1. Patent Search
  2. Details

IMEI STORAGE

20210105273 · 2021-04-08

    Inventors

    Cpc classification

    International classification

    Abstract

    A chip set for a terminal comprises at least one secure processor, in which a one-time programmable memory is integrated. At least one terminal serial number of the terminal is stored in the chip set. Information for securing the terminal serial number against tampering is stored in the one-time programmable memory.

    Claims

    1. A chip set for a terminal, the chip set comprising: at least one secure processor into which a one-time programmable memory is integrated; a baseband processor; and wherein at least one terminal serial number (IMEI) of the terminal is stored in the chip set, wherein the secure processor and the baseband processor are configured to establish and to operate a secure channel between the secure processor and the baseband processor such that a message comprising an updated terminal serial numbers (IMEI*) can be accepted by the baseband processor and forwarded to the secure processor via the secure channel, and wherein in the one-time programmable memory information is stored that secures the at least one terminal serial number (IMEI) against tampering.

    2. The chip set according to claim 1, wherein an access to the information that secures the terminal serial number (IMEI) stored in the one-time programmable memory or/and to the terminal serial number (IMEI) is possible exclusively by the secure processor.

    3. The chip set according to claim 2, comprising an application processor and/or one or several further processors, and wherein an access to the information that secures the terminal serial number (IMEI) stored in the one-time programmable memory or/and to the terminal serial number (IMEI) is not possible by the baseband processor, the application processor, or the one or several further processors.

    4. The chip set according to claim 1, wherein the baseband processor is configured for a radio connection between the chip set and a server outside the chip set.

    5. The chip set according to claim 1, wherein in the chip set at least two, or more, terminal serial numbers (IMEI, IMEI, IMEI, . . . ) of the terminal are stored at the same time, wherein at least two, or more, terminal serial numbers IMEI, IMEI, . . . ) are assigned to at least two different components of the chip set.

    6. The chip set according to claim 1, wherein the information stored in the one-time programmable memory comprises the terminal serial number (IMEI) or consists of the terminal serial number (IMEI).

    7. The chip set according to claim 1, wherein the information stored in the one-time programmable memory comprises a key which is arranged: as an encryption key for encrypting the terminal serial number (IMEI), or as a security key, from which an encryption key for encrypting the terminal serial number (IMEI) can be derived; and wherein the chip set further comprises an encryption device which is configured to encrypt the terminal serial number (IMEI) with the encryption key to form an encrypted terminal serial number (enc(IMEI)) and to store the encrypted terminal serial number (enc(IMEI)) in the chip set.

    8. The chip set according to claim 7, wherein a non-volatile memory is coupled or can be coupled to the secure processor, and wherein the encryption device is configured to store the encrypted terminal serial number (enc(IMEI)) into the non-volatile memory.

    9. The chip set according to claim 8, wherein the non-volatile memory is arranged either as an external memory of the chip set disposed outside the secure processor and is coupled or can be coupled to the secure processor via a system bus of the chip set or, alternatively, is arranged as an internal memory disposed within the secure processor and integrated on the chip level on the chip of the secure processor.

    10. The chip set according to claim 1, wherein the chip set contains an integrated subscriber identity module (iUICC) in which a subscription profile is stored, or which is configured to store a subscription profile.

    11. A method for updating the terminal serial number (IMEI) in a chip set according to claim 1, comprising the steps of: a) in the chip set, receiving an updated terminal serial number (IMEI*) which is provided for replacing the terminal serial number (IMEI) stored in the chip set, and supplying the updated terminal serial number (IMEI*) to the secure processor; b) in the secure processor, in response to the receiving from step a), obtaining an encryption key for encrypting the terminal serial number (IMEI) by: either reading out the encryption key from the one-time programmable memory, or reading out the security key from the one-time programmable memory and subsequently deriving the encryption key from the security key; c) encrypting the updated terminal serial number (IMEI*) with the encryption key to form an encrypted updated terminal serial number (enc(IMEI*)); d) storing the encrypted updated terminal serial number (enc(IMEI*)) in the non-volatile memory.

    12. The method according to claim 11, further comprising, before step a), the step of: sending the updated terminal serial number (IMEI*) from a server to the chip set.

    13. The method according to claim 12, wherein the chip set contains an integrated subscriber identity module (iUICC) in which at least one subscription profile is stored or implemented, or which is configured to store or implementing a subscription profile, and wherein the sending of the updated terminal serial number (IMEI*) is effected as a part of a transmission of a subscription profile or of an operating system to the chip set, or as a part of a subscription update or an operating system update for a subscription profile.

    14. The method according to claim 11, further comprising the step of: e) rendering the stored terminal serial number (IMEI) unusable by deleting the stored encrypted terminal serial number (enc(IMEI)), overwriting the encrypted terminal serial number (enc(IMEI)) with the updated encrypted terminal serial number (enc(IMEI*)) or rendering unusable otherwise.

    15. The method according to claim 11, further comprising, upon receiving an updated terminal serial number (IMEI*): authentication of the server vis--vis the chip set by means of one or several authentication keys or keys deposited in the one-time programmable memory or/and verification of a counter information item received together with the updated terminal serial number (IMEI*) with respect to a reference counter information item stored in the one-time programmable memory, in order to cause the storing of the updated terminal serial number (IMEI*) to be permitted only at most, if a number of updates of the terminal serial number (IMEI) determined by the reference counter information has not yet been exceeded.

    16. A mobile-communication capable terminal comprising a chip set according to claim 1.

    Description

    BRIEF DESCRIPTION OF THE DRAWINGS

    [0039] In the following the invention will be explained in more detail on the basis of embodiment examples and with reference to the drawing, in which there is shown:

    [0040] FIG. 1 a schematic representation of a chip set according to an embodiment of the invention.

    DETAILED DESCRIPTION OF EMBODIMENT EXAMPLES

    [0041] FIG. 1 shows, in a schematic representation, a chip set according to an embodiment of the invention. The chip set comprises the following components: a secure processor SP, a baseband core processor BB (a BB is partly also referred to as a modem), an application processor AP (having one or several, in this case several, processor cores, i.e. processor cores or CPUs), a memory chip having a rewritable non-volatile memory NVM disposed outside the secure processor SP, but within the chip set. The chip set is housed in a chip set package. The non-volatile memory NVM is provided in the example from FIG. 1 as an external memory ext NVM which is disposed within the chip package, but outside the secure processor SP (i.e. not located internally, directly on the chip of the secure processor SP), but alternatively can also be located entirely outside the chip package. In a further embodiment, which is represented in dashed manner in FIG. 1., the non-volatile memory NVM is an internal memory int NVM of the secure processor SP, which is permanently assigned to the secure processor SP and is integrated into the chip of the secure processor SP, for example on the level of the integrated semiconductor production technology. The components are coupled to one another via a system bus in FIG. 1. Between the secure processor SP and the baseband core processor BB, from a physical perspective via the system bus, a secure channel S-CH is established, via which the secure processor SP and the baseband core processor BB can securely exchange data. The data are exchanged between the secure processor SP and the baseband core processor BB in the secure channel S-CH at the protocol level as APDU commands according to the currently widely used standard ISO 7816. Alternatively, the data are exchanged in a format different from the ISO 7816 APDU format. The secure channel S-CH is set up by authentication and key agreement and is operated by subsequent encrypted exchange of data.

    [0042] The secure processor SP comprises an SP core (i.e. a CPU), a one-time programmable memory OTP area, a read-only memory UICC ROM, an exclusive working memory UICC RAM of the secure processor SP, a crypto unit CRYPTO, a memory management Mem Mgr and an interface unit I/O Unit. As mentioned, on the chip area of the secure processor SP there can further be contained, in addition to the one-time writable memory OTP, a rewritable non-volatile memory NVM, as indicated by dashed lines. The memory management Mem Mgr, the crypto unit CRYPTO and the interface unit I/O Unit are set up in interaction with one another, to set up and operate the secure channel S-CH between the secure processor SP and the baseband core processor BB by means of authentication and encryption. An integrated subscriber identity module iUICC is set up in the secure processor SP. The read-only memory UICC ROM and the working memory UICC RAM are specifically provided for integrated subscriber identity modules iUICC on the secure processor SP. The chip set further has a general working memory RAM, represented here as an external working memory ext RAM, which is located outside the secure processor SP and is available to the other processor cores as a working memory.

    [0043] In the one-time programmable memory OTP area, keys are stored for authentication and encryption for setting up and operating the secure channel S-CH. Further, in the one-time programmable memory OTP area, according to a first alternative of the invention, the terminal serial number IMEI is stored. In the case of several IMEIs, the several terminal serial numbers IMEI, IMEI, IMEI, . . . are stored. The terminal serial number(s) IMEI is (are) stored either in plain text or in encrypted form as enc(IMEI) in the one-time programmable memory OTP area. According to a second alternative of the invention the terminal serial number(s) IMEI, IMEI, IMEI . . . is (are) stored in the (external or internal) rewritable non-volatile memory NVM (ext NVM or int NVM), above all in the case of ext NVM obligatorily in encrypted form as enc(IMEI), encrypted with an encryption key. The encryption key or a security key, from which the encryption key can be derived, is stored in the one-time programmable memory OTP area in this second variant.

    [0044] A mechanism is desirable for the concept of an integrated iUICC and of an eUICC, in which, in addition to the profile data, the complete operating system can optionally also be exchanged remotely, since the SIM card cannot readily be exchanged physically. This mechanism is also referred to as eSIM management. Since in the course of the life cycle of the hardware (of the chip set) the subscriptions, operating systems and network operators can theoretically change as often as desired, it is preferred to deposit the IMEI for the respective subscription in a rewritable non-volatile memory. It is likewise possible, when a sufficiently large rewritable non-volatile memory is provided, that several profiles or operating systems or several iUICCs are present in parallel on the chip set. Therefore, in favor of simpler assignability between the IMEI and the profile/operating system, it is advantageous to manage the IMEI as a part of the subscription update via the remote management system together with the profile/operating system OS of the iUICC or eUICC. Thus, in the case of the change of the operating system or of the profile or in the case of application of different subscriptions active in parallel (optionally of different network operators) it is possible to transmit the IMEI to the device either as an integral part of the subscription (e.g. in a dedicated elementary file in the UICC data structure) or as a separate data content, but in the same updating process. This ensures that a dedicated IMEI is always assigned to the respectively valid and executed subscription.

    CITED PRIOR ART

    [0045] [1]. ETSI TS 122 016, Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UNITS); LTE; International Mobile Equipment Identities (IMEI); 3 GPP TS 22.016 version 10.0.0 Release 10.