Thanks to visit codestin.com
Credit goes to patents.google.com

DE102006021297A1 - Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code - Google Patents

Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code Download PDF

Info

Publication number
DE102006021297A1
DE102006021297A1 DE200610021297 DE102006021297A DE102006021297A1 DE 102006021297 A1 DE102006021297 A1 DE 102006021297A1 DE 200610021297 DE200610021297 DE 200610021297 DE 102006021297 A DE102006021297 A DE 102006021297A DE 102006021297 A1 DE102006021297 A1 DE 102006021297A1
Authority
DE
Germany
Prior art keywords
bus
transparent
secure
cipher
initialization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
DE200610021297
Other languages
German (de)
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Muehlbach Sascha
Original Assignee
Muehlbach Sascha
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Muehlbach Sascha filed Critical Muehlbach Sascha
Priority to DE200610021297 priority Critical patent/DE102006021297A1/en
Publication of DE102006021297A1 publication Critical patent/DE102006021297A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)

Abstract

Die Erfindung betrifft ein Verfahren entsprechend dem Oberbegriff des Anspruchs 1. Derzeitiger Stand der Technik ist, dass eine transparente, verschlüsselte Kommunikation auf Bussystemen mit einfachen Mitteln nur unidirektional zwischen zwei Komponenten realisiert werden kann. Sehr verbreitet ist eine Methode, um den Inhalt eines außerhalb eines Chips befindlichen RAM- oder ROM-Bausteins mit einem nur dem Prozessor im Chip bekannten Schlüssel zu verschlüsseln. Nur der Prozessor kann so auf den Inhalt in den jeweiligen Bausteinen zugreifen. Der Zugriff für Dritte ist nicht möglich. Sollen mehr als zwei Teilnehmer aktiv an der verschlüsselten Kommunikation teilnehmen, so ist immer eine zusätzliche Softwaresteuerung nötig. Diese kann sich zwar eines Hardwaremoduls zur beschleunigten Berechnung des Chiffrats bedienen, sie ist jedoch trotzdem von der Software abhängig und damit nicht transparent. Zusätzliche Maßnahmen zur Sicherung der Software gegen unberechtigte Manipulation sind erforderlich. Der Entwicklungsaufwand ist dadurch deutlich höher, gerade für kleine Anwendungen. Die Aufgabe der Erfindung ist es, mit einem sicheren Buscontroller eine einfache Möglichkeit zur Realisierung einer verschlüsselten Kommunikation zwischen mehreren Teilnehmern eines Busses zu schaffen, die zusätzlich vollständig transparent für die beteiligten Komponenten ist. Die Aufgabe wird durch ein Verfahren mit den Merkmalen des Anspruchs 1 gelöst. Durch die Einführung eines sicheren ...The invention relates to a method according to the preamble of claim 1. The current state of the art is that a transparent, encrypted communication on bus systems can be realized with simple means only unidirectionally between two components. Very common is a method to encrypt the contents of an off-chip RAM or ROM device with a key known only to the processor in the chip. Only the processor can thus access the content in the respective blocks. Access for third parties is not possible. If more than two participants actively participate in the encrypted communication, then an additional software control is always necessary. Although this can use a hardware module for accelerated calculation of the cipher, it nevertheless depends on the software and is therefore not transparent. Additional measures to secure the software against unauthorized manipulation are required. The development effort is thus significantly higher, especially for small applications. The object of the invention is to provide with a secure bus controller a simple way to realize an encrypted communication between multiple participants of a bus, which is also completely transparent to the components involved. The object is achieved by a method having the features of claim 1. By introducing a safe ...

Description

Ausführungsbeispiele der Erfindung sind in den Zeichnungen dargestellt und werden im folgenden näher beschrieben. Es zeigenembodiments The invention are illustrated in the drawings and are in following closer described. Show it

1: die Architektur eines Systems mit mehreren Komponenten, bei denen einige mit dem sicheren Buscontroller ausgestattet sind; und 1 architecture of a multi-component system, some of which are equipped with the secure bus controller; and

2: den inneren Aufbau eines sicheren Buscontrollers. 2 : the internal structure of a secure bus controller.

Jede Komponente (2), die über den Bus verschlüsselt kommunizieren möchte, benötigt einen sicheren Buscontroller (1). Dieser befindet sich direkt auf dem Chip der Komponente, so dass die unverschlüsselte Kommunikation zwischen der Komponente und dem sicheren Buscontroller nicht abgehört werden kann. Bei den Komponenten kann es sich um jeden beliebigen Chip, z. B. einen Prozessor, einen RAM-Baustein oder einen Controller-Baustein handeln. Der sichere Buscontroller nimmt die Daten von der jeweiligen Komponenten entgegen und entscheidet anhand z. B. der Adresse, ob eine Verschlüsselung erforderlich ist. Durch diese Entscheidungsmöglichkeit im Controller (5) ist sichergestellt, dass auch mit Komponenten kommuniziert werden kann, welche nicht über einen sicheren Buscontroller verfügen. Der sichere Buscontroller implementiert dabei das Interface des jeweiligen Busses (4).Each component ( 2 ) that wants to communicate encrypted over the bus, requires a secure bus controller ( 1 ). This is located directly on the chip of the component, so that the unencrypted communication between the component and the secure bus controller can not be heard. The components may be any chip, e.g. As a processor, a RAM device or a controller block act. The secure bus controller receives the data from the respective components and decides based on z. As the address, if encryption is required. Through this decision option in the controller ( 5 ) ensures that it is also possible to communicate with components that do not have a secure bus controller. The secure bus controller implements the interface of the respective bus ( 4 ).

Da keine zusätzliche Verzögerung durch die Verschlüsselung bedingt sein darf, muss diese taktsynchron mit dem aktuellen Buszyklus geschehen. Aus diesem Grund ist nur eine on-the-fly-Verschlüsselung über eine Stromchiffre (5) möglich.Since no additional delay may be caused by the encryption, this must be done synchronously with the current bus cycle. For this reason, only on-the-fly encryption via a stream cipher ( 5 ) possible.

Bevor die Kommunikation auf dem Bus verschlüsselt werden kann, müssen sich alle sicheren Buscontroller auf einen gemeinsamen Schlüssel als Initialisierung für die Stromchiffre einigen. Ein gemeinsamer Schlüssel ist notwendig, damit jede Einheit beliebig mit anderen Einheiten kommunizieren kann. Für den Schlüsselaustausch sind verschiedene Verfahren denkbar. Aufgrund der begrenzten Ressourcen in einem Chip sollten jedoch besonders für den Hardwarebereich optimierte Verfahren gewählt werden. Konkret lässt sich z. B. das Tree Parity Machine-Verfahren für diesen Zweck einsetzen.Before The communication on the bus can be encrypted all secure bus controllers to a common key as initialization for the Some stream cipher. A common key is necessary for each Unit can freely communicate with other units. For the key exchange Various methods are conceivable. Due to the limited resources in a chip, however, should be optimized especially for the hardware area Procedure to be chosen. Specifically lets z. For example, use the Tree Parity Machine method for this purpose.

Bei der Initialisierung ist Kommunikation zwischen den sicheren Buscontrollern erforderlich. Hierbei ist entscheidend, dass diese Kommunikation ebenfalls über den vorhandenen Bus ablaufen kann, ohne Änderungen am Busprotokoll vornehmen zu müssen. Erreicht wird dies, indem jeder sichere Buscontroller auf dem Bus eine Adresse zugewiesen bekommt, unter der er erreichbar ist. Diese Adresse ist unabhängig von der Adresse der Komponente, in der er sich befindet. Sollte der Adressbereich eines Bussystems nicht ausreichen, um zusätzliche Adressen für die sicheren Buscontroller zu vergeben, so ist es auch möglich, die gesamte Kommunikation vor einem erfolgreichen Schlüsselaustausch als dedizierte Kommunikation für die sicheren Buscontroller zu betrachten. Sobald der Schlüsselaustausch vollzogen ist, schalten alle Einheiten dann in den normalen Kommunikationsmodus um.at initialization is communication between the secure bus controllers required. Here it is crucial that this communication also over the existing bus can run without making changes to the bus protocol to have to. This is achieved by having every secure bus controller on the bus gets an address under which it is reachable. These Address is independent from the address of the component in which it is located. Should the address range of a bus system is insufficient to provide additional Addresses for It is also possible to assign the secure bus controllers entire communication before a successful key exchange as dedicated communication for to consider the secure bus controllers. Once the key exchange completed, all units then switch to normal communication mode around.

Einer der sicheren Buscontroller muss hierbei als Initiator des Schlüsselaustausches fungieren. Da ein Bussystem in den häufigsten Fällen nicht dynamisch ist, kann man die Initiatorkomponenten schon während der Entwicklung festlegen. In den meisten Fällen wählt man hierfür die Komponente des Busses, welche Master-Zugriff besitzt. Dies kann z. B. der Prozessor sein oder der Bus Arbiter. Dies ist vorteilhaft, weil somit der Kommunikation während der Initialisierung Vorrang gegeben werden kann. Die Logik für den Schlüsselaustausch wird im Controller (5) innerhalb des sicheren Buscontrollers untergebrachtOne of the secure bus controllers must act as the initiator of the key exchange. Since a bus system is not dynamic in the most common cases, you can set the initiator components during development. In most cases, one chooses for this the component of the bus which has master access. This can be z. B. be the processor or the bus arbiter. This is advantageous because thus the communication during the initialization can be given priority. The key exchange logic is used in the controller ( 5 ) housed within the secure bus controller

Solange die einzelnen sicheren Buscontroller sich noch nicht auf einen gemeinsamen Schlüssel geeinigt haben, kann keine verschlüsselte Kommunikation stattfinden. Da die Verschlüsselung jedoch transparent für die einzelnen Komponenten ist, kann es sein, dass diese schon während einer noch laufenden Initialisierung über den Bus kommunizieren möchten. In diesem Fall muss der sichere Buscontroller alle Zugriffe auf Komponenten auf dem Bus, welche nur verschlüsselt ausgeführt werden dürfen, verzögern bzw. in ihrer Priorität herunterstufen, so dass die Komponente es zu einem späteren Zeitpunkt noch einmal versucht. Dann könnte die Initialisierung eventuell schon abgeschlossen sein.So long the individual secure bus controllers are not yet on a common Key agreed can not have encrypted Communication take place. However, the encryption is transparent for the individual components, it may be that this already during a still ongoing initialization over want to communicate the bus. In this case, the secure bus controller must access all Components on the bus, which are executed only encrypted may, delay or in their priority downgrade, so that the component it at a later date tried again. Then could the initialization may already be completed.

Während des normalen Betriebes muss sichergestellt sein, dass alle sicheren Buscontroller die Stromchiffre-Schlüssel kontinuierlich weiterschalten, auch wenn sie gerade nicht aktiv an einer Übertragung beteiligt sind. Dies ist erforderlich aufgrund der symmetrischen Gestalt der Architektur. Als gemeinsame Signalisierung lassen sich z. B. Signale des Busses verwenden, die einen abgeschlossenen Transfer kennzeichnen und an allen Einheiten am Bus verfügbar sind. Sollte so ein Signal nicht zur Verfügung stehen, so kommt auch der gemeinsame Bustakt als Synchronisationssignal in Frage.During the normal operation must be ensured that all safe Bus controllers continue to switch the stream cipher keys, too if you are not actively involved in a transfer. This is necessary due to the symmetrical shape of the architecture. As a common signaling can be z. B. signals of the bus use and mark a completed transfer all units available on the bus are. If such a signal is not available, so will come the common bus clock as a synchronization signal in question.

Mit einfachen Mitteln lässt sich eine Authentifizierung realisieren. Hierzu werden bei der Fertigung der Komponenten mit den sicheren Buscontrollern spezielle nichtflüchtige Speicherzellen eingebaut, die später mit einem Identifizierungsschlüssel belegt werden können. Ein Schlüssel kann aber auch direkt bei der Fertigung in den Chip integriert werden. Während der Initialisierungsphase wird diese Identifikationsinformation zum Schlüsselaustausch verwendet. Sollte die Information nicht übereinstimmen, so kann kein Schlüssel ausgetauscht werden. In Frage käme hierfür z. B. die Authentifizierungsmöglichkeit beim Tree Parity Machine Schlüsselaustausch. Jedoch auch ein Challenge-Response-Verfahren mit einer Hashfunktion ist einsetzbar. Der Initiator muss dieses dann mit jedem einzelnen sicheren Buscontroller durchführen.With simple means an authentication can be realized. For this purpose, when manufacturing the components with the safe bus controllers special non-volatile memory cells are installed, which can be assigned later with an identification key. A key can also be integrated directly into the chip during production. During the initialization phase, this identifi cation information used for key exchange. If the information does not match, no key can be exchanged. In question for this z. B. the authentication option when Tree Parity Machine key exchange. However, a challenge-response method with a hash function can also be used. The initiator must then do this with every single secure bus controller.

Claims (2)

Verfahren für eine volltransparente, verschlüsselte, multimasterfähige Kommunikation auf Bussystemen mit folgenden Merkmalen: a) Einsatz eines sicheren Buscontrollers, der sich als transparente Einheit zwischen Bus und Komponente befindet und die Verschlüsselung steuert b) Symmetrische Verschlüsselung c) Stromchiffre für die Busverschlüsselung d) Schlüsselaustausch in der Initialisierungsphase e) Signalisierung des Schlüsselwechsels an allen sicheren Buscontrollern durch Bussignale oder TaktProcedure for a fully transparent, encrypted, multi-master compatible Communication on bus systems with the following features: a) Use a secure bus controller that turns out to be a transparent unit located between bus and component and the encryption controls b) Symmetric encryption c) stream cipher for the bus encryption d) key exchange in the initialization phase e) Signaling of the key change on all secure bus controllers by bus signals or clock Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass zusätzlich eine Authentifizierung während der Initialisierung stattfindet, die durch einen geheimen Identifikationsschlüssel ermöglicht wird, der sich im sicheren Buscontroller befindet.Method according to claim 1, characterized in that that in addition an authentication during initialization takes place, which is enabled by a secret identification key, which is located in the safe bus controller.
DE200610021297 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code Withdrawn DE102006021297A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
DE200610021297 DE102006021297A1 (en) 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE200610021297 DE102006021297A1 (en) 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code

Publications (1)

Publication Number Publication Date
DE102006021297A1 true DE102006021297A1 (en) 2008-01-10

Family

ID=38805881

Family Applications (1)

Application Number Title Priority Date Filing Date
DE200610021297 Withdrawn DE102006021297A1 (en) 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code

Country Status (1)

Country Link
DE (1) DE102006021297A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3939828A1 (en) * 1989-12-02 1991-06-06 Ant Nachrichtentech Data transmission with unauthorised access prevention - encoding all data after preamble and transmitting via bus system
US20010003540A1 (en) * 1999-11-30 2001-06-14 Stmicroelectronics S.A. Electronic security component
DE19782075C2 (en) * 1996-10-25 2001-11-08 Intel Corp A circuit and method for securing connection security within a multi-chip package of an integrated circuit
DE102005013830A1 (en) * 2005-03-24 2006-09-28 Infineon Technologies Ag Data transmission device for use in data processing device, has interface performing preventive measure against transferring of data from that interface to other interface, if decoding data stream does not correspond to expected data stream

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3939828A1 (en) * 1989-12-02 1991-06-06 Ant Nachrichtentech Data transmission with unauthorised access prevention - encoding all data after preamble and transmitting via bus system
DE19782075C2 (en) * 1996-10-25 2001-11-08 Intel Corp A circuit and method for securing connection security within a multi-chip package of an integrated circuit
US20010003540A1 (en) * 1999-11-30 2001-06-14 Stmicroelectronics S.A. Electronic security component
DE102005013830A1 (en) * 2005-03-24 2006-09-28 Infineon Technologies Ag Data transmission device for use in data processing device, has interface performing preventive measure against transferring of data from that interface to other interface, if decoding data stream does not correspond to expected data stream

Similar Documents

Publication Publication Date Title
EP1959606B1 (en) Safety unit
DE102008006840A1 (en) Data transmission method and tachograph system
EP3157192B1 (en) Method and system for asymmetric key derivision
EP3157190A1 (en) Method for certification by a control unit of a vehicle
EP2689553A1 (en) Motor vehicle control unit having a cryptographic device
DE102019103419B4 (en) Vehicle communication system and vehicle communication methods
EP3556047B1 (en) Programmable hardware security module and method on a programmable hardware security module
DE10213658B4 (en) Method for data transmission between components of the on-board electronics of mobile systems and such components
EP2407843B1 (en) Secure data transfer in an automation network
EP3791534B1 (en) Method for securing a data exchange in a distributed infrastructure
DE602004001732T2 (en) Data encryption in an electronic device with multiple symmetric processors
EP3412018B1 (en) Method for exchanging messages between security-relevant devices
DE10360120B3 (en) Rolling code based method
DE102011002713A1 (en) Method for providing cryptographic credentials for electronic control unit (ECU) of vehicle e.g. electric car, has control unit that deactivates vehicle drive for deleting cryptographic credentials in vehicle safety management unit
DE102006021297A1 (en) Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code
EP2184695A1 (en) Method of combining data with a device to be used for processing data, corresponding functionality to execute the individual steps in the procedure and computer program to implement the procedure
EP0525921B1 (en) Data transmission with repetition, one of the messages being encrypted
EP1246391A1 (en) Method and system for cryptographic data communication with a plurality of instances
DE10136384C2 (en) Device for the computer-controlled generation of a large number of data records
DE102022206899A1 (en) Method for using cryptographic keys in an in-vehicle communication network
DE102010039782A1 (en) Method for carrying out a communication
WO2004102866A1 (en) Device and method for communication with the aid of an encrypted code table
WO2024046681A1 (en) Method for authenticating data
EP0764303B1 (en) Method of ensuring the security of microcontrollers
WO2024231016A1 (en) Method for encrypted communication between computer systems, and vehicle

Legal Events

Date Code Title Description
OM8 Search report available as to paragraph 43 lit. 1 sentence 1 patent law
8139 Disposal/non-payment of the annual fee