Component for processing a protectable datum and method for implementing a security function for protecting a protective datum in such a component
US-10303886-B2 · May 28, 2019 · US
Method for secure usage of cryptographic material
US11764957B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11764957-B2 |
| Application number | US-202117926718-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 7, 2021 |
| Priority date | May 22, 2020 |
| Publication date | Sep 19, 2023 |
| Grant date | Sep 19, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for secure usage of cryptographic material in networked system components provided with the cryptographic material in which a lifecycle of every system component includes at least one development phase and one production phase. The entire cryptographic material is at least directly securely marked as development or production material. Each system component has a binary state flag showing which phase the system component is in and which is secured against unauthorized manipulation. Each system component determines via an assessment function which phase it is in, according to which each system component carries out a check, during which the current phase and the marker of the cryptographic material are compared. Security measures are introduced if there is no agreement between the phase and the marker.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method for secure usage of cryptographic material in several system components of a networked system that are provided with the cryptographic material, wherein the lifecycle of every system component comprises at least one development phase and one production phase, the method comprising: at least directly securely marking the entire cryptographic material as development or production material, wherein each of the several system components comprises a binary state flag showing which phase the system component is in, wherein the binary state flag is secured against unauthorized manipulation; determining, by each of the several system components, using an assessment function, a current phase that the respective one of the several system components is in; checking, by each of the several system components, by comparing the current phase and a marker of the cryptographic material, wherein the marker of the cryptographic material indicates whether the cryptographic material is development phase cryptographic material or production phase cryptographic material; and introducing security measures when the check indicates that there is no agreement between the current phase and the marker, wherein the checking is performed a first time the several system components are booted up after preparing the cryptographic material or when the cryptographic material is being prepared for the respective system component in the system component, and the system component performs a plausibility test for the production phase if the assessment function determines that the system component is in the production phase, for which purpose predetermined conditions for the production phase are checked, wherein if at least one of the predetermined conditions is not fulfilled, security measures are introduced. 2. The method of claim 1 , wherein the marker of the cryptographic material or the binary state flag is secured via cryptographic measures. 3. The method of claim 2 , wherein the binary state flag is secured in a memory that can only be written once or is secured in a hardware security module. 4. The method of claim 1 , wherein the checking occurs in the system component. 5. The method of claim 1 , wherein the plausibility test occurs before the first checking and after the preparation of the cryptographic material, or before the cryptographic material is prepared for the respective system component in the respective system component. 6. The method of claim 1 , wherein the security measures comprise at least one warning message. 7. The method of claim 1 , wherein the security measures comprise a halting or a prevention of the preparation of the cryptographic material, wherein non-matching cryptographic material that is potentially already introduced is securely deleted in the system component. 8. The method of claim 1 , wherein the security measures comprise stopping implementation of the system component. 9. The method of claim 1 , wherein the networked system is a vehicle ecosystem.
Assignees
Inventors
Classifications
- G06F21/64Primary
Protecting data integrity, e.g. using checksums, certificates or signatures · CPC title
- H04L9/088Primary
Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms (network architectures or network communication protocols for using time-dependent keys in a packet data network H04L63/068) · CPC title
involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements (network architectures or network communication protocols for supporting authentication of entities using certificates in a packet data network H04L63/0823) · CPC title
involving digital signatures · CPC title
involving additional devices, e.g. trusted platform module [TPM], smartcard or USB · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11764957B2 cover?
- A method for secure usage of cryptographic material in networked system components provided with the cryptographic material in which a lifecycle of every system component includes at least one development phase and one production phase. The entire cryptographic material is at least directly securely marked as development or production material. Each system component has a binary state flag show…
- Who is the assignee on this patent?
- Mercedes Benz Group Ag
- What technology area does this patent fall under?
- Primary CPC classification G06F21/64. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 19 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).