Review Article

A Security Scheme for Dependable Key Insertion in Mobile Embedded Devices

Algorithm 4

Initialization step for mediated key flashing.
Requirements
  (i) OEM has knowledge of VKSP and VKTRKM
Protocol
Step  I.1: SPE presents his credential CREDSPE and SP authenticates SPE. After that SP
    is activated and communication to OEM is enabled.
Step  I.2: SP creates a new key pair and sends its ID together with the created
   verification key as a signed request for a trust credential to OEM.
Step  I.3: OEM verifies that SP and the respective verification key VKSP is
   listed in the internal database of trusted mediators and that .
   In this case OEM creates a trust delegation credential bound to SP
   with timestamp and number of granted transactions and sends it to SP.
Step  I.4: SP receives and stores it in the trusted storage.
   This step completes the trust delegation for flashing.
Step  II.1: For a number of TRKnew to be flashed, SP reads out the respective certified
   verification keys and sends to OEM.
Step  II.2: OEM verifies that VKSP and VKTRKM are in the internal
   database of trusted peers and that and
    . Afterwards OEM creates
   and sends it to SP.
Step  II.3: SP receives and stores it in the trusted storage.
   This step completes the activation of the transponder TRKnew for flashing over SP.