WO2015135579A1 - Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage - Google Patents

Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage Download PDF

Info

Publication number
WO2015135579A1
WO2015135579A1 PCT/EP2014/054799 EP2014054799W WO2015135579A1 WO 2015135579 A1 WO2015135579 A1 WO 2015135579A1 EP 2014054799 W EP2014054799 W EP 2014054799W WO 2015135579 A1 WO2015135579 A1 WO 2015135579A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
user
encryption
provider
key device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2014/054799
Other languages
German (de)
English (en)
Inventor
Johann Kasper Locher
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
TOPAS AG
Original Assignee
TOPAS AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by TOPAS AG filed Critical TOPAS AG
Priority to PCT/EP2014/054799 priority Critical patent/WO2015135579A1/fr
Publication of WO2015135579A1 publication Critical patent/WO2015135579A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Definitions

  • the invention relates to a keyed se as well as encryption and decryption in conjunction with the key device.
  • the invention relates to a method for decrypting an encrypted file by means of a key device, a method for securely providing a decryption key for use in decrypting proprietary encrypted data associated with a particular user already owned by the user by means of a user-owned one
  • a key device and a method for encrypting a clear file stored in a data processing device of a product provider by means of a key device associated with the product provider.
  • the invention relates to a key device for encrypting and decrypting data.
  • the system should enable personalized encryption that ensures that the product can only be used by the authorized user.
  • the system should allow the provider of the encryption solution to respond quickly to changing conditions, for example, if a particular encryption process used cracked and thus potentially unsafe.
  • a method for decrypting an encrypted file by means of a key device the encrypted file being identifiable via a product identifier and decryptable by means of a decryption key assignable to the product identifier, wherein the decryption key is stored in a secure key database of an encryption provider is.
  • the method comprises the following steps:
  • the key device contains a combination key that can be used to decrypt the file using only the user ID and a special algorithm in the key device.
  • the respective Algorithm may be freely selected according to the skill of a skilled person in the field of encryption according to the specific requirements. The above steps are all performed by the user's key device without the user having to worry about the details of the encryption himself.
  • the only task for the user is to associate the key device (which itself need not be personalized) with a unique user ID, in particular using the user's mobile phone number or email address as the unique user ID.
  • the link can be made, for example, when the key device is first associated with a particular device, where the user's consent to link can be made, for example, by a security prompt on one of the connected devices. In the course of the security inquiry, it may also be necessary to enter a code or other confirmation by the user.
  • position data can be read from a position determination unit of the key device and transmitted to the encryption provider.
  • This embodiment makes it possible to specify a location where the decryption is to take place.
  • the cryptographic provider may compare the transmitted position with predetermined data to decide if the position of the key device matches a given location. For example, an encrypted PIN code, for example for an ATM, can only be transmitted to the user when the user is at the place of installation of the ATM. This feature thus allows an extremely high level of security for a variety of applications.
  • the combination key can be generated by combining at least the decryption key, the user identifier, and predetermined or user-transmitted position data, wherein the decryption key is extracted using the position data read from the position determination unit of the key device.
  • a check of the position data by the encryption provider is thus not necessary at all, since the combination key can only be used at the location which corresponds to the position data. If the position data are not predetermined, they may have been previously transmitted in an advantageous embodiment of the key device to the encryption provider. In an advantageous embodiment of the invention, it may be provided that the position data are stored by the key device, so that after the first decryption at the specific position, the decryption can then also take place at another position.
  • the position data can be read in real time from the position determination unit of the key device and used to extract the decryption key. " In real time” means that the position data are read out again with each decryption. Thus, the use of the combination key is only possible when the user is in a certain position.
  • the product identifier may consist of a removable memory module, a memory of a device connected to the key device, or a memory of a remote source, e.g. using a network such as the Internet.
  • a provider to encrypt one and the same product (eg a music file) with different keys, each with a serial number (or product identifier) and on different distribution channels (eg on a removable disk, a micro-device). SD card or as an internet download).
  • the decryption key is stored in a secure database of the encryption provider, whereby an identification of the respective key via the product identifier of the respective product is possible.
  • the unique user identifier and / or optionally the position data may be read out substantially prior to each use of the user identifier.
  • the key device is only effective when it is in the vicinity of the user device on which the unique user identifier is stored. Once the connection between the key device and the personal mobile device is disconnected, the key device no longer functions. Conversely, this means that in the key device itself no identification data must be stored, so that the key device can be sold or passed on, without a registration of the user is required. Only by linking to the mobile device does the key (ie the key device) of a particular user differ from that of another user.
  • the unique user identification of the user of the key device may preferably be wireless from a personal mobile device, such as a mobile phone, a portable computer, a tablet computer or an electronic entertainment device of the user, or from one into the key device or in a user's personal mobile device is inserted into an identification smart card such as a SIM card. With the exception of prepaid devices or cards, these devices or the SIM card inserted in them will only be issued after verification of the identity of the purchaser.
  • the user identifier (for example, the telephone number assigned to a SIM card) is uniquely assigned to a single person.
  • Use of the key device is therefore possible only for the person who also has the world's unique SIM card whose number was used in the retrieval of the decryption data (ie the combination key). Even if the combination key is stored in the key device, it is not usable for decrypting data for holders of another user ID.
  • the product identifier, the unique user identifier and possibly the position data can be transmitted via the network of a telephone service provider and / or via the Internet to the encryption provider. This allows a high degree of flexibility, since the respective decryption can be activated location-independently.
  • key handover could only be achieved by directly connecting the key device to a cryptographic provider's computer, which would further increase security for particularly security-related applications, such as online banking, as the data transmitted would no longer be secure be transmitted to a potentially interceptable network.
  • Extracting the decryption key is done in a hardware-encoded processor chip with non-readable memory. A hack of encryption software working on everyone
  • Key device expires is considerably more difficult and only possible with considerable technical and technical effort and expertise. Also it is not possible the to subsequently manipulate software running on an already generated chip. Should hackers be able to decrypt the hardware-encoded software of the processor chip, it can be reacted relatively quickly by using a new hardware chip in an updated version of the key device.
  • a further advantage according to the invention is afforded if the decrypting of the encrypted file in a hardware-encoded processor chip with non-readable memory also takes place. Thus, all security-relevant procedures are well secured against a hacker attack.
  • the decrypted file can be output as a plain file or as a file content transmitted in a stream via a wireless or wired connection to a device connected to the key device.
  • This allows a flexible use of the encryption device with data of different types.
  • the output can be adapted to the respective situation.
  • the output as stream (thus in particular as audio or video signal) offers the particular advantage that the files of proprietary media content (especially music recordings and video films) are not output in decrypted form, and thus can not be illegally copied without sacrificing quality.
  • the invention comprises a method for the secure provision of a decryption key coded in a combination key for use for decrypting files, in particular for decrypting proprietary encrypted data already assigned to a specific user by means of a key owned by the user User key device, wherein the user is identifiable by a unique user identifier, wherein the encrypted data having a product identifier and wherein the product identifier is associated with a decryption key stored in a réelle Scheme the encryption provider, not disclosed to the user, and wherein the method by the following steps is characterized: - storing a plurality of decryption keys in the key database, the decryption keys each being assignable to a corresponding encrypted file using a product identifier obtained from a product provider;
  • the administrator of the key database is regarded as "encryption provider.”
  • the encryption provider and the manufacturer or provider of the key device should have at least intensive cooperation since the algorithms for generating the combination key always depend on the version of the key device used Therefore, in the communication between the key device and the encryption provider, at least the version number of the used key device is generally communicated so that always combination keys are generated which can be used with the respective key device.
  • the fact that the key data base can be specially secured by a variety of different measures against hacker attacks providers must be made easier. A possible (hacker) intrusion into the system of the product provider does not jeopardize the encryption security of the products already delivered by him.
  • the decryption key can be linked to a corresponding encryption key, as is the case with asymmetric encryption methods. This leaves the decryption key always in the cryptographic provider's system and is never transmitted uncoded. For a high level of security, it is therefore sufficient to protect the server system of the encryption provider in particular.
  • the authorization of the user is obtained by querying Authorization information is checked.
  • Authorization information is checked.
  • a communication between the encryption provider and the product provider can be provided.
  • the position data if they are to be used to create the combination key, be predetermined by the product provider.
  • the product provider can thus specify at which location the user should be able to decrypt.
  • the position data could also have been transmitted by the user's key device.
  • the user can thus determine himself at which place the decryption should be possible for him.
  • the method for encrypting a clear file stored in a data processing device of the product provider by means of a key device assigned to the product provider is characterized by the following steps:
  • the term " product provider” is considered to be the owner of a clear file or of a media content whose content he wishes to provide only to a specific customer or customer group, usually a buyer of the file product or of the medium.
  • product provider is not limited thereto but includes all persons or entities that want to encrypt a file using the inventive method and provide it to a third party (the user or the users).
  • the method is performed by a key device of the product provider, wherein the key device of the product provider may be technically identical to the key device used by the users.
  • each owner of a key device according to the invention can act both as a product provider and as a user.
  • the product provider identification is advantageously transmitted to the encryption provider whenever the encryption services are commercially offered by the encryption provider and used commercially by the product provider, so that a billing assignment can take place.
  • the services of the encryption provider can also be offered free of charge, for example to allow the buyers of the key device a secure key exchange for the private communication.
  • the decryption key from the encryption provider only very briefly (ie until the retrieval of the combo key by the communication partner) to be stored, if this key is to be used in real time to establish communication between two users of the Keys selvorraum.
  • the encryption key can be called up by the encryption provider.
  • This is advantageous because the computer infrastructure of a professional provider can be used to generate the random-based keys.
  • the methods for generating random methods in generally used computer operating systems are mathematically inadequate and thus prevent the generation of maximally secure key systems.
  • the decryption key when using an asymmetric encryption algorithm, it is possible for the decryption key to remain with the encryption provider and only be used when a user's key device " activates" the encrypted file specifying the unique user identifier.
  • a (hacker) intrusion into the computer system of the product provider is meaningless, since this is the decryption key at any time.
  • the product provider can transmit position data to the encryption provider, which identify a location to which the execution of the decryption should be restricted.
  • Symmetric encryption methods may also be used, in which case the encryption key matches the decryption key. In such a case, care must be taken that the key can not be read by unauthorized persons either during the transmission or while it is stored in a memory.
  • the methods according to the invention interact with each other in a technical interaction and are respectively required in order to realize the underlying inventive idea, namely the provision of a secure encryption system.
  • the combination of the methods according to the invention has the further advantage that the product provider can be sure that only the holder of the unique user ID with which the combination key is called up by the encryption provider can use the file, since the combination key only decrypts the file as long can be used as the key device is associated with the user's unique user ID. Once this association no longer exists (such as when the file was copied to an unauthorized third party), files are neither decrypted by the same device nor by any other key device.
  • the assignment via radio contact such as via Bluetooth or WLAN, or by a physical connection, such as by connecting the key device to a computer via a USB interface, take place.
  • the association becomes ineffective, for example, when the key device loses contact with the user's mobile phone (such as when it is removed from the Bluetooth wireless range) or when the key device is removed from the computer's USB port.
  • the key device By a consistent use of the key device, this can be used as a personal key for a particular computer or for electronic devices in a particular network: Once and as long as the Keys selvorraum assigned to the system, so for example plugged into the USB port or connected via Bluetooth proprietary or personal data may be used unrestrictedly, with the data being continuously decrypted by the key device. As soon as the Key device is removed, the data are only available in encrypted form and are therefore unusable.
  • the invention can be advantageously used in particular for cloud computing, in that the data of a user are stored exclusively in encrypted form in the cloud system. Reading the files is only possible with a computer (or a mobile phone, smartphone, tablet, etc.) that is currently linked to the authorized user's key device.
  • the invention also includes a key device for encrypting and decrypting data, wherein the device on or in a housing at least a first processor, an interface for accessing data, in particular a standardized universal interface, and / or an interface for a change Memory module, an interface for an identiflcations smart card, and a protected memory, wherein the protected memory contains a processor-executable program, which is suitable for carrying out the method steps according to the invention, which are performed by the key device.
  • the protected memory makes it difficult to hack the encryption and decryption programs stored on the key device. An even higher level of security can be achieved according to the invention in that the protected memory and / or a key processor separate from the first processor are integrated on at least one hardware-encoded chip.
  • the key device may further comprise a data transmission unit and / or a second standardized universal interface.
  • the data transmission unit or the second interface allow the construction of a (radio) Network or communication over an existing wireless network, such as via Wi-Fi, Bluetooth or a mobile phone network and communication with several different devices.
  • the key device can thereby group several communication devices of the user in a common network and organize all the encryption and decryption required and desired in that network.
  • the decryption may involve personally acquired proprietary files, such as software, music or video files, on the other hand, the private or business correspondence and communication of the user can be encrypted or decrypted.
  • the second standardized universal interface can be designed as a counterpart to the first standardized universal interface.
  • the encryption device can be used in a so-called "Dasy Chain", in which several devices provided with the same USB interface are connected in succession to the same USB interface and communicate with one another in the form of a bus system Key device (s) associated with a different user ID, USB storage devices, radio modules, or the like.
  • a bus system Key device s
  • the interface for the identification smart card can enable the insertion of a mobile phone SIM card.
  • the phone number assigned to the SIM card can then be used by the key device as a unique user identifier without the user's mobile phone having to be connected to the key device.
  • the key device may comprise a position determination unit, such as a GPS chip. This makes it possible to realize localized encryption methods in which, when the combination key is called up, the respective GPS position is also transmitted to the encryption provider and taken into account by the latter in the formation of the combination key. Decryption of data is only possible when the key device is at a certain position.
  • This feature can be used, for example, for cash dispensers because it can be easily checked whether the authorized holder of a credit card (or its key device and mobile phone) is actually at the cash dispenser.
  • a code can be encrypted sent to the user's mobile phone, which is displayed correctly only if the user is in front of the cash dispenser or at a certain payment terminal. This code then replaces the known PIN code. However, since the code is used only once, it is not necessary to hide the PIN entry from any prying eyes by covering the numeric keypad. Misuse is only possible if a thief steals both the credit card and the key device and the device containing the unique user identifier (e.g., the mobile phone) at the same time.
  • Fig. 1 shows schematically based on a preferred embodiment of the invention, the essential elements involved in the inventive and Entschlüs determination process and method steps schematically and Fig. 2 shows a preferred embodiment of the key device according to the invention and its essential components schematically.
  • FIG. 1 shows a schematic overview of the parties involved in the method according to the invention, in particular a product provider 26, an encryption provider 25 and a user 9, wherein the respective areas which can be assigned to a specific party are enclosed by a broken line.
  • the area of the product provider 26 is shown.
  • the product provider 26 is assigned a unique product provider identifier 8, which is used in particular in the course of communication with the encryption provider 25 in order to identify the product provider 26.
  • the product provider 26 is the owner of at least one media content 1, which he wants to make available to a specific user 9 (or even multiple users) in encrypted form.
  • media content refers to information in the broadest sense that can be converted into digital data and stored as such.
  • media contents for example, images, films, tarpaulins, sound signals, documents, books, program instructions (e.g., computer or control programs) or combinations thereof are considered, regardless of their physical nature.
  • any material that is amenable to copyright protection, as well as its digitally representable images may be referred to as media content.
  • the digital image of media content 1 stored in a file is referred to herein as plain file 4.
  • plain file 4 computer files are designated in particular, from which about using a computer program, the original media content 1 can be made usable for a user, either by displaying an image, document, plan or book text, either by playing an audio and / or video signal , or by performing an appropriate program or otherwise.
  • this can be converted into an encrypted file 3.
  • An encrypted file is any file that is encrypted by any encryption method, regardless of the level of security and the type of encryption used.
  • the encryption method uses a specific encryption key 2 'to which one or more decryption keys 2 are assigned.
  • each clear file 4 which has been converted into an encrypted file 3 with a specific encryption key 2 'by means of a specific encryption method can be converted back to the plain file 4 with a decryption key 2 corresponding to the encryption key 2' and a decryption method matching the encryption method.
  • Encryption methods which can be used are all methods known in the art, and the invention can be used with both symmetric and asymmetric encryption methods.
  • the encryption methods are performed by a key device 7 'associated with the product provider 26, the encryption procedures being described in detail below.
  • the encryption key 2 ' is provided by the encryption provider, whereby the encryption key 2 is not transmitted to the system of the product provider.
  • the product provider 26 also does not have to worry about selecting a particular encryption method since the encryption is performed by the key device 7 'available as a finished product.
  • the communication with the encryption provider 25 for obtaining the encryption key 2 'is preferably carried out independently by the key device 7'.
  • Each encrypted file 3 is assigned a unique identifier, from which the encryption key 2 'used for the encryption can be uniquely identified.
  • product identifier 5 This unique identifier is referred to below as product identifier 5 and it may either be awarded by the product provider 26 on the basis of previously defined criteria, or it wild when encrypting the Klardatei 4 generated by the key device 7 'based on previously defined criteria and the product provider 26 announced together with the encrypted file 3.
  • the product identifier 5 can also be stored in a part of the encrypted file 3, for example in an unencrypted header section.
  • the product identifier can be stored separately from the encrypted file 3, wherein the association is stored in a corresponding database of the product provider.
  • the product identifier 5 is transmitted in the course of the encryption process by the key device 7 'in such a manner to the encryption provider 25 that the latter is stored in the It is able to use the product identifier 5 to identify the decryption key 2 that is usable for decrypting the encrypted file 3 identified with the product identifier 5.
  • the product provider identifier 8 is also transmitted to the encryption provider 25, for example, to allow offsetting.
  • the term "product” generally refers to the sum of the objects (eg storage media, packaging, instructions etc.) and information (eg encrypted and unencrypted files) which are transmitted by the product provider 25 to the user 9 for its use also consist of several files, of which only a part is encrypted, but which is essential for the use of the product.It is also irrelevant whether the product is transmitted for payment or free of charge to the user 9.
  • the invention can also be used for the encrypted transmission of
  • the system according to the invention may also be used to establish secure communication between two or more parties, with the parties alternately representing the roles as "one-to-one" between a product provider 25 and a user 9.
  • the data packets of the encrypted communication would then essentially correspond to the "product".
  • the product identifier 5 can also be transmitted to the encryption provider 25 in the course of the communication between the key device 7 'and the encryption provider 25, so that for this the corresponding assignment of the product identifier 5 to the decryption concludes 2 is possible. If the key device 7 ', however, on a previously transmitted sentence different Encryption key 2 'has (for example, for offline operation), then in addition to the product identifier 5 also an identification of the key set used and the key used from it would be transmitted to the encryption provider.
  • the key device 7 ' may itself generate the encryption key 2' and the corresponding decryption key 2, and then transmit the decryption key 2 together with the product identifier 5 to the encryption provider 25.
  • the communication between the key device 7 'and the encryption provider 25 may optionally also be encrypted, for example by means of conventional encryption methods.
  • the files are stored and managed within the product provider 26 within a computer system or a network of the product provider 26, the invention being usable regardless of the type of storage solutions and respective computer and network systems.
  • the product provider 26 sells Product to one or more customers (these are the users 9), wherein the product may be a storage medium, such as the removable storage module IS, on which the encrypted file 3 is stored.
  • the removable memory module 15 is provided with the product identifier 5, which makes it possible to uniquely identify the media content and the method used for encryption as well as the encryption key 2 'used. On the basis of the product identifier 5 alone, however, it is in no way possible to decrypt the encrypted file 3.
  • the product identifier 5 can be stored in a non-encrypted part of the encrypted file 3, it can be contained in a separate file, which is stored together with the encrypted file 3 on the removable memory module 15, it can on the memory module It may be printed on the packaging or in an accompanying booklet enclosed with the product, or it may be contained in a contactless readable medium, eg an RFID chip be.
  • Any storage module may be used as the removable storage module 15, with standardized standard products, such as a CD or DVD, a USB memory or a memory card (eg a flash card or memory card) being preferred.
  • a MicroSD card is exemplified.
  • the removable memory module 15 can be used as a product in any way, for example in the individual, large or Mail order, to the end user.
  • the distribution of a removable memory module IS is only one of many ways to communicate a file to a user 9.
  • the file may also be distributed over a network, such as the Internet, or it may be stored in and distributed with the hardware used to retrieve the media content.
  • the invention is not limited to the use of certain electronic devices.
  • the devices of the user 9 with which the key device can communicate include, in particular, mobile phones 27, portable or stationary computers 28, tablet computers or e-readers 29, or electronic entertainment devices 30, such as a portable music player or video player ,
  • the list of devices is only illustrative and not restrictive. All user electronic devices capable of communicating with the key device and storing and / or using the files and / or media content may be advantageously used in conjunction with the invention.
  • the user 9 In order to be able to use the key device 7 according to the invention, the user 9 must be uniquely identifiable, for example via a unique user ID 10. For example, each (mobile) telephone number offers an advantageous possibility of unambiguous identification since it is assigned only once worldwide. However, other unique user identifiers may be used, such as an email address or any other identifier that allows unique identification. It is not so crucial that the owner of the unique user ID 10 also personally in Experience (this is not always the case, for example, with prepaid mobile phone numbers) but that the identifier is unique throughout the network (in the case of the Internet or the telephone network worldwide). As will be described below, the user 9 links that from acquired product with a particular unique user ID 10, the product subsequently being used only by the owner of that user ID. The unique user identifier 10 may be stored on an identification chip card 17, the security being higher when this identification chip card 17 is issued by a trustworthy institution, such as SIM cards that use in mobile phone networks as identification smart cards 17 that is the case.
  • a trustworthy institution such as SIM cards that
  • the unique user identifier 10 is a mobile phone number of the user 9.
  • the key device 7 Due to the communication capabilities of the key device 7 set forth in detail below, it is capable of communicating with all of the user's devices, or accessing the respective storage devices required for use of the media contained in the encrypted file 3 in an unrestricted or restricted manner ,
  • the key device 7 manages a network associated with the user 9, which uses the key device 7, in particular, to either convert encrypted files 3 into plain files 4, or to pass them on to a device suitable for the use of the clear file 4, or encrypted Convert files 3 into a file content 24 (for example, a music or movie signal) that can be played back or output via one of the user's devices without the plain file 4 itself being transmitted to this device.
  • a file content 24 for example, a music or movie signal
  • the key device must first have the decryption key 2, which is initially stored securely in a key database 6 of the encryption provider 25.
  • the product acquired by the user 9 ie essentially the encrypted file 3 provided with a product identifier 5
  • the key device 7 could also include a user interface, such as a display and a keypad, through which control of the link is possible.
  • the key device receives notification from the particular device that the user 9 has instructed to associate the particular product with the particular user ID 10, it reads that user ID from the identification smart card 17 (which is only in the physical presence of that smart card 17 is possible) and transmits the user identifier 7 together with the product identifier 5 to the encryption provider 25.
  • the communication between the key device 7 and the encryption provider 25 can either via a secure or unsecured connection via the Internet, the communication network of the telephone provider, a separate network of Encryption provider or a combination thereof.
  • the key device for activating the encrypted file 3 be directly connected to the network of the cryptographic provider 25 or physically located in a particular location located in the area of a bank counter or public office.
  • the position of the key device can also be determined by means of a positioning system, such as a GPS sensor connected to the key device.
  • the encryption provider 25 is now able to use the received product identifier 5 to read the decryption key 2 required for decrypting the particular encrypted file 3 from its key database 6. If appropriate, the encryption provider 25 can first check on the basis of the unique user identifier 10 whether the owner of this user identifier 10 is authorized to use the product, for example by directing a request to the product provider 26. This security feature is particularly useful for online products: Before downloading the product purchased online (ie, the encrypted file 3), the user 9 could tell the product provider 26 what unique user ID 10 he wants to associate with the product.
  • the encryption provider 25 can now direct a request to the product provider 26 as to whether the user identifier 10 transmitted to him for activation of the product has exceeded the user identifier specified during the purchase. This will prevent a third party (such as an "eavesdropper", which is about to disappear in the course of the Downloads has unauthorizedly in possession of a copy of the encrypted file 3 and the product identifier 5 has arrived), has the opportunity to unlock the product instead of the honest owner with its own user ID, before the honest owner has done.
  • the encryption provider 25 has checked the authorization in accordance with the specifications, the corresponding decryption key 2 is retrieved from the key database 6 and possibly also deleted, provided that the key was intended for single use only.
  • the encryption provider 25 does not transmit the decryption key 2 itself to the key device of the user 9, but a combination key 11 which is generated by means of a specific algorithm.
  • the algorithm combines the decryption key 2 with the unique user identifier 10 in a reversible manner. Without knowing the algorithm used, it is not possible for an attacker to read out the decryption key 2 from the combination key 11, even if the attacker knows the unique user identifier 10.
  • the user's key device 7 is capable of extracting the decryption key 2 from the combination key 11, and the application performing this step in the key device 7 may be particularly secured against read-out, such as by the application being hardware-coded.
  • the key device 7 stores the combination key 11 and, if necessary, can extract and use the decryption key 2 therefrom.
  • the algorithm used by the encryption provider 25 to produce the combination key 11 and the corresponding algorithm used by the key device to extract the decryption key 2 are of particular importance to the subject invention.
  • the highest level of security can be achieved as long as the algorithm used is kept secret. Should the algorithm have become known or cracked, the transmission of the combination key 11 would no longer be secure and an attacker who has taken possession of the combination key 11 and knows the corresponding unique user identifier could thus generate the decryption key 2.
  • the system would still offer a considerable degree of security, since an attacker not only requires the decryption key 2, but also the encrypted file 3, which can only be obtained from two separate listening or hacking processes, targeted attacks however, could be successful, which is neither desired by the providers nor by the users of the encryption system.
  • the algorithm can be considered as a symmetric encryption method in which the decryption key 2 is encrypted using the unique user identifier 10 (as a key).
  • the decryption key 2 is encrypted using the unique user identifier 10 (as a key).
  • the creation of the combination key 11 could also be accomplished using an asymmetric encryption technique, where the key device 7 provides the public key to the cryptographic provider. In this case, even after the knowledge of the algorithm used would be given a very high security.
  • the advantages of the invention are revealed in two ways: Firstly, the algorithm required for extracting the decryption key 2 runs only on the encryption key, and can there be particular by some features of the key device according to the invention be well protected. As will be explained in more detail in the context of the detailed description of the key device, the application executing the algorithm may be hardware encoded on a chip of the key device, so that the program flow is only through very expensive techniques, such as the chip reverse engineering, in experience can be brought. This requires a targeted effort by the attacker and takes time.
  • the hardware layout of the key hardware can be changed with a manageable effort and relatively quickly and put on the market in a new version. Either the entire algorithm or only a few important parameters can be changed. The efforts of third parties to crack the algorithm would essentially be reset to the starting point. For applications with lower security requirements, the old version of the key hardware can still be used. For this reason, by the key device 7 in the Communication with the encryption provider 25 preferably also transmits the version number, so that the encryption provider 25 for generating the combination key each uses the appropriate algorithm. To generate the combination key, the encryption provider can also use a key device in which the application is hardware-coded to carry out the algorithm.
  • the key device 7 of the user and / or the key device 7 'of the product provider of a particular version may each be identical.
  • the key device (not shown) of the encryption provider may be identical, but the problems that may arise for the security of the overall system must be taken into account.
  • the algorithm used may be arbitrarily selected according to one of ordinary skill in the art of cryptography, which algorithm must meet the following criteria:
  • the algorithm combines the decryption key 2 and the unique user identifier 10 into a combination key 11.
  • the encryption provider 25 can make its services available to different product providers 26 and users 9 for a fee or free of charge.
  • encryption provider 25 could simultaneously be the manufacturer or provider of the key device, but this is not mandatory.
  • the same encryption system could be used by a variety of different encryption providers, each providing their services to their own product providers and users. This is indicated in Fig.
  • the different encryption providers 25, 25', 25" may be interconnected and exchange information as they may but also act independently and separately from each other. It is also possible for the encryption provider 25 to be an abstract unit, for example a separate system area of a group-wide IT system, which manages the encryption used in the group using the methods according to the invention.
  • the encryption provider 25 could also be a delimited area of a computer system or software program. At least parts of the process steps that occur at the product provider 26, the encryption provider 25 and / or the user 9 could be performed by the same computer system or software program.
  • Such an embodiment could be useful, for example, if the inventive method for encrypting a user's own data is used, in which case the user 9 and the product provider 26 are identical units.
  • the units shown in FIG. 1 are therefore not necessarily spatially or systematically delimited areas, rather this illustration serves to explain the method according to the invention, which can be implemented in different ways in different hardware systems. and software environments can be used.
  • the communication between the participating units can be done in all possible ways that are known in the field. In some applications, one can increase the security of the system by disabling individual communication steps from automated electronic processing. For example, it may be required that the product identifier 5 and the unique user identifier 10 be communicated to the cryptographic provider 25 in different ways.
  • the user ID 10 could be transmitted, for example, by voice over the telephone and evaluated via a voice recognition system. In other cases, the user identifier 10 (and / or the product identifier 5) could be entered into a keypad at a terminal of the cryptographic provider. While this would increase security, at the same time, usability would be compromised.
  • FIG. Fig. 2 shows the key device 7, 7 'in a schematic representation, wherein the individual components are housed in a housing 12 having a first universal interface 13, with which the device can be connected to any computer system, which also has a similar universal interface features.
  • the interface is advantageously a standardized bus interface, such as a USB interface.
  • a second universal interface 21 is further provided via which further electronic devices can be connected.
  • Such a juxtaposition of several electronic devices on similar bus interfaces in the form of a so-called " Dasy chain" are well known in the art and must not be described in detail.
  • the key device 7, 7 has an interface 14 for an exchange memory module and an interface 16 for an identification chip card.
  • the removable storage module used is a small-sized storage module, such as a microSD card.
  • the identification smart card may be a conventional SIM card or a card having similar functionality.
  • the key device 7, 7 ' has a GPS sensor 31 and one or more data transmission units 20, such as a WLAN and / or a Bluetooth chip. Furthermore, the key device 7, 7 'on a protected memory 19, a random access memory 22, a processor 18 and a key processor 23, on. These components are connected to one another in a conventional manner known to the person skilled in the art, wherein the processor 18 can execute programs which are stored in the working memory 22, for example. As one of ordinary skill in the art will appreciate, individual components such as protected memory 19 and key processor 23 may be integrated on a single chip.
  • the protected memory 19 may, for example, be a chip on which the programs and algorithms essential for encryption are stored in hardware-encoded form. Although these programs and algorithms could also be executed directly by the processor 18 in an alternative embodiment, a separate key processor 23 is preferably provided for this purpose, which is particularly protected against hacker attack, since it handles only the programs required for the encryption. This can prevent malicious programs, which have been introduced into the main memory 22, from damaging the method steps that are essential for encryption.
  • the key device 7, 7 has its own energy source, such as a battery 32, so that it can also be used without connection to a power supply.
  • Dimensions of the housing 12 are preferably sized so small that just about all components can be accommodated. This allows the key device 7, 7 'be so small that it can be easily inserted into a trouser pocket or used as a keychain.
  • step II-a the clear file 4 to be encrypted and a product identifier 5 associated with the file are transmitted in the system of the product provider 26 to the key device 7 'of the product provider 26.
  • the key device 7 retrieves from the encryption provider 25 an encryption key 2' associated with a decryption key 2.
  • the decryption key 2 itself is not transmitted and remains in the database of the encryption provider.
  • the encryption key 2 ' can also be created by the key device, in which case, in addition to the illustrated method steps, the decryption key 2 should also be transmitted to the encryption provider.
  • the encryption key 2' (possibly together with several others Encryption keys) have been passed in advance to the Swissvoiraumraum.
  • step II-c) the key vaulting device encrypts the clear file 4 using the encryption key 2 ', generates an encrypted file 3 and, in step II-e), transmits the encrypted file 3 to the data processing device of the product provider 26, which then sends the file for transmission prepared the user 9, for example by storing on a disk (such as the removable memory module 15), which is marked with the product identifier 5.
  • a disk such as the removable memory module 15
  • the key device 7 'in step ⁇ II-d) transmits the following information to the encryption provider 25:
  • the encryption provider 25 stores the data received from the product provider 26 in a key database 6 in which a plurality of further decryption keys 2 can also be stored by the same and, if appropriate, by other product providers.
  • Each decryption key 2 can be assigned by the encryption provider by means of the key database 6 and by means of the product identifier S stored therein received by the product provider 26, to a corresponding encrypted file 3.
  • the product identifier 5 which is assigned to the file 3 to be decrypted, is first read out in step 1a) from the key voyage 7 of the user who has legitimately acquired the encrypted file 3 from the product provider.
  • the product identifier 5 may also be read by the user 9, for example, from a packaging imprint and entered manually into a user interface connected to the key device 7.
  • step Ib) reads the Senatevolraum 7 the unique user ID 10 of the user 9 of the key selvoroplasty 7, wherein this is preferably done by reading an identification chip card 17 (eg a SIM card), which is either inserted into a corresponding interface of the key device 7 is, or which is in an electronic device, such as the user's mobile phone 27, wherein the key device 7 for reading the user ID 10 communicates with the mobile phone either via a wireless connection (eg Bluetooth or WLAN) or via a connected interface.
  • an identification chip card 17 eg a SIM card
  • the unique user identifier 10 of the user 9 and the product identifier 5 of the file 3 to be decrypted are transmitted from the key device 7 to the encryption provider 25 and received by the encryption provider 25 at step ⁇ -b.
  • the encryption provider 25 After the encryption provider 25 has possibly checked the authorization of the user 9 for using the encrypted file 3 (for example by asking the product provider 26), the encryption provider 25 creates a combination key 11 at step ⁇ -c) by using a defined algorithm to generate the unique user identifier 10 and the decryption key 2 combined, where appropriate, also other data can be included in the algorithm.
  • step ⁇ -d the encryption provider transmits the combination key 11 to the key device 7 of the user 9, who receives it in step I-d) and then stores it for use.
  • the key device 7 of the user 9 uses the unique user ID 10, which it may read anew in each decryption process (step Ib), and extracts it in step Ie) by means of a trusted algorithm the stored combination key 11 the corresponding decryption key (2).
  • step If the encrypted file 3 is decrypted using the extracted decryption key 2.
  • step Ig the decrypted file or at least parts of the contents of the decrypted file are then output to an electronic device connected to the key device 7.
  • the communication with the respective electronic device for example, either directly via one of the universal cutting parts 13, 21, via a wireless communication, or by storing on a removable memory module 15 done.
  • All procedural steps in which the decryption key 2 is used by the key device 7 are preferably handled by the key processor 23, wherein the decryption key 2 is used each time from the combination key 11 (stored in the main memory 22) and the currently read unique user identifier in the key processor 23 is newly generated.
  • the decryption key 2 itself is never stored in a memory and therefore can not be read by espionage programs. If only parts of the decrypted file are output to a connected device, for example in the form of an audio or video signal, it can be provided that the key device 7 reads out the unique user identifier 10 from the identification chip card 17 at regular intervals.
  • the identification chip card 17 is removed, or if the contact to the electronic device in which the identification chip card 17 is located, breaks off, then the output of the decrypted signal ends.
  • the "encrypted" file 3 "released" for a particular user identifier 10 can only be used if the device with the identification chip card 17, for example the mobile telephone of the user, is located in the communication area of the key device.
  • Unique user ID 10 e.g. mobile number
  • File content 24 e.g. a music or movie signal encryption provider 25

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé pour le déchiffrage d'un fichier chiffré (3) au moyen d'un dispositif de chiffrage (7), dans lequel le fichier chiffré (3) peut être identifié au moyen d'un indicatif de produit (5) et peut être déchiffré au moyen d'une clé de déchiffrage (2) qui peut être associée à l'indicatif de produit (5), et dans lequel la clé de déchiffrage (2) est déposée dans une banque de données de clés sécurisée (6) d'un vendeur de chiffrage (25). L'invention concerne aussi un procédé de production sécurisée du clé de déchiffrage, un procédé pour le chiffrage d'un fichier clair au moyen du dispositif de chiffrage, ainsi qu'un dispositif de chiffrage pouvant être utilisé dans le procédé.
PCT/EP2014/054799 2014-03-12 2014-03-12 Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage Ceased WO2015135579A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/054799 WO2015135579A1 (fr) 2014-03-12 2014-03-12 Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2014/054799 WO2015135579A1 (fr) 2014-03-12 2014-03-12 Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage

Publications (1)

Publication Number Publication Date
WO2015135579A1 true WO2015135579A1 (fr) 2015-09-17

Family

ID=50478814

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2014/054799 Ceased WO2015135579A1 (fr) 2014-03-12 2014-03-12 Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage

Country Status (1)

Country Link
WO (1) WO2015135579A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102017105396A1 (de) 2017-03-14 2018-09-20 Francotyp-Postalia Gmbh System zum elektronischen Signieren eines Dokuments
CN113946364A (zh) * 2021-12-20 2022-01-18 天聚地合(苏州)数据股份有限公司 一种供应商调用代码实现方法
CN114297715A (zh) * 2021-12-31 2022-04-08 北京深思数盾科技股份有限公司 文件加密方法、文件处理方法、装置及电子设备

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020051540A1 (en) * 2000-10-30 2002-05-02 Glick Barry J. Cryptographic system and method for geolocking and securing digital information
US20020136407A1 (en) * 2000-10-30 2002-09-26 Denning Dorothy E. System and method for delivering encrypted information in a communication network using location identity and key tables
DE10318489A1 (de) * 2003-04-16 2004-11-18 Deutsche Telekom Ag Verfahren und Vorrichtung zur personengebundenen, geräteunabhängigen Lizenzvergabe in einem DRM-System

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020051540A1 (en) * 2000-10-30 2002-05-02 Glick Barry J. Cryptographic system and method for geolocking and securing digital information
US20020136407A1 (en) * 2000-10-30 2002-09-26 Denning Dorothy E. System and method for delivering encrypted information in a communication network using location identity and key tables
DE10318489A1 (de) * 2003-04-16 2004-11-18 Deutsche Telekom Ag Verfahren und Vorrichtung zur personengebundenen, geräteunabhängigen Lizenzvergabe in einem DRM-System

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102017105396A1 (de) 2017-03-14 2018-09-20 Francotyp-Postalia Gmbh System zum elektronischen Signieren eines Dokuments
CN113946364A (zh) * 2021-12-20 2022-01-18 天聚地合(苏州)数据股份有限公司 一种供应商调用代码实现方法
CN114297715A (zh) * 2021-12-31 2022-04-08 北京深思数盾科技股份有限公司 文件加密方法、文件处理方法、装置及电子设备

Similar Documents

Publication Publication Date Title
EP3732605B1 (fr) Dépôt et accès sûrs à des fichiers au moyen d'une application web
CN102687133B (zh) 用于可信计算和数据服务的无容器数据
EP1300842B1 (fr) Méthode et système de décryptage autorisé de données cryptées constitués d'au moins deux certificats
EP2810400B1 (fr) Procédé d'authentification et d'identification cryptographique à chiffrement en temps réel
EP3353943B1 (fr) Système et procédé de partage numérique sécurisé basé sur un échange inter-système d'une double clé d'informations numériques chiffrées à deux niveaux
DE60036713T2 (de) System und verfahren für gesicherte netzwerkstransaktionen
DE112013005682T5 (de) Auf NFC basierendes Fingerdruckbestätigungssystem und -verfahren
CN101282218B (zh) 分体式终端、及其主机加密及子机解密主机信息的方法
EP3185465A1 (fr) Procédé de chiffrement de données et procédé de déchiffrement de données
KR101318170B1 (ko) 태블릿장비를 이용한 자료공유시스템 및 그 제어방법
CN102857495B (zh) 一种文档播放方法和设备
WO2015135579A1 (fr) Dispositif de chiffrage ainsi que procédé de chiffrage et de déchiffrage
DE102015000895B3 (de) Verteiltes Bearbeiten von zentral verschlüsselt gespeicherten Daten
EP3235212B1 (fr) Utilisation de données securisée et spécifique d'un utilisateur dans un véhicule
CN105279447A (zh) 数据加密方法、解密方法及装置
EP2016700B1 (fr) Procede d'activation d'un terminal
EP3420486B1 (fr) Système et procédé de commande d'accès médico-légal
CN106972928A (zh) 一种堡垒机私钥管理方法、装置及系统
EP2920754B1 (fr) Procédé de réalisation de transactions
EP3133792B1 (fr) Procédé de transmission sure de données à partir d'un environnement securité à un appareil de terrain
AT526983B1 (de) Verfahren zur Verifizierung eines elektronischen Etiketts und System hierzu
KR102638374B1 (ko) 합성곱 신경망(CNN: Convolutional Neual Network) 기반 영상 가치 판단 및 블록체인 기술을 이용한 데이터의 분산 저장 방법
DE102012106081A1 (de) Verfahren zur verschlüsselten und anonymisierten Verwahrung und Verwaltung von personenbezogenen Daten oder Dateien
WO2005055018A1 (fr) Procede et dispositif pour securiser des donnees numeriques
DE102013104293B4 (de) Verfahren zur Übertragung von verschlüsselten Daten von einem ersten datenverarbeitenden Gerät zu einem zweiten datenverarbeitenden Gerät

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14716765

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14716765

Country of ref document: EP

Kind code of ref document: A1