Security modules in the form of chip cards or in the form of PC plug-in cards, for example, have become available in the field of data security. Such security modules include a secure area where an electronic secret, for example, a cryptographic key, may be stored safely. Further, cryptographic computational processes are executed in the secure area of the security module, so that the cryptographic key to be kept secret need never leave the security module.
In the encoding and personalization of security modules in the field of data security it must be ensured that a security module is unique and that its safety-relevant information cannot be copied. The quality and the security level of such security modules are verified by the manufacturer with the aid of third party security evaluations according to specified guidelines. The “Information Technology Security Evaluation Criteria” (ITSEC) or the “Common Criteria for IT Security Evaluation” provide standardized guidelines.
Applications that use such security modules for the electronic signature, for example, likewise demand security evaluations and the uniqueness of security modules.
In order to use security modules for safety-relevant applications, for instance, to conduct electronic bank transfers from a PC, it must be ensured that the secret information is able to be input into the security module in a secure manner. This operation may also be referred to as “encoding of the security module”.
The manufacturer usually provides the security modules in evaluated form. The encoding and personalization of a security module, i.e., ensuring the uniqueness of a security module, must take place in a secure environment. The secret information required for encoding a security module, such as a cryptographic key, is generated in a separate key generator whose level of quality and security must be evaluated as well.
When inputting, i.e., while encoding the secret information, into the security module, there is the risk that the information is monitored during the communication and subsequently used to duplicate a security module.
The copy protection is realized with the aid of organizational guidelines and the use of evaluable systems in especially secure application environments such as a trust center or other trustworthy entities. The overall system used to personalize and encode security modules and to generate the secret information required for the encoding must likewise be evaluated appropriately. The use of conventional systems therefore requires an environment that is especially secure and prevents a physical separation of the processes for personalization, encoding and generating secret information to ensure the uniqueness of a security module.