vehicle across which a plurality of electronic control units (ECU) communicate is described. Such an automotive vehicle can include, for example, a car or truck with multiple different ECUs that are each configured to control various aspects of the vehicle's operation, such as an infotainment system, a navigation system, various engine control systems, and/or others.

Claims

exact text as granted — not AI-modified
1 - 20 . (canceled) 
     
     
         21 . A method for providing end-to-end communication security for a controller communication network, the method comprising:
 determining, by a first controller in the controller communication network, a fingerprint for the first controller;   generating, by the first controller, at least one unique identifier associated with the fingerprint;   generating a first cryptographic key associated with the at least one unique identifier at the first controller or a second controller, wherein communications between the first and second controllers are associated with a corresponding message identifier;   associating the first cryptographic key with the corresponding message identifier; and   storing, by the first controller, the association of the first cryptographic key with the corresponding message identifier.   
     
     
         22 . The method of  claim 21 , wherein at least one of the associating of the first cryptographic key with the corresponding message identifier or the storing of the association is performed in response to determining that the first controller is operating within a safe environment. 
     
     
         23 . The method of  claim 21 , wherein the first cryptographic key is further associated with a controller operation. 
     
     
         24 . The method of  claim 21 , wherein the fingerprint for the first controller is unique to the first controller. 
     
     
         25 . The method of  claim 24 , wherein the fingerprint for the first controller is determined using one or more physically unclonable functions of the first controller. 
     
     
         26 . The method of  claim 21 , wherein the first cryptographic key is usable by the first controller to generate a second cryptographic key for encrypting communications with the second controller. 
     
     
         27 . The method of  claim 21 , wherein the generating of the first cryptographic key is performed following an attestation process to validate the first controller. 
     
     
         28 . The method of  claim 26 , wherein the second cryptographic key is generated on an as-needed basis. 
     
     
         29 . The method of  claim 26 , wherein the first cryptographic key is usable by the first controller together with a third cryptographic key to generate the second cryptographic key for encrypting communications with the second controller. 
     
     
         30 . The method of  claim 26 , further comprising receiving a message from the second controller and decrypting the message using the second cryptographic key. 
     
     
         31 . The method of  claim 21 , wherein:
 storing the association of the first cryptographic key with the corresponding message identifier comprises storing the association of the first cryptographic key with the corresponding message identifier in a table; and   the method further comprises encrypting the table.   
     
     
         32 . The method of  claim 21 , further comprising at least one of receiving or transmitting a message across a symmetric key stream between the first controller and the second controller, the message being encrypted based on the first cryptographic key. 
     
     
         33 . The method of  claim 21 , further comprising:
 issuing a challenge to the second controller;   determining that the second controller responded to the challenge with an incorrect value; and   in response to the determination, generating an alert.   
     
     
         34 . The method of  claim 33 , wherein the challenge comprises a request for a hash value. 
     
     
         35 . A non-transitory computer-readable medium comprising instructions that, when executed by one or more processors, cause the one or more processors to perform operations for providing end-to-end communication security for a controller communication network, the operations comprising:
 determining, by a first controller in the controller communication network, a fingerprint for the first controller;   generating, by the first controller, at least one unique identifier associated with the fingerprint;   generating a first cryptographic key associated with the at least one unique identifier at the first controller or a second controller, wherein communications between the first and second controllers are associated with a corresponding message identifier;   associating the first cryptographic key with the corresponding message identifier; and   storing, by the first controller, the association of the first cryptographic key with the corresponding message identifier.   
     
     
         36 . The non-transitory computer-readable medium of  claim 35 , wherein the fingerprint for the first controller is unique to the first controller. 
     
     
         37 . The non-transitory computer-readable medium of  claim 35 , wherein the first cryptographic key is usable by the first controller to generate a second cryptographic key for encrypting communications with the second controller. 
     
     
         38 . The non-transitory computer-readable medium of  claim 37 , wherein the first cryptographic key is usable by the first controller together with a third cryptographic key to generate the second cryptographic key for encrypting communications with the second controller 
     
     
         39 . The non-transitory computer-readable medium of  claim 35 , wherein:
 storing the association of the first cryptographic key with the corresponding message identifier comprises storing the association of the first cryptographic key with the corresponding message identifier in a table; and   the operations further comprise encrypting the table.   
     
     
         40 . The non-transitory computer-readable medium of  claim 35 , the operations further comprising at least one of receiving or transmitting a message across a symmetric key stream between the first controller and the second controller, the message being encrypted based on the first cryptographic key.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.