发明名称 |
System and method for secure communication of components inside self-service automats |
摘要 |
Method to secure the communication of components within self-service automats that are linked to each other by a bus system, having a transmitter and a receiver, characterized in that data are exchanged as tupels (C,A,R,N,Z) on the transport layer of the bus system where
C are the message data M encrypted with an encryption key,A are the message data M authenticated with an authentication key,R represents the role of a component on the bus system of active or passive participants,N represents a message counter,Z represents a session counter. |
申请公布号 |
US9331850(B2) |
申请公布日期 |
2016.05.03 |
申请号 |
US201414202664 |
申请日期 |
2014.03.10 |
申请人 |
Wincor Nixdorf International, GmbH |
发明人 |
Krummel Volker;Nolte Michael;Runowski Matthias;Bloemer Johannes |
分类号 |
H04K1/06;H04L9/08;G06F21/60;G06Q20/38;G07F19/00;G06F21/72 |
主分类号 |
H04K1/06 |
代理机构 |
Harness, Dickey & Pierce, P.L.C. |
代理人 |
Harness, Dickey & Pierce, P.L.C. |
主权项 |
1. A method for securing communication of components inside a self-service automat that are connected to each other by a bus system, with a transmitter and a receiver, comprising:
encrypting data as tuples (C,A,R,N,Z, {circumflex over (N)}, {circumflex over (Z)}) by a first computing unit including memory and configured to process data; transmitting data as tuples (C,A,R,N,Z, {circumflex over (N)}, {circumflex over (Z)}) from the transmitter to the receiver on a transport layer of the bus system; receiving data as tuples (C,A,R,N,Z, {circumflex over (N)}, {circumflex over (Z)}) at the receiver; and decrypting data received as tuples (C,A,R,N,Z, {circumflex over (N)}, {circumflex over (Z)}) with the first computing unit or a second computing unit including memory and configured to process data; wherein:
C are message data M encrypted with an encryption key;A are message data M authenticated with an authentication key;R represents a participant role of a component on the bus system of active or passive participants;N represents a message counter;Z represents a session counter;{circumflex over (N)} is a message counter for Δ-last messages N;{circumflex over (Z)} is a last session counter for Δ-last messages;the session counters Z and {circumflex over (Z)} are configured to change the encryption key for different sessions; andfor each session the session counter {circumflex over (Z)} for Δ-last messages is transmitted and considered and the session counter Z is transmitted and not considered; the method further comprising:
allowing Δ-last messages to be lost during exchange of the data without informing an application layer;transmitting from the transmitter to the receiver a pair ({circumflex over (Z)}, {circumflex over (N)}) as a current session counter; andchecking the received data for accuracy at the receiver. |
地址 |
DE |