Method and system for remotely keyed encrypting/decrypting data with prior checking a token
First Claim
1. A method for encrypting a message, comprising the steps of:
- receiving, by a host device, which is a microcontroller unit (MCU), the message to be encrypted;
after receiving the message to be encrypted, requesting, by the host device, a message key from a secure device, which is a secure element (SE) type of microcontroller;
generating, by the secure device, the message key using a secret key stored in the secure device and which is not communicated to the host device;
transmitting, by the secure device, the message key to the host device; and
after receiving the message key, encrypting, by the host device, the message to be encrypted using the message key;
wherein the method includes the prior steps of;
requesting, by the host device, a token from the secure device,generating the token by the secure device, and transmitting the token to the host device,wherein the step of requesting, by the host device, the message key comprises transmitting the token,wherein generating the token comprises encrypting a random number by means of the secret key,wherein the step of generating, by the secure device, the message key is preceded by a step of checking legitimacy of the token, andwherein the host device and the secure device are integrated with an embedded system that is a serial port device.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for encrypting a message by a host device includes requesting, by the host device, a message key from a secure device and generating, by the secure device, the message key using a secret key stored in the secure device and which is not communicated to the host device. The method further includes the prior steps of requesting, by the host device, a token from the secure device and generating the token by the secure device, and transmitting the token to the host device. The requesting, by the host device, of the message key includes transmitting the token. The generating, by the secure device, of the message key is preceded by checking the legitimacy of the token.
-
Citations
16 Claims
-
1. A method for encrypting a message, comprising the steps of:
-
receiving, by a host device, which is a microcontroller unit (MCU), the message to be encrypted; after receiving the message to be encrypted, requesting, by the host device, a message key from a secure device, which is a secure element (SE) type of microcontroller; generating, by the secure device, the message key using a secret key stored in the secure device and which is not communicated to the host device; transmitting, by the secure device, the message key to the host device; and after receiving the message key, encrypting, by the host device, the message to be encrypted using the message key; wherein the method includes the prior steps of; requesting, by the host device, a token from the secure device, generating the token by the secure device, and transmitting the token to the host device, wherein the step of requesting, by the host device, the message key comprises transmitting the token, wherein generating the token comprises encrypting a random number by means of the secret key, wherein the step of generating, by the secure device, the message key is preceded by a step of checking legitimacy of the token, and wherein the host device and the secure device are integrated with an embedded system that is a serial port device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 15, 16)
-
-
12. A method for decrypting a message, comprising the steps of:
-
receiving, by a host device, which is a microcontroller unit (MCU), the message to be decrypted; after receiving the message to be decrypted, requesting, by the host device, a message key from a secure device, which is a secure element (SE) type of microcontroller; generating by the secure device the message key using a secret key stored in the secure device and which is not communicated to the host device; transmitting, by the secure device, the message key to the host device; and after receiving the message key, decrypting, by the host device, the message to be decrypted using the message key; wherein the message to be decrypted is accompanied by a token generated by encrypting a random number by means of the secret key, and in that the step of generating, by the secure device, the message key is preceded by a step of checking legitimacy of the token, and wherein the host device and the secure device are integrated with an embedded system that is a serial port device.
-
-
13. An embedded system that is a serial port device for encrypting a message by a host device using a message key comprising:
-
a host device, which is a microcontroller unit (MCU); and a secure device, which is a secure element (SE) type of microcontroller, wherein the host device is configured to receive the message to be encrypted and to request, after receiving the message to be encrypted, a message key from the secure device, the secure device is configured to generate the message key using a secret key stored in the secure device and which is not communicated to the host device and transmit the message key to the host device, the host device is configured to, after receiving the message key, encrypt the message to be encrypted using the message key, the host device is configured to request a token from the secure device, the secure device is configured to generate the token and transmit the token to the host device, the host device is configured to request the message key by transmitting the token, the secure device is configured to generate the token by encrypting a random number by means of the secret key, and the secure device is configured to check legitimacy of the token before generating the message key.
-
-
14. An embedded system that is a serial port device for decrypting a message using a message key comprising:
-
a host device, which is a microcontroller unit (MCU); and a secure device, which is a secure element (SE) type of microcontroller, wherein the host device is configured to receive a message to be decrypted, the message to be decrypted being accompanied by a token generated by encrypting a random number by means of a secret key, the host device is configured to request, after receiving the message to be decrypted, a message key from the secure device, the secure device is configured to generate the message key using the secret key stored in the secure device and which is not communicated to the host device, and to transmit the message key to the host device, the host device is configured to, after receiving the message key, decrypt the message to be decrypted using the message key; wherein the secure device is configured to check legitimacy of the token before generating the message key.
-
Specification