EP2918040A1 - Création d'une clé déduite d'une clé cryptographique au moyen d'une fonction physiquement non clonable - Google Patents

Création d'une clé déduite d'une clé cryptographique au moyen d'une fonction physiquement non clonable

Info

Publication number
EP2918040A1
EP2918040A1 EP14701314.8A EP14701314A EP2918040A1 EP 2918040 A1 EP2918040 A1 EP 2918040A1 EP 14701314 A EP14701314 A EP 14701314A EP 2918040 A1 EP2918040 A1 EP 2918040A1
Authority
EP
European Patent Office
Prior art keywords
key
value
derived
puf
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP14701314.8A
Other languages
German (de)
English (en)
Inventor
Rainer Falk
Steffen Fries
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Siemens Corp
Original Assignee
Siemens AG
Siemens Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG, Siemens Corp filed Critical Siemens AG
Publication of EP2918040A1 publication Critical patent/EP2918040A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the invention relates to a method and a device for generating a derived key from a cryptographic key by means of at least one physically non-clonable function.
  • Cryptographic keys are needed to perform cryptographic procedures.
  • the cryptographic keys are used, for example, in symmetric encryption methods in order to encrypt a communication between two devices.
  • cryptographic keys are used in authentication procedures.
  • Key management for cryptographic keys includes, for example, generating, distributing, and storing a cryptographic key.
  • many applications require the derivation of a large number of keys from a cryptographic key, since different devices are assigned different keys in a device communication, for example.
  • KDF Key Derivation Functions
  • PUF Physical Unclonable Function
  • a function that can not be cloned physically is understood to mean, in particular, a so-called physical unclonable function.
  • the, short PUF which when passing a request value, hereinafter called the challenge value, generates a response value, referred to below as the response value.
  • PUFs are known from the prior art in various embodiments and reliably identify objects based on a intrinsi ⁇ rule physical property.
  • a physical self ⁇ shaft of an object, such as a semiconducting ⁇ terschalt Vietnamesees is used here as an individual fingerprint.
  • a PUF defined by the physical property provides a response value associated with the item.
  • a cryptographic key is a key that already exists in an initial situation of a key derivation procedure and that serves as a master key or master key in order to generate a number of other keys.
  • a derived key is understood to be a key that is generated from an existing cryptographic key, for example a master key that is stored particularly securely on a device, or a master key that can be configured or read.
  • a istleite- ter key subject requirements in terms of cryptographic security, va ⁇ riieren depending on the application.
  • a key derivation function individualized by means of a PUF is provided.
  • the calculation result of the key derivation depends on which hardware, for example on which chip executes the key derivation procedure.
  • the method can be implemented in hardware with little circuit complexity since no cryptographic algorithms are required.
  • the derived key can be used as a session key for cryptographically protected data communication, for example according to the IEEE MAC Security Standard (MACsec IEEE802.1), according to Internet Protocol Security (IPsec) or according to Transport Layer Security (TLS).
  • MACsec IEEE802.1 IEEE MAC Security Standard
  • IPsec Internet Protocol Security
  • TLS Transport Layer Security
  • the sketch ⁇ headed wrench can be used to decrypt a software module for purposes of copy protection or for inspecting egg ⁇ ner cryptographic checksum of a software module or configuration data.
  • the cryptographic key for encrypting and decrypting a data carrier or egg ⁇ nes part of a data carrier for example a partition, a directory, or individual files, used ⁇ the.
  • the derived key can be used for cryptographic algorithms such as DES, AES, MD5, SHA-256, as well as key parameters of a pseudorandom number generator or a shift register arrangement.
  • a pseudo-random number generator or such a shift register arrangement With such a pseudo-random number generator or such a shift register arrangement, a noise signal or spread signal can be generated which is used in a modulation method, for example a radio transmission path.
  • This has the advantage that a ge ⁇ protected information transfer can be realized in extremely limited environments such as a physical sensor or an RFID tag on which no conventional cryptographic algorithm is implemented.
  • the dependency of the derived key on the derivation parameter generates a dedicated key whose purpose can be controlled via the derivation parameter.
  • the term purpose in the present application is to be understood as an information with which the derived key is firmly connected by the key derivation method. If a derived key is used, for example, for authentication purposes, the key is only valid if the purpose of the derived key used in the key derivation matches the purpose which is also given to the authenticating entity or is assigned to the authenticated entity.
  • a method which on the one hand enables a hardware characteristic generating a derived key, depending on the hardware on which the guided from ⁇ key is generated.
  • different keys can be generated with the help of the derivation parameter by means of a PUF implemented on a circuit unit of a hardware.
  • a key duplicating method is provided riert generation in dependence on the circuit unit which keys which can not be reprolosed ⁇ on a second circuit unit.
  • cryptographically strong keys are determined on a possibly weak PUF that does not reliably exploit the available key space in a single request using a prompt value.
  • Assigning at least two prompt values generates an extended range of values for the prompt value, so that a related unique derived key is most likely generated for a determinable derivation parameter. For example, for a first derivative parameter, a second prompt value may be assigned by incrementing a first prompt value. Further, a
  • one of at least two response values is generated as a function of the at least two prompt values.
  • the physical unclonable function is applied successively by the interrogation values and the Aufforde ⁇ approximate value is generated response value.
  • the circuit unit two or more physical unclonable functions radio ⁇ beauf beat ⁇ each with at least one prompt value and generates a respective of the at least one Aufforde ⁇ approximate value dependent response value.
  • the derived key is derived from the at least two Ant ⁇ word values.
  • an input value is generated from the at least two response values, which is formed by a concatenation of the at least two response values.
  • the derived key is created in Depending ⁇ speed of the input value then by means of a Quillex ⁇ traction procedure. Further, the input value for the key extraction may be determined by exclusive-ORing the at least two prompt values.
  • a prekey wherein a Philadelphia ⁇ traction for each of the at least two response values leads Runaway ⁇ is for the at least two response values are initially calculated in each case is.
  • the derived key is then determined depending on the subkeys, for example as concatenation the pre-key, as an exclusive-OR shortcut the Vorêtl or by means of a hash function.
  • the cryptographic key is created by means of at least one physically non-clonable function.
  • the cryptographic key can be created by means of the at least one physical non-clonable function present on the circuit unit. This minimizes both the computational and the hardware costs in one
  • the circuit unit is formed as a semiconductor integrated circuit unit.
  • it is an analog integrated circuit
  • Semiconductor circuit unit a so-called mixed signal integrated circuit unit with analog and digital circuit units, to a digital integrated semicon ⁇ terschalt Vietnamese (Application Specific Integrated Circuit, short ASIC) or to a programmable integrated circuit
  • FPGA Semiconductor Circuit Unit
  • CPU Central Processing Unit
  • the at least one physika ⁇ lisch unclonable function as a delay PUF, a
  • Arbiter PUF a SRAM PUF, a ring oscillator PUF, a bistable ring PUF, a flip-flop PUF, a glitch PUF, a Cellular Non-linear Network PUF or a Butterfly PUF.
  • Sun can be selected depending on the conditions such as the available circuit area, the physical realization of the semiconductor integrated circuit unit, Anfor ⁇ changes in power consumption or maturity or the required level of security appropriate PUF variant ⁇ to.
  • the derivative parameter is formed from at least one purpose-determining parameter.
  • a method in which the derived key is assigned a specific use.
  • the derived key can then be used, for example, in various communication partners of a device for a specific communication.
  • a different key is derived for each purpose. This has the advantage that a key is valid for a specific purpose and at the same time not for a purpose deviating from the specific intended use. This reduces the risk of abuse.
  • the dedicated parameter is selected from one of the following parameters: a network address, a node identifier, an interface identifier, an identifier of an application, a content of a data packet, a random value, a counter value, a fixed one assigned to character string or bit string, a version information of a software module or a firmware image, a serial number of a central processing unit, a parameter of a context Informa tion ⁇ an environment or a checksum of a data block or configuration parameters.
  • a key management is facilitated if, for example ⁇ a variety of different keys must be provided for a variety of applications.
  • a key update is easily achieved via a RETRY ⁇ trollable purpose determining parameters.
  • the invention further includes an apparatus for creating a derived key from a cryptographic key, comprising:
  • circuit unit comprising at least one physika ⁇ lisch unclonable function
  • the Vorrich- comprises at least one further processing unit for use in any of the method steps according to the above-described Ausbil ⁇ use forms or developments of the method according to the invention.
  • the invention will be explained in more detail below with exemplary embodiments with reference to the figures. Show it:
  • Figure 1 is a schematic representation of the method for
  • FIG. 1 is a schematic representation of the method for creating a derived key from ei ⁇ nem cryptographic key according to an embodiment of the invention.
  • FIG. 1 shows schematically how, in accordance with a first embodiment of the invention, a derived key 1 is generated from a cryptographic key K and a derivation parameter P on a device 10.
  • a combination of the cryptographic key K and the derivative parameter P is assigned a prompt value C.
  • the cryptographic key K is ⁇ example, be a random number sequence with the length of 32 bit, 64 bit, 128 bit or 256 bit.
  • the cryptographic key K serves as a master key and is stored securely.
  • the master key is stored in so-called polyfuses within an FPGA. Polyfuses are known in the art. They are not volatile and only programmable once.
  • the number of derivation parameters P determines the number of different derived keys. It is for example conceivable that a network node each other network node with which it communicates, the encrypted Kommunikati ⁇ one with a different key. For this purpose, a different derivative parameter P is determined for each communication connection. A domestic using symmetric encryption encrypted communication nergur a network is then encrypted with depending on a purpose, so in this case by the communication part, ⁇ partners.
  • a hash function for example a cyclic redundancy check function (Cyclic Redundancy Check, short
  • the demand value C on a first unit El is determined from the derivative parameter P and the cryptographic key K.
  • the prompting tes C is a specially designed for central Rechenein ⁇ uniform provided. This is particularly advantageous in the case of a high computational complexity in determining the prompt ⁇ value C, that is, for example, in a Challenge value range of the order of billions Challenge values.
  • the derivative parameter P indicates, for example, the IP address and is: IP-192.168.13.12
  • the assigned request value C is a challenge value, with which a physically non-clonable function 2, a so-called Physical Unclonable Function, PUF for short, is charged.
  • the PUF 2 is realized for example on an inte grated ⁇ semiconductor circuit and is designed as a so-called ⁇ delay PUF. Delays of a signal within ring oscillators can be evaluated, for example, from ⁇ and are due to unavoidable irregularities in the structural structure, due to the manufacturing process, a unique characteristic of
  • PUF PUF circuits.
  • other PUF variants may be used instead of a delay PUF, e.g. an arbiter PUF or a butterfly PUF.
  • a key for decryption of a data carrier or a part of a data carrier which kor ⁇ respondiert with a key that has been created for the encryption of the data carrier or the part of the data carrier, is only on the device with the integrated circuit mög ⁇ Lich, on the also the key to encryption was derived. This is in particular the device on which the encryption is to be performed.
  • a plurality of request values C1, C2 are assigned from the cryptographic key K and the derivation parameter P.
  • FIG. 2 shows a schematic flowchart for this purpose. For example, Challenges C1, C2 are determined, for which respectively associated responses R1, R2 are determined by means of a PUF2. This has the advantage that even with a weak PUF, which does not reliably exploit the available key space in a single request, strong keys can be determined.
  • the response value Rl determined per challenge value C1 is derived to a dedicated key.
  • a purpose-determining parameter indicating the purpose of the dedicated key is in the form ei ⁇ ner string before.
  • Several intermediate parameters pertaining to a suitable parameter are now generated by the purpose-determining parameter being concatenated, for example, with a distinguishing character string.
  • ent ⁇ are different intermediate parameters from the amongbe ⁇ tuning parameters by an artificially created encryption multipli.
  • a parameter of a context information a redirection is evaluated environments and are conveniently determining Pa ⁇ parameters. For example, the checksum of a date is ascertained and at the same time an identification of a maintenance technician ⁇ . Intermediate parameters are derived via the duplication method described.
  • the use of context information for key derivation enables the creation of a large number of session-specific keys. A session-specific key should be unique for each ⁇ the use of the service technician.
  • the method according to the second embodiment is performed on a device 10 which is provided as a circuit unit being ⁇ staltet.
  • the described method for determining the challenges C1, C2 is carried out on a first unit El on the circuit unit.
  • the PUF 2 uniquely characterizes this circuit ⁇ unit.
  • the PUF 2 is supplied with the assigned challenge values C1, C2 and supplies in each case an associated response value R1, R2.
  • the derived key is derived.
  • the generated response values R1, R2 can be evaluated as a set or as a list with an order to be considered. For example, first an overall response value is calculated which results from an exclusive-OR combination of the individual response values R 1, R 2. Alternatively, the overall response value can be determined as a concatenation of the individual response values R1, R2. Alternatively, an additional key K1, K2 can be generated in each case from the response values R1, R2, and in a second step these precursors K1, K2 can be linked to the derived key, in particular via an exclusive-or link. Otherwise, the key derivation function is transmitted the overall response value and the derived key is derived therefrom.
  • the derived key is provided via an output unit of the third unit E3.
  • the method enables in accordance with the second embodiment, the generating a derived key, and generates a high probability for different purpose of determining parame ter ⁇ also different derived key ⁇ the.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Semiconductor Integrated Circuits (AREA)

Abstract

L'invention concerne un procédé et un dispositif permettant de créer une clé déduite d'une clé cryptographique au moyen d'au moins une fonction physiquement non clonable. Ledit procédé consiste à associer au moins une valeur d'invite à la clé cryptographique et à au moins un paramètre de déduction ; sur une unité de circuits, générer, en fonction de chaque valeur d'invite, une valeur de réponse au moyen de la ou des fonctions physiques non clonables ; et déduire la clé déduite de la ou des valeurs de réponse.
EP14701314.8A 2013-02-28 2014-01-14 Création d'une clé déduite d'une clé cryptographique au moyen d'une fonction physiquement non clonable Withdrawn EP2918040A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102013203415.6A DE102013203415B4 (de) 2013-02-28 2013-02-28 Erstellen eines abgeleiteten Schlüssels aus einem kryptographischen Schlüssel mittels einer physikalisch nicht klonbaren Funktion
PCT/EP2014/050547 WO2014131539A1 (fr) 2013-02-28 2014-01-14 Création d'une clé déduite d'une clé cryptographique au moyen d'une fonction physiquement non clonable

Publications (1)

Publication Number Publication Date
EP2918040A1 true EP2918040A1 (fr) 2015-09-16

Family

ID=50002695

Family Applications (1)

Application Number Title Priority Date Filing Date
EP14701314.8A Withdrawn EP2918040A1 (fr) 2013-02-28 2014-01-14 Création d'une clé déduite d'une clé cryptographique au moyen d'une fonction physiquement non clonable

Country Status (5)

Country Link
US (1) US20160006570A1 (fr)
EP (1) EP2918040A1 (fr)
CN (1) CN105009507A (fr)
DE (1) DE102013203415B4 (fr)
WO (1) WO2014131539A1 (fr)

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102015208525A1 (de) * 2015-05-07 2016-03-24 Siemens Aktiengesellschaft Generieren eines kryptographischen Schlüssels
DE102015212887A1 (de) * 2015-07-09 2017-01-12 Siemens Aktiengesellschaft Bestimmen eines gerätespezifischen privaten Schlüssels für ein asymmetrisches Kryptographieverfahren auf einem Gerät
DE102015214427A1 (de) * 2015-07-29 2017-02-02 Siemens Aktiengesellschaft Ableitung eines Sitzungsschlüssels mit Zugriff auf eine physikalisch unklonbare Funktion
DE102015225651A1 (de) * 2015-12-17 2017-06-22 Robert Bosch Gmbh Verfahren und Vorrichtung zum Übertragen einer Software
JP6882666B2 (ja) * 2017-03-07 2021-06-02 富士通株式会社 鍵生成装置および鍵生成方法
CN107220564B (zh) * 2017-06-05 2020-12-22 上海爱信诺航芯电子科技有限公司 一种可多路切换的puf电路及序列号输出电路
KR102643708B1 (ko) 2017-06-09 2024-03-04 오피이 엘엘씨 아날로그 콤포넌트를 갖는 데이터 보안 장치
US10841107B2 (en) 2017-11-20 2020-11-17 Analog Devices, Inc. Efficient delay-based PUF implementation using optimal racing strategy
US11063772B2 (en) 2017-11-24 2021-07-13 Ememory Technology Inc. Multi-cell per bit nonvolatile memory unit
US10892903B2 (en) * 2018-05-29 2021-01-12 Ememory Technology Inc. Communication system capable of preserving a chip-to-chip integrity
CN109190358B (zh) * 2018-09-18 2020-10-27 中国科学院计算技术研究所 站点密码生成方法、系统及密码管理器
KR102556091B1 (ko) * 2018-10-04 2023-07-14 삼성전자주식회사 보안 정보의 주입을 위한 장치 및 방법
US11233662B2 (en) * 2018-12-26 2022-01-25 Arizona Board Of Regents On Behalf Of Northern Arizona University Keyless encrypting schemes using physical unclonable function devices
CN110049002B (zh) * 2019-03-01 2021-07-27 中国电子科技集团公司第三十研究所 一种基于PUF的IPSec认证方法
US11218330B2 (en) * 2019-03-25 2022-01-04 Micron Technology, Inc. Generating an identity for a computing device using a physical unclonable function
US11361660B2 (en) 2019-03-25 2022-06-14 Micron Technology, Inc. Verifying identity of an emergency vehicle during operation
US11233650B2 (en) 2019-03-25 2022-01-25 Micron Technology, Inc. Verifying identity of a vehicle entering a trust zone
US11323275B2 (en) 2019-03-25 2022-05-03 Micron Technology, Inc. Verification of identity using a secret key
DE102019212958B3 (de) * 2019-08-28 2021-03-04 Volkswagen Aktiengesellschaft Verfahren und Vorrichtung zur Erzeugung von kryptographischen Schlüsseln nach einem Schlüsselableitungsmodell sowie Fahrzeug
CN110430056A (zh) * 2019-09-10 2019-11-08 广州麦仑信息科技有限公司 一种基于fpga的物理不可克隆函数加密技术实现方法
US11528151B2 (en) 2020-04-01 2022-12-13 Taiwan Semiconductor Manufacturing Company, Ltd. Physically unclonable function (PUF) generation
GB2601846B (en) * 2021-03-15 2026-04-29 Nordic Semiconductor Asa Encoding

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2823398B1 (fr) * 2001-04-04 2003-08-15 St Microelectronics Sa Extraction d'une donnee privee pour authentification d'un circuit integre
EP2156437A1 (fr) * 2007-06-12 2010-02-24 Nxp B.V. Stockage sécurisé
US8782396B2 (en) * 2007-09-19 2014-07-15 Verayo, Inc. Authentication with physical unclonable functions
KR101727130B1 (ko) * 2010-01-20 2017-04-14 인트린직 아이디 비브이 암호화 키를 획득하기 위한 디바이스 및 방법
KR101852115B1 (ko) * 2010-10-04 2018-04-25 인트린직 아이디 비브이 개선된 시동 작동을 갖는 물리적 복제 불가 기능부
US8694778B2 (en) * 2010-11-19 2014-04-08 Nxp B.V. Enrollment of physically unclonable functions
JP2014523192A (ja) * 2011-07-07 2014-09-08 ベラヨ インク デバイス及びサーバの通信におけるファジーな認証情報を用いた暗号化によるセキュリティ
US9742563B2 (en) * 2012-09-28 2017-08-22 Intel Corporation Secure provisioning of secret keys during integrated circuit manufacturing
US9083323B2 (en) * 2013-02-11 2015-07-14 Qualcomm Incorporated Integrated circuit identification and dependability verification using ring oscillator based physical unclonable function and age detection circuitry

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2014131539A1 *

Also Published As

Publication number Publication date
DE102013203415A1 (de) 2014-08-28
CN105009507A (zh) 2015-10-28
US20160006570A1 (en) 2016-01-07
DE102013203415B4 (de) 2016-02-11
WO2014131539A1 (fr) 2014-09-04

Similar Documents

Publication Publication Date Title
DE102013203415B4 (de) Erstellen eines abgeleiteten Schlüssels aus einem kryptographischen Schlüssel mittels einer physikalisch nicht klonbaren Funktion
EP2899714B1 (fr) Préparation sécurisée d'une clé
DE102005030590B4 (de) Sicheres Patchsystem
DE112005001666B4 (de) Verfahren zum Bereitstellen von privaten Direktbeweis-Schlüsseln in signierten Gruppen für Vorrichtungen mit Hilfe einer Verteilungs-CD
DE102020121533A1 (de) Vertrauenswürdige authentifizierung von automotiven mikrocon-trollern
DE102013022383B3 (de) Verfahren und Vorrichtung zur Zertifikaterzeugung mit Privatsphärenschutz
DE112005001672T5 (de) Verfahren zum Liefern eines geheimen Direktnachweisschlüssels an Vorrichtungen unter Verwendung eines Onlinedienstes
EP2462529B1 (fr) Procédé d'établissement d'un certificat numérique par une autorité de certification, agencement de mise en uvre du procédé et système informatique d'une autorité de certification
DE102018216915A1 (de) System und Verfahren für sichere Kommunikationen zwischen Steuereinrichtungen in einem Fahrzeugnetzwerk
DE102009030019B3 (de) System und Verfahren zur zuverlässigen Authentisierung eines Gerätes
DE102009000869A1 (de) Verfahren und Vorrichtung zur manipulationssicheren Übertragung von Daten
DE102014204713A1 (de) Erzeugung von Schlüsseln unter Verwendung sicherer Hardware
DE102012208834A1 (de) Authentisierung eines Produktes gegenüber einem Authentisierer
EP3337085B1 (fr) Rechargement des instructions du programme cryptographique
EP3465513B1 (fr) Authentification d'utilisateur au moyen d'un jeton d'identification
DE112005001654B4 (de) Verfahren zum Übermitteln von Direct-Proof-Privatschlüsseln an Geräte mittels einer Verteilungs-CD
DE102015202935A1 (de) Verfahren zum Manipulationsschutz
DE102020119578A1 (de) Bereitstellen einer Challenge für ein Gerät
DE102008055076A1 (de) Vorrichtung und Verfahren zum Schutz von Daten, Computerprogramm, Computerprogrammprodukt
DE102014210282A1 (de) Erzeugen eines kryptographischen Schlüssels
DE102015208899A1 (de) Vorrichtung und Verfahren zur flexiblen Erzeugung von kryptographischen privaten Schlüsseln und Gerät mit flexibel erzeugten kryptographischen privaten Schlüsseln
EP4298503B1 (fr) Cryptographie quantique
DE102015208178A1 (de) Bereitstellen von langfristig gültigen Sicherheitsinformationen
DE102019007457A1 (de) Generierung klonresistenter Gruppen von elektronischen Einheiten
EP4645753A1 (fr) Procédé et système mis en uvre par ordinateur pour la transmission sécurisée de données basée sur le hachage

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20150610

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20160209