description

A secure processing a credential request The invention relates to a method, a registration authority, and a system comprising, inter alia, the Regis Trie ^¬ approximately instance to the secure processing a credential request, wherein the credential request is included in a transaction a block chain.

In industrial automation systems are such as digital certificates used within the context of security infrastructures credentials or Secu rity credentials, which are issued by certificate authorities, or so-called Certification Authorities. A digital certificate is used to prove identity to a third party by a device within the automation system. The certificate confirmed by a Signa ^¬ ture of the certification authority that is correct in the certificate con- tained information on an identity or a public key of the device or subject. Digital certificates thus confirming in particular the assignment of a public key to a subject such as a human user or device or Softwarepro- process. The certificate can be trusted as a central certificate authority exists which trust all users participating in the security infrastructure. The operation of such a central certificate infrastructure is expensive and the cost of a certificate are therefore high. At the same time numerous devices or processes on a certificate-based security solution are particularly aligned in industrial environments. An authentication takes place in particular with credentials or digital certificates.

Against this background, it is an object of the present invention to make the process a credential request or certificate request more efficiently and at the same time to ensure a secure processing so that allowable units issued a credential who can ^¬. This object is achieved by the features indicated in the independent claims. Advantageous embodiments are specified in the dependent claims.

The invention relates to a method for securely processed machining a credential request of a calculation ^¬ actuating proof requesting unit, which is included authorization ^¬ proof request in a transaction a block chain, wherein a registration authority, a check of a block chain data structure and secured by means of the block chain transaction carried out and in case of success ^¬ rich examination forwards the credential request to a cer ^¬ tifizierungsinstanz.

Under a credential request meant for example a certificate request in the subsequent, or a certificate revocation request. It is insbesonde ^¬ re to a record in which a requesting entity ei ^¬ nen identifier or identifiers or identifying name or identifying attributes and an associated public key confirmed eg by a cryptographically phical checksum, such as a Nachrichtenau- thentisierungscode or digital signature. In particular, a certificate request may be present comprising a subj ect-fier identity and a public key of the subject as a digitally signed transaction a block chain. With

Subject is commonly referred to the holder of a certificate and public key contained, for example, a device identified by the manufacturer, model or serial number, a computer system with network address, IP address, or URL, or a person by name or email address , Under a registration authority an instance is understood in the following, which should not be trusted by users because of a particular position. There is no particular a central certification authority associated registration authority. It is a particular remote device, which checks incoming credential requests and processes, and forwards to a certification ^¬ approximately instance. The certification authority may be a central unit, or there may be more decentralized certification zierungsinstanzen. According to the invention a common infrastructure for certificate requests can be utilized by a plurality of certification authorities with the block chain. The block chain technology implements a distributed, subtly ^¬ rale database in which transactions are protected against manipulation can be stored. For that transactions are stored in one block. In such a block chain data structure, a hash value of a predecessor gerblockes is stored next to one or more transactions. The protection is produced by a multi ^¬ plurality of trusted nodes in a block chain network which performs a so-called mining or validating blocks. In the network of participating in a chain block node at regular intervals, for example, al-le 10 minutes to form a new block and thereby the hash value of an existing block having deposited. In this micro ning process the validity of ^¬ be deposited in block transactions is checked. In addition, a so-called cryptographic puzzle is solved for which the mining nodes have to spend computing capacity. The expense is rewarded for example, by a certain amount in the crypto currency on which the block chain is based. The release of the cryptographic puzzle is also known as proof-of-work certificate. It is shown the solution of a rechenintensi- ven task which is to be released depending on the contents of a block. The chain of blocks is stored node at a plurality of block chain, there occurs a synchronization of the participating nodes. The information on the transactions is therefore redundant stored in the network.

Since all blocks are formed based on existing blocks by the hash value of the previous block is inserted into a new ^¬ en block, to form a chain. The transac ^¬ functions are thus protected against manipulation, as a chain up to an initial block, also called Genesis block, can be followed by the concatenation of the blocks. Since the transactions are available through the block chain network can be tracked, from which block in the chain, for example, a content of a transaction is no longer consistent with previous versions. The transactions are therefore protected against manipulation terlegt in each block verified Chain back. A modifying a transaction in a block that has been formed already at an earlier time in the network would be able to be tracked when a checksum is reconstructed on the existing blocks. Within a block chain network, which is public, and therefore, each node can not be trusted individually in a block by a third party node located in the network, in particular to carry out not an independent Mining is validated into ^¬ particular by the fact that a certain time after Create the block or a certain number of after

is awaited block blocks formed, until the chain is long enough that it can be trusted. For example, bil ^¬ det parallel another chain path that turns out to be untrusted, since the majority of bone th not verified the transactions of the blocks formed therein or a block, but instead forms more blocks in the trusted longer chain. For this, an attacker must not collectively have more computing power than the rest of the block chain, otherwise it could form through a loading deceptive own mining itself quickly enough lan ^¬ ge chains. A block chain data structure or a block includes transaction data and at least one hash value is formed in dependence on a previous block. Thus, a chain of transactions is formed. Once emerging in the chain transactions are no longer unobserved variable. The transaction data concerning a transaction or several transactions. In a block chain data structure, in particular a checksum of transaction data or this test ^¬ sum and other data such as a time stamp are included. For example, a checksum of Transakti ^¬ onsdaten, which consist of a plurality of transactions, is formed. For the checksum are particularly cryptographically phical hash functions are used. By so-called mining of the blocks against an incentive, wel ^¬ ches ^¬ will create, for example, by an amount of cryptocurrency ge, there is an interest of the decentralized network structure to confirm blocks as correctly or validation ^¬ reindeer, ie perform a mining. Where most of the computational capacity in such a distributed network free of attackers, that an attacker can not spend more blocks by mining, in particular more cryptographic puzzle lö ^¬ sen can, when taken together, the trusted node can a block chain of a certain length and par- particular a single block after a certain number in a path of the chain subsequent blocks are familiar.

Known block chain systems are Bitcoin and Ethereum. Currency ^¬ rend Bitcoin was originally create overall for cryptocurrency transfers, Ethereum is based on the integration of so-called smart Contracts. In a Smart Contract simplistic ^¬ disclosed conditions are secured by the block chain and the contract itself is handled by the network. The imple ^¬ zen of the contractual terms is associated carried led transactions controlled and provided in a programmed Smart Contract follow-up actions can be performed depending on it ^¬ folgter transaction. For non-public block chain systems also block chains are conceivable in which a mining without incentive leads Runaway ^¬ is because, for example, all nodes are trusted. The transaction data is not inserted in particular plaintext block in the chain, but it is formed for forming the transaction data, a hash value of the transaction. The transaction itself is also available in the block chain network. Thus, a check of the transaction by micro ning node or Miner can be performed. The transaction in plain text is thus distributed in the network and in particular, sent from a device to one or more block chain node.

Advantageously, the credential request is included in a transaction and the registration authority performs a check of a block chain data structure, as well as secured by means of the chain block transaction. The transaction and thus the credential request be backed by the block chain. In particular, the credential request can not be changed and information, afterward, which WUR communicated to the registration authority in the context of the credential request ^¬ are protected against manipulation in the block chain. If the transaction by the mining of blocks in the

Was added block chain data structure, the information of the credential request in the chain of the chain block ^¬ have been defined, at least as long as the block chain exists. the transaction can be trusted then if a check of the block chain data structure is successful, that is, when it can be assumed due to the existing in the block chain network block chain data structure thereof that a mining of the transaction or the block of the transaction is legal or valid. This is in particular checked by the length of a block chain or on the basis of a number of subsequent to a block of transaction blocks. In case of successful test, the credential request weitergelei tet ^¬ to a certification authority. The legality of the credential request is provided via a decentralized security infrastructure. An elaborate central authority, which must verify permissions or information behind a request, which accounts for an advantageous manner. Instead, a decentralized available in the network computing capacity is used, which is used by the so-called Mining node to perform against an originally promised compensation by the mining. This mining involves consuming review of Zertifikatsanfra ^¬ gen, which are now carried out on a decentralized basis centrally. Alternatively, the mining is carried out using Smart Contracts, which are also distributed within the block chain network and were self-validated by mining various blocks.

Administrative processes for issuing an authorization ^¬ proof, such as a digital certificate be significantly simplified. The elaborate checking a certificate request is moved into a block chain platform and thereby made checking a request by a registration authority much more efficient. At the same time security solution can be spent comparable with certificate-based authentication. Systems, facilities, or individual devices, which until now to use digital certificates need not be converted, and especially not block chain enabled. In particular, it is not necessary that, for example, a device to participate directly in a block chain platform and deposited an assignment of a public cryptographic key to an identifier. It may be a conventional PKI security used standardized infrastructure on the contrary ge ^¬ Mäss the same approach and it can accepted security technologies, such as certificate-based au- mation be used. Thus, the operation of a PKI is simplified and at the same cost of certificates will be reduced. Especially advantageous is the application of a relatively small number of required certificates, for example, some 10 or 100 required certificates for which a public key infrastructure with central certification authority does not expect. According to one embodiment, the certificate authority credentials, and makes this a client ready. The client is the requesting unit and möch ^¬ te a credential for yourself or a ande ren ^¬ subject, for example, an embedded system of a plant gain. The certification authority has the corresponding private key for signing the credential request. In a variant, the Ready ^¬ carried ask about the registration authority. For example, the communication relationship between a requesting device and the registration authority is used for transmission of the authorization verification request.

Advantageously, a so-called Certificate as a service mechanism can be introduced. Certificates which are issued by the certification authority are, for example, limited in time and for a renewed Sustainer ^¬ th of a valid certificate, a transmission of a new transaction is required. This transaction also involves the exchange of a crypto amount of money, so that a compensation of a block chain-based certificate issuance can be realized. Particularly for orders of magnitude in which to set up a central certification authority which makes itself reviewing the requests, is not worthwhile, it can still be offered a fee issuing a certificate. The certificate issued is adapted to the required service life, as a renewed request a certificate no longer takes place, for example after a GeWiS ^¬ sen period of time. According to one embodiment includes the transaction from a

Client created and credential request gehöri ^¬ ge information, particularly attribute information. For example, in the information, an identifier or a name of the credential requesting entity is transmitted. Further, a request to the ^¬ unit associated public cryptographic key is transmitted, for example.

According to one embodiment the verification of Blockchain- data structure by the registration authority comprises a checking a block chain length or preceding by a certified block and subsequent blocks. A registration authority may therefore rely on the trustworthiness of Transactio ^¬ nen contained in an established block chain. In return, the chain of blocks with the rele ^¬ vant transactions must have prevailed over optional other paths of the chain which as beispiels- were also created by faulty mining or by attackers. Checking by a local Re ^¬ gistrierungsinstanz is thus performed very efficiently in an advantageous manner. The elaborate checking a Be ^¬ emption proof request is transferred to the block chain, the de ^¬ centrally analyzed the transaction with the credential request. For example, this check is done using Smart Contracts whose safety is in turn based on the block chain. For example, preliminary tests are carried out to allow an examination of a request Berechtigungsnach- looking at successful completion of the preliminary examination is accelerated. For example, these preliminary comprises consuming Find identities or rollers and associated rights and obligations. According to an embodiment, the examination of the transaction by the registration authority comprises a checking data in the transaction to determine if a membership registration for instance, or to the associated one of said registration authority CA is recognizable. Thus be reviewed in an advantageous manner only the transactions and associated block chain sections which concern the Registrierungsin ^¬ substance. In another variant, a node can check the block chain, so he knows all valid, confirmed by the block Chain Trans cations. He then, for example, filters out those transactions be ^¬ meet him, for example, only the most recent transaction. If the current transaction in question it is complete and not only contains changes that he does not necessarily need such as the earlier transactions. There are more optimized method conceivable to identify relevant credential requests or Certificate Signing Re- quests. For example, heuristically sought. It is known that a request is sent at specific times, so selectively blocks and confirmed therein transactions can be searched, which lie in a corresponding period. According to another embodiment, a check of the transaction by the registration authority comprises a check to see whether the issuance of the calculation ^¬ actuating evidence for the requesting unit through the certifi- fizierungsinstanz is provided at least due to an option provided in the transaction cryptocurrency amount. Issuing a certificate is thus linked to how much money is offered in crypto-currency in the request.

It may be included in the transaction with the credential request further comprises a smart contract, which an

providing payment to the issuing certification authority. For example, criteria for acceptable or trusted certification authorities to ensure deposited. In such a scenario the issuance of the certificate can be done by multiple certificate authorities. Thus, it is an open market for public key infrastructure services reali ^¬ Siert.

According to one embodiment, an issuing a digital certificate or egg ^¬ nes Security token is in the Berechtigungsnachweis- request requested with a defined assignment of a subject to a cryptographic key or issue a revocation a digital certificate or a cancellation of a security tokens with a defined assignment of a subject to a cryptographic key. The at ^¬ inquiring unit is particularly the subject itself, game, a device, or is carried out at ^¬ by a configuration tool of an automation system, requesting respective certificates for different ver ^¬ devices. The request may relate to the issue of certificates and the revocation of certificates issued. Under a credential or certificate in particular an X.509 certificate, a device certificate, a user certificate or an attribute certificate is understood. All ^¬ mean it can involve a security token such as a Kerberos ticket, JSON Web Token or SAML token act, that is a confirmed by a cryptographic checksum an issuing instance data structure that includes a security information, such as a public key, or an attribute or an authorization or a role assigns a subject. Likewise rufsinformation a Zertifikatswider-, called a Certificate Revocation List, a certificate status information, a so-called Online Certificate Status Protocol Response short OCSP response, or certificate validity information, called a Certificate Whitelist are generated based on the transactions of the block chain and provided. For example, a certificate revocation list or certificate-White List is dependent on the check result of the block chain data structure is updated or it is a dependent thereon OCSP Response provided.

In one embodiment, a certificate issued by the certification authority's digital certificate or security token or a digital certificate issued revocation or security tokens is added as an extension of information that a block chain-based processing the credential request has been performed. Example ^¬ as adding a flag that the certificate chain block-based was issued. For example, a reference to the used block chain platform or block chain infrastructure or a reference of the transaction used to apply or block containing the transaction is entered. The process for applying for and exhibition of a certificate is thus comprehensible by third parties ^¬ bar and verifiable. Thus, an issued certificate then can be checked, which block chain transactions have led to issue the certificate. A trust ^¬ status of the certificate can be estimated einge- advantageously or adapted by markings.

In one embodiment, the registration authority considers further transactions in the examination of the transaction, in particular transactions with third-party information to the trustworthiness of a requesting entity. It can thus ^¬ additionally a mechanism be introduced that in addition to the successful testing of the block chain data structure a cross-certificate must be present in addition, which is secured in particular as ^¬ derum on the block chain, and the beispiels-, the trustworthiness and authority of the request ^¬ unit confirmed on a second path.

According to one embodiment, a Ausstelltransaktion of exhibiting the credential is formed and inserted into the block chain data structure, in particular based on the credential issued. A digital cerium ^¬ tificate is thus provided, for example, preferably also as a transaction, that is, the Certificate Authority generates, for example, a block chain transaction, which depends on the issued certificate. The transaction, for example, a Uniform Resource Locator, which contain short URL from which the certificate is loaded. Alternatively, the certificate itself is included in the transaction. The invention further relates to a registration authority for the secure processing a credential request of an Entitlement ^¬ proof requesting unit included in a transaction, suitable for testing a block chain data structure and secured by means of the block chain transaction and for passing on the credential request to a certification authority in case of a successful test ,

According to one embodiment, the registration authority is further adapted to validate data in the transaction to determine whether a belonging to the registration authority or the registration authority associated CA is recognizable.

According to one embodiment, the registration authority is further adapted for checking to see whether the issuance of the credential to the requesting unit by the certification authority is provided at least due to an option provided in the transaction cryptocurrency amount.

According to one embodiment, the registration authority is further adapted to generate an extension, which confirms a block chain-based processing the credential request, and for forwarding the extension to the certification authority for the integration in a flared credential. According to one embodiment, the registration authority is further adapted to take account of more transactions in the examination of the transaction, in particular transactions with third-party information to the trustworthiness of a requesting entity.

The invention further relates to a system comprising a re ^¬ gistrierungsinstanz according to the above embodiments and further comprises a certificate authority for issuing a credential and providing the credentials to a client.

According to one embodiment, the registration authority or the certification authority is further adapted to form a Ausstelltransaktion of exhibiting the credential so that the Ausstelltransaktion is insertable into the Blockchain- data structure, in particular based on the credential issued.

Registration authority and certification authority are units which may be in terms of hardware and / or software technology implemented. In a hardware implementation, the technical respective unit as a device or as part of a device, for example as

be designed computer or microprocessor. In a software implementation, the respective unit as a computer program product, as a function, as a routine, be formed as part of a program code or an executable object.

The invention will be using to exemplary embodiments ^¬ play based on the figures explained. In the drawings: Figure 1 is a schematic representation of a system of Ge ^¬ boards of an automation system with a re istration and a certificate authority according to a first embodiment of the invention; Figure 2 is a schematic representation of a data structure of a transaction according to a second embodiment.

In Figure 1 is shown schematically, as an automation network AN comprising a plurality of field devices Dl, D2, D3, and a device router D with a registration entity 10, and a certification authority 20 interact. The registration authority 10 as well as one or more of the devices Dl to D3 are mapped through a network NW with a block chain-platform, representative of three block chain node BN1, BN2, BN3, respectively. In the example described the device Dl to receive a certificate. For this, the device Dl sends a transaction Tl, which in particular contains an authorization request ^¬ detecting CSR, to the block chain network.

In another variant, the device Dl sends its entitle supply proof request CSR, the so-called Certificate Signing Request, to the registration authority 10, which forwards the transaction to the distribution in the block chain network NW.

Advantageously, a preliminary examination of the device Dl takes place at a time when an elaborate test does not fall on authorization of the device Dl or otherwise does not interfere. About this preliminary tests framework contracts will be completed, the device Dl by validating the block chain platform certain permissions for a certification katsanfrage in a Smart Contract confirm. In particular, the transmission of transactions done with the aim of achieving a Va ^¬ consolidation of transactions by the block chain, in advance to a process in which actually a certificate is requested. For example, the time at which a certificate is needed by a device Dl, sent by the device Dl a credential request CSR di ^¬ rectly to the registration authority 10 and containing the credential request, or refers to the best ^¬ Henden Smart Contract as a frame contract.

In a variant of a device router D is provided in the automation installation, which sends one or more devices Dl to D3, the certificate request messages to the registration authority 10 and which is also responsible in particular for transmitting the transactions over the block chain network.

The registration authority 10 checks whether the transactions relate to block chain itself or an associated certification instance twentieth She finds a valid entry with a request for a certificate which can be issued by the certification ^¬ approximately 20 instance, it carries the certificate contained in the Transaction Signing Request CSR to the CA 20 on. This only happens if the registration authority 10, the block chain or a section of the chain of the blocks formed, the

Transaction are in trusts. In particular, in the block chain platform to the block-based Bitcoin chain system or the work platform of the Ethereum-wetting. It is trusted that the computational capacity of benign Miner in the block chain exceeds a processing capacity of an attacker. Then, for example, a sufficient time to wait, so that a chain has stable gebil ^¬ det and a transaction in one of the blocks of the chain has been confirmed by a sufficient number of nodes to be valid, then the transaction is familiar. It can be any other mechanisms be provided, which enable a cross check of the transaction or the credential request contained therein by the CSR Registrierungsin ^¬ punch 10 in order to increase the security in the system on. For example, the transaction on a cryptographic checksum, which protects at least part of the transmembrane ^¬ action. It can be entered explicitly a digital signature, for example, which is signed by an operator with the corresponding private key. While this information example of block chain nodes that perform a mining, will be ignored, the registration authority 10 can evaluate this information for a cryptographically phical review of the requesting entity. This can also happen, and increased security as well as remote verification.

Supplied to the credential request CSR Informa ^¬ functions can be distributed among multiple transactions, such as a separate transaction per attribute. Example ^¬ as a separate transaction to confirm the TUTING available by a third party in the block chain network and is part of a block, for example a white ^¬ tere transaction application issuing the certificate is transmitted and can be validated separately. The decomposition tifizierungsinstanz 20 exhibits the appropriate credential corresponding to the forwarded by the registration authority 10 credential request CSR. It is, for example, a certificate or about or dismissals of a certificate. In the described Ausführungsbei ^¬ play, the certification authority 20, a transaction ready defining the issuance of the certificate. This transaction example, can be forwarded directly from the Certifi ^¬ katsinstanz 20 to the block chain network NW or the registration authority, which is coupled with the block chain network and receives the data of the block chain network via a network connection.

The certificate is, for example, by the certification authority 20 delivered directly to the device or to the automation ^¬ network or via the registration authority 10. In particular, certificate authority 20 and Regis Trie ^¬ instance approximately 10 are formed as a common unit. For example, in an industrial automation system in addition to a registration authority which receives the certificate requests of multiple devices, provided at least one Regist local ^¬ rierungseinheit that perform local tests of at ^¬ ask messages. Since, in the described exemplary embodiment the time-consuming check by local Instan ^¬ zen omitted, the local registry instances can be canceled and only one registration authority 10 regulates the certificate issuing means of the exchange with the block chain.

In Figure 2, a transaction T is illustrated according to a second embodiment of the invention. For example, the following entries in the transaction include: An identifier ID is specified as "Subject: Siemens

SiABC; VI .3; SN = 3175438 ", a public key KEYPUB is indicated as" Public Key Device:

3A76E21876EFA03787FD629A65E9E990 ... as attributes AI, A2 and A3 are given an encryption algorithm, "Algorithm: ECC" As used curve for the ECC algo- rithm is indicated. "Curve: brainpoolPl 60RL". As Device Identifier Commissioning is indicated

. "ProtectionSwitch037E" In addition, the Berechtigungsnach- is looking requesting CSR included a "Certificate Request:

certFormat: X.509v3; certProfile: IEC6235; CA: Very Secure ".

Although the invention in detail by the embodiments has been illustrated and described in detail, the invention is not limited by the disclosed examples and variations ^¬ re variations can be derived therefrom by the skilled artisan without departing from the scope of the invention.