Authorization process using a certificate
First Claim
1. A process for assuring data integrity of software stored in a memory, for controlling operation of a control unit of a motor vehicle, said process comprising:
- providing a pair of control unit keys, including first and second control unit keys;
providing a specific number n of pairs of certificate keys, each pair including first and second certificate keys respectively;
filing the first control unit key in or accessible to the control unit in the motor vehicle;
generating certificates corresponding to the specific number n, each certificate comprising a certificate information, certificate information of a last of said certificates including at least one certificate key for checking the software, and when several certificates are used, in other certificate information, at least one certificate key being filed for checking a certificate which follows;
signing certificate information of a first of said certificates using the second control unit key and when a plurality of certificates are used, signing other certificates by using the respective second certificate key of a pair of certificate keys of which the first certificate key is filed in certificate information of a next preceding certificate;
signing software to be newly imported by means of a second certificate key of a pair of certificate keys, of which the first certificate key is filed in certificate information of the last of said certificates;
importing all signed certificates into the control unit;
importing all signed software into the control unit;
checking the signature of the first certificate by means of the first key of the pair of control unit keys filed in or accessible to the control unit and, when a plurality of certificates are present, checking the signature of each additional certificate by means of a first certificate key contained in certificate information of a next preceding certificate;
accepting certificate information of a respective certificate if checking thereof has a positive result;
checking the signature of the software by means of the key included in the certificate information of the last certificate; and
accepting the imported software if said checking also has a positive result.
1 Assignment
0 Petitions
Accused Products
Abstract
In a process for insuring data integrity of software for a control unit of a motor vehicle, a central system (trust center) can issue certificates to authorized parties, enabling them to properly sign software for the control unit and import it into a vehicle to enable operation of the vehicle. For this purpose, the trust center (or the vehicle itself) provides a pair of control unit keys having a first and second key. The first key is stored during production of the vehicle in such a manner that it is accessible to the control unit. By means of the second key of the trust center, a first certificate for an authorized party (certificate holder) is signed.
108 Citations
19 Claims
-
1. A process for assuring data integrity of software stored in a memory, for controlling operation of a control unit of a motor vehicle, said process comprising:
-
providing a pair of control unit keys, including first and second control unit keys;
providing a specific number n of pairs of certificate keys, each pair including first and second certificate keys respectively;
filing the first control unit key in or accessible to the control unit in the motor vehicle;
generating certificates corresponding to the specific number n, each certificate comprising a certificate information, certificate information of a last of said certificates including at least one certificate key for checking the software, and when several certificates are used, in other certificate information, at least one certificate key being filed for checking a certificate which follows;
signing certificate information of a first of said certificates using the second control unit key and when a plurality of certificates are used, signing other certificates by using the respective second certificate key of a pair of certificate keys of which the first certificate key is filed in certificate information of a next preceding certificate;
signing software to be newly imported by means of a second certificate key of a pair of certificate keys, of which the first certificate key is filed in certificate information of the last of said certificates;
importing all signed certificates into the control unit;
importing all signed software into the control unit;
checking the signature of the first certificate by means of the first key of the pair of control unit keys filed in or accessible to the control unit and, when a plurality of certificates are present, checking the signature of each additional certificate by means of a first certificate key contained in certificate information of a next preceding certificate;
accepting certificate information of a respective certificate if checking thereof has a positive result;
checking the signature of the software by means of the key included in the certificate information of the last certificate; and
accepting the imported software if said checking also has a positive result. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification