WO2017064027A1 - Procédé de génération d'un élément secret ou d'une clé dans un réseau - Google Patents

Procédé de génération d'un élément secret ou d'une clé dans un réseau Download PDF

Info

Publication number
WO2017064027A1
WO2017064027A1 PCT/EP2016/074276 EP2016074276W WO2017064027A1 WO 2017064027 A1 WO2017064027 A1 WO 2017064027A1 EP 2016074276 W EP2016074276 W EP 2016074276W WO 2017064027 A1 WO2017064027 A1 WO 2017064027A1
Authority
WO
WIPO (PCT)
Prior art keywords
transmission
value sequence
subscriber
message
module
Prior art date
Application number
PCT/EP2016/074276
Other languages
German (de)
English (en)
Inventor
Andreas Soenkens
Arthur Mutter
Original Assignee
Robert Bosch Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Robert Bosch Gmbh filed Critical Robert Bosch Gmbh
Publication of WO2017064027A1 publication Critical patent/WO2017064027A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Definitions

  • the non-prepublished DE 10 2015 207220 AI discloses a method for generating a shared secret or a secret symmetric key by means of public discussion between two communication participants.
  • the presented methods for generating a secret or a cryptographic key require no manual intervention and thus enable the automated establishment of secure communication relationships between two nodes.
  • the methods have a very low complexity, in particular with regard to the required hardware design, such. As the required memory resources and computing power, and they go with a low energy and time requirements.
  • the methods offer very high key generation rates with a simultaneously very low probability of error.
  • the methods assume that participants in a network communicate with each other via a communication channel. In particular, they transfer logical sequences of values (in the case of binary logic, bit sequences) with the aid of physical signals on the transmission channel. Even if possible superimpositions take place on the transmission channel through the signals, that is to say on the physical level, in the description below the logical level is primarily considered. Thus, the transferred, logical value sequences as well as their logical overlay are considered.
  • the transmission should be largely synchronous in that a superimposition of the individual signals of a signal sequence on the transmission medium takes place, in particular, that the signal corresponding to the n-th logical value or bit of the first subscriber with the signal corresponding to the n-th logical Value or bit of the second participant at least partially superimposed.
  • This overlay should be sufficiently long for the participants to be able to record the overlay or determine the corresponding overlay value.
  • the superimposition of the value sequences can be determined by arbitration mechanisms or by physical signal superposition.
  • arbitration mechanism is meant, for example, the case where a node wants to apply a recessive level, but detects a dominant level on the bus and thus omits the transmission. In this case, there is no physical interference between two signals, but only the dominant signal is seen on the transmission channel.
  • the methods described can be implemented particularly well in a CAN, TTCAN or CAN FD bus system.
  • a recessive bus level is replaced by a dominant bus level.
  • the superimposition of values or signals of the subscribers thus follows defined rules which the subscribers can use to derive information from the superimposed value or signal and the value or signal transmitted by them.
  • the methods are also well suited for other communication systems such as LIN and I2C.
  • a network or a participant of a network is set up to do this by having electronic memory and computational resources to perform the steps of a corresponding method.
  • Also stored on a storage medium of such a user or on the distributed storage resources of a network may be a computer program configured to perform all the steps of a corresponding method when executed in the subscriber or in the network.
  • FIG. 3 is a schematic illustration of exemplary signal sequences of two subscribers of a network and a resulting subsequence value sequence on a transmission channel between the subscribers,
  • FIG. 5 shows an exemplary communication module as part of a circuit arrangement of a network participant
  • FIG. 6 shows an exemplary module for generating a secret or key exchange as part of a circuit arrangement of a network participant and 7 shows an exemplary detail of a circuit arrangement of a subscriber with a communication module and a further module (as shown in FIG. 6) for the key generation.
  • the present invention relates to a method for generating a shared secret or (secret) symmetric cryptographic key between two nodes of a communication system (participants of a network) communicating with each other via a shared medium (transmission channel of the network).
  • the generation or negotiation of the cryptographic keys is based on a public data exchange between the two participants, although a possible listening third party as an attacker is not or only very difficult to draw conclusions about the generated key.
  • a common secret is first established for this, which can be used to generate the key.
  • such a shared secret can in principle also be used for purposes other than cryptographic keys in the strict sense, e.g. as a one-time pad.
  • On-off-keying amplitude shift keying in which exactly two transmission states are distinguished: In the first case (value, ⁇ ', or "0"), a signal is transmitted, for example in the form of a simple carrier signal, in the other case Case (value, Off, or "1"), no signal is transmitted.
  • the state ' ⁇ ' is dominant while the state 'Off' is recessive.
  • Another example of a corresponding communication system that supports this distinction of dominant and recessive bits is a (wired or optical) system based on bitwise bus arbitration, such as that used in the CAN bus.
  • the basic idea here is also that if, for example, two nodes want to transmit a signal at the same time and one node transmits a '1', whereas the second node transmits a '0' which 'gains''0' (ie the dominant bit) ie, the signal level that can be measured on the bus corresponds to a logical '0' .
  • This mechanism is used in particular to resolve possible collisions, whereby priority messages (ie messages with a previous, dominant signal level) are transmitted by When the node itself transmits a recessive bit but a dominant bit is detected on the bus, the corresponding node breaks its transmission attempt in favor of the higher priority message (with the earlier dominant bit).
  • FIG. 3 shows, for example, how a subscriber 1 (T1) keeps the bit sequence 0, 1, 1, 0, 1 ready for transmission between the times t0 and t5 via the transmission channel.
  • Subscriber 2 (T2) keeps the bit sequence 0, 1, 0, 1, 1 ready for transmission between times t0 and t5 via the transmission channel.
  • Both Subscriber 1 and Subscriber 2 initially generate a bit sequence locally (i.e., internally and independently) in step 42.
  • this bit sequence is at least twice, in particular at least three times as long as the common key desired as a result of the method.
  • the bit sequence is preferably generated in each case as a random or pseudo-random bit sequence, for example with the aid of a suitable random number generator or pseudo random number generator.
  • a node knows that the effective state is dominant on the shared medium if the node itself has sent a dominant bit, but if a node has sent a recessive bit, it does not know the state on the shared transmission medium first Further, however, in this case he can determine by suitable measurement how it looks like, because, in this case, the node itself does not send anything, so there are no problems with so-called self-interference, which is a complex echo cancellation, especially in the case of wireless systems would require.
  • both subscriber 1 and subscriber 2 also again (largely) synchronously transmit their initial bit sequences STI and ST2, but this time inverted.
  • the synchronization of the corresponding transmissions can again be realized exactly in the same way as described above.
  • the two sequences are then ANDed together again.
  • Subscribers 1 and 2 in turn determine the effective, superimposed bit sequences S e ff on the shared transmission medium.
  • Both subscriber 1 and subscriber 2 determine during the transmission of their now inverted bit sequences then again the effective, superimposed bit sequences on the shared transmission medium.
  • both nodes participant 1 and participant 2), as well as a possible rather attackers (eg subscriber 3) who overhear the communication on the shared transmission medium, the effective, superimposed bit sequences S e ff and Seff '.
  • participant 1 still knows his initially generated, local bit sequence STI and participant 2 his initially generated, local bit sequence ST2.
  • subscriber 1 in turn does not know the initially generated, local bit sequence of subscriber 2 and subscriber 2 does not know the initially generated, local bit sequence of subscriber 1.
  • the detection of the overlay bit sequence again takes place during the transmission in step 46.
  • step 47 subscriber 1 and subscriber 2 now respectively locally (ie internally) link the effective, superposed bit sequences (S e ff and S e ff '), in particular with a logical OR function.
  • the individual bits in the bit sequence (Sges) resulting from the OR operation now indicate whether the corresponding bits of STI and ST2 are identical or different. For example, if the nth bit within S tot is a '0', it means that the nth bit within STI is inverse to the corresponding bit within ST2. Likewise, if the nth bit within Sges is a '1', the corresponding bits within STI and ST2 are identical.
  • the thus shared, shortened bit sequence is now processed locally by participant 1 and participant 2 in step 49 in a suitable manner in order to generate the actual desired key of the desired length N.
  • this treatment can be done.
  • One way is to select N bits from the co-ordinated, truncated bit sequence, where it must be clearly defined which N bits to take, e.g. by simply selecting the first N bits of the sequence.
  • the rendering can be done with any linear and nonlinear function that returns a N bit length bit sequence when applied to the co-present truncated bit sequence.
  • the mechanism of key generation from the common truncated bit sequence is preferably identical in both subscribers 1 and 2 and is performed accordingly in the same way.
  • a checksum for example, could be calculated using the generated keys and exchanged between subscribers 1 and 2. If both checksums are not identical, then obviously something has failed. In this case, the described method for key generation could be repeated.
  • a whole series of resulting shortened bit sequences which are each present in the case of subscribers 1 and 2, can be generated, which are then combined into a single large sequence before the actual key is derived therefrom , If necessary, this can also be done adaptively. If, for example, the length of the common, shortened bit sequence is, for example, less than the desired key length N after a single pass through the described procedure, then one could, for example, generate further bits before the actual key derivation.
  • the generated, symmetric key pair can be subsumed by Subscriber 1 and Subscriber 2 in conjunction with established (symmetric) cryptographic methods, e.g. Ciphers for data encryption.
  • established (symmetric) cryptographic methods e.g. Ciphers for data encryption.
  • a potential attacker eg subscriber 3 can listen to the public data transmission between subscriber 1 and subscriber 2 and thus gain knowledge of the effective, superposed bit sequences (S e ff and S e ff ') as described. The attacker then only knows which bits in the locally generated bit sequences of nodes 1 and 2 are identical and which are not. In addition, with the identical bits, the attacker can even determine whether it is a '1' or a '0'. For a complete knowledge of the resulting, shortened bit sequence (and thus the basis for the key generation), however, he lacks the information about the non-identical bits.
  • bit values identical in the original, locally generated bit sequences of the users 1 and 2 are additionally deleted.
  • participant 3 has only information that is not used for key generation.
  • subscriber 1 and subscriber 2 also have the information about the locally generated bit sequence transmitted by them in each case. The fact that the keys generated in subscribers 1 and 2 remain secret as a basis despite the public data transmission results from this information advantage over a subscriber 3 following only the public data transmission.
  • FIG. 5 shows a communication module or protocol module.
  • this is a so-called CAN protocol controller module or else a short CAN module.
  • CAN protocol controller module or else a short CAN module.
  • this can be done e.g. a CAN communication module based on a CAN controller IP module from Robert Bosch GmbH such as M_CAN, C_CAN or D_CAN or for a LIN bus system a LIN communication module based on a LIN communication controller IP module from Robert Bosch GmbH such as C_LIN be used.
  • FIG. 5 shows a CAN module 50 based on the M_CAN-IP.
  • a CAN core 51 executes the communication according to a specific CAN protocol version, eg version 2.0 A, B and ISO 11898-1 and can also support CAN FD. With the connections 503 and 504, the logical CAN transmit or CAN receive connections are designated.
  • the synchronization block 52 synchronizes signals between the two existing clock domains.
  • the module-internal clock is designated 59.
  • the configuration and control block 55 can be used to set CAN core-related configuration and control bits.
  • Block 56 is for interrupt control and the generation of receive and transmit timestamps.
  • the interface 58 serves as a generic slave interface for the possible connection of the CAN module with many different CPU types via the connection 501.
  • the interface 57 serves as a generic master interface for accessing a message memory, in particular a RAM, via the connection 502
  • Block 53 corresponds to a Tx handler or send manager which controls the message transfer from an external message store to the CAN core. Up to 32 transmit buffers can be configured for transmission. Transmit timestamps are stored with corresponding message IDs.
  • the blocks 531 and 532 in the send manager correspond to a control and configuration block and a send prioritization block, respectively.
  • the Rx handler or receive manager 54 controls the transmission of received messages from the CAN core to external message memory. It supports the storage of up to 128 messages. A reception time stamp is stored with each message.
  • the communication module comprises a central circuit part (in this case CAN core 51) for the protocol-controlled control of communication between a host CPU and an external message memory as well as for protocol-based reception and transmission of messages via the Kirunikationsssys- tem (here via the connections 503 and 504).
  • a central circuit part in this case CAN core 51
  • the module Via an interface (here master interface 57 and the connection 502), the module is connected to the external message memory.
  • the module Via another interface (here slave interface 58 and the connection 501), the module is connected to the host CPU. It can be implemented as a stand-alone unit, as part of an ASIC or with an FPGA.
  • connection to the physical layer can be supported by additional transceiver hardware.
  • Several communication modules can share an external message store.
  • FIG. 6 shows a module 60 which, in a circuit arrangement of a subscriber on a network, can support this subscriber in generating a shared secret with other network subscribers (hereinafter also referred to as "further module")
  • Messages on the bus 600 give, which is realized in a preferred embodiment as a CAN bus.
  • the module 60 has a block 64 for configuring the module via an interface 604, in particular for protocol-specific configurations such as baud rate, IDs, etc. Furthermore, it comprises a block 63 (e.g.
  • Block 62 denotes a trigger module, which in a preferred embodiment can be triggered via the interface 602 to form a trigger signal. Alternatively, the trigger module can also trigger a trigger signal. to induce constantly.
  • the module also has transmission means such as the transmission buffer memory (Tx buffer) shown as block 61, which can transmit messages or data to the bus 600 via an interface 601.
  • Tx buffer transmission buffer memory
  • the main mode of operation of the module is that, depending on a configuration (indicated by the connection 605 between configuration block 64 and transmission means 61), a random number or pseudo-random number from block 63 is given via connection 606 to the transmission means 61 and via the interface 601 to the CAN Bus 600 is output. This process is triggered (either already the transmission of the number of block 63 to block 61 or at least the transmission of the number of block 61 to the bus 600), in particular by a trigger signal by the trigger module 62 via the connection 607 to the transmitting means 61.
  • the latter can also have a memory 65 (in particular a RAM) in which one or more random numbers or pseudorandom numbers are stored, which are output via the transmission means 61 as a function of the trigger signal.
  • a memory 65 in particular a RAM
  • random numbers or pseudorandom numbers are stored, which are output via the transmission means 61 as a function of the trigger signal.
  • These random numbers can also be generated by an optional random number generator (in particular a TRNG) in the module 60.
  • the module 60 can also have receiving means 67, in particular receiving buffer memory 67, which can receive messages or data from the bus 600 via an interface 612. Via an interface 613 between receiving means 67 and trigger block 62, a trigger signal for transmitting data can also be triggered in this embodiment depending on received data. For example, it can be recognized that a random number sequence for secret generation is placed on the bus by another network subscriber (eg via a corresponding message ID) and then the trigger is made by the trigger block 62, that this subscriber also has a random number sequence (largely ) in synchronism with the transmission of the random number sequence by the other network participant on the bus. In an optional block 68 error states of the module 60 can be stored and these are also reported via an interface 608 to external or retrieved from external.
  • the module 60 may also have a circuit part 69 for dynamic message generation.
  • the latter can receive a random number or pseudorandom number via an interface 609 and, depending on this, generate a message and forward it to the transmission means 61 via the connection 610.
  • the message is intended for largely synchronous transmission of random numbers with another network participant in order to generate a shared secret between the network participants as described above.
  • circuit arrangement in particular a microcontroller
  • a circuit arrangement which is intended to support the above-described methods for secret or key generation between network users
  • at least one communication module as described with reference to FIG. 5 and at least one further module as shown in FIG. 6 described included.
  • Communication module and further module can also be integrated in a circuit part of the circuit arrangement.
  • the first network participant is a control unit of a vehicle and the circuit arrangement of the network participant a microcontroller, in addition to the at least one communication unit and the at least one further module interfaces, memory means and a computing unit, in particular a central processing unit (CPU ) having.
  • a microcontroller in addition to the at least one communication unit and the at least one further module interfaces, memory means and a computing unit, in particular a central processing unit (CPU ) having.
  • CPU central processing unit
  • the two network subscribers transmit the key sequences or value sequences which are decisive for the key generation (largely) synchronously via the common communication connection.
  • This synchronous transmission preferably takes place via messages synchronously exchanged by the first or the second network participant, which comprise the first or the second value sequence.
  • the process for generating the secret or symmetrical key pair is preferably started or triggered by one of the network participants involved. In particular, this is done via a trigger message, which is transmitted from one of the participating network participants to the other network participants.
  • the transmission takes place via the common transmission channel.
  • the triggering message can also be transmitted via an additional communication link.
  • the transmission of the first value sequence or of the message comprising the first value sequence preferably takes place by a specific period of time after a reception or a transmission of the triggering message.
  • the second value sequence is transmitted on the basis of the same information by the second subscriber.
  • the beginning of the transmission of the triggering message by a subscriber or the complete receipt of the triggering message by a subscriber can preferably be detected by both subscribers on the common transmission channel.
  • information can be transmitted in particular for the transmission time via timestamps.
  • the value of the time to be awaited may be predefined, dynamically configured (e.g., by a computing unit or software of the circuitry or subscriber), or co-transmitted with the triggering message. So that the time between the participants is clearly defined, these are preferably synchronized.
  • the components within a subscriber or his circuit arrangement preferably access the same time source.
  • the time duration may also be defined as zero, in particular if it is defined as the time duration after the reception. This means that the synchronous transmission of the value sequences or corresponding messages takes place directly after the reception of the triggering message.
  • the second network participant sends a message to the first network participant specifically for triggering the triggering message. Sung of the further method for generating the secret, in particular sent to the transmission of the first value sequence specific message.
  • This message can be recognized by the first network participant as, for example, a message ID, a content of the message's payload, or a combination thereof as a triggering message.
  • the second network subscriber immediately sends the message comprising the second value sequence.
  • the first network participant recognizes upon receipt of the message (eg, based on the message ID or on the basis of user data, which are arranged before the second value sequence), that it is a message comprising the second value sequence, to which the first network participant largely the first value sequence synchronously and causes the corresponding transmission of a message comprising the first value sequence.
  • the message comprehensively serves the second value sequence also as a triggering message. This requires a fast response of the first network participant to the receipt of the message by the second network participant.
  • the first network subscriber has therefore already prepared a first value sequence which can be sent quickly on the transmission channel.
  • FIG. 7 shows a detail of a circuit arrangement (in particular a microcontroller) with a central processing unit (in particular CPU) 70, a communication module 71 (in particular according to FIG. 5) and a further module 72 (in particular corresponding to FIG. 6).
  • the computing unit 70, the communication module 71 or the further module 72 have connections 701, 711 and 721 to a computer unit interface 700.
  • the communication module 71 or the further module 72 comprise receive connections 712 or 722 and transmit connections 713 or 723 to a communication interface 73.
  • the communication interface 73 comprises a receive connection 732 and a transmit connection 733 to a communication system or a transmission channel of a communication system, in particular to one bus service.
  • the communication module 71 or the further module 72 Via connections 741 or 742, the communication module 71 or the further module 72 have access to the Time source 74.
  • Via an optional trip connection 714, the communication module 71 can send a triggering signal to the further module 72.
  • the triggering by the trigger message can be realized in various ways.
  • the further module 72 described above with reference to FIG. 6 receives the trigger message via the receive link 722, recognizes this as a trigger message and triggers the transmission of the first value sequence via the transmit link 723 independently.
  • the communication module 71 described above with reference to FIG. 5 can receive the trigger message via the receive connection 712, recognize it as a trigger message and then generate a trigger signal and send it via the connection 714 to the further module 72.
  • the further module 72 triggers the transmission of the first value sequence via the transmission link 723, depending on the reception of the trigger signal from the communication module 71.
  • the communication module 71 can receive and process the triggering message via the receive connection 712, in particular store it.
  • the first or the second network participant can prepare one or more further first or second value sequences for the transmission and have them ready. These can then be directly following the first synchronous transmission of value sequences are transmitted. This can be done so that the transmission channel between the network participants is not free until the completion of multiple synchronous transmissions.
  • High-priority messages (including other network participants) can be transferred between the synchronous transmissions of messages with value sequences, eg if they gain a corresponding abitration. If there are no such high-priority messages, the synchronous transmissions of messages with value sequences take place directly on each other. No new triggering messages are needed anymore.
  • the transmitting network participant recognizes that the overlay on the transmission channel corresponds to the own transmitted value sequence. (Note: This special case of sent and superimposed value sequences being the same may occur even if both network participants randomly send the same value string, but since these are based on sufficiently long random numbers, this case is very rare.) In such a case, send the transmitting network participant immediately another value sequence or message. This can take place until a successful synchronization between the network subscribers sets in and the other network subscriber transmits synchronous value sequences or corresponding messages. The synchronicity is then ensured by seamlessly transmitted value sequences of the communication channel is continuously occupied and only higher priority messages can be transmitted in between.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

La présente invention concerne un procédé de génération d'un élément secret ou d'une clé dans un réseau. Selon l'invention, le réseau comprend au moins un premier dispositif utilisateur et un second dispositif utilisateur, avec un canal de transmission commun entre le ou les premiers dispositifs utilisateurs et le second dispositif utilisateur. De plus, le premier dispositif utilisateur comprend au moins un circuit doté d'au moins un canal de communication, destiné à la communication par le biais du canal de communication, et d'au moins un autre module. Le premier dispositif utilisateur déclenche, par le biais de l'autre ou des autres modules, la transmission d'au moins une première suite de valeurs dans le canal de transmission largement en synchronisme avec une transmission d'au moins une seconde suite de valeurs effectuée par le second dispositif utilisateur et génère un élément secret ou une clé sur la base d'informations relatives à la ou aux premières suites de valeurs ainsi que sur la base d'une suite de valeurs de superposition résultant d'une superposition de la ou des premières suites de valeurs à la ou aux secondes suites de valeurs dans le canal de transmission. La transmission de la ou des premières suites de valeurs par l'autre ou les autres modules est déclenchée en fonction d'un premier message reçu du second dispositif utilisateur par le premier dispositif utilisateur.
PCT/EP2016/074276 2015-10-15 2016-10-11 Procédé de génération d'un élément secret ou d'une clé dans un réseau WO2017064027A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102015220055.8 2015-10-15
DE102015220055.8A DE102015220055A1 (de) 2015-10-15 2015-10-15 Verfahren zur Erzeugung eines Geheimnisses oder Schlüssels in einem Netzwerk

Publications (1)

Publication Number Publication Date
WO2017064027A1 true WO2017064027A1 (fr) 2017-04-20

Family

ID=57124023

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/074276 WO2017064027A1 (fr) 2015-10-15 2016-10-11 Procédé de génération d'un élément secret ou d'une clé dans un réseau

Country Status (2)

Country Link
DE (1) DE102015220055A1 (fr)
WO (1) WO2017064027A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023072956A1 (fr) * 2021-10-27 2023-05-04 Elmos Semiconductor Se Processeur automobile prenant en charge le chiffrement pqk

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009002396A1 (de) 2009-04-15 2010-10-21 Robert Bosch Gmbh Verfahren zum Manipulationsschutz eines Sensors und von Sensordaten des Sensors und einen Sensor hierzu
DE102009045133A1 (de) 2009-09-29 2011-03-31 Robert Bosch Gmbh Verfahren zum Manipulationsschutz von Sensordaten und Sensor hierzu
DE102012215326A1 (de) * 2012-08-29 2014-03-06 Robert Bosch Gmbh Verfahren und Vorrichtung zur Ermittlung eines kryptografischen Schlüssels in einem Netzwerk
DE102015207220A1 (de) 2014-04-28 2015-10-29 Robert Bosch Gmbh Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102014208975A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren zur Generierung eines Schlüssels in einem Netzwerk sowie Teilnehmer an einem Netzwerk und Netzwerk
DE102014209042A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren und Vorrichtung zum Erzeugen eines geheimen Schlüssels

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009002396A1 (de) 2009-04-15 2010-10-21 Robert Bosch Gmbh Verfahren zum Manipulationsschutz eines Sensors und von Sensordaten des Sensors und einen Sensor hierzu
DE102009045133A1 (de) 2009-09-29 2011-03-31 Robert Bosch Gmbh Verfahren zum Manipulationsschutz von Sensordaten und Sensor hierzu
DE102012215326A1 (de) * 2012-08-29 2014-03-06 Robert Bosch Gmbh Verfahren und Vorrichtung zur Ermittlung eines kryptografischen Schlüssels in einem Netzwerk
DE102015207220A1 (de) 2014-04-28 2015-10-29 Robert Bosch Gmbh Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102014208975A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren zur Generierung eines Schlüssels in einem Netzwerk sowie Teilnehmer an einem Netzwerk und Netzwerk
DE102014209042A1 (de) 2014-05-13 2015-11-19 Robert Bosch Gmbh Verfahren und Vorrichtung zum Erzeugen eines geheimen Schlüssels

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"BOSCH CAN SPECIFICATION VERSION 2.0", BOSCH CAN SPECIFICATION VERSION 2.0, XX, XX, 1 September 1991 (1991-09-01), pages 1 - 69, XP002291910 *
"Road vehicles ? Controller area network (CAN) ? Part 1: Data link layer and physical signalling ; ISO+11898-1-2003", IEEE DRAFT; ISO+11898-1-2003, IEEE-SA, PISCATAWAY, NJ USA, vol. msc.upamd, 18 November 2010 (2010-11-18), pages 1 - 52, XP017637056 *
ANONYMOUS: "On-off keying - Wikipedia, the free encyclopedia", 21 April 2014 (2014-04-21), XP055185652, Retrieved from the Internet <URL:http://en.wikipedia.org/w/index.php?title=On-off_keying&oldid=605206869> [retrieved on 20150424] *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023072956A1 (fr) * 2021-10-27 2023-05-04 Elmos Semiconductor Se Processeur automobile prenant en charge le chiffrement pqk

Also Published As

Publication number Publication date
DE102015220055A1 (de) 2017-04-20

Similar Documents

Publication Publication Date Title
EP3138258B1 (fr) Procédé de génération d&#39;un secret ou d&#39;une clé dans un réseau
DE102015220038A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder Schlüssels in einem Netzwerk
DE102016208451A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
EP3363145B1 (fr) Procédé et dispositif permettant de générer un secret partagé
WO2017064027A1 (fr) Procédé de génération d&#39;un élément secret ou d&#39;une clé dans un réseau
EP3363146B1 (fr) Procédé de génération d&#39;une clé dans un agencement de circuits
WO2016188667A1 (fr) Procédé pour générer un élément secret ou une clé dans un réseau
WO2017064124A1 (fr) Agencement de circuits de génération d&#39;un secret ou d&#39;une clé dans un réseau
WO2017064075A1 (fr) Agencement de circuits pour la génération d&#39;un secret ou d&#39;une clé dans un réseau
DE102016208453A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
WO2017064025A1 (fr) Procédé de génération d&#39;un élément secret ou d&#39;une clé dans un réseau
WO2017064067A1 (fr) Procédé pour générer une clé dans un réseau et pour activer une sécurisation d&#39;une communication dans le réseau sur la base de la clé
WO2017064129A1 (fr) Procédé permettant de générer un élément secret pour un chiffrement à usage unique dans un réseau
WO2017064125A1 (fr) Procédé permettant de générer un élément secret ou une clé dans un réseau
WO2017064131A1 (fr) Procédé permettant de générer un élément secret ou une clé dans un réseau
WO2017064002A1 (fr) Procédé et dispositif permettant de générer un secret partagé
DE102016208452A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102016208448A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102016208442A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102016208444A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102016208449A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102015220014A1 (de) Verfahren zur Generierung eines Geheimnisses in einem Netzwerk
DE102016208445A1 (de) Verfahren zur Erzeugung eines Geheimnisses oder eines Schlüssels in einem Netzwerk
DE102015219991A1 (de) Verfahren und Vorrichtung zum Etablieren eines gemeinsamen Geheimnisses
WO2017064006A1 (fr) Procédé et dispositif permettant de générer une clé partagée dans un système de bus de terrain

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16779102

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16779102

Country of ref document: EP

Kind code of ref document: A1