EP4140115A1 - Procédé de protection contre la copie et système électronique protégé contre la copie - Google Patents

Procédé de protection contre la copie et système électronique protégé contre la copie

Info

Publication number
EP4140115A1
EP4140115A1 EP21723864.1A EP21723864A EP4140115A1 EP 4140115 A1 EP4140115 A1 EP 4140115A1 EP 21723864 A EP21723864 A EP 21723864A EP 4140115 A1 EP4140115 A1 EP 4140115A1
Authority
EP
European Patent Office
Prior art keywords
electronic unit
component
electronic
public key
certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP21723864.1A
Other languages
German (de)
English (en)
Inventor
Sharang Deepak PARNERKAR
Heike GREFE
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ETO Magnetic GmbH
Original Assignee
ETO Magnetic GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ETO Magnetic GmbH filed Critical ETO Magnetic GmbH
Publication of EP4140115A1 publication Critical patent/EP4140115A1/fr
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B29WORKING OF PLASTICS; WORKING OF SUBSTANCES IN A PLASTIC STATE IN GENERAL
    • B29CSHAPING OR JOINING OF PLASTICS; SHAPING OF MATERIAL IN A PLASTIC STATE, NOT OTHERWISE PROVIDED FOR; AFTER-TREATMENT OF THE SHAPED PRODUCTS, e.g. REPAIRING
    • B29C45/00Injection moulding, i.e. forcing the required volume of moulding material through a nozzle into a closed mould; Apparatus therefor
    • B29C45/17Component parts, details or accessories; Auxiliary operations
    • B29C45/76Measuring, controlling or regulating
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/006Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/121Timestamp
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]

Definitions

  • the invention relates to a copy protection method according to the preamble of claim 1 and a copy-protected electronic system according to the preamble of claim 20.
  • Asymmetric copy protection methods are already known in which certificates are requested and transmitted from a certification authority via an Internet connection.
  • copy protection methods cannot be used offline and can be susceptible to man-in-the-middle attacks.
  • the object of the invention is, in particular, to produce a high level of operational reliability for electronic systems, in particular by using a generic method to ensure that only original components can be used in the electronic systems.
  • the object is achieved according to the invention by the features of patent claims 1 and 20, while advantageous configurations and developments of the invention can be found in the subclaims.
  • the invention is based on a copy protection method, in particular an offline-capable copy protection method, for an electronic system with at least one, in particular central and / or superordinate, electronic unit and with at least one component which is connected to the electronic Unit interacts in which at least one public key infrastructure with at least one certification authority is used, the certification authority at least one first certificate for the electronic unit based on an identification feature of the electronic unit and at least one second certificate for the at least one component , based on an identification feature of the at least one component, is created, and in order to check an authenticity of at least the at least one component by the electronic unit at least alternately the respective associated certificates are checked.
  • At least the first certificate, in particular offline is prefabricated and, when the electronic unit is manufactured and / or when the electronic unit is configured, in particular offline, is uploaded to the electronic unit and / or that at least the second certificate, in particular offline, is prefabricated and when the at least one component is manufactured and / or when the at least one component is configured, in particular offline, onto which at least one component is loaded.
  • Man-in-the-middle attacks in particular also man-in-the-middle attacks, in which the man-in-the-middle sits between a certification authority and the component or the electronic unit, can thereby advantageously be excluded .
  • An effective copy protection can advantageously be used to protect against products which at first glance are identical, for example spare parts, wearing parts or consumables which, however, have a low quality, insufficient security and / or a short service life.
  • a “copy protection method” is to be understood in particular as a method which is intended to detect and / or prevent the use of non-original parts, in particular non-certified parts / components and / or forgeries, in the electronic system.
  • the copy protection method is a method for the identification and / or verification of certified components, in particular components, of an electronic system and / or of original parts.
  • the copy protection method is preferably a method for controlling the operation of an electronic system, which blocks and / or prevents operation of the electronic system when non-original parts, in particular non-certified parts / components and / or forgeries, are recognized.
  • the copy protection method is preferably a method for checking the authenticity of a component interacting with an electronic unit, wherein in particular an interaction between the electronic unit and the component is only permitted if the authenticity of the component has been successfully verified.
  • an “offline-capable copy protection method” is to be understood in particular as a copy protection method which is provided to verify the authenticity of a component of an electronic system without having to access an Internet server and / or without having to communicate with an Internet server.
  • the offline-capable copy protection method is intended to check the authenticity of components of the electronic system exclusively by means of an internal check within the electronic system, in particular exclusively by means of internal data communication remaining within the electronic system.
  • the electronic system also has an online functionality, which, however, is irrelevant for the functionality of the offline-capable copy protection method.
  • “Provided” is to be understood in particular as specifically programmed, designed and / or equipped. The fact that an object is provided for a specific function should be understood in particular to mean that the object has this specific function fulfilled and / or executes in at least one application and / or operating state.
  • the electronic system is designed in particular as an electronic device, in particular as any electrical device, in which at least two electronic components interact with one another, preferably electronically.
  • the electronic system could be designed as an injection molding machine, the electronic unit being, for example, a control device of the injection molding machine and where, for example, the component is a valve, in particular a solenoid valve, for example a solenoid valve of a shut-off nozzle of an injection molding machine, or a, is in particular controlled by the control unit, electric motor or the like.
  • the electronic system could be designed as a vehicle, in particular as an at least partially autonomous or completely autonomous driving vehicle, wherein, for example, the electronic unit is a control device of the vehicle and wherein, for example, the component is a sensor, in particular a sensor controlled by the control device , in particular controlled by the control device, component control device and / or an, in particular controlled by the control device, electric motor or the like.
  • the electronic system could be designed as a (mobile) computer system, in particular as a smartphone, tablet or laptop, with the electronic unit being a central processing unit of the computer system, for example, and with the component being a, in particular with an electronic cryptography module, for carrying out the copy protection method equipped, accumulator, a, in particular equipped with the electronic cryptography module for carrying out the copy protection process, headphones and / or a, in particular equipped with the electronic cryptography module for carrying out the copy protection process, charging cable or the like.
  • the copy protection method comprises an asymmetric one Cryptography system.
  • the copy protection method comprises a symmetrical cryptography system.
  • an “interaction of a component with the electronic unit” is to be understood as meaning, in particular, a mechanical interaction and / or preferably a signal-related, preferably electronic and / or radio-related interaction.
  • the electronic unit is designed as an electronic unit that is superordinate to the component.
  • the electronic unit is preferably designed as a central electronic unit which is provided to control and / or manage the electronic system, in particular the electronic device.
  • the electronic system has at least temporarily at least one partial functionality even without the component.
  • the component is only functional in combination with the electronic unit.
  • a “public key infrastructure” is to be understood in particular as a cryptography system in which digital certificates are issued, distributed and checked. In particular, at least part of a data communication within the public key infrastructure is digitally signed and encrypted.
  • the certificates used within the public key infrastructure are preferably used to secure computer-aided communication within the electronic system.
  • the public key infrastructure comprises a set of rules, guidelines and / or methods, as well as hardware and software for creating, managing, distributing, using, storing and revoking digital certificates and for managing the encryption.
  • the public key infrastructure preferably comprises at least the certification authority.
  • the certification authority is designed as an offline certification authority.
  • the certification authority is arranged in a specially secured, for example access-restricted and / or security-monitored environment.
  • the certification authority is free of a data communication line which the certification authority directly or indirectly connects to the Internet.
  • data is entered into the certification authority and / or data is output by the certification authority at least partially manually and / or independently of the electronic system, in particular independently of the electronic unit and / or component to be certified, and / or free of one signaling connection to the electronic system, in particular to the electronic unit and / or component to be certified.
  • the certificate created by the certification authority for the electronic unit or for the component is prefabricated, that is to say, in particular, it is uploaded to the component and / or the electronic unit before the component and / or the electronic unit is put into operation for the first time.
  • the certificate created by the certification authority for the electronic unit or for the component is uploaded to the electronic unit and / or the component when the electronic unit and / or the component is flashed.
  • the certificate created by the certification authority for the electronic unit or for the component is preferably sent offline, for example by means of a physical data carrier (CD, USB stick, SD card, or the like) to the electronic unit and / or to the component transmitted.
  • the certificate of the electronic unit is preinstalled on a hardware element which is provided to carry out the copy protection method and which is connected to an IO pin of the electronic unit when the electronic unit is configured.
  • a key pair of public key and private key belonging to the certificate is transmitted along with the certificate, for example by means of the same or a further physical data carrier, and / or preinstalled on the hardware element.
  • a software patch is installed on an already installed and / or in operation electronic unit (control device) which requires and / or enables (offline) input of the certificate created by the certification authority for the electronic unit.
  • the software patch is preferably provided to operate on a user level, so that advantageously no Real-time relevant software and / or critical system applications have to be interrupted when the software patch is subsequently installed.
  • the certification authority is a certification authority and / or a certification authority which is provided to issue digital certificates.
  • the first certificate and / or the second certificate is a digital certificate.
  • the digital certificate of a component / electronic unit includes at least one piece of information about a cryptographic key of the component / electronic unit, in particular a public key of the component / electronic unit, at least one identification feature of the component / electronic unit and a digital signature the certification authority.
  • the digital certificate of the component / electronic unit can include a public key of the certification authority.
  • the digital certificate can include information on a period of validity of the digital certificate and / or on a scope and / or application area of the digital certificate.
  • the identification feature of the component / electronic unit preferably uniquely identifies the component / electronic unit.
  • the identification feature of the component / electronic unit can be designed, for example, as a serial number of the component / electronic unit.
  • the electronic unit is preferably connected in terms of data transmission to the at least one component, in particular to at least one cryptography module of the at least one component.
  • the electronic unit can be connected in terms of data transmission technology to further components, in particular identically or differently designed.
  • “connected in terms of data transmission” is to be understood to mean, in particular, wired and / or radio-connected.
  • the data transmission connection is provided at least to enable at least the respective associated certificates for a mutual check between the electronic unit and the to transmit at least one component.
  • the second certificate is checked for authenticity by the electronic unit.
  • the first certificate is checked for authenticity by the at least one component.
  • At least some of the components of the public key infrastructure for example the public key of the certification authority, or also the prefabricated certificates and / or the keys associated with the component and / or the electronic unit, are sent via a Internet connection between the at least one component and the electronic unit are transmitted.
  • a certificate is uploaded “during production” is to be understood in particular to mean that the certificate is uploaded at least before initial commissioning and / or before installation, preferably in at least one production step at a production site.
  • the fact that a certificate is uploaded “during a configuration” is to be understood in particular as meaning that the certificate is installed during programming and / or during a setting, preferably in the course of installing the software patch.
  • the certificate preferably transmitted on a separate offline medium, and / or the key pair of public key and private key belonging to the electronic unit is queried and in particular, the installation of the software patch can only be completed after successful entry.
  • each certificate and / or each key pair can only be issued once or only be assigned to a single component / electronic unit.
  • the identification feature for example the serial number
  • the certificate is uploaded to the electronic unit during the configuration in that a hardware element on which the certificate is stored is associated with the electronic unit, in particular with the PLC or the ECU, preferably via IO pins of the electronic unit.
  • the hardware element is provided in particular to transmit a simple signal which confirms or negates the authenticity of a component to the electronic unit.
  • the hardware element can communicate with the at least one component for carrying out the copy protection method, preferably at least for the transmission of the certificates, by cable or by radio.
  • the hardware element preferably has at least one radio module.
  • the identification feature of the electronic unit used for the creation of the first certificate is transmitted to the certification authority via a (arbitrary) transmission path that is independent of electronic data connections of the electronic unit.
  • a (arbitrary) transmission path that is independent of electronic data connections of the electronic unit.
  • particularly reliable copy protection can advantageously be achieved.
  • Overcoming the copy protection can advantageously be made almost impossible.
  • a risk of susceptibility to man-in-the-middle attacks can advantageously be significantly reduced.
  • the identification feature of the electronic unit used to create the first certificate for example the serial number of the electronic unit, is sent via a channel that is independent of the electronic unit to the manufacturer of the electronic unit and / or to the configuration of the electronic unit using the software patch or transmitted by means of the service provider performing the hardware element.
  • Such a channel can take place, for example, by letter post, by verbal communication, by sending a physical data carrier or the hardware element that can be installed on the electronic unit, or also via an electronic dispatch route, for example by e-mail, as long as this electronic dispatch route is separate from the electronic dispatch route Unit.
  • a specific public key of the public key infrastructure and a specific private key of the public key infrastructure be uploaded to the electronic unit during the production of the electronic unit and / or during the configuration of the electronic unit, in particular offline and / or that a further specific public key of the public key infrastructure and a further specific private key of the public key infrastructure in the production of the at least one component and / or in the configuration of the at least one component, in particular offline the at least one component is installed.
  • particularly reliable copy protection can advantageously be achieved, which in particular does not require online access.
  • the respective specific public keys and private keys, which are associated with an electronic unit or a component form matching key pairs.
  • the public key (s) are / are stored in the electronic unit and / or the at least one component that can only be written to once, a particularly secure copy protection can advantageously be achieved.
  • the public key (s) is / are stored on non-volatile read-only memories (ROM) of the electronic unit and / or of the at least one component.
  • the non-volatile read-only memory of the electronic unit and / or of the at least one component can, for example, be a mask ROM written at the time of production, a one-time programmable “programmable read-only memory” (PROM) or a “one time programmable erasable programmable read-only memory “(OTP-EPROM).
  • the memory which can only be written to once, is part of a microcontroller (mq), an application-specific integrated circuit (ASIC) or a field programmable gate array (FPGA).
  • the private key (s) are stored in a non-readable, secure manner in memories of the electronic unit and / or of the at least one component that can only be written once, an even more secure copy protection can advantageously be achieved.
  • the respective key pair in particular the Corresponding public key and private key are stored on the same write-once memory.
  • at least the private keys are stored and secured in such a way that they cannot be read out.
  • the private keys are encrypted and stored on the pC, the ASIC or the FPGA.
  • the certificate (s) are / are stored on memories that can be rewritten, in particular cannot be read, increased flexibility of the copy protection can advantageously be made possible, for example by limiting the duration of a certificate.
  • the certificate (s) is / are stored on programmable and / or rewritable non-volatile read-only memories (e.g. EPROM or EEPROM) of the electronic unit and / or of the at least one component.
  • the programmable and / or rewritable memory is part of the PC, the ASIC or the FPGA.
  • the certificates are encrypted and stored on the pC, the ASIC or the FPGA.
  • At least the certificates are each stored and secured in such a way that they cannot be read out.
  • At least one additional encrypted data element in particular different from a random number and / or from the public keys, the private keys and the certificates, is sent back and forth between the electronic unit and the component at least once is sent here.
  • copy protection can advantageously be increased further.
  • the additional encrypted data element is sent in a packet together with a cryptographic random number and / or a public key.
  • the encrypted data element is a time stamp.
  • a time stamp (just like a large random number, for example a 128-bit random number) is almost impossible to guess.
  • a list with identifiers of components and / or component groups compatible with the electronic unit is uploaded to the electronic unit.
  • a later comparison of an identifier of a component with the identifiers from the list of identifiers can thereby advantageously be carried out by the electronic unit. This can advantageously ensure that only compatible and / or approved components are installed and / or used in an electronic system.
  • An identifier in the list of identifiers can be assigned to a specific component type (e.g. a specific design of a sensor or a valve, etc.), for example.
  • an identifier of the list with identifiers of a component group which comprises several different component types that can be combined in a common group can be assigned.
  • the component can advantageously be identified by the electronic unit can be enabled on the basis of the list of identifiers. This can advantageously ensure that only compatible and / or approved components are installed and / or used in an electronic system.
  • a further copy protection feature can advantageously be created.
  • the identifier is sent in a packet together with the time stamp and / or the cryptographic random number.
  • the electronic unit be designed as an electronic control device, in particular as an “electronic control unit” (ECU) or as a “programmable logic controller” (PLC).
  • ECU electronice control unit
  • PLC programmable logic controller
  • the electronic unit is designed as a computer system, in particular with an installed operating system.
  • the computer system can be, for example, a mobile computer system such as a smartphone, a smart watch, a tablet, a laptop or the like.
  • the computer system can for example be a permanently installed computer system such as a computer server, a desktop PC or the like.
  • the at least one component has at least one application-specific integrated circuit (ASIC), at least one field programmable gate array (FPGA) and / or at least one microcontroller (pC).
  • ASIC application-specific integrated circuit
  • FPGA field programmable gate array
  • pC microcontroller
  • ASIC application-specific integrated circuit
  • FPGA field programmable gate array
  • pC microcontroller
  • ASIC application-specific integrated circuit
  • FPGA field programmable gate array
  • pC microcontroller
  • the component can be designed, for example, as a battery that can be controlled by a central control device, such as a vehicle battery, a cell phone battery, a laptop battery, etc.
  • the component can be designed, for example, as a secondary control device of a system organized and / or controlled by a central control device, such as a production system, etc.
  • the component can be designed, for example, as a charging cable of a device supplied with electrical energy by an energy storage device (eg mobile phone, laptop, etc.).
  • the component can for example be used as a Additional device and / or a peripheral device such as headphones, an input device, a camera, a loudspeaker, a modem, etc. of a central device such as a computer system or the like.
  • the component can be designed, for example, as an electrical and / or electronic device in a vehicle (eg radio, navigation system, engine control device, brake control device, etc.) which can be controlled by a central control device of the vehicle.
  • the at least one component is designed differently from a USB (Universal Serial Bus) data cable, different from a USB charging cable and / or different from another device equipped with a universal serial bus.
  • USB Universal Serial Bus
  • copy protection can advantageously also be made possible for devices that are not connected to one another via a USB interface.
  • the copy protection method can be considered in a further aspect of the invention, which taken alone or in combination with at least one, in particular in combination with one, in particular in combination with any number of the other aspects of the invention, at least a first process part with the following process steps:
  • the first certificate preferably comprising the public key of the electronic unit
  • Local storage of the public key of the electronic unit by the at least one component in particular permanent storage of the public key of the electronic unit in a ROM of the at least one component or temporary storage of the public key of the electronic unit in a RAM of the at least one component, after successful verification of the first certificate, in particular in at least one data memory of the at least one component,
  • the second certificate preferably comprising the further public key of the at least one component
  • Verification of the second certificate by the electronic unit in particular by means of a public key of the certification authority, in particular the further public key of the at least one component being determined and
  • Local storage of the further public key of the at least one component by the electronic unit in particular permanent storage of the further public key of the at least one component in a ROM of the electronic unit or temporary storage of the further public key of the at least one component in a RAM of the electronic unit , after successful verification of the second certificate, in particular in at least one data memory of the electronic unit, and at least one second process part with the following process steps:
  • a random number in particular a cryptographically secure random number, preferably at least a 128-bit random number, by the electronic unit, in particular by a cryptographically secure random number generator of the electronic unit,
  • the method steps of the first method part and / or of the second method part can, according to the invention, also have sequences of method steps that differ from the above sorting.
  • This advantageously makes it possible to achieve a high level of operational reliability for electronic systems, in particular electronic systems without a data connection to a certification authority and / or without an Internet connection.
  • This advantageously enables components of the electronic system to be checked for authenticity offline.
  • “Temporary storage” is to be understood as meaning, in particular, storage for a limited period of time, for example a few minutes, hours or days.
  • a temporarily stored data record is preferably deleted after an, in particular one-time, execution of the copy protection method has ended or after the electronic system has stopped.
  • the electronic unit in particular the control device, stops the operation of the entire electronic system or a part of the electronic system, in particular at least that part of the electronic system that comprises the forgery and / or the incompatible component.
  • the electronic unit in particular the control unit, refuses to resume operation of the electronic system or a part of the electronic system, in particular at least that part of the electronic system, which the forgery and / or the incompatible component has been installed. or includes the incompatible component.
  • the first process part and the second process part be carried out and / or repeated each time a component of the electronic system interacting with the electronic unit is replaced and / or each time a component interacting with the electronic unit is reinstalled.
  • an effective and / or reliable check of the authenticity of replaced and / or newly installed components, for example spare parts, wear parts or consumable parts, of electronic systems can advantageously be guaranteed.
  • the two process parts of the copy protection process are preferably only carried out together or repeated after a component of the electronic system that interacts with the electronic unit has been replaced and / or reinstalled.
  • the second process part be carried out and / or repeated each time the electronic system is started. Reliable copy protection can thereby advantageously be guaranteed.
  • the second process part is carried out and / or repeated at predetermined, in particular regular or irregular, time intervals.
  • both parts of the process can be used at each start of the electronic system can be performed and / or repeated.
  • the two process parts are carried out and / or repeated at predetermined, in particular regular or irregular, time intervals.
  • the electronic unit in particular the electronic control unit for the electronic system, is proposed with preinstalled software and / or programming which is provided at least to carry out the described copy protection method.
  • a system comprising the electronic unit and the hardware element is proposed, the hardware element being plugged into the electronic unit and having the preinstalled software and / or programming, which is provided at least to carry out the copy protection method.
  • the hardware element comprises at least one electronic circuit.
  • the hardware element preferably comprises at least one memory (RAM and / or ROM) and at least one processor.
  • the component of the electronic system with preinstalled software and / or programming, which is provided at least to carry out the described copy protection method is proposed.
  • the electronic system with the electronic unit and with one or more components is proposed.
  • a copy-protected electronic system with the electronic unit and with the at least one component that interacts with the electronic unit is proposed, the electronic unit for checking an authenticity of at least one component by means of a mutual check of each of the electronic unit and certificates of a public key infrastructure belonging to the at least one component are provided, wherein the electronic unit has a prefabricated first certificate that has already been installed during manufacture of the electronic unit and / or during configuration of the electronic unit, in particular offline, and / or wherein the at least one Component has a prefabricated second certificate that is already installed when the at least one component is manufactured and / or when the at least one component is configured, in particular offline.
  • the prefabricated certificates can already be stored in the delivery state on the electronic unit and / or the at least one component.
  • the prefabricated certificate of the electronic unit, together with a software patch of the electronic unit is uploaded to an electronic unit that has already been delivered and / or is already in use.
  • the prefabricated certificate of the electronic unit is preinstalled on the hardware element which is installed on an electronic unit that has already been delivered and / or is already in use.
  • the electronic unit have a specific public key of the public-key infrastructure that is already installed when the electronic unit is manufactured and / or when the electronic unit is configured, in particular offline, and a specific public key of the public-key infrastructure that is already installed when the electronic unit is manufactured / or when the electronic unit is configured, in particular offline, has a specific private key of the public key infrastructure and / or that the at least one component is a component when the at least one component is manufactured and / or when the at least one component is configured in particular offline, further specific public key of the public key infrastructure and an additional one already installed during the manufacture of the at least one component and / or during a configuration of the at least one component, in particular offline has a specific private key of the public key infrastructure.
  • particularly secure copy protection can advantageously be achieved.
  • the copy-protected electronic system has an offline verifiability of the authenticity of the at least one component, a high degree of flexibility of use of the copy-protected electronic system, which is in particular independent of a connection of the copy-protected electronic system to the Internet, can advantageously be achieved.
  • a high degree of flexibility of use of the copy-protected electronic system which is in particular independent of a connection of the copy-protected electronic system to the Internet, can advantageously be achieved.
  • copy protection can thereby advantageously be achieved.
  • the copy protection method according to the invention and the copy-protected electronic system according to the invention are not intended to be restricted to the application and embodiment described above.
  • the copy protection method according to the invention and the copy-protected electronic system according to the invention can have a number of individual elements, components and units that differs from a number of individual elements, components and units mentioned herein in order to fulfill a mode of operation described herein.
  • FIG. 1 shows a schematic representation of an electronic system embodied by way of example as an injection molding machine and secured by means of a copy protection method with an electronic unit and components
  • FIG. 2 shows a schematic representation of an alternative electronic system embodied as a vehicle and secured by means of the copy protection method
  • FIG. 3 shows a schematic representation of a second alternative electronic system, designed as an example as a computer system and secured by means of the copy protection method
  • FIG. 5 shows an exemplary schematic flow diagram of the copy protection method
  • Fig. 6 is a further schematic representation of the than
  • FIG. 1 shows an electronic system 10 embodied as an injection molding machine 40 by way of example.
  • the electronic system 10 has an electronic unit 12 embodied as a central controller and / or as an electronic control device.
  • the electronic system 10 has components 14, 36.
  • One component 14 of the components 14, 36 of the electronic system 10 embodied as an injection molding machine 40 is embodied as a valve.
  • the component 14 embodied as a valve is provided for controlling a flow through a shut-off nozzle (not shown in detail) of the injection molding machine 40.
  • Another component 36 of the components 14, 36 of the electronic system 10 embodied as an injection molding machine 40 is embodied as an electric motor (not shown in detail).
  • the component 36 embodied as an electric motor is provided for controlling a rotational movement of a worm shaft of the injection molding machine 40.
  • the components 14, 36 include an ASIC, an FPGA and / or a PC.
  • the components 14, 36 interact with the electronic unit 12.
  • the components 14, 36 are connected to the electronic unit 12 via a data line 38. Alternatively, a radio link is also conceivable (see also FIG. 6).
  • the electronic unit 12 is provided for controlling the functions of the components 14, 36, for example for controlling the opening position of the valve or the rotational movement of the worm shaft.
  • the electronic unit 12 of the electronic system 10 forms an ECU or a PLC.
  • FIG. 2 shows an example of an alternative electronic system 10 'embodied as a vehicle 42, in particular as an at least partially autonomous vehicle.
  • the alternative electronic system 10 ' has an electronic unit 12 designed as a central controller and / or as an electronic control device.
  • the alternative electronic system 10 ' has components 14,
  • a component 14 of the components 14, 36 of the alternative electronic system 10 ′ embodied as a vehicle 42 is embodied as a distance sensor (for example a radar sensor or a lidar sensor) of the vehicle 42.
  • the component 14 embodied as a distance sensor is provided for topographical recognition of the surroundings of the vehicle 42.
  • Another component 36 of the components 14, 36 of the alternative electronic system 10 'embodied as a vehicle 42 is embodied as an electric motor (not shown in detail).
  • the component 36 embodied as an electric motor is provided for controlling part of the vehicle 42, for example a steering or a speed of the vehicle 42.
  • the components 14, 36 interact with the electronic unit 12.
  • the components 14, 36 include an ASIC, an FPGA and / or a PC.
  • the components 14, 36 are connected to the electronic unit 12 via a data line 38. Alternatively, a radio link is also conceivable (see FIG. 6).
  • the electronic unit 12 is provided for controlling the functions of the components 14, 36.
  • the electronic unit 12 of the alternative electronic system 10 'forms an ECU or a PLC.
  • FIG. 3 shows a second alternative electronic system 10 ′′ embodied as a computer system 44, in particular as a portable computer system, by way of example.
  • the second alternative electronic system 10 ′′ has an electronic unit 12 embodied as a portable computer, in particular as a laptop.
  • the electronic unit 12 of the second alternative electronic system 10 "is designed as a central electronic unit of the second alternative electronic system 10".
  • the second alternative electronic system 10 ′′ has components 14, 36.
  • a component 14 of the components 14, 36 of the second alternative electronic system 10 ′′ embodied as a computer system 44 is embodied as a charging cable of the portable computer.
  • the component 14 designed as a charging cable is provided for supplying an energy store of the portable computer with electrical charging energy.
  • Another component 36 of the components 14, 36 of the second alternative electronic system 10 ′′ embodied as a computer system 44 is embodied as headphones.
  • the component 36 designed as headphones is provided for outputting acoustic signals generated by the portable computer.
  • the components 14, 36 interact with the electronic unit 12.
  • the components 14, 36 are connected to the electronic unit 12 via a cable connection.
  • the components 14, 36 each have an integrated cryptography module 46.
  • the cryptography module 46 is provided to send encrypted data to the electronic unit 12 or to receive it from the electronic unit 12.
  • the components 14, 36 in particular the cryptography modules 46 of the components 14, 36, are connected to the electronic unit 12 via a data line 38.
  • a radio link is also conceivable.
  • the cryptography module 46 of the components 14, 36 comprises an ASIC, an FPGA and / or a PC.
  • the electronic units 12 of the electronic systems 10, 10 ', 10 are superordinate to the components 14, 36 of the electronic systems 10, 10', 10".
  • the electronic units 12 of the electronic systems 10, 10 ′, 10 ′′ have each has a pre-installed software and / or a programming which is provided at least to carry out a copy protection method (described herein).
  • a software patch can be installed on the electronic units 12 of the electronic systems 10, 10 ′, 10 ′′, which is provided to enable the copy protection method described herein to be carried out.
  • a hardware element 112 can be installed on the electronic unit 12 of the electronic systems 10, 10 ′, 10 ′′, which has software or programming that is intended to enable the copy protection method described herein to be carried out .
  • the components 14, 36 of the electronic systems 10, 10 ', 10 are subordinate to the electronic units 12 of the electronic systems 10, 10', 10".
  • the components 14, 36 of the electronic systems 10, 10 ′, 10 ′′ have preinstalled software and / or programming which is provided at least for carrying out the copy protection method (described herein).
  • the electronic unit 12 is provided for checking the authenticity of the components 14, 36.
  • the electronic unit 12 is provided for checking the authenticity of the components 14, 36 by means of a mutual check of the certificates 20, 22 belonging to the electronic unit 12 and the components 14, 36 of a public key infrastructure 16 (see FIG. 4). .
  • the electronic systems 10, 10 ’, 10" form copy-protected electronic systems 10, 10 ’, 10".
  • the electronic units 12 of the electronic systems 10, 10 ′, 10 ′′ enable the authenticity of the respective associated components 14, 36 to be checked offline.
  • the electronic units 12 of the electronic systems 10, 10 ′, 10 ′′ already have this when the electronic unit 12 is manufactured and / or when the electronic unit is configured Units 12 accumulated first certificate 20 on.
  • the first certificate 20 has been prefabricated offline before being uploaded to the electronic unit 12.
  • the Electronic units 12 of the electronic systems 10, 10 ′, 10 ′′ also have a specific public key 24 of the public key infrastructure 16 that is already recorded during the production of the electronic units 12 and / or during the configuration of the electronic units 12.
  • the electronic units 12 of the electronic systems 10, 10 ′, 10 ′′ also have a specific private key 26 of the public key infrastructure 16 already recorded during the production of the electronic units 12 and / or during the configuration of the electronic units 12.
  • the specific public key 24 of one of the electronic units 12 and the specific private key 26 of the same electronic unit 12 form a unique key pair.
  • the components 14, 36 of the electronic systems 10, 10 ', 10 have the second certificate 22 already installed when the components 14, 36 are manufactured and / or when the components 14, 36 are configured.
  • the second certificate 22 has been prefabricated offline before being played on the components 14, 36.
  • the components 14, 36 of the electronic systems 10, 10 ′, 10 ′′ also each have a further specific public key 28 of the public key infrastructure that is recorded during the production of the components 14, 36 and / or during the configuration of the components 14, 36 16 on.
  • the components 14, 36 of the electronic systems 10, 10 ′, 10 ′′ also have a further specific private key 30 of the public key infrastructure that was already installed during the manufacture of the components 14, 36 and / or during the configuration of the components 14, 36 16 on.
  • FIG. 4 shows a schematic representation of a public key infrastructure 16 of the copy protection method.
  • the copy protection process can be used offline.
  • the public key infrastructure 16 has a cryptographic generator 50.
  • the cryptographic generator 50 is intended to create key pairs of public keys 24, 28 and private keys 26, 30 that belong together.
  • the cryptographic generator 50 itself is secured by means of a master key pair 54.
  • the key pairs created by the cryptographic generator 50 are transmitted to a manufacturer of components 14, 36 and / or to a manufacturer of electronic units 12.
  • the key pairs are transmitted on a secure, non-eavesdropping or at least difficult to eavesdropping path, preferably on a transmission path that is independent of electronic data connections of the electronic unit 12, for example via a physical data carrier.
  • Each electronic unit 12 has a unique identification feature 48, for example a serial number of the electronic unit 12.
  • Each component 14, 36 has a unique identification feature 52, for example a serial number of the component 14, 36.
  • the public key infrastructure 16 has a certification authority 18.
  • the cryptographic generator 50 can be embodied separately from the certification authority 18 together with the certification authority 18.
  • the certification authority 18 is provided to create the first certificate 20 for the electronic unit 12.
  • the certification authority 18 is provided to create the second certificate 22 for the respective components 14, 36.
  • the manufacturer of the component 14, 36 and / or of the electronic unit 12 assigns a key pair to each component 14, 36 and / or to each electronic unit 12.
  • the manufacturer of the component 14, 36 and / or the electronic unit 12 sends the public key 24, 28 of the associated key pairs together with the associated associated identification features 48, 52 bundled in packets via a secure, one of electronic data connections of the electronic unit 12 and / or the components 14, 36 independent transmission path to the certification authority 18.
  • the manufacturer sends the identification features 48, 52 to the cryptographic generator 50, which assigns a pair of keys to each identification feature 48, 52 associated with a component 14, 36 or an electronic unit 12, and bundles the public keys 24, 28 of the assigned key pairs together with the associated identification features 48, 52 in packages via a secure, one of electronic data connections of the electronic unit 12 and / or the components 14, 36 forwards to the certification authority 18 independent transmission path
  • the first certificate 20 is then created in each case based on the transmitted identification feature 48 of the electronic unit 12 and the associated public key 24, 28 of the electronic unit 12.
  • the second certificate 22 is then created in each case based on the transmitted identification feature 52 of the components 14, 36 and the associated public key 24, 28 of the components 14, 36.
  • the first certificate 20 is prefabricated.
  • the first certificate 20 is prefabricated offline.
  • the second certificate 22 is prefabricated.
  • the second certificate 22 is prefabricated offline.
  • the prefabricated certificates 20, 22 are sent back by the certification authority 18 to the respective manufacturer of the electronic unit 12 and / or the component 14, 36 via a secure transmission path that is independent of the electronic data connections of the electronic unit 12 and / or the components 14, 36 .
  • the first certificate 20 associated with the electronic unit 12 (offline) is uploaded to the electronic unit 12. Alternatively or additionally, the first certificate 20 associated with the electronic unit 12 is uploaded to the electronic unit 12 when the electronic unit 12 is configured (offline). The first certificate 20 associated with the electronic unit 12 is stored in a memory of the electronic unit 12 that can be rewritten several times.
  • the second certificate 22 (offline) associated with the component 14, 36 is uploaded to the component 14, 36. Alternatively or additionally, the second certificate 22 associated with the component 14, 36 is uploaded to the component 14, 36 when the component 14, 36 is configured (offline). That the The second certificate 22 belonging to the component 14, 36 is stored in a memory of the component 14, 36 that can be rewritten several times.
  • the specific public key 24 belonging to the electronic unit 12 of the public key infrastructure 16 is uploaded to the electronic unit 12.
  • the specific public key 24 of the public key infrastructure 16 associated with the electronic unit 12 is uploaded to the electronic unit 12 when the electronic unit 12 is configured (offline).
  • the public key 24 assigned to the electronic unit 12 is stored in a memory of the electronic unit 12 that can only be written to once.
  • the specific private key 26 of the public key infrastructure 16 (offline) belonging to the electronic unit 12 is uploaded to the electronic unit 12.
  • the specific private key 26 of the public key infrastructure 16 associated with the electronic unit 12 is uploaded to the electronic unit 12 when the electronic unit 12 is configured (offline).
  • the private key 26 assigned to the electronic unit 12 is stored in a non-readable (encrypted) memory of the electronic unit 12 that can only be written to once.
  • the manufacturer of the electronic unit 12 or the operator of the certification authority 18 creates a list with identifiers 56 of components 14, 36 compatible with the electronic unit 12 and / or component groups compatible with the electronic unit 12.
  • the list with identifiers 56 of components 14, 36 and / or component groups (offline) that are compatible with the electronic unit 12 is uploaded to the electronic unit 12.
  • the list with identifiers 56 of components 14, 36 and / or component groups that are compatible with the electronic unit 12 is uploaded to the electronic unit 12 when the electronic unit 12 is configured (offline).
  • the list of identifiers 56 of components 14, 36 and / or compatible with the electronic unit 12 Component groups are stored in the memory of the electronic unit 12, which can only be written once, or in a memory of the electronic unit 12 that can be written several times. It is conceivable that the list with identifiers 56 of components 14, 36 and / or component groups that are compatible with the electronic unit 12 is not readable (encrypted) and is stored in the memory of the electronic unit 12.
  • the specific public key 28 of the public key infrastructure 16 (offline) associated with the component 14, 36 is uploaded to the component 14, 36.
  • the specific public key 28 of the public key infrastructure 16 associated with the component 14, 36 is uploaded to the component 14, 36 during the configuration of the component 14, 36 (offline).
  • the public key 28 assigned to the component 14, 36 is stored in a memory of the component 14, 36 that can only be written to once.
  • the specific private key 30 of the public key infrastructure 16 (offline) associated with the component 14, 36 is uploaded to the component 14, 36.
  • the specific private key 30 of the public key infrastructure 16 associated with the component 14, 36 is uploaded to the component 14, 36 during the configuration of the component 14, 36 (offline).
  • the private key 30 assigned to the component 14, 36 is stored in a memory of the component 14, 36 that can only be written once and cannot be read out (encrypted).
  • Each component 14, 36 is assigned an identifier from the list of identifiers 56 by the manufacturer of the components 14, 36 or by the operator of the certification authority 18.
  • one of the identifiers from the list with identifiers 56 (offline) is uploaded to the component 14, 36.
  • one of the identifiers from the list with identifiers 56 (offline) is stored in a memory of the component 14, 36.
  • one of the identifiers from the list with identifiers 56 (offline) is uploaded to the component 14, 36 when the component 14, 36 is configured and / or stored on the memory of the component 14, 36.
  • the identifier assigned to the component 14, 36 is stored in a memory of the component 14, 36 that can only be written once, or in a memory of the component 14, 36 that can be written more than once. It is conceivable that the identifier assigned to the component 14, 36 cannot be read out (encrypted) and is stored in the memory of the component 14, 36.
  • FIG. 5 shows an exemplary schematic flow chart of the copy protection method.
  • an electronic system 10, 10 ′, 10 ′′ with the electronic unit 12 and with at least one component 14, 36 interacting with the electronic unit 12 is provided.
  • the copy protection method comprises a first method part 32.
  • the copy protection method comprises a second method part 34.
  • the first method part 32 and the second method part 34 are replaced each time a component 14, 36 of the electronic system 10; 10 '; 10 ′′ and / or for each new installation of a component 14, 36 interacting with the electronic unit 12 carried out one after the other and / or repeated.
  • the first method part 32 comprises several method steps 60, 62, 64, 66, 68, 70, 72.
  • the method steps 60, 62, 64, 66, 68, 70, 72 of the first method part 32 can also be one of the order of Process steps have a different sequence of process steps.
  • a data connection is set up between the electronic unit 12 and the component 14, 36.
  • the first certificate 20 is sent from the electronic unit 12 to the component 14, 36.
  • the first certificate 20 sent in the method step 62 includes the public key 24 of the electronic unit 12.
  • the first certificate 20 is verified by the component 14, 36.
  • the first certificate 20 is verified by means of a public key 110 of the certification authority 18.
  • the public key 24 of the electronic unit 12 is determined by the component 14, 36.
  • the public key 24 of the electronic unit 12 is stored locally on the memory of the component 14, 36, in particular in a ROM (permanent) of the component 14, 36 or in a RAM (temporarily) of the component 14, 36, stored.
  • the second certificate 22 is sent from the component 14, 36 to the electronic unit 12.
  • the second certificate 22 sent in the method step 68 includes the further public key 28 of the component 14, 36.
  • the second certificate 22 is verified by the electronic unit 12.
  • the second certificate 22 is verified by means of the public key 110 of the certification authority 18.
  • the further public key 28 of the components 14, 36 is determined by the electronic unit 12.
  • the further public key 28 is used in at least one further method step 72 of the first method part 32 of the component 14, 36 by the electronic unit 12 after successful verification of the second certificate 22 by the electronic unit 12 locally on the memory of the electronic unit 12, in particular in a ROM (permanent) of the electronic unit 12 or in a RAM (temporarily) of the electronic unit 12, stored.
  • the second method part 34 comprises several method steps 74, 76, 78, 80, 82, 84, 86, 88, 90, 92, 94, 96, 98, 100, 102, 104, 106.
  • the method steps 74, 76, 78, 80 , 82, 84, 86, 88, 90, 92, 94, 96, 98, 100, 102, 104, 106 of the second method part 34 can also have a sequence of method steps that deviates from the sequence of method steps described below.
  • At least one method step 74 of the second method part 34 at least one additional encrypted data element in the form of a time stamp and / or a cryptographically secure random number is sent back and forth between the electronic unit 12 and the components 14, 36 at least once by means of the public key infrastructure 16 .
  • the electronic unit 12 has a cryptographically secure random number generator (not shown).
  • a cryptographically secure random number is generated by the random number generator of the electronic unit 12.
  • a time stamp is generated by the electronic unit 12.
  • the cryptographically secure random number and the time stamp are stored locally and / or temporarily by the electronic unit 12 in the memory of the electronic unit 12.
  • temporary storage is to be understood as meaning, in particular, a time-limited storage in which the temporarily stored data is preferably deleted again after successful detection of the authenticity of the component 14, 36 or when a further cryptographically secure random number or another is generated Timestamps are overwritten.
  • the electronic unit 12 creates a packet which comprises at least the cryptographically secure random number and the time stamp.
  • the packet which includes the cryptographically secure random number and the time stamp, is encrypted by means of the further public key 28 of the components 14, 36 stored by the electronic unit 12.
  • the encrypted packet is sent from the electronic unit 12 to the component 14, 36.
  • the packet is decrypted by the component 14, 36 by the component 14, 36 using the further private key 30 of the component 14, 36.
  • the specific identifier assigned to the component 14, 36 is added to the package by the component 14, 36.
  • the package expanded by the specific identifier assigned to the component 14, 36 is encrypted using the public key 24 of the electronic unit 12 stored by the component 14, 36.
  • the packet expanded by the specific identifier assigned to the component 14, 36 is sent from the component 14, 36 to the electronic unit 12.
  • the package expanded by the specific identifier assigned to the component 14, 36 is decrypted by the electronic unit 12 using the private key 26 of the electronic unit 12.
  • step 98 of the second method part 34 the time stamp from the extended packet received by the electronic unit 12 and decrypted by the electronic unit 12 is compared with the time stamp stored locally and / or temporarily in the memory of the electronic unit 12.
  • step 100 of the second Process part 34 compares the cryptographically secure random number from the extended packet received by the electronic unit 12 and decrypted by the electronic unit 12 with the cryptographically secure random number stored locally and / or temporarily in the memory of the electronic unit 12.
  • the specific identifier is obtained from the extended package received by the electronic unit 12 and decrypted by the electronic unit 12 with identifiers from the list of identifiers 56, which is stored in the memory of the electronic unit 12 , matched.
  • the authenticity of the component 14, 36 is confirmed by the electronic unit 12 if the following three criteria are met: a) match of the cryptographically secure random numbers, b) match of the time stamps and c) match of the specific identifier with at least one identifier from the list of identifiers 56 stored in the memory of the electronic unit 12.
  • step 106 of the second method part 34 the time stamp or c) in the absence of the specific identifier transmitted to the electronic unit 12 in the list of identifiers 56 stored by the electronic unit 12, a forgery and / or an incompatible component is identified by the electronic unit 12.
  • step 108 when a forgery is identified and / or an incompatible component is identified by the electronic unit 12 in the second method part 34, the forgery and / or the incompatible component is used within the electronic system 10; 10 '; 10 ”refused.
  • FIG. 6 shows the electronic system 10 embodied by way of example as an injection molding machine 40 in a further embodiment.
  • the electronic one System 10 comprises further components 116, 118, 120, 122, 124.
  • the further components 116, 118, 120, 122, 124 form, for example, solenoid valves of a battery of solenoid valves of the injection molding machine 40.
  • the electronic system 10 comprises a hardware element 112.
  • the hardware element 112 is connected to the electronic unit 12 of the electronic system 10 of the injection molding machine 40.
  • the hardware element 112 is plugged into the electronic unit 12 by means of IO pins.
  • the hardware element 112 comprises an electronic circuit 114 with a processor (not shown) and a data memory (not shown).
  • the hardware element 112 comprises preinstalled software and / or programming which is provided at least to carry out the described copy protection method.
  • the hardware element 112 is provided to transmit information about the authenticity of one or more components 14, 36, 116, 118, 120, 122, 124 of the electronic system 10 to the electronic unit 12, which is determined by means of the copy protection method.
  • the electronic unit 12 is provided to allow or prevent the operation of individual components 14, 36, 116, 118, 120, 122, 124 and / or the entire electronic system 10 based on the information received from the hardware element 112.
  • the hardware element 112 has a radio module 126.
  • the components 116, 118, 120, 122, 124 have a further radio module 128.
  • each component 14, 36, 116, 118, 120, 122, 124 can be a separate, in particular specifically the respective component 14, 36, 116, 118,
  • the radio modules 126, 128 each include a transmitter (transmitting antenna) and a receiver (receiving antenna).
  • the radio modules 126, 128 replace the data line 38.
  • the components 116, 118, 120, 122, 124 and the electronic unit 12 are connected to one another in terms of communication (eg via BLE, LORA, WLAN, etc.) by means of the radio modules 126, 128.
  • the radio modules 126, 128 are provided to reciprocally transmit the certificates 20, 22 and / or public keys 24, 28, 110 required to carry out the copy protection method. Reference number

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Manufacturing & Machinery (AREA)
  • Mechanical Engineering (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé de protection contre la copie pour un système électronique comprenant au moins une unité électronique et comprenant au moins un composant qui interagit avec l'unité électronique, procédé dans lequel au moins une infrastructure à clé publique ayant au moins une autorité de certification est utilisée, où, au moyen de l'autorité de certification, au moins un premier certificat est émis pour l'unité électronique en fonction d'une caractéristique d'identification de l'unité électronique, et au moins un deuxième certificat est émis pour le ou les composants en fonction d'une caractéristique d'identification du ou des composants et où, pour vérifier l'authenticité d'au moins le ou les composants par l'unité électronique, les certificats associés respectivement sont vérifiés au moins en alternance. Selon l'invention, au moins le premier certificat est préfabriqué et, lors de la fabrication de l'unité électronique et/ou lors de la configuration de l'unité électronique, il est installé sur l'unité électronique, et/ou au moins le deuxième certificat est préfabriqué et, lors de la fabrication du ou des composants et/ou lors de la configuration du ou des composants, il est installé sur le ou les composants.
EP21723864.1A 2020-04-24 2021-04-23 Procédé de protection contre la copie et système électronique protégé contre la copie Pending EP4140115A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102020111281.5A DE102020111281A1 (de) 2020-04-24 2020-04-24 Kopierschutzverfahren und kopiergeschütztes elektronisches System
PCT/EP2021/060742 WO2021214325A1 (fr) 2020-04-24 2021-04-23 Procédé de protection contre la copie et système électronique protégé contre la copie

Publications (1)

Publication Number Publication Date
EP4140115A1 true EP4140115A1 (fr) 2023-03-01

Family

ID=75825806

Family Applications (1)

Application Number Title Priority Date Filing Date
EP21723864.1A Pending EP4140115A1 (fr) 2020-04-24 2021-04-23 Procédé de protection contre la copie et système électronique protégé contre la copie

Country Status (5)

Country Link
US (1) US20230179430A1 (fr)
EP (1) EP4140115A1 (fr)
CN (1) CN115720706A (fr)
DE (1) DE102020111281A1 (fr)
WO (1) WO2021214325A1 (fr)

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7228420B2 (en) * 2002-06-28 2007-06-05 Temic Automotive Of North America, Inc. Method and system for technician authentication of a vehicle
WO2006058387A1 (fr) 2004-12-02 2006-06-08 Now Technologies Pty Limited Gestion de contenu non protege et protege en reseaux prives
WO2007148258A2 (fr) * 2006-06-21 2007-12-27 Ashish Anand Vérification de l'intégrité et modèle de reporting pour plate-forme matérielle de vote électronique de confiance routée
US8639627B2 (en) 2007-07-06 2014-01-28 Microsoft Corporation Portable digital rights for multiple devices
JP6217728B2 (ja) * 2015-10-19 2017-10-25 トヨタ自動車株式会社 車両システムおよび認証方法
PL3258660T3 (pl) 2016-06-16 2019-04-30 Riddle & Code Gmbh Urządzenie zabezpieczające i klucz sprzętowy oraz sposób jego używania
US10749680B1 (en) 2019-03-25 2020-08-18 Micron Technology, Inc. Secure communication between a vehicle and a remote device

Also Published As

Publication number Publication date
DE102020111281A1 (de) 2021-10-28
US20230179430A1 (en) 2023-06-08
CN115720706A (zh) 2023-02-28
WO2021214325A1 (fr) 2021-10-28

Similar Documents

Publication Publication Date Title
EP1959606B1 (fr) Unité de protection
DE112014005412B4 (de) Programmaktualisierungssystem und Programmaktualisierungsverfahren
DE10008974B4 (de) Signaturverfahren
EP2705410B1 (fr) Procédé et système pour fournir des données d'exploitant, spécifiques d'un appareil, pour un appareil d'automatisation d'une installation d'automatisation
EP2689553B1 (fr) Appareil de commande pour véhicule automobile avec dispositif cryptographique
EP2936259B1 (fr) Actualisation d'un certificat d'appareil numérique d'un appareil d'automatisation
DE102007022100B4 (de) Kraftfahrzeugsteuergerätedatenübertragungssystem und -verfahren
DE112018003154T5 (de) Fahrzeuggebundenes Authentifizierungssystem, Kommunikationseinrichtung, fahrzeuggebundene Authentifizierungseinrichtung, Computerprogramm, Kommunikationseinrichtungs-Authentifizierungsverfahren und Kommunikationseinrichtungs-Herstellungsverfahren
DE102015211451A1 (de) Verfahren zu einem Manipulationsschutz von über ein Bussystem zwischen Systemkomponenten zu übertragenden Nutzdatenpaketen
DE102018101479A1 (de) Steuerungsschnittstelle für ein autonomes fahrzeug
WO2019081395A1 (fr) Procédé et dispositif de mise à jour de logiciel d'un appareil de commande d'un véhicule à moteur
EP3422628B1 (fr) Procédé, dispositif de sécurité et système de sécurité
EP3498544A1 (fr) Dispositif, procédé et programme informatique permettant de libérer un composant de véhicule, module de communication véhicule à véhicule
DE10213658B4 (de) Verfahren zur Datenübertragung zwischen Komponenten der Bordelektronik mobiler Systeme und solche Komponenten
WO2013056740A1 (fr) Tachygraphe numérique
DE102011002713A1 (de) Verfahren und Vorrichtung zum Bereitstellen von kyptographischen Credentials für Steuergeräte eines Fahrzeugs
EP4140115A1 (fr) Procédé de protection contre la copie et système électronique protégé contre la copie
WO2019115312A1 (fr) Dispositifs, procédé et programme informatique pour la déconnexion de composants de véhicule, module de communication véhicule-à-véhicule
DE102020215964B3 (de) Tachographensystem, Tachographeneinrichtung und Verfahren zum Betreiben eines Tachographensystems
DE102022003160A1 (de) Verfahren zur Authentifizierung von Daten
DE102009053230A1 (de) Verfahren zur Autorisierung eines externen Systems auf einem Steuergerät eines Fahrzeugs, insbesondere eines Kraftfahrzeugs
DE102020214499A1 (de) Verfahren zum Erzeugen von Schlüsseln und Ersetzen von Teilnehmern in einem Netzwerk
DE102022206899A1 (de) Verfahren für eine Verwendung von kryptografischen Schlüsseln in einem fahrzeuginternen Kommunikationsnetz
DE102021000522A1 (de) Verfahren zur Absicherung der Kommunikation zwischen einem Kommunikationssystem eines Fahrzeugs und einem fahrzeugexternen Server
DE102020213611A1 (de) Verfahren zur Anwendung kryptographischer Funktionen auf Daten unter Verwendung verschiedener Schlüssel

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20221115

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)