1. Field of the Invention
The present invention relates to a method for cryptographically processing data which are exchanged between a first unit, for example a tester, and a control unit which is provided for a motor vehicle. The present invention further relates to a system for carrying out the method.
2. Description of the Related Art
Control units are electronic modules which are used in motor vehicles, for example, to control and regulate processes. For this purpose, the control units are assigned to components of the motor vehicle, whose operation is monitored with the assigned control unit. For this purpose, the control unit reads in data detected by sensors and influences the operation by activating actuators.
The described method may be used in conjunction with an electronic security module, which is used in a control unit, in particular in the automotive field, in safety-relevant areas. In the majority of applications in the safety-relevant areas, the non-manipulatable or non-viewable storing of data is an essential requirement. Cryptographic keys are used in this process, which are used in symmetric or asymmetric encryption methods.
The used keys and encryption methods represent secrets which must be kept secret from attackers. Other applications in safety-relevant areas relate, for example, to the protection against unauthorized modification, for example the storing of modified serial numbers or odometer readings, the suppressing of unauthorized tuning measures, and the like.
It is therefore necessary to provide secure environments in control units, in which functions may be carried out which must view and/or modify these secrets. These environments regularly include a secure central processing unit or CPU, which is also referred to as secure CPU, and a memory module. Such an environment is referred to herein as a hardware security module (HSM). This represents an efficient module having hardware and software components, which improves the protection and the trustworthiness of embedded systems. In particular, the HSM provides support in protecting safety-critical applications and data. An HSM may also be used to reduce the security costs, while offering effective protection against attackers at the same time. Reference is made to FIG. 3 with respect to the fundamental configuration of an HSM.
A tester herein refers to a test environment which is used to test the operability of a control unit. For this purpose, the tester transmits a software application, in particular a software application present in a container, to the control unit.
It should be noted that confidential data and code sequences, for example for data input, may be easily read out from unencrypted software containers. To avoid this, it was suggested to encrypt the data prior to transmission. In known methods, it is provided to transmit the encrypted data together with the key in a software container. The key which is required for encryption is thus present in relatively unsecure form, which results in an impairment of the security of the data.
It should be noted that presently no all-encompassing method is available for encrypting a software container from the creation to the decryption of software containers in the control unit.