DE102006021297A1 - Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code - Google Patents

Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code Download PDF

Info

Publication number
DE102006021297A1
DE102006021297A1 DE200610021297 DE102006021297A DE102006021297A1 DE 102006021297 A1 DE102006021297 A1 DE 102006021297A1 DE 200610021297 DE200610021297 DE 200610021297 DE 102006021297 A DE102006021297 A DE 102006021297A DE 102006021297 A1 DE102006021297 A1 DE 102006021297A1
Authority
DE
Germany
Prior art keywords
bus
initialization
cipher
controller
takes place
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
DE200610021297
Other languages
German (de)
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Muehlbach Sascha
Original Assignee
Muehlbach Sascha
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Muehlbach Sascha filed Critical Muehlbach Sascha
Priority to DE200610021297 priority Critical patent/DE102006021297A1/en
Publication of DE102006021297A1 publication Critical patent/DE102006021297A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0485Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks

Abstract

The method involves assigning a safety bus controller (1) for controlling coding, where the controller is provided as a transparent unit between a bus and a component (2). A stream cipher is provided for bus coding. Code exchange is performed in an initialization phase, where an authentication takes place during initialization of cipher, which is made possible by a secret identification code that is present in the safety bus controller. The code exchange is signaled at the safe bus-controller by bus signals or clock.

Description

Ausführungsbeispiele der Erfindung sind in den Zeichnungen dargestellt und werden im folgenden näher beschrieben. Es zeigenembodiments The invention are illustrated in the drawings and are in following closer described. Show it

1: die Architektur eines Systems mit mehreren Komponenten, bei denen einige mit dem sicheren Buscontroller ausgestattet sind; und 1 architecture of a multi-component system, some of which are equipped with the secure bus controller; and

2: den inneren Aufbau eines sicheren Buscontrollers. 2 : the internal structure of a secure bus controller.

Jede Komponente (2), die über den Bus verschlüsselt kommunizieren möchte, benötigt einen sicheren Buscontroller (1). Dieser befindet sich direkt auf dem Chip der Komponente, so dass die unverschlüsselte Kommunikation zwischen der Komponente und dem sicheren Buscontroller nicht abgehört werden kann. Bei den Komponenten kann es sich um jeden beliebigen Chip, z. B. einen Prozessor, einen RAM-Baustein oder einen Controller-Baustein handeln. Der sichere Buscontroller nimmt die Daten von der jeweiligen Komponenten entgegen und entscheidet anhand z. B. der Adresse, ob eine Verschlüsselung erforderlich ist. Durch diese Entscheidungsmöglichkeit im Controller (5) ist sichergestellt, dass auch mit Komponenten kommuniziert werden kann, welche nicht über einen sicheren Buscontroller verfügen. Der sichere Buscontroller implementiert dabei das Interface des jeweiligen Busses (4).Each component ( 2 ) that wants to communicate encrypted over the bus, requires a secure bus controller ( 1 ). This is located directly on the chip of the component, so that the unencrypted communication between the component and the secure bus controller can not be heard. The components may be any chip, e.g. As a processor, a RAM device or a controller block act. The secure bus controller receives the data from the respective components and decides based on z. As the address, if encryption is required. Through this decision option in the controller ( 5 ) ensures that it is also possible to communicate with components that do not have a secure bus controller. The secure bus controller implements the interface of the respective bus ( 4 ).

Da keine zusätzliche Verzögerung durch die Verschlüsselung bedingt sein darf, muss diese taktsynchron mit dem aktuellen Buszyklus geschehen. Aus diesem Grund ist nur eine on-the-fly-Verschlüsselung über eine Stromchiffre (5) möglich.Since no additional delay may be caused by the encryption, this must be done synchronously with the current bus cycle. For this reason, only on-the-fly encryption via a stream cipher ( 5 ) possible.

Bevor die Kommunikation auf dem Bus verschlüsselt werden kann, müssen sich alle sicheren Buscontroller auf einen gemeinsamen Schlüssel als Initialisierung für die Stromchiffre einigen. Ein gemeinsamer Schlüssel ist notwendig, damit jede Einheit beliebig mit anderen Einheiten kommunizieren kann. Für den Schlüsselaustausch sind verschiedene Verfahren denkbar. Aufgrund der begrenzten Ressourcen in einem Chip sollten jedoch besonders für den Hardwarebereich optimierte Verfahren gewählt werden. Konkret lässt sich z. B. das Tree Parity Machine-Verfahren für diesen Zweck einsetzen.Before The communication on the bus can be encrypted all secure bus controllers to a common key as initialization for the Some stream cipher. A common key is necessary for each Unit can freely communicate with other units. For the key exchange Various methods are conceivable. Due to the limited resources in a chip, however, should be optimized especially for the hardware area Procedure to be chosen. Specifically lets z. For example, use the Tree Parity Machine method for this purpose.

Bei der Initialisierung ist Kommunikation zwischen den sicheren Buscontrollern erforderlich. Hierbei ist entscheidend, dass diese Kommunikation ebenfalls über den vorhandenen Bus ablaufen kann, ohne Änderungen am Busprotokoll vornehmen zu müssen. Erreicht wird dies, indem jeder sichere Buscontroller auf dem Bus eine Adresse zugewiesen bekommt, unter der er erreichbar ist. Diese Adresse ist unabhängig von der Adresse der Komponente, in der er sich befindet. Sollte der Adressbereich eines Bussystems nicht ausreichen, um zusätzliche Adressen für die sicheren Buscontroller zu vergeben, so ist es auch möglich, die gesamte Kommunikation vor einem erfolgreichen Schlüsselaustausch als dedizierte Kommunikation für die sicheren Buscontroller zu betrachten. Sobald der Schlüsselaustausch vollzogen ist, schalten alle Einheiten dann in den normalen Kommunikationsmodus um.at initialization is communication between the secure bus controllers required. Here it is crucial that this communication also over the existing bus can run without making changes to the bus protocol to have to. This is achieved by having every secure bus controller on the bus gets an address under which it is reachable. These Address is independent from the address of the component in which it is located. Should the address range of a bus system is insufficient to provide additional Addresses for It is also possible to assign the secure bus controllers entire communication before a successful key exchange as dedicated communication for to consider the secure bus controllers. Once the key exchange completed, all units then switch to normal communication mode around.

Einer der sicheren Buscontroller muss hierbei als Initiator des Schlüsselaustausches fungieren. Da ein Bussystem in den häufigsten Fällen nicht dynamisch ist, kann man die Initiatorkomponenten schon während der Entwicklung festlegen. In den meisten Fällen wählt man hierfür die Komponente des Busses, welche Master-Zugriff besitzt. Dies kann z. B. der Prozessor sein oder der Bus Arbiter. Dies ist vorteilhaft, weil somit der Kommunikation während der Initialisierung Vorrang gegeben werden kann. Die Logik für den Schlüsselaustausch wird im Controller (5) innerhalb des sicheren Buscontrollers untergebrachtOne of the secure bus controllers must act as the initiator of the key exchange. Since a bus system is not dynamic in the most common cases, you can set the initiator components during development. In most cases, one chooses for this the component of the bus which has master access. This can be z. B. be the processor or the bus arbiter. This is advantageous because thus the communication during the initialization can be given priority. The key exchange logic is used in the controller ( 5 ) housed within the secure bus controller

Solange die einzelnen sicheren Buscontroller sich noch nicht auf einen gemeinsamen Schlüssel geeinigt haben, kann keine verschlüsselte Kommunikation stattfinden. Da die Verschlüsselung jedoch transparent für die einzelnen Komponenten ist, kann es sein, dass diese schon während einer noch laufenden Initialisierung über den Bus kommunizieren möchten. In diesem Fall muss der sichere Buscontroller alle Zugriffe auf Komponenten auf dem Bus, welche nur verschlüsselt ausgeführt werden dürfen, verzögern bzw. in ihrer Priorität herunterstufen, so dass die Komponente es zu einem späteren Zeitpunkt noch einmal versucht. Dann könnte die Initialisierung eventuell schon abgeschlossen sein.So long the individual secure bus controllers are not yet on a common Key agreed can not have encrypted Communication take place. However, the encryption is transparent for the individual components, it may be that this already during a still ongoing initialization over want to communicate the bus. In this case, the secure bus controller must access all Components on the bus, which are executed only encrypted may, delay or in their priority downgrade, so that the component it at a later date tried again. Then could the initialization may already be completed.

Während des normalen Betriebes muss sichergestellt sein, dass alle sicheren Buscontroller die Stromchiffre-Schlüssel kontinuierlich weiterschalten, auch wenn sie gerade nicht aktiv an einer Übertragung beteiligt sind. Dies ist erforderlich aufgrund der symmetrischen Gestalt der Architektur. Als gemeinsame Signalisierung lassen sich z. B. Signale des Busses verwenden, die einen abgeschlossenen Transfer kennzeichnen und an allen Einheiten am Bus verfügbar sind. Sollte so ein Signal nicht zur Verfügung stehen, so kommt auch der gemeinsame Bustakt als Synchronisationssignal in Frage.During the normal operation must be ensured that all safe Bus controllers continue to switch the stream cipher keys, too if you are not actively involved in a transfer. This is necessary due to the symmetrical shape of the architecture. As a common signaling can be z. B. signals of the bus use and mark a completed transfer all units available on the bus are. If such a signal is not available, so will come the common bus clock as a synchronization signal in question.

Mit einfachen Mitteln lässt sich eine Authentifizierung realisieren. Hierzu werden bei der Fertigung der Komponenten mit den sicheren Buscontrollern spezielle nichtflüchtige Speicherzellen eingebaut, die später mit einem Identifizierungsschlüssel belegt werden können. Ein Schlüssel kann aber auch direkt bei der Fertigung in den Chip integriert werden. Während der Initialisierungsphase wird diese Identifikationsinformation zum Schlüsselaustausch verwendet. Sollte die Information nicht übereinstimmen, so kann kein Schlüssel ausgetauscht werden. In Frage käme hierfür z. B. die Authentifizierungsmöglichkeit beim Tree Parity Machine Schlüsselaustausch. Jedoch auch ein Challenge-Response-Verfahren mit einer Hashfunktion ist einsetzbar. Der Initiator muss dieses dann mit jedem einzelnen sicheren Buscontroller durchführen.With simple means an authentication can be realized. For this purpose, when manufacturing the components with the safe bus controllers special non-volatile memory cells are installed, which can be assigned later with an identification key. A key can also be integrated directly into the chip during production. During the initialization phase, this identifi cation information used for key exchange. If the information does not match, no key can be exchanged. In question for this z. B. the authentication option when Tree Parity Machine key exchange. However, a challenge-response method with a hash function can also be used. The initiator must then do this with every single secure bus controller.

Claims (2)

Verfahren für eine volltransparente, verschlüsselte, multimasterfähige Kommunikation auf Bussystemen mit folgenden Merkmalen: a) Einsatz eines sicheren Buscontrollers, der sich als transparente Einheit zwischen Bus und Komponente befindet und die Verschlüsselung steuert b) Symmetrische Verschlüsselung c) Stromchiffre für die Busverschlüsselung d) Schlüsselaustausch in der Initialisierungsphase e) Signalisierung des Schlüsselwechsels an allen sicheren Buscontrollern durch Bussignale oder TaktProcedure for a fully transparent, encrypted, multi-master compatible Communication on bus systems with the following features: a) Use a secure bus controller that turns out to be a transparent unit located between bus and component and the encryption controls b) Symmetric encryption c) stream cipher for the bus encryption d) key exchange in the initialization phase e) Signaling of the key change on all secure bus controllers by bus signals or clock Verfahren nach Anspruch 1, dadurch gekennzeichnet, dass zusätzlich eine Authentifizierung während der Initialisierung stattfindet, die durch einen geheimen Identifikationsschlüssel ermöglicht wird, der sich im sicheren Buscontroller befindet.Method according to claim 1, characterized in that that in addition an authentication during initialization takes place, which is enabled by a secret identification key, which is located in the safe bus controller.
DE200610021297 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code Withdrawn DE102006021297A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
DE200610021297 DE102006021297A1 (en) 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE200610021297 DE102006021297A1 (en) 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code

Publications (1)

Publication Number Publication Date
DE102006021297A1 true DE102006021297A1 (en) 2008-01-10

Family

ID=38805881

Family Applications (1)

Application Number Title Priority Date Filing Date
DE200610021297 Withdrawn DE102006021297A1 (en) 2006-05-08 2006-05-08 Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code

Country Status (1)

Country Link
DE (1) DE102006021297A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3939828A1 (en) * 1989-12-02 1991-06-06 Ant Nachrichtentech Data transmission with unauthorised access prevention - encoding all data after preamble and transmitting via bus system
US20010003540A1 (en) * 1999-11-30 2001-06-14 Stmicroelectronics S.A. Electronic security component
DE19782075C2 (en) * 1996-10-25 2001-11-08 Intel Corp A circuit and method for securing connection security within a multi-chip package of an integrated circuit
DE102005013830A1 (en) * 2005-03-24 2006-09-28 Infineon Technologies Ag Data transmission device for use in data processing device, has interface performing preventive measure against transferring of data from that interface to other interface, if decoding data stream does not correspond to expected data stream

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3939828A1 (en) * 1989-12-02 1991-06-06 Ant Nachrichtentech Data transmission with unauthorised access prevention - encoding all data after preamble and transmitting via bus system
DE19782075C2 (en) * 1996-10-25 2001-11-08 Intel Corp A circuit and method for securing connection security within a multi-chip package of an integrated circuit
US20010003540A1 (en) * 1999-11-30 2001-06-14 Stmicroelectronics S.A. Electronic security component
DE102005013830A1 (en) * 2005-03-24 2006-09-28 Infineon Technologies Ag Data transmission device for use in data processing device, has interface performing preventive measure against transferring of data from that interface to other interface, if decoding data stream does not correspond to expected data stream

Similar Documents

Publication Publication Date Title
EP1959606B1 (en) Safety unit
EP2689553B1 (en) Motor vehicle control unit having a cryptographic device
EP3157192B1 (en) Method and system for asymmetric key derivision
DE102008006840A1 (en) Data transmission method and tachograph system
WO2014056593A1 (en) Method for configuring a control unit, control unit and vehicle
DE102013002647B3 (en) A motor vehicle with a vehicle communication bus and method for generating bus messages
DE102019100546A1 (en) Activate or deactivate a feature of a vehicle
DE102011002713A1 (en) Method for providing cryptographic credentials for electronic control unit (ECU) of vehicle e.g. electric car, has control unit that deactivates vehicle drive for deleting cryptographic credentials in vehicle safety management unit
DE10360120B3 (en) Rolling code based method
DE19805464A1 (en) Communication and diagnosis circuit for distributed electrical components e.g. in automobile
DE102006021297A1 (en) Full-transparent, coded, multi-masterable communication providing method, involves performing code exchange in initialization phase, where authentication takes place during initialization of cipher, which is made possible by secret code
DE4034444C2 (en)
DE102020112811B3 (en) Method and system for authenticating at least one unit
DE102005034713A1 (en) Function providing system for e.g. control device of motor vehicle, has information system with master function to generate command to activate and/or deactivate functions that are dedicated and not dedicated for component use, respectively
DE102017202239A1 (en) Method and device for agreeing a common key between a first node and a second node of a computer network
DE10136384C2 (en) Device for the computer-controlled generation of a large number of data records
DE102022206899A1 (en) Method for using cryptographic keys in an in-vehicle communication network
DE102018209757B3 (en) Protection of a vehicle component
EP1246391A1 (en) Method and system for cryptographic data communication with a plurality of instances
WO2017063996A1 (en) Method for generating a secret in a network comprising at least two transmission channels
WO2017102655A1 (en) Microcontroller system and method for controlling memory access in a microcontroller system
EP2656555B1 (en) Controlling apparatus and method
DE102014210863B4 (en) Method and system for the secure transmission of data
DE102016123178A1 (en) Encryption device for encrypting a data packet
DE102020214499A1 (en) Method for generating keys and replacing participants in a network

Legal Events

Date Code Title Description
OM8 Search report available as to paragraph 43 lit. 1 sentence 1 patent law
8139 Disposal/non-payment of the annual fee