Apparatus and method for generating digital images

US 9,165,147 B2
Filed: 12/19/2012
Issued: 10/20/2015
Est. Priority Date: 12/23/2011
Status: Active Grant

First Claim

Patent Images

1. An apparatus for generating a digital image, wherein the apparatus comprises:

an image generation unit for generating the digital image having a first security module which is adapted for cryptographically linking a first secret unambiguously identifying the first security module, and securely deposited therein, with the digital image such that the integrity of the digital image can be ascertained using the result of this first cryptographic linkage, the image generation unit comprising a processor unit that has implemented therein a normal runtime environment and a secure, trustworthy runtime environment, wherein the secure runtime environment is isolated from the normal runtime environment and serves for executing security-critical applications; and

a portable data carrier which can be introduced into the apparatus, wherein the portable data carrier is furnished with a second security module which is adapted for cryptographically linking a second, different secret unambiguously identifying the portable data carrier, and securely deposited therein, with the digital image such that the identity of the portable data carrier can be ascertained using the result of this second cryptographic linkage, the digital image being signed using both the first and second cryptographic linkages to form a doubly signed digital image, wherein the integrity of the digital image and the identity of the portable data carrier are both identifiable using the doubly signed digital image.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An apparatus and a method are arranged for generating a digital image. The apparatus comprises an image generation unit for generating the digital image having a first security module adapted for cryptographically linking a first secret unambiguously identifying the first security module, and securely deposited therein, with the digital image such that the integrity of the digital image can be ascertained using the result of this cryptographic linkage. Further, the apparatus comprises a portable data carrier which can be introduced into the apparatus. The portable data carrier is furnished with a second security module which is adapted for cryptographically linking a second secret unambiguously identifying the portable data carrier, and securely deposited therein, with the digital image such that the identity of the portable data carrier can be ascertained using the result of this cryptographic linkage.

15 Citations

9 Claims

1. An apparatus for generating a digital image, wherein the apparatus comprises:
- an image generation unit for generating the digital image having a first security module which is adapted for cryptographically linking a first secret unambiguously identifying the first security module, and securely deposited therein, with the digital image such that the integrity of the digital image can be ascertained using the result of this first cryptographic linkage, the image generation unit comprising a processor unit that has implemented therein a normal runtime environment and a secure, trustworthy runtime environment, wherein the secure runtime environment is isolated from the normal runtime environment and serves for executing security-critical applications; and
  
  a portable data carrier which can be introduced into the apparatus, wherein the portable data carrier is furnished with a second security module which is adapted for cryptographically linking a second, different secret unambiguously identifying the portable data carrier, and securely deposited therein, with the digital image such that the identity of the portable data carrier can be ascertained using the result of this second cryptographic linkage, the digital image being signed using both the first and second cryptographic linkages to form a doubly signed digital image, wherein the integrity of the digital image and the identity of the portable data carrier are both identifiable using the doubly signed digital image.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The apparatus according to claim 1, wherein the first and/or second security module is adapted as hardware in the form of a security controller or smart-card controller or as a Trusted Platform Module and/or as software in the form of a TrustZone.
  - 3. The apparatus according to claim 1, wherein the image generation unit comprises a sensor unit for processing the optical signals captured by the apparatus into digital raw data, and the processor unit for processing the digital raw data into the digital image, wherein the first security module is adapted as part of the processor unit, the first security module is adapted as a component separate from the processor unit, or the processor unit is made available by the first security module.
  - 4. The apparatus according to claim 1, wherein the first secret which is securely deposited in the first security module of the image generation unit is a first signature key which is cryptographically linked by the first security module with the digital image in the form of a first digital signature, or is a MAC (Message Authentication Code) key which is cryptographically linked by the first security module with the digital image by determining a MAC (Message Authentication Code) of the digital image by means of the MAC (Message Authentication Code) key.
  - 5. The apparatus according to claim 1, wherein the second secret which is securely deposited in the second security module of the portable data carrier is a second signature key which is cryptographically linked with the digital image in the form of a second digital signature, or is a MAC (Message Authentication Code) key which is cryptographically linked with the digital image by determining a MAC (Message Authentication Code) of the digital image by means of the MAC (Message Authentication Code) key.
  - 6. The apparatus according to claim 1, wherein the portable data carrier has, besides the second security module, a mass storage device on which the generated digital image can be stored, wherein the portable data carrier is preferably a memory card.
  - 7. The apparatus according to claim 1, wherein the apparatus for generating a digital image is a digital camera, a mobile telephone having a digital camera, a digital video camera, a scanner, a copier or a printer.
  - 8. The apparatus according to claim 1, wherein the first security module and/or the second security module can communicate with a background system in the form of a central key management server which is operated by a Trusted Service Manager (TSM).

9. A method for generating a digital image, wherein the method comprises the following steps:
- generating a digital image by means of an image generation unit of an apparatus for generating a digital image, the image generation unit comprising a processor unit that has implemented therein a normal runtime environment and a secure, trustworthy runtime environment, wherein the secure runtime environment is isolated from the normal runtime environment and serves for executing security-critical applications;
  
  cryptographically linking the digital image with a first secret which is securely deposited in a first security module which is part of the image generation unit, and unambiguously identifies the first security module, wherein the integrity of the digital image can be ascertained using the result of this first cryptographic linkage; and
  
  cryptographically linking the digital image with a second, different secret which is securely deposited in a second security module which is part of a portable data carrier which can be introduced into the apparatus for generating a digital image, and unambiguously identifies the second security module, wherein the identity of the portable data carrier can be ascertained using the result of this second cryptographic linkage, the digital image being signed using both the first and second cryptographic linkages to form a doubly signed digital image, wherein the integrity of the digital image and the identity of the portable data carrier are both identifiable using the doubly signed digital image.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Original Assignee
Giesecke & Devrient GmbH
Inventors
Johne, Andreas, Delonge, Thomas
Primary Examiner(s)
BAYOU, YONAS A

Application Number

US14/364,578
Publication Number

US 20140321640A1
Time in Patent Office

1,035 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

H04N 1/00339   with an electronic or magne...

H04N 1/32101   Display, printing, storage ...

H04N 2201/0041   Point to point H04N2201/003...

H04N 2201/0051   Card-type connector, e.g. P...

H04N 2201/3233   of authentication informati...

Apparatus and method for generating digital images

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

15 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for generating digital images

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links