公开(公告)号：US20080232582A1

公开(公告)日：2008-09-25

申请号：US10593411

申请日：2005-02-25

申请人： Benoit Chevallier-Mames ,  David Naccache ,  Pascal Paillier

发明人： Benoit Chevallier-Mames ,  David Naccache ,  Pascal Paillier

IPC分类号： H04L9/32

CPC分类号： G06F21/64 ,  G06F21/51 ,  G06F21/52 ,  H04L9/3242 ,  H04L9/3247 ,  H04L2209/30 ,  H04L2209/38 ,  H04L2209/80

摘要： A method for dynamically authenticating an executable program, that is the continuation of the instructions defined thereby, is performed repeatedly during the very execution of the program. The method for making secure an electronic portable object through execution of a program supplied by another insecure electronic object uses, inter alia, a secret key protocol.

摘要翻译： 在程序的非常执行期间重复地执行用于动态地认证可执行程序的方法，即由其定义的指令的延续。 通过执行由另一不安全电子对象提供的程序来确保电子便携式对象的方法尤其使用秘密密钥协议。

公开(公告)号：US20080155507A1

公开(公告)日：2008-06-26

申请号：US11962407

申请日：2007-12-21

申请人： David Naccache

发明人： David Naccache

IPC分类号： G06F9/44

CPC分类号： G06F21/57 ,  G06F21/77

摘要： A method is provided for auditing compliance of an electronic platform, referred to as the platform being tested, and/or a computer program being tested, which is present on the platform being tested. The method includes the following steps: transmitting the same data set, via an auditing device, to the platform being tested, on the one hand, and, on the other hand, to a compliant reference platform present in the auditing device; and deciding upon the compliance of the platform being tested and/or the computer program being tested, based on an analysis of the respective behaviors of the platform being tested and the reference platform. The auditing device then issues a compliance decision.

摘要翻译： 提供了一种用于审计被称为被测试平台的电子平台和/或正被测试的计算机程序的合规性的方法，该计算机程序存在于被测试的平台上。 该方法包括以下步骤：一方面通过审核设备将相同的数据集发送到被测试的平台，另一方面，传送到审核设备中存在的兼容参考平台; 并且基于对所测试的平台的相应行为和参考平台的分析来确定被测试平台和/或被测试的计算机程序的顺从性。 然后，审核设备发布合规性决定。

公开(公告)号：US20080103912A1

公开(公告)日：2008-05-01

申请号：US11924323

申请日：2007-10-25

申请人： David Naccache

发明人： David Naccache

IPC分类号： G06Q40/00 ,  G06F17/40

CPC分类号： G06Q20/12 ,  G06Q20/10 ,  G06Q20/20 ,  G06Q40/02 ,  G06Q40/12

摘要： A method is provided for supplying data representative of transactions between a client and at least one merchant, via a banking institution. The banking institution issues a statement to the client which, for each transaction, includes a statement line containing at least one reference for said transaction and/or the merchant, and an amount corresponding thereto. The method includes a transaction phase, including: storing data representative of said transaction, in a statement server; acquiring and storing, in an illustrative data server, at least one information representative of a photograph and/or illustration representative of said merchant, called illustrative information. A supplying phase includes: creating the statement, associating to at least one of the statement lines the data representative of the transaction and at least some of the illustrative information, and/or at least one information pointing via one hyperlink to at least some of said illustrative information, called access information.

摘要翻译： 提供了一种通过银行机构提供表示客户端与至少一个商家之间的交易的数据的方法。 银行机构向客户发出一个声明，对于每个交易，对于每个交易，包括至少包含一个用于所述交易和/或商家的参考的报表行以及对应的数额。 该方法包括交易阶段，包括：将表示所述交易的数据存储在语句服务器中; 在说明性数据服务器中获取和存储表示所述商家的照片和/或插图的至少一个信息，称为说明信息。 提供阶段包括：创建该语句，将代表交易的数据和至少一些说明性信息的语句行中的至少一个相关联，和/或将至少一个信息通过一个超链接指向至少一个所述 说明信息，称为访问信息。

公开(公告)号：US20080100449A1

公开(公告)日：2008-05-01

申请号：US11924320

申请日：2007-10-25

申请人： David Naccache

发明人： David Naccache

IPC分类号： G08B13/14

CPC分类号： H04L9/3236 ,  G06Q20/3415 ,  G06Q20/3823 ,  G07D7/01 ,  G07F7/08 ,  G07F7/1016 ,  G07F7/12 ,  G07F17/42 ,  G07G1/009 ,  H04L9/3226 ,  H04L2209/56 ,  H04L2209/805 ,  H04L2209/84

摘要： A process is provided for deterring the theft of notes equipped with a radio-tag type authenticity check element, capable of returning an item of authenticity information, in response to an authentication request emitted by a check device. Such a process includes the following steps: transmission to the check element of at least one inactivation code, rendering the note invalid; storage and/or transport of the invalid note; and reactivation of the check element, using at least one activation code, depending on the inactivation code, rendering the note valid.

摘要翻译： 提供了一种响应于由检查装置发出的认证请求来防止配备有能够返回一个真实性信息项的无线电标签类型真实性检查元件的便笺盗窃的处理。 这样的过程包括以下步骤：向至少一个灭活代码的检查元素发送，使得该记录无效; 储存和/或运送无效票据; 并且使用至少一个激活码来重新激活检查元件，这取决于失活代码，使得该注释是有效的。

公开(公告)号：US07146006B1

公开(公告)日：2006-12-05

申请号：US10031065

申请日：2000-07-12

申请人： Jean-Sebastien Coron ,  David Naccache

发明人： Jean-Sebastien Coron ,  David Naccache

IPC分类号： H04K1/00 ,  H04L9/28 ,  G06F11/30

CPC分类号： H04L9/0625 ,  G06F7/58 ,  G06F2207/7223 ,  G06K19/07363 ,  G06Q20/341 ,  G07F7/084 ,  G07F7/1008 ,  H04L9/003 ,  H04L2209/08

摘要： Two methods for random number generation are modified to make them more resistant to attacks by current measurements. The methods are particularly designed to be implemented in electronic devices such as smart cards, PCMCIA, badges, contactless cards or any other portable device. The DES algorithm is encrypted using a key K having a value D representing date information, to generate an integer variable I. For j ranging from 1 to m, the following steps are carried out: substituting s with s XOR I; introducing in the integer variable y the result of the encryption of s with the DES algorithm using the key K; introducing in xj the result of y or s; substituting s with y XOR I; and introducing in s the result of the encryption of s with the DES algorithm using the key K. The sequence (x1, x2, xm) is then restored in the output.

摘要翻译： 修改随机数生成的两种方法，使其更能抵抗目前测量的攻击。 这些方法特别设计用于在诸如智能卡，PCMCIA，徽章，非接触式卡或任何其它便携式设备的电子设备中实现。 使用具有代表日期信息的值D的密钥K来加密DES算法，以生成整数变量I.对于从1到m的j，执行以下步骤：用s XOR I代替s; 在整数变量y中引入使用密钥K的DES算法对s进行加密的结果; 在x或j中引入y或s的结果; 用y XOR I代替s; 并且使用密钥K使用DES算法在s中引入s的加密结果。序列（x 1，x 2，x m， SUB>）然后在输出中恢复。

公开(公告)号：US5461675A

公开(公告)日：1995-10-24

申请号：US121599

申请日：1993-09-14

申请人： Eric Diehl ,  David Naccache

发明人： Eric Diehl ,  David Naccache

IPC分类号： H04L9/10 ,  G07F7/10 ,  H04N5/00 ,  H04N7/167 ,  H04L9/32 ,  H04L7/167

CPC分类号： H04N21/4623 ,  G06Q20/346 ,  G07F7/1008 ,  H04N21/4181 ,  H04N21/4405 ,  H04N7/1675

摘要： In a system for controlling access to signals such as pay-TV signals, the signals include data packets that are received and by a decoder and forwarded to a smart card for access authorization processing. The data packets contain information that updates entitlement or access authorization data inside the smart card. Time-related data is added to the data packets. The smart card checks to determine if the time-related data evolves between two successive packets. If not, the smart card inhibits the delivering of descrambling parameters to the decoder.

摘要翻译： 在用于控制对诸如付费电视信号的信号的访问的系统中，信号包括被接收的数据分组，并由解码器转发到智能卡进行访问授权处理。 数据包包含更新智能卡内的权限或访问授权数据的信息。 时间相关数据被添加到数据包中。 智能卡检查以确定时间相关数据是否在两个连续数据包之间发展。 如果不是，则智能卡禁止向解码器传送解扰参数。

公开(公告)号：US5452357A

公开(公告)日：1995-09-19

申请号：US400310

申请日：1995-03-06

申请人： David Naccache

发明人： David Naccache

IPC分类号： G06K17/00 ,  G06F12/14 ,  G06F21/24 ,  G06K19/10 ,  G07F7/10 ,  G07F7/12 ,  G09C1/00 ,  H04L9/08 ,  H04L9/32 ,  H04N7/167 ,  H04N7/169 ,  H04L9/00

CPC分类号： G07F7/1008 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L9/3218 ,  H04L9/3234

摘要： A system providing access control, including encryption and decryption capability, replaces a public key directory by a transmission between an authority, or a sender S, and a receiver R of a "seed" value. The seed is processed to provide both identity information for R and public keys, i.e. a "virtual public key directory", or VPKD. The VPKD is generated prior to execution of the algorithm requiring the public directory, i.e. the host algorithm.

摘要翻译： 提供访问控制（包括加密和解密能力）的系统通过授权机构或发送者S与“种子”值的接收者R之间的传输来替换公钥目录。 处理种子以提供用于R和公钥的身份信息，即“虚拟公钥目录”或VPKD。 在执行需要公共目录的算法（即主机算法）之前生成VPKD。

公开(公告)号：US09697511B2

公开(公告)日：2017-07-04

申请号：US12643352

申请日：2009-12-21

申请人： David Naccache

发明人： David Naccache

IPC分类号： G06Q20/32 ,  G06Q20/10 ,  G06Q20/20 ,  G06Q20/22 ,  G06Q20/40

CPC分类号： G06Q20/3224 ,  G06Q20/10 ,  G06Q20/105 ,  G06Q20/20 ,  G06Q20/223 ,  G06Q20/32 ,  G06Q20/322 ,  G06Q20/327 ,  G06Q20/40

摘要： A method for securing a transaction by an electronic card paired with at least one mobile terminal, wherein a banking organization in charge of managing transactions involving the card has previously recorded an identifier of the mobile terminal among data relating to the owner of the card. The securing method includes: transmission, by the mobile terminal, of at least one first signal including a message containing the identifier; receipt, by at least one transaction device near the mobile terminal, of the first signal; transmission, by the transaction device, of a second signal including at least the message to at least one remote banking organization; assignment, by a control server of the banking organization, to a transaction involving the electronic card, by a control server of the banking organization, of information representing proximity between the electronic card and the mobile terminal, according to the second signal received by the banking organization.

公开(公告)号：US09342294B2

公开(公告)日：2016-05-17

申请号：US13468144

申请日：2012-05-10

申请人： David Naccache

发明人： David Naccache

IPC分类号： G06F12/00 ,  G06F9/445

CPC分类号： G06F8/66

摘要： Patching a read-only memory, including a program executable by a processor is performed with a MRAM-based CAM device connected to the address bus and comparing in the background the addresses requested by the processor with the elements of a vector of addresses. The match-in-place operation is done in parallel on all the elements of the vector and typically is performed in less than a clock cycle. If a match is found, the CAM device outputs a diversion address that's used to retrieve a substitution machine code element from a flash memory that is presented to the processor in lieu of the one addressed in the ROM. This patching scheme is totally transparent, has little overhead, and extreme granularity.

摘要翻译： 使用连接到地址总线的基于MRAM的CAM设备来执行包括可由处理器执行的程序的只读存储器，并在后台将处理器请求的地址与地址向量的元素进行比较。 本就位操作在向量的所有元素上并行完成，通常在不到一个时钟周期内执行。 如果找到匹配，则CAM设备输出用于从提供给处理器的闪速存储器中取代代替机器码元的代用地址，代替ROM中寻址的地址。 这种修补方案完全透明，开销小，粒度极高。

公开(公告)号：US09338000B2

公开(公告)日：2016-05-10

申请号：US14116645

申请日：2012-04-30

申请人： David Naccache ,  Jean-Sébastien Coron ,  Medhi Tibouchi

发明人： David Naccache ,  Jean-Sébastien Coron ,  Medhi Tibouchi

IPC分类号： H04L9/08 ,  H04L9/00 ,  H04L9/30

CPC分类号： H04L9/0861 ,  H04L9/008 ,  H04L9/30

摘要： There is proposed a method of generating secret and public keys vDGHV with enhanced security, implemented in a device including at least one microprocessor and a memory. The method includes generating a secret key SK corresponding the generation of a prime random number p or product of prime numbers.

摘要翻译： 提出了一种在包括至少一个微处理器和存储器的设备中实现的增强安全性的密钥和公开密钥vDGHV的方法。 该方法包括生成对应于素数随机数p或质数乘积的生成的秘密密钥SK。