DE3340582A1 - Electronic crypto-memory module - Google Patents

Abstract

The invention relates to a crypto-memory module (1) having a data memory (2) which can be loaded and deleted electrically from the exterior, and a crypto-generator (3). The data memory has an external input (6) for loading, but no output for reading its contents outside the crypto-memory module. <IMAGE>

Description

Electronic key storage module

Electronic used to encrypt data or voice Key devices require a so-called basic key as a secret element.

This basic key is used in modern key devices via a electrical or optical interface entered and stored in an electronic memory stored and / or used to preset the key algorithm.

You can use different Data carriers and input devices are used, e.g. punched tape and tape reader. Electronic, portable memory modules are increasingly being used for this purpose, in which the key or keys are stored in, for example, RAM memories that are processed by a battery are buffered. These memory modules can now be connected to the or Several keys to be loaded key device are plugged in to the key over the connection established in this way.

Because the basic key (s) is the most important secret element in key technology It is important to prevent misuse or betrayal of the stored key reliably prevent.

Today one tries to do this in general through organizational measures to reach: You are only entrusted with the delivery of the key material in a special way committed, trustworthy staff.

It would of course be better to find a process that will result in betrayal of the key material during the transport by technical means, independently by the reliability of the staff.

A theft of the complete one loaded with the secret keys The key module would be noticed immediately, as in this case it would not be with the recipient arrives. The keys would then not be used at all and would therefore be for worthless to the thief.

Another way to steal the keys would be to use them during transport by means of a suitable auxiliary device from the storage module to copy.

Also a device in the key memory module that has a multiple Reading out a key is prevented by storing it in memory after it has been issued immediately extinguishes does not offer significantly increased security: the thief could write the copied keys back to the key storage module or a key memory module that looks and works the same with the Load stolen keys and send them to the rightful recipient.

The object of the invention is therefore to provide the possibility of the content of a To copy the key storage module, to prevent securely with technical means.

This is shown schematically in FIGS.

The key storage module is labeled 1. It contains the data store 2 and the connected key generator 3. The key generator preset takes place via data B that can be supplied directly from outside via input 4 in connection with data A taken from the data memory 2 and sent to the key computer 3 via the input 8 can be fed. The key generator 3 has an output 5, Via which a basic key C generated by the key generator 3 is connected to a Key device is supplied. The data memory 2 has an external input 6 to the shop; however, it is not an exit for reading out its contents outside of the Key memory module 1 available. The data memory 2 can be divided into several memory areas a, b ... f be divided by externally addressable via input 7 are. You will preferably design the memory so that its content after a specified number n = 1 readouts is automatically deleted. As storage a so-called RAM with power supply from a built-in battery is suitable. As a key generator 3, a block cipher generator is used, which is preferably used as a DES (see Nat.Bur. Stand.

(US) Fed.Info.Process. Stand. Publ. (FIPS PUB) 46, 17 Pages (1977, Jan. 15)) is trained. The data A taken from the data memory 2 can be used and the externally supplied data B to the two inputs 4, 8 of the key generator Add 3 in mixed form and / or add to each other beforehand (modulo 2).

From the European patent specification 22 069 it is already known the key storage module (called "key holder" there) with a quartz watch equip that the key can only be read out during certain "time windows" releases and thus an unauthorized reading of the stored key before the prevented a predetermined time.

However, this has some disadvantages, most notably that the saved Keys can only be used at the specified times. The memory modules can therefore not be "loaded on stock and placed ready. This requires complex organizational measures. In the method according to the invention or the method according to the invention Circuit arrangement, these disadvantages are avoided.

The basic idea of the invention is that the key storage module can never output its actual memory content directly, but that a Basic key to be issued only when called up by the key device to be loaded by a key generator integrated in the key memory module from a in the Key module stored secret source key'1 and one of the to be loaded Key device "additional key" supplied to the key memory module is calculated will.

A decryption of a cryptogram is therefore only possible if the same basic key for the recipient and, in order to achieve this, the same source key and additional key is available, as with the sender. The source key cannot be read out and thus not copied by a thief. The additional key is only generated when it is ensured that the key storage module at the legitimate Has arrived. The thief has no way of getting himself to have a basic key used later issued in advance. If the additional key consists of e.g. 30 bits, the probability is that the thief will try randomly comes across a correct basic key equal to 2 -30 or less than 10 -10 The additional key can be used when creating a cryptogram using generated by a random bit sequence generator and sent to the recipient together with the cryptogram be transmitted. This can also be done with most key devices anyway required "slogan key" or "initializing variable" can also be used.

Claims (6)

Claims: 4 key storage module (1), characterized in that that it contains an externally electrically chargeable and erasable data memory (2) and a key generator (3) which by means of data (A) from this data memory (2) and data (B) that can be supplied directly from the outside can be preset and that output (5) is available via which a basic key generated by this key generator (3) (C) can be fed to a connected encryption device, the data memory (2) an external input (6) for loading the same, but no output for reading it out its content outside of the key storage module (1). 2. Key memory module according to claim 1, characterized in that that the data memory (2) is divided into several memory areas (a, b ... f), which can be addressed from the outside (7 Fig. 2). 3. Key memory module according to claim 1 or 2, characterized in that that the content of a memory area (a, b, ... f) of the data memory after a predetermined number of n readouts is deleted, where n a is 1. 4. Key memory module according to one of the preceding claims, characterized in that the data memory (2) is provided by a RAM with a power supply is realized by a built-in battery. 5. Key memory module according to one of the preceding claims, characterized in that a block cipher generator is used as the key generator (3) is used, the data A from the data memory (2) to the key generator input and the data (B) that can be supplied directly from the outside to the plain text or ciphertext input and the basic key (C) given at the exit (5) to the secret or plain text output is taken. 6. key memory module according to claim 5, characterized in that that the data (A) taken from the data memory (2) and the externally supplied Data (B) the two inputs 8,9 of the key generator (3) in mixed order are supplied and / or also partially added to each other beforehand (modulo 2).