Method and communication system for data transmission

By transparently transmitting the encrypted connection key in encrypted communication and having it decrypted by a third party, the challenges of data archiving and inspection in encrypted communication are solved, achieving a balance between security and compliance.

CN115428402BActive Publication Date: 2026-06-19SIEMENS MOBILITY GMBH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SIEMENS MOBILITY GMBH
Filing Date
2021-03-15
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

In encrypted communications, existing technologies struggle to effectively archive and inspect data streams, especially while meeting legal and compliance requirements. In particular, when data communications are encrypted, they fail to meet the needs of data storage and malware inspection.

Method used

By negotiating a connection key between communication partners, encrypting it with an additional key, and transparently transmitting it in the unencrypted portion, a third party acts as an archive point or checkpoint to decrypt and archive data packets, ensuring the integrity of end-to-end encryption.

Benefits of technology

It achieves data archiving and malware detection that meet legal requirements without compromising communication security, reduces bandwidth consumption and methodological steps, is compatible with existing systems, and complies with privacy rules such as GDPR.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115428402B_ABST
    Figure CN115428402B_ABST
Patent Text Reader

Abstract

In one embodiment, the method includes the steps of: A) establishing a data connection (3) between a first communication partner (11) and a second communication partner (12) using a connection key (2); B) encrypting the connection key (2) for the data connection (3) using an additional key (4) through the first communication partner (11) and / or through the second communication partner (11, 12); and C) sending a message (5) from the first communication partner (11) to the second communication partner (12), the message containing an unencrypted portion (51) and a portion (52) encrypted using the connection key (2), wherein the unencrypted portion (51) of the message (5) contains the connection key (2) encrypted using the additional key (4).
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention describes a method for data transmission. Furthermore, this invention describes a communication system. Summary of the Invention

[0002] The technical problem to be solved by the present invention is to describe a method for data transmission, which, in the case of encrypted communication, allows a third party to efficiently record and inspect the data stream.

[0003] This technical problem is solved, among other things, by a method and communication system for data transmission having the features of the independent claims. Preferred extensions are the subject of the dependent claims.

[0004] In the method described herein, communication takes place between two communication partners, wherein the data connection between the communication partners is cryptographically protected. A key used to decrypt the transmitted data packets is disclosed by one of the two communicating partners to a third communication partner who acts as an archive point or checkpoint, enabling the data packets to be archived and / or inspected for malware.

[0005] In at least one embodiment, the method preferably includes the following steps in the described order:

[0006] A) Establish a data connection between the first and second communication partners using the connection key.

[0007] B) Encrypt the connection key used for data connection using an additional key via a first communication partner and / or a second communication partner.

[0008] C) Sending a message from a first communication partner to a second communication partner, the message containing an unencrypted portion and a portion encrypted using a connection key, wherein the unencrypted portion of the message contains a connection key encrypted using an additional key.

[0009] The terms "connect key" and "additional key" do not necessarily refer to only a single key part, but may optionally also include key pairs. Therefore, the connection key and / or additional key are either symmetric or asymmetric key parts of a cryptographic connection, or key pairs consisting of symmetric or asymmetric key parts.

[0010] Most digital communication is encrypted. This is typically achieved using TLS, where asymmetric keys are used to negotiate a symmetric key, which is used by two communicating partners for encryption and decryption. Such a key is also called a session key. Key negotiation is specifically conducted via Diffie-Hellman key exchange or Diffie-Hellman-Merkle key exchange (DHM key exchange or DHM protocol). TLS stands for Transport Layer Security. Even if communication, including key negotiation, is intercepted, it is impossible for an eavesdropper to decrypt the data communication using such methods. The negotiated symmetric key can be different for each new communication connection.

[0011] In some cases, such as when operating a signaling network or conducting financial transactions, digital communications must be archived for legal reasons. This is typically accomplished by a third party that records and stores the data communications, for example, using a switch's monitor port. If the data communications are encrypted, the archived data cannot be directly used for auditing and may no longer meet legal and / or compliance requirements.

[0012] For IT security reasons, it is often necessary to inspect data communications for malware or compromised data streams in order to detect attacks. This is done, for example, using deep packet inspection algorithms and / or NIDS (Network Intrusion Detection Systems). In such cases, monitoring data communications via monitoring ports is also frequently employed. However, in the case of encrypted communication, deep packet inspection becomes impractical, and the ability to detect attacks is reduced.

[0013] One alternative to enabling third-party data archiving or inspection is to store the key via a separate communication channel. That is, the communication partner sends a key used for encryption, such as a symmetric key, to the third party. However, this requires an additional data connection.

[0014] Another possible alternative is to use a cipher to check only integrity. However, this option is not available if confidential data (such as personal data) is being transmitted. Furthermore, this is no longer supported by the ciphers currently present in TLS 1.3.

[0015] Another possible alternative is to use symmetric encryption with a known key. However, this no longer corresponds to existing techniques regarding cryptographically secure connections.

[0016] Finally, an alternative possibility is to use a man-in-the-middle approach and / or a proxy. Here, all connections are routed through a third party, which disconnects the direct connections between the communication partners. In this case, both communication partners connect directly to the third party, and only the direct connection to the third party is encrypted, thus eliminating end-to-end encryption.

[0017] The method described herein preferably has the following steps, particularly in the order described:

[0018] 1. For example, negotiation of connection keys, especially session keys, can be conducted through key exchanges such as the Diffie-Hellman key exchange.

[0019] 2. The communication partner encrypts the session key so that it can only be decrypted by a third party, for example, using an asymmetric key with the third party's public key. The third party is, for example, an archive point. Optionally, the key of the third party's X.509 certificate is used. This has the added advantage of ensuring that only a third party, acting as a listener, can decrypt the data traffic, in addition to the first and second communication partners acting as senders / receivers.

[0020] 3. The encrypted session key is transparently communicated with the next message within the unencrypted portion of the underlying communication protocol within the data connection, such as in the TCP options. Optionally, a third party's X.509 certificate is also sent in the TCP options, allowing a communication partner that has not sent the session key to decide whether to trust the third party.

[0021] 4. In the case of an archive point, the third party preferably stores, records, and / or archives the entire data communication, especially with the TCP option. Optionally, all content is stored here in encrypted form so that the contained data is not processed. As a further option, the session key is extracted and stored and / or processed separately.

[0022] 5. Optionally, a third party may decrypt the data communication in real time (also known as on the fly) and store and / or process the decrypted data.

[0023] As mentioned at the beginning, a third party can not only be an archive point, but also a checkpoint for checking whether the data stream has been attacked.

[0024] The method described herein offers the following advantages in particular:

[0025] - End-to-end encryption between communication partners remains intact.

[0026] - Only one communication partner needs to support this method; the process can be transparent to other communication partners.

[0027] - It requires almost no additional data streams and / or headers, resulting in less bandwidth usage and virtually no additional method steps.

[0028] - This method can be used with existing technologies, such as existing archiving systems, because all additional data is transmitted within the data connection (also known as inline).

[0029] - No additional channel is required for key transmission to third parties.

[0030] Only trusted third parties can decrypt data traffic.

[0031] -Optionally, decryption via a third party shall only be performed under reasonable circumstances, such as under audit.

[0032] - Archived and stored data can be stored in a way that is not altered and is encrypted.

[0033] - For communication partners who do not transmit the connection key to a third party, it is optional that the connection key has been clearly transmitted to the third party. Conversely, this is not the case when using man-in-the-middle or out-of-band methods.

[0034] - Using the methods described here, it is easier to comply with rules such as GDPR (General Data Privacy Regulation).

[0035] - For encrypted data traffic, data storage that meets legal requirements can also be achieved.

[0036] -Deep Packet Inspection and NIDS are compatible with the methods described herein.

[0037] The high acceptance of the cryptographic connection method described herein is possible because it is obvious to both communicating partners that a third party, acting as a listener, is incorporated into the communication, and which third party is involved. This is particularly true when the third party's X.509 certificate is sent along with the message. Conversely, methods for establishing cryptographic connections with third parties to date are generally unacceptable because, unlike the method described herein, it is difficult to prevent covert eavesdropping.

[0038] - The method can be licensed to users who are particularly required to meet legal requirements regarding the archiving of communications, such as the financial sector.

[0039] According to at least one implementation, a third communication partner participates in the data connection as a listener. The third communication partner can also be simply referred to as a third party. That is, the third communication partner is specifically included in the data connection together with the first and / or second communication partners.

[0040] According to at least one implementation, the third communication partner knows the additional key. This can be implemented by transmitting the additional key in encrypted form within the unencrypted portion of the message, making the additional key known outside of this method, or by presenting the additional key as the public portion of an asymmetric key pair assigned to the third communication partner, such as the public key of the third communication partner's X.509 certificate.

[0041] According to at least one implementation, the third communication partner is specifically entrusted by the first and / or second communication partners to record and / or inspect messages. Therefore, the third communication partner is provided with further functionality in the data connection, particularly archiving and / or protection against attacks.

[0042] According to at least one embodiment, the method includes step D). In step D), a third communication partner decrypts the connection key encrypted using an additional key from the unencrypted portion of the message. This enables the third communication partner to decrypt and thus read the encrypted portion of the message, either in real-time or with a delay.

[0043] According to at least one implementation, the third communication partner stores the encrypted portion of the message and / or the decrypted connection key and / or the connection key still encrypted using an additional key. The third communication partner may decrypt the encrypted portion of the message at a later time.

[0044] The third communication partner decrypts the encrypted portion of the message only when requested for this purpose, for example, by an external controlling entity. The controlling entity can be the first or second communication partner, or it can be another entity.

[0045] According to at least one implementation, the third communication partner decrypts the encrypted portion of the message in real time using the connection key. Real time specifically means that there is no or no significant time delay compared to decryption via the first and / or second communication partner. Therefore, effective protection against attacks is achieved with the help of the third communication partner. Decryption performed by the third communication partner to identify attacks may occur before the message is decrypted by the receiver. That is, decryption, for example, by the second communication partner, may only occur if permitted by the third communication partner.

[0046] According to at least one implementation, the additional key is the public key of a third communication partner's certificate, or the additional key contains such a key. This certificate is, in particular, an X.509 certificate.

[0047] According to at least one implementation, the unencrypted portion of the message, which includes the connection key, is a part of the Transmission Control Protocol header, which is particularly customized by the data connection operator. This part of the message is, for example, a custom option in the TCP header. TCP here stands for Transmission Control Protocol.

[0048] According to at least one implementation, the connection key is a session key for the data connection. That is, the connection key is valid only for a single session and / or only for a specific time. Step A) can therefore be performed multiple times, or multiple times during the existence of the data connection.

[0049] Furthermore, a communication system is described. This communication system is configured for use, for example, in conjunction with one or more of the methods described above. Features of the communication system are therefore also disclosed with respect to this method, and vice versa.

[0050] In at least one embodiment, the communication system performs the methods described above at least temporarily during operation. The data connection herein is either partially or fully wireless, or a wired connection.

[0051] According to at least one implementation, the communication system is part of the track network infrastructure. Here, the first communication partner and / or the second communication partner are preferably selected from the group consisting of: dispatching room, track center such as ETCS track center, axle counter, track signal, turnout, and track vehicle.

[0052] In other words, the first and / or second communication partner can be the RBC (Radio Block Centre), i.e., the ETCS (European Train Control System). Attached Figure Description

[0053] The features, characteristics, advantages, and implementation methods of the present invention mentioned above are further illustrated by the following description of embodiments of the present invention in conjunction with the accompanying drawings, in which:

[0054] Figure 1 A schematic diagram of an embodiment of the communication system described herein is shown.

[0055] Figure 2 A schematic flowchart of an embodiment of the method described herein is shown.

[0056] Figure 3 A schematic diagram of messages used in an embodiment of the method described herein is shown, and

[0057] Figure 4 A schematic diagram of an embodiment of a communication system in a rail network infrastructure described herein is shown. Detailed Implementation

[0058] exist Figure 1 An embodiment of the communication system 10 is shown. The communication system 10 includes a first communication partner 11 and a second communication partner 12. A data connection 3 exists between the communication partners 11 and 12, which are the sender and receiver, for exchanging messages 5 preferably bidirectionally and encrypted.

[0059] Furthermore, the communication system 10 includes a third communication partner 13. The third communication partner 13 participates in the data connection 3 via a connection component 8. The connection component 8 is, for example, a monitoring port of a router. The third communication partner 13 archives and / or checks the exchanged messages 5. That is, the third communication partner 13 preferably does not directly participate in the communication between communication partners 11 and 12 and is a listener.

[0060] Communication partners 11, 12, and 13 can operate automatically or partially automatically. Therefore, human intervention is not always required. Communication partners 11, 12, and 13 can be, for example, computers, sensors, or actuators.

[0061] exist Figure 2 The document describes a method for operating the communication system 10. In the first method step S1, a connection key 2 is negotiated between the first and second communication partners 11 and 12, for example, via Diffie-Hellman key exchange. The connection key 2 is, in particular, a session key.

[0062] In optional method step S2, the first communication partner 11 obtains the additional key 4. For example, the additional key 4 is transmitted from the third communication partner 13 to the first communication partner 11. The additional key 4 is, for example, the public key of the X.509 certificate of the third communication partner 13.

[0063] In method step S3, the connection key 2 is encrypted by the first communication partner 11 using the additional key 4.

[0064] Then, in method step S4, message 5 is sent to the second communication partner 12. Message 5 contains connection key 2 encrypted using additional key 4. The encrypted connection key 2 is included in the unencrypted portion of message 5, see also... Figure 3 The encrypted portion 52 of the message is encrypted using connection key 2.

[0065] like Figure 1 As shown, message 5 also reaches the third communication partner 13. One or more method steps S5, S6, S7, S8, and S9 can be executed by the third communication partner 13, i.e., the listener, after receiving message 5.

[0066] In optional method step S5, message 5 and connection key 2 are stored. Message 5 and / or connection key 2 can be stored in encrypted or decrypted form. Preferably, in step S5, at least message 5 is archived only in an encrypted and unprocessed manner. Since connection key 2 is also stored in an encrypted manner, message 5 can be decrypted later.

[0067] The decryption of message 5 is performed specifically in a later method step S6. Here, method step S6 can be executed only after request 6 has been received. Here, in method step S7, request 6 is issued, for example, through an external control entity 7. Figure 2 Unlike the diagrams shown, control entity 7 can also be implemented via first and / or second communication partners 11, 12. Optionally, third communication partner 13 then returns information 9, for example, to control entity 7. This information 9 can be provided within method step 7.

[0068] In optional method step S8, message 5 is checked for an attack via a third communication partner 13. This check can be performed in real time.

[0069] In addition, Figure 2 The diagram illustrates an optional method step S9. In method step S9, feedback is provided to the first and / or second communication partner 12 via the third communication partner 13. The feedback may include, for example, that message 5 has been correctly received by the third communication partner 13, and that from the perspective of the third communication partner 13, retransmission of message 5 is unnecessary. Alternatively or additionally, the feedback may state that message 5 does not contain any attack and / or message 5 can be dangerously decrypted by the second communication partner 12, who is the recipient of message 5.

[0070] exist Figure 3 The exemplary structure of message 5 is schematically illustrated. Message 5 includes N data packets 50.1, 50.2 to 50.N, where N is a natural number greater than or equal to 1. The data packets preferably contain an unencrypted portion 51 and an encrypted portion 52, respectively. Figure 3 Unlike the illustrations, it is also possible that only the first data packet 50.1 or only some data packets contain the unencrypted portion 51. The encrypted portion 52 contains the payload (Nutzlast) of the relevant data packet, while the unencrypted portion 51 preferably represents the header (Overhead or Header).

[0071] The connection key 2, encrypted using additional key 4, is specifically contained only in the unencrypted portion 51 of the first data packet 50.1. This area of ​​the unencrypted portion 51 contains, in particular, custom TCP options. Figure 3 Unlike the diagram, the encrypted connection key 2 can also be transmitted multiple times.

[0072] Since the third communication partner 13 knows the additional key 4 and the connection key 2 is located in the unencrypted part 51, the third communication partner 13 can decrypt the connection key 2 and therefore also access the encrypted part 52 of message 5.

[0073] exist Figure 4 The diagram shows a track network infrastructure 100. The track network infrastructure 100 includes a communication system 10 and a track network 107. First, second, and / or third communication partners are formed in the track network infrastructure 100, particularly through a dispatch room 101, through an ETCS line center 102, through an axle counter 103, through line signals 104, through switches 105, and / or through track vehicles 106.

[0074] Thanks to the third communication partner 13, data traffic between components of the rail network infrastructure 100 can be recorded and documented. The data connections between components of the rail network infrastructure 100 can be wired or wireless.

[0075] Although the invention has been shown and described in detail with reference to embodiments, the invention is not limited to the disclosed embodiments and the specific combinations of features set forth therein. Other variations of the invention will be available to those skilled in the art without departing from the scope of the claimed invention.

[0076] List of reference numerals

[0077] 2 Connection key used for data connection

[0078] 3. Data Connection

[0079] 4. Additional Key

[0080] 5 Messages

[0081] Data packets for messages 50.1, 50.2, and 50.N

[0082] 51 The unencrypted portion of the message

[0083] 52. Encrypted portion of the message

[0084] 6. Request to decrypt the message

[0085] 7 Control Entities

[0086] 8 Connecting components

[0087] 9. Information about the message

[0088] 10. Communication System

[0089] 11 First Communication Partner (Sender)

[0090] 12 Second Communication Partner (Recipient)

[0091] 13 Third Communication Partner (Listener)

[0092] 100 Rail Network Infrastructure

[0093] 101 Dispatch Room

[0094] 102 ETCS Line Center

[0095] 103 Axle counter

[0096] 104 Line Signal

[0097] 105 turnout

[0098] 106 Rail Vehicles

[0099] 107 Rail Network

[0100] S1-S9 Method Steps

Claims

1. A method for data transmission, comprising the steps of: A) A data connection (3) is established between the first communication partner (11) and the second communication partner (12) using the connection key (2). B) Encrypt the connection key (2) for the data connection (3) using an additional key (4) via the first communication partner (11) and / or via the second communication partner (12). C) Send message (5) from the first communication partner (11) to the second communication partner (12), the message comprising an unencrypted portion (51) and a portion (52) encrypted using the connection key (2), wherein, The unencrypted portion (51) of the message (5) contains the connection key (2) encrypted using the additional key (4). Its features are, A third communication partner (13) participates in the data connection (3) as a listener as stipulated, wherein the third communication partner (13) knows the additional key (4), and In step D), the third communication partner (13) decrypts the connection key (2) encrypted with the additional key (4) from the unencrypted portion (51) of the message (5), thereby enabling the third communication partner (13) to read the encrypted portion (52) of the message (5).

2. The method according to claim 1, in, The third communication partner (13) is entrusted by the first communication partner (11) and / or the second communication partner (12) to record and / or inspect the message (5).

3. The method according to claim 1 or 2, in, The third communication partner (13) stores the encrypted portion (52) of the message (5) and the decrypted connection key (2) and / or the connection key (2) still encrypted using the additional key (4), wherein the third communication partner (13) decrypts the encrypted portion (52) of the message (5) only upon request (6) by the control entity (7).

4. The method according to claim 1 or 2, in, The third communication partner (13) decrypts the encrypted portion (52) of the message (5) in real time using the connection key (2).

5. The method according to claim 1 or 2, in, The additional key (4) is the public key of the certificate (8) of the third communication partner (13) or contains such a key.

6. The method according to claim 1 or 2, in, The unencrypted portion (51) of the message (5) is a portion of the Transmission Control Protocol (TCP) header, the unencrypted portion of the message contains the connection key (2), and the portion of the TCP header is customized by the operator of the data connection (3).

7. The method according to claim 1 or 2, in, The connection key (2) is the session key of the data connection (3).

8. A communication system (10) comprising a first communication partner (11), a second communication partner (12), and a third communication partner (13), wherein a data connection (3) exists between the first communication partner (11) and the second communication partner (12), the communication system being configured for use with the method according to any one of claims 1 to 7. in, The data connection (3) is at least partially wireless or wired.

9. The communication system (10) according to claim 8, wherein the communication system is part of the rail network infrastructure (100), The first communication partner (11) and / or the second communication partner (12) are selected from the following group: dispatch room (101), ETCS line center (102), axle counter (103), line signal (104), turnout (105), and rail vehicle (106).