| CPC H04L 9/3268 (2013.01) [H04L 9/30 (2013.01); H04L 9/3263 (2013.01); H04L 63/0823 (2013.01); G06F 21/33 (2013.01); H04L 2209/84 (2013.01)] | 23 Claims |
|
1. An offline-capable copy protection method for an electronic system having at least one central or superordinate electronic unit and having at least one component which interacts with the electronic unit, in which at least one public-key infrastructure having at least one certification authority is used, wherein the certification authority issues respectively associated certificates including at least one first certificate for the electronic unit on the basis of an identification feature of the electronic unit and at least one second certificate for the at least one component on the basis of an identification feature of the at least one component, the method comprising:
transmitting at least the identification feature of the electronic unit that is used to issue the at least one first certificate to the certification authority via a transmission path that is independent from electronic data connections of the electronic unit,
loading a specific public key of the at least one public-key infrastructure and a specific private key of the at least one public-key infrastructure onto the electronic unit when producing the electronic unit or when configuring the electronic unit, wherein the specific public key is stored in write-once memories of the electronic unit, and wherein the specific private key is stored in write-once memories of the electronic unit in a protected manner such that it cannot be read, and
mutually checking, in order to check authenticity at least of the at least one component by means of the electronic unit, the respectively associated certificates including the at least one first certificate and the at least one second certificate, wherein at least the at least one first certificate is premade offline and is loaded onto the electronic unit offline, when producing the electronic unit or when configuring the electronic unit, or wherein at least the at least one second certificate is premade offline and is loaded onto the at least one component offline, when producing the at least one component or when configuring the at least one component.
|