公开(公告)号：US20160148075A1

公开(公告)日：2016-05-26

申请号：US14946083

申请日：2015-11-19

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Cedric BARREAU ,  Bruno JAVARY

IPC: G06K9/60 ,  G06K9/78

CPC classification number: G06K9/605 ,  G06F21/32 ,  G06F2221/2103 ,  G06F2221/2133 ,  G06K9/00087 ,  G06K9/3275 ,  G06K9/78 ,  H04L63/0861 ,  H04W12/06 ,  H04W88/02

Abstract: Method of authentication of a user via a terminal including acquisition elements for performing a biometric acquisition, includes: presentation to the acquisition elements by the user of a member to be verified by biometric comparison and triggering by the user a biometric acquisition to obtain an acquisition datum; biometric comparison of the acquisition datum with a prestored reference datum, the user being authenticated if the biometric comparison is positive and not authenticated otherwise, the method further including the following steps: providing the user with elements indicative of a first angle, the user applying a corrective rotation by a second angle so as to match an acquisition datum with the second angle, and in the biometric comparison step the reference datum is matched with the first angle, the biometric comparison being positive if the second angle is substantially equal to the first angle. Device adapted to implement such a method.

Abstract translation: 经由包括用于执行生物特征获取的获取元件的终端的用户的认证方法包括：由用户通过生物特征比较向用户呈现要被验证的成员的采集元素，并且由用户触发生物特征获取以获得采集数据 ; 采集数据与预先存储的参考数据的生物特征比较，如果生物特征比较是肯定的并且没有认证，则用户被认证，否则该方法还包括以下步骤：向用户提供指示第一角度的元素， 校正旋转第二角度以使得采集基准与第二角度匹配，并且在生物特征比较步骤中，参考基准与第一角度匹配，如果第二角度基本上等于第一角度，则生物特征比较为正 。 适用于实现这种方法的装置。

公开(公告)号：US20160072979A1

公开(公告)日：2016-03-10

申请号：US14549866

申请日：2014-11-21

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Alban Feraud

IPC: H04N1/32 ,  H04N1/00 ,  G06F21/60 ,  G06T1/00

CPC classification number: H04N1/32149 ,  G06F21/606 ,  G06T1/0021 ,  G07C9/00079 ,  G07C2209/41 ,  H04N1/00209 ,  H04N1/32352

Abstract: The invention relates to systems and methods of securely transmitting an image stored in the memory of an identity document to a first terminal that is suitable for receiving the image. In various implementations, operations are performed by the identity document, including the identity document receiving an attribute transmitted by the first terminal; generating a marker from the attribute received from the terminal; including the marker in the image; and transmitting the image containing the marker, which may be referred to as the “modified” image, to the terminal.

Abstract translation: 本发明涉及将存储在身份证件的存储器中的图像安全地发送到适合于接收图像的第一终端的系统和方法。 在各种实现中，由身份证件执行操作，包括接收由第一终端发送的属性的身份证件; 从终端接收的属性生成标记; 包括图像中的标记; 并将包含标记的图像（其可以被称为“修改的”）图像发送到终端。

公开(公告)号：US09069971B2

公开(公告)日：2015-06-30

申请号：US14021868

申请日：2013-09-09

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Guillaume Barbu ,  Alberto Batistello ,  Christophe Giraud ,  Soline Renner

IPC: G06F11/30 ,  G06F21/57 ,  G06F7/72

CPC classification number: G06F21/577 ,  G06F7/723 ,  G06F2207/7271

Abstract: A method of testing security of an electronic device against a combination of a side-channel attack and a fault-injection attack implemented during a method of cryptographic processing that includes: delivering a message signature based on a secret parameter and implementing a recombination of at least two intermediate values according to the Chinese remainder theorem; and verifying the signature on the basis of at least one public exponent. The method of testing includes: transmitting a plurality of messages to be signed by said electronic device; disturbing each message, including modifying the message by inserting an identical error for each message, before executing a step of determining one of the intermediate values; and analyzing physical measurements, obtained during the step of verifying the signature as a function of the message to be signed, the identical error for each message, and an assumption of a value of part of the secret parameter.

Abstract translation: 一种针对在密码处理方法期间实现的侧信道攻击和故障注入攻击的组合来测试电子设备的安全性的方法，包括：基于秘密参数传递消息签名并实现至少 根据中国剩余定理的两个中间值; 以及基于至少一个公共指数验证签名。 测试方法包括：发送要由所述电子设备签名的多个消息; 干扰每个消息，包括在执行确定中间值之一的步骤之前对每个消息插入相同的错误来修改消息; 以及分析在根据要签名的消息的函数验证签名的步骤期间获得的物理测量，每个消息的相同误差以及秘密参数的一部分的值的假设。

公开(公告)号：US20150172051A1

公开(公告)日：2015-06-18

申请号：US14572233

申请日：2014-12-16

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Alberto BATTISTELLO ,  Christophe GIRAUD ,  Guillaume DABOSVILLE ,  Laurie GENELLE

IPC: H04L9/14 ,  H04L9/30

CPC classification number: H04L9/14 ,  H04L9/002 ,  H04L9/30 ,  H04L9/302 ,  H04L2209/24 ,  H04L2209/26

Abstract: Method of integrity verification of cryptographic key pairs, the method including an integrity test with: at least one first step implementing one of the private and public keys and an initial test datum, the first step making it possible to generate a first result, at least one second step implementing at least the first result and the key not used during the at least one first step, the second step making it possible to generate a second result, and a comparison of the second result and of the initial test datum, characterized in that the test is re-executed upon each positive comparison, and in that the test is executed at least 2 times.

Abstract translation: 密码密钥对的完整性验证方法，该方法包括完整性测试，其具有：实现私钥和公钥之一的至少一个第一步骤和初始测试数据，第一步骤至少可以产生第一结果，至少 至少实现第一结果的第二步骤和在至少一个第一步骤期间未使用的密钥，第二步骤可以产生第二结果，以及第二结果与初始测试数据的比较，其特征在于 在每次正面比较后重新执行测试，并且测试至少执行2次。

公开(公告)号：US09049021B2

公开(公告)日：2015-06-02

申请号：US13723552

申请日：2012-12-21

Applicant: Oberthur Technologies

Inventor： Emmanuelle Dottax ,  Sebastien Aumonier

IPC: H04L9/28 ,  G06F7/72 ,  H04L9/30

CPC classification number: H04L9/28 ,  G06F7/725 ,  H04L9/3066

Abstract: A method and apparatus are proposed for cryptographic computations implemented in an electronic component. The method includes determining the cofactor of an elliptic curve E defined over a finite field Fq with q elements, the elliptic curve comprising a base point P having an order equal to n. The step of determining includes determining a value of floor((q+2ceil(b/2)+1+1)/n) when n>6√q, where the function ceil corresponds to the ceiling function, floor corresponds to the floor function, and b corresponds to the size q in number of bits of q.

Abstract translation: 提出了一种用于在电子部件中实现的密码计算的方法和装置。 该方法包括确定在具有q个元素的有限域Fq上定义的椭圆曲线E的辅因子，该椭圆曲线包括具有等于n的阶数的基点P. 确定步骤包括当n>6√q时确定floor（（q + 2ceil（b / 2）+ 1 + 1）/ n）的值，其中功能ceil对应于天花板功能，floor对应于floor 函数，b对应于q的位数q。

公开(公告)号：US20150052063A1

公开(公告)日：2015-02-19

申请号：US14361299

申请日：2012-11-20

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Alban Feraud

IPC: G06Q20/38 ,  G06Q20/32

CPC classification number: G06Q20/38215 ,  G06Q20/322 ,  G06Q20/3829 ,  G06Q2220/00 ,  G10F1/18 ,  G10H1/22 ,  G10H2220/471 ,  G10H2220/501 ,  G10H2220/525 ,  H04L9/3215 ,  H04L9/3228

Abstract: Methods and devices for enabling authentication may include a first stage in which a first electronic device of the first entity communicates with a second electronic device of the second entity via a telecommunications network. During the first stage, the first electronic device generates a first token and transmits it from the first electronic device to the second electronic device via the network; and the second electronic device generates a third token and transmits the third token to the first electronic device via the network. During a second stage, authenticating a first non-authenticated entity as being the second entity as a function of a second token contained in a first portable electronic device of the first non-authenticated entity occurs; and authenticating a non-authenticated entity as being the first entity as a function of a fourth token contained in a second portable electronic device of the second non-authenticated entity also occurs.

Abstract translation: 用于启用认证的方法和设备可以包括第一阶段，其中第一实体的第一电子设备经由电信网络与第二实体的第二电子设备进行通信。 在第一阶段期间，第一电子设备生成第一令牌并且经由网络将其从第一电子设备发送到第二电子设备; 并且第二电子设备生成第三令牌，并且经由网络将第三令牌发送到第一电子设备。 在第二阶段期间，发生第一非认证实体的第一便携式电子设备中包含的作为第二令牌的函数的第一未认证实体作为第二实体; 并且还发生未认证实体作为包含在第二非认证实体的第二便携式电子设备中的第四令牌的功能的第一实体。

公开(公告)号：US20140351583A1

公开(公告)日：2014-11-27

申请号：US14283364

申请日：2014-05-21

Applicant: Oberthur Technologies

Inventor： Luk Bettale ,  Michele Sartori

IPC: H04W12/04 ,  H04L29/06

CPC classification number: H04W12/04 ,  G06F21/10 ,  H04L63/061 ,  H04L63/062 ,  H04N21/222 ,  H04N21/41407 ,  H04N21/4405 ,  H04N21/4433 ,  H04N21/4435 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/8355

Abstract: Disclosed are methods and systems of implementing a right over a content or contents. Various implementations may include means and operations for receiving, for example in an execution environment and from a secure element, a first key for implementing a right over an encrypted content; decrypting said content in said execution environment with the help of the first key; and implementing the right over the content in said execution environment. Various implementations may also include means and operations for receiving a second key in, for example, said execution environment, from the secure element; and encrypting said content in sad execution environment with the help of the second key.

Abstract translation: 公开了实现对内容或内容的权利的方法和系统。 各种实现可以包括用于例如在执行环境中和从安全元件接收用于在加密内容上实现权利的第一密钥的装置和操作; 借助于第一密钥对所述执行环境中的所述内容进行解密; 并在所述执行环境中实现对内容的权利。 各种实施方式还可以包括用于从安全元件接收例如所述执行环境中的第二密钥的装置和操作; 并在第二个键的帮助下在悲伤的执行环境中加密所述内容。

公开(公告)号：US20140273913A1

公开(公告)日：2014-09-18

申请号：US14202011

申请日：2014-03-10

Applicant: Oberthur Technologies

Inventor： Alexis MICHEL ,  Jerome DUMOULIN

IPC: H04W4/22

CPC classification number: H04W4/90 ,  G08B25/016 ,  H04L67/12 ,  H04M3/00 ,  H04M3/44 ,  H04M2242/04 ,  H04W4/046 ,  H04W4/40 ,  H04W4/50 ,  H04W8/183 ,  H04W76/50

Abstract: An embodiment of an emergency call system comprises a device for triggering an emergency call and a communications device having a secure element. In various implementations, the secure element includes at least two profiles, one of which is an emergency profile; means suitable for receiving, over a local communications channel, an event issued by the device for triggering an emergency call; means for activating an emergency profile, enabling emergency calls to be made in a communications network, if said profile is not already active; and means for calling an emergency number in said network in order to make said emergency call.

Abstract translation: 紧急呼叫系统的实施例包括用于触发紧急呼叫的设备和具有安全元件的通信设备。 在各种实现中，安全元件包括至少两个简档，其中之一是紧急简档; 适于通过本地通信信道接收由设备发出的用于触发紧急呼叫的事件的装置; 用于激活紧急简档的装置，如果所述简档尚未激活，则能够在通信网络中进行紧急呼叫; 以及用于在所述网络中呼叫紧急号码以便进行所述紧急呼叫的装置。

公开(公告)号：US20140224880A1

公开(公告)日：2014-08-14

申请号：US14345724

申请日：2012-09-20

Applicant: OBERTHUR TECHNOLOGIES

Inventor： François Launay ,  Gregory Simonneaux ,  Franck Geffray

IPC: G06K19/00 ,  G06K19/02

CPC classification number: G06K19/022 ,  B41F15/0881 ,  B41F15/089 ,  B41F15/0895 ,  B41F17/24 ,  B41F17/28 ,  B41F17/30 ,  B41M3/00 ,  B41M5/382 ,  B42D25/00 ,  B42D25/30 ,  B42D25/405 ,  B42D2035/24 ,  G06K19/00 ,  G06K19/042 ,  G06Q20/355

Abstract: A method of personalization for at least two cards (10), each card including a first side, a second side, and a peripheral surface, includes the following steps: forming a pile (20) of at least two cards by stacking the first side or the second side of an article (n) such that the first surface or the second surface of the following card (n+1) is in contact with the first side or the second side of the card (n); aligning, via an alignment device (32, 34) at least one element of the peripheral surface of the card (n) with at least one element of the peripheral surface of the following card (n+1) such that at least one element of the set of peripheral surfaces of each card forms at least one uniform surface; applying, via an application device, at least one product on at least one element of the uniform surface.

Abstract translation: 一种用于至少两张卡片（10）的个性化方法，包括第一侧面，第二侧面和周边表面的每个卡片包括以下步骤：通过堆叠第一面来形成至少两张卡片的绒头（20） 或物品（n）的第二面，使得下一卡（n + 1）的第一表面或第二表面与卡（n）的第一面或第二面接触; 通过对准装置（32,34）将卡（n）的周边表面的至少一个元件与随后卡（n + 1）的外围表面的至少一个元件对准，使得至少一个元件 每个卡片的外围表面的集合形成至少一个均匀的表面; 通过应用装置施加至少一个产品在均匀表面的至少一个元件上。

公开(公告)号：US20140164771A1

公开(公告)日：2014-06-12

申请号：US14100307

申请日：2013-12-09

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Arnaud DANREE ,  Guillaume LARIGNON

IPC: H04L29/06

CPC classification number: H04L63/0853 ,  H04L9/3271 ,  H04L63/04 ,  H04L63/062 ,  H04L2209/805 ,  H04W4/60 ,  H04W12/04

Abstract: A method and system for managing an embedded secure element (50) accessible as a slave of the resident applications (Appl-3) of a host device of the eSE. The eSE includes an issuer security domain (51), ISD, with which cryptographic keys are associated. The method includes, in an application agent embedded in an OS of the host device: sending (420) the ISD a random value; receiving (435) a cryptogram corresponding to the random value encrypted using a key associated with the ISD; sending (440, 450) the random value and the cryptogram to a first extern entity entered in the application agent. The method includes: sending (455, 4555) the random value and the cryptogram from the first entity to a second external entity; verifying (4556) that the second entity possesses keys associated with the ISD from the cryptogram and the random value.

Abstract translation: 一种用于管理作为eSE的主机设备的驻留应用（Appl-3）的从站可访问的嵌入式安全元件（50）的方法和系统。 eSE包括与密码密钥相关联的发行者安全域（51），ISD。 该方法包括：嵌入在主机设备的OS中的应用代理：发送（420）ISD随机值; 接收（435）与使用与所述ISD相关联的密钥加密的随机值对应的密码; 将随机值和密码发送（440,450）到在应用代理中输入的第一个外部实体。 该方法包括：从第一实体向第二外部实体发送（455,4555）随机值和密码; 验证（4556）第二实体具有与密码相关联的密钥和随机值。