US20010040966A1 - Method of and system for writing-in key information - Google Patents

Method of and system for writing-in key information Download PDF

Info

Publication number
US20010040966A1
US20010040966A1 US08/914,444 US91444497A US2001040966A1 US 20010040966 A1 US20010040966 A1 US 20010040966A1 US 91444497 A US91444497 A US 91444497A US 2001040966 A1 US2001040966 A1 US 2001040966A1
Authority
US
United States
Prior art keywords
information
identification information
key
data carrier
central station
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US08/914,444
Other versions
US6337912B2 (en
Inventor
Wolfgang Buhr
Helmut Horner
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NXP BV
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Family has litigation
First worldwide family litigation filed litigation Critical https://patents.darts-ip.com/?family=7803302&utm_source=google_patent&utm_medium=platform_link&utm_campaign=public_patent_search&patent=US20010040966(A1) "Global patent litigation dataset” by Darts-ip is licensed under a Creative Commons Attribution 4.0 International License.
Application filed by Individual filed Critical Individual
Assigned to U.S. PHILIPS CORPORATION reassignment U.S. PHILIPS CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BUHR, WOLFGANG, HORNER, HELMUT
Publication of US20010040966A1 publication Critical patent/US20010040966A1/en
Application granted granted Critical
Publication of US6337912B2 publication Critical patent/US6337912B2/en
Assigned to NXP B.V. reassignment NXP B.V. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: U.S. PHILIPS CORPORATION
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00857Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed
    • G07C2009/0088Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys where the code of the data carrier can be programmed centrally

Definitions

  • the invention relates to a method of and a system for writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station.
  • the data carrier is a key for a motor vehicle, which key is to be issued to the legitimate owner of the motor vehicle by a dealer, for example because the owner requires an additional key or has lost a key originally received upon the purchase of the motor vehicle.
  • the method and the system in accordance with the invention are also suited for other uses, for example for keys giving access to certain rooms or areas.
  • the method and the system in accordance with the invention enable selected allocated information to be written into a data carrier in a secure manner.
  • this object is achieved in that the key contains stored identification information which cannot be read externally and is consequently secret, and in that the key information is encrypted with this identification information at the central station and the encrypted information is transferred to the data carrier at the issuing station. In the data carrier this encrypted key information is subsequently decrypted and stored.
  • This method has the advantage that the data carriers can be despatched freely because they do not contain any key information, so that a thief cannot abuse the data carrier.
  • the unauthorized interception of the transmitted encrypted key information is neither of any avail to an unauthorized person if he does not have a data carrier with the correct identification information into which he can write the encrypted key information.
  • each data carrier contains open further identification information, which is readable.
  • each data carrier it is possible to store in each data carrier individual identification information which differs from that in the other data carriers, the relationship between the open further identification information and the secret identification information being stored at the central station. Owing to this measure encrypted key information can be decrypted correctly by means of only one, i.e. the correct, data carrier.
  • the key information to be transmitted to the data carrier is assigned unambiguously to at least one individual object, for example a motor vehicle.
  • the object information characterizing this object should be transmitted to the central station.
  • an asymmetrical encryption process can be used for encrypting the object information prior to transmission from the remote station to the central station, the open key being used for the encryption of the object information or the encrypted object information, decryption at the central station being effected by means of the secret key of the asymmetrical encryption process.
  • the invention further relates to a system for writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station, and to a data carrier and a terminal for use in such a system.
  • a central station 20 has two memories 21 and 25 .
  • the memory 21 comprises two groups 22 and 23 of storage locations, which are associated with one another in pairs.
  • given information i.e. open identification information of a given data carrier in the case of data carriers with individually distinct identification information or the specification of a data carrier group in the case of data carriers with identical identification information per group.
  • the memory 25 in the present example comprises three groups 26 , 27 and 28 of storage locations.
  • the storage locations of the group 26 store object information and each of these storage locations is associated with a given storage location of the group 27 , which given storage location stores key information associated with this object.
  • each storage location of the group 26 is preferably associated with a plurality of storage locations of the group 28 , which storage locations store a plurality of identification numbers. Their meaning will be explained in some detail hereinafter.
  • a data carrier 10 is situated at a further station. It is obvious that in practice many data carriers are available, which are of mutually identical construction and of which the data carrier 10 shown here is representative.
  • This data carrier 10 includes a processing unit 11 and four storage locations 12 to 15 .
  • the storage location 12 serves for storing identification information which can only be processed internally in the data carrier 10 and which is never made available externally.
  • the storage location 13 stores open further information which characterizes the individual data carrier and which can be read out externally.
  • these two types of information are supplied by the central station 20 , where they are written into two mutually associated storage locations 22 and 23 of the memory 21 and the respective information is written into the storage locations 12 and 13 at the further station, where the data carrier 10 is situated initially.
  • the further station can be identical to the central station 20 .
  • This writing into the storage locations 12 and 13 is effected for a multiplicity of data carriers and these data carriers are subsequently conveyed to a remote station via a transport path.
  • This transport path has at least an unprotected part, shown as a dash-dot line 39 .
  • the data carriers could be stolen.
  • such a theft cannot give rise to any substantial damage because the data carriers do not yet contain any key information and therefore cannot be used at an object.
  • this data carrier 10 ′ is coupled to a terminal 40 .
  • the open identification information is read from the storage location 13 ′ and is applied to the terminal 40 via the connection 43 .
  • object information is entered via an input 41 , for example by means of a keyboard.
  • the section 42 of the encryption device takes the form of an Exclusive-Or element.
  • the encrypted information i.e. the object information encrypted with the open identification information, is applied to a section 44 , which performs an asymmetrical encryption, for example in accordance with the RSA method, with a fixed key, which is shown here as being applied via an input 45 .
  • the key need not be secret because decryption is not possible with the aid of this key.
  • the encrypted object information transmitted by the unauthorized person will not be decrypted correctly at the central station, so that the desired key information is not read correctly from the memory 25 .
  • the unauthorized person transmits the likewise intercepted open identification information, he will merely obtain key information which has not been encrypted with the secret identification information stored in his key and which therefore cannot be decrypted.
  • the unauthorized person transmits the likewise intercepted open identification information, he will merely obtain key information which has not been encrypted with the secret identification information stored in his key and which therefore cannot be decrypted.
  • tapping an authorized transmission it is not possible to obtain data for an object by means of which a key for the same object can be generated without authorization.
  • the encrypted information supplied by the section 44 via the line 47 is now transferred to the central station 20 via the line 43 .
  • This transfer can be effected via an non-protected path because the encrypted information on the line 47 cannot be decrypted without the secret key of the asymmetrical encryption being known and the open identification information does not include any direct reference to the key information required in the data carrier.
  • the encrypted information on the line 47 is applied to a decryption device comprising the sections 32 and 34 .
  • the information transferred via the line 47 is decrypted by means of a secret key, shown here as being applied via an input 35 .
  • the information appearing on the output 37 of the section 34 of the decryption device is then the same as that on the output of the Exclusive-Or element 42 in the terminal 40 .
  • this is not yet the object information applied via the input 41 of the terminal 40 . Therefore, the line 37 leads to an Exclusive Or element 32 , having a further input to which the open identification information is applied via the line 43 .
  • the decrypted object information which is applied to the memory 25 , is available on the output 33 of the Exclusive Or element 32 .
  • the group 26 that storage location is selected in which this object information has been stored and the key information is read from the associated storage location of the group 27 .
  • the open identification information on the line 43 controls the memory 21 , in that the storage location of the group 22 in which this identification information has been stored, is addressed and the associated storage location of the group 22 in which the secret identification information has been stored, is read out.
  • the information read from the memory 25 is applied to an encryption circuit 30 , which also takes the form of an Exclusive-Or element.
  • the information appearing on the output 31 is transmitted to the remote station, which is effected via a transmission path which need not be protected because the decrypted key information can only be recovered from the information on the line 31 with the aid of the correct secret identification information, but this information is hidden in the data carrier and is not transmitted directly.
  • an identification number is read from an associated storage location of the group 28 and is transmitted to the remote station via the line 38 , for which also a non-protected path can be used.
  • the information on the line 31 and on the line 38 is applied to the data carrier 10 ′ via the terminal 40 .
  • the identification number on the line 38 is written directly into the storage location 15 ′ in the data carrier 10 ′, while the encrypted key information on the line 31 is applied to a decryption device 17 , which receives the secret identification information from the storage location 12 ′ on a further input.
  • This decryption device is again an Exclusive Or element and generates the decrypted key information on its output, which key information is written into the storage location 14 ′.
  • the data carrier 10 ′ receives all the information necessary for its use in conjunction with a given object, for example a motor vehicle, without the possibility of an unauthorized interception of the essential key information during transmission.
  • the identification number in the storage location 15 ′ is not strictly necessary for the described method and, in the case that the data carrier is a key for a motor vehicle, this identification number serves for initially checking in the motor vehicle whether the key is permissible before it is ascertained whether an authorized key is used.
  • the reason for this is that if by means of a non-authorized key, i.e. one with incorrect key information, a number of starting attempts have been made, all the functions of the motor vehicle are permanently disabled and can be restored only by means of a specific secret procedure.
  • the identification number ensures that by means of a wrong key, which for example belongs to another motor vehicle and consequently contains other key information, no false starting attempts, otherwise recognized as permissible, can be made.
  • each key authorized for a motor vehicle carries a different identification number, for which reason a plurality of identification numbers corresponding to the respective object information are stored in the memory 25 and in the associated object.
  • the encryption in the terminal 40 by means of the sections 42 and 44 and the corresponding decryption in the central station can also be effected in another manner than shown.
  • the essential feature is that the information on the line 47 is encrypted in such a manner that a decryption by the transmitted information alone is not possible.

Abstract

In the case of keys which cooperate electronically with an object, for example a motor vehicle, it is often necessary to produce a new key. These keys must be available rapidly at remote locations, so that the object-specific key information must be transmitted and written into the key in a secure manner. For this purpose, according to the invention, object information is transmitted from the remote station to a central station, which reads out the key information stored for this purpose and encrypts it with identification information stored both in the central station and in the key and transmits this to the key. By means of the secret identification information stored therein the key is capable of recovering and storing the original key information. Moreover, prior to the transmission to the central station, the object information is encrypted with further readable identification information, which has also been stored in the key and in the central station and by means of which the secret identification information is read out for the purpose of decryption in the central station. The encrypted object information can be encrypted additionally, for example by means of an asymmetrical encryption algorithm.

Description

  • The invention relates to a method of and a system for writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station. In a preferred use the data carrier is a key for a motor vehicle, which key is to be issued to the legitimate owner of the motor vehicle by a dealer, for example because the owner requires an additional key or has lost a key originally received upon the purchase of the motor vehicle. However, it is to be noted that the method and the system in accordance with the invention are also suited for other uses, for example for keys giving access to certain rooms or areas. In general, the method and the system in accordance with the invention enable selected allocated information to be written into a data carrier in a secure manner. [0001]
  • When key information stored at a central station is to be written into a data carrier at a remote station it is necessary in conventional systems to ensure that the transmission of the key information to the remote station cannot be overheard, because otherwise an unauthorized person can write the illegally intercepted key information into a data carrier of his own and can thus, for example, gain unauthorized access to protected rooms or areas. The alternative, i.e. to write the key information into the data carrier at the central station and subsequently send it to the remote station, is also unfavorable because the data carrier can be stolen during transportation. [0002]
  • It is an object of the invention to provide a method of securely writing key information into a data carrier which is issued at another station than that where the key information is generated or has been stored. [0003]
  • According to the invention this object is achieved in that the key contains stored identification information which cannot be read externally and is consequently secret, and in that the key information is encrypted with this identification information at the central station and the encrypted information is transferred to the data carrier at the issuing station. In the data carrier this encrypted key information is subsequently decrypted and stored. [0004]
  • This method has the advantage that the data carriers can be despatched freely because they do not contain any key information, so that a thief cannot abuse the data carrier. The unauthorized interception of the transmitted encrypted key information is neither of any avail to an unauthorized person if he does not have a data carrier with the correct identification information into which he can write the encrypted key information. [0005]
  • In this respect is important that each data carrier contains open further identification information, which is readable. Thus, it is possible to store in each data carrier individual identification information which differs from that in the other data carriers, the relationship between the open further identification information and the secret identification information being stored at the central station. Owing to this measure encrypted key information can be decrypted correctly by means of only one, i.e. the correct, data carrier. [0006]
  • In order to enable the allocation of secret identification information, key information and the open further identification information to be organized more easily, it is effective if the identification information and the open identification information are written into the data carrier at a further station before the data carrier is conveyed to the remote station. This further station should then be coupled to the central station via a protected information transmission link, so as to enable the same information to be written in at this station. The further station can also be identical to the central station. [0007]
  • The key information to be transmitted to the data carrier is assigned unambiguously to at least one individual object, for example a motor vehicle. When a data carrier is to be assigned to such an individual object the object information characterizing this object should be transmitted to the central station. In order to also protect this transmission path it is effective to encrypt the object information with the open further identification information prior to the transmission to the central station. [0008]
  • For data encryption a variety of methods are known. A particularly simple encryption and decryption of the key information and the objection information, which can be used in the method in accordance with the invention, is by exoring with the identification information. Since the identification information is secret, decryption is not possible without the key information being known even if the encryption method is known. [0009]
  • In addition to or instead of the encryption by means of an Exclusive-Or operation an asymmetrical encryption process can be used for encrypting the object information prior to transmission from the remote station to the central station, the open key being used for the encryption of the object information or the encrypted object information, decryption at the central station being effected by means of the secret key of the asymmetrical encryption process. [0010]
  • The invention further relates to a system for writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station, and to a data carrier and a terminal for use in such a system.[0011]
  • An embodiment of the invention will now be described in more detail, by way of example, with reference to the drawing. In this embodiment a [0012] central station 20 has two memories 21 and 25. The memory 21 comprises two groups 22 and 23 of storage locations, which are associated with one another in pairs. By addressing a storage location of the group 23 with given information, i.e. open identification information of a given data carrier in the case of data carriers with individually distinct identification information or the specification of a data carrier group in the case of data carriers with identical identification information per group, this associated identification information is read from the associated storage location of the group 22.
  • Similarly, the [0013] memory 25 in the present example comprises three groups 26, 27 and 28 of storage locations. The storage locations of the group 26 store object information and each of these storage locations is associated with a given storage location of the group 27, which given storage location stores key information associated with this object. Furthermore, each storage location of the group 26 is preferably associated with a plurality of storage locations of the group 28, which storage locations store a plurality of identification numbers. Their meaning will be explained in some detail hereinafter.
  • A [0014] data carrier 10 is situated at a further station. It is obvious that in practice many data carriers are available, which are of mutually identical construction and of which the data carrier 10 shown here is representative. This data carrier 10 includes a processing unit 11 and four storage locations 12 to 15. The storage location 12 serves for storing identification information which can only be processed internally in the data carrier 10 and which is never made available externally. The storage location 13 stores open further information which characterizes the individual data carrier and which can be read out externally. Preferably, these two types of information are supplied by the central station 20, where they are written into two mutually associated storage locations 22 and 23 of the memory 21 and the respective information is written into the storage locations 12 and 13 at the further station, where the data carrier 10 is situated initially. The further station can be identical to the central station 20.
  • This writing into the [0015] storage locations 12 and 13 is effected for a multiplicity of data carriers and these data carriers are subsequently conveyed to a remote station via a transport path. This transport path has at least an unprotected part, shown as a dash-dot line 39. In this part of the transport path the data carriers could be stolen. However, such a theft cannot give rise to any substantial damage because the data carriers do not yet contain any key information and therefore cannot be used at an object.
  • If key information for a given object is to be written into a data carrier at the remote location, i.e. into the [0016] data carrier 10′, which is shown in more detail in the FIGURE, this data carrier 10′ is coupled to a terminal 40. As a result, the open identification information is read from the storage location 13′ and is applied to the terminal 40 via the connection 43. Moreover, object information is entered via an input 41, for example by means of a keyboard. These two types of information are applied to an encryption device, which in the present case comprises two sections 42 and 44.
  • In the present case the [0017] section 42 of the encryption device takes the form of an Exclusive-Or element. The encrypted information, i.e. the object information encrypted with the open identification information, is applied to a section 44, which performs an asymmetrical encryption, for example in accordance with the RSA method, with a fixed key, which is shown here as being applied via an input 45. The key need not be secret because decryption is not possible with the aid of this key.
  • The additional encryption with the open identification information results in a substantially improved protection. It is now assumed that the data transmitted by a workshop, i.e. encrypted object information and open identification information, is intercepted by an unauthorized person who possesses preprogrammed keys. If this unauthorized person transmits the same encrypted object information, with the open identification information of his key but without the encryption with the open identification information, he would obtain the key information for the object information which has been encrypted with the secret identification information of his key and which is therefore correctly decrypted in the key, so that a valid key for the object is obtained illegally. Owing to the additional encryption with the open identification information the encrypted object information transmitted by the unauthorized person will not be decrypted correctly at the central station, so that the desired key information is not read correctly from the [0018] memory 25. However, if the unauthorized person transmits the likewise intercepted open identification information, he will merely obtain key information which has not been encrypted with the secret identification information stored in his key and which therefore cannot be decrypted. Thus, by tapping an authorized transmission it is not possible to obtain data for an object by means of which a key for the same object can be generated without authorization.
  • Similarly to the open identification information the encrypted information supplied by the [0019] section 44 via the line 47 is now transferred to the central station 20 via the line 43. This transfer can be effected via an non-protected path because the encrypted information on the line 47 cannot be decrypted without the secret key of the asymmetrical encryption being known and the open identification information does not include any direct reference to the key information required in the data carrier.
  • In the [0020] central station 20 the encrypted information on the line 47 is applied to a decryption device comprising the sections 32 and 34. In the section 34 the information transferred via the line 47 is decrypted by means of a secret key, shown here as being applied via an input 35. The information appearing on the output 37 of the section 34 of the decryption device is then the same as that on the output of the Exclusive-Or element 42 in the terminal 40. However, this is not yet the object information applied via the input 41 of the terminal 40. Therefore, the line 37 leads to an Exclusive Or element 32, having a further input to which the open identification information is applied via the line 43. Now the decrypted object information, which is applied to the memory 25, is available on the output 33 of the Exclusive Or element 32. In the group 26 that storage location is selected in which this object information has been stored and the key information is read from the associated storage location of the group 27. Moreover, the open identification information on the line 43 controls the memory 21, in that the storage location of the group 22 in which this identification information has been stored, is addressed and the associated storage location of the group 22 in which the secret identification information has been stored, is read out.
  • The information read from the [0021] memory 25 is applied to an encryption circuit 30, which also takes the form of an Exclusive-Or element. The information appearing on the output 31 is transmitted to the remote station, which is effected via a transmission path which need not be protected because the decrypted key information can only be recovered from the information on the line 31 with the aid of the correct secret identification information, but this information is hidden in the data carrier and is not transmitted directly.
  • Moreover, in the present example an identification number is read from an associated storage location of the [0022] group 28 and is transmitted to the remote station via the line 38, for which also a non-protected path can be used.
  • In the remote station the information on the [0023] line 31 and on the line 38 is applied to the data carrier 10′ via the terminal 40. The identification number on the line 38 is written directly into the storage location 15′ in the data carrier 10′, while the encrypted key information on the line 31 is applied to a decryption device 17, which receives the secret identification information from the storage location 12′ on a further input. This decryption device is again an Exclusive Or element and generates the decrypted key information on its output, which key information is written into the storage location 14′. Thus, the data carrier 10′ receives all the information necessary for its use in conjunction with a given object, for example a motor vehicle, without the possibility of an unauthorized interception of the essential key information during transmission.
  • The identification number in the [0024] storage location 15′ is not strictly necessary for the described method and, in the case that the data carrier is a key for a motor vehicle, this identification number serves for initially checking in the motor vehicle whether the key is permissible before it is ascertained whether an authorized key is used. The reason for this is that if by means of a non-authorized key, i.e. one with incorrect key information, a number of starting attempts have been made, all the functions of the motor vehicle are permanently disabled and can be restored only by means of a specific secret procedure. Thus, the identification number ensures that by means of a wrong key, which for example belongs to another motor vehicle and consequently contains other key information, no false starting attempts, otherwise recognized as permissible, can be made.
  • Suitably, each key authorized for a motor vehicle carries a different identification number, for which reason a plurality of identification numbers corresponding to the respective object information are stored in the [0025] memory 25 and in the associated object.
  • It is obvious that the encryption in the terminal [0026] 40 by means of the sections 42 and 44 and the corresponding decryption in the central station can also be effected in another manner than shown. The essential feature is that the information on the line 47 is encrypted in such a manner that a decryption by the transmitted information alone is not possible.

Claims (15)

1. A method of writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station, which after writing-in is unambiguously allocated to a selected one of a plurality of objects through the key information and which stores identification information which is not externally readable as well as open further identification information which can be read out, which types of identification information are also stored, allocated to one another, in the central station, object information which is characteristic of the individual object as well as the open further identification information being subsequently transmitted to the central station, where the key information which has been stored for the object information is read out and encrypted with the identification information stored allocated to the transmitted further identification information and the encrypted key information is transmitted to the data carrier and, in the data carrier, it is decrypted by means of the identification information stored therein and the decrypted key information is stored.
2. A method as claimed in
claim 1
, wherein at a further station, coupled to the central station via a protected information transmission link, the identification information and the open further identification information are written in prior to the transport of the data carrier to the remote station, said identification information being also stored at the central station.
3. A method as claimed in
claim 2
, wherein the object information is encrypted with the open identification information prior to the transmission to the central station.
4. A method as claimed in any one of the
claims 1
 to
3
, wherein the encryption and decryption of the key information and the object information is effected by means of an Exclusive-Or combination with the open further identification information.
5. A method as claimed in
claim 3
, wherein the encrypted object information is additionally encrypted with the associated open key by an asymmetrical encryption process prior to the transmission and is decrypted in the central station by means of the secret key of the encryption process.
6. A system for writing key information transmitted securely from a central station to a remote station into a data carrier available at said remote station, which after writing-in is unambiguously allocated to a selected one of a plurality of objects through the key information, the central station comprising a first memory which stores at least one identification information and associated further identification information, as well as object information characteristic of the object for each of the plurality of objects and the key information associated with the object, and an encryption device for encrypting key information read from the first memory with the identification information and a transmission device for transmitting the encrypted key information to the remote station, and the data carrier comprising a second memory and a decryption device, which second memory comprises a first storage location for identification information, a second storage location for key information, and a third storage location for further identification information characteristic of the data carrier, and which decryption device is connected to an information input of the data carrier and to the first storage location in order to supply decrypted key information and write this into the second storage location after having received encrypted key information.
7. A system as claimed in
claim 6
, wherein the remote station includes a terminal adapted to be coupled to the data carrier to initiate the read-out of the further identification information and to transmit the further identification information to the central station and to receive the encrypted key information subsequently transmitted from the central station and transmit it to the data carrier.
8. A system as claimed in
claim 7
, wherein the terminal includes an encryption device for encrypting read-in object information with the further identification information and transmit it to the central station, and the central station includes a decryption device for decrypting the received encrypted object information by means of the likewise transmitted further identification information and for controlling the first memory and reading out the associated key information by means of the decrypted object information.
9. A system as claimed in any one of the
claims 6
 to
8
, wherein the encryption device in the central station and the decryption device in the data carrier are constructed as Exclusive-Or logic elements.
10. A system as claimed in
claim 8
 or
9
, wherein the encryption device in the terminal is adapted to encrypt the encrypted object information additionally with the open key of an asymmetrical encryption and to transmit it to the central station, and the decryption device in the central station is adapted to decrypt the received, additionally encrypted object information with the secret key of the asymmetrical encryption and with the likewise received further identification information and to supply the decrypted object information to the first memory.
11. A data carrier for use in a system as claimed in any one of the
claims 6
 to
10
, comprising a decryption device and a memory having a first storage location for storing identification information and a second storage location for storing key information, the decryption device being coupled to the first storage location to decrypt received encrypted key information by means of the identification information read from the first storage location and to write the decrypted key information into the second storage location, read-out of the identification information from the data carrier being inhibited.
12. A data carrier as claimed in
claim 11
, wherein the memory comprises a third storage location for storing further identification information, and the memory is controllable from outside the data carrier in order to read the further identification information from the memory.
13. A data carrier as claimed in
claim 11
 or
12
, wherein the decryption device is constructed as an Exclusive-Or logic element.
14. A terminal for use in system as claimed in any one of the
claims 6
 to
10
, comprising a coupling device for a data carrier, a transmission device for information, an input device for the entry of information, and an encryption device having two inputs connected to the input device and the coupling device, and an output connected to the transmission device, for encrypting object information, which has been entered via the input device, with identification information applied via the coupling device, and for supplying the encrypted object information to the transmission device.
15. A terminal as claimed in
claim 14
, wherein the encryption device is adapted to encrypt the encrypted object information additionally with the open key of an asymmetrical encryption and to supply only the additionally encrypted object information to the transmission device.
US08/914,444 1996-08-22 1997-08-19 Method of and system for writing-in key information Expired - Lifetime US6337912B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE19633802A DE19633802A1 (en) 1996-08-22 1996-08-22 Method and system for writing key information
DE19633802.6 1996-08-22
DE19633802 1996-08-22

Publications (2)

Publication Number Publication Date
US20010040966A1 true US20010040966A1 (en) 2001-11-15
US6337912B2 US6337912B2 (en) 2002-01-08

Family

ID=7803302

Family Applications (1)

Application Number Title Priority Date Filing Date
US08/914,444 Expired - Lifetime US6337912B2 (en) 1996-08-22 1997-08-19 Method of and system for writing-in key information

Country Status (4)

Country Link
US (1) US6337912B2 (en)
EP (1) EP0825316B2 (en)
JP (1) JP4065347B2 (en)
DE (2) DE19633802A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6847286B1 (en) * 1999-01-15 2005-01-25 Bayerische Motoren Werke Aktiengesellschaft Method for authenticating a spare key for using a vehicle
US20050257074A1 (en) * 2004-05-17 2005-11-17 Alkove James M Secure storage on recordable medium in a content protection system
WO2008145199A1 (en) * 2007-05-29 2008-12-04 Bianchi 1770 S.P.A. Method for the duplication of electronic-code keys

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19934098A1 (en) * 1999-07-21 2001-01-25 Nokia Mobile Phones Ltd Starting device with PIN protection without input involves encoding PIN using unique identity number, comparing user code, unique identity, decoding PIN using unique identity number
WO2002016715A2 (en) * 2000-08-24 2002-02-28 Siemens Automotive Corporation Remote entry transmitter with transmission identification codes
US7490348B1 (en) * 2003-03-17 2009-02-10 Harris Technology, Llc Wireless network having multiple communication allowances
DE102006010821B4 (en) * 2006-03-07 2011-12-22 Joachim Becker Self-target seeking data transmission system and method therefor
US20080250251A1 (en) * 2007-04-04 2008-10-09 Cyberlink Corp. Systems and Methods for Hardware Driven Program Execution

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB8705892D0 (en) * 1987-03-12 1987-04-15 Security Services Plc Keys
US5229648A (en) * 1989-08-10 1993-07-20 Autosafe International, Inc. Multi element security system
JPH04213242A (en) * 1990-12-07 1992-08-04 Hitachi Ltd Limited multiple address communication system
SG46692A1 (en) * 1992-03-30 1998-02-20 Telstra Corp Ltd A cryptographic communications method and system
JP3568970B2 (en) * 1993-04-12 2004-09-22 株式会社東芝 IC card issuing device
WO1995016238A1 (en) * 1993-12-06 1995-06-15 Telequip Corporation Secure computer memory card
DE4342641A1 (en) * 1993-12-14 1995-06-22 Siemens Ag Authentication method between a mobile data carrier and a stationary data station
DE4441415C2 (en) * 1994-11-22 2003-06-18 Audi Ag Procedures for handling replacement keys
DE19502373C2 (en) * 1995-01-26 1997-07-03 Telefunken Microelectron Anti-theft method for motor-driven motor vehicles
DE19532067C1 (en) * 1995-08-31 1996-10-24 Daimler Benz Ag Programming system for vehicle electronic key

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6847286B1 (en) * 1999-01-15 2005-01-25 Bayerische Motoren Werke Aktiengesellschaft Method for authenticating a spare key for using a vehicle
US20050257074A1 (en) * 2004-05-17 2005-11-17 Alkove James M Secure storage on recordable medium in a content protection system
US7664966B2 (en) * 2004-05-17 2010-02-16 Microsoft Corporation Secure storage on recordable medium in a content protection system
WO2008145199A1 (en) * 2007-05-29 2008-12-04 Bianchi 1770 S.P.A. Method for the duplication of electronic-code keys

Also Published As

Publication number Publication date
JPH10107789A (en) 1998-04-24
JP4065347B2 (en) 2008-03-26
DE19633802A1 (en) 1998-02-26
EP0825316A3 (en) 2001-05-16
EP0825316B1 (en) 2004-07-28
US6337912B2 (en) 2002-01-08
EP0825316A2 (en) 1998-02-25
DE59711801D1 (en) 2004-09-02
EP0825316B2 (en) 2008-02-06

Similar Documents

Publication Publication Date Title
US6058478A (en) Apparatus and method for a vetted field upgrade
EP0492692B1 (en) Remote accessing system
US6058477A (en) System and method for authentication, and device and method for authentication
US4944008A (en) Electronic keying scheme for locking data
US4747139A (en) Software security method and systems
US4907270A (en) Method for certifying the authenticity of a datum exchanged between two devices connected locally or remotely by a transmission line
US5416840A (en) Software catalog encoding method and system
US7640436B2 (en) Encryption device and method
CA2285872A1 (en) Digital content protection system
JPH09238132A (en) Portable terminal communication system and its communication method
JP2002536925A5 (en)
US8422672B2 (en) Authenticated device, authenticating device and authenticating method
CN101421790B (en) Magnetic card reading system
CN104753962A (en) OBD (On-board diagnostics) safety management method and system
US20010040966A1 (en) Method of and system for writing-in key information
JP2005295408A (en) Enciphering device, decoding device, enciphering and decoding system, and key information updating system
JP2003018151A (en) External storage device and certification method conducted between the external storage device and the system device, certification system, computer device and system device
EP0447063B1 (en) Security enhancement in a data processor through use of dynamic parameter authentication
JP3534041B2 (en) Offline terminal authentication system and offline terminal authentication method used therefor
US20010021975A1 (en) Method for authenticating at least one subscriber during a data interchange
JP4729187B2 (en) How to use card management system, card holder, card, card management system
WO1987005175A1 (en) Method and apparatus for distributing and protecting encryption key codes
US6971020B1 (en) Circuit and method for the securing of a coprocessor dedicated to cryptography
US20180288613A1 (en) Authentication method, authentication system and authentication devices for authenticating an object
JPH0491531A (en) Confidential data transferring method using ic card

Legal Events

Date Code Title Description
AS Assignment

Owner name: U.S. PHILIPS CORPORATION, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BUHR, WOLFGANG;HORNER, HELMUT;REEL/FRAME:008917/0230

Effective date: 19970926

STCF Information on status: patent grant

Free format text: PATENTED CASE

FPAY Fee payment

Year of fee payment: 4

AS Assignment

Owner name: NXP B.V., NETHERLANDS

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:U.S. PHILIPS CORPORATION;REEL/FRAME:018635/0755

Effective date: 20061127

FPAY Fee payment

Year of fee payment: 8

FPAY Fee payment

Year of fee payment: 12