EP4327506A1 - Gestion de clés pour une communication sécurisée entre des abonnés de communication par l'intermédiaire d'un canal de communication séparé - Google Patents

Gestion de clés pour une communication sécurisée entre des abonnés de communication par l'intermédiaire d'un canal de communication séparé

Info

Publication number
EP4327506A1
EP4327506A1 EP22735346.3A EP22735346A EP4327506A1 EP 4327506 A1 EP4327506 A1 EP 4327506A1 EP 22735346 A EP22735346 A EP 22735346A EP 4327506 A1 EP4327506 A1 EP 4327506A1
Authority
EP
European Patent Office
Prior art keywords
communication
participant
secure
network
channel
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP22735346.3A
Other languages
German (de)
English (en)
Inventor
Konstantinos Dalamagkidis
Max Tuengerthal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens Mobility GmbH
Original Assignee
Siemens Mobility GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Mobility GmbH filed Critical Siemens Mobility GmbH
Publication of EP4327506A1 publication Critical patent/EP4327506A1/fr
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0827Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving distinctive intermediate devices or communication paths
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the invention relates to a method and a system for managing keys for secure communication between a number of communication participants.
  • VPN Virtual Private Networks
  • Virtual Private Network are known in principle and provide network connections that are not visible to uninvolved communication participants. In other words: uninvolved communication participants have no access to the virtual private network.
  • Certificates are used that are validated with the help of a certification authority (CA: Certificate Authority).
  • CA Certificate Authority
  • the object of the invention is to specify an improved method for managing keys for secure communication between communication participants.
  • This object is achieved by a method for managing keys for secure communication between multiple communication participants, in which secure communication takes place via a first communication channel between the multiple communication participants.
  • a communication for managing keys takes place via a second communication channel between a first Communication participants of the several
  • Communication participant which comprises a client device, and a key management server device.
  • the second communication channel is separate from the first communication channel.
  • a method of this type is WireGuard, for example.
  • using this type of method for secure communication is desirable in many applications, since these can be more performant and require less configuration effort.
  • the method according to the invention creates a solution for managing the keys (via the second communication channel with a key management server device) for this type of method.
  • the solution according to the invention represents a possibility for independent management of keys (without external intervention). This is particularly advantageous in scenarios in which external intervention is not constantly possible (for example due to a temporary lack of connectivity).
  • the invention is based on the knowledge that during the management of keys, in particular when the keys are exchanged, both communication participants have to update their keys. This requires synchronization between the key management server device and the client device. This synchronization can affect the actual secure communication. For example, a Interruption of safe communication may be required for synchronization.
  • the method according to the invention eliminates these further problems in that the communication for managing keys takes place via a second communication channel between a first communication participant and the key management server device.
  • the second communication channel is separate from the first communication channel.
  • keys can be managed in which the actual secure communication is not impaired at all or at least to a lesser extent.
  • the secure communication is, for example, an encrypted communication.
  • the secure communication preferably takes place via a virtual private network (VPN: Virtual Private Network).
  • VPN Virtual Private Network
  • the multiple communication participants are, for example, terminals that are connected to a communication network in terms of data technology and communicate with one another via this communication network.
  • the communication for managing keys via the second communication channel preferably takes place using HTTPS (Hypertext Transfer Protocol Secure).
  • HTTPS Hypertext Transfer Protocol Secure
  • each first communication participant who acts as a client, establishes an HTTPS connection with the key management server device.
  • the communication participant authenticates himself with the help of an X.509 client certificate and applies for a key.
  • the key management server device validates the validity of the certificate and responds (based on a common name contained therein) with a corresponding key for the communication party.
  • X.509 client certificate to be preferably a digital certificate in accordance with the ISO/IEC 9594-8 standard.
  • the key management server device can support HTTP caching via cache control and HTTP ETag. This enables the communication partner to store the key for a predetermined period of time and to reduce data transmission amounts if the key has not changed. This reduction of
  • Data transfer volume is of particular importance as it makes managing keys more efficient. This in turn leads to a reduction in the impairment of the actual (secure) communication via the first communication channel.
  • the secure communication takes place via a virtual private network and the second
  • Communication channel is outside of the virtual private network. This represents a particularly expedient embodiment of the method according to the invention.
  • the virtual private network is often referred to as "virtual private network” and abbreviated as VPN.
  • the communication connection between two communication participants that is created by the virtual private network is often referred to as a VPN tunnel.
  • the secure communication between the first communication participant and a second communication participant takes place using WireGuard.
  • a second communication participant which includes a WireGuard server device
  • the secure communication takes place using WireGuard.
  • This embodiment is based on the finding that a virtual private network based on WireGuard has not yet had a mechanism for managing, in particular for exchanging, keys and the use of WireGuard is therefore based on the fact that keys have already been distributed. Accordingly, the application of the method according to the invention is particularly advantageous for a second communication participant, which includes a WireGuard server device and in which the secure communication takes place using WireGuard.
  • the second communication participant includes the key management server device.
  • the second communication participant is used for secure communication with the first
  • the first communication participant preferably includes a key management client device which is provided for managing the keys, in particular for exchanging keys with the key management server device.
  • the WireGuard server device described above and the key management server device can each be a software component of the second communication participant.
  • the client device and the key management client device can each be a software component of the first communication participant.
  • the second communication channel can be, for example, a communication channel that is physically separate from the first communication channel. According to a preferred embodiment, the second communication channel is logically separated from the first communication channel.
  • the second communication channel can be on the same communication network as the first communication channel.
  • the common communication network on which the first and second communication channel is located is an Ethernet network, for example.
  • the first communication channel for secure communication uses the WireGuard protocol, for example.
  • the logical separation is achieved, for example, in that the communication for managing keys takes place via the second communication channel using HTTPS.
  • Communication participants designed as terminals that are technically connected to a communication network of a vehicle and / or a land-based communication network, which is used for communication with the communication network of the vehicle.
  • the management of keys via a separate second communication channel is particularly advantageous, since the impairment of secure communication via the first communication channel impairs the operation of the vehicle.
  • Remote access which is intended to manage keys, is also possible when used in a vehicle (due to the temporarily missing connectivity) disadvantageous.
  • the method according to the invention is particularly expedient for partially automated or automated operation of a vehicle for which the keys can also be managed independently.
  • the terminals are preferably connected to the communication network of the vehicle and/or to the land-based communication network by wire.
  • the vehicle is a track-bound vehicle, in particular a rail vehicle.
  • the first communication participant comprises a key management client device, with a private and a public key for secure communication being generated by means of the key management client device and the public key being sent to the key management server device via the second communication channel .
  • the generated key is sent to the key management server device.
  • the key management server device preferably acknowledges receipt of the key and sends public keys from other communication participants to the first communication participant.
  • a private and a public key for secure communication are generated by means of the key management server device and at least the private (and preferably public)
  • the first communication participant is not able to generate a private key himself. This is often the case, for example, with communication participants that are in the form of embedded devices and do not have their own random number generator.
  • the generated key (in particular the private and public key) is sent to the first communication participant.
  • public keys of other communication participants are sent to the first communication participant.
  • the invention also relates to a computer program, comprising program instructions which, when the program is executed by a computing device, leave the latter in order to carry out the method of the type described above.
  • the invention also relates to a computer program product with a computer program of the type described above.
  • the invention also relates to a provision device for the computer program of the type described above.
  • the provision device is, for example, a memory unit that stores and/or provides the computer program.
  • the provision device is, for example, a network service, a computer system, a server system, in particular a distributed, for example cloud-based computer system and/or virtual computer system, which Computer program preferably stores and / or provides in the form of a data stream.
  • the provision takes place in the form of a program data block as a file, in particular as a download file, or as a data stream, in particular as a download data stream, of the computer program.
  • this provision can also be made, for example, as a partial download consisting of several parts.
  • Such a computer program is, for example, using the
  • Provisioning device read into a system, so that the inventive method is carried out on a computer for execution.
  • the invention also relates to a system for managing keys for secure communication between a number of communication participants.
  • the system includes a first communication channel, which is designed to support secure communication between the multiple communication participants.
  • the system also includes a second communication channel, which is separate from the first communication channel and is designed to support communication for managing keys between a first communication participant of the plurality of communication participants, which comprises a client device, and a key management server device.
  • the first communication participant is connected in terms of data to a communication network of a vehicle and the second communication participant is connected in terms of data to a land-based communication network which is used for communication with the communication network of the vehicle.
  • the system is the first Communication participants connected in terms of data to a land-based communication network, which is used for communication with a communication network of a vehicle, and the second communication participant connected in terms of data to a communication network of the vehicle.
  • FIG. 1 shows schematically the structure of an embodiment of the system according to the invention
  • FIG. 2 shows schematically the sequence of an embodiment of the method according to the invention
  • Figure 3 schematically shows the sequence of a further embodiment of the method according to the invention.
  • Figure 4 schematically shows the structure of a
  • Embodiment of a vehicle and a land-based device that form a system according to the invention.
  • FIG. 1 shows a schematic view of a system 1 with a plurality of communication participants 2, 4 and 6.
  • FIG. 2 shows a schematic flowchart which shows the sequence of the exemplary embodiment of the method according to the invention.
  • the communication participant 2 is provided as a server and includes a WireGuard server device 12 for secure Communication with the communication participants 4 and 6 and a key management server device 22.
  • the communication participant 4 or 6 is provided as a client and each includes a client device 14 or 16 for secure communication with the
  • Communication participant 2 and a key management client device 24 or 26.
  • FIG. 1 shows a single communication participant 2, which is provided as a server, and two communication participants 4 and 6, which are provided as clients.
  • the communication participants 4 and 6 are each referred to below as the first communication participant, and the communication participant 2 is referred to below as the second communication participant.
  • Communication participants 2 and the communication participants 4 and 6 are provided using the WireGuard protocol via a first communication channel 10 .
  • the client device 14 or 16 is therefore provided as a WireGuard client.
  • Secure communication via the first communication channel 10 presupposes that key material has been distributed to the communication participants or has been exchanged between them.
  • the communication participant 2 is connected to the communication participant 4 and 6 via a second communication channel 20 in each case.
  • This second communication channel 20 is logically separated from the first communication channel 10 .
  • the first and second communication channels 10 and 20 are on one common communication network 30, for example an Ethernet network.
  • Key management server device 22 key material for secure communication.
  • the communication for managing keys takes place in a method step B via the second communication channel 20 from the first
  • Communication channel 10 is disconnected.
  • the secure communication takes place via a virtual private network (also called VPN: Virtual Private Network) using WireGuard via the first communication channel 10, with the second communication channel 20 being outside the virtual private network.
  • VPN Virtual Private Network
  • this communication for managing keys is a communication for exchanging keys and takes place using HTTPS (Hypertext Transfer Protocol Secure).
  • HTTPS Hypertext Transfer Protocol Secure
  • the first communication participant 4 or 6 sets up an HTTPS connection with the key management server device 22 in a method step B1.
  • the first communication participant 4 or 6 authenticates itself using an X.509 client certificate and requests a key.
  • the key management server device 22 validates the validity of the certificate in a method step B3. Based on a common name contained therein, the key management server device 22 provides a private and public key in a method step B4, which are used by the first communication participant 4 or 6 for the subsequent secure communication.
  • the key management server device 22 responds with a corresponding key for the communication participant 4 or 6:
  • the key management Server device 22 a private and a public key to the first communication participant 4 or 6.
  • public keys of further communication participants 6 or 4 are transmitted to the communication participant 4 or 6 in a method step B6.
  • the key management server device 22 supports HTTP caching via cache control and HTTP ETag. This puts the communication participant 4 or 6 in a position to store the key for a predetermined period of time and to reduce data transmission volumes if the key has not changed.
  • a method step B7 the connection between the first communication subscriber 4 or 6 and the key management server device 22 is cleared.
  • the schematic flowchart shown in Figure 3 represents a further embodiment of the method according to the invention. This is based on a constellation in which the key management client device 24 has a random number generator 25 (shown in dashed lines in Figure 1) and is able to key material itself generate.
  • the dashed representation of the random number generator 25 in FIG. 1 is intended to make it clear that a random number generator 25 is not present in the exemplary embodiment of the method according to the invention described with reference to FIG. Accordingly, in a method step AA, the key management client device 24 generates key material, in particular a private and public key, for secure communication.
  • the communication for managing keys takes place in a method step BB via the second communication channel 20:
  • step BB1 the first communication participant 4 establishes an HTTPS connection with the key management server device 22.
  • step BB2 the key management client device 24 provides a public key (based on the key material generated independently in step AA) for transmission to the
  • Key management server device 22 is available and sends it to the key management server device 22.
  • a step BB3 the
  • Key management server device 22 their public key for transmission to the key management client device 24 ready.
  • the public key of the further communication participant 6 is transmitted to the communication participant 4 in a method step BB4.
  • a method step BB5 the connection between the first communication subscriber 4 and the key management server device 22 is cleared.
  • Figure 4 shows a schematic view of a system 1 with a vehicle 103 and a land-based device 105.
  • the vehicle 103 is a rail vehicle 107, in particular a rail vehicle 109.
  • the land-based facility 105 is part of an operations control center.
  • the rail-bound vehicle 105 has a communication network 30 which is designed, for example, as an Ethernet network.
  • a terminal device 9 and a server device 110 are connected to the communication network 30 in terms of data technology.
  • the terminal 9 is a passenger counting device which, together with the server device 110, forms a so-called automatic passenger counting system (often abbreviated as AFZS by experts).
  • AFZS automatic passenger counting system
  • a communication gateway 111 is connected to the communication network 30 . That
  • Communication gateway 111 is, for example, what is known as a mobile communication gateway (MCG).
  • MCG mobile communication gateway
  • the communication gateway 111 is connected to a wireless communication interface 113 .
  • the communication gateway 111 together with the wireless communication interface 113 forms a communication device 115 which is designed to send data to the land-side device 105 and to receive data from the land-side device 105 .
  • the land-based device 105 has a communication network 117 which is in the form of an Ethernet network.
  • a land-side server device 119 and a terminal 120 are connected to the communication network 117, for example.
  • a ground communication gateway 121 is connected to the communication network 117 which is connected to a wireless communication interface 123 . Together with the wireless communication interface 123, the ground communication gateway 121 forms a communication device 125 which is designed to receive data from the vehicle 103.
  • the communication devices 115 and 125 together form a communication link 130 for transmitting data between the rail-bound vehicle 107 and the land-based device 105.
  • the secure communication according to method step A takes place, for example, between the terminal 9 (as the first communication participant) and the land-side server device 119 (as the second communication participant).
  • the first communication channel (not shown in Figure 4) and the second communication channel (not shown in Figure 4) are on communication network 30, communication link 130 and land-side communication network 117.
  • step A the secure communication according to step A, for example, between the terminal 120 (as the first communication participant) and the
  • Server device 110 take place (as the second communication participant).
  • the first communication channel and second communication channel are on communication network 30, communication link 130 and land-side communication network 117.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé et un système (1) de gestion de clés pour une communication sécurisée entre une pluralité d'abonnés de communication (2, 4, 6). Dans le procédé, la communication sécurisée est effectuée (C, CC) par l'intermédiaire d'un premier canal de communication (10) entre la pluralité d'abonnés de communication (2, 4, 6). Une communication de gestion de clés par l'intermédiaire d'un second canal de communication (20), qui est séparé du premier canal de communication (10), est effectuée (B, BB) entre un premier abonné de communication (4, 6) de la pluralité d'abonnés de communication, qui comprend un dispositif client (14, 16), et un dispositif serveur de gestion de clés (22).
EP22735346.3A 2021-06-29 2022-06-09 Gestion de clés pour une communication sécurisée entre des abonnés de communication par l'intermédiaire d'un canal de communication séparé Pending EP4327506A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102021206755.7A DE102021206755A1 (de) 2021-06-29 2021-06-29 Verwalten von Schlüsseln für eine sichere Kommunikation zwischen Kommunikationsteilnehmern über einen getrennten Kommunikationskanal
PCT/EP2022/065679 WO2023274678A1 (fr) 2021-06-29 2022-06-09 Gestion de clés pour une communication sécurisée entre des abonnés de communication par l'intermédiaire d'un canal de communication séparé

Publications (1)

Publication Number Publication Date
EP4327506A1 true EP4327506A1 (fr) 2024-02-28

Family

ID=82321569

Family Applications (1)

Application Number Title Priority Date Filing Date
EP22735346.3A Pending EP4327506A1 (fr) 2021-06-29 2022-06-09 Gestion de clés pour une communication sécurisée entre des abonnés de communication par l'intermédiaire d'un canal de communication séparé

Country Status (3)

Country Link
EP (1) EP4327506A1 (fr)
DE (1) DE102021206755A1 (fr)
WO (1) WO2023274678A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116389105B (zh) * 2023-03-30 2023-12-01 广东省城乡规划设计研究院有限责任公司 一种远程接入管理平台及管理方法
CN117640289A (zh) * 2023-11-27 2024-03-01 长扬科技(北京)股份有限公司 基于用户态WireGuard协议的网关架构和设备

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8700892B2 (en) 2010-03-19 2014-04-15 F5 Networks, Inc. Proxy SSL authentication in split SSL for client-side proxy agent resources with content insertion
US20150033016A1 (en) 2013-07-23 2015-01-29 Battelle Memorial Institute Systems and methods for securing real-time messages
US11463410B2 (en) * 2019-10-31 2022-10-04 Cisco Technology, Inc. Cloud-native VPN service

Also Published As

Publication number Publication date
WO2023274678A1 (fr) 2023-01-05
DE102021206755A1 (de) 2022-12-29

Similar Documents

Publication Publication Date Title
DE60108927T2 (de) Komputersysteme, insbesondere virtuelle private Netzwerken
DE60212289T2 (de) Verwaltung privater virtueller Netze (VPN)
EP4327506A1 (fr) Gestion de clés pour une communication sécurisée entre des abonnés de communication par l'intermédiaire d'un canal de communication séparé
DE102005032692A1 (de) Anordnung und Verfahren zur Konfiguration von Schnittstellen einer drahtlosen Verbindung zur Datenübertragung sowie ein entsprechendes Computerprogramm und ein entsprechendes computerlesbares Speichermedium
EP3577871B1 (fr) Procédé et dispositif permettant l'orientation modulaire d'un flux avb
EP3158695A1 (fr) Procédé de transmission de données et noeud de réseau associé et réseau associé
EP3572965A1 (fr) Exploitation d'un réseau défini par logiciel par synchronisation d'etat du reseau par la technologie blockchain
EP3799379B1 (fr) Procédé et système de communication à base d'ip permettant de changer les instances de commande de connexion sans nouvel enregistrement des abonnés finaux
DE102004047371A1 (de) Verfahren zum Verteilen von Software und Konfigurationsdaten sowie entsprechendes Datennetz
EP3753205B1 (fr) Transmission de données dans des réseaux de données sensibles au temps
DE102006003167B3 (de) Sichere Echtzeit-Kommunikation
DE102011080676A1 (de) Konfiguration eines Kommunikationsnetzwerks
DE102021122686A1 (de) Verfahren zum betreiben eines netzwerks
EP1537719B1 (fr) Actualisation d'un logiciel mis en memoire dans un ordinateur d'un systeme de communication de donnees
DE102022001115B3 (de) System zur sicheren Datenübertragung zwischen einem Kraftfahrzeug und einem Clouddienst
DE60015942T2 (de) Kommunikationsverwaltungstabellen-Übertragungssystem, Verwaltungsvorrichtung, Verschlüssler und Kommunikationsverwaltungstabellen-Übertragungsverfahren
DE102016125345A1 (de) Verfahren zum Betreiben einer Kollaborations- und Kommunikations-Plattform und Kollaborations- und Kommunikations-Plattform
WO2000019678A2 (fr) Systeme et procede pour coder et decoder des donnees numeriques selon le protocole internet
WO2023036493A1 (fr) Procédé de configuration sécurisée d'une pluralité de contrôleurs de passerelle d'un véhicule, support lisible par ordinateur, système et véhicule
DE102022120136A1 (de) Computerprogramm, Vorrichtung und Verfahren zum Steuern einer Datenübertragungsrate mehrerer Teilnehmer in einem Kommunikationsnetzwerk
DE102018208018A1 (de) Verfahren zur Kommunikation in einem vernetzten System
WO2023078769A1 (fr) Procédé, produit de programme informatique et moyen de stockage pour établir une connexion de données dans un réseau informatique
DE102022124174A1 (de) Computerprogramm, Vorrichtung und Verfahren zum Steuern einer Datenübertragungsrate mehrerer Teilnehmer in einem Kommunikationsnetzwerk
DE102021209505A1 (de) System und Verfahren zum Aufrüsten einer veralteten Client/Server-Anwendung für eine sichere und vertrauliche Datenübertragung
EP3926925A1 (fr) Système d'automatisation industrielle doté d'un réseau de communication en temps réel

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20231123

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR