Secured daisy chain communication

US 10,313,131 B2
Filed: 01/26/2017
Issued: 06/04/2019
Est. Priority Date: 01/26/2017
Status: Active Grant

First Claim

Patent Images

1. An intermediate servant device connected in a daisy chain configuration with a set of servant devices, wherein the intermediate servant device comprises hardware configured to:

receive, from a previous servant device of the set of servant devices, a request for data, a first response to the request for data, and authentication information for the first response to the request for data;

verify the authentication information for the first response;

generate a second response to the request for data;

determine authentication information for the second response based on the authentication information for the first response, the second response, and a key assigned to the intermediate servant device, wherein the authentication information for the first response includes a signature for the first response and wherein the authentication information for the second response includes a signature for the second response;

encrypt the second response using the first response and the key assigned to the intermediate servant device; and

output, to a next servant device arranged in the daisy chain configuration, at least the authentication information for the second response, the first response, and the encrypted second response.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An intermediate servant device connected in a daisy chain configuration with a set of devices is described. The intermediate servant device may be configured to receive, from a previous servant device of the set of servant devices, a request for data, a first response to the request for data, and authentication information for the first response to the request for data. The intermediate servant device may be further configured to generate a second response to the request for data and determine authentication information for the second response based on the authentication information for the first response, the second response, and a key assigned to the intermediate servant device. The intermediate servant device may be further configured to output at least the authentication information for the second response, the first response, and the second response.

10 Citations

View as Search Results

22 Claims

1. An intermediate servant device connected in a daisy chain configuration with a set of servant devices, wherein the intermediate servant device comprises hardware configured to:
- receive, from a previous servant device of the set of servant devices, a request for data, a first response to the request for data, and authentication information for the first response to the request for data;
  
  verify the authentication information for the first response;
  
  generate a second response to the request for data;
  
  determine authentication information for the second response based on the authentication information for the first response, the second response, and a key assigned to the intermediate servant device, wherein the authentication information for the first response includes a signature for the first response and wherein the authentication information for the second response includes a signature for the second response;
  
  encrypt the second response using the first response and the key assigned to the intermediate servant device; and
  
  output, to a next servant device arranged in the daisy chain configuration, at least the authentication information for the second response, the first response, and the encrypted second response.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The intermediate servant device of claim 1, wherein to determine the authentication information for the second response, the intermediate servant device is configured to:
    - apply a symmetric algorithm using the signature for the first response, the second response, and the key assigned to the intermediate servant device to generate the signature for the second response.
  - 3. The intermediate servant device of claim 1, wherein the authentication information for the first response includes a verification value for the first response, wherein the authentication information for the second response includes a verification value for the second response, and wherein to determine the authentication information for the second response, the intermediate servant device is configured to:
    - apply an asymmetric algorithm using the verification value for the first response, the second response, and the key assigned to the intermediate servant device.
  - 4. The servant device of claim 3, wherein the key assigned to the intermediate servant device is a public key, the intermediate servant device being configured to:
    - generate the signature for the second response using the verification value for the first response and a private key assigned to the intermediate servant device.
  - 5. The servant device of claim 4, the intermediate servant device being configured to:
    - generate a hash value using the signature for the first response and a public key assigned to the previous servant device; and
      
      determine that the first response is verified when the hash value for the first response corresponds to the verification value for the first response.
  - 6. The intermediate servant device of claim 1, wherein the intermediate servant device is further configured to:
    - output, via a first mode, the first response to the request for data and the second response to the request for data; and
      
      output, via a second mode that is different from the first mode, the authentication information for the second response.
  - 7. The intermediate servant device of claim 1, wherein the first response is an encrypted first response and wherein to encrypt the second response, the servant device is further configured to:
    - encrypt a plain text response to the request for data using the encrypted first response.
  - 8. The intermediate servant device of claim 1, wherein the intermediate servant device is configured to:
    - generate the second response in response to determining that the request for data indicates a request for data from the intermediate servant device.
  - 9. The intermediate servant device of claim 1, wherein the intermediate servant device is configured to:
    - output the request for data in response to determining that the request for data indicates a request for data from the next servant device.

10. A method comprising:
- receiving, by an intermediate servant device connected in a daisy chain configuration with a set of servant devices, from a previous device of the set of devices, a request for data, a first response to the request for data, and authentication information for the first response to the request for data;
  
  verifying, by the intermediate servant device, the authentication information for the first response;
  
  generating, by the intermediate servant device, a second response to the request for data;
  
  determining, by the intermediate servant device, authentication information for the second response based on the authentication information for the first response and a key assigned to the intermediate servant device, wherein the authentication information for the first response includes a signature for the first response and wherein the authentication information for the second response includes a signature for the second response;
  
  encrypting, by the intermediate servant device, the second response using the first response and the key assigned to the intermediate servant device; and
  
  outputting, by the intermediate servant device, to a next servant device arranged in the daisy chain configuration, at least the authentication information for the second response, the first response, and the encrypted second response.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, wherein determining the authentication information for the second response comprises:
    - applying, by the intermediate servant device, a symmetric algorithm using the signature for the first response, the second response, and the key assigned to the intermediate servant device to generate the signature for the second response.
  - 12. The method of claim 10, wherein the authentication information for the first response includes a verification value for the first response, wherein the authentication information for the second response includes a verification value for the second response, and wherein determining the authentication information for the second response comprises:
    - applying, by the intermediate servant device, an asymmetric algorithm using the verification value for the first response, the second response, and the key assigned to the intermediate servant devices.
  - 13. The method of claim 12, wherein the key assigned to the intermediate servant device is a public key, the method further comprising:
    - generating, by the intermediate servant device, the signature for the second response using the verification value for the first response and a private key assigned to the intermediate servant device.
  - 14. The method of claim 13, the method further comprising:
    - generating, by the intermediate servant device, a hash value using the signature for the first response and a public key assigned to the previous servant device; and
      
      determining, by the intermediate servant device, that the first response is verified when the hash value for the first response corresponds to the verification value for the first response.
  - 15. The method of claim 10, wherein outputting at least the authentication information for the second response, the first response, and the second response comprises:
    - output, by the intermediate servant device, via a first mode, the first response to the request for data and the second response to the request for data; and
      
      output, by the intermediate servant device, via a second mode that is different from the first mode, the authentication information for the second response.
  - 16. The method of claim 10, wherein the first response is an encrypted first response and wherein encrypting the second response comprises:
    - encrypting, by the intermediate servant device, a plain text response to the request for data using the encrypted first response.
  - 17. The method of claim 10, wherein the intermediate servant device is configured to generate the second response in response to determining that the request for data indicates a request for data from the intermediate servant device.
  - 18. The method of claim 10, further comprising:
    - outputting, by the intermediate servant device, the request for data in response to determining that the request for data indicates a request for data from the next servant device.

19. A system comprising:
- a master device configured to output a request for data; and
  
  a set of servant devices arranged in a daisy chain configuration such that an initial servant device of the set of servant devices receives the request for data from the master device and a last servant device of the set of servant devices outputs one or more responses to the request for data to the master device, wherein an intermediate servant device of the set of servant devices that is arranged in the daisy chain configuration between the initial servant device and the last servant device is configured to;
  
  receive, from a previous servant device of the set of servant devices, the request for data, a first response to the request for data, and authentication information for the first response;
  
  verify the authentication information for the first response;
  
  generate a second response to the request for data;
  
  determine authentication information for the second response based on the authentication information for the first response and a key assigned to the intermediate servant device, wherein the authentication information for the first response includes a signature for the first response and wherein the authentication information for the second response includes a signature for the second response;
  
  encrypt the second response using the first response and the key assigned to the intermediate servant device; and
  
  output, to a next servant device of the set of servant devices, at least the authentication information for the second response, the first response, and the encrypted second response.
- View Dependent Claims (20, 21, 22)
- - 20. The system of claim 19, wherein the intermediate servant device includes an energy storage device and wherein the intermediate servant device is configured to generate the second response to the request for data based on a detected characteristic of the energy storage device.
  - 21. The system of claim 19, wherein the intermediate servant device includes a sensor and wherein the intermediate servant device is configured to generate the second response to the request for data based on an output of the sensor.
  - 22. The system of claim 19, wherein the intermediate servant device includes an actuator and wherein the intermediate servant device is configured to generate the second response to the request for data based on a detected characteristic of the actuator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Infineon Technologies AG
Original Assignee
Infineon Technologies AG
Inventors
Keser, Goran, Gesien, Phillip, Hofer, Guenter, Janke, Marcus
Primary Examiner(s)
Chen, Shin-Hon (Eric)

Application Number

US15/416,987
Publication Number

US 20180212781A1
Time in Patent Office

859 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 63/123   received data contents, e.g...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

H04W 4/48   for in-vehicle communication

Secured daisy chain communication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

10 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secured daisy chain communication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links