EP3219575A1 - Method for securing the exchange of authentication keys and associated key management module - Google Patents

Method for securing the exchange of authentication keys and associated key management module Download PDF

Info

Publication number
EP3219575A1
EP3219575A1 EP16305296.2A EP16305296A EP3219575A1 EP 3219575 A1 EP3219575 A1 EP 3219575A1 EP 16305296 A EP16305296 A EP 16305296A EP 3219575 A1 EP3219575 A1 EP 3219575A1
Authority
EP
European Patent Office
Prior art keywords
key
communication
communication module
transportation
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
EP16305296.2A
Other languages
German (de)
French (fr)
Other versions
EP3219575B1 (en
Inventor
Andre RADOMIAK
Xavier MAGDELYNS
Stéphanie FOSSION
Stephano BAGLIVO
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alstom Transport Technologies SAS
Original Assignee
Alstom Transport Technologies SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alstom Transport Technologies SAS filed Critical Alstom Transport Technologies SAS
Priority to ES16305296T priority Critical patent/ES2843697T3/en
Priority to EP16305296.2A priority patent/EP3219575B1/en
Publication of EP3219575A1 publication Critical patent/EP3219575A1/en
Application granted granted Critical
Publication of EP3219575B1 publication Critical patent/EP3219575B1/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L15/00Indicators provided on the vehicle or vehicle train for signalling purposes ; On-board control or communication systems
    • B61L15/0018Communication with or on the vehicle or vehicle train
    • B61L15/0027Radio-based, e.g. using GSM-R
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L27/00Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
    • B61L27/70Details of trackside communication
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L27/00Central railway traffic control systems; Trackside control; Communication systems specially adapted therefor
    • B61L27/20Trackside control of safe travel of vehicle or vehicle train, e.g. braking curve calculation
    • B61L2027/202Trackside control of safe travel of vehicle or vehicle train, e.g. braking curve calculation using European Train Control System [ETCS]
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B61RAILWAYS
    • B61LGUIDING RAILWAY TRAFFIC; ENSURING THE SAFETY OF RAILWAY TRAFFIC
    • B61L2205/00Communication or navigation systems for railway traffic
    • B61L2205/02Global system for mobile communication - railways (GSM-R)

Definitions

  • the present invention concerns a method for securing the exchange of authentication keys used for symmetric data encryption communication between at least two communication modules.
  • the present invention also concerns a key management module performing this method.
  • At least one of said two communication modules is comprised in trackside equipment associated to a train control system and the other is an onboard communication module embedded in a railroad vehicle.
  • the invention is notably used for a train control system implemented according to the European Train Control System (ETCS) standard.
  • the invention particularly relates to level 2 or 3 of the ETCS standard.
  • the ETCS standard allows the communication between trackside equipment and the railroad vehicle moving along the corresponding track.
  • Trackside equipment is notably presented by Radio Block Centre (RBC) and Eurobalises distributed along the tracks and making it possible for example to control the speed and movement of the railroad vehicle.
  • RBC Radio Block Centre
  • the communication between trackside equipment (e.g. RBC) and the railroad vehicle is based on a safe protocol called Euroradio protocol and constructed over the GSM-R standard and in particular, over its circuit switching or packet switching (e.g. GPRS) extension for data transmission.
  • RBC trackside equipment
  • GPRS packet switching
  • the Euroradio protocol for such type of communication makes use of symmetric authentication techniques (e.g. without data encryption).
  • the Euroradio protocol allows the authentication of transmitting data by symmetric authentication keys, called KMAC keys ("Key Management Authentication Code").
  • KMAC keys Key Management Authentication Code
  • the authentication keys are known by each railroad communication module and shall remain secret to ensure the required safety and security level.
  • new authentication keys may be regularly transmitted by a key management module to each railroad communication module.
  • the authentication keys are transmitted in a message encrypted using transportation keys, called also KTRANS ("Key for TRANsport").
  • the transportation keys are known only by the authority that issued it, the key management module, and the communication module. This last module is the recipient of the message containing the authentication keys.
  • the confidentiality of initialization i.e. first distribution of the transportation key into the communication modules
  • its update are based on a human procedure, hence opening potential weakness on the transportation key disclosure.
  • a secured human procedure requires a heavy and constraining procedure that jeopardizes the regular update of the transportation key, leading to a degradation of the security level with time.
  • One aim of the invention is to provide a method for securing the exchange of authentication keys having a security level which does not degrade with time.
  • the invention concerns a method for securing the distribution of authentication keys used for symmetric data authenticated communication between at least two communication modules, at least a first and a second communication modules, the first communication module being comprised in trackside equipment associated to a train control system and the second communication module being onboard a railroad vehicle travelling on a track managed by said train control system, the method comprising a step of transmitting an authentication key to at least one communication module among the first and second communication modules, the transmission being performed by a symmetric data encryption communication between a key server and said communication module, using a transportation key known by said communication module, the method being characterized in that it further comprises a preliminary step of transmitting the transportation key to said communication module, the preliminary transmission being performed by an asymmetric data encryption communication between the key server and said communication module using a public key generated by said communication module.
  • the method according to the invention may comprise one or more of the following feature(s), taken in isolation, or according to any one of any technically feasible combination:
  • the present invention concerns also a key management module for securing the distribution of authentication keys used for symmetric data authenticated communication between at least two communication modules, at least a first and a second communication modules, the first communication module being comprised in trackside equipment associated to a train control system and the second communication module being onboard a railroad vehicle travelling on a track managed by said train control system.
  • the key management module is able to transmit an authentication key to at least one communication module among the first and second communication modules, the transmission being performed by a symmetric data encryption communication between a key server and said communication module, using a transportation key known by said communication module.
  • the key management module is characterized in that it is further able to transmit the transportation key to said communication module, the transmission being performed by an asymmetric data encryption communication between the key server and said communication module using a public key generated by said communication module.
  • a railroad vehicle 10 travelling on a railroad track 12 is illustrated on figure 1 .
  • the vehicle 10 is for example a passenger train.
  • the term "railroad vehicle” refers to any guided vehicle, i.e. any vehicle capable of travelling on a railroad track.
  • the vehicle 10 comprises notably a plurality of onboard systems 13, allowing the control of the vehicle 10, and an onboard communication module 14, able to provide a wireless communication between the onboard systems 13 and exterior systems, such as a control system 18, as it will be explained below.
  • the movement of the vehicle 10 on the railroad track 12 is managed by a train control system 18.
  • the train control system 18 is implemented preferably according to the European Train Control System standard, which is usually denoted as ETCS standard, more preferably in its level 2 or 3.
  • ETCS standard European Train Control System standard
  • the train control system 18 comprises a control center 20, located away from the railroad track 12, and trackside equipment 22 distributed along the railroad track 12 or concentrated and connected to the control center 20 by a suitable network 24.
  • Trackside equipment 22 comprises notably a plurality of trackside entities, 26A to 26N.
  • Each trackside entity 26A to 26N is associated to a section of the railroad track 12 and able to collect and transmit to the control center 20 at least some data relative to the vehicle 10 when it is moving on the associated section.
  • Each trackside entity 26A to 26N is further able to communicate with the railroad vehicle 10 over a wireless bi-directional link, in order to exchange data related for example to the authorized speed of movement on the associated section, movement permissions on this section, etc., in one direction, and the position of the vehicle, etc., in the other direction.
  • each trackside entity 26A to 26N comprises a railroad communication module 28A to 28N performing the data exchange with the control center 20 and with the onboard communication module 14 of the vehicle 10.
  • the wireless communication between the communication modules 28A to 28N and 14 is constructed over the GSM-R standard and in particular, over its circuit switching or packet switching (e.g. GPRS) extension for data transmission.
  • GSM-R GSM-R standard
  • packet switching e.g. GPRS
  • Data transmission between modules 28A to 28N and 14 is a data transmission using a symmetric data authentication technique.
  • This data transmission responds to a required safety level, defined by railroad authorities.
  • the authentication data transmission between the modules 28A to 28N and 14 or between 28A to 28N over the network 24 is implemented according to the Euroradio protocol known in the art and used in the ETCS standard.
  • the railroad communication modules 28A to 28N are implemented in a similar way. Thus, only the railroad communication module 28A will be explained in details below.
  • the control center 20 manages the trackside equipment 22 in function of the data collected by the trackside entities 26A to 26N.
  • the control center 20 comprises a key management module 34 distributing the symmetric keys to the railroad communication modules 28A to 28N and the onboard communication module 14.
  • the key management module 34 and the communication modules 28A and 14 are illustrated more in details on figure 2 .
  • the key management module 34 comprises a first transceiver 41 for a direct wireless communication with the onboard communication module 14 of the vehicle 10, a second transceiver 42 for the communication with the railroad communication module 28A of the trackside entity 26A via the network 24, and a key server 43, providing symmetric keys for wireless communication link between the railroad communication modules 28A to 28N and the onboard communication module 14 or wired communication between 28A to 28N.
  • the key management module 34 is connected to a certification authority module 44, also called remote controller, able to deliver and to verify certificates at the purpose of the communication modules 28A,14 and key management module 34.
  • the remote controller is, for example, able to deliver a certificate including a public key for the asymmetric cryptographic technique to each key manager 48,51.
  • the railroad communication module 28A comprises a first transceiver 46 for wireless communication with the onboard communication module 14, a second transceiver 47 for communication with the key management module 34, via network 24, and a key manager 48 allowing the encrypted and/or authenticated data transmission for wireless communication between the railroad communication modules 28A to 28N and the onboard communication module 14 or wired communication between modules 28A to 28N over network 24.
  • the transceiver 47 communicates also with the certification authority module 44 for the reception or verification of certificates at the purpose of the key manager 48
  • the onboard communication module 14 of the vehicle 10 comprises a transceiver 50 for wireless communication both with the railroad communication module 28A of the trackside entity 26A and the key management module 34 of the control center 20 and the certification authority module 44, and a key manager 51 allowing the encrypted or authenticated data transmission for wireless communication between the railroad communication modules 28A to 28N and the onboard communication module 14 or the certification authority module 44 directly, when this module 44 has an embedded communication module, or via the key management module 34 otherwise.
  • each key manager 48, 51 of each communication module 28A, 14 comprises a same plurality of authentication keys used to encrypt or authenticate data transmitted between these modules.
  • data transmitted from the onboard communication module 14 to the railroad communication module 28A is encrypted or authenticated by the transceiver 50 using one or several authentication keys stored in both key managers 48, 51.
  • the first transceiver 46 of the railroad communication module 28A When the first transceiver 46 of the railroad communication module 28A receives this data, it authenticates the data using the same authentication keys.
  • the authentication keys are called KMAC keys ("Key Management Authentication Code").
  • the authentication keys are generated by the key server 43 of the key management module 34.
  • the authentication keys are then distributed by the key server 43 to each communication module 28A, 14 according to a method 100 for securing the exchange of authentication keys according to the invention.
  • Each key manager 48, 51 is further able to generate a public key and an associated private key for implement an asymmetric cryptographic technique as it will be explained by the method 100.
  • the method 100 will be described hereinafter in reference to figure 3 presenting a general flow chart of its steps.
  • the authentication keys are generated by the key server 43.
  • the remote controller 44 delivers a certificate including a public key for the asymmetric cryptographic technique to each key manager 48, 51.
  • step 109 is repeated for each railroad communication module 28A of the trackside entity 26A.
  • the key server 43 generates one or several transportation keys.
  • a transportation key is generated for each communication module 28A, 14.
  • the transportation keys are used to encrypt or decrypt messages containing the authentication keys exchanged between the control center 20 and the corresponding communication module, using a symmetric cryptographic technique as it will be explained below.
  • transportation keys may be different for different communication modules 28A and 14, but they are all known by the key server 43.
  • the key server 43 transmits the generated transportation keys to the corresponding communication modules 28A, 14 via the first or the second transceiver 41, 42 using an asymmetric data cryptographic technique.
  • this step 120 includes several sub-steps.
  • the first transceiver 41 of the key management module 34 initializes a securing connection with the onboard communication module 14 according for example to the TLS (Transport Layer Security) protocol.
  • TLS Transport Layer Security
  • the TLS protocol is defined for example in the RFC 6176 document.
  • the first transceiver 41 and the transceiver 50 initialize a connection using a handshaking technique.
  • the first transceiver 41 exchanges certificates from the transceiver 50 of the onboard communication module 14.
  • the certificates include in particular a public key generated by the key manager 51 of the onboard communication module 14.
  • the remote controller 44 verifies the certificate and if its authentication is not successful, reinitializes the connection with the transceiver 50.
  • the first transceiver 41 encrypts the transportation keys generated for the onboard communication module 14 using a session key derived from the public key of the received certificate.
  • the first transceiver 41 transmits the encrypted message to the transceiver 50 of the onboard communication module 14.
  • the transceiver 50 decrypts this message using the session key established in sub-step 122.
  • the steps 121 to 123 are repeated in a similar way in order to transmit the corresponding transportation keys to the railroad communication module 28A of the trackside entity 26A.
  • the sub-steps 121 to 123 are performed by the second transceiver 42 of the key management module 34.
  • the first or the second transceiver, 41 or 42 generates a message containing the new authentication keys, the message contained authentication keys being encrypted according to a symmetric cryptographic technique similar to the symmetric cryptographic technique used for the communication between the railroad communication modules 28A and the onboard communication module 14. This encryption is performed using the transportation keys specific of the recipient communication module.
  • the first or the second transceivers 41, 42 transmits this message to the recipient communication modules 28A and 14, which decrypts it using the transportation keys.
  • the extracted new authentication key is stored into the key managers 48 or 51.
  • An authentication key is thus stored in both key managers 48 and 51 and can be further used for the encrypted data transmission between the communication modules 28A and 14 or between 28A and 28N.
  • the method 100 is repeated each time a transportation key update is necessary. This allows maintaining the required security level of the encrypted data transmission with time.
  • the method according to the invention provides a transportation keys initialization and update in a particularly simple way.
  • the initialization and update can be done remotely and does not need a local intervention on the remote equipment, trackside or trainborne.
  • the invention further ensures the required safety and security level of the train control system and is particularly useful to mitigate the risk of transportation keys disclosure.

Abstract

This method (100) comprises a step (130) of transmitting an authentication key to at least one communication module among a first and a second communication modules, the transmission being performed by a symmetric data encryption communication between a key server and said communication module, using a transportation key known by said communication module,
The method further comprises a preliminary step (120) of transmitting the transportation key to said communication module, the preliminary transmission being performed by an asymmetric data encryption communication between the key server and said communication module using a public key generated by said communication module.

Description

  • The present invention concerns a method for securing the exchange of authentication keys used for symmetric data encryption communication between at least two communication modules.
  • The present invention also concerns a key management module performing this method.
  • At least one of said two communication modules is comprised in trackside equipment associated to a train control system and the other is an onboard communication module embedded in a railroad vehicle.
  • The invention is notably used for a train control system implemented according to the European Train Control System (ETCS) standard. The invention particularly relates to level 2 or 3 of the ETCS standard.
  • As known in the art, the ETCS standard allows the communication between trackside equipment and the railroad vehicle moving along the corresponding track. Trackside equipment is notably presented by Radio Block Centre (RBC) and Eurobalises distributed along the tracks and making it possible for example to control the speed and movement of the railroad vehicle.
  • In ETCS level 2 or 3, the communication between trackside equipment (e.g. RBC) and the railroad vehicle is based on a safe protocol called Euroradio protocol and constructed over the GSM-R standard and in particular, over its circuit switching or packet switching (e.g. GPRS) extension for data transmission.
  • To ensure a safe and secured interface between railroad communication modules, the Euroradio protocol for such type of communication makes use of symmetric authentication techniques (e.g. without data encryption).
  • In particular, the Euroradio protocol allows the authentication of transmitting data by symmetric authentication keys, called KMAC keys ("Key Management Authentication Code"). The authentication keys are known by each railroad communication module and shall remain secret to ensure the required safety and security level.
  • To maintain such safety and security level, it is known in the art that a regular updating of the authentication keys mitigates the disclosure of these KMAC keys by a malicious party. To this end, new authentication keys may be regularly transmitted by a key management module to each railroad communication module.
  • To keep secret the authentication keys during their distribution to their end user, namely the trackside or onboard communication module, the authentication keys are transmitted in a message encrypted using transportation keys, called also KTRANS ("Key for TRANsport").
  • The transportation keys are known only by the authority that issued it, the key management module, and the communication module. This last module is the recipient of the message containing the authentication keys.
  • However, such method for securing the distribution of transportation keys (KTRANS for ETCS) is not completely satisfying.
  • Particularly, the confidentiality of initialization (i.e. first distribution of the transportation key into the communication modules) and its update are based on a human procedure, hence opening potential weakness on the transportation key disclosure. Moreover, a secured human procedure requires a heavy and constraining procedure that jeopardizes the regular update of the transportation key, leading to a degradation of the security level with time.
  • One aim of the invention is to provide a method for securing the exchange of authentication keys having a security level which does not degrade with time.
  • To this end, the invention concerns a method for securing the distribution of authentication keys used for symmetric data authenticated communication between at least two communication modules, at least a first and a second communication modules, the first communication module being comprised in trackside equipment associated to a train control system and the second communication module being onboard a railroad vehicle travelling on a track managed by said train control system, the method comprising a step of transmitting an authentication key to at least one communication module among the first and second communication modules, the transmission being performed by a symmetric data encryption communication between a key server and said communication module, using a transportation key known by said communication module, the method being characterized in that it further comprises a preliminary step of transmitting the transportation key to said communication module, the preliminary transmission being performed by an asymmetric data encryption communication between the key server and said communication module using a public key generated by said communication module.
  • The method according to the invention may comprise one or more of the following feature(s), taken in isolation, or according to any one of any technically feasible combination:
    • the preliminary step of transmitting the transportation key comprises the following sub-steps receiving from said communication module, a certificate including a public key; encrypting the transportation key into an encrypted message using said public key, and transmitting the encrypted message including the transportation key to said communication module, the encrypted message being decrypted by said communication module using a session key derived from said public key;
    • the preliminary step of transmitting the transportation key is performed using a Transport Layer Security protocol;
    • the preliminary step of transmitting the transportation key comprises a remote authentication of the certificate;
    • the train control system is implemented according to an European Train Control System standard;
    • the communication between any communication modules is a wireless or wired communication according to an Euroradio protocol; and
    • further comprising a step of delivering to each communication module a certificate including a public key for the asymmetric data encryption communication, said step being implemented before the preliminary step of transmitting the transportation key;
  • The present invention concerns also a key management module for securing the distribution of authentication keys used for symmetric data authenticated communication between at least two communication modules, at least a first and a second communication modules, the first communication module being comprised in trackside equipment associated to a train control system and the second communication module being onboard a railroad vehicle travelling on a track managed by said train control system.
  • The key management module is able to transmit an authentication key to at least one communication module among the first and second communication modules, the transmission being performed by a symmetric data encryption communication between a key server and said communication module, using a transportation key known by said communication module.
  • The key management module is characterized in that it is further able to transmit the transportation key to said communication module, the transmission being performed by an asymmetric data encryption communication between the key server and said communication module using a public key generated by said communication module.
  • The invention will be better understood, upon reading of the following description, taken solely as an example, and made in reference to the following drawings, in which:
    • figure 1 is a schematic view of a railroad vehicle traveling on a railroad track and managed by a train control system, the train control system comprising a key management module according to the invention;
    • figure 2 is a schematic view of the key management module of figure 1; and
    • figure 3 is a general flow chart of steps of the method according to the invention.
  • A railroad vehicle 10 travelling on a railroad track 12 is illustrated on figure 1.
  • The vehicle 10 is for example a passenger train.
  • In general case, the term "railroad vehicle" refers to any guided vehicle, i.e. any vehicle capable of travelling on a railroad track.
  • The vehicle 10 comprises notably a plurality of onboard systems 13, allowing the control of the vehicle 10, and an onboard communication module 14, able to provide a wireless communication between the onboard systems 13 and exterior systems, such as a control system 18, as it will be explained below.
  • The movement of the vehicle 10 on the railroad track 12 is managed by a train control system 18.
  • The train control system 18 is implemented preferably according to the European Train Control System standard, which is usually denoted as ETCS standard, more preferably in its level 2 or 3.
  • The train control system 18 comprises a control center 20, located away from the railroad track 12, and trackside equipment 22 distributed along the railroad track 12 or concentrated and connected to the control center 20 by a suitable network 24.
  • Trackside equipment 22 comprises notably a plurality of trackside entities, 26A to 26N. Each trackside entity 26A to 26N is associated to a section of the railroad track 12 and able to collect and transmit to the control center 20 at least some data relative to the vehicle 10 when it is moving on the associated section.
  • Each trackside entity 26A to 26N is further able to communicate with the railroad vehicle 10 over a wireless bi-directional link, in order to exchange data related for example to the authorized speed of movement on the associated section, movement permissions on this section, etc., in one direction, and the position of the vehicle, etc., in the other direction.
  • In particular, each trackside entity 26A to 26N comprises a railroad communication module 28A to 28N performing the data exchange with the control center 20 and with the onboard communication module 14 of the vehicle 10.
  • The wireless communication between the communication modules 28A to 28N and 14 is constructed over the GSM-R standard and in particular, over its circuit switching or packet switching (e.g. GPRS) extension for data transmission.
  • Data transmission between modules 28A to 28N and 14 is a data transmission using a symmetric data authentication technique.
  • This data transmission responds to a required safety level, defined by railroad authorities.
  • When the train control system 18 is implemented according to the ETCS standard, the authentication data transmission between the modules 28A to 28N and 14 or between 28A to 28N over the network 24 is implemented according to the Euroradio protocol known in the art and used in the ETCS standard.
  • The railroad communication modules 28A to 28N are implemented in a similar way. Thus, only the railroad communication module 28A will be explained in details below.
  • The control center 20 manages the trackside equipment 22 in function of the data collected by the trackside entities 26A to 26N.
  • The control center 20 comprises a key management module 34 distributing the symmetric keys to the railroad communication modules 28A to 28N and the onboard communication module 14.
  • The key management module 34 and the communication modules 28A and 14 are illustrated more in details on figure 2.
  • In reference to figure 2, the key management module 34 comprises a first transceiver 41 for a direct wireless communication with the onboard communication module 14 of the vehicle 10, a second transceiver 42 for the communication with the railroad communication module 28A of the trackside entity 26A via the network 24, and a key server 43, providing symmetric keys for wireless communication link between the railroad communication modules 28A to 28N and the onboard communication module 14 or wired communication between 28A to 28N.
  • In one embodiment of the invention, the key management module 34 is connected to a certification authority module 44, also called remote controller, able to deliver and to verify certificates at the purpose of the communication modules 28A,14 and key management module 34. The remote controller is, for example, able to deliver a certificate including a public key for the asymmetric cryptographic technique to each key manager 48,51.
  • The railroad communication module 28A comprises a first transceiver 46 for wireless communication with the onboard communication module 14, a second transceiver 47 for communication with the key management module 34, via network 24, and a key manager 48 allowing the encrypted and/or authenticated data transmission for wireless communication between the railroad communication modules 28A to 28N and the onboard communication module 14 or wired communication between modules 28A to 28N over network 24. The transceiver 47 communicates also with the certification authority module 44 for the reception or verification of certificates at the purpose of the key manager 48
  • The onboard communication module 14 of the vehicle 10 comprises a transceiver 50 for wireless communication both with the railroad communication module 28A of the trackside entity 26A and the key management module 34 of the control center 20 and the certification authority module 44, and a key manager 51 allowing the encrypted or authenticated data transmission for wireless communication between the railroad communication modules 28A to 28N and the onboard communication module 14 or the certification authority module 44 directly, when this module 44 has an embedded communication module, or via the key management module 34 otherwise.
  • To perform a symmetric data authentication technique for the exchange of data between one railroad communication modules 28A to 28N and the onboard communication module 14, or between modules 28A to 28N, each key manager 48, 51 of each communication module 28A, 14 comprises a same plurality of authentication keys used to encrypt or authenticate data transmitted between these modules.
  • Thus, for example, data transmitted from the onboard communication module 14 to the railroad communication module 28A is encrypted or authenticated by the transceiver 50 using one or several authentication keys stored in both key managers 48, 51.
  • When the first transceiver 46 of the railroad communication module 28A receives this data, it authenticates the data using the same authentication keys.
  • When the train control system 18 is implemented according to the ETCS standard, the authentication keys are called KMAC keys ("Key Management Authentication Code").
  • The authentication keys are generated by the key server 43 of the key management module 34.
  • The authentication keys are then distributed by the key server 43 to each communication module 28A, 14 according to a method 100 for securing the exchange of authentication keys according to the invention.
  • Each key manager 48, 51 is further able to generate a public key and an associated private key for implement an asymmetric cryptographic technique as it will be explained by the method 100.
  • The method 100 will be described hereinafter in reference to figure 3 presenting a general flow chart of its steps.
  • Initially, the authentication keys are generated by the key server 43.
  • During the step 109, the remote controller 44 delivers a certificate including a public key for the asymmetric cryptographic technique to each key manager 48, 51.
  • Then, the step 109 is repeated for each railroad communication module 28A of the trackside entity 26A.
  • Then, during step 110, the key server 43 generates one or several transportation keys. A transportation key is generated for each communication module 28A, 14.
  • The transportation keys are used to encrypt or decrypt messages containing the authentication keys exchanged between the control center 20 and the corresponding communication module, using a symmetric cryptographic technique as it will be explained below.
  • It shall be noted that the transportation keys may be different for different communication modules 28A and 14, but they are all known by the key server 43.
  • During the next step 120, the key server 43 transmits the generated transportation keys to the corresponding communication modules 28A, 14 via the first or the second transceiver 41, 42 using an asymmetric data cryptographic technique.
  • In particular, this step 120 includes several sub-steps.
  • During the first sub-step 121, the first transceiver 41 of the key management module 34 initializes a securing connection with the onboard communication module 14 according for example to the TLS (Transport Layer Security) protocol. The TLS protocol is defined for example in the RFC 6176 document.
  • In particular, during this sub-step 121, the first transceiver 41 and the transceiver 50 initialize a connection using a handshaking technique.
  • Then, the first transceiver 41 exchanges certificates from the transceiver 50 of the onboard communication module 14. The certificates include in particular a public key generated by the key manager 51 of the onboard communication module 14.
  • In one embodiment of the invention, the remote controller 44 verifies the certificate and if its authentication is not successful, reinitializes the connection with the transceiver 50.
  • During the next sub-step 122, the first transceiver 41 encrypts the transportation keys generated for the onboard communication module 14 using a session key derived from the public key of the received certificate.
  • During the next sub-step 123, the first transceiver 41 transmits the encrypted message to the transceiver 50 of the onboard communication module 14. The transceiver 50 decrypts this message using the session key established in sub-step 122.
  • Then, the steps 121 to 123 are repeated in a similar way in order to transmit the corresponding transportation keys to the railroad communication module 28A of the trackside entity 26A. In this case, the sub-steps 121 to 123 are performed by the second transceiver 42 of the key management module 34.
  • During the next step 130, for the transmission of new authentication keys to a recipient communication module, the first or the second transceiver, 41 or 42, generates a message containing the new authentication keys, the message contained authentication keys being encrypted according to a symmetric cryptographic technique similar to the symmetric cryptographic technique used for the communication between the railroad communication modules 28A and the onboard communication module 14. This encryption is performed using the transportation keys specific of the recipient communication module.
  • Then, the first or the second transceivers 41, 42 transmits this message to the recipient communication modules 28A and 14, which decrypts it using the transportation keys. The extracted new authentication key is stored into the key managers 48 or 51.
  • An authentication key is thus stored in both key managers 48 and 51 and can be further used for the encrypted data transmission between the communication modules 28A and 14 or between 28A and 28N.
  • The method 100 is repeated each time a transportation key update is necessary. This allows maintaining the required security level of the encrypted data transmission with time.
  • The method according to the invention provides a transportation keys initialization and update in a particularly simple way. The initialization and update can be done remotely and does not need a local intervention on the remote equipment, trackside or trainborne.
  • The invention further ensures the required safety and security level of the train control system and is particularly useful to mitigate the risk of transportation keys disclosure.

Claims (8)

  1. Method (100) for securing the distribution of authentication keys used for symmetric data authenticated communication between at least two communication modules (14, 28A, ..., 28N), at least a first and a second communication modules (14, 28A, ..., 28N), the first communication module (28A, ..., 28N) being comprised in trackside equipment (22) associated to a train control system (18) and the second communication module (14) being onboard a railroad vehicle (10) travelling on a track (12) managed by said train control system (18),
    the method (100) comprising a step (130) of transmitting an authentication key to at least one communication module (14, 28A, ..., 28N) among the first and second communication modules, the transmission being performed by a symmetric data encryption communication between a key server (43) and said communication module (14, 28A, ..., 28N), using a transportation key known by said communication module (14, 28A, ..., 28N),
    the method (100) being characterized in that it further comprises a preliminary step (120) of transmitting the transportation key to said communication module (14, 28A, ..., 28N), the preliminary transmission being performed by an asymmetric data encryption communication between the key server (43) and said communication module (14, 28A, ..., 28N) using a public key generated by said communication module (14, 28A, ..., 28N).
  2. Method (100) according to claim 1, wherein the preliminary step (120) of transmitting the transportation key comprises the following sub-steps:
    - receiving (121) from said communication module (14, 28A, ..., 28N), a certificate including a public key;
    - encrypting (122) the transportation key into an encrypted message using said public key;
    - transmitting (123) the encrypted message including the transportation key to said communication module (14, 28A, ..., 28N), the encrypted message being decrypted by said communication module (14, 28A, ..., 28N) using a session key derived from said public key.
  3. Method (100) according to claim 1 or 2, wherein the preliminary step (120) of transmitting the transportation key is performed using a Transport Layer Security (TLS) protocol.
  4. Method (100) according to claim 3, wherein the preliminary step (120) of transmitting the transportation key comprises a remote authentication of the certificate.
  5. Method (100) according to anyone of the preceding claims, wherein the train control system (18) is implemented according to an European Train Control System standard.
  6. Method (100) according to claim 5, wherein the communication between any communication modules (14, 28A, ..., 28N) is a wireless or wired communication according to an Euroradio protocol.
  7. Method (100) according to anyone of the preceding claims, further comprising a step (109) of delivering to each communication module (14, 28A, ..., 28N) a certificate including a public key for the asymmetric data encryption communication, said step being implemented before the preliminary step (120) of transmitting the transportation key.
  8. Key management module (34) for securing the distribution of authentication keys used for symmetric data authenticated communication between at least two communication modules (14, 28A, ..., 28N), at least a first and a second communication modules (14, 28A, ..., 28N), the first communication module (28A, ..., 28N) being comprised in trackside equipment (22) associated to a train control system (18) and the second communication module (14) being onboard a railroad vehicle (10) travelling on a track (12) managed by said train control system (18),
    the key management module (34) being able to transmit an authentication key to at least one communication module (14, 28A, ..., 28N) among the first and second communication modules, the transmission being performed by a symmetric data encryption communication between a key server (43) and said communication module (14, 28A, ..., 28N), using a transportation key known by said communication module (14, 28A, ..., 28N),
    the key management module (34) being characterized in that it is further able to transmit the transportation key to said communication module (14, 28A, ..., 28N), the transmission being performed by an asymmetric data encryption communication between the key server (43) and said communication module (14, 28A, ..., 28N) using a public key generated by said communication module (14, 28A, ..., 28N).
EP16305296.2A 2016-03-17 2016-03-17 Method for securing the exchange of authentication keys and associated key management module Active EP3219575B1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
ES16305296T ES2843697T3 (en) 2016-03-17 2016-03-17 Method to secure the exchange of authentication keys and associated key management module
EP16305296.2A EP3219575B1 (en) 2016-03-17 2016-03-17 Method for securing the exchange of authentication keys and associated key management module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP16305296.2A EP3219575B1 (en) 2016-03-17 2016-03-17 Method for securing the exchange of authentication keys and associated key management module

Publications (2)

Publication Number Publication Date
EP3219575A1 true EP3219575A1 (en) 2017-09-20
EP3219575B1 EP3219575B1 (en) 2020-11-04

Family

ID=55588195

Family Applications (1)

Application Number Title Priority Date Filing Date
EP16305296.2A Active EP3219575B1 (en) 2016-03-17 2016-03-17 Method for securing the exchange of authentication keys and associated key management module

Country Status (2)

Country Link
EP (1) EP3219575B1 (en)
ES (1) ES2843697T3 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210018909A1 (en) * 2017-02-19 2021-01-21 Transportation Ip Holdings, Llc Vehicle control system
EP3825205A1 (en) * 2019-11-20 2021-05-26 ALSTOM Transport Technologies Railway vehicle, distributed control system, and method for managing operations of railway vehicles in a railway network
EP4035970A1 (en) * 2021-01-29 2022-08-03 Siemens Mobility GmbH Method for encoded communication between a track-bound vehicle and a track-side device, and devices for applying the method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040236965A1 (en) * 2003-05-20 2004-11-25 Petri Krohn System for cryptographical authentication
EP1533971A1 (en) * 2003-11-18 2005-05-25 STMicroelectronics S.r.l. Method and system for establishing secure communication
DE102011006772A1 (en) * 2011-04-05 2012-10-11 Siemens Aktiengesellschaft System and method for key management of a train protection system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040236965A1 (en) * 2003-05-20 2004-11-25 Petri Krohn System for cryptographical authentication
EP1533971A1 (en) * 2003-11-18 2005-05-25 STMicroelectronics S.r.l. Method and system for establishing secure communication
DE102011006772A1 (en) * 2011-04-05 2012-10-11 Siemens Aktiengesellschaft System and method for key management of a train protection system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210018909A1 (en) * 2017-02-19 2021-01-21 Transportation Ip Holdings, Llc Vehicle control system
US11796996B2 (en) * 2017-02-19 2023-10-24 Transportation Ip Holdings, Llc Vehicle control system
EP3825205A1 (en) * 2019-11-20 2021-05-26 ALSTOM Transport Technologies Railway vehicle, distributed control system, and method for managing operations of railway vehicles in a railway network
EP4035970A1 (en) * 2021-01-29 2022-08-03 Siemens Mobility GmbH Method for encoded communication between a track-bound vehicle and a track-side device, and devices for applying the method

Also Published As

Publication number Publication date
ES2843697T3 (en) 2021-07-20
EP3219575B1 (en) 2020-11-04

Similar Documents

Publication Publication Date Title
CN109889484B (en) Information security method and device for rail transit vehicle-mounted signal control system
CN109688585B (en) Train-ground wireless communication encryption method and device applied to train monitoring system
CN109474909B (en) Key management method for train-ground security communication protocol of CTCS-3 level train control system
CN110073634A (en) Data conversion system and method
CN109194475B (en) Method for adopting information security system for train control system
CN103098435A (en) Relay node device authentication mechanism
US20100023776A1 (en) Method and System for Storing a Key in a Remote Security Module
CN112039951A (en) Safe distribution method, device and system of vehicle Bluetooth key and storage medium
CN108881176A (en) A kind of method of secure communication between car networking terminal
JP6092548B2 (en) Radio system and train control system
CN105554105A (en) Internet of vehicles group key management method oriented to multiple services and privacy protection
CN110999223A (en) Secure encrypted heartbeat protocol
CN110753321A (en) Safe communication method for vehicle-mounted TBOX and cloud server
CN106506149B (en) Key generation method and system between a kind of TBOX terminal and TSP platform
KR102282633B1 (en) Method of linkage certification between railway control system and multiple radio-blocking devices
EP3219575B1 (en) Method for securing the exchange of authentication keys and associated key management module
CN110944327A (en) Information security method and device for rail transit zone controller
KR102435030B1 (en) Secure Drone communication protocol
CN106411715A (en) Cloud-based secure instant messaging method and system
CN113221136B (en) AIS data transmission method, AIS data transmission device, electronic equipment and storage medium
CN108600240A (en) A kind of communication system and its communication means
KR102419057B1 (en) Message security system and method of railway communication network
CN110278085A (en) Unmanned plane remote authorization and remote control single channel encryption technology
CN108809656A (en) A kind of Key Exchange Protocol building method based on double authentication protection signature
US9930015B2 (en) Communication device and method for performing encrypted communication in multipoint networks

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN PUBLISHED

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

17P Request for examination filed

Effective date: 20170829

RBV Designated contracting states (corrected)

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20180618

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

INTG Intention to grant announced

Effective date: 20200610

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

GRAJ Information related to disapproval of communication of intention to grant by the applicant or resumption of examination proceedings by the epo deleted

Free format text: ORIGINAL CODE: EPIDOSDIGR1

GRAL Information related to payment of fee for publishing/printing deleted

Free format text: ORIGINAL CODE: EPIDOSDIGR3

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

GRAR Information related to intention to grant a patent recorded

Free format text: ORIGINAL CODE: EPIDOSNIGR71

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: GRANT OF PATENT IS INTENDED

GRAA (expected) grant

Free format text: ORIGINAL CODE: 0009210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE PATENT HAS BEEN GRANTED

INTC Intention to grant announced (deleted)
INTG Intention to grant announced

Effective date: 20200924

AK Designated contracting states

Kind code of ref document: B1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

REG Reference to a national code

Ref country code: GB

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: CH

Ref legal event code: EP

REG Reference to a national code

Ref country code: AT

Ref legal event code: REF

Ref document number: 1330466

Country of ref document: AT

Kind code of ref document: T

Effective date: 20201115

REG Reference to a national code

Ref country code: IE

Ref legal event code: FG4D

REG Reference to a national code

Ref country code: DE

Ref legal event code: R096

Ref document number: 602016047071

Country of ref document: DE

REG Reference to a national code

Ref country code: NL

Ref legal event code: FP

REG Reference to a national code

Ref country code: AT

Ref legal event code: MK05

Ref document number: 1330466

Country of ref document: AT

Kind code of ref document: T

Effective date: 20201104

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: PT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210304

Ref country code: RS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: NO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210204

Ref country code: FI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: GR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210205

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: AT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: BG

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210204

Ref country code: PL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: LV

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210304

REG Reference to a national code

Ref country code: LT

Ref legal event code: MG9D

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HR

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

REG Reference to a national code

Ref country code: ES

Ref legal event code: FG2A

Ref document number: 2843697

Country of ref document: ES

Kind code of ref document: T3

Effective date: 20210720

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: RO

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: EE

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: CZ

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: SM

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: LT

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

REG Reference to a national code

Ref country code: DE

Ref legal event code: R097

Ref document number: 602016047071

Country of ref document: DE

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: DK

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

PLBE No opposition filed within time limit

Free format text: ORIGINAL CODE: 0009261

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: NO OPPOSITION FILED WITHIN TIME LIMIT

26N No opposition filed

Effective date: 20210805

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: AL

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

Ref country code: MC

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

REG Reference to a national code

Ref country code: CH

Ref legal event code: PL

GBPC Gb: european patent ceased through non-payment of renewal fee

Effective date: 20210317

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: SI

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

REG Reference to a national code

Ref country code: BE

Ref legal event code: MM

Effective date: 20210331

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CH

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210331

Ref country code: LU

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210317

Ref country code: LI

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210331

Ref country code: GB

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210317

Ref country code: IE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210317

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: IS

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20210304

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: BE

Free format text: LAPSE BECAUSE OF NON-PAYMENT OF DUE FEES

Effective date: 20210331

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: FR

Payment date: 20230324

Year of fee payment: 8

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: HU

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT; INVALID AB INITIO

Effective date: 20160317

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: DE

Payment date: 20230321

Year of fee payment: 8

PG25 Lapsed in a contracting state [announced via postgrant information from national office to epo]

Ref country code: CY

Free format text: LAPSE BECAUSE OF FAILURE TO SUBMIT A TRANSLATION OF THE DESCRIPTION OR TO PAY THE FEE WITHIN THE PRESCRIBED TIME-LIMIT

Effective date: 20201104

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: NL

Payment date: 20230321

Year of fee payment: 8

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: IT

Payment date: 20230328

Year of fee payment: 8

Ref country code: ES

Payment date: 20230529

Year of fee payment: 8

P01 Opt-out of the competence of the unified patent court (upc) registered

Effective date: 20230823

PGFP Annual fee paid to national office [announced via postgrant information from national office to epo]

Ref country code: NL

Payment date: 20240320

Year of fee payment: 9