Abstract: The invention relates to a booting device (2) for a computer element (1) for booting the computer element (1), wherein the booting device (2) comprises a memory unit (3) for storing a protection code (4), and a protection unit (5) for checking the integrity of a software component (6) of the computer element (1) based on the protection code (4), wherein the booting device (2) is suitable for executing the software component (6) to boot the computer element (1), wherein the protection code (4) can be at least partially changed from outside the booting device (2). The protection code, which serves to check the integrity of a booting process, can be changed and/or updated from outside the booting device, e.g. by a user.

Abstract: Provided is a control system, with which, for example, the execution of smart contracts in blockchains can be improved.

Abstract: Provided is a method for operating a distributed database system having distributed node devices for providing interlinked data blocks, in particular in the style of a blockchain, that document transactions between subscribers, wherein transactions between subscribers are protected by transaction data and a cryptographic signature process, involves the cryptographic signature process being defined for each transaction in order to protect the respective transaction, wherein signature information identifying the defined cryptographic signature process is part of the transaction or part of a performance request for the transaction. For each transaction, signature data are then calculated using the defined cryptographic signature process for at least some of the transaction data or the hash value thereof, and the signature data are added to the transaction data.

Abstract: The disclosure relates to a method and a device for authenticating an FPGA configuration. The method includes at least partly reading the configuration of a FPGA by the FPGA itself and calculating a first checksum using the read configuration. The method further includes providing an authentication response which confirms that the FPGA configuration is authentic when the first checksum matches a specified checksum, wherein the reading, calculating, and providing are carried out in an obfuscated manner. The authentication response confirming that the FPGA configuration is authentic is not provided or is only provided with a very low degree of probability when the first checksum and the specified checksum do not match. In this regard, an FPGA may check its own configuration.

Abstract: For a user of a distributed database (100) which has a first identity, transaction data (120) of a transaction is stored in the distributed database (100). The transaction links the first identity to a second identity.

Abstract: An automated system is provided. Examples of automated systems include processors for calculation which implement a secure boot process based on the plurality of numbers; chip cards for authentication; telecommunication equipment; programmable logic controllers, control devices for railways, etc. The operation is controlled depending on whether a sequential test for randomness of a plurality of numbers from a physical random number generator is marked as failed. This has the advantage that an online-test for integrity of the plurality of numbers is possible at a high accuracy and low latency.

Abstract: An automated system is provided. Examples of automated systems include processors for calculation which implement a secure boot process based on the plurality of numbers; chip cards for authentication; telecommunication equipment; programmable logic controllers, control devices for railways, etc. The operation is controlled depending on whether a sequential test for randomness of a plurality of numbers from a physical random number generator is marked as failed. This has the advantage that an online-test for integrity of the plurality of numbers is possible at a high accuracy and low latency.

Abstract: The invention relates to a method and an apparatus for designing a circuit suitable for generating random bits and to a circuit for generating random bits. A random bit string which is used as a binary random number is generated, for example. The proposed method and the apparatus as well as the circuit are used to implement random number generators, for example. A jth specific function from a set of bijective mappings is selected as the jth function, wherein the jth specific function carries out a jth fixed-point-free mapping. At least one ith mapping device is then selected. An ith specific function from a set of bijective mappings is assigned to the ith function, with the result that an ith concatenation of the i functions carries out an ith fixed-point-free mapping.

Abstract: A method for recognizing a manipulation of at least one electrical line includes determining a parameter that is dependent on a resistance and a capacity, a resistance and an inductivity, or a resistance, a capacity, and an inductivity of the electrical line; comparing the determined parameter to a reference parameter to provide a comparison result; and recognizing a manipulation of the electrical line based on the provided comparison result.

Abstract: The invention relates to an RFID tag, which comprises a receiving means, a first and a second verification means, and a transmitting means. The receiving means is designed to receive a challenge message sent by an RFID reading device. Said challenge message comprises a challenge data set, which has a digital certificate issued for the RFID reading device by a certification authority and signed by means of a private key of the certification authority and which has a request message, and a digital signature at least of the request message, which digital signature is generated by means of a private key of the RFID reading device. The first verification means is designed to verify the digital certificate by means of a public key of the certification authority. The second verification means is designed to verify the digital signature by means of a public key of the RFID reading device.

Abstract: A method and system for accelerated decryption of a cryptographically protected user data unit, wherein a transmitter initially generates a cryptographic key that is provided with a related key identification. The transmitter then performs asymmetrical encryption of the generated cryptographic key using a public cryptographic key and encryption of at least one user data unit using the generated cryptographic key. The encrypted user data unit, the asymmetrically encrypted cryptographic key and the related key identification of the cryptographic key are transported to a receiver that decrypts the received asymmetrically encrypted key using a private key, if verification of the received related key identification of the cryptographic key indicates the cryptographic key is not present in a decrypted state in the receiver. The receiver then decrypts the received cryptographically encrypted user data unit using the cryptographic key in the receiver or with the cryptographic key decrypted using the private key.

Abstract: A method and system for confidentially providing a software component which is encrypted using a secret cryptographic key of a software component manufacturer, and the key is then encrypted using a first cryptographic system key, wherein the encrypted software component and the encrypted key are transported by the software component manufacturer to a destination system device. After decrypting the transported encrypted key using a second cryptographic system key, the transported encrypted software component is decrypted using the decrypted key, wherein the decrypted software component is provided for execution on the destination system device. The method can be used to protect source codes or object codes of a developed software component from access by a third party and still allows for processing using standard tools.

Abstract: The invention relates to a method and an apparatus for designing a circuit suitable for generating random bits and to a circuit for generating random bits. A random bit string which is used as a binary random number is generated, for example. The proposed method and the apparatus as well as the circuit are used to implement random number generators, for example. A jth specific function from a set of bijective mappings is selected as the jth function, wherein the jth specific function carries out a jth fixed-point-free mapping. At least one ith mapping device is then selected. An ith specific function from a set of bijective mappings is assigned to the ith function, with the result that an ith concatenation of the i functions carries out an ith fixed-point-free mapping.

Abstract: A method and a system for naming-conflict-free integration of software components originating from software component manufacturers (OEM), comprising software development devices from different software component manufacturers (OEM) that manufacture and encrypt software components with the respective cryptographic key, wherein when a naming conflict occurs during the integration of encrypted software components, at least one of the encrypted software components in which the naming conflict occurred is expanded by a naming conflict resolution rule to thereby allows for the resolution of naming conflicts in encrypted software components that can originate from different software component manufacturers without the source code of the software components becoming visible to third parties.

Abstract: An apparatus for generating random bits includes a plurality of mapping devices. A respective mapping device is configured to map a predefined number of input signals, with the aid of a combinatorial mapping, into a predefined number of output signals. The plurality of mapping devices are concatenated with one another, and at least one combinatorial mapping is configured such that a state change of an input signal of a respective mapping device is mapped on average onto more than one output signal of the respective mapping device. No feedback loop is present such that a state change of at least one feedback output signal of a specific mapping device is fed as a state change of at least one input signal to another mapping device such that one or a plurality of output signals of the specific mapping device is influenced by the state change of the feedback output signal.

Abstract: The invention relates to an RFID tag, which comprises a receiving means, a first and a second verification means, and a transmitting means. The receiving means is designed to receive a challenge message sent by an RFID reading device. Said challenge message comprises a challenge data set, which has a digital certificate issued for the RFID reading device by a certification authority and signed by means of a private key of the certification authority and which has a request message, and a digital signature at least of the request message, which digital signature is generated by means of a private key of the RFID reading device. The first verification means is designed to verify the digital certificate by means of a public key of the certification authority. The second verification means is designed to verify the digital signature by means of a public key of the RFID reading device.

Abstract: A method for recognizing a manipulation of at least one electrical line includes determining a parameter that is dependent on a resistance and a capacity, a resistance and an inductivity, or a resistance, a capacity, and an inductivity of the electrical line; comparing the determined parameter to a reference parameter to provide a comparison result; and recognizing a manipulation of the electrical line based on the provided comparison result.

Abstract: An apparatus for generating random bits includes a plurality of mapping devices. A respective mapping device is configured to map a predefined number of input signals, with the aid of a combinatorial mapping, into a predefined number of output signals. The plurality of mapping devices are concatenated with one another, and at least one combinatorial mapping is configured such that a state change of an input signal of a respective mapping device is mapped on average onto more than one output signal of the respective mapping device. No feedback loop is present such that a state change of at least one feedback output signal of a specific mapping device is fed as a state change of at least one input signal to another mapping device such that one or a plurality of output signals of the specific mapping device is influenced by the state change of the feedback output signal.

Abstract: A device generates a random bit sequence with a digital ring oscillator circuit comprising logic components. The circuit has an input node and an output node, wherein the digital ring oscillator circuit is designed such that oscillation occurs during a change of state of a logic start signal coupled on the input node, said oscillation having a fixed point, and wherein on the output node a random signal can be tapped having an arbitrary level curve.

Abstract: A random source for generating a random number r with a bit length k, r=r0, . . . , rk-1, a memory for storing a threshold value state variable s, which is represented by a number with a bit length n?k, s=s0, . . . , sn-1, and a comparator to compare two numbers with a bit length k, i.e. from r with a subset of the bits from s are provided. Two calculation rules R1 and R2, which are able to change the content of the memory for the threshold value state variable s (i.e. functions from s to s), are defined for a method of generating random wait states.