EP0825316B2 - Method and system for writing an information key - Google Patents

Method and system for writing an information key Download PDF

Info

Publication number
EP0825316B2
EP0825316B2 EP97202546A EP97202546A EP0825316B2 EP 0825316 B2 EP0825316 B2 EP 0825316B2 EP 97202546 A EP97202546 A EP 97202546A EP 97202546 A EP97202546 A EP 97202546A EP 0825316 B2 EP0825316 B2 EP 0825316B2
Authority
EP
European Patent Office
Prior art keywords
information
identification information
key
data carrier
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
EP97202546A
Other languages
German (de)
French (fr)
Other versions
EP0825316B1 (en
EP0825316A2 (en
EP0825316A3 (en
Inventor
Wolfgang Buhr
Helmut Hörner
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Philips Intellectual Property and Standards GmbH
Koninklijke Philips NV
Original Assignee
Philips Intellectual Property and Standards GmbH
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=7803302&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=EP0825316(B2) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Philips Intellectual Property and Standards GmbH, Koninklijke Philips Electronics NV filed Critical Philips Intellectual Property and Standards GmbH
Publication of EP0825316A2 publication Critical patent/EP0825316A2/en
Publication of EP0825316A3 publication Critical patent/EP0825316A3/en
Application granted granted Critical
Publication of EP0825316B1 publication Critical patent/EP0825316B1/en
Publication of EP0825316B2 publication Critical patent/EP0825316B2/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/0088Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed centrally

Definitions

  • the invention relates to a method and a system for writing a key information transmitted from a central location to a remote location into a data carrier present there.
  • the data carrier is a key for a motor vehicle, wherein the key is to be issued by a dealer to the rightful owner of the motor vehicle, for example because this additionally requires a key or has lost a key originally received when buying the motor vehicle.
  • the method or system according to the invention is also suitable for other applications, for example keys for access control to specific rooms or areas.
  • selected information can generally be stored in a data carrier in a secured manner.
  • the central office registers the identification numbers and the secret numbers of the theft-relevant system components.
  • the identification numbers used to identify the relevant theft-related system components are transmitted in clear text within the anti-theft system and between the anti-theft system and the central office.
  • the non-clear-transmitted secret numbers of theft-relevant system components serve as communication keys for layptological protocols in the data transmission of theft-relevant system components within the anti-theft system or / and with the central office.
  • a key information stored in a central location is to be written to a data carrier at a remote location, it must be prevented in conventional systems that the transmission of key information to the remote site can be intercepted without authorization, otherwise a fraudster who was listening unauthorized Enroll key information in their own media and thus, for example, unauthorized access to secure rooms or areas can procure.
  • the other possibility of writing in the central location the key information in the disk and then send it to the remote location is also unfavorable, since the disk can be stolen during transport.
  • the object of the invention is to specify a method for securely writing a key information in a data carrier, which is output at a location other than the location where the key information is generated or stored.
  • the key contains an ident information stored that is not readable from outside and thus secret, and that the key information encrypted in the central location with this identification information and the encrypted information to the disk at the issuing office is transmitted. In the data carrier, this encrypted key information is decrypted and stored again.
  • This method has the advantage that the data carriers can be sent free because they contain no key information, so that a possible thief can not use the disk. Unauthorized interception of transmitted encrypted key information is also of no use to a fraudster if he does not have a volume with the correct identity information to which he could enroll the encrypted key information.
  • each volume contains another, open Ident information that is readable. This makes it possible for each data carrier to contain an individual identification information that is different from other data carriers, in that the association between the further open identification information and the secret identification information is stored at the central location. With this measure, encrypted key information can only be decrypted correctly by one, the correct data medium.
  • the identity information and the open ident information are written to the data carrier at a further point before the Data carrier is transported to the remote location.
  • This additional location must then be coupled via a protected information transfer connection with the central location so that the same information can be written there.
  • the further location can also be identical to the central location.
  • the key information to be transferred to the data carrier is uniquely assigned to at least one individual object, for example a motor vehicle. If a data carrier is to be assigned to such an individual object, the object information characterizing this object must be transmitted to the central location. In order to secure this transmission path as well, it is expedient to encrypt the object information before transmission to the central location with the further, open identification information.
  • the encryption of data a variety of different methods are known.
  • the method according to the invention can be used as a particularly simple encryption and decryption of the key information and the object information, an exclusive OR link with the Ident information. Since the identification information is secret, decryption without knowledge of the key information is not possible even with knowledge of the encryption method.
  • an asymmetrical encryption method can be used for the encryption of the object information before the transmission from the remote location to the central location, wherein for the encryption of the object information or the encrypted object -Information the open key is used, while in the central office, the decryption is performed with the secret key of the asymmetric encryption method.
  • the invention further relates to a system for writing a key information transmitted from a central location to a remote location into a data carrier present there, as well as a data carrier and a terminal for use in such a system.
  • a central location 20 contains two memories 21 and 25.
  • the memory 21 contains two groups 22 and 23 of memory locations, which are each assigned in pairs to one another.
  • a specific information namely an open Ident information of a particular disk for data carriers with individual different ident information or specifying a volume group for data carriers with groups of identical Ident information, this is associated Ident information the assigned memory space of the group 22 read out.
  • memory 25 in this example includes three groups 26, 27 and 28 of memory locations.
  • Object information is stored in the memory locations of the group 26, and each of these memory locations is assigned a specific memory location of the group 27, which contains a key information associated with this object.
  • each memory location of the group 26 is preferably assigned a plurality of memory locations of the group 28 which contain a number of identification numbers. Their meaning will be explained later.
  • This data carrier 10 contains a processing unit 11 and four memory locations 12 to 15.
  • the memory location 12 is used to store identification information that can only be processed internally in the data carrier 10 and is never output to the outside.
  • the memory location 13 contains a further identification information which identifies the individual data carrier and which can be read out to the outside.
  • These two pieces of information are preferably provided by the central location 20, where these two pieces of information are written in two mutually associated memory locations of the groups 22 and 23 of the memory 21, and this information will also be at the other location where the volume 10 is initially located , inscribed in the memory slots 12 and 13.
  • the further location may be identical to the central station 20.
  • This writing into memory locations 12 and 13 takes place for a plurality of data carriers, and these data carriers are then transported via a transport path 19 to a remote location.
  • This transport path runs at least partially over an unprotected area, which is indicated by the dot-dash line 39.
  • the media may possibly be stolen. However, such a theft can not cause any significant damage since the data carriers do not yet contain any key information and thus can not be used on any object.
  • this data carrier 10' is connected to a terminal 40.
  • the open identification information contained therein is read from the memory location 13 'and supplied via the connection 43 to the terminal 40.
  • object information is input via an input 41, for example via a keyboard.
  • the part 42 of the encryption device is embodied here as an exclusive OR connection.
  • the linked information which thus represents the object information encrypted with the open identification information, is supplied to a part 44 which performs an asymmetrical encryption, for example according to the RSA method, with a fixed key, which is indicated here as being supplied via an input 45.
  • This key does not need to be secret, because with its help a decryption is not possible.
  • the additional encryption with the open Ident information brings a significant improvement in security. Assuming that the data transmitted by a workshop, namely encrypted object information and open identification information, is being intercepted by a fraudster who himself possesses pre-programmed keys. If this fraudster transmits the same encrypted object information, but with the key's ID open, he would get the key information for the object encrypted with the secret ID information of his key without the encryption with the open identity information and thus decrypted correctly in the key so that a valid key for the object is unlawfully obtained. Due to the additional encryption with the open identity information, the encrypted object information transmitted by the fraudster is not properly decrypted at the central location, so that the desired key information is not read from the memory 25.
  • the fraudster also transmits the likewise intercepted open identity information, he merely receives key information which is not encrypted with the secret identity information stored in his key and which therefore can not be decrypted. It is therefore not possible, by eavesdropping on an authorized transfer for an object to obtain data with which a key for the same object can be generated without justification.
  • the encrypted information delivered by the part 44 via the line 47 is now supplied via the line 43 to the central point 20 as well as the open identification information. This transmission can take place via an unsecured way, since the encrypted information on the line 47 can not be decrypted without knowledge of the secret key of the asymmetrical encryption and the open identity information contains no direct indication of the key information required in the data carrier.
  • the encrypted information on the line 47 is supplied to a decryption device comprising the parts 32 and 34.
  • a decryption of the transmitted information via the line 47 information is performed, with the help of a secret key, which is indicated here supplied via an input 35.
  • the line 37 of the part 34 of the decryption device is then the same information as at the output of the exclusive OR operation 42 in the terminal 40. However, this is not yet the input 41 of the terminal 40 supplied object information. Therefore, the line 37 leads to an exclusive-OR operation 32, which receives the open identification information via the line 43 at a further input.
  • the output 33 of the exclusive-OR operation 32 is now the decrypted object information with which the memory 25 is driven.
  • the memory location containing this object information is selected in the group 26, and the key information is read from the associated memory location of the group 27. Furthermore, with the help of the open identification information on the line 43, the memory 21 is driven by looking up the memory location of the group 23 containing this identification information and the associated memory space of the group 22 containing the secret identification information. is read out.
  • the information read from the memory 21 and the memory 25 is supplied to an encryption device 30, which is also designed here as an exclusive OR connection.
  • the information appearing at the output 31 is now transmitted to the remote location, the transmission path need not be secure, since the decrypted key information from the information on the line 31 can only be obtained with the help of the correct secret ident information, but in the disk is stored hidden and is not transmitted directly.
  • an identification number is also read from the memory 25 from an assigned memory location of the group 28 and transmitted via the line 38 to the remote location, whereby an unsecured path can also be used.
  • the information on the line 31 and the line 38 via the terminal 40 to the disk 10 ' is supplied.
  • the identification number on the line 38 is written in the data carrier 10 'directly in the memory location 15', while the encrypted key information is supplied on the line 31 to a decryption device 17, which receives the secret ident information from the memory location 12 'at another input.
  • This decryption device is again executed as exclusive-OR operation and thus outputs at the output the decrypted key information which is written into the memory location 14 '.
  • the volume 10 ' now contains all the information necessary for its use in a particular object, for example in a motor vehicle, without the crucial key information can be determined in the transmission in an unauthorized manner.
  • the identification number in memory location 15 ' is not absolutely necessary for the described method and serves, if the data carrier is a key for a motor vehicle, that the vehicle is first checked via this identification number, whether it is a permissible key, before Help the key information is checked if it is a legitimate key. Namely, if a number of start attempts have been made with an unauthorized key, ie with a wrong key information, all will Functions of the motor vehicle permanently blocked, the blocking can be canceled only with a specific, secret procedure. By identifying number is thus prevented that with a wrong key, for example, belongs to another motor vehicle and thus of course contains a different key information can be performed as valid failed attempts.
  • each authorized key for a motor vehicle contains a different identification number, and therefore a number of identification numbers are stored in the memory 25 for each object information and also in the associated object.

Description

Die Erfindung betrifft ein Verfahren und ein System zum Einschreiben einer von einer zentralen Stelle gesichert zu einer entfernten Stelle übertragenen Schlüsselinformation in einen dort vorhandenen Datenträger. Bei einer bevorzugten Anwendung ist der Datenträger ein Schlüssel für ein Kraftfahrzeug, wobei der Schlüssel von einem Händler an den rechtmäßigen Besitzer des Kraftfahrzeugs ausgegeben werden soll, beispielsweise weil dieser einen Schlüssel zusätzlich benötigt oder einen ursprünglich beim Kauf des Kraftfahrzeugs empfangenen Schlüssel verloren hat. Es sei jedoch bemerkt, daß das erfindungsgemäße Verfahren bzw. System auch für andere Anwendungsfälle geeignet ist, beispielsweise für Schlüssel für Zugangskontrollen zu bestimmten Räumen oder Bereichen. Mit dem erfindungsgemäßen Verfahren bzw. System können ganz allgemein ausgewählte zugeordnete Informationen gesichert in einen Datenträger eingeschrieben werden.The invention relates to a method and a system for writing a key information transmitted from a central location to a remote location into a data carrier present there. In a preferred application, the data carrier is a key for a motor vehicle, wherein the key is to be issued by a dealer to the rightful owner of the motor vehicle, for example because this additionally requires a key or has lost a key originally received when buying the motor vehicle. It should be noted, however, that the method or system according to the invention is also suitable for other applications, for example keys for access control to specific rooms or areas. With the method or system according to the invention selected information can generally be stored in a data carrier in a secured manner.

In der EP 0 723 896 A2 wird ein Verfahren zur Diebstahlsicherung motorangetriebener Kraftfahrzeuge beschrieben, unter Verwendung eines Diebstahlsicherungssystems, mit einem die Wegfahrsperrenfunktion enthaltenden Steuergerät, mindestens einer weiteren diebstahlrelevanten Systemkomponente und Übertragungsstrecken zur bidirektionalen Kommunikation zwischen den diebstahlrelevanten Systemkomponenten, einer externen Zentralstelle, sowie einer Übertragungseinheit, zur Datenübertragung zwischen den diebstahlrelevanten Systemkomponenten und der Zentralstelle. Um eine sichere und zuverlässige Inbetriebnahme der diebstahlrelevanten Systemkomponenten zu gewährleisten, ist vorgesehen, daß alle diebstahlrelevanten Systemkomponenten des Diebstahlsicherungssystems vor ihrer erstmaligen Inbetriebnahme jeweils eine für die jeweilige Systemkomponente charakteristische Identifikationsnummer und eine von außerhalb der Systemkomponente nichtauslesbare, individuelle Geheimnummer in einem nichtflüchtigen Datenspeicher der Systemkomponente abgespeichert, versehen werden. Durch die Zentralstelle werden die Identifikationsnummern und die Geheimnummern der diebstahlrelevanten Systemkomponenten registriert. Die zur Identifizierung der jeweiligen diebstahlrelevanten Systemkomponente dienenden Identifikationsnummern werden innerhalb des Diebstahlsicherungssystems und zwischen dem Diebstahlsicherungssystem und der Zentralstelle im Klartext übertragen. Die nicht im Klartext übertragenen Geheimnummern der diebstahlrelevanten Systemkomponenten dienen als Kommunikationsschlüssel für layptologische Protokolle bei der Datenübertragung der diebstahlrelevanten Systemkomponenten innerhalb des Diebstahlsicherungssystems oder/und mit der Zentralstelle.In the EP 0 723 896 A2 A method for theft prevention of motor-driven motor vehicles is described, using an anti-theft system, with a controller containing the immobilizer function, at least one further theft-relevant system component and transmission lines for bidirectional communication between theft-relevant system components, an external central office, and a transmission unit, for data transmission between the theft-relevant system components and the central office. In order to ensure a safe and reliable commissioning of theft-relevant system components, it is provided that all theft-relevant system components of the anti-theft system before their initial startup stored each one characteristic of the respective system component identification number and non-readable from outside the system component, individual secret number in a nonvolatile data memory of the system component be provided. The central office registers the identification numbers and the secret numbers of the theft-relevant system components. The identification numbers used to identify the relevant theft-related system components are transmitted in clear text within the anti-theft system and between the anti-theft system and the central office. The non-clear-transmitted secret numbers of theft-relevant system components serve as communication keys for layptological protocols in the data transmission of theft-relevant system components within the anti-theft system or / and with the central office.

Wenn eine Schlüsselinformation, die an einer zentralen Stelle gespeichert ist, in einen Datenträger an einer entfernten Stelle eingeschrieben werden soll, muß bei üblichen Systemen verhindert werden, daß die Übertragung der Schlüsselinformation zur entfernten Stelle unberechtigt abgehört werden kann, da sonst ein Betrüger die unberechtigt abgehörte Schlüsselinformation in eigene Datenträger einschreiben kann und damit sich beispielsweise unberechtigt Zugang zu gesicherten Räumen oder Bereichen verschaffen kann. Die andere Möglichkeit, in der zentralen Stelle die Schlüsselinformation in den Datenträger einzuschreiben und diesen dann zu der entfernten Stelle zu versenden, ist auch ungünstig, da der Datenträger beim Transport gestohlen werden kann.If a key information stored in a central location is to be written to a data carrier at a remote location, it must be prevented in conventional systems that the transmission of key information to the remote site can be intercepted without authorization, otherwise a fraudster who was listening unauthorized Enroll key information in their own media and thus, for example, unauthorized access to secure rooms or areas can procure. The other possibility of writing in the central location the key information in the disk and then send it to the remote location, is also unfavorable, since the disk can be stolen during transport.

Aufgabe der Erfindung ist es, ein Verfahren zum sicheren Einschreiben einer Schlüsselinformation in einen Datenträger anzugeben, der an einer anderen Stelle als die Stelle, wo die Schlüsselinformation erzeugt wird bzw. gespeichert ist, ausgegeben wird.The object of the invention is to specify a method for securely writing a key information in a data carrier, which is output at a location other than the location where the key information is generated or stored.

Diese Aufgabe wird erfindungsgemäß dadurch gelöst, daß der Schlüssel eine Ident-Information gespeichert enthält, die von außerhalb nicht auslesbar und somit geheim ist, und daß die Schlüsselinformation in der zentralen Stelle mit dieser Ident-Information verschlüsselt und die verschlüsselte Information zum Datenträger an der Ausgabestelle übertragen wird. Im Datenträger wird diese verschlüsselte Schlüsselinformation wieder entschlüsselt und gespeichert.This object is achieved in that the key contains an ident information stored that is not readable from outside and thus secret, and that the key information encrypted in the central location with this identification information and the encrypted information to the disk at the issuing office is transmitted. In the data carrier, this encrypted key information is decrypted and stored again.

Dieses Verfahren hat den Vorteil, daß die Datenträger frei versandt werden können, da sie keine Schlüsselinformation enthalten, so daß ein eventueller Dieb die Datenträger nicht benutzen kann. Das unberechtigte Abhören einer übertragenen verschlüsselten Schlüsselinformation ist für einen Betrüger ebenfalls nicht von Nutzen, wenn er nicht einen Datenträger mit der richtigen Ident-Information hat, in die er die verschlüsselte Schlüsselinformation einschreiben könnte.This method has the advantage that the data carriers can be sent free because they contain no key information, so that a possible thief can not use the disk. Unauthorized interception of transmitted encrypted key information is also of no use to a fraudster if he does not have a volume with the correct identity information to which he could enroll the encrypted key information.

Dabei ist es wichtig, daß jeder Datenträger eine weitere, offene Ident-Information enthält, die auslesbar ist. Damit ist es dann möglich, daß jeder Datenträger eine individuelle, von anderen Datenträgern unterschiedliche Ident-Information gespeichert enthält, indem die Zuordnung zwischen der weiteren, offenen Ident-Information und der geheimen Ident-Information an der zentralen Stelle gespeichert wird. Mit dieser Maßnahme kann eine verschlüsselte Schlüsselinformation ausschließlich nur von einem, dem richtigen Datenträger richtig entschlüsselt werden.It is important that each volume contains another, open Ident information that is readable. This makes it possible for each data carrier to contain an individual identification information that is different from other data carriers, in that the association between the further open identification information and the secret identification information is stored at the central location. With this measure, encrypted key information can only be decrypted correctly by one, the correct data medium.

Um die Zuordnungen von geheimer Ident-Information und Schlüsselinformation sowie der weiteren, offenen Ident-Information leichter organisieren zu können, ist es zweckmäßig, wenn in den Datenträger an einer weiteren Stelle die Ident-Information und die offene Ident-Information eingeschrieben wird, bevor der Datenträger zur entfernten Stelle transportiert wird. Diese weitere Stelle muß dann über eine geschützte Informationsübertragungsverbindung mit der zentralen Stelle gekoppelt sein, damit dort die gleichen Informationen eingeschrieben werden können. Die weitere Stelle kann auch mit der zentralen Stelle identisch sein.To be able to organize the assignments of secret identification information and key information as well as the further, open identification information more easily, it is expedient if the identity information and the open ident information are written to the data carrier at a further point before the Data carrier is transported to the remote location. This additional location must then be coupled via a protected information transfer connection with the central location so that the same information can be written there. The further location can also be identical to the central location.

Die zum Datenträger zu übertragende Schlüsselinformation ist wenigstens einem individuellen Objekt, beispielsweise einem Kraftfahrzeug eindeutig zugeordnet. Wenn ein Datenträger einem solchen individuellen Objekt zugeordnet werden soll, muß die dieses Objekt kennzeichnende Objekt-Information zur zentralen Stelle übertragen werden. Um auch diesen Übertragungsweg zu sichern, ist es zweckmäßig, die Objekt-Information vor der Übertragung zur zentralen Stelle mit der weiteren, offenen Ident-Information zu verschlüsseln.The key information to be transferred to the data carrier is uniquely assigned to at least one individual object, for example a motor vehicle. If a data carrier is to be assigned to such an individual object, the object information characterizing this object must be transmitted to the central location. In order to secure this transmission path as well, it is expedient to encrypt the object information before transmission to the central location with the further, open identification information.

Für die Verschlüsselung von Daten sind eine Vielzahl verschiedener Verfahren bekannt. Bei dem erfindungsgemäßen Verfahren kann als besonders einfache Verschlüsselung und Entschlüsselung der Schlüsselinformation und der Objekt-Information eine Exclusiv-Oder-Verknüpfung mit der Ident-Information verwendet werden. Da die Ident-Information geheim ist, ist selbst bei Kenntnis des Verschlüsselungsverfahrens eine Entschlüsselung ohne Kenntnis der Schlüsselinformation nicht möglich.For the encryption of data, a variety of different methods are known. In the method according to the invention can be used as a particularly simple encryption and decryption of the key information and the object information, an exclusive OR link with the Ident information. Since the identification information is secret, decryption without knowledge of the key information is not possible even with knowledge of the encryption method.

Zusätzlich oder auch anstelle der Verschlüsselung mittels Exclusiv-Oder-Verknüpfung kann für die Verschlüsselung der Objekt-Information vor der Übertragung von der entfernten Stelle zur zentralen Stelle noch ein unsymmetrisches Verschlüsselungsverfahren eingesetzt werden, wobei für die Verschlüsselung der Objekt-Information bzw. der verschlüsselten Objekt-Information der offene Schlüssel verwendet wird, während in der zentralen Stelle die Entschlüsselung mit dem geheimen Schlüssel des unsymmetrischen Verschlüsselungsverfahrens durchgeführt wird.In addition or instead of the encryption by means of exclusive OR connection, an asymmetrical encryption method can be used for the encryption of the object information before the transmission from the remote location to the central location, wherein for the encryption of the object information or the encrypted object -Information the open key is used, while in the central office, the decryption is performed with the secret key of the asymmetric encryption method.

Die Erfindung betrifft ferner ein System zum Einschreiben einer von einer zentralen Stelle gesichert zu einer entfernten Stelle übertragenen Schlüsselinformation in einen dort vorhandenen Datenträger sowie einen Datenträger und ein Terminal zur Verwendung in einem derartigen System.The invention further relates to a system for writing a key information transmitted from a central location to a remote location into a data carrier present there, as well as a data carrier and a terminal for use in such a system.

Ein Ausführungsbeispiel der Erfindung wird nachfolgend anhand der Zeichnung näher erläutert. Darin enthält eine zentrale Stelle 20 zwei Speicher 21 und 25. Der Speicher 21 enthält zwei Gruppen 22 und 23 von Speicherplätzen, die jeweils paarweise einander zugeordnet sind. Durch Aufrufen eines Speicherplatzes der Gruppe 23 mit einer bestimmten Information, nämlich einer offenen Ident-Information eines bestimmten Datenträgers bei Datenträgern mit individuellen unterschiedlichen Ident-Informationen oder der Angabe einer Datenträgergruppe bei Datenträgern mit gruppenweise gleicher Ident-Information, wird diese zugehörige Ident-Information aus dem zugeordneten Speicherplatz der Gruppe 22 ausgelesen.An embodiment of the invention will be explained in more detail with reference to the drawing. Therein, a central location 20 contains two memories 21 and 25. The memory 21 contains two groups 22 and 23 of memory locations, which are each assigned in pairs to one another. By calling a memory location of the group 23 with a specific information, namely an open Ident information of a particular disk for data carriers with individual different ident information or specifying a volume group for data carriers with groups of identical Ident information, this is associated Ident information the assigned memory space of the group 22 read out.

In entsprechender Weise umfaßt der Speicher 25 in diesem Beispiel drei Gruppen 26, 27 und 28 von Speicherplätzen. In den Speicherplätzen der Gruppe 26 sind Objekt-Informationen gespeichert, und jedem dieser Speicherplätze ist ein bestimmter Speicherplatz der Gruppe 27 zugeordnet, der eine diesem Objekt zugeordnete Schlüsselinformationen enthält. Ferner sind jedem Speicherplatz der Gruppe 26 vorzugsweise mehrere Speicherplätze der Gruppe 28 zugeordnet die eine Anzahl Identifiziernummern enthalten. Deren Bedeutung wird später etwas näher erläutert.Likewise, memory 25 in this example includes three groups 26, 27 and 28 of memory locations. Object information is stored in the memory locations of the group 26, and each of these memory locations is assigned a specific memory location of the group 27, which contains a key information associated with this object. Furthermore, each memory location of the group 26 is preferably assigned a plurality of memory locations of the group 28 which contain a number of identification numbers. Their meaning will be explained later.

An einer weiteren Stelle befindet sich ein Datenträger 10. In der Praxis sind selbstverständlich viele Datenträger vorhanden, die untereinander gleich aufgebaut sind und für die der hier angedeutete Datenträger 10 repräsentativ ist. Dieser Datenträger 10 enthält eine Verarbeitungseinheit 11 und vier Speicherplätze 12 bis 15. Der Speicherplatz 12 dient zum Speichern einer Ident-Information, die nur intern im Datenträger 10 verarbeitet werden kann und in keinem Fall nach außen abgegeben wird. Der Speicherplatz 13 enthält eine den individuellen Datenträger kennzeichnende weitere, offene Ident-Information, die nach außen ausgelesen werden kann. Diese beiden Informationen werden vorzugsweise von der zentralen Stelle 20 geliefert, wo diese beiden Informationen in zwei einander zugeordneten Speicherplätzen der Gruppen 22 und 23 des Speichers 21 eingeschrieben werden, und diese Informationen werden auch an der weiteren Stelle, an der sich der Datenträger 10 zunächst befindet, in die Speicherplätze 12 und 13 eingeschrieben. Die weitere Stelle kann mit der zentralen Station 20 identisch sein.At a further point there is a data carrier 10. In practice, of course, many data carriers are present, which are constructed equal to each other and for which the data carrier 10 indicated here is representative. This data carrier 10 contains a processing unit 11 and four memory locations 12 to 15. The memory location 12 is used to store identification information that can only be processed internally in the data carrier 10 and is never output to the outside. The memory location 13 contains a further identification information which identifies the individual data carrier and which can be read out to the outside. These two pieces of information are preferably provided by the central location 20, where these two pieces of information are written in two mutually associated memory locations of the groups 22 and 23 of the memory 21, and this information will also be at the other location where the volume 10 is initially located , inscribed in the memory slots 12 and 13. The further location may be identical to the central station 20.

Dieses Einschreiben in Speicherplätze 12 und 13 erfolgt für eine Vielzahl von Datenträgern, und diese Datenträger werden dann über einen Transportweg 19 zu einer entfernten Stelle transportiert. Dieser Transportweg verläuft zumindest zum Teil über einen nicht geschützten Bereich, der durch die strichpunktierte Linie 39 angedeutet ist. Während dieses Teils des Transportwegs können die Datenträger möglicherweise gestohlen werden. Durch einen solchen Diebstahl kann jedoch kein wesentlicher Schaden entstehen, da die Datenträger noch keine Schlüsselinformation enthalten und somit an keinem Objekt benutzbar sind.This writing into memory locations 12 and 13 takes place for a plurality of data carriers, and these data carriers are then transported via a transport path 19 to a remote location. This transport path runs at least partially over an unprotected area, which is indicated by the dot-dash line 39. During this part of the transport path, the media may possibly be stolen. However, such a theft can not cause any significant damage since the data carriers do not yet contain any key information and thus can not be used on any object.

Wenn an der entfernten Stelle in einen Datenträger, nämlich in den in der Figur etwas ausführlicher dargestellten Datenträger 10', eine Schlüsselinformation für ein bestimmtes Objekt eingeschrieben werden soll, wird dieser Datenträger 10' mit einem Terminal 40 in Verbindung gebracht. Dadurch wird aus dem Speicherplatz 13' die darin enthaltene offene Ident-Information ausgelesen und über die Verbindung 43 dem Terminal 40 zugeführt. Ferner wird über einen Eingang 41, beispielsweise über eine Tastatur, eine Objekt-Information eingegeben. Diese beiden Informationen werden einer Verschlüsselungsvorrichtung zugeführt, die hier aus zwei Teilen 42 und 44 besteht.If a key information for a particular object is to be written to the remote location in a data carrier, namely in the volume 10 ', which is shown somewhat more in the figure, this data carrier 10' is connected to a terminal 40. As a result, the open identification information contained therein is read from the memory location 13 'and supplied via the connection 43 to the terminal 40. Furthermore, object information is input via an input 41, for example via a keyboard. These two pieces of information are fed to an encryption device, which here consists of two parts 42 and 44.

Der Teil 42 der Verschlüsselungsvorrichtung ist hier als Exclusiv-Oder-Verknüpfung ausgeführt. Die verknüpfte Information, die also die mit der offenen Ident-Information verschlüsselte Objekt-Information darstellt, wird einem Teil 44 zugeführt, der eine unsymmetrische Verschlüsselung, beispielsweise nach dem RSA-Verfahren, mit einem festen Schlüssel durchführt, der hier als über einen Eingang 45 zugeführt angedeutet ist. Dieser Schlüssel braucht nicht geheim zu sein, da mit seiner Hilfe eine Entschlüsselung nicht möglich ist.The part 42 of the encryption device is embodied here as an exclusive OR connection. The linked information, which thus represents the object information encrypted with the open identification information, is supplied to a part 44 which performs an asymmetrical encryption, for example according to the RSA method, with a fixed key, which is indicated here as being supplied via an input 45. This key does not need to be secret, because with its help a decryption is not possible.

Die zusätzliche Verschlüsselung mit der offenen Ident-Information bringt eine wesentliche Verbesserung der Sicherheit. Angenommen, die von einer Werkstatt übertragenen Daten, nämlich verschlüsselte Objekt-Information und offene Identinformation, wird von einem Betrüger abgehört, der selbst vorprogrammierte Schlüssel besitzt. Wenn dieser Betrüger die gleiche verschlüsselte Objekt-Information überträgt, aber mit der offenen Ident-Information seines Schlüssels, würde er ohne die Verschlüsselung mit der offenen Ident-Information die Schlüsselinformation für das Objekt erhalten, die mit der geheimen Ident-Information seines Schlüssels verschlüsselt ist und somit im Schlüssel richtig entschlüsselt wird, so daß ein gültiger Schlüssel für das Objekt widerrechtlich erhalten wird. Durch die zusätzliche Verschlüsselung mit der offenen Ident-Information wird die vom Betrüger übertragene verschlüsselte Objekt-Informationan der zentralen Stelleaber nicht richtig entschlüsselt, so daß die gewünschte Schlüsselinformation nicht aus dem Speicher 25 ausgelesen wird. Wenn der Betrüger aber die ebenfalls abgehörte offene Ident-Information mit überträgt, erhält er lediglich eine Schlüsselinformation, die nicht mit der in seinem Schlüssel gespeicherten geheimen Ident-Information verschlüsselt ist und die also nicht entschlüsselt werden kann. Es ist also nicht möglich, durch Belauschen einer berechtigten Übertragung für ein Objekt Daten zu erhalten,mit denen unbrechtigt ein Schlüssel für das gleiche Objekt erzeugt werden kann.The additional encryption with the open Ident information brings a significant improvement in security. Assuming that the data transmitted by a workshop, namely encrypted object information and open identification information, is being intercepted by a fraudster who himself possesses pre-programmed keys. If this fraudster transmits the same encrypted object information, but with the key's ID open, he would get the key information for the object encrypted with the secret ID information of his key without the encryption with the open identity information and thus decrypted correctly in the key so that a valid key for the object is unlawfully obtained. Due to the additional encryption with the open identity information, the encrypted object information transmitted by the fraudster is not properly decrypted at the central location, so that the desired key information is not read from the memory 25. However, if the fraudster also transmits the likewise intercepted open identity information, he merely receives key information which is not encrypted with the secret identity information stored in his key and which therefore can not be decrypted. It is therefore not possible, by eavesdropping on an authorized transfer for an object to obtain data with which a key for the same object can be generated without justification.

Die vom Teil 44 über die Leitung 47 abgegebene verschlüsselte Information wird nun ebenso wie die offene Ident-Information über die Leitung 43 der zentrale Stelle 20 zugeführt. Diese Übertragung kann über einen nicht gesicherten Weg erfolgen, da die verschlüsselte Information auf der Leitung 47 ohne Kenntnis des geheimen Schlüssels der unsymmetrischen Verschlüsselung nicht entschlüsselt werden kann und die offene Ident-Information keinen direkten Hinweis auf die im Datenträger benötigte Schlüsselinformation enthält.The encrypted information delivered by the part 44 via the line 47 is now supplied via the line 43 to the central point 20 as well as the open identification information. This transmission can take place via an unsecured way, since the encrypted information on the line 47 can not be decrypted without knowledge of the secret key of the asymmetrical encryption and the open identity information contains no direct indication of the key information required in the data carrier.

In der zentralen Stelle 20 wird die verschlüsselte Information auf der Leitung 47 einer Entschlüsselungsvorrichtung zugeführt, die die Teile 32 und 34 umfaßt. Im Teil 34 wird eine Entschlüsselung der über die Leitung 47 übertragenen Information durchgeführt, und zwar mit Hilfe eines geheimen Schlüssels, der hier über einen Eingang 35 zugeführt angedeutet ist. Am Ausgang 37 des Teils 34 der Entschlüsselungsvorrichtung liegt dann die gleiche Information vor wie am Ausgang der Exclusiv-Oder-Verknüpfung 42 im Terminal 40. Dies ist jedoch noch nicht die über den Eingang 41 des Terminals 40 zugeführte Objekt-Information. Daher führt die Leitung 37 auf eine Exclusiv-Oder-Verknüpfung 32, die an einem weiteren Eingang die offene Ident-Information über die Leitung 43 erhält. Am Ausgang 33 der Exclusiv-Oder-Verknüpfung 32 liegt nun die entschlüsselte Objekt-Information vor, mit der der Speicher 25 angesteuert wird. Dabei wird in der Gruppe 26 der Speicherplatz ausgewählt, der diese Objekt-Information enthält, und aus dem zugehörigen Speicherplatz der Gruppe 27 wird die Schlüsselinformation ausgelesen. Ferner wird mit Hilfe der offenen Ident-Information auf der Leitung 43 der Speicher 21 angesteuert, indem der Speicherplatz der Gruppe 23 aufgesucht wird, der diese Ident-Information enthält, und der zugehörige Speicherplatz der Gruppe 22, der die geheime Ident-Information enthält, wird ausgelesen.In the central location 20, the encrypted information on the line 47 is supplied to a decryption device comprising the parts 32 and 34. In part 34, a decryption of the transmitted information via the line 47 information is performed, with the help of a secret key, which is indicated here supplied via an input 35. At the output 37 of the part 34 of the decryption device is then the same information as at the output of the exclusive OR operation 42 in the terminal 40. However, this is not yet the input 41 of the terminal 40 supplied object information. Therefore, the line 37 leads to an exclusive-OR operation 32, which receives the open identification information via the line 43 at a further input. At the output 33 of the exclusive-OR operation 32 is now the decrypted object information with which the memory 25 is driven. In this case, the memory location containing this object information is selected in the group 26, and the key information is read from the associated memory location of the group 27. Furthermore, with the help of the open identification information on the line 43, the memory 21 is driven by looking up the memory location of the group 23 containing this identification information and the associated memory space of the group 22 containing the secret identification information. is read out.

Die aus dem Speicher 21 und dem Speicher 25 ausgelesene Information wird einer Verschlüsselungsanordnung 30 zugeführt, die hier ebenfalls als Exclusiv-Oder-Verknüpfung ausgeführt ist. Die an deren Ausgang 31 auftretende Information wird nun zur entfernten Stelle übertragen, wobei der Übertragungsweg nicht sicher sein muß, da die entschlüsselte Schlüsselinformation aus der Information auf der Leitung 31 nur mit Hilfe der richtigen geheimen Ident-Information zu gewinnen ist, die jedoch im Datenträger verborgen gespeichert ist und nicht direkt übertragen wird.The information read from the memory 21 and the memory 25 is supplied to an encryption device 30, which is also designed here as an exclusive OR connection. The information appearing at the output 31 is now transmitted to the remote location, the transmission path need not be secure, since the decrypted key information from the information on the line 31 can only be obtained with the help of the correct secret ident information, but in the disk is stored hidden and is not transmitted directly.

Im vorliegenden Beispiel wird aus dem Speicher 25 außerdem noch aus einem zugeordneten Speicherplatz der Gruppe 28 eine Identifiziernummer ausgelesen und über die Leitung 38 zur entfernten Stelle übertragen, wobei ebenfalls ein ungesicherter Weg verwendet werden kann.In the present example, an identification number is also read from the memory 25 from an assigned memory location of the group 28 and transmitted via the line 38 to the remote location, whereby an unsecured path can also be used.

In der entfernten Stelle werden die Informationen auf der Leitung 31 und der Leitung 38 über das Terminal 40 dem Datenträger 10' zugeführt. Die Identifiziernummer auf der Leitung 38 wird im Datenträger 10' direkt in den Speicherplatz 15' eingeschrieben, während die verschlüsselte Schlüsselinformation auf der Leitung 31 einer Entschlüsselungsvorrichtung 17 zugeführt wird, die an einem weiteren Eingang die geheime Ident-Information aus dem Speicherplatz 12' erhält. Diese Entschlüsselungsvorrichtung ist wieder als Exclusiv-Oder-Verknüpfung ausgeführt und gibt somit am Ausgang die entschlüsselte Schlüsselinformation ab, die in den Speicherplatz 14' eingeschrieben wird. Damit enthält der Datenträger 10' nun alle für seine Benutzung bei einem bestimmten Objekt, beispielsweise bei einem Kraftfahrzeug, notwendigen Informationen, ohne daß die entscheidend wichtige Schlüsselinformation bei der Übertragung auf unberechtigte Weise ermittelt werden kann.In the remote location, the information on the line 31 and the line 38 via the terminal 40 to the disk 10 'is supplied. The identification number on the line 38 is written in the data carrier 10 'directly in the memory location 15', while the encrypted key information is supplied on the line 31 to a decryption device 17, which receives the secret ident information from the memory location 12 'at another input. This decryption device is again executed as exclusive-OR operation and thus outputs at the output the decrypted key information which is written into the memory location 14 '. Thus, the volume 10 'now contains all the information necessary for its use in a particular object, for example in a motor vehicle, without the crucial key information can be determined in the transmission in an unauthorized manner.

Die Identifiziernummer im Speicherplatz 15' ist für das beschriebene Verfahren nicht unbedingt notwendig und dient, wenn der Datenträger ein Schlüssel für ein Kraftfahrzeug ist, dazu, daß im Kraftfahrzeug zunächst über diese Identifiziernummer geprüft wird, ob es sich um einen zulässigen Schlüssel handelt, bevor mit Hilfe der Schlüsselinformation geprüft wird, ob es sich um einen berechtigten Schlüssel handelt. Wenn nämlich mit einem nicht berechtigten Schlüssel, d.h. mit einer falschen Schlüsselinformation, eine Anzahl Startversuche durchgeführt worden sind, werden alle Funktionen des Kraftfahrzeugs dauerhaft blockiert, wobei die Blockierung nur mit einer bestimmten, geheimen Prozedur aufgehoben werden kann. Durch die Identifiziernummer wird also verhindert, daß mit einem falschen Schlüssel, der z.B. zu einem anderen Kraftfahrzeug gehört und somit selbstverständlich eine andere Schlüsselinformation enthält, als gültig erkannte Fehlversuche durchgeführt werden können.The identification number in memory location 15 'is not absolutely necessary for the described method and serves, if the data carrier is a key for a motor vehicle, that the vehicle is first checked via this identification number, whether it is a permissible key, before Help the key information is checked if it is a legitimate key. Namely, if a number of start attempts have been made with an unauthorized key, ie with a wrong key information, all will Functions of the motor vehicle permanently blocked, the blocking can be canceled only with a specific, secret procedure. By identifying number is thus prevented that with a wrong key, for example, belongs to another motor vehicle and thus of course contains a different key information can be performed as valid failed attempts.

Zweckmäßig enthält jeder für ein Kraftfahrzeug berechtigte Schlüssel eine andere Identifiziernummer, und dafür sind im Speicher 25 zu jeder Objekt-Information und ebenso in dem zugehörigen Objekt eine Anzahl Identifiziernummern gespeichert.Suitably, each authorized key for a motor vehicle contains a different identification number, and therefore a number of identification numbers are stored in the memory 25 for each object information and also in the associated object.

Es ist klar, daß die Verschlüsselung im Terminal 40 mit Hilfe der Teile 42 und 44 und die entsprechende Entschlüsselung in der zentralen Stelle auch auf andere Weise als beschrieben durchgeführt werden kann. Wichtig ist, daß die Information auf der Leitung 47 in einer Weise verschlüsselt ist, die eine Entschlüsselung nur durch übertragene Informationen nicht möglich macht.It is clear that the encryption in the terminal 40 by means of the parts 42 and 44 and the corresponding decoding in the central location can also be carried out in other ways than described. It is important that the information on the line 47 is encrypted in a way that does not allow decryption only by transmitted information.

Claims (10)

  1. A method of writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station, which after being written into is unambiguously assigned to a selected one of a plurality of objects through the key information and which stores identification information that is not externally readable, as well as further public identification information that is readable, which types of identification information are stored, assigned to one another, also in the central station, wherein first object information characteristic of the individual object as well as the further public identification information is transmitted to the central station,
    where the key information which has been stored for the object information is read out and encrypted with the identification information stored for the transmitted further public identification information and the encrypted key information is transmitted to the data carrier and is decrypted there with the identification information stored thereon and the decrypted key information is stored,
    where at a further data carrier location, which is coupled to the central station via a secure information transmission link, the identification information and the further, public identification information is written prior to the transport from the data carrier to the remote station and this identification information is also stored at the central station,
    and where the object information is encrypted with the further public identification information prior to the transmission to the central station.
  2. A method as claimed in claim 1, wherein the encryption and decryption of the key information and of the object information is effected by means of an Exclusive-Or combination with the further open identification information.
  3. A method as claimed in claim 1, wherein prior to transmission the encrypted object information is additionally encrypted with the public key associated with an asymmetrical encryption method and is decrypted in the central station by means of the secret key of the encryption method.
  4. A system for writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station, which key information after being written is unambiguously assigned to a selected one of a plurality of objects, wherein the central station comprises a first memory which stores at least identification information of one type and associated identification information of a further type, as well as object information characteristic of the object for each of the plurality of objects and stores the key information associated with the object, and an encryption device for encrypting key information read from the first memory with the identification information and a transmission device for transmitting the encrypted key information to the remote station, and wherein the data carrier comprises a second memory which contains a first storage area for identification information of one type, a second storage area for key information and a third storage area for identification information of a further type characteristic of the data carrier, and a decryption device which is connected to an information input of the data carrier and to the first storage area in order to supply decrypted key information upon reception of encrypted key information and to write the decrypted key information into the second storage area, wherein the remote station includes a terminal adapted to be coupled to the data carrier to initiate the read-out of the further identification information and to transmit this further identification information to the central station and to receive the encrypted key information subsequently transmitted from the central station and transmit it to the data carrier, and wherein the terminal includes an encryption device for encrypting written object information with the further identification information and transmit it to the central station, and the central station includes a decryption device for decrypting the received encrypted object information by means of the equally transmitted further identification information and for controlling the first memory and reading out the associated key information by means of the decrypted object information.
  5. A system as claimed in claim 4, wherein the encryption device in the central station and the decryption device in the data carrier are constructed as Exclusive-Or logic elements.
  6. A system as claimed in claim 4 or 5, wherein the encryption device in the terminal is adapted to encrypt the encrypted object information additionally with the public key of an asymmetrical encryption and to transmit it to the central station, and the decryption device in the central station is adapted to decrypt the received, additionally encrypted object information with the secret key of the asymmetrical encryption and with the likewise received further identification information and to supply the decrypted object information to the first memory.
  7. A data carrier for use in a system as claimed in any one of the claims 4 to 6, comprising a decryption device and a memory having a first storage area for storing identification information and a second storage area for storing key information, the decryption device being coupled to the first storage area to decrypt received encrypted key information by means of the identification information read from the first storage area and to write the decrypted key information into the second storage area while read-out of the identification information from the data carrier is inhibited, wherein the decryption device is constructed as an Exclusive-Or logic element.
  8. A data carrier as claimed in claim 7, wherein the memory comprises a third storage area for storing further identification information, and the memory is controllable from outside the data carrier in order to issue the further identification information from the memory.
  9. A terminal for use in a system as claimed in any one of the claims 4 to 6, comprising a coupling device for a data carrier, a transmission device for information, an input device for the entry of information, and an encryption device having two inputs which are connected to the input device and the coupling device, and an output connected to the transmission device, for encrypting object information, which has been entered via the input device, with identification information applied via the coupling device, and for supplying the encrypted object information to the transmission device.
  10. A terminal as claimed in claim 9, wherein the encryption device is adapted to encrypt the encrypted object information additionally with the public key of an asymmetrical encryption and to supply only the additionally encrypted object information to the transmission device.
EP97202546A 1996-08-22 1997-08-19 Method and system for writing an information key Expired - Lifetime EP0825316B2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE19633802 1996-08-22
DE19633802A DE19633802A1 (en) 1996-08-22 1996-08-22 Method and system for writing key information

Publications (4)

Publication Number Publication Date
EP0825316A2 EP0825316A2 (en) 1998-02-25
EP0825316A3 EP0825316A3 (en) 2001-05-16
EP0825316B1 EP0825316B1 (en) 2004-07-28
EP0825316B2 true EP0825316B2 (en) 2008-02-06

Family

ID=7803302

Family Applications (1)

Application Number Title Priority Date Filing Date
EP97202546A Expired - Lifetime EP0825316B2 (en) 1996-08-22 1997-08-19 Method and system for writing an information key

Country Status (4)

Country Link
US (1) US6337912B2 (en)
EP (1) EP0825316B2 (en)
JP (1) JP4065347B2 (en)
DE (2) DE19633802A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19901277A1 (en) * 1999-01-15 2000-07-20 Bayerische Motoren Werke Ag Method of authenticating a replacement key for using a vehicle
DE19934098A1 (en) * 1999-07-21 2001-01-25 Nokia Mobile Phones Ltd Starting device with PIN protection without input involves encoding PIN using unique identity number, comparing user code, unique identity, decoding PIN using unique identity number
DE10196486T5 (en) * 2000-08-24 2004-07-08 Siemens VDO Automotive Corporation, (n.d.Ges.d. Staates Delaware), Auburn Hills Method for assigning an identification code to a transmitter
US7490348B1 (en) * 2003-03-17 2009-02-10 Harris Technology, Llc Wireless network having multiple communication allowances
US7664966B2 (en) * 2004-05-17 2010-02-16 Microsoft Corporation Secure storage on recordable medium in a content protection system
DE102006010821B4 (en) * 2006-03-07 2011-12-22 Joachim Becker Self-target seeking data transmission system and method therefor
US20080250251A1 (en) * 2007-04-04 2008-10-09 Cyberlink Corp. Systems and Methods for Hardware Driven Program Execution
ITPN20070040A1 (en) * 2007-05-29 2008-11-30 Bianchi 1770 S P A "METHOD FOR THE DUPLICATION OF KEYS WITH ELECTRONIC CODE"

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB8705892D0 (en) * 1987-03-12 1987-04-15 Security Services Plc Keys
US5229648A (en) * 1989-08-10 1993-07-20 Autosafe International, Inc. Multi element security system
JPH04213242A (en) * 1990-12-07 1992-08-04 Hitachi Ltd Limited multiple address communication system
WO1993020538A1 (en) * 1992-03-30 1993-10-14 Telstra Corporation Limited A cryptographic communications method and system
JP3568970B2 (en) * 1993-04-12 2004-09-22 株式会社東芝 IC card issuing device
AU1265195A (en) * 1993-12-06 1995-06-27 Telequip Corporation Secure computer memory card
DE4342641A1 (en) * 1993-12-14 1995-06-22 Siemens Ag Authentication method between a mobile data carrier and a stationary data station
DE4441415C2 (en) * 1994-11-22 2003-06-18 Audi Ag Procedures for handling replacement keys
DE19502373C2 (en) * 1995-01-26 1997-07-03 Telefunken Microelectron Anti-theft method for motor-driven motor vehicles
DE19532067C1 (en) * 1995-08-31 1996-10-24 Daimler Benz Ag Programming system for vehicle electronic key

Also Published As

Publication number Publication date
US6337912B2 (en) 2002-01-08
EP0825316B1 (en) 2004-07-28
US20010040966A1 (en) 2001-11-15
DE59711801D1 (en) 2004-09-02
JPH10107789A (en) 1998-04-24
EP0825316A2 (en) 1998-02-25
EP0825316A3 (en) 2001-05-16
DE19633802A1 (en) 1998-02-26
JP4065347B2 (en) 2008-03-26

Similar Documents

Publication Publication Date Title
EP0281058B1 (en) Data exchange system
EP0283432B1 (en) Method and apparatus for protecting secret elements in a cryptographic devices network with open key management
EP0281057B1 (en) Circuitry for securing the access to a data processor by means of an IC card
DE69738002T2 (en) Authentication device according to the challenge-response principle
DE19532067C1 (en) Programming system for vehicle electronic key
DE4142964C2 (en) Data exchange system with verification of the device for authentication status
EP2115703B1 (en) Tachograph
EP0030381B1 (en) Process and apparatus for the manufacture of documents protected against counterfeiting and misuse, and document used therein
EP0942856B1 (en) Process for securing the privacy of data transmission
EP0671528A1 (en) Electronic coded lock, in particular for the deactivation of a motor vehicle immobilizer
DE60117757T2 (en) KEY AND CLOSURE DEVICE
EP0723896A2 (en) Procedure for theft protection of motor driven vehicles
EP0980635B1 (en) Method and device to authenticate subscribers in a mobile radiotelephone systems
EP2425368A1 (en) Storage medium having an encrypting device
DE19716111A1 (en) Procedure for mutual authentication of two units
EP0825316B2 (en) Method and system for writing an information key
DE19925389A1 (en) Transferring data onto smart cards involves transmitting encrypted data to card, decrypting in card using different keys, encrypting and decrypting data on basis of specific information in smart card
DE19523009C2 (en) Authentication system
DE69817889T2 (en) Safety device for motor vehicles and learning methods therefor
EP1020335A2 (en) Authentication method for a substitute key to use a vehicle
WO2006021178A2 (en) Method and security system for the secure and unambiguous coding of a security module
EP2463831A2 (en) Method for commissioning and operating a cash box
EP1163559B1 (en) Method for securing access to a data processing device and appropriate device
EP1098472B1 (en) Chip for storing a secret key for use in a user authorization control system
EP3312753B1 (en) Physical security element for resetting a password

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: KONINKLIJKE PHILIPS ELECTRONICS N.V.

Owner name: PHILIPS PATENTVERWALTUNG GMBH

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: KONINKLIJKE PHILIPS ELECTRONICS N.V.

Owner name: PHILIPS CORPORATE INTELLECTUAL PROPERTY GMBH

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RIC1 Information provided on ipc code assigned before grant

Free format text: 7E 05B 49/00 A, 7G 07C 9/00 B

17P Request for examination filed

Effective date: 20011116

AKX Designation fees paid

Free format text: DE FR GB

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: KONINKLIJKE PHILIPS ELECTRONICS N.V.

Owner name: PHILIPS CORPORATE INTELLECTUAL PROPERTY GMBH

17Q First examination report despatched

Effective date: 20030311

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: KONINKLIJKE PHILIPS ELECTRONICS N.V.

Owner name: PHILIPS INTELLECTUAL PROPERTY & STANDARDS GMBH

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): DE FR GB

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

Free format text: NOT ENGLISH

RIN1 Information on inventor provided before grant (corrected)

Inventor name: HOERNER, HELMUT

Inventor name: BUHR, WOLFGANG

REF Corresponds to:

Ref document number: 59711801

Country of ref document: DE

Date of ref document: 20040902

Kind code of ref document: P

GBT Gb: translation of ep patent filed (gb section 77(6)(a)/1977)

Effective date: 20040908

REG Reference to a national code

Ref country code: GB

Ref legal event code: 746

Effective date: 20040929

ET Fr: translation filed
PLAQ Examination of admissibility of opposition: information related to despatch of communication + time limit deleted

Free format text: ORIGINAL CODE: EPIDOSDOPE2

PLAR Examination of admissibility of opposition: information related to receipt of reply deleted

Free format text: ORIGINAL CODE: EPIDOSDOPE4

PLBQ Unpublished change to opponent data

Free format text: ORIGINAL CODE: EPIDOS OPPO

PLAQ Examination of admissibility of opposition: information related to despatch of communication + time limit deleted

Free format text: ORIGINAL CODE: EPIDOSDOPE2

PLAR Examination of admissibility of opposition: information related to receipt of reply deleted

Free format text: ORIGINAL CODE: EPIDOSDOPE4

PLBQ Unpublished change to opponent data

Free format text: ORIGINAL CODE: EPIDOS OPPO

PLBI Opposition filed

Free format text: ORIGINAL CODE: 0009260

REG Reference to a national code

Ref country code: FR

Ref legal event code: D6

PLAX Notice of opposition and request to file observation + time limit sent

Free format text: ORIGINAL CODE: EPIDOSNOBS2

26 Opposition filed

Opponent name: DAIMLERCHRYSLER AG

Effective date: 20050419

PLBB Reply of patent proprietor to notice(s) of opposition received

Free format text: ORIGINAL CODE: EPIDOSNOBS3

REG Reference to a national code

Ref country code: GB

Ref legal event code: 732E

REG Reference to a national code

Ref country code: FR

Ref legal event code: TP

PUAH Patent maintained in amended form

Free format text: ORIGINAL CODE: 0009272

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: PATENT MAINTAINED AS AMENDED

27A Patent maintained in amended form

Effective date: 20080206

AK Designated contracting states

Kind code of ref document: B2

Designated state(s): DE FR GB

GBTA Gb: translation of amended ep patent filed (gb section 77(6)(b)/1977)

Effective date: 20080319

ET3 Fr: translation filed ** decision concerning opposition
REG Reference to a national code

Ref country code: DE

Ref legal event code: R084

Ref document number: 59711801

Country of ref document: DE

REG Reference to a national code

Ref country code: DE

Ref legal event code: R084

Ref document number: 59711801

Country of ref document: DE

Effective date: 20141015

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 19

REG Reference to a national code

Ref country code: FR

Ref legal event code: PLFP

Year of fee payment: 20

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20160721

Year of fee payment: 20

Ref country code: GB

Payment date: 20160726

Year of fee payment: 20

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20160720

Year of fee payment: 20

REG Reference to a national code

Ref country code: DE

Ref legal event code: R071

Ref document number: 59711801

Country of ref document: DE

REG Reference to a national code

Ref country code: GB

Ref legal event code: PE20

Expiry date: 20170818

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: GB

Free format text: LAPSE BECAUSE OF EXPIRATION OF PROTECTION

Effective date: 20170818