+

WO2008113669A1 - Dispositif, système, procédé de configuration et dispositif de configuration - Google Patents

Dispositif, système, procédé de configuration et dispositif de configuration Download PDF

Info

Publication number
WO2008113669A1
WO2008113669A1 PCT/EP2008/052470 EP2008052470W WO2008113669A1 WO 2008113669 A1 WO2008113669 A1 WO 2008113669A1 EP 2008052470 W EP2008052470 W EP 2008052470W WO 2008113669 A1 WO2008113669 A1 WO 2008113669A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
predetermined
msg
identifier
kxn
Prior art date
Application number
PCT/EP2008/052470
Other languages
German (de)
English (en)
Inventor
Rainer Falk
Florian Kohlmayer
Original Assignee
Siemens Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Aktiengesellschaft filed Critical Siemens Aktiengesellschaft
Publication of WO2008113669A1 publication Critical patent/WO2008113669A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • H04L9/0836Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key using tree structure or hierarchical structure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Definitions

  • the invention relates to a device and a system with at least two of these devices. Furthermore, the invention relates to a configuration method and a configuration device for configuring the device.
  • a sensor network In a sensor network, messages are sent from a respective sender node of the sensor network to a respective destination node of the sensor network. If necessary Müs ⁇ sen messages each have one or more intermediate nodes are transmitted until the messages reach their respective destination node.
  • Such sensor networks are generally operated uncontrollably, so that attackers very easily have the opportunity to acquire one or more of the nodes of the sensor network and / or listen to news or to false ones. In particular, an attacker can send it as one of the nodes of the sensor network out ⁇ ben and fake messages with its identity.
  • the object of the invention is to provide an apparatus and a Sys tem ⁇ , in or at which a reliable authenticating a sender of data is possible. Further, the object of the invention to provide a Configurati ⁇ onsvon and a configuration device to the configurations of the device to provide centering, which makes simple authenticated or the device.
  • the invention is characterized by a device with a key memory in which at least one predetermined key part quantity assigned to the device is stored.
  • the at least one predetermined subset of clauses comprises at least two secret keys.
  • Each of the at least one predefined set of keys represents a unique subset of at least one predetermined set of keys, which is predetermined jointly for a plurality of devices.
  • the apparatus includes a predetermined identifier that is representative of that key of the at least one predeterminedfurelmenge in the at least one predeterminedbreelteilmenge are contained ⁇ th.
  • the predetermined identifier is formed as a function of the keys contained or not contained in the at least one predetermined key subset.
  • the at least one predefined set of key parts is uniquely predetermined, that is, the predetermined key subset of different devices are different.
  • the predetermined identifier is also clearly specified. This has the advantage that the predetermined identifier of the device can be easily used to the device clearly identi ⁇ fied, as compared to other devices. Furthermore, it can be determined very easily based on the given identifier, which key the device has, without having to examine the contents of the key memory. This information can be used to authenticate the device or a message sent by it.
  • the predetermined identifier comprises a sequence of predetermined symbols. This sequence is at least as long as symbols are contained in the key set containing the largest number of secret keys. At least two different predefined symbols are provided. Each Posi ⁇ tion in the sequence of predetermined symbols, a respective key associated with each selmengen at least one of the predetermined Schlus-. By the given symbol At the respective position, the presence or absence of the key assigned to the respective position is coded in the at least one predetermined key subset.
  • At least two predetermined key sets are predetermined and each of the at least two predetermined key sets is assigned a different symbol.
  • the respective symbol at each position encoding the presence or absence of the associated position of the respective key in the labeled in by the respective symbol ⁇ recorded predeterminedkorilmenge. That is, the symbol at the respective position indicates from which of the predetermined key sets the key is derived, which is assigned to the respective position.
  • the sequence of predetermined symbols is a sequence of bits.
  • the default symbols are the binary values one and zero.
  • the predetermined identifier can be designed to be particularly compact and is particularly easy to process.
  • the device is designed to determine in each case at least one test value with at least two of the keys of the at least one predetermined key subset depending on the data to be sent. The device is also designed for
  • the device can check and so can detect manipulation. This applies in particular to the case in which a test value is determined for each key of the at least one predetermined key subset of the device and attached to the message.
  • the apparatus is adapted for receiving messages from a network, the data, the predetermined identifier of a sender of the respective message, at least two Prufcha and ⁇ appropriate, include gege each case a final diesel detection for each of the at least two Prufute.
  • the device is designed to check each message depending on the respectively received predetermined identifier of the sender of the respective message and a respective number and order of the received at least two test values and / or the possibly received key identifications of the at least two test values. When checking the respective message, it is checked whether, for each of the at least two test values in the received predefined identifier of the sender, it is indicated that the respectively associated key is contained in the at least one key-part set assigned to the sender.
  • the apparatus is adapted for receiving messages from a network, the data, the predetermined identifier of a sender of the respective message, at least two Prufute and ⁇ appropriate, include gege each case a final diesel detection for each of the at least two Prufute.
  • the device is further configured to check each message depending on the respectively received predetermined identifier of the sender of the respective message and a respective number and order of the received at least two Prufonne and / or optionally received key identifications of the at least two Prufute, which key for determining the each test value was allegedly used.
  • the device is designed to check the respective test value if the key supposedly used for determining the respective test value is stored in the key memory, depending on this stored key.
  • the device is designed to add a test documentation to the received message indicating for which keys of the at least one predetermined key quantity the checking of the associated check value of the received message was successfully performed. Furthermore, it is advantageous if the device is designed to send the message over the network.
  • the advantage is that be ⁇ already checked Prufute where appropriate, need not be checked again on ⁇ , preferably those Prufute can be checked the message that have not yet been berpruft u. As a result, a available computing capacity of the device for checking the test values can be used particularly efficiently.
  • the device is designed for determining each of at least one Prufwerts with at least one of the key min ⁇ least a predeterminedbandelteilmenge dependent on the Pruf collectionation. Furthermore, it is advantageous if the device is designed to add the at least one test value to the message. This has the advantage that an unauthorized manipulation of the test documentation is easily ascertainable by checking this at least one test value.
  • the apparatus is adapted for receiving messages from a network, the data, the predetermined identifier of a sender of the respective message, at least two and Prufock min ⁇ least comprise a Pruf collectionation.
  • the device is designed to send the respective message to a next device in the network, wherein the next device is selected depending on its predetermined identifier and the received test documentation.
  • the device is designed as a node for a sensor network, which is uniquely identifiable in the sensor network by its predetermined identifier.
  • the invention is characterized by a configuration method and a corresponding configuration device for configuring a device that comprises a key memory.
  • At least one specified differently bene fitnesselteilmenge for the apparatus is determined and the device assigned to and stored in thefarel Liste.
  • a predetermined identifier is determined for the device and the device associated with which is re presentative ⁇ as to which key of a predeterminedfurge in the one specified differently surroundedbandelteilmenge are included at least at least.
  • the predetermined identifier is formed as a function of the keys contained or not contained in the at least one predetermined key subset and predefined for the device.
  • the at least one predefined set of key parts is specified unambiguously, that is to say the predetermined key subset quantities of different devices are subordinate to one another. different.
  • the predetermined identifier is also uniquely specified ⁇ . This has the advantage that the predefined identifier of the device can be used very simply to uniquely identify the device, for example compared to other devices. Furthermore, based on the given identifier, it is very easy to determine which keys the device has, without having to examine the contents of the key memory . This in ⁇ formation can be used to authenticate the device or despatched by this news.
  • the configuration method and the configuration device may also be designed to configure devices according to one of the advantageous embodiments of the first aspect.
  • the invention is characterized by a system comprising at least two of the devices according to the first aspect, which are coupled together to form a network.
  • FIG. 1 shows an overview of an assignment of keys from predefined sets of keys to predetermined key shares and to nodes
  • FIG. 2 shows a formation scheme for a given identifier of a respective node
  • FIG. 3 shows a first embodiment of a message
  • FIG. 4 shows a second embodiment of a message
  • FIG. 5 is a flowchart of a program for sending a message
  • FIG. 6 is a flow chart of a program for receiving
  • Figure 7 is a flow chart of a program for configuring a node
  • FIG. 8 shows a network formed by a plurality of nodes or
  • At least one predefined set of keys Kx with a large number of secret keys is specified in common for several devices (FIG. 1).
  • the devices may also be referred to as node N.
  • the devices are designed as nodes N for a network and in particular as sensor nodes for a sensor network. Examples of playing the respective sensor node comprises at least egg ⁇ NEN sensor.
  • the nodes N are each designed to form an ad hoc network or an ad hoc sensor network with at least one further node N and to exchange data DAT with one another.
  • the data DAT are, for example, sensor data which were acquired by means of the at least one sensor of the respective sensor node or were determined as a function of such detected sensor data.
  • Each node N is assigned at least one predetermined set of key parts Kxn.
  • the respective at least one specified differently bene bandelteilmenge Kxn representing a unique subset of each of the at least one predetermined soundelmenge Kx.
  • Each node N comprises a key memory MEM.
  • the keys of the at least one predetermined key subset Kxn assigned to the respective node N are stored in its key memory MEM.
  • a first node is Nl, a second node N2 and a third node N3 provided. Each of these nodes has in each case the key memory MEM.
  • the first node Nl is a first predetermined set of key parts KIl ⁇ ordered, which is a unique subset of a first predetermined key set Kl.
  • a second predetermined stretchelteilmenge K12 and the third node associated with a third predetermined amount conveyelteil ⁇ K13 N3 which are each a unique subset of the first predeterminedhornelmenge Kl to the second node N2.
  • a definite subset is to be understood as meaning that the predetermined key subset Kxn, that is to say, for example, the first, second and third predefined key subset KI1, K12, K13, differ from each other by at least one key.
  • a second predeterminedFelmenge KO can be determined, from which a fourth predeterminedFel ⁇ subset glycol, a fifth and a sixth predeterminedbandelteilmenge K02 predeterminedbreelteilmenge K03 are formed as unambiguous subsets of the second predeterminedbreelmenge KO. It may further be provided that the fourth predetermined set of key parts KOl the first node Nl, the fifth predetermined Mathteilteilmenge K02 the second node N2 and the sixth predeterminedbreelteilmenge K03 the third node N3 is assigned and the keys of the respective predeterminedbreelteilmenge Kxn in the respective key memory MEM are stored.
  • Kxn be provided. Furthermore, more than two predefined key sets Kx can also be specified in common for the nodes N.
  • the keys in the at least one predetermined quantitativekinel ⁇ Kx so, for example, in the first predeterminedfelelmenge Kl and the second predetermined amountfarel ⁇ KO, in particular secret key.
  • the keys are usable in particular for cryptographic methods, for example for symmetric encryption or for determining test values P.
  • the keys assigned to the respective nodes N are stored securely and protected against manipulation in the respective key memory MEM.
  • Each node N has a predetermined identifier ID.
  • the first node Nl has a first predetermined identification IDl, the second node N2, a second predetermined identification ID2 and the third node N3 a third predetermined identifier ID3 on.
  • the respective predetermined identifier ID is unique for each ⁇ wells the corresponding node N. This is because ⁇ achieved by that the respective predetermined identifier ID is formed from ⁇ hangig of the keys, the at least one uniquely predeterminedbandelteilmenge Kxn are contained in, which is assigned to the respective node N.
  • the respective predetermined identifier ID preferably comprises a sequence of predetermined symbols for this purpose.
  • the predetermined symbols one and zero are provided.
  • the keys in the respective predefined set of keys Kx are, for example, numbered consecutively or have a key identification. Depending on the respective number or key identifier, each key is assigned to a position i in the sequence of the predefined symbols. For example, the equivalent
  • the respective final diesel detection represents the particular number or position i or allows in a different way to a unique ⁇ order of each key to one of the positions i.
  • the basic education scheme is shown by way of example for the first predetermined identifier ID1 of the first node N1.
  • the first node Nl is only the first predeterminedunelteilmenge Kil supplied ⁇ assigns, but not the fourth predeterminedbandelteilmen ⁇ ge col.
  • the predetermined symbol To use one in the sequence of the given symbols in order to indicate that the key of the first predetermined key quantity K associated with the respective position i is contained in the first predetermined key subset KI1 assigned to the first node N1 and thus also stored in its key memory MEM is.
  • the predetermined symbol zero at the respective position i is used in the sequence of the predefined symbols in order to indicate that the key assigned to the respective position i is the first predetermined one
  • the predetermined symbols are used to distinguish two or more than two predetermined key subset Kxn, which are assigned to the respective node N.
  • the predetermined symbol one according to the first embodiment is provided for identifying those keys of the first predetermined key subset KI1 that are known to the first node NI.
  • the predetermined icon can be provided to zero, to indicate that the i associated with the respective position keys of the second predeterminedunelmenge KO is included in the fourth predeterminedShelteil ⁇ quantitative KOL and thus also in the bandelspei ⁇ cher MEM of the first node Nl stored is.
  • the respective predetermined symbol on the per ⁇ bib position is indicated i, which is the predeterminedfelelmengen Kx of the respective associated key.
  • predetermined symbols there are at least two pre-admit ⁇ ne symbols. Further, when more than two predeterminedfurelmengen Kx any of these predeterminedfurelmengen Kx is preferably at least arranged a predetermined symbol to ⁇ .
  • the sequence of predefined symbols is a sequence of binary bits.
  • the symbols are given preference ⁇ , as binary values one and formed zero.
  • the pre ⁇ given symbols and the sequence of predetermined symbols can also be designed differently.
  • each of the predetermined key subset quantities Kxn preferably has the same number of keys among each other, so that each node N has the same number of keys in its respective key memory MEM.
  • the predetermined key sets Kx preferably also have the same number of keys each other.
  • the respective predetermined identifier ID of the respective node N is provided for a unique identification of the jewei ⁇ time node N in the network that is formed from at least two and preferably at least four nodes N.
  • the nodes N are designed to send messages MSG to other nodes N and / or to receive such messages MSG.
  • FIG. 3 shows an example of the structure of such a message MSG.
  • the message MSG comprises the predetermined identifier ID of a sender of the message MSG.
  • the one node N to be the ex ⁇ sender of a message MSG is also referred to as a sender node Na. It may also be advantageous, given the prior ⁇ identifier ID of a desired consignee of the post-Judges MSG in each message MSG to code.
  • Derje ⁇ Nige node N which is the desired recipient of a message MSG is also referred to as a destination node Nz.
  • the message MSG comprises the data DAT to be transmitted, which may also be referred to as user data and which includes, for example, sensor data.
  • the data DAT can also be, for example, administrative data or control data for managing or controlling the network or Sen ⁇ sornetzwerks.
  • the data DAT may include infor mation on ⁇ other nodes N by which the jewei- leaf node N communicates directly or indirectly.
  • Such information may also be referred to as routing information.
  • the next node nN is either the destination node Nz if the sender node Na is directly connected to the destination node Nz or an intermediate node Ni if the sender node Na is only indirectly, ie via at least one intermediate node Ni, associated with the destination node Nz. Accordingly, the next node nN, starting from one of the intermediate nodes Ni, can be the destination node Nz or else a further intermediate node Ni.
  • the message MSG comprises at least two test values P which were respectively determined as a function of the data DAT and of one of the keys assigned to the sender node Na in accordance with the at least one predetermined key subset Kxn assigned to it.
  • the test values P are determined according to a message authentication code, which can also be referred to as a message authentication code, or MAC for short.
  • the test values P can but also be determined differently.
  • the sender node Na is preferably configured to determine for each stored in the MEMconfel precede a key Prufwert P and be attached to the message MSG. However, it can also be provided to determine the test value P for only a few of these keys and to attach them to the message MSG.
  • the message MSG may also, in Figure 3 is not Darge ⁇ presented include information such as a sequence number payers. Furthermore, it can be provided that the respective
  • Prufwert P not only dependent on the data DAT to determine, but also depending on, for example, the sequence number payer and / or a source and / or destination address, that is, for example, depending on the given identifier ID of the sender and / or the desired Receiver of the message MSG.
  • the respective message MSG can be the Zielkno ⁇ th Nz not directly sent by the sender node Na, i.e., the message MSG must if necessary be routed via one or more intermediate nodes Ni, each having a node N of the network Bezie ⁇ hung example sensor network form.
  • the respective node N which is used for the message MSG as an intermediate node Ni ⁇ or representing the destination node Nz checks the message MSG to possible tampering, and in particular ⁇ sondere authenticity.
  • the respective nodes N and in particular ⁇ sondere intermediate node Ni is therefore preferred to recoverbil ⁇ det to check whether the Prufonne P that have been received with the message MSG, also from the sender node Na ermit- telt could be, that is, whether the sender node Well according to its given identification ID also has the necessary keys. Furthermore, it can be provided to check a number of the test values P in the message MSG, in particular if it is provided that a test value P of the respective message MSG is added for each key known to the sender node Na.
  • the respective node N is one of the intermediate nodes. node Ni or the destination node Nz, trained to check the correctness of those test values P, for which this has itself the key required in each case. If the key memory MEM of the respective intermediate node Ni or of the destination node Nz thus contains keys which also have the sender node Na and if the message MSG has test values P determined by one of these keys, then the respective intermediate node is Ni or destination node Nz able to check with its own key the respective check value P as a function of the data DAT and possibly further information of the message MSG. For checking, the respective intermediate node Ni or the destination node Nz determines, for example, the associated check value P new and compares this with the check value P in the message MSG.
  • the message MSG has been altered or tampered with by the sender node Na.
  • such a message MSG is discarded and possibly not sent to another intermediate node or to the destination node Nz.
  • the respective intermediate node Ni preferably adds a test documentation PD to the message MSG, in which it is documented for which keys the respective test value P was successfully checked.
  • FIG. 4 shows, by way of example, the structure of such a message MSG.
  • the check documentation PD is embodied as a sequence of binary values, in which, for example, a binary one at the respective position i indicates that the check value P in the message MSG which was determined with the key assigned to the position i according to the predetermined identifier ID, was successfully checked. Accordingly, a binary zero indicates that a check could not be carried out, for example because the respective intermediate node Ni does not have the key assigned to the respective position i.
  • the test documentation PD can also be formed differently. Furthermore, provision may also be made for not determining the test documentation PD and the Add MSG message.
  • the respective intermediate node Ni the refinedfugt the message MSG the Pruf collectionation PD, also trained det to determine at least one Prufwert P dependent on the Prufdoku ⁇ mentation PD and add the message MSG is preferred.
  • the test documentation PD can also be checked for unauthorized manipulations by other intermediate nodes Ni or by the destination node Nz.
  • test values P are determined as a function of the test documentation PD and added to the message MSG.
  • the respective intermediate node Ni is preferably designed to also add its predefined identifier ID to the message MSG.
  • the checking of the test values P, which were determined as a function of the test documentation PD is possible in accordance with the checking of the test values P, which were determined as a function of the data DAT.
  • the respective intermediate node Ni represents the sender node Na, which has added the check documentation PD and the associated at least one check value P to the message MSG.
  • FIG. 5 shows a flow diagram of a program for sending the data DAT.
  • the program is preferably executed by the sender node Na.
  • the program starts in a step Sl.
  • the data DAT ermit ⁇ telt and possibly prepared suitable for shipping.
  • test values P for at least two and preferably for all keys stored in the key memory MEM are determined as a function of the data DAT.
  • the message MSG is assembled.
  • the message MSG comprises the predetermined identifier ID of the sender derknotens Na, data DAT, and the ermit ⁇ telten in the step S3 Prufonne P.
  • the message MSG may also include the predetermined identification ID of the target node Nz or other destination address and possibly other information , to the Example, the sequence number payer include.
  • the test values P determined in step S3 can also be formed as a function of the given identifier ID of the sender node Na and / or the destination node Nz and / or the other destination address and / or the further information.
  • the message MSG is sent in step S4 to the next node nN, thus possibly to one of the intermediate nodes Ni or to the destination node Nz.
  • the program ends in step S5.
  • Figure 6 shows a flow diagram of a program for receiving and checking messages MSG.
  • the program is executed in particular by an intermediate node Ni between the sender node Na and the destination node Nz. However, the program can also be executed by the destination node Nz.
  • the program starts in a step S6.
  • a step S7 the message MSG is received.
  • the message MSG comprises the predetermined identifier ID of the sender node Na, the data DAT, the Prufonne P of the sending node Na and optionally the test documentation PD and optionally further comprising a Prufwert P or more Prufonne P of the intermediate node Ni, the message MSG previously ge ⁇ has checked.
  • the Prufwert P or P Prufonne the intermediate ⁇ node Ni are particularly dependent on the Pruf collectiona- tion PD determined.
  • several functions are sketchinga- PD and associated Prufonne P of the message MSG beige ⁇ adds, for example, if the message MSG has already been tested by two or more than two intermediate nodes Ni.
  • each check value P is provided with a key ID in the message MSG.
  • the checking then comprises, for example, checking the predetermined identifier ID of the respective node N and the respective key identifier which is associated with the respective check value P determined by the respective node N.
  • the checking may alternatively or additionally also be dependent on a number and / or sequence of the test values P in the message and on the given identifier ID of the sender node Na or intermediate node Ni.
  • each Prufute P for each of the respective node N known key determined and the message MSG to be Added can be very a ⁇ repeatedly checked whether the respective nodes N are known for each according to its predetermined identifier ID code of the message MSG in each case a Prufwert P is attached.
  • it can be provided to determine from the sequence of the test values P in the message MSG which position i and thus which key belong to the respective test value.
  • checking may alternatively or additionally also relate to that corresponding for keys that are known to the respective message MSG receiving node N, the Prufen P itself are checked, for example by New ⁇ calculate the respective Prufwerts P and comparing it with the Check value P in the message MSG.
  • step S9 the message MSG is discarded before ⁇ preferably and the program be completed ⁇ in a step S.
  • the mistake or the discrepancy can be a hint be that the message MSG has been changed without authorization or that the sender node Na or one of the possibly existing intermediate node Ni have falsified their predetermined identifier ID.
  • step S8 it is checked in a step S11 whether the message MSG is addressed to the node N currently executing the program, ie whether the node N currently being checked is the destination node Nz. If this condition is met, then the program is terminated in step S10. The data DAT can then be supplied to the optionally provided further processing in the destination node Nz.
  • test documentation PD may be provided in a step S12 and, if appropriate, dependent thereon To determine test values P.
  • a step S13 may be provided in which the next node nN to which the message MSG is to be sent next is determined.
  • the next node nN is selected depending on its predetermined identifier ID and on the test documentation PD. If a plurality of next nodes nN are available for selection, then the message MSG is preferably forwarded to node N, which passes via as many as possible those keys have been included for the previously unverprufte Prufache P in the message MSG. For which key the verification has already been successfully carried out is documented in the test documentation PD. In this way it can be achieved that as many of the test values P that were added by the sender node Na to the message MSG are checked on their way to the destination node Nz. Unauthorized manipulations of the message MSG and in particular the predetermined identifier ID of the Abenderderknoten Na are so particularly reliable recognizable and the authenticity of the sender node Na and / or the message MSG can be determined particularly reliable.
  • step S14 the message MSG is collected and, optionally, the Added determined in step S12 Prufdo ⁇ mentation PD and associated Prufonne P of the message MSG. Furthermore, the message MSG is forwarded to the next node nN. The program ends in step S10.
  • Figure 7 shows a flow chart of a program for centering configurations of the respective node N.
  • the program will ⁇ example as performed by the configuration device KV, which is shown in FIG. 1
  • the program starts in a step S15.
  • a respective pre ⁇ addedkorilmenge Kxn is determined as a unique subset of the predeterminedbreelmenge Kx.
  • two or more than two predetermined key subset quantities Kxn can be determined from two or more than two predefined key sets Kx.
  • the predetermined identifier ID for each node N is determined dependent on the respective predeterminedunelmenge Kx and especially the numbering of the key in the respective predeterminedbreelmenge Kx and dependent on the respective pre give ⁇ NENFFelteilmenge Kxn.
  • the determination of the respective given identifier ID takes place, for example, as the sequence of the predefined symbols, which is representative of which
  • Key of the at least one key set Kx are contained in the je ⁇ termigen predetermined key subset Kxn.
  • the respective predetermined identifier ID is assigned to the respective node N and stored in this node. The method ends in a step S20.
  • FIG. 8 shows, by way of example, the network, and in particular the sensor network, which is formed from a plurality of nodes N.
  • a network or sensor network of node N may also be referred to as a system.
  • the nodes N are interconnected by dashed connections.
  • these compounds are designed as radio links.
  • the connections can also be designed as cable connections.
  • FIG. 8 shows by way of example a path of a message MSG from the sender code Na to the destination node Nz via three intermediate nodes Ni.
  • all nodes N of the network or sensor network are of similar design.
  • the nodes N are preferably designed so that these sender nodes can be Na, intermediate nodes Ni or destination nodes Nz for messages MSG that are sent in the network or sensor network.
  • each node N is the other node of the network N or the transmitter sornetzwerks communicate with each ⁇ and exchange data DAT.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un dispositif comportant une mémoire de codage (MEM) dans laquelle au moins une quantité partielle de codage (Kxn) prédéfinie, affectée au dispositif, est enregistrée. La ou les quantités partielles de codage (Kxn) prédéfinies comportent au moins deux clés secrètes. La ou les quantités partielles de codage (Kxn) prédéfinies représentent respectivement une quantité partielle univoque d'au moins une quantité de codage (Kx) prédéfinie communément pour plusieurs dispositifs. Ledit dispositif comporte un identifiant prédéfini (ID) représentatif des clés de la ou des quantités de codage (Kx) prédéfinies, contenues dans la ou les quantités partielles de codage (Kxn) prédéfinies.
PCT/EP2008/052470 2007-03-16 2008-02-29 Dispositif, système, procédé de configuration et dispositif de configuration WO2008113669A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE200710012751 DE102007012751B4 (de) 2007-03-16 2007-03-16 Vorrichtung, System, Konfigurationsverfahren und Konfigurationsvorrichtung
DE102007012751.2 2007-03-16

Publications (1)

Publication Number Publication Date
WO2008113669A1 true WO2008113669A1 (fr) 2008-09-25

Family

ID=39643844

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2008/052470 WO2008113669A1 (fr) 2007-03-16 2008-02-29 Dispositif, système, procédé de configuration et dispositif de configuration

Country Status (2)

Country Link
DE (1) DE102007012751B4 (fr)
WO (1) WO2008113669A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110231914A (zh) * 2018-03-05 2019-09-13 三星电子株式会社 数据存储装置及其操作方法

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030081792A1 (en) * 2001-10-26 2003-05-01 Toshihisa Nakano Digital work protection system, key management apparatus, and user apparatus
US20030133576A1 (en) * 2000-10-18 2003-07-17 Frederic Grumiaux Generation of a common encryption key
US20030182565A1 (en) * 2001-03-29 2003-09-25 Toshihisa Nakano Data protection system that protects data by encrypting the data
US20030194091A1 (en) * 1999-10-18 2003-10-16 Wajs Andrew Augustine Method for distributing keys among a number of secure devices, method for communicating with a number of secure devices, security system, and set of secure devices
WO2005114901A1 (fr) * 2004-05-19 2005-12-01 Philips Intellectual Property & Standards Gmbh Clé de multiplexage émettan un plan pour satisfaire les découpages techniques grands et moyens ainsi que les demandes des utilisateurs moins importants.

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6195751B1 (en) * 1998-01-20 2001-02-27 Sun Microsystems, Inc. Efficient, secure multicasting with minimal knowledge
GB0126426D0 (en) * 2001-11-03 2002-01-02 Royal Holloway University Of L Authentication of a remote user to a host in a data communication system
DE102004049026B4 (de) * 2004-10-05 2007-06-21 Nec Europe Ltd. Verfahren zur Authentifizierung von Elementen einer Gruppe

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030194091A1 (en) * 1999-10-18 2003-10-16 Wajs Andrew Augustine Method for distributing keys among a number of secure devices, method for communicating with a number of secure devices, security system, and set of secure devices
US20030133576A1 (en) * 2000-10-18 2003-07-17 Frederic Grumiaux Generation of a common encryption key
US20030182565A1 (en) * 2001-03-29 2003-09-25 Toshihisa Nakano Data protection system that protects data by encrypting the data
US20030081792A1 (en) * 2001-10-26 2003-05-01 Toshihisa Nakano Digital work protection system, key management apparatus, and user apparatus
WO2005114901A1 (fr) * 2004-05-19 2005-12-01 Philips Intellectual Property & Standards Gmbh Clé de multiplexage émettan un plan pour satisfaire les découpages techniques grands et moyens ainsi que les demandes des utilisateurs moins importants.

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110231914A (zh) * 2018-03-05 2019-09-13 三星电子株式会社 数据存储装置及其操作方法
CN110231914B (zh) * 2018-03-05 2024-04-09 三星电子株式会社 数据存储装置及其操作方法

Also Published As

Publication number Publication date
DE102007012751A1 (de) 2008-09-18
DE102007012751B4 (de) 2008-11-20

Similar Documents

Publication Publication Date Title
DE69922157T2 (de) Authentifizierung elektronischer Daten
WO2022028975A1 (fr) Système et procédé pour vérifier des composants d'un système de contrôle industriel
EP1352497B1 (fr) Procede pour controler un reseau et reseau correspondant
WO2016034349A1 (fr) Procédé de transmission série d'une trame par un système de bus d'un émetteur à au moins un récepteur et station abonnée pour un système de bus
DE102014111361A1 (de) Verfahren zum Betreiben einer Sicherheitssteuerung und Automatisierungsnetzwerk mit einer solchen Sicherheitssteuerung
DE112016004438T5 (de) Bordkommunikationssystem
WO2009130022A1 (fr) Dispositif de stockage de données réparti
DE102008053369A1 (de) Verfahren zur Challenge-Response-Authentisierung zwischen einem Lesegerät und einem Transponder basierend auf einer kontaktlosen Datenübertragung
DE102016205122A1 (de) Verfahren zum Austausch von Nachrichten zwischen sicherheitsrelevanten Vorrichtungen
DE102018200318A1 (de) Absicherung eines Softwareupdates eines Steuergerätes eines Fortbewegungsmittels
WO2008113669A1 (fr) Dispositif, système, procédé de configuration et dispositif de configuration
DE10134228A1 (de) Verfahren und System zur Verbesserung von Funktionsfernaufrufen
EP4018300A1 (fr) Procédé de configuration pour un système de signalisation ferroviaire et système de mise à jour
EP2618226A1 (fr) Système d'automatisation industriel et son procédé de protection
DE102019122806A1 (de) Kryptografische Vorrichtung
EP2131316A1 (fr) Procédé d'authentification et système d'authentification pour produits
DE102014119214A1 (de) Verfahren zur Überprüfung wenigstens eines Telegramms
DE102021210902A1 (de) Techniken zum detektieren eines eindringens in ein bussystem
EP2056535A2 (fr) Liant et procédé destinés à la préparation d'un accès à un réseau de traitement de données pour un dispositif de traitement de données
DE4125812C2 (de) Verfahren zur signaltechnisch sicheren Datenübertragung
DE102015216886A1 (de) Verfahren, Vorrichtung und Computerprogramm zum Betreiben einer Datenverarbeitungsanlage
AT513807B1 (de) Anlage zur Identifikation von Personen
EP1529257A2 (fr) Procede pour transferer au moins un enregistrement provenant d'une source de donnees externe dans une unite de calcul et unite de calcul correspondante
WO2018114101A1 (fr) Procédé de vérification d'une attribution à un mandant, produit programme informatique et système d'automatisation comportant des appareils de terrain
DE102012203958A1 (de) Verfahren zum Betreiben eines Netzwerks

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08717251

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08717251

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载