System and Method for Using a Mobile Device and/or Bluetooth Smart-Card Reader for Car Authentication
Publication Date: 2005-Nov-21
The IP.com Prior Art Database
Some cars currently have the following features: 1) Bluetooth capabilities with which mobile devices are capable of communicating to use the hands-free speaker phone. 2) Key pads on the outside of the door to unlock the doors 3) Remote car starters 4) Wireless key chains to unlock card doors
BLUETOOTH CAR AUTHENTICATION
MobileDevice and/or Bluetooth Smart-Card Reader for Car Authentication
Some cars currently have the following features:
1) Bluetooth capabilities with which mobile devices are capable of communicating to use the hands-free speaker phone.
2) Key pads on the outside of the door to unlock the doors
3) Remote car starters
4) Wireless key chains to unlock card doors
How can a mobile device and/or Bluetooth smart-card reader be used to enhance the above features while also enhancing security and helping prevent auto theft?
The government already uses smart cards to unlock weapons systems, armed vehicles, and building doors. They currently have to insert their smart card into the system they are trying to activate. How can we improve on these systems?
The proposed solution is to use the mobile device or smart card to authenticate to the car. When a user first purchases a car with Bluetooth authentication capabilities, the user pairs their mobile device with the car. The mobile device generates a certificate with corresponding public and private keys (all of which are stored in the key store protected with the user’s key-store password) and sends the certificate to the car. The car and mobile device both show the hash of the certificate so the user can ensure the correct certificate has been downloaded.
The following operations can now be initiated by authenticating with the mobile device:
1) To unlock the doors.
When the user goes near their car, the car detects they have entered into Bluetooth range and sends a random challenge to the mobile device. When the mobile device receives the notification, the user is prompted for their key-store password in order to unlock the doors. If the user correctly enters their password, the system is able to access the user’s private key, which it uses to sign the random challenge. The signed response is sent back to the car. The car uses the user’s public key to verify the challenge response. If the challenge response is verified, the car automatically unlocks the doors.
2) To start the car.
The same sequence of events would occur in order to start the car as was used to unlock the doors.
These two events could be combined so in a single challenge the car could unlock the doors and start the car. To combine the two operations, the user could be prompted to enter their key-store password and be given the buttons: "Unlock Doors, Start Car, Unlock and Start". The user would enter their password and click the button corresponding to the operation the desired action.