IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0661512
(2005-08-02)
|
등록번호 |
US-8750522
(2014-06-10)
|
우선권정보 |
DE-10 2004 041 603 (2004-08-26) |
국제출원번호 |
PCT/DE2005/001358
(2005-08-02)
|
§371/§102 date |
20071218
(20071218)
|
국제공개번호 |
WO2006/021178
(2006-03-02)
|
발명자
/ 주소 |
- Moos, Rainer
- Schmidt, Klaus Dieter
- Breuer, Jörg
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
0 인용 특허 :
4 |
초록
▼
A method and security system is provided for the secure and unequivocal encoding of a security module, for example, a chip card. A security module may be personalized during the manufacturing process in a secure environment, the manufacturer storing a unique identifier (IDSM1) in a memory of the sec
A method and security system is provided for the secure and unequivocal encoding of a security module, for example, a chip card. A security module may be personalized during the manufacturing process in a secure environment, the manufacturer storing a unique identifier (IDSM1) in a memory of the security module. The secure encoding to ensure the uniqueness of the security module is achieved because the item of information to be kept secret and intended for the security module is encrypted not only by a communication key, but by the unique identifier (IDSM1) of the security module. This ensures that the item of information to be kept secret is able to be decrypted only by the security module with which the unique identifier (IDSM1) is associated, and used for safety-relevant applications.
대표청구항
▼
1. A method for secure and unequivocal encoding of a security module chip card, comprising: a secret first communication key and a unique identifier are stored in a security module in a secure environment;the unique identifier of the security module and a second communication key, which has a specif
1. A method for secure and unequivocal encoding of a security module chip card, comprising: a secret first communication key and a unique identifier are stored in a security module in a secure environment;the unique identifier of the security module and a second communication key, which has a specified relationship to the secret first communication key stored in the security module, are stored in a first secure device;an item of information intended for the security module is generated in the first secure device;the item of information is encrypted using the second communication key and the unique identifier of the security module, and stored in a storage device;the encrypted item of information is read out from the storage device and transmitted to the security module; and,using the secret first communication key and the unique identifier, the encrypted item of information is decrypted in the security module and stored therein,wherein the method prevents a physical separation of the processes of storing, separating, and generating by having the item of information be usable only by the security module chip card. 2. The method as recited in claim 1, wherein the encrypted item of information is stored in the storage device together with the unique identifier of the security module; a communication connection is established between the security module and the first or a second secure device;the unique identifier is transmitted from the security module to the first or the second secure device via the communication connection;in response to the received unique identifier, the associated encrypted item of information is read out from the storage device and transmitted to the security module. 3. The method as recited in claim 1, wherein the unique identifier and the secret first communication key are stored in the security module during its manufacture. 4. The method as recited in claim 1, wherein the item of information intended for the security module, and the unique identifier of the security module are encrypted in the first secure device using the second communication key and the unique identifier; the encrypted item of information and the encrypted unique identifier are decrypted in the security module;the decrypted unique identifier is compared to the unique identifier stored in the security module; andthe decrypted item of information is stored in the security module if the two unique identifiers match. 5. The method as recited in claim 1, wherein the item of information includes a cryptographic key and is stored in a secure area of the security module. 6. The method as recited in claim 1, wherein the second communication key corresponds to the first secret communication key or represents the public key of the manufacturer of the security module. 7. A security system for secure and unequivocal encoding of at least one security module, in particular a chip card, comprising: a generator, the generator outputting at least one secret first communication key and at least one unique identifier;an interface via which the at least one secret first communication key and the at least one unique identifier into a specific security module are inputted;a first secure device, which includes a storage device for storing the respective unique identifier of the security module and at least one second communication key, which has a specified relationship to the secret first communication key stored in the security module, an information generator to output an item of information intended for the security module, and an encryption device, which is designed to encrypt the item of information using the second communication key and the unique identifier of the security module;a storage device which stores the encrypted item of information and the associated unique identifier;an encoding device connectable to the security module, the encoding device requesting the unique identifier of the security module, to read out the encrypted item of information associated with the unique identifier, from the storage device and to control the transmission of the encrypted item of information to the security module,the security module having a decryptor for decrypting the encrypted item of information using the secret first communication key and the unique identifier as well as a memory for storing the decrypted item of information,wherein the method prevents a physical separation of the processes of storing, separating, and generating by having the item of information be usable only by the security module chip card. 8. The security system as recited in claim 7, wherein the storage device and the encoding device are implemented in the first secure device. 9. The security system as recited in claim 7, wherein the encoding device is implemented in a second secure device; and the storage device is a mobile data carrier, which is able to be inserted into the first and second security device. 10. The security system as recited in claim 7, wherein, the encryption device is designed to encrypt the unique identifier of the security module; the decryption device is also designed to decrypt the encrypted identifier; and a comparison device for comparing the decrypted identifier to the unique identifier of the security module is provided, the decrypted item of information being stored in the memory if the two compared identifiers match.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.