| 摘要 |
The invention relates to secure distribution of a private key (K) from a distributing unit (1) to a receiving unit (2), and is based on providing each of the distributing unit and the receiving unit which a protecting circuit holding an original private key unique for the protecting circuit. The protecting circuit (20) of the receiving unit (2) is associated with a certificate (CERT 2) holding information on the type of the protecting circuit. The protecting circuit (10) of the distributing unit requests this certificate to verify the authenticity by using a public key, of a certificate authority, stored in the protecting circuit (10). Next, the protecting circuit (10) determines, based on the type information of the certificate, whether the protecting circuit (20) of the receiving unit represents a type of circuit that is acceptable for protecting the private key (K) to be distributed. If the protecting circuit is found to be acceptable, the private key is encrypted and transmitted thereto. The received key is decrypted and stored in the protecting circuit of the receiving unit. In this manner, the private key is protected during transfer and may be distributed to and securely protected in one or more receiving units.
|
