Freescale's automotive remote keyless entry (RKE) solution and VKSP security protocol

　　In response to the growing market of car remote keyless entry (RKE), Freescale Semiconductor recently launched a total solution including hardware and software security protocol (VKSP).

　　Car remote keyless entry (RKE) system consists of a transmitter (remote control key) and a receiver integrated in the body control module. The transmitter encodes, encrypts and frames the user's key commands through the RF transmission circuit, while the receiver in the car completes the corresponding door, light control and alarm user commands after RF demodulation, data decoding and frame decryption of the received signal. The system block diagram is shown in Figure 1.


Figure 1 Simplified block diagram of Freescale RKE system

　　Transmitter: Use Freescale low-end 8-bit MC9S08QG4/8 (4k/8K flash) microcontroller to complete the data encoding, encryption and framing of user keys, and then transmit to the UHF band through the SAW acoustic surface resonator circuit.

　　Receiver: Use the UHF RF receiver chip MC33596 to complete signal demodulation and data Manchester decoding, and then transmit the data to the vehicle body main control chip (this reference design uses the 8-bit MC9S08DZ series) for data decryption and instruction execution.

　　Encryption protocol: Use the variable key security protocol (VKSP) developed by Freescale.

　　The variable key security protocol (VKSP) is a secure transmission protocol developed by Freescale specifically for the remote control application market. The sending process of VKSP is shown in Figure 2. Its features include:

　　* Using 128-bit key encryption and verification to enhance security;

　　* The 32-bit variable key (counter) in the key increases with time and key presses;

　　* Even after being pressed many times outside the remote control distance, the key can continue to be used normally without the need to re-learn the key with the receiving end;

　　* Supports up to 254 different command transmissions;

　　* In addition to using the AES encryption algorithm module provided by Freescale, users can also use their own encryption algorithm module as needed (such as reducing program size and decryption time);

　　* Pure software implementation, which can be flexibly used in various microcontrollers;

　　* Software size: about 1.5k bytes without the AES encryption module, if the AES module is included, it is close to 3k bytes. The software is licensed free of charge to customers who use the Freescale solution in the form of library functions.


Figure 2 VKSP send frame generation

　　Every time the key is pressed, a send frame will be generated. The send frame has two parts: the data part and the message authentication code (MAC) part. The data part does not need to be encrypted and consists of three parts with a total of 64 bits: Key number: 3 bytes. User command: 1 byte. Variable key: 4 bytes, which increases with time and user keystrokes each time it is sent, to ensure that even if the user command is the same, the content of the message frame sent each time will not be repeated. The message authentication code (MAC) part is 8 bytes and is generated by the encryption module. The receiving process is divided into three steps, as shown in Figure 3.


Figure 3 Verification of VKSP received frame

　　* Step 1: The receiving end checks whether the key number in the received sending frame exists in the valid key number database stored in the receiving end. If so, the local key (Local Key) and variable key (Variable Key) corresponding to the key are taken from the receiving end database at the same time, and the next step is entered. Otherwise, the frame is discarded. [page]

　　* Step 2: Check whether the variable key in the sending frame is greater than the current variable key of the key in the receiving end database in step 1. If so, the next step is entered, otherwise the frame is discarded. ?This step ensures that any frame sent again will not be considered a valid frame.

　　* Step 3: Verify the message code. The message verification code is generated by the data field in the received frame and the local key of the key taken from the receiving database through the encryption module. Since the sender and the receiver use the same encryption module, if the two message verification codes generated by the sender and the receiver are the same, the frame is considered valid and the user command is executed. At the same time, the current variable key of the key is updated to the receiving database.

　　From the above process, it can be seen that each new key must first complete the learning process, that is, the key number and local key of the key are stored in the receiving database before the key can be recognized and used. For system security, the receiving system must recognize the learning frame only when the specified security environment is activated, such as when the user presses a specific button or switch at the receiving end. Figure 4 shows the learning process and the structure of the learning frame.


Figure 4 VKSP learning process and learning frame

　　* The receiving end first checks whether it is in the security environment activation state, and then decides whether to recognize the learning frame.

　　* The sender uses a pseudo-random number generator to generate a 128-bit random number, and then uses the 128-bit OEM code provided by the manufacturer (the sender and the receiver must share the same OEM code) to generate 128-bit output data through the encryption module, intercepts 64 bits of it as the message verification code, and intercepts a specific number of bits and stores it at the sender as the local key of the key. At the same time, the 128-bit random number and the message verification code are sent through two consecutive learning frames. The two learning frames are identified by the numerical 0XFE and 0XFF feature codes respectively.

　　* The receiver detects the learning frame through the feature code and extracts the 128-bit random number from it, and then relies on the same manufacturer's 128-bit OEM code and encryption module as the sender to complete the message verification code comparison and verification, and generates the same local key of the key as the sender according to the same output interception method as the sender, and finally stores the local key and key number in the receiver's database, thereby completing the learning process of the key.

　　In summary, the main features and advantages of Freescale Semiconductor's RKE overall solution are as follows.

　　* The system uses a general-purpose MCU controller, and customers can add application functions as needed, which enhances flexibility;.

　　* The receiving end does not need a separate decryption chip, and the decryption algorithm is integrated in the body controller, which simplifies the solution and saves costs.

　　* When no user presses a key, the key-side system is in a dormant state, saving system power consumption.

　　* The UHF receiving chip MC33596 (or the bidirectional transceiver chip MC33696) supports OOK and FSK demodulation from 304MHz to 915Mhz; the chip supports data Manchester decoding, saving the external microcontroller decoding software system; it has the functions of on-chip timed wake-up, chip pin wake-up, and can set a specific frame to wake up the external MCU, saving system power consumption; and supports two sets of system parameter configurations. The above features also make the chip applicable to passive keyless entry (PKE) and tire pressure monitoring (TPMS) systems.

　　* VKSP data protocol: pure software implementation, using 128-bit AES encryption, which increases security; the local key is generated by a pseudo-random number generator during each key learning process, so a different key key will be generated and stored for each key learning process, enhancing confidentiality. The

　　actual evaluation system of this solution is shown in Figures 5 and 6.


Figure 5 Photo of the key end of the RKE evaluation system


Figure 6 Photo of the receiving end of the RKE evaluation system