公开(公告)号：US08704679B2

公开(公告)日：2014-04-22

申请号：US13534348

申请日：2012-06-27

申请人： Aravind V. Iyer ,  Aditya R Karnik ,  Bhargav R. Bellur

发明人： Aravind V. Iyer ,  Aditya R Karnik ,  Bhargav R. Bellur

IPC分类号： G08G1/00

CPC分类号： H04W12/06 ,  H04L63/0823 ,  H04W4/046 ,  H04W4/90 ,  H04W84/18

摘要： A packet processing framework is provided for a vehicle-to-vehicle communication packet processing system. The framework includes a neighborhood vehicle tracking module for tracking neighboring vehicles relative to a host vehicle. The neighborhood vehicle tracking module assigns a priority level of neighboring vehicles relative to a host vehicle. An adaptive security processing module regulates messages streamed to the neighboring vehicle tracker module that are in accordance with the priorities set forth by the neighborhood vehicle tracking module. The adaptive security processing module selects security modes and schedules messages streamed to the neighborhood vehicle tracking module as a function of priorities set forth by the neighborhood vehicle tracking module, a communication reliability of the transmitting neighboring vehicle, and a likelihood that a message from the neighboring vehicle is genuine as determined by the adaptive security processing module. The neighborhood vehicle tracking module outputs processed kinematics and alert information to at least one vehicle-to-vehicle application.

摘要翻译： 提供了一种用于车对车通信分组处理系统的分组处理框架。 该框架包括用于跟踪相对于主车辆的相邻车辆的邻域车辆跟踪模块。 邻里车辆跟踪模块相对于主车辆分配相邻车辆的优先级。 自适应安全处理模块根据邻近车辆跟踪模块所阐述的优先级来调节流向相邻车辆跟踪器模块的消息。 自适应安全处理模块根据邻近车辆跟踪模块所提出的优先级，传输邻近车辆的通信可靠性以及来自邻近车辆跟踪模块的消息的可能性来选择安全模式并且调度流传输到邻近车辆跟踪模块的消息 车辆是由自适应安全处理模块确定的。 邻里车辆跟踪模块将已处理的运动学和警报信息输出到至少一个车对车辆应用。

公开(公告)号：US20110258435A1

公开(公告)日：2011-10-20

申请号：US12762428

申请日：2010-04-19

申请人： Bhargav R. Bellur ,  Debojyoti Bhattacharya ,  Aravind V. Iyer

发明人： Bhargav R. Bellur ,  Debojyoti Bhattacharya ,  Aravind V. Iyer

IPC分类号： H04L9/32

CPC分类号： H04L9/3273 ,  H04L9/3268 ,  H04L63/0823 ,  H04L63/0869 ,  H04L2209/80 ,  H04L2209/84

摘要： A method is provided for obtaining a certificate revocation list (CRL) for a vehicle in a vehicle-to-vehicle communication system. A portable security unit is provided to access secured operations for the vehicle. The portable security unit is linked to a device having access to a communication network. The communication network is in communication with a certificate authority for issuing an updated CRL. The updated CRL is downloaded from the certificate authority to the portable security unit. At a later time, when a user enters the vehicle, a communication link is established between the portable security unit and a vehicle processor unit. Mutual authentication is exchanged between the portable security unit and the vehicle processing unit. The updated CRL stored in the portable security unit is downloaded to a memory of the vehicle communication system in response to a successful mutual authentication.

摘要翻译： 提供一种用于获得车辆到车辆通信系统中的车辆的证书撤销列表（CRL）的方法。 提供便携式安全单元以访问车辆的安全操作。 便携式安全单元链接到具有访问通信网络的设备。 通信网络与用于发布更新的CRL的证书颁发机构通信。 更新的CRL从认证机构下载到便携式安全机构。 稍后，当用户进入车辆时，在便携式安全单元和车辆处理器单元之间建立通信链路。 在便携式安全单元和车辆处理单元之间交换相互认证。 响应于成功的相互认证，存储在便携式安全单元中的更新的CRL被下载到车辆通信系统的存储器。

公开(公告)号：US20110238997A1

公开(公告)日：2011-09-29

申请号：US12731833

申请日：2010-03-25

申请人： Bhargav R. Bellur ,  Aravind V. Iyer ,  Debojyoti Bhattacharya

发明人： Bhargav R. Bellur ,  Aravind V. Iyer ,  Debojyoti Bhattacharya

IPC分类号： H04L9/32 ,  H04L29/06

CPC分类号： H04L63/1458 ,  G08G1/161 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3242 ,  H04L9/3244 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/123 ,  H04L2209/805 ,  H04L2209/84 ,  H04W4/046 ,  H04W12/06 ,  H04W12/10

摘要： A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.

摘要翻译： 结合使用数字签名和TESLA MAC的组合认证消息的广播认证协议，实现对计算拒绝服务攻击的不可否认性和弹性的计算有效的消息验证策略。 当在接收器处接收到消息时，验证策略将消息分成具有相同发送者标识的消息。 然后，策略确定TESLA MAC认证器是否对每个消息有效，并丢弃那些没有有效TESLA MAC的消息。 该策略针对每个发送者标识收集具有有效TESLA MAC的消息，并对消息组执行批处理验证过程，以确定组中的消息是否具有有效的数字签名。 如果批次验证过程显示消息组具有有效的数字签名，则该策略将验证消息组中的每个消息。

公开(公告)号：US09106611B2

公开(公告)日：2015-08-11

申请号：US13534329

申请日：2012-06-27

申请人： Aditya R Karnik ,  Aravind V. Iyer ,  Bhargav R. Bellur

发明人： Aditya R Karnik ,  Aravind V. Iyer ,  Bhargav R. Bellur

IPC分类号： G06F15/16 ,  H04L29/06 ,  H04L12/861

CPC分类号： H04L63/0227 ,  H04L49/9047 ,  H04L63/1441 ,  H04W4/046

摘要： A method is provided for processing packets in a security module of a node in a real-time tracking system. The security module receives messages via a communication module. Each message contains an identifier associated with a transmitting entity of the message. A respective identifier is associated with a respective buffer. Messages having a same identifier are stored to an associated buffer. At least one message is selected from each buffer. For each buffer, a verification mode is selected for the message selected based on state variables and identifier-level properties of the identifier associated with that buffer. A buffer for message verification is selected based on state variables and identifier-level properties of all identifiers. The message selected is verified utilizing the selected verification mode. The state variables and the identifier-level properties of all identifiers are updated based on a result of the verification of the at least one message.

摘要翻译： 提供了一种用于在实时跟踪系统中的节点的安全模块中处理分组的方法。 安全模块通过通信模块接收消息。 每个消息包含与消息的发送实体相关联的标识符。 相应的标识符与相应的缓冲器相关联。 具有相同标识符的消息被存储到相关联的缓冲器中。 从每个缓冲区中选择至少一个消息。 对于每个缓冲区，为基于与该缓冲器相关联的标识符的状态变量和标识符级属性选择的消息选择验证模式。 基于所有标识符的状态变量和标识符级属性选择消息验证缓冲区。 使用所选择的验证模式验证所选择的消息。 基于至少一个消息的验证结果来更新所有标识符的状态变量和标识符级属性。

公开(公告)号：US20140002276A1

公开(公告)日：2014-01-02

申请号：US13534348

申请日：2012-06-27

申请人： Aravind V. Iyer ,  Aditya R. Karnik ,  Bhargav R. Bellur

发明人： Aravind V. Iyer ,  Aditya R. Karnik ,  Bhargav R. Bellur

IPC分类号： G08G1/0962

CPC分类号： H04W12/06 ,  H04L63/0823 ,  H04W4/046 ,  H04W4/90 ,  H04W84/18

摘要： A packet processing framework is provided for a vehicle-to-vehicle communication packet processing system. The framework includes a neighborhood vehicle tracking module for tracking neighboring vehicles relative to a host vehicle. The neighborhood vehicle tracking module assigns a priority level of neighboring vehicles relative to a host vehicle. An adaptive security processing module regulates messages streamed to the neighboring vehicle tracker module that are in accordance with the priorities set forth by the neighborhood vehicle tracking module. The adaptive security processing module selects security modes and schedules messages streamed to the neighborhood vehicle tracking module as a function of priorities set forth by the neighborhood vehicle tracking module, a communication reliability of the transmitting neighboring vehicle, and a likelihood that a message from the neighboring vehicle is genuine as determined by the adaptive security processing module. The neighborhood vehicle tracking module outputs processed kinematics and alert information to at least one vehicle-to-vehicle application.

摘要翻译： 提供了一种用于车对车通信分组处理系统的分组处理框架。 该框架包括用于跟踪相对于主车辆的相邻车辆的邻域车辆跟踪模块。 邻里车辆跟踪模块相对于主车辆分配相邻车辆的优先级。 自适应安全处理模块根据邻近车辆跟踪模块所阐述的优先级来调节流向相邻车辆跟踪器模块的消息。 自适应安全处理模块根据邻近车辆跟踪模块所提出的优先级，传输邻近车辆的通信可靠性以及来自邻近车辆跟踪模块的消息的可能性来选择安全模式并且调度流传输到邻近车辆跟踪模块的消息 车辆是由自适应安全处理模块确定的。 邻里车辆跟踪模块将已处理的运动学和警报信息输出到至少一个车对车辆应用。

公开(公告)号：US20110304425A1

公开(公告)日：2011-12-15

申请号：US12797116

申请日：2010-06-09

申请人： Aravind V. Iyer ,  Bhargav R. Bellur

发明人： Aravind V. Iyer ,  Bhargav R. Bellur

IPC分类号： G05B19/00

CPC分类号： H04L9/3247 ,  H04L63/123 ,  H04L67/12 ,  H04L2209/805 ,  H04L2209/84 ,  H04W4/04 ,  H04W4/38

摘要： A communication system is configured to operate in an ad hoc wireless network. The communication system includes a transmission device configured to send and receive a message, a signing module configured to generate a hierarchical signature using the message, and a verifying module configured to hierarchically verify a predetermined portion of a hierarchically signed message.

摘要翻译： 通信系统被配置为在自组织无线网络中操作。 通信系统包括被配置为发送和接收消息的传输设备，被配置为使用该消息生成分层签名的签名模块，以及被配置为分层验证分层签名消息的预定部分的验证模块。

公开(公告)号：US08904183B2

公开(公告)日：2014-12-02

申请号：US12731833

申请日：2010-03-25

申请人： Bhargav R. Bellur ,  Aravind V. Iyer ,  Debojyoti Bhattacharya

发明人： Bhargav R. Bellur ,  Aravind V. Iyer ,  Debojyoti Bhattacharya

IPC分类号： H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  G08G1/16 ,  H04W4/04 ,  H04L9/16

CPC分类号： H04L63/1458 ,  G08G1/161 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3242 ,  H04L9/3244 ,  H04L9/3247 ,  H04L63/08 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/123 ,  H04L2209/805 ,  H04L2209/84 ,  H04W4/046 ,  H04W12/06 ,  H04W12/10

摘要： A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.

摘要翻译： 结合使用数字签名和TESLA MAC的组合认证消息的广播认证协议，实现对计算拒绝服务攻击的不可否认性和弹性的计算有效的消息验证策略。 当在接收器处接收到消息时，验证策略将消息分成具有相同发送者标识的消息。 然后，策略确定TESLA MAC认证器是否对每个消息有效，并丢弃那些没有有效TESLA MAC的消息。 该策略针对每个发送者标识收集具有有效TESLA MAC的消息，并对消息组执行批处理验证过程，以确定组中的消息是否具有有效的数字签名。 如果批次验证过程显示消息组具有有效的数字签名，则该策略将验证消息组中的每个消息。

公开(公告)号：US08819414B2

公开(公告)日：2014-08-26

申请号：US12762428

申请日：2010-04-19

申请人： Bhargav R. Bellur ,  Debojyoti Bhattacharya ,  Aravind V. Iyer

发明人： Bhargav R. Bellur ,  Debojyoti Bhattacharya ,  Aravind V. Iyer

IPC分类号： H04L29/06 ,  H04L9/32

CPC分类号： H04L9/3273 ,  H04L9/3268 ,  H04L63/0823 ,  H04L63/0869 ,  H04L2209/80 ,  H04L2209/84

摘要： A method is provided for obtaining a certificate revocation list (CRL) for a vehicle in a vehicle-to-vehicle communication system. A portable security unit is provided to access secured operations for the vehicle. The portable security unit is linked to a device having access to a communication network. The communication network is in communication with a certificate authority for issuing an updated CRL. The updated CRL is downloaded from the certificate authority to the portable security unit. At a later time, when a user enters the vehicle, a communication link is established between the portable security unit and a vehicle processor unit. Mutual authentication is exchanged between the portable security unit and the vehicle processing unit. The updated CRL stored in the portable security unit is downloaded to a memory of the vehicle communication system in response to a successful mutual authentication.

摘要翻译： 提供一种用于获得车辆到车辆通信系统中的车辆的证书撤销列表（CRL）的方法。 提供便携式安全单元以访问车辆的安全操作。 便携式安全单元链接到具有访问通信网络的设备。 通信网络与用于发布更新的CRL的证书颁发机构通信。 更新的CRL从认证机构下载到便携式安全机构。 稍后，当用户进入车辆时，在便携式安全单元和车辆处理器单元之间建立通信链路。 在便携式安全单元和车辆处理单元之间交换相互认证。 响应于成功的相互认证，存储在便携式安全单元中的更新的CRL被下载到车辆通信系统的存储器。

公开(公告)号：US08593253B2

公开(公告)日：2013-11-26

申请号：US12797116

申请日：2010-06-09

申请人： Aravind V. Iyer ,  Bhargav R. Bellur

发明人： Aravind V. Iyer ,  Bhargav R. Bellur

IPC分类号： G05B19/00

CPC分类号： H04L9/3247 ,  H04L63/123 ,  H04L67/12 ,  H04L2209/805 ,  H04L2209/84 ,  H04W4/04 ,  H04W4/38

摘要： A communication system is configured to operate in an ad hoc wireless network. The communication system includes a transmission device configured to send and receive a message, a signing module configured to generate a hierarchical signature using the message, and a verifying module configured to hierarchically verify a predetermined portion of a hierarchically signed message.

摘要翻译： 通信系统被配置为在自组织无线网络中操作。 通信系统包括被配置为发送和接收消息的传输设备，被配置为使用该消息生成分层签名的签名模块，以及被配置为分层验证分层签名消息的预定部分的验证模块。

公开(公告)号：US20110066859A1

公开(公告)日：2011-03-17

申请号：US12561013

申请日：2009-09-16

申请人： Aravind V. Iyer ,  Debojyoti Bhattacharya

发明人： Aravind V. Iyer ,  Debojyoti Bhattacharya

IPC分类号： H04L9/32 ,  H04L9/00 ,  H04L9/28 ,  H04K1/00

CPC分类号： H04L9/3236 ,  H04L9/14 ,  H04L9/3247 ,  H04L2209/80 ,  H04W12/10

摘要： A method for authenticating a message that is transmitted wirelessly. The method includes providing a set of private key values that define a private key and performing a key pair generation process that provides a key pair including the private key and a public key, where performing the key pair generation process includes applying one or more hash functions to the private key values, where a succeeding hash function provides a hash of a previous hash function. The scheme uses a signature generation process that generates a message digest by applying a hash function on the message to be signed and then separates the message digest into two parts including signing bits and selection bits and using the private key to sign the message. A receiver verifies the authenticity of the received message using the public key and a signature verification algorithm.

摘要翻译： 一种用于认证无线传输的消息的方法。 该方法包括提供定义私钥的一组私钥值，并执行提供包括私钥和公钥的密钥对的密钥对生成过程，其中执行密钥对生成处理包括应用一个或多个哈希函数 到私钥值，其中后续散列函数提供先前哈希函数的散列。 该方案使用签名生成过程，其通过对待签名的消息应用散列函数来生成消息摘要，然后将消息摘要分为两部分，包括签名位和选择位，并使用私钥对消息进行签名。 接收机使用公钥和签名验证算法验证接收到的消息的真实性。