公开(公告)号：US20240214370A1

公开(公告)日：2024-06-27

申请号：US18069396

申请日：2022-12-21

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Patrick Kresmer ,  Andreas Graefe

IPC: H04L9/40

CPC classification number: H04L63/083

Abstract: The described techniques address issues associated with current secure in-vehicle communication systems, which are required to generate subkeys per each encoded data transmission/reception. These encoded data transmissions/receptions may be in accordance with several different in-vehicle communication protocols, and the requirement of such protocols to generate the subkeys “on-the-fly” may lead to significant processing overhead and latency. The embodiments provided herein address the issue of subkey generation by using a predetermined function to pre-calculate and store the subkeys that are to be used for future encoded data message transmissions/receptions. In this way, the time and overhead required to generate the subkeys may be better and more efficiently managed.

公开(公告)号：US12099638B2

公开(公告)日：2024-09-24

申请号：US17403075

申请日：2021-08-16

Applicant: Infineon Technologies AG

Inventor： Avni Bildhaiya ,  Viola Rieger ,  Frank Hellwig ,  Alexander Zeh

IPC: G06F21/74 ,  G06F21/50 ,  G06F21/55 ,  G06F21/62 ,  G07C5/08

CPC classification number: G06F21/74 ,  G06F21/50 ,  G06F21/554 ,  G06F21/62 ,  G07C5/0808

Abstract: A security hardware device is configured to secure a control apparatus. The security hardware device includes a data security domain; a functional safety domain; a data security processor provided in the data security domain and is configured to secure data from unauthorized access or manipulation; a functional safety processor provided in the functional safety domain and is configured to detect functional errors and generate respective safety alerts in response to detecting the functional errors; and a monitoring processor configured to analyze the respective safety alerts provided by the functional safety processor for at least one pattern of safety alerts indicative of a security attack and generate a response signal in response to the respective safety alerts having at least one of the at least one pattern of safety alerts.

公开(公告)号：US11914708B2

公开(公告)日：2024-02-27

申请号：US17665844

申请日：2022-02-07

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Avni Bildhaiya

IPC: G06F21/56 ,  G06F21/55

CPC classification number: G06F21/56 ,  G06F21/554

Abstract: A redundancy system includes a first computational device and a second computational device each configured to receive at least one input and to generate a first output and a second output, respectively, based on the at least one input; a random sequence generator configured to generate a random bit sequence; a random delay selector configured to determine a random delay based on the random bit sequence; a first random delay circuit configured to delay outputting the at least one input to the first computational device based on the random delay; a second random delay circuit configured to delay outputting the second output based on the random delay; and a fault detection circuit configured to receive the first output and the delayed second output, and to generate a comparison result based on comparing the first input to the delayed second output.

公开(公告)号：US11374758B2

公开(公告)日：2022-06-28

申请号：US16395783

申请日：2019-04-26

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Vivin Richards Allimuthu Elavarasu ,  Eric Pihet

IPC: H04W12/10 ,  H04L9/32 ,  H04W12/02

Abstract: A transceiver is disclosed including a transmitter designed to output a first signal according to a physical communication protocol, and to output a second signal comprising at least one cryptographic datum. The first and the second signal may be overlaid onto one another as an overlay signal at the output of the transceiver, and may comply with the physical communication protocol. The overlay signal may be received and processed by a receiver.

公开(公告)号：US11283598B2

公开(公告)日：2022-03-22

申请号：US16257840

申请日：2019-01-25

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Marcus Janke

IPC: H04L9/06 ,  H04L29/06

Abstract: A data message authentication system in a vehicle communication network includes a sequence generator configured to generate a sequence representative of an intra-message pattern; a parsing processor configured to receive a data message, receive the sequence from the sequence generator, select a subset of data segments from the data message based on the intra-message pattern, and output the selected subset of data segments; and a tag generator configured to receive the selected subset of data segments from the parsing processor and generate an authentication code based on the selected subset of data segments, where the authentication code corresponds to the data message.

公开(公告)号：US10972268B2

公开(公告)日：2021-04-06

申请号：US16134202

申请日：2018-09-18

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Viola Rieger

IPC: H04L9/00 ,  H04L9/08 ,  G06F21/72

Abstract: A Cryptographic Unit (CU) of a microcontroller, the CU including a first accelerator configured to generate first encrypted output data based on input data; and a second accelerator which is configured to be diversely implemented with respect to the first accelerator, and is configured to generate second encrypted output data based on the input data; and a comparator configured to compare a first comparator data obtained from the generation of the first encrypted output data with a second comparator data obtained from the generation of the second encrypted output data, and if the comparison indicates that the first and second comparator data differ, output an event signal pertaining to an event in a safety domain or a security domain.

公开(公告)号：US20220255963A1

公开(公告)日：2022-08-11

申请号：US17597460

申请日：2020-06-16

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Harald Zweck

IPC: H04L9/40 ,  H04L9/06 ,  H04L12/40

Abstract: The present disclosure relates to authenticity and data security for bus based communication networks in a vehicle. The present disclosure teaches a protocol frame, a sender on data link layer, and a receiver on data link layer providing such authenticity and data security as well as a communication network in a vehicle employing the protocol frame, the sender and the receiver according to the present disclosure.

公开(公告)号：US11388156B2

公开(公告)日：2022-07-12

申请号：US16697404

申请日：2019-11-27

Applicant: Infineon Technologies AG

Inventor： Veit Kleeberger ,  Alexander Zeh

IPC: H04L9/40 ,  H04L9/32 ,  H04L67/12

Abstract: A method for providing a Proof-of-Work concept in a vehicle is provided. The vehicle includes a network including at least three control units, where a first control unit sends a first message to a second control unit, the second control unit sends a second message including the first message to a third control unit, and the third control unit determines a Proof-of-Work for the second message based on at least one vehicle-specific characteristics of the network. Also, an corresponding system as well as a vehicle including such system are provided.

公开(公告)号：US11374740B2

公开(公告)日：2022-06-28

申请号：US16818830

申请日：2020-03-13

Applicant: Infineon Technologies AG

Inventor： Alexander Zeh ,  Anjana Ramamoorthy

IPC: H04L9/08 ,  H04L9/32

Abstract: A bus-based communication system, may include a communication bus connecting a plurality of nodes. A first node, of the plurality of nodes, may receive a first message on the communication bus, the first message having been broadcast on the communication bus by a second node of the plurality of nodes. The first message may include a modular exponentiation associated with a private key of the second node. The first node may compute a shared secret key, associated with the plurality of nodes, based at least in part on the modular exponentiation and a private key of the first node.

公开(公告)号：US11227072B2

公开(公告)日：2022-01-18

申请号：US16108505

申请日：2018-08-22

Applicant: Infineon Technologies AG

Inventor： Avni Bildhaiya ,  Viola Rieger ,  Frank Hellwig ,  Alexander Zeh

IPC: G06F21/74 ,  G06F21/55 ,  G06F21/50 ,  G06F21/62 ,  G07C5/08

Abstract: The present disclosure relates to a security device, a system, and a method for securing a control apparatus. The security device includes a data security unit which is configured to secure data, data communication and information, and includes a first security component inside the data security unit to operate in a first operating mode, and at least one first monitoring unit to operate in a high-availability mode which, said first monitoring unit being configured to detect a fault present in the first security component. The high-availability mode is different from the first operating mode. The security device further includes a second security component which is configured to operate in the high-availability mode and to output a first response signal if a fault is detected by the first monitoring, where the high-availability mode is available independently from the first operating mode.