Abstract: According to an example, a method and a secure element legitimacy verification of a node in a distributed network is provided. The distributed network comprises a plurality of nodes and a secure element, which are connected to a shared medium of the distributed network. Each of the plurality of nodes is provisioned with an identity certificate comprising a serial number. Each serial number is specific to the respective node. The secure element receives from one of the plurality of nodes a request for legitimacy verification including the serial number. The secure element compares the serial number included in the received request with a plurality of serial numbers comprises in a whitelist maintained at the secure element. The secure element transmits back to the requesting node a request response comprising an indication whether or not the serial number is comprised in the whitelist.

Abstract: A method of computing a message authentication code (MAC) for a message having a common part and an independent part using a constrained processor, including: performing a MAC function on the common part of the message using a first secret key to produce a first output; performing a pseudorandom function on the independent part of the message using a second key to produce a second output, wherein the computation time of the pseudorandom function is significantly less than the computation time of the MAC function; and combining the first output and the second output to produce a computed MAC for the message.

Abstract: A method is provided for authenticating a log message in a distributed network having a plurality of nodes coupled to a serial bus. In the method, a log session is started by a first device at a first node of the plurality of nodes. A first counter value is provided by the first device to the serial bus. A log message is generated by a second device at a second node of the plurality of nodes. A second counter value is generated by the second device. A log message payload is generated for the log message, wherein the log message payload includes a log message authentication code. A computation of the log message authentication code includes the first counter value and the second counter value. The second device does not store the first counter value in a non-volatile memory on the second device.

Abstract: The present application relates to a methodology of verifying secret keys in a distributed network comprising a plurality of nodes connected to a shared medium. Each node of the plurality of nodes is member of at least one group of a plurality of groups. Each group is associated with a secret group key. A verification request is broadcast to the plurality of nodes and verification responses broadcast from the plurality of nodes are received. Each verification response comprises one code sequence for each logical group, of which the broadcasting node is member. Each code sequence of the verification request is generated on the basis of a secret group key associated with a respective logical group from a predefined data sequence. The code sequences are collected and the integrity of the plurality of nodes is confirmed by comparing the code sequences.

Abstract: A method for providing an authenticated update in a distributed network is provided. The distributed network has a plurality of nodes coupled to a serial bus. The method begins with transmitting a credential from an external device to a first node. The update data and an authentication code are provided to a processor of a second node from the external device. The processor of the second node provides the update data and the authentication code to the transceiver of the second node. The authenticated update is finalized by the processor of the second node. The authenticated update is closed by the transceiver of the first node. The credential of the authenticated update is provided to the transceiver of the second node. The transceiver of the second node verifies the update data using the credential and the authentication code. After being verified, the authenticated update data is stored.

Abstract: A method for performing a secure boot of a data processing system, and the data processing system are provided. The method includes: processing a command issued from a processor of the data processing system, the command directed to a memory; determining that the command is a command that causes the memory to be modified; performing cryptographic verification of the memory; and incrementing a first counter in response to the determining that the command is a command that causes the memory to be modified. The data processing system includes a processor, a memory, and a counter. The memory is coupled to the processor, and the memory stores data used by a bootloader during a secure boot. The counter is incremented by a memory controller in response to a command being a type of command that modifies the data stored by the memory.

Abstract: The present application relates to a system hosting a monotonic counter and a method of operating the system. The system comprises a non-volatile memory (110) for holding a save counter value and a volatile memory (120) for maintaining a current counter value. The system (100) is configured during a startup phase to retrieve the saved counter value of the monotonic counter from the non-volatile memory (110); to detect whether a previous shutdown of the system (100) was an uncontrolled shutdown; and to adjust the retrieved counter value in accordance with a step size (130) provided at the system (100) in case an previous uncontrolled shutdown is detected.

Abstract: A method is provided for authenticating a log message in a distributed network having a plurality of nodes coupled to a serial bus. In the method, a log session is started by a first device at a first node of the plurality of nodes. A first counter value is provided by the first device to the serial bus. A log message is generated by a second device at a second node of the plurality of nodes. A second counter value is generated by the second device. A log message payload is generated for the log message, wherein the log message payload includes a log message authentication code. A computation of the log message authentication code includes the first counter value and the second counter value. The second device does not store the first counter value in a non-volatile memory on the second device.

Abstract: A method of computing a message authentication code (MAC) for a message having a common part and an independent part using a constrained processor, including: performing a MAC function on the common part of the message using a first secret key to produce a first output; performing a pseudorandom function on the independent part of the message using a second key to produce a second output, wherein the computation time of the pseudorandom function is significantly less than the computation time of the MAC function; and combining the first output and the second output to produce a computed MAC for the message.

Abstract: The present application relates to a methodology of verifying secret keys in a distributed network comprising a plurality of nodes connected to a shared medium. Each node of the plurality of nodes is member of at least one group of a plurality of groups. Each group is associated with a secret group key. A verification request is broadcast to the plurality of nodes and verification responses broadcast from the plurality of nodes are received. Each verification response comprises one code sequence for each logical group, of which the broadcasting node is member. Each code sequence of the verification request is generated on the basis of a secret group key associated with a respective logical group from a predefined data sequence. The code sequences are collected and the integrity of the plurality of nodes is confirmed by comparing the code sequences.

Abstract: The present application relates to a system hosting a monotonic counter and a method of operating the system. The system comprises a non-volatile memory (110) for holding a save counter value and a volatile memory (120) for maintaining a current counter value. The system (100) is configured during a startup phase to retrieve the saved counter value of the monotonic counter from the non-volatile memory (110); to detect whether a previous shutdown of the system (100) was an uncontrolled shutdown; and to adjust the retrieved counter value in accordance with a step size (130) provided at the system (100) in case an previous uncontrolled shutdown is detected.

Abstract: According to an example, a method and a secure element legitimacy verification of a node in a distributed network is provided. The distributed network comprises a plurality of nodes and a secure element, which are connected to a shared medium of the distributed network. Each of the plurality of nodes is provisioned with an identity certificate comprising a serial number. Each serial number is specific to the respective node. The secure element receives from one of the plurality of nodes a request for legitimacy verification including the serial number. The secure element compares the serial number included in the received request with a plurality of serial numbers comprises in a whitelist maintained at the secure element. The secure element transmits back to the requesting node a request response comprising an indication whether or not the serial number is comprised in the whitelist.

Abstract: A network node and a method of updating and distributing secret keys in a distributed network is suggested. The network comprises a plurality of nodes connected to a shared medium of the distributed network. Each node of the plurality of nodes is member of at least one group of a plurality of groups. Each group is associated with a secret group key. Each node of the plurality of nodes stores only the one or more secret group keys, of which it is member. A first node of the plurality of nodes generates an authenticated update key request. The authenticated update key request comprises an indication of a membership, of which the first node is member. The first node broadcasts the authenticated update key request on the shared medium of the distributed network. Each remaining nodes of the plurality of nodes receives the authenticated key update.

Abstract: A method and system of authenticating a node in a distributed network is provided. The distributed network comprises a plurality of nodes connected to a shared medium of the distributed network. Each of the plurality of nodes is provisioned with an identity certificate comprising a public key, a private key associated with the public key and an identification sequence. The identification sequence is unique to the system comprising the distributed network. A second node of the plurality of nodes generates a node authenticity related information for authenticating at a first node of the plurality of nodes. The node authenticity related information comprises a signature generated using the private key of the second node from a sequence, which comprises the identification sequence. The second node transmits the node authenticity related information together with the identity certificate provisioned at the second node to the first node.

Abstract: The present application relates to an apparatus and method of authenticating and verifying a message frame on a multi-master access bus with message broadcasting. Logic bus identifier, LID, are associated with each one of a several logical groups of nodes out of a plurality of nodes connected to the multi-master access bus. A key is assigned to each logical group. The keys assigned to different logical groups differ from each other. For message authentication, a logic bus identifier, LID is provided and a key associated with the logic bus identifier, LID, is retrieved. A cryptographic hash value, MAC, is generated using the retrieved key and based on at least the logic bus identifier, LID. A message frame is composed, which comprises the logic bus identifier, LID, and the cryptographic hash value, MAC. For message verification, a message frame is received, which comprises at least a logic bus identifier, LID, and a cryptographic hash value, MAC.

Abstract: A method of synchronising the reference clock of a first wireless device with a master reference clock of a second wireless device via a wireless network. The method involves transmitting, from the second wireless device to the first wireless device, a dedicated synchronisation frame via a dedicated synchronisation channel; receiving the dedicated synchronisation frame at the first wireless device; and synchronising the reference clock of the first wireless device with the master reference clock of the second wireless device based on the received dedicated synchronisation frame.

Abstract: A method of synchronising the reference clock of a first wireless device with a master reference clock of a second wireless device via a wireless network. The method involves transmitting, from the second wireless device to the first wireless device, a dedicated synchronisation frame via a dedicated synchronisation channel; receiving the dedicated synchronisation frame at the first wireless device; and synchronising the reference clock of the first wireless device with the master reference clock of the second wireless device based on the received dedicated synchronisation frame.