• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    Cryptographic activation system (1) comprising an activation center (6,8) and equipment (7) connected by a telecommunications network, in which each equipment stores an encryption key encrypted by a first key secondary encryption, and, at a restart, generates a cryptographic activation request; the activation center generates an activation response comprising said first secondary data key and transmits it to the equipment that finalizes its cryptographic activation by decrypting said primary encryption key with the first received secondary encryption key and obtains said master key encryption in clear for data encryption; it also obtains a second secondary encryption key, stores said encrypted master key encrypted with said second key and prior to decommissioning, deletes the plaintext main key and the second secondary encryption key in the clear.
    公开号:FR3076423A1
    申请号:FR1701387
    申请日:2017-12-28
    公开日:2019-07-05
    发明作者:Ludovic Boulay;David Lefranc
    申请人:Thales SA;
    IPC主号:
    专利说明:

    Method and system for cryptographic activation of a plurality of devices
    The present invention relates to the field of equipment security, in particular the obtaining of a cryptographic key used for the encryption or decryption of data manipulated by an equipment.
    Secure equipment generally has to perform two tasks:
    - loading executables and specific data of the equipment, and starting it up on the basis of these elements;
    the recovery or construction of a cryptographic key used to encrypt or decrypt data by equipment.
    The first task is solved by techniques not dealt with in the present patent proposal. The second task assumes that the first task is resolved and then makes it possible to "blush" (ie decipher, or even obtain "in clear") the "black" (ie encrypted) data stored or retrieved by the equipment (or vice versa " blacken ”(ie encrypt) the“ red ”data (ie deciphered) stored or retrieved by the equipment). To carry out this "blushing", the equipment has several possibilities:
    recover a cryptographic key stored in the equipment; the key can be stored on a dedicated memory and, ideally, be protected by specific physical means (the level of what a TPM can offer - in English "Trusted Platform Module" - for example);
    propose the entry of a cryptographic key by an operator;
    allow the injection of a cryptographic key from a device connected to the equipment (for example a smart card) or from a network interface;
    proceed with the construction of a cryptographic key on the basis of two non-sensitive half-keys (the knowledge of a half-key not sufficient to decrypt / attack the encrypted data to be recovered): the first half-key is stored on the equipment, the second is generally stored on a removable device.
    Each of these solutions has advantages (in general: the simplicity of the procedure) and disadvantages (very often: security compromises, even difficulties of scaling when it comes to starting a large number of 'equipment in limited time).
    The fourth solution is part of the so-called cryptographic activation solutions.
    It generally uses a "CIK plug" (see https://en.wikipedia.org/wiki/KSD-
    64). The implementation of this type of solution requires having physical access to the activated equipment. However, some use cases are incompatible with this type of requirement.
    This is the case for example:
    communicating equipment spread over an operating theater or a communication network;
    equipment (physical or virtualized) deployed in a cloud.
    The object of the invention is to propose a solution for obtaining a cryptographic key used to encrypt or decrypt encrypted data used by the equipment which makes it possible to start a large number of equipment (or more generally of environments d execution, in particular virtualized environments) in constrained time and at a distance.
    To this end, according to a first aspect, the invention provides a cryptographic activation system comprising an activation center and a set of first equipment (s), said activation center and equipment being connected by a telecommunications network, in which each first item of equipment is adapted to encrypt, respectively decrypt, data according to said main encryption key, when said item of equipment has said main decrypted encryption key, said activation system being characterized in that:
    each first device comprises a non-volatile memory storing a main encryption key encrypted by a first secondary encryption key and is suitable for, on restarting the device, generating a cryptographic activation request indicating an identifier of said first device and for transmitting said cryptographic activation request to the activation center via the telecommunications network;
    the activation center is adapted to receive said activation request, to validate the activation request according to at least the equipment identifier indicated in the request, and for, only if it has validated the request activation, generating an activation response message comprising said first secondary data key from the first equipment and for transmitting said activation response to the first equipment via the telecommunications network;
    said first device being adapted to receive the cryptographic activation response, to finalize its cryptographic activation by extracting the first secondary data key from the first device of said response, by decrypting said main encryption key stored in the memory with the first key secondary encryption extracted and thereby obtaining said main encryption key in clear for the encryption of data by said first equipment with said main key; said first equipment is further adapted to obtain a second secondary encryption key, to encrypt the main encryption key with said second secondary encryption key obtained, to store said encrypted main encryption key in non-volatile memory; and said first item of equipment being further adapted for, prior to decommissioning after said restart, delete from its non-volatile memory the main clear encryption key and the second secondary clear encryption key.
    The invention thus makes it possible to have a solution enabling a remote activation operation to be carried out from a centralized activation station, by propagating the activation data to the devices to be activated over possibly uncontrolled networks. ,
    It also authorizes the implementation of an activation propagation along an activation chain to improve the performance of a massive activation operation (ie on a very large number of devices or runtime environments to activate in minimum time).
    In embodiments, the cryptographic activation system according to the invention further comprises one or more of the following characteristics:
    each first device is adapted to, on each restart of the first device, generate a cryptographic activation request intended for the activation center for the transmission by the latter of the secondary encryption key having been used by the first device to obtain the key main encrypted stored on non-volatile memory;
    each first item of equipment is further adapted to, before said restart, store in the non-volatile memory, its first secondary data key encrypted by an asymmetric public encryption key corresponding to its main encryption key encrypted by said first secondary encryption key ;
    each first item of equipment being further adapted for, during the generation of the activation request, extracting from its non-volatile memory said first secondary data key encrypted by the asymmetric encryption public key previously stored and for inserting it into the activation request;
    the activation center being adapted to extract from the activation request received said first secondary data key encrypted by the asymmetric encryption public key, to decrypt it using a private asymmetric encryption key associated with said key public asymmetric encryption, the first secondary data key of the first device included in the activation response message generated by said center being said first secondary data key thus decrypted by the private key;
    each first item of equipment being further adapted for, before said restart, storing in the non-volatile memory, the second secondary encryption key encrypted by the public asymmetric encryption key corresponding to the main encryption key encrypted by said secondary encryption key;
    - Each first device is further adapted to encrypt all or part of the activation request and decrypt all or part of the activation response using a symmetric communication encryption key; and in parallel the activation center is further adapted to encrypt all or part of the activation response and decrypt all or part of the activation request using said symmetric communication encryption key;
    the cryptographic activation system further comprises second equipment, and the first equipment, the second equipment and the activation center are organized in tree form having as root said activation center, the first equipment being the fathers of the second equipment , wherein each second device is adapted to perform with respect to its first parent device the operations described in the preceding claims as performed by the first device vis-à-vis the activation center; and once its cryptographic activation has been carried out, each first device is then adapted to perform with respect to each of its second son devices, the operations described in the preceding claims as carried out by the activation center with respect to the first equipment.
    According to a second aspect, the present invention proposes an equipment adapted to be connected by a telecommunication network to a cryptographic activation system comprising an activation center, said equipment being adapted to encrypt, respectively decrypt, data according to a main encryption key, when said equipment has said main decrypted encryption key, characterized in that it comprises a non-volatile memory storing a main encryption key encrypted by a first secondary encryption key and is suitable for, for a restarting the equipment, generating a cryptographic activation request indicating an identifier of said equipment and for transmitting said cryptographic activation request to the activation center via the telecommunications network;
    said equipment being adapted to receive a cryptographic activation response comprising said first secondary data key of the equipment originating from the activation center, to finalize its cryptographic activation by extracting from said response the first secondary data key of the equipment, by decrypting said main encryption key stored in the memory with the first secondary encryption key extracted and thereby obtaining said main encryption key in clear for encryption of data by said equipment with said main key; said equipment is further adapted to obtain a second secondary encryption key, to encrypt the primary encryption key with said second secondary encryption key obtained, to store said encrypted primary encryption key in non-volatile memory; and said equipment being further adapted to, prior to decommissioning after said restart, delete from its non-volatile memory the main clear encryption key and the second secondary clear encryption key.
    According to a third aspect, the present invention provides a method of cryptographic activation in a cryptographic activation system comprising an activation center and a set of first equipment (s) connected by a telecommunications network, said method being characterized in that that it includes the following stages:
    - storage by each first device of a main encryption key encrypted by a first secondary encryption key in a non-volatile memory of the first device;
    - on a restart of the first equipment, generation by the first equipment of a cryptographic activation request indicating an identifier of said first equipment and transmission by the first equipment of said cryptographic activation request to the activation center via the telecommunications network ;
    - reception by the activation center of said activation request, validation of the activation request by the activation center based on at least the identifier of the first device indicated in the request, and only if validated the activation request, generation by the activation center of an activation response message comprising said first secondary data key from the first equipment and transmission by the activation center of said activation response to the first equipment via the telecommunications network;
    reception by said first device of the cryptographic activation response, finalization of its cryptographic activation by extracting the first secondary data key from the first device of said response, by decrypting said main encryption key stored in the memory with the first key of secondary encryption extracted and thereby obtaining said primary encryption key in clear;
    - encryption, respectively decryption by each first piece of data equipment as a function of the main clear encryption key obtained;
    - Obtaining by said first equipment of a second secondary encryption key, encryption by said first equipment of the main encryption key with said second secondary encryption key obtained, then storage of said main encryption key encrypted by said first equipment in its non-volatile memory; and
    - prior to putting the first equipment out of service after said restart, deletion of its non-volatile memory of the main encryption key in the clear and the second secondary encryption key in the clear.
    These characteristics and advantages of the invention will appear on reading the description which follows, given solely by way of example, and made with reference to the accompanying drawings, in which:
    FIG. 1 represents a view of a cryptographic activation system in an embodiment of the invention;
    FIG. 2 is a flow diagram of steps implemented in a cryptographic activation method in an embodiment of the invention;
    Figure 3 is a view of the equipment and the activation center in one embodiment of the invention.
    FIG. 1 represents a cryptographic activation system S_CIS (in English "Cryptography Ignition System") 1, in an embodiment of the invention.
    The S_CIS 1 comprises two subsystems: a cryptographic activation supervision subsystem SS_CIM (in English "Cryptography Ignition Management Sub-System") 10 and a cryptographic activation network subsystem SS_CIN 2 (in English " Ignition Network Sub-System Cryptography ”).
    In the embodiment considered, the SS_CIM 10 is physically isolated from the SS_CIN 2 to avoid any leakage to the network of sensitive data stored in the SS_CIM 10
    The SS_CIM 10 includes a cryptographic activation management center CIMC (in English "Cryptography Ignition Management Center") 9. The CIMC 9 corresponds to the management center of the system 1 and includes for example a central unit, a memory and a human interface -machine allowing the exchanges with an individual having the role of administrator of the system, ROLE_CIS_A.
    The SS_CIN 2 includes a CIC 6 Cryptographic Ignition Center. The CIC 6 includes for example a central unit, a memory and a human-machine interface allowing exchanges with an individual having the role of operator of the system, ROLE_CIS_O. This operator ROLE_CIS_O holds, in the embodiment considered, a CIT 8 security support, of the smart card type for example, making it possible to carry out security operations necessary for the activation of an equipment in the particular case described here when the CIT 8 is interfaced to the CIC 6 (for example when the smart card 8 is inserted into a complementary receptacle in the CIC 6, to authenticate the carrier ROLE_CIS_O). Cryptographic elements necessary for the authentication of the operator and optionally for the activation of an equipment are also stored on this CIT 8 support, in particular the CIT 8 has at least a private asymmetric encryption key noted AK_chiff.pr and associated with the public key noted AK_chiff.pub (as a reminder, such a public key makes it possible to encrypt any message, but only the owner of the private key can decrypt the message thus encrypted).
    The CIC 6 machine has a memory that is not necessarily trusted and is suitable for communicating with the CIT 8.
    The SS_CIN 2 comprises a set 3 of equipment 7. Each equipment 7 comprises a CIA activation device (in English “Cryptography Ignition Agent”), which in the equipment, is adapted to communicate with the CIC 6 and to carry out the operations necessary for the cryptographic activation of the equipment. In FIG. 1 are thus represented the separate equipment items 7 each comprising an activation device respectively CIA.1, CIA.2, CIA.3, CIA.4, CIA.5.
    Equipment 7 can be defined in the CIMC 9 as forming a group, CIAG (in English “Cryptography Ignition Agent Group”). The operators ROLE_CIS_0 are authorized to manage the activation of a group of equipment. A device can belong to several groups. For example, in the case shown, the activation devices CIA.1, CIA.2, CIA.3 form the group CIAG.1. And the activation devices CIA.3, CIA.4, CIA.5 form the CIAG.2 group. Each group corresponds to a pair of key AK_chiff.pr/AK_chiff.pub, which is specific to it and which is different from that corresponding to a different group.
    Each of the CIA.1, CIA.2, CIA.3, CIA.4, CIA.5 activation equipment / devices is connected by a two-way (which can be trivialized, therefore not necessarily trusted) telecommunications link. CIC 6, for example via the Internet or a 3G or 4G mobile radio network. The equipment 7 and the CIC 6 therefore include the interfaces (for example radio frequency modem or antenna and radio frequency transceiver, etc.) suitable for implementing this link.
    In the case considered, the equipment 7 is the equipment of a data center (in English "data center"), in particular central computers, servers, storage racks, network and telecommunications equipment, constituting the information system. a company (in another embodiment, the set of equipment 3 is a fleet of equipment storing data from any company).
    Nowadays, data centers have large storage needs that allow them to store information belonging to customers as well as their own data. This volume generates a large incoming and outgoing flow of hardware, and a security problem for a data center is to ensure that an outgoing data storage disk does not imply a leak of the data it contains (for example a "Attacker" recovering the hard disks in a landfill to analyze the data they contain).
    One solution to this security problem is to encrypt all incoming disks and thus, when they exit: the disks can no longer be exploited by an "attacker" without the encryption key held within the data center.
    The present invention proposes to the administrators of the data center considered here to further resolve:
    a security issue: for each piece of equipment 7 within the data center, how to make it available at each start-up, in a secure manner, the encryption key of its hard disk (the key cannot be stored in plain text with the equipment );
    an availability / performance issue: how to quickly make the encryption keys available so that all the equipment 7 can start up in a time in accordance with the availability policy of the data center (key injection by an operator on all these equipment is not possible).
    To this end, the various elements of the system 1 as mentioned above are adapted to implement the steps described below with reference to FIG. 2.
    In an initialization step 100_0, when new EQPT.i equipment arrives within the data center and therefore within system 1, an operator installs and configures this new EQPT.i equipment. The EQPT.i equipment is notably registered on the CIMC 9 by the administrator ROLE_CIS_A as part of system 1 and in the activation groups to which it belongs. This initialization step makes it possible to recover information for the initial initialization of the EQPT.i equipment on the system 1: in particular the CIMC 9 prepares a symmetrical encryption key for telecommunications K_COM_i_0 and authentication data for the EQPT equipment. i including at least a single-use quantity noted RAND_i_0 (this quantity, and its updates, are used to avoid replay) and an identifier “i” of the EQPT.i equipment. The CIMC 9 provides, with the help of a physical medium, these elements to CIC 6 which stores in its non-volatile memory a hash of RAND_i_0 (ie the result of a hash function on RAND_i_0 providing an imprint of its value) .
    A CIA device, named CIA.i, is installed on this new EQPT.i equipment and initialized with the data previously retrieved (identifying "i", RAND_i_0 and K_COM_i_0).
    During the installation and the first start of the EQPT.i in system 1 by an operator, the EQPT.i equipment (or the CIA.i, or distribution of the treatments between EQPT.i and CIA.i):
    randomly generates a DCK (Data Ciphering Key) encryption key (which will then be used during periods of operational use of EQPT.i equipment);
    - generates a temporary symmetric encryption key SK_TEMP_0 randomly;
    cipher, with integrity protection for example, the DCK with the key SK_TEMP_0: either DCK _chiff the encrypted key obtained;
    - obtains the public encryption key, AK_chiff.pub from the CIC 6 / CIT 8 activation center and then encrypts the temporary key SK_TEMP_0 with the public key: either SK_TEMP_0_chiff the encrypted key obtained;
    - erases from its non-volatile memory:
    the DCK in clear;
    SK_TEMP_0 in clear;
    - stores in its non-volatile memory:
    a / the DCK_chiff;
    b / the temporary key SK_TEMP_0_chiff;
    cl the telecommunications encryption key K_COM_i_0 (if possible in a memory zone protected in confidentiality and integrity; there is a different key K_CQM_l_0 for each CIA.i);
    d / the single-use quantity RAND_i_0 (if possible in a memory zone protected in confidentiality and integrity).
    Subsequently, after the first restart following the first deactivation of the EQPT.i equipment (then after each restart following a deactivation knowing that the deactivation erases the data stored in volatile memory), during its use phase , the equipment 7, comprising the equipment EQPT.i and the CIA.i installed on this equipment, no longer has its clear DCK and can therefore no longer use the useful data stored encrypted in its memory, nor encrypt new useful data to store. It has the items listed previously stored in its non-volatile memory.
    The following cryptographic activation steps are implemented so that the EQPT_i equipment can re-obtain its DCK cryptographic encryption key in clear.
    In a step 101, the equipment EQPT.i makes a request for obtaining its encryption key DCK in clear from its device CIA.i.
    In a step 102, following the reception of this request for obtaining a DCK key, the CIA.i generates a request for cryptographic activation, encrypted in whole or in part with K_COM_i_0 and comprising:
    the identifier "i" of the EQPT.i equipment;
    a restart request;
    RAND_i_0;
    SK_TEMP_O_chiff.
    The CIA.i transmits this cryptographic activation request to the CIC 6, on the link connecting them.
    In a step 103, using the identifier "i" provided, the CIC 6 finds in its non-volatile memory (according to the embodiments) the hash of the associated RAND_i_0.
    If step 103 returns a result, in step 104, the CIC 6 provides CIT 8 with the request received from the CIA.i 7 and the hash of the RAND_l_0 previously found.
    In a step 105, the CIT 8 performs the following verifications:
    - it reconstructs the key K_COM_i_0 corresponding to the CIA.i by cryptographic means using the elements at its disposal (for example, it reconstructs this key by a cryptographic key derivation method from a master key stored on the CIT; in another embodiment, the key K_COM_i_0 could be stored in non-volatile memory on the CIC 6);
    it performs the cryptographic calculations on the elements of the request involving the K_COM_I_0 to validate whether the data encrypted by this key is intact, then if necessary to perform the decryption of the data encrypted using this key;
    it checks the validity of RAND_i_0 received by comparing it with the quantity previously stored in the CIC 6 as defined by the hash of RAND_i_0.
    If one of these checks is not correct, in a step 107, the CIT 8 responds to the CIC 6 that the activation has been refused and thus, in a step 108, the CIC 6 responds to the CIA. it does not allow cryptographic activation. This refusal is then relayed, in a step 109, by a refusal message from the CIA.i to the EQPT.i. The equipment does not receive the elements necessary for its activation and it is therefore impossible for it to start (i.e. it cannot decrypt its hard disk without the key).
    In addition, an operator then present at the CIC 6 / CIT 8 activation center can optionally control the activation request for equipment 7 and authorize or refuse it. In the event of an operator refusal, steps 108, 109 as indicated above are implemented.
    If the checks in step 105 are correct and in the absence of refusal by the operator, the CIT 8, in step 111, decrypts the quantity SK_TEMP_0_Chiff to allow activation using its private key AK_chiff. pr.
    Thus, in a step 112, the CIT 8 generates:
    a new single-use authentication quantity RAND_i_1 to be used for the next equipment activation request 7;
    a new telecommunications encryption key K_COM_i_1 to be used for the next equipment activation request 7.
    Then the CIT 8 figure by K_COM_i_0:
    the quantity SK_TEMP_0;
    - the new single-use quantity of authentication RAND_i_1;
    the new telecommunications encryption key K_COM_i_1.
    The CIT 8 in a step 113 sends, to the CIC 6, the following elements: the elements encrypted by K_COM_I_0 in step 112;
    the hash of RAND_I_1;
    In a step 114, on receipt of these elements, the CIC 6 updates the hash of RAND_I_1 in its non-volatile memory.
    In addition, the CIC 6 then sends the elements encrypted by K_COM_i_0 to a CIA.i in a cryptographic activation response message, in a step 115.
    In a step 116, the CIA.i decrypts with K_COM_i_0 the response message received.
    Then it uses the SK_TEMP_0 received to decrypt DCK_chiff.
    The CIA.i then provides in step 117 the DCK key in clear to the EQPT.i which then uses it to encrypt or decrypt useful data. The required cryptographic activation is then performed.
    In a step 118, the CIA.i:
    - randomly generates a new temporary key SK_TEMP_1, then encrypts, if necessary with integrity protection, the DCK with the symmetric key SK_TEMP_1: either DCK_chiff the encrypted key thus obtained (it will be noted that this generation and this encryption could in another mode be carried out by the CIC6 / CIT 8 activation center, then transmitted to the equipment 7);
    - encrypts SK_TEMP_1 with the public key AK_chiff.pub; either SK_TEMP_1_chiff the encrypted key obtained;
    - erases from its non-volatile memory:
    the DCK in clear;
    SK_TEMP_1 in clear;
    - stores in its non-volatile memory (instead of the elements a, b, c, d previously stored in the non-volatile memory):
    a / DCK_chiff;
    b / SK_TEMP_1_chiff;
    cl K_COM_i_1 (if possible in a zone protected in confidentiality and integrity);
    d / RAND_i_1 (if possible in a zone protected in confidentiality and integrity).
    At the next power off, followed by a restart, the cryptological activation steps described above starting from step 101 will be implemented again considering the last elements a, b, c, d indicated below. above instead of the elements a, b, c, d previously stored in the memories.
    Thus, once the equipment has left the data center, it is then impossible for an attacker to recover information on a device because the data is encrypted and the reconstruction of the encryption key is not possible without the cryptographic data stored on the CIT (or CIC depending on the embodiments).
    All activation requests are received on the CIC6 / CIT 8 activation center and adequate sizing of system 1 enables all of the equipment 7 in system 1 to be activated in a time in accordance with the policy of unavailability of the data center.
    In one embodiment, a hierarchical activation is implemented allowing faster activation of a fleet of equipment (or execution environments) organized in a tree by propagation of the activation along the tree.
    Referring to Figure 3, node 30 is the root of the tree and corresponds to the activation center (CIC 6 and CIT 8) which performs the functions incumbent upon it as described above with reference to the steps from step 101.
    The nodes 41, respectively 42 and 43 are for example the equipment 7 comprising the CIA.1, respectively CIA.2, CIA.3 of the CIAG.1 group, which implement at each restart the cryptographic activation operations described with reference in Figure 2 and falling to equipment 7, communicating with CIC 6 / CIC 8.
    In this tree structure, the node 41 (corresponding to the equipment 7 comprising the CIA.1) has two 7-wire equipment corresponding to the nodes 51 and 52. Similarly the node 42 (corresponding to the equipment 7 comprising the CIA.2 ) has two 7-wire devices corresponding to nodes 53 and 54.
    Each of the child nodes is connected to its parent node by a bilateral telecommunication link. And the cryptographic activation is carried out by an equipment 7 of the child node type in accordance with the steps described from step 101 incumbent on an equipment 7 except that it is its parent node, once its cryptographic activation has been successfully performed, which performs the functions described in these steps as the responsibility of CIC 6 / CIT 8.
    In turn, a child node, once its cryptographic activation has been carried out, will be able to respond to a request for cryptographic activation of its child equipment.
    The activation of a fleet of equipment after a complete restart of the fleet in particular is thus considerably accelerated.
    The present invention thus makes it possible:
    - perform cryptographic activation in a secure manner even on an uncontrolled network;
    - centralized management of the activations of a fleet of equipment (or execution environments);
    delegate activation to increase the activation performance of a network of devices (or runtime environments);
    - the use of the cryptographic activation principle on a fleet of equipment.
    The solution is applicable to hardware equipment, for example in information systems, but also to virtualized solutions, for example software applications. More generally, the invention can be implemented in any system involving a network of equipment which it is a question of activating remotely and in a minimum of time.
    Among the typical cases, one can cite in particular:
    the activation of physical machines and virtual machines of a datacenter (cloud) after a power outage and restoration;
    the activation of fleet of office machines of the fixed station type using encrypted disks;
    the activation of a network of private radio broadcasting equipment, for example military.
    In one embodiment, each device 7 comprises a microprocessor and a memory and the device CIA for activating the device 7 comprises software comprising software instructions which is stored in the memory of the device 7 and which, when it is executed, implements the steps incumbent on the CIA mentioned with reference to FIG. 2. Likewise, in one embodiment, the CIC 6 comprises a microprocessor and a memory comprising software instructions stored in the memory of the CIC 6 and which, when executed, implement the steps incumbent on CIC 6 mentioned with reference to Figure 2.
    In another embodiment, a CIA of an equipment 7 and / or a CIC 6 are each produced in the form of a programmable logic component, such as an FPGA (from the English Field Programmable Gate Array), or else in the form of a dedicated integrated circuit, such as an ASIC (from the English Applications Specifies Integrated Circuit).
    It will be noted that the use of an encryption key telecommunication K_COM_i_0 (or the t th successive iteration: K_COM_i_t) is optional.
    The distribution of tasks between the CIT 8 and the CIC 6 as described above is configurable and modifiable, the CIC 6 being able in reality to carry out all of the tasks. Similarly, the distribution of tasks between the CIA.i and the EQPT.i described above is configurable and modifiable.
    权利要求:
    Claims (10)
    [1" id="c-fr-0001]
    1. - Cryptographic activation system (1) comprising an activation center (6,8) and a set of first equipment (s) (7), said activation center and equipment being connected by a telecommunications network, wherein each first device is adapted to encrypt, respectively decrypt, data according to a main encryption key, when said first device has said main decrypted encryption key, said activation system being characterized in that: each first device comprises a non-volatile memory storing a main encryption key encrypted by a first secondary encryption key and is suitable for, on a restart of the first device, generating a cryptographic activation request indicating an identifier of said first device and for transmitting said cryptographic activation request to the activation center via the network u telecommunications;
    the activation center is adapted to receive said activation request, to validate the activation request according to at least the identifier of the first device indicated in the request, and for, only if it has validated the request activation, generating an activation response message comprising said first secondary data key from the first equipment and for transmitting said activation response to the first equipment via the telecommunications network;
    said first device being adapted to receive the cryptographic activation response, to finalize its cryptographic activation by extracting the first secondary data key from the first device of said response, by decrypting said main encryption key stored in the memory with the first key secondary encryption extracted and thereby obtaining said main encryption key in clear for the encryption of data by said first equipment with said main key; said first equipment is further adapted to obtain a second secondary encryption key, to encrypt the main encryption key with said second secondary encryption key obtained, to store said encrypted main encryption key in non-volatile memory; and said first item of equipment being further adapted for, prior to decommissioning after said restart, delete from its non-volatile memory the main clear encryption key and the second secondary clear encryption key.
    [2" id="c-fr-0002]
    2. - cryptographic activation system (1) according to claim 1, in which each first device (7) is adapted to, on each restart of the first device, generate a cryptographic activation request intended for the activation center (6 , 8) for the transmission by the latter of the secondary encryption key having been used by the first device to obtain the encrypted main key stored on the non-volatile memory.
    [3" id="c-fr-0003]
    3. - cryptographic activation system (1) according to claim 1 or 2, wherein each first device (7) is further adapted to, before said restart, store in its non-volatile memory, its first secondary encrypted data key by an asymmetric encryption public key corresponding to its main encryption key encrypted by said first secondary encryption key;
    each first item of equipment being further adapted for, during the generation of the activation request, extracting from its non-volatile memory said first secondary data key encrypted by the public asymmetric encryption key previously stored and for inserting it into the request activation;
    the activation center (6, 8) being adapted to extract from the activation request received said first secondary data key encrypted by the public asymmetric encryption key, to decrypt it using a private encryption key asymmetric associated with said asymmetric public encryption key, the first secondary data key of the first device included in the activation response message generated by said center being said first secondary data key thus decrypted by the private key;
    each first item of equipment being further adapted to, before said restart, store in the non-volatile memory, the second secondary encryption key encrypted by the public asymmetric encryption key in correspondence with the main encryption key encrypted by said secondary encryption key.
    [4" id="c-fr-0004]
    4. - Cryptographic activation system (1) according to one of the preceding claims, in which each first item of equipment (7) is further adapted to encrypt all or part of the activation request and to decipher all or part of the response. activation using a symmetric communications encryption key; and in parallel the activation center (6, 8) is further adapted to encrypt all or part of the activation response and decrypt all or part of the activation request using said symmetric communication encryption key. .
    [5" id="c-fr-0005]
    5. - Cryptographic activation system (1) according to one of the preceding claims, further comprising second equipment (51, 52), in which the first equipment (41), the second equipment and the activation center ( 6,8) are organized in tree form having at the root said activation center, the first equipment (41) being the fathers of the second equipment, in which each second equipment is adapted to perform with respect to its first father equipment the operations described in the preceding claims as carried out by the first equipment vis-à-vis the activation center; and once its cryptographic activation has been carried out, each first device is then adapted to perform with respect to each of its second son devices, the operations described in the preceding claims as carried out by the activation center with respect to the first equipment.
    [6" id="c-fr-0006]
    6.- Equipment adapted to be connected by a telecommunications network to a cryptographic activation system (1) comprising an activation center (6,8), said equipment being adapted to encrypt, respectively decrypt, data as a function of a main encryption key, when said equipment has said decrypted main encryption key, characterized in that it comprises a non-volatile memory storing a main encryption key encrypted by a first secondary encryption key and is suitable for, a restart of the equipment, generating a cryptographic activation request indicating an identifier of said equipment and for transmitting said cryptographic activation request to the activation center via the telecommunications network;
    said equipment being adapted to receive a cryptographic activation response comprising said first secondary data key of the equipment originating from the activation center, to finalize its cryptographic activation by extracting from said response the first secondary data key of the equipment, by decrypting said main encryption key stored in the memory with the first secondary encryption key extracted and thereby obtaining said main encryption key in clear for encryption of data by said equipment with said main key; said equipment is further adapted to obtain a second secondary encryption key, to encrypt the primary encryption key with said second secondary encryption key obtained, to store said encrypted primary encryption key in non-volatile memory; and said equipment being further adapted to, prior to decommissioning after said restart, delete from its non-volatile memory the main clear encryption key and the second secondary clear encryption key.
    [7" id="c-fr-0007]
    7, - Equipment according to claim 6 adapted to be the father of at least one other equipment which is connected to it via the telecommunications network in the cryptographic activation system organized in tree form, said equipment being adapted to receive a request from 'cryptographic activation from the other equipment and indicating an identifier of the other equipment, to validate the activation request of the other equipment according to at least the identifier of the other equipment indicated in the request , and for, only if the equipment has finalized its own cryptographic activation and if it has validated the activation request, generate an activation response message comprising said first secondary data key of the other equipment and to transmit said activation response to the other equipment via the telecommunications network.
    [8" id="c-fr-0008]
    8. - Method of cryptographic activation in a cryptographic activation system (1) comprising an activation center (6,8) and a set of first equipment (s) (7) connected by a telecommunications network, said method being characterized in that it comprises the following stages:
    - storage by each first device of a main encryption key encrypted by a first secondary encryption key in a non-volatile memory of the first device;
    - on a restart of the first equipment, generation by the first equipment of a cryptographic activation request indicating an identifier of said first equipment and transmission by the first equipment of said cryptographic activation request to the activation center via the telecommunications network ;
    - reception by the activation center of said activation request, validation of the activation request by the activation center based on at least the identifier of the first device indicated in the request, and only if validated the activation request, generation by the activation center of an activation response message comprising said first secondary data key from the first equipment and transmission by the activation center of said activation response to the first equipment via the telecommunications network;
    reception by said first device of the cryptographic activation response, finalization of its cryptographic activation by extracting the first secondary data key from the first device of said response, by decrypting said main encryption key stored in the memory with the first key of secondary encryption extracted and thereby obtaining said primary encryption key in clear;
    - encryption, respectively decryption by each first piece of data equipment as a function of the main clear encryption key obtained;
    - Obtaining by said first equipment of a second secondary encryption key, encryption by said first equipment of the main encryption key with said second secondary encryption key obtained, then storage of said main encryption key encrypted by said first equipment in its non-volatile memory; and
    - prior to putting the first equipment out of service after said restart, deletion of its non-volatile memory of the main encryption key in the clear and the second secondary encryption key in the clear.
    [9" id="c-fr-0009]
    9. - Method of cryptographic activation according to claim 8, according to which at each restart of the first equipment, a cryptographic activation request intended for the activation center (6, 8) is generated for the transmission by the latter of the key. secondary encryption having been used by the first device to obtain the encrypted primary key stored on the non-volatile memory.
    [10" id="c-fr-0010]
    10. - Method of cryptographic activation according to claim 8 or 9, according to which the cryptographic activation system (1) further comprises second equipment (51, 52), and the first equipment (41), the second equipment and the activation center (6,8) are organized in tree form having at the root said activation center, the first devices (41) being the fathers of the second devices, comprising the following steps:
    - implementation by each second device, vis-à-vis its first father device, of the operations described in claims 8 or 9 as performed by the first device vis-à-vis the activation center; and
    - once its cryptographic activation has been carried out, implemented by each first device with respect to each of its second son devices, of the operations described in claims 8 or 9 as carried out by the activation center with respect to the first equipment.
    类似技术:
    公开号 | 公开日 | 专利标题
    EP3732818B1|2021-09-29|Method and system for cryptographic activation of a plurality of equipement items
    US10848317B2|2020-11-24|Systems and methods for trusted path secure communication
    EP2673732B1|2017-08-16|Secure transaction method from a non-secure terminal
    CN102624699B|2015-07-08|Method and system for protecting data
    CN1818920B|2010-05-12|Systems and methods for managing multiple keys for file encryption and decryption
    CN202795383U|2013-03-13|Device and system for protecting data
    EP3010175B1|2019-04-10|Replay of a batch of secure commands in a secure channel
    WO2016164275A1|2016-10-13|Security system for data communications including key management and privacy
    US8924711B2|2014-12-30|Hack-deterring system for storing sensitive data records
    CN101771699A|2010-07-07|Method and system for improving SaaS application security
    CN104462882A|2015-03-25|Software protection method, hardware encryption equipment and software protection system comprising hardware encryption equipment
    EP3306970A1|2018-04-11|Lpwa communication system key management
    CN104468562A|2015-03-25|Portable transparent data safety protection terminal oriented to mobile applications
    US20210028931A1|2021-01-28|Secure distributed key management system
    EP3222025B1|2020-09-02|Method for controlling access to a production system of a computer system not connected to an information system of said computer system
    CN103024734A|2013-04-03|Encrypting and decrypting method and encrypting and decrypting device for protecting Apk | from being installed by non-authorized mobile phones
    EP3014849B1|2018-08-01|Method for changing an authentication key
    FR2887717A1|2006-12-29|METHOD OF CREATING AN ECLATE TERMINAL BETWEEN A BASE TERMINAL AND SERIES-CONNECTED EQUIPMENT
    JP5945525B2|2016-07-05|KEY EXCHANGE SYSTEM, KEY EXCHANGE DEVICE, ITS METHOD, AND PROGRAM
    EP3828737A1|2021-06-02|Data exchange architecture comprising a plurality of connected objects with limited resources
    WO2014064096A1|2014-05-01|Method for downloading at least one software component onto a computing device, and associated computer program product, computing device and computer system
    CN113922956A|2022-01-11|Quantum key based Internet of things data interaction method, system, device and medium
    WO2019228853A1|2019-12-05|Method for establishing keys for controlling access to a service or a resource
    CN107979583A|2018-05-01|Method for interchanging data and device
    同族专利:
    公开号 | 公开日
    FR3076423B1|2020-01-31|
    EP3732818A1|2020-11-04|
    EP3732818B1|2021-09-29|
    WO2019129842A1|2019-07-04|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    WO2001074005A1|2000-03-29|2001-10-04|Hammersmith Wolfgang S|One-time-pad encryption with central key service and keyable characters|
    WO2005088891A2|2004-03-15|2005-09-22|Matsushita Electric Industrial Co., Ltd.|Encryption device and key distribution device and system|
    US20140079221A1|2012-09-14|2014-03-20|Red Hat, Inc.|Managing encrypted data and encryption keys|
    EP2775656A1|2013-03-04|2014-09-10|Thomson Licensing|Device for generating an encrypted key and method for providing an encrypted key to a receiver|
    JP6556706B2|2013-10-07|2019-08-07|フォーネティクス・エルエルシー|Systems and methods for encryption key management, collaboration, and distribution|
    US10630686B2|2015-03-12|2020-04-21|Fornetix Llc|Systems and methods for organizing devices in a policy hierarchy|
    US10965459B2|2015-03-13|2021-03-30|Fornetix Llc|Server-client key escrow for applied key management system and process|
    US10880281B2|2016-02-26|2020-12-29|Fornetix Llc|Structure of policies for evaluating key attributes of encryption keys|
    US11063980B2|2016-02-26|2021-07-13|Fornetix Llc|System and method for associating encryption key management policy with device activity|
    US10931653B2|2016-02-26|2021-02-23|Fornetix Llc|System and method for hierarchy manipulation in an encryption key management system|
    US10917239B2|2016-02-26|2021-02-09|Fornetix Llc|Policy-enabled encryption keys having ephemeral policies|
    US10860086B2|2016-02-26|2020-12-08|Fornetix Llc|Policy-enabled encryption keys having complex logical operations|
    WO2018140758A1|2017-01-26|2018-08-02|Semper Fortis Solutions, LLC|Multiple single levels of securityin a multi-tenant cloud|
    法律状态:
    2018-12-31| PLFP| Fee payment|Year of fee payment: 2 |
    2019-07-05| PLSC| Publication of the preliminary search report|Effective date: 20190705 |
    2019-12-30| PLFP| Fee payment|Year of fee payment: 3 |
    2020-12-28| PLFP| Fee payment|Year of fee payment: 4 |
    2021-12-30| PLFP| Fee payment|Year of fee payment: 5 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1701387A|FR3076423B1|2017-12-28|2017-12-28|METHOD AND SYSTEM FOR CRYPTOGRAPHIC ACTIVATION OF A PLURALITY OF EQUIPMENT|
    FR1701387|2017-12-28|FR1701387A| FR3076423B1|2017-12-28|2017-12-28|METHOD AND SYSTEM FOR CRYPTOGRAPHIC ACTIVATION OF A PLURALITY OF EQUIPMENT|
    PCT/EP2018/097071| WO2019129842A1|2017-12-28|2018-12-28|Method and system for cryptographic activation of a plurality of equipement items|
    EP18830871.2A| EP3732818B1|2017-12-28|2018-12-28|Method and system for cryptographic activation of a plurality of equipement items|
    [返回顶部]