Abstract: A method for secure access control to a power tool enables secure access to an embedded computing device in the power tool from a web application in another computer that is connected to the power tool via a USB or other suitable peripheral data connection in a workshop environment. The access control enables authorized parties to perform repair and diagnostic procedures on the power tools based on specific user roles while denying access to unauthorized parties.

Abstract: A method for activating at least one function of a control device of a motor vehicle, which includes the steps: a) generating a random value in the control device; b) calculating a reference value from the random value by the control device; c) transmitting the random value to a remote control unit and from the remote control unit to a server; d) verifying the authorization of the remote control unit transmitting the random value by the server and if an authorization of the remote control unit is provided: e) generating a response value from the random value by the server; f) transmitting the response value to the remote control unit and from the remote control unit to the control device; and g) comparing the response value with the reference value and, if the response value matches the reference value, activating the at least one function of the control device.

Abstract: A method for secure access control to a power tool enables secure access to an embedded computing device in the power tool from a web application in another computer that is connected to the power tool via a USB or other suitable peripheral data connection in a workshop environment. The access control enables authorized parties to perform repair and diagnostic procedures on the power tools based on specific user roles while denying access to unauthorized parties.

Abstract: A method for activating at least one function of a control device of a motor vehicle, which includes the steps: a) generating a random value in the control device; b) calculating a reference value from the random value by the control device; c) transmitting the random value to a remote control unit and from the remote control unit to a server; d) verifying the authorization of the remote control unit transmitting the random value by the server and if an authorization of the remote control unit is provided: e) generating a response value from the random value by the server; f) transmitting the response value to the remote control unit and from the remote control unit to the control device; and g) comparing the response value with the reference value and, if the response value matches the reference value, activating the at least one function of the control device.

Abstract: A method for securing communications in a vehicle-to-vehicle (V2V) system including an on-board computer of a broadcasting vehicle predicting a value for a vehicle parameter, generating a heavyweight signature corresponding to the predicted value, and obtaining an actual value for the vehicle parameter. The method also includes the computer comparing the predicted value to the actual value to determine if the predicted value bears a first relationship to the actual value. If the computer determines that the predicted value bears the relationship to the actual value, the on-board computer generates a lightweight authenticating signature to correspond to the predicted value and broadcasts a data message having the predicted value with the corresponding heavyweight authenticating signature and the corresponding lightweight authenticating signature.

Abstract: A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.

Abstract: A method for securing communications in a vehicle-to-vehicle (V2V) system including an on-board computer of a broadcasting vehicle predicting a value for a vehicle parameter, generating a heavyweight signature corresponding to the predicted value, and obtaining an actual value for the vehicle parameter. The method also includes the computer comparing the predicted value to the actual value to determine if the predicted value bears a first relationship to the actual value. If the computer determines that the predicted value bears the relationship to the actual value, the on-board computer generates a lightweight authenticating signature to correspond to the predicted value and broadcasts a data message having the predicted value with the corresponding heavyweight authenticating signature and the corresponding lightweight authenticating signature.

Abstract: A method is provided for obtaining a certificate revocation list (CRL) for a vehicle in a vehicle-to-vehicle communication system. A portable security unit is provided to access secured operations for the vehicle. The portable security unit is linked to a device having access to a communication network. The communication network is in communication with a certificate authority for issuing an updated CRL. The updated CRL is downloaded from the certificate authority to the portable security unit. At a later time, when a user enters the vehicle, a communication link is established between the portable security unit and a vehicle processor unit. Mutual authentication is exchanged between the portable security unit and the vehicle processing unit. The updated CRL stored in the portable security unit is downloaded to a memory of the vehicle communication system in response to a successful mutual authentication.

Abstract: A method is provided for constructing a secret code in a processing unit when in communication with a portable security unit. Mutual authentication messages are exchanged between a linked portable security unit and processing unit. A first portion of the secret code is communicated to the processing unit. The processing unit combines the first portion and a second portion of the secret code stored in the non-volatile memory of the processing unit. The secret code is stored in a volatile memory of the processing unit. A secure operation is performed using the secret code. The portable security unit is de-linked from the processing unit. At least a portion of the secret code is deleted from the volatile memory of the processing unit.

Abstract: A method for securing communications in a vehicle-to-vehicle (V2V) system including an on-board computer of a broadcasting vehicle predicting a value for a vehicle parameter, generating a heavyweight signature corresponding to the predicted value, and obtaining an actual value for the vehicle parameter. The method also includes the computer comparing the predicted value to the actual value to determine if the predicted value bears a first relationship to the actual value. If the computer determines that the predicted value bears the relationship to the actual value, the on-board computer generates a lightweight authenticating signature to correspond to the predicted value and broadcasts a data message having the predicted value with the corresponding heavyweight authenticating signature and the corresponding lightweight authenticating signature.

Abstract: A method is provided for constructing a secret code in a processing unit when in communication with a portable security unit. Mutual authentication messages are exchanged between a linked portable security unit and processing unit. A first portion of the secret code is communicated to the processing unit. The processing unit combines the first portion and a second portion of the secret code stored in the non-volatile memory of the processing unit. The secret code is stored in a volatile memory of the processing unit. A secure operation is performed using the secret code. The portable security unit is de-linked from the processing unit. At least a portion of the secret code is deleted from the volatile memory of the processing unit.

Abstract: A method for improving the reliability and performance of Vehicle-to-Vehicle (V2V) networks where digital certificates are necessary for message authentication and some messages may be lost in transmission. The method uses Forward Error Correcting (FEC) codes to encode a digital certificate into multiple segments, and attaches one or more segment to each message transmitted. Nodes receiving the messages can reconstruct the certificate as long as they successfully receive a minimum number of the transmitted messages, where the minimum number is less than the total number of messages transmitted. This allows message authentication to continue uninterrupted, even in a network environment where some messages are lost in transmission. Two different types of FEC codes are described, and adaptive schemes are included to optimize message throughput based on such network conditions as node density.

Abstract: A method for improving the reliability and performance of Vehicle-to-Vehicle (V2V) networks where digital certificates are necessary for message authentication and some messages may be lost in transmission. The method uses a variable inter-certificate refresh period to optimize communications throughput based on network conditions such as node density and bandwidth saturation. In some network conditions, the inter-certificate refresh period may be increased, such that more certificate digests are sent between full digital certificates, to decrease average message size. In other network conditions, the inter-certificate refresh period may be decreased, to allow for more frequent message authentication by receiving nodes. Empirical data and an adaptive controller are used to select the refresh period which will provide the best performance based on network conditions.

Abstract: A method for authenticating a message that is transmitted wirelessly. The method includes providing a set of private key values that define a private key and performing a key pair generation process that provides a key pair including the private key and a public key, where performing the key pair generation process includes applying one or more hash functions to the private key values, where a succeeding hash function provides a hash of a previous hash function. The scheme uses a signature generation process that generates a message digest by applying a hash function on the message to be signed and then separates the message digest into two parts including signing bits and selection bits and using the private key to sign the message. A receiver verifies the authenticity of the received message using the public key and a signature verification algorithm.

Abstract: A method is provided of authenticating a digitally signed message. A chain of messages is generated. A Winternitz pair of keys is generated for each respective message. A sequence number is assigned to each of the messages. Each of the sequence numbers cooperatively identify an order of Winternitz verifiers assigned to each of the messages. A signature to a first message in the chain of messages is signed using a digital signature algorithm private key. Signatures to each of the following messages in the chain of messages are signed using both Winternitz private keys and digital signature algorithm private keys. The signed messages are broadcast from a sender to a receiver. The first signed broadcast message is authenticated at the receiver by verifying the digital signature algorithm signature. At least some of the following signed broadcast messages are authenticated at the receiver by verifying only the Winternitz signature.

Abstract: A method for securing communications in a vehicle-to-vehicle (V2V) system including an on-board computer of a broadcasting vehicle predicting a value for a vehicle parameter, generating a heavyweight signature corresponding to the predicted value, and obtaining an actual value for the vehicle parameter. The method also includes the computer comparing the predicted value to the actual value to determine if the predicted value bears a first relationship to the actual value. If the computer determines that the predicted value bears the relationship to the actual value, the on-board computer generates a lightweight authenticating signature to correspond to the predicted value and broadcasts a data message having the predicted value with the corresponding heavyweight authenticating signature and the corresponding lightweight authenticating signature.

Abstract: A method is provided for obtaining a certificate revocation list (CRL) for a vehicle in a vehicle-to-vehicle communication system. A portable security unit is provided to access secured operations for the vehicle. The portable security unit is linked to a device having access to a communication network. The communication network is in communication with a certificate authority for issuing an updated CRL. The updated CRL is downloaded from the certificate authority to the portable security unit. At a later time, when a user enters the vehicle, a communication link is established between the portable security unit and a vehicle processor unit. Mutual authentication is exchanged between the portable security unit and the vehicle processing unit. The updated CRL stored in the portable security unit is downloaded to a memory of the vehicle communication system in response to a successful mutual authentication.

Abstract: A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.

Abstract: A method for improving the reliability and performance of Vehicle-to-Vehicle (V2V) networks where digital certificates are necessary for message authentication and some messages may be lost in transmission. The method uses Forward Error Correcting (FEC) codes to encode a digital certificate into multiple segments, and attaches one or more segment to each message transmitted. Nodes receiving the messages can reconstruct the certificate as long as they successfully receive a minimum number of the transmitted messages, where the minimum number is less than the total number of messages transmitted. This allows message authentication to continue uninterrupted, even in a network environment where some messages are lost in transmission. Two different types of FEC codes are described, and adaptive schemes are included to optimize message throughput based on such network conditions as node density.

Abstract: A method for improving the reliability and performance of Vehicle-to-Vehicle (V2V) networks where digital certificates are necessary for message authentication and some messages may be lost in transmission. The method uses a variable inter-certificate refresh period to optimize communications throughput based on network conditions such as node density and bandwidth saturation. In some network conditions, the inter-certificate refresh period may be increased, such that more certificate digests are sent between full digital certificates, to decrease average message size. In other network conditions, the inter-certificate refresh period may be decreased, to allow for more frequent message authentication by receiving nodes. Empirical data and an adaptive controller are used to select the refresh period which will provide the best performance based on network conditions.