Method for programming a mobile end device chip

US 9,298,949 B2
Filed: 02/06/2012
Issued: 03/29/2016
Est. Priority Date: 02/08/2011
Status: Active Grant

First Claim

Patent Images

1. A method for programming a chip for a mobile end device, comprising the steps of:

in a preparatory step a serial number is programmed into the chip; and

thenin a programming step, the serial number is verified and a programming of at least one further datum into the chip is only carried out if the serial number has been successfully verified, the further datum comprising a cryptographic key required for operability of a security operating system implemented, or yet to be implemented, in the chip, the cryptographic key being generated based on the serial number, such that the cryptographic key is unique to the chip;

wherein the serial number programmed into the chip is verified by means of a security module configured to regenerate the serial number using a secret mapping rule and further determine whether the serial number programmed into the chip matches the regenerated serial number, the mapping rule being stored in the security module as a secret information item.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention provides a method for programming a chip for a mobile end device, wherein, in a preparatory step, a serial number is programmed into the chip and thereafter, in a programming step, the serial number is verified and a programming of at least one further datum into the chip is only carried out if the serial number has been successfully verified. The serial number is verified here by means of a security module (HSM), while employing a secret information item stored in the security module (HSM) and different from the serial number.

41 Citations

14 Claims

1. A method for programming a chip for a mobile end device, comprising the steps of:
- in a preparatory step a serial number is programmed into the chip; and
  
  thenin a programming step, the serial number is verified and a programming of at least one further datum into the chip is only carried out if the serial number has been successfully verified, the further datum comprising a cryptographic key required for operability of a security operating system implemented, or yet to be implemented, in the chip, the cryptographic key being generated based on the serial number, such that the cryptographic key is unique to the chip;
  
  wherein the serial number programmed into the chip is verified by means of a security module configured to regenerate the serial number using a secret mapping rule and further determine whether the serial number programmed into the chip matches the regenerated serial number, the mapping rule being stored in the security module as a secret information item.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1, wherein the serial number is verified by the serial number or an information item dependent on the serial number being reproduced while employing the secret information item.
  - 3. The method according to claim 1, wherein, in addition to the serial number, a digital signature is formed while employing the serial number and a secret key is stored in the chip, and the secret key is stored in the security module as the secret information item.
  - 4. The method according to claim 1, wherein the secret information item is stored in the security module so as to be secured against readout.
  - 5. The method according to claim 1, wherein a security operating system or at least a part of a security operating system is provided as the further datum.
  - 6. The method according to claim 1, wherein the cryptographic key is generated in the security module.
  - 7. The method according to claim 1, wherein the cryptographic key is generated while employing the serial number.
  - 8. The method according to claim 1, further comprising activating a security operating system, whereinadditionally the security operating system with the exception of the cryptographic key is programmed into the chip and thereby implemented;
    - andin the programming step the programming of the cryptographic key into the chip is only carried out if the serial number has been successfully verified.
  - 9. The method according to claim 1, wherein the preparatory step is carried out by a first programmer and wherein the programming step is carried out by a second programmer separated logically and/or spatially from the first programmer.
  - 10. The method according to claim 9, wherein the secret information item is programmed into the security module by the first programmer, and the security module is made available to the second programmer for the programming step.
  - 11. The method according to claim 1, whereinin the programming step there is generated in the security module a verification data set comprising at least the secret information item by means of which data set the serial number is verifiable, and the verification data set is sent to a background system;
    - andin a verification step temporally following the programming step, the serial number is verified again with the background system by means of the verification data set, and the chip is accepted if the serial number has been successfully verified in the verification step, and the chip is discarded if the serial number has not been successfully verified in the verification step.
  - 12. The method according to claim 11, whereinin the programming step a key-serial number datum dependent on the key and the serial number is generated as at least a part of the verification data set and sent to the background system;
    - andin the verification step the key-serial number datum is verified, in addition to the serial number or instead of the serial number, by means of the verification data set.

13. A method for securely configuring a mobile end device containing a chip, for a mobile radio system, comprising the steps of:
- in a preparatory step a serial number is programmed into the chip; and
  
  thenin a programming step, the serial number is verified and a programming of at least one further datum into the chip is only carried out if the serial number has been successfully verified, the further datum comprising a cryptographic key required for operability of a security operating system implemented, or yet to be implemented, in the chip, the cryptographic key being generated based on the serial number, such that the cryptographic key is unique to the chip;
  
  verifying the serial number programmed into the chip by means of a security module configured to regenerate the serial number using a secret mapping rule and further determine whether the serial number programmed into the chip matches the regenerated serial number, the mapping rule being stored in the security module as a secret information item;
  
  bringing the chip into data exchange connection with a background system of the mobile radio system in order to register the mobile end device with the background system;
  
  in a verification step temporally following the programming step, the serial number is verified again with the background system by means of the verification data set, and the chip is accepted if the serial number has been successfully verified in the verification step, and the chip is discarded if the serial number has not been successfully verified in the verification step; and
  
  wherein only in the case that the serial number and/or the key-serial number datum has been successfully verified in the verification step is the mobile radio device registered with the background system.
- View Dependent Claims (14)
- - 14. The method according to claim 13, whereinin the programming step a key-serial number datum dependent on the key and the serial number is generated as at least a part of the verification data set and sent to the background system;
    - andin the verification step the key-serial number datum is verified, in addition to the serial number or instead of the serial number, by means of the verification data set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Original Assignee
Giesecke & Devrient GmbH
Inventors
Galka, Gero, Spitz, Stephan, Dietze, Claus
Primary Examiner(s)
PYZOCHA, MICHAEL J

Application Number

US13/983,813
Publication Number

US 20130318638A1
Time in Patent Office

1,513 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/572   Secure firmware programming...

G06F 21/73   by creating or determining ...

H04L 2209/127   Trusted platform modules [TPM]

H04L 9/0866   involving user or device id...

H04L 9/3234   involving additional secure...

Method for programming a mobile end device chip

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Method for programming a mobile end device chip

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links