US 12,192,374 B2
Method and system for data exchange on a network to enhance security measures of the network, vehicle comprising such system
Francesco Alessandro Colucci, Turin (IT); and Alessandro Mazzurco, Turin (IT)
Assigned to FPT INDUSTRIAL S.P.A., Turin (IT)
Appl. No. 17/783,936
Filed by FPT INDUSTRIAL S.P.A., Turin (IT)
PCT Filed Dec. 10, 2020, PCT No. PCT/IB2020/061763
§ 371(c)(1), (2) Date Jun. 9, 2022,
PCT Pub. No. WO2021/116975, PCT Pub. Date Jun. 17, 2021.
Claims priority of application No. 102019000023544 (IT), filed on Dec. 10, 2019.
Prior Publication US 2023/0037778 A1, Feb. 9, 2023
Int. Cl. H04L 9/32 (2006.01); G06F 21/64 (2013.01); H04L 9/12 (2006.01); H04L 12/40 (2006.01); H04L 67/12 (2022.01); H04W 4/48 (2018.01)
CPC H04L 9/3242 (2013.01) [H04L 9/3273 (2013.01)] 23 Claims
OG exemplary drawing
 
1. A method for data exchange on a communication network operating according to a transmission/reception protocol, the communication network including a transmission bus, and a first node and a second node connected to the transmission bus, the method comprising steps, carried out by the first node, of:
constructing a first and a second data frame, each of said first data frame and said second data frame having a frame format that is defined by said protocol and including a respective payload field, said respective payload fields containing respective first and second information data to be transmitted to the second node;
calculating a first message authentication code as a function of the first and the second information data to be transmitted;
constructing a third data frame having a frame format that is defined by said protocol and includes a payload field, and containing, in the payload field of said third data frame, said first message authentication code;
transmitting to the transmission bus the first, the second and the third data frames;
the method further comprising steps, carried out by the second node, of:
receiving from the transmission bus the first, the second and the third data frames;
extracting the first information data from the first data frame received, the second information data from the second data frame received and the first message authentication code from the third data frame received;
calculating a second message authentication code as a function of the first and the second information data extracted;
comparing the first message authentication code extracted with the second message authentication code calculated; and
accepting the first and the second data frames only if the first message authentication code extracted is identical to the second message authentication code calculated;
wherein the step of calculating the first message authentication code further comprises calculating the first message authentication code as a function of an encryption key,
and the step of calculating the second message authentication code further comprises calculating the second message authentication code as a function of a decryption key,
wherein said encryption key corresponds to the decryption key, thus implementing a symmetric encryption algorithm,
alternatively, the encryption key is a private key and the decryption key is a public key different from the encryption key, thus implementing an asymmetric encryption algorithm.