WO2017064025A1 - Procédé de génération d'un élément secret ou d'une clé dans un réseau - Google Patents

Procédé de génération d'un élément secret ou d'une clé dans un réseau Download PDF

Info

Publication number
WO2017064025A1
WO2017064025A1 PCT/EP2016/074271 EP2016074271W WO2017064025A1 WO 2017064025 A1 WO2017064025 A1 WO 2017064025A1 EP 2016074271 W EP2016074271 W EP 2016074271W WO 2017064025 A1 WO2017064025 A1 WO 2017064025A1
Authority
WO
WIPO (PCT)
Prior art keywords
event
network
network participant
subscriber
value sequence
Prior art date
Application number
PCT/EP2016/074271
Other languages
German (de)
English (en)
Inventor
Bjoern Kasper
Timo Lothspeich
Andreas Soenkens
Thomas Keller
Thorsten Huck
Andreas Mueller
Thorsten Schwepp
Original Assignee
Robert Bosch Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Robert Bosch Gmbh filed Critical Robert Bosch Gmbh
Publication of WO2017064025A1 publication Critical patent/WO2017064025A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Definitions

  • the present invention relates to a method for generating a secret, cryptographic key in a network, in particular the generation of a common, secret key in two participants of the network.
  • point-to-point connections are usually counted as networks and should also be addressed here with this term.
  • the two participants communicate via a shared transmission medium.
  • logical bit sequences (or, more generally, value sequences) are transmitted physically by means of corresponding transmission methods as signals or signal sequences.
  • the underlying communication system may e.g. be a CAN bus. This provides for transmission of dominant and recessive bits or correspondingly dominant and recessive signals, whereby a dominant signal or bit of a participant of the network intersperses against recessive signals or bits.
  • a state corresponding to the recessive signal adjusts itself to the transmission medium only if all participants involved provide a recessive signal for transmission or if all participants transmitting at the same time transmit a recessive signal level.
  • suitable cryptographic methods are usually used, which can generally be subdivided into two different categories: first, symmetric methods, in which the sender and receiver have the same cryptographic key, and, on the other hand, asymmetrical methods in which the sender uses the data to be transmitted is encrypted with the public (ie possibly also known to a potential attacker) key of the recipient, but decryption can only be done with the associated private key, which ideally is known only to the recipient.
  • asymmetric methods usually have a very high computational complexity.
  • resource constrained nodes such as e.g. Sensors, actuators, or similar, suitable, which usually have only a relatively low computing power and low memory and energy-efficient work, for example due to battery operation or the use of energy harvesting.
  • bandwidth available for data transmission making the replacement of asymmetric keys with lengths of 2048 bits or even more unattractive.
  • the keys Entering the keys to use (usually by entering a password) when setting up a network.
  • key management quickly becomes very time-consuming and impracticable if one has a very large number of nodes, for example in a sensor network or other machine-to-machine communication systems, eg also CAN based vehicle networks.
  • a change in the key to be used is often not possible or only with great effort.
  • the keys are generated centrally. The assignment to individual ECUs takes place in a secure environment z. B. in the factory of the vehicle manufacturer. There, the keys are also activated.
  • the non-prepublished DE 10 2015 207220 AI discloses a method for generating a shared secret or a secret symmetric key by means of public discussion between two communication participants. Disclosure of the invention
  • the methods have a very low complexity, in particular with regard to the required hardware design, such as e.g. the required memory resources and computing power, and they are associated with a low energy and time requirements.
  • the methods offer very high key generation rates with a simultaneously very low probability of error.
  • the methods assume that participants in a network communicate with each other via a communication channel.
  • they transfer logical sequences of values (in the case of binary logic, bit sequences) with the aid of physical signals on the transmission channel.
  • logical sequences of values in the case of binary logic, bit sequences
  • the transferred, logical value sequences as well as their logical overlay are considered.
  • Subscribers of the network can thus give first signals (for example associated with logical bit "1") and second signals (associated, for example, with logical bit "0") to the communication channel and detect resulting signals on the communication channel. Now transmit two participants (largely) at the same time each one signal sequence, the participants can detect the resulting overlay on the communication channel.
  • the effective signal resulting from the (largely) simultaneous transmission of two (independent) signals on the communication channel can then in turn be assigned to one (or more) specific logical values (or values).
  • the transmission should be largely synchronous insofar as a superimposition of the individual signals of a signal sequence on the transmission medium takes place, in particular, that the signal corresponding to the n-th logical Value or bit of the first subscriber with the signal corresponding to the n-th logical value or bit of the second subscriber at least partially superimposed.
  • This overlay should be sufficiently long for the participants to be able to record the overlay or determine the corresponding overlay value.
  • the superimposition can be determined by arbitration mechanisms or by physical signal superposition.
  • arbitration mechanism is meant, for example, the case that a node wants to apply a recessive level, but detects a dominant level on the bus and thus omits the transmission. In this case, there is no physical interference between two signals, but only the dominant signal is seen on the transmission channel.
  • the participants can then generate a key that is secret to an outside attacker.
  • the reason for this is that the outside attacker, who can listen to the effective overall signals applied to the shared transmission medium, sees only the superimposition of the value sequences, but does not have the information about the individual value sequences of the participants. Thus, the participants have more information that they can use against the attacker to generate a secret key.
  • the two communication users For carrying out the method for generating a secret or key, it is necessary for the two communication users to use the common channel for information transmission largely simultaneously in a desired time window.
  • Such synchronization of the data transmissions of the participating network subscribers preferably takes place by the generation and detection of a specific event and a predetermined or dynamically generated waiting time after the event before the transmission starts.
  • the methods for secret or key generation become particularly stable, but remain very flexible.
  • the reception of a (specific) message is advantageously defined as an event, in particular via the common transmission channel.
  • the event can be generated by one of the two network subscribers, by both network subscribers or by an external unit. By using an external unit, a particularly secure system can be made possible, but this is also associated with special effort.
  • the described methods can be implemented particularly well in a CAN, TTCAN or CAN FD bus system.
  • a recessive bus level is replaced by a dominant bus level.
  • the superimposition of values or signals of the subscribers thus follows defined rules which the subscribers can use to derive information from the superimposed value or signal and the value or signal transmitted by them. Also for other communication systems such as LIN and l 2 C, the methods are well suited.
  • a network or a participant of a network are set up to carry out the described methods in particular by having the corresponding electronic memory and computing resources.
  • Also stored on a storage medium of such a user or on the distributed storage resources of a network may be a computer program configured to perform all the steps of a corresponding method when executed in the subscriber or in the network.
  • 1 schematically shows the structure of an exemplary, underlying communication system
  • 2 schematically shows a linear bus as an example of an underlying communication system
  • FIG. 3 is a schematic illustration of exemplary signal sequences of two subscribers of a network and a resulting subsequence value sequence on a transmission channel between the subscribers,
  • FIG. 5 shows an exemplary method sequence for the synchronization of two network users in the context of a method for generating and establishing a common key
  • FIG. 6 shows a further exemplary method sequence for the synchronization of two network subscribers in the context of a method for generating and establishing a common key, as well as FIG
  • FIG. 7 shows a further exemplary method sequence for the synchronization of two network users in the context of a method for generating and establishing a common key.
  • the present invention relates to a method for generating a shared secret or (secret) symmetric cryptographic key between two nodes of a communication system (participants of a network) communicating with each other via a shared medium (transmission channel of the network).
  • the generation or negotiation of the cryptographic keys is based on a public data exchange between the two participants, although a possible listening third party as an attacker is not or only very difficult to draw conclusions about the generated key.
  • it is thus possible to complete between two different subscribers of a network. to automatically and securely establish appropriate symmetric cryptographic keys in order to then implement specific security functions, such as data encryption or message authentication.
  • a common secret is first established for this, which can be used to generate the key.
  • a shared secret can in principle also be used for purposes other than cryptographic keys in the narrower sense, for example as a one-time pad.
  • the invention is suitable for a variety of wired or wireless as well as optical networks or communication systems, especially those in which the various participants communicate with each other via a linear bus and the media access to this bus using a bitwise bus arbitration.
  • This principle represents, for example, the basis of the widespread CAN bus.
  • Possible fields of application of the invention accordingly include, in particular, CAN-based vehicle networks as well as CAN-based networks in automation technology.
  • the present invention describes an approach with which automated symmetric cryptographic keys can be generated in one or in particular between two nodes of a network. This generation takes place by exploiting properties of the corresponding transfer layer. Unlike the usual approaches of "physical layer security", however, physical parameters of the transmission channel such as transmission strength etc. are not evaluated for this purpose, but instead there is a public data exchange between the participating nodes, thanks to the characteristics of the communication system and / or the used modulation method a possible listening aggressor no, or no sufficient conclusions on the negotiated key allows.
  • this divided transmission medium corresponds to a linear bus (wired or optical) 30, such as he is exemplified in Fig. 2.
  • the network 20 in FIG. 2 consists of just this linear bus 30 as a shared transmission medium (for example, as a wired transmission channel), nodes 21, 22 and 23, and (optional) bus terminations 31 and 32.
  • a dominant bit e.g., the logical bit '0'
  • a concurrently transmitted recessive bit e.g., the logical bit '1'
  • on-off-keying on-off-keying amplitude shift keying
  • a signal is transmitted, for example in the form of a simple carrier signal, in the other case (value 'Off' or '1') no signal is transmitted.
  • the state ' ⁇ ' is dominant while the state 'Off' is recessive.
  • FIG. 3 shows, for example, how a subscriber 1 (T1) keeps the bit sequence 0, 1, 1, 0, 1 ready for transmission between the times t0 and t5 via the transmission channel.
  • Subscriber 2 (T2) keeps the bit sequence 0, 1, 0, 1, 1 ready for transmission between times t0 and t5 via the transmission channel.
  • bit string 0, 1, 0, 0, 1 will be seen on the bus (B) Only between times t1 and t2 and between t4 and t5, both subscriber 1 (T1) and subscriber 2 (T2) provide a recessive bit "1", so that only in this case does the logical AND operation result in a bit level of " 1 "on the bus (B) results.
  • the process for generating a symmetric key pair is started in step 41 by one of the two nodes involved in this example (subscriber 1 and subscriber 2). This can be done, for example, by sending a special message or a special message header.
  • Both subscriber 1 and subscriber 2 initially generate a bit sequence locally (ie internally and independently of one another) in step 42. Preferably, this bit sequence is at least twice, in particular at least three times as long as the common key desired as a result of the method.
  • the bit sequence is preferably generated in each case as a random or pseudo-random bit sequence, for example with the aid of a suitable random number generator or pseudo random number generator.
  • subscriber 1 and subscriber 2 transmit (largely) synchronously their respectively generated bit sequences over the divided transmission medium (using the transmission method with dominant and recessive bits, as already explained above).
  • Different possibilities for synchronizing the corresponding transmissions are conceivable.
  • either subscriber 1 or subscriber 2 could first send a suitable synchronization message to the respective other node and then start the transmission of the actual bit sequences after a certain period of time following the complete transmission of this message.
  • bit sequences of a subscriber generated in step 42 can also be transmitted to a plurality of messages in step 43, for example if the (maximum) sizes of the corresponding messages make this necessary According to many, correspondingly large messages distributed bit sequences of the other subscriber in turn (largely) synchronously.
  • the two bit sequences then overlap, whereby due to the previously required property of the system with the distinction of dominant and recessive bits, the individual bits of subscriber 1 and subscriber 2 result in an overlay, in the example mentioned de facto AND-linked. This results in a corresponding overlay on the transmission channel, which could detect, for example, a listening third party.
  • Both subscriber 1 and subscriber 2 detect during the transmission of their bit sequences of step 43 in a parallel step 44, the effective (overlaid) bit sequences S e ff on the shared transmission medium.
  • the effective (overlaid) bit sequences S e ff on the shared transmission medium.
  • this is usually done in conventional systems during the arbitration phase anyway.
  • a node knows that the effective state is dominant on the shared medium if the node itself has sent a dominant bit, but if a node has sent a recessive bit, it does not know the state on the shared transmission medium first Further, however, in this case he can determine by suitable measurement how it looks like, because, in this case, the node itself does not send anything, so there are no problems with so-called self-interference, which is a complex echo cancellation, especially in the case of wireless systems would require.
  • both subscriber 1 and subscriber 2 likewise again (largely) synchronously transmit their initial bit sequences STI and ST2, but inverted this time.
  • the synchronization of the corresponding transmissions can again be realized exactly in the same way as described above.
  • the two sequences are then ANDed together again.
  • Subscribers 1 and 2 in turn determine the effective, superimposed bit sequences S e ff on the shared transmission medium.
  • Both subscriber 1 and subscriber 2 determine during the transmission of their now inverted bit sequences then again the effective, superimposed bit sequences on the shared transmission medium.
  • both nodes subscriber 1 and subscriber 2), as well as a possible attacker (eg subscriber 3) who overhears the communication on the shared transmission medium, thus know the effective, superimposed bit sequences S e ff and Seff '.
  • participant 1 still knows his initially generated, local bit sequence STI and participant 2 his initially generated, local bit sequence ST2.
  • subscriber 1 in turn does not know the initially generated, local bit sequence of subscriber 2 and subscriber 2 does not know the initially generated, local bit sequence of subscriber 1.
  • the detection of the overlay bit sequence again takes place during the transmission in step 46.
  • subscriber 1 and subscriber 2 can also send their inverted, local bit sequence directly with or directly after their original, local bit sequence, ie steps 45 and 46 take steps 43 and 44.
  • the original and the inverted bit sequences can be transmitted in a message, but also in separate messages as partial bit sequences.
  • subscriber 1 and subscriber 2 now respectively locally (ie internally) link the effective, superposed bit sequences (S e ff and S e ff '), in particular with a logical OR function.
  • the individual bits in the bit sequence (Sges) resulting from the OR operation now indicate whether the corresponding bits of STI and ST2 are identical or different. For example, if the nth bit within S tot is a '0', it means that the nth bit within STI is inverse to the corresponding bit within ST2. Likewise, if the nth bit within Sges is a '1', the corresponding bits within STI and ST2 are identical.
  • Subscriber 1 and subscriber 2 then cancel in step 48 based on the bit sequence S ges obtained from the OR operation in their original, initial bit sequences STI and ST2 all bits which are identical in both sequences. This consequently leads to correspondingly shortened bit sequences.
  • the thus shared, shortened bit sequence is now processed locally by participant 1 and participant 2 in step 49 in a suitable manner in order to generate the actual desired key of the desired length N.
  • this treatment can be done.
  • One possibility is the selection of N Bits from the common truncated bit sequence, where it must be clearly defined which N bits are to be taken, eg simply by selecting the first N bits of the sequence.
  • the rendering can be done with any linear and nonlinear function that returns a N bit length bit sequence when applied to the co-present truncated bit sequence.
  • the mechanism of key generation from the common truncated bit sequence is preferably identical in both subscribers 1 and 2 and is performed accordingly in the same way.
  • a checksum could be calculated using the generated keys and exchanged between subscribers 1 and 2. If both checksums are not identical, then obviously something has failed. In this case, the described method for key generation could be repeated.
  • a whole series of resulting shortened bit sequences which are each present in the case of subscribers 1 and 2 can be generated, which are then combined into a single large sequence before the actual key is derived therefrom , If necessary, this can also be done adaptively. If after performing the described procedure once, e.g. For example, if the length of the common, truncated bit sequence is less than the desired key length N, one could re-run e.g. Generate further bits before the actual key derivation.
  • the generated symmetric key pair can be used by subscriber 1 and subscriber 2 in conjunction with established (symmetric) cryptographic methods, such as ciphers for data encryption.
  • a potential attacker eg subscriber 3 can listen to the public data transmission between subscriber 1 and subscriber 2 and thus gain knowledge of the effective, superposed bit sequences (S e ff and S e ff ') as described. The attacker then only knows which bits in the locally generated bit sequences of nodes 1 and 2 are identical and which are not. In addition, with the identical bits, the attacker can even determine whether it is a '1' or a '0'.
  • subscriber 1 and subscriber 2 also have the information about the locally generated bit sequence transmitted by them in each case.
  • the fact that the keys generated in subscribers 1 and 2 remain secret as a basis despite the public data transmission results from this information advantage over a subscriber 3 following only the public data transmission.
  • the transmission of the value sequences by the participating network participants takes place (largely) synchronously.
  • the synchronization takes place in a preferred embodiment by a triggering event, the entry of which runs to a certain waiting time.
  • the waiting time expires, the value sequences are transmitted by the network participants. For this purpose, it is checked in the network participants whether a given
  • Event occurred If the event has occurred, a preferably configurable period of time> 0 is waited for after the occurrence of the event and then the execution of the described method for establishing a common cryptographic secret is begun by sending the value sequence (s).
  • the waiting time can be defined as relative time in a commonly known time base, e.g. as "1000 clock periods from event”.
  • the waiting time may be defined as a predetermined number of certain further events, e.g. as "wait for event to receive five valid messages on the common transmission channel” or "wait until a special given message has been received twice on the common transmission channel". In this alternative embodiment, no common time base is necessary.
  • step 51 the process is started.
  • step 52 an audit begins upon the occurrence of a predetermined event. If it is determined that the event has occurred, then in step 53 a preconfigured or dynamically configured waiting time is awaited and in step 54 a secret generation process is started, in particular by transmission of the first value sequence or of the first and second value sequences , Subsequently, a branch is made in step 55. If it is determined in step 52 that the predetermined event has not occurred, a branch is likewise made to step 55.
  • step 55 it is checked whether an abort condition exists. If so, the process branches to step 56 and the process aborts. If not, the process branches back to step 52 and the test for the occurrence of the event is resumed.
  • two communication partners first network participant and second network participant
  • first network participant and second network participant are assumed who wish to carry out the above-described methods for generating a shared secret or key via a communication channel and to synchronize themselves by the detection of a predetermined event.
  • the event is generated by an external unit (that is, neither the first network subscriber nor the second network subscriber) and detected by both the first network subscriber and the second network subscriber.
  • the event may be, for example, the transmission of information (a signal or a message) over the common transmission channel of the first and the second network participant.
  • the event is generated by one of the two network participants, but detected by both.
  • the first network participant may generate the event, for example, transmit a corresponding message on the common transmission channel, and the first and second network participants detect it.
  • the specific message on the transmission channel is recognized by the receiving units of both the first and the second network participant.
  • Steps 51, 52, 53, 54, 55 and 56 correspond to the steps described corresponding to FIG. 5.
  • the network subscriber After the start in step 51, in a new step 60, the network subscriber generates the event, e.g. transmit a corresponding signal or a corresponding message on the transmission channel.
  • a check for detection of the event takes place (e.g., upon receipt of a corresponding signal or message). From then on, the method runs as described for FIG. 5.
  • the event is generated by one of the two network subscribers and only by the other network subscriber detected.
  • the first network participant generates a corresponding event which only the second network participant detects.
  • FIG. 7 An exemplary flow of a synchronization method of this embodiment is shown in FIG. 7 for the event-generating network participant.
  • step 60 the event is generated (e.g., a signal or message is sent that detects other network participants).
  • a certain waiting time is waited, in particular a certain time after the generation of the event (for example after the signal or the message has been transmitted).
  • the event generation procedure is started in step 54, e.g. sent by the first network subscriber, the first value sequence (synchronous to the second value sequence of the second network participant) over the transmission channel.
  • the method ends in step 56.
  • Another alternative is to jointly generate the event by the first and second network subscribers.
  • the system is designed in a preferred embodiment such that an event is detected by the two network participants as simultaneously as possible and the preparation time between the detection of the event and the transmission of the signals or value sequences to be superimposed be as long as possible.
  • the time duration required by the first and the second network participant to detect the event (for example due to different signal propagation times) or the preparation time of the two network participants is different, this can be compensated for by using different waiting times such that a sufficiently synchronous transmission or bit-exact overlay results.
  • the two network participants have different procedures, because, for example, one of the network participants generates the event itself.
  • Different waiting times for the two network subscribers can, for example, be configured at a development time or dynamically adjusted during normal operation by a suitable measuring method (for example, measurement of a round-trip delay).
  • An event may, for example, be a dedicated signal that is read in by one or both network participants (interrupt-based or via polling) via, for example, a GPIO.
  • a new cryptographic secret should be established according to the methods described.
  • the planning of the respective time points can take place already at the development time or only during the runtime.
  • relative definitions eg every 30 minutes
  • absolute definitions in a commonly known time base are suitable (on 01.07.2015 - 12:00 o'clock).
  • a time synchronization method is preferably used. For this purpose, standard methods, such as, for example, I EEE1588 or IEEE 802.1AS-Rev. If the transmission channel should be busy at the agreed, absolute time, then the network users start e.g. with the delivery of the value sequences as soon as the transmission channel becomes free.
  • a message is preferably characterized by a previously defined feature as an event.
  • a predetermined value in the data field (or a part thereof) of a message or a predetermined message identifier (or a part thereof) in a message with appropriate information eg C AN message.
  • cyclically repeating messages for example a "reference message" from a TTCAN schedule
  • frequency multiplexing can be used as a further alternative and thus a different frequency can be used to generate the event so as not to disturb the actual communication.
  • the system to which the two network subscribers belong comprises a plurality of communication systems.
  • the event can then be transmitted on a first of the communication systems and the shared secret established according to the described methods via a second of the communication systems.
  • the described methods are basically also suitable for synchronizing more than just two communication nodes.
  • the described method for synchronization can be performed several times in succession, especially at newly defined times or by newly generated and detected events.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé de génération d'un élément secret dans un premier dispositif utilisateur de réseau. Le premier dispositif utilisateur de réseau déclenche une transmission d'au moins une première suite de valeurs dans un canal de transmission au moins en synchronisme partiel avec une transmission d'au moins une seconde suite de valeurs dans le canal de transmission effectuée par un second dispositif utilisateur de réseau et détermine l'élément secret sur la base de la ou des premières suites de valeurs et sur la base d'une superposition de la ou des premières suites de valeurs et de la ou des secondes suites de valeurs dans le canal de transmission. Selon l'invention, la première suite de valeurs est transmise à un instant accordé entre le premier dispositif utilisateur de réseau (21) et le second dispositif utilisateur de réseau (22).
PCT/EP2016/074271 2015-10-15 2016-10-11 Procédé de génération d'un élément secret ou d'une clé dans un réseau WO2017064025A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102015220048.5 2015-10-15
DE102015220048.5A DE102015220048A1 (de) 2015-10-15 2015-10-15 Verfahren zur Erzeugung eines Geheimnisses oder Schlüssels in einem Netzwerk

Publications (1)

Publication Number Publication Date
WO2017064025A1 true WO2017064025A1 (fr) 2017-04-20

Family

ID=57124022

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/074271 WO2017064025A1 (fr) 2015-10-15 2016-10-11 Procédé de génération d'un élément secret ou d'une clé dans un réseau

Country Status (2)

Country Link
DE (1) DE102015220048A1 (fr)
WO (1) WO2017064025A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009002396A1 (de) 2009-04-15 2010-10-21 Robert Bosch Gmbh Verfahren zum Manipulationsschutz eines Sensors und von Sensordaten des Sensors und einen Sensor hierzu
DE102009045133A1 (de) 2009-09-29 2011-03-31 Robert Bosch Gmbh Verfahren zum Manipulationsschutz von Sensordaten und Sensor hierzu
DE102012215326A1 (de) * 2012-08-29 2014-03-06 Robert Bosch Gmbh Verfahren und Vorrichtung zur Ermittlung eines kryptografischen Schlüssels in einem Netzwerk
DE102015207220A1 (de) 2014-04-28 2015-10-29 Robert Bosch Gmbh Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102014209042A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren und Vorrichtung zum Erzeugen eines geheimen Schlüssels
DE102014208975A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren zur Generierung eines Schlüssels in einem Netzwerk sowie Teilnehmer an einem Netzwerk und Netzwerk

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009002396A1 (de) 2009-04-15 2010-10-21 Robert Bosch Gmbh Verfahren zum Manipulationsschutz eines Sensors und von Sensordaten des Sensors und einen Sensor hierzu
DE102009045133A1 (de) 2009-09-29 2011-03-31 Robert Bosch Gmbh Verfahren zum Manipulationsschutz von Sensordaten und Sensor hierzu
DE102012215326A1 (de) * 2012-08-29 2014-03-06 Robert Bosch Gmbh Verfahren und Vorrichtung zur Ermittlung eines kryptografischen Schlüssels in einem Netzwerk
DE102015207220A1 (de) 2014-04-28 2015-10-29 Robert Bosch Gmbh Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102014209042A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren und Vorrichtung zum Erzeugen eines geheimen Schlüssels
DE102014208975A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren zur Generierung eines Schlüssels in einem Netzwerk sowie Teilnehmer an einem Netzwerk und Netzwerk

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"BOSCH CAN SPECIFICATION VERSION 2.0", BOSCH CAN SPECIFICATION VERSION 2.0, XX, XX, 1 September 1991 (1991-09-01), pages 1 - 69, XP002291910 *
"Road vehicles ? Controller area network (CAN) ? Part 1: Data link layer and physical signalling ; ISO+11898-1-2003", IEEE DRAFT; ISO+11898-1-2003, IEEE-SA, PISCATAWAY, NJ USA, vol. msc.upamd, 18 November 2010 (2010-11-18), pages 1 - 52, XP017637056 *

Also Published As

Publication number Publication date
DE102015220048A1 (de) 2017-04-20

Similar Documents

Publication Publication Date Title
EP3138258B1 (fr) Procédé de génération d'un secret ou d'une clé dans un réseau
DE102015220038A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder Schlüssels in einem Netzwerk
DE102016208451A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
EP3363145B1 (fr) Procédé et dispositif permettant de générer un secret partagé
WO2016188667A1 (fr) Procédé pour générer un élément secret ou une clé dans un réseau
EP3363146B1 (fr) Procédé de génération d'une clé dans un agencement de circuits
WO2017064027A1 (fr) Procédé de génération d'un élément secret ou d'une clé dans un réseau
WO2017064124A1 (fr) Agencement de circuits de génération d'un secret ou d'une clé dans un réseau
WO2017064075A1 (fr) Agencement de circuits pour la génération d'un secret ou d'une clé dans un réseau
WO2017064025A1 (fr) Procédé de génération d'un élément secret ou d'une clé dans un réseau
DE102016208453A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
WO2017064067A1 (fr) Procédé pour générer une clé dans un réseau et pour activer une sécurisation d'une communication dans le réseau sur la base de la clé
WO2017064129A1 (fr) Procédé permettant de générer un élément secret pour un chiffrement à usage unique dans un réseau
WO2017064125A1 (fr) Procédé permettant de générer un élément secret ou une clé dans un réseau
WO2017064131A1 (fr) Procédé permettant de générer un élément secret ou une clé dans un réseau
EP3363144B1 (fr) Procédé et dispositif permettant d'établir un secret partagé
DE102015219989A1 (de) Verfahren und Vorrichtung zur Auffrischung eines gemeinsamen Geheimnisses, insbesondere eines symmetrischen kryptographischen Schlüssels, zwischen einem ersten Knoten und einem zweiten Knoten eines Kommunikationssystems
WO2017064002A1 (fr) Procédé et dispositif permettant de générer un secret partagé
DE102016208452A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102016208448A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
WO2017063995A1 (fr) Procédé de génération d'un secret ou d'une clé dans un réseau
DE102015220014A1 (de) Verfahren zur Generierung eines Geheimnisses in einem Netzwerk
WO2017064003A1 (fr) Procédé et dispositif permettant de générer un secret partagé de longueur prédéfinie
DE102015219995A1 (de) Verfahren und Vorrichtung zum Erzeugen eines gemeinsamen Schlüssels in einem Feldbussystem

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16779100

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16779100

Country of ref document: EP

Kind code of ref document: A1