Reaction mechanism
NHL and the NHL Sh
Tissue factor path
Is there anythin
Growing Green: Bus
A single, large-sc
# Copyright 2019 T
I just don’t get i
We have developed
New York Mets: Top

Novel inhibitors o
Obituaries From Co
A number of device
Dismissed and Me
The authors confir
Mission A Mission
Q: In my Rails ap
It's a mystery to
If this is your fi
Cochlear implants:
<<      >>
In order to further ensure a secure data transmission, it is known to cryptographically secure (that is, encrypt) a transmitted data packet. A known method to realize this function is an algorithm to encrypt the data. For this purpose, it is necessary to transmit the algorithm before the actual data and possibly also secret data necessary for the encryption. If the algorithm is not available during the transmission of the data, a hacker who wants to steal the data packet can do so by means of a Man-in-the-Middle (MIM) attack. In such an attack, the hacker intercepts a communication between two communication partners and, by a “trick”, convinces one of the communication partners to transmit the algorithm or parts of the algorithm to him, which can then be evaluated and copied by the hacker. In order to avoid such an attack, a certificate (for example, a certificate) is used by the communication partners to secure a connection between the communication partners in such a way that a transmission of the algorithm is not necessary. In order to make possible the secure data transmission, a certificate is usually transmitted between communication partners, in which the public key for the data encryption is stored. The public key is then used for the encryption of the data packet. However, the secure data transmission using a certificate requires that a certificate for a public key is available for each communication partner. In a case of secure data transmission between many communication partners, the certificate must also be stored in a certificate database. However, this leads to a substantial security risk, since an unauthorized user can access the certificate database and therefore the keys for encryption can be obtained by unauthorized access. Therefore, an object of the present invention is to provide a method and a system in order to safely and securely transmit data in an automation system. This object is achieved by a method for transmitting data securely between at least two communication partners, in which a public key of a first communication partner is stored in a certificate of a second communication partner, comprising the following steps: generating a private key and storing the private key in the first communication partner, generating a certificate by using the private key and storing the certificate in the second communication partner, transmitting the certificate from the second communication partner to the first communication partner; and performing an encryption on the data to be transmitted from the first communication partner to the second communication partner with the certificate. In other words, in a method for transmitting data securely between at least two communication partners, a public key of a first communication partner is stored in a certificate of a second communication partner, it is suggested to perform an encryption on the data to be transmitted from the first communication partner to the second communication partner using the certificate. A communication partner refers, in particular, to a device such as a controller, a processor, a control unit or another control entity of an automation system, which is arranged for data transmission with one or more other communication partners. Since a certificate from the second communication partner is transmitted to the first communication partner, the first communication partner knows which certificate of the first communication partner is included in the certificate database of the second communication partner. Thereby, a further security risk is avoided since the encryption of the data is performed in the second communication partner using the public key stored in the certificate of the second communication partner. The object is furthermore achieved by a system for transmitting data securely between at least two communication partners, having a certificate database, in which a public key of a first communication partner is stored in a certificate of a second communication partner, comprising the following components: a first processor and a memory, in which a first private key and a first certificate are stored in the first processor, the certificate being generated by using the first private key and being stored in the memory of the first processor, a second processor and a memory, in which a second private key and a second certificate are stored in the second processor, the second certificate being generated by using the second private key and being stored in the memory of the second processor, The first processor and the second processor each further having an interface, in which the first and second private key are transmitted to the certificate database. The first and second processor each further having a connection interface for data transmission to a first communication partner and to a second communication partner. It is beneficial that each processor is designed to generate a private key by means of one generation method. It is advantageous that the generation of the first certificate includes generating the first private key using a first generation method, storing the first private key in the first processor and generating the first certificate by using the first private key, while the generation of the second certificate includes generating the second private key using a second generation method, storing the second private key in the second processor and generating the second certificate by using the second private key. The generation of the certificate may further include storing the certificate in the memory of the first or the second processor. It is beneficial that the private key is used to generate the public key of the communication partner from which the private key is generated. In this way, the key for encryption of the data is ensured to be safe. It is advantageous that a common algorithm is used for generating the first certificate and the second certificate. This way, a high level of security can be provided. The first and/or the second processor is/are designed to perform a first and/or a second encryption method. The first and/or the second processor is/are designed to generate a first and/or a second cipher text from a data packet. It is advantageous that the first and/or the second processor is/are designed to generate an authentication element for each encryption method. The connection interface of the first and/or the second processor is/are designed for connecting a data transmission line between the communication partner and the first and/or the second processor. The connection interface of the first and/or the second processor is/are designed to transmit a cipher text from the first processor and/or the second processor to the data transmission line. The first and/or the second processor is/are further designed to perform a decryption on a data packet from the data transmission line using the authentication element of the encryption method used for encrypting the data packet. It is beneficial that the data packet and/or the authentication element can be decrypted with only one key. This provides a secure encryption. It is advantageous that a public key certificate is stored in the certificate database of the system. In this way, the first and second processors know the public key. It is advantageous that the first processor and/or the second processor and/or the first certificate is/are designed