公开(公告)号：US20090235352A1

公开(公告)日：2009-09-17

申请号：US11721157

申请日：2005-12-02

申请人： Geert Jan Schrijen ,  Lutz Pape

发明人： Geert Jan Schrijen ,  Lutz Pape

IPC分类号： H04L9/32 ,  G06F12/14 ,  G06K19/06

CPC分类号： G07F7/1008 ,  G06Q20/3552

摘要： In order to provide a management system (100) as well as a method for managing at least one installation right (40a) to install at least one application (46, 42) on a smart card (300), in particular on a multi-application smart card, wherein it is possible that at least one first party or first unit (10) controlling the application(s), in particular on the smart card (300), in particular the smart card issuer, is able to transfer (44) this control to at least one second party or second unit (20), it is proposed that the management system (100) is designed to manage said installation right (40a), in particular on the smart card (300), insofar as the role of authorizing (22) at least one third party or third unit (30), in particular at least one third party application provider, to exert said installation right (40a), in particular to install its application (42) on the smart card (300), can be transferred (44) from at least one first party or first unit (10), in particular from the issuer of the smart card (300), to at least one second party or second unit (20).

摘要翻译： 为了提供管理系统（100）以及用于管理至少一个安装权限（40a）的方法，以在智能卡（300）上安装至少一个应用程序（46,42） 应用智能卡，其中可能的是，控制所述应用，特别是智能卡（300）上的至少一个第一方或第一单元（10）特别是智能卡发行者能够传送（44 ）该控制到至少一个第二方或第二单元（20），建议管理系统（100）被设计成管理所述安装权（40a），特别是在智能卡（300）上，只要 授权（22）至少一个第三方或第三单位（30），特别是至少一个第三方应用提供商施加所述安装权（40a）的作用，特别是将其应用程序（42）安装在智能卡上 （300）可以从至少一个第一方或第一单元（10）转移（44），特别是从发行 （300）的至少一个第二方或第二单元（20）。

公开(公告)号：US20080262788A1

公开(公告)日：2008-10-23

申请号：US12097584

申请日：2006-12-12

申请人： Geert Jan Schrijen ,  Boris Skoric

发明人： Geert Jan Schrijen ,  Boris Skoric

IPC分类号： G01B21/00

CPC分类号： H04L9/0866 ,  G09C1/00 ,  H04L2209/26

摘要： The present invention relates to a method and a device (11) using a physical token (14), which provides measurable parameters, to derive at least one data set. A plurality of values of one or more of the parameters are measured. From these measured values, a measure of variance is calculated. Quantization intervals into which a measured value is to be quantized are then determined. A possible value of a data set, which subsequently can be derived from a measured value provided by the physical token, is associated with each quantization interval. Further, information which subsequently enables determination of these quantization intervals is stored. Hence, an enrolling phase has been completed. When the preparing phase has been completed, a deriving phase may commence. When a data set is to be derived, for example to be used as a cryptographic key, a value of any one of the parameters provided by the PUF is measured. This measured value is quantized into a determined quantization interval, and a data set may be derived from the quantization interval into which the measured value is quantized.

摘要翻译： 本发明涉及使用提供可测量参数的物理令牌（14）来导出至少一个数据集的方法和装置（11）。 测量一个或多个参数的多个值。 从这些测量值，计算方差的度量。 然后确定要量化测量值的量化间隔。 随后可以从物理令牌提供的测量值导出的数据集的可能值与每个量化间隔相关联。 此外，存储随后能够确定这些量化间隔的信息。 因此，入学阶段已经完成。 准备阶段完成后，可以开始推导阶段。 当要导出数据集时，例如要用作加密密钥，测量由PUF提供的任何一个参数的值。 该测量值被量化为确定的量化间隔，并且可以从量化测量值的量化间隔导出数据集。