公开(公告)号：US11159319B2

公开(公告)日：2021-10-26

申请号：US16060977

申请日：2016-12-09

Applicant: GEMALTO SA

Inventor： Aline Gouget ,  Mariya Georgieva

IPC: H04L9/30 ,  G07C13/00 ,  H04L9/32

Abstract: A method for operating an attribute assertion device having a processor and memory to create an unlinkable digital signature-equivalent of an assertion message that is verifiable—by a service provider receiving the unlinkable digital signature-equivalent—as being generated from a digital signature of a known attribute provider having a public key PKAP. Operating the processor of the attribute assertion device to transform a digital signature of the attribute message into an unlinkable digital signature-equivalent using a one-way transformation of the signature, with the transformation process using a random value generated by the attribute assertion device and a challenge provided by the service provider.

公开(公告)号：US11115195B2

公开(公告)日：2021-09-07

申请号：US16325304

申请日：2017-07-27

Applicant: GEMALTO SA

Inventor： Ly Thanh Phan

IPC: H04L9/08 ,  H04L9/32 ,  H04W12/069 ,  H04L29/06

Abstract: The invention proposes an authentication server of a cellular telecommunication network, the authentication server being arranged for generating an authentication token to be transmitted to a telecommunication terminal, the authentication token comprising a message authentication code and a sequence number, wherein the message authentication code is equal to: MACx=KIdx XOR f1(AMF,SQNx,RAND,K) with KIdx being a key index information in the form of a bias of a MAC equal to: MAC=f1(K,AMF,SQNx,RAND) with f1 being a function, K a key, RAND a random number and SQNx a sequence counter relative to a corresponding key Kx derived from the key K and KIdx, and AMF the content of an authentication management field as defined in 3GPP TS 33.102.

公开(公告)号：US10966082B2

公开(公告)日：2021-03-30

申请号：US16097411

申请日：2017-04-24

Applicant: Gemalto M2M GmbH ,  GEMALTO SA

Inventor： Volker Breuer ,  Lars Wehmeier ,  Mireille Pauliac

IPC: H04W12/00 ,  H04W8/18 ,  H04W52/02 ,  H04L29/06 ,  H04W12/12 ,  H04B1/3816 ,  H04W12/06 ,  H04W88/02

Abstract: The present invention relates to a mobile communication device for communicating with a cellular network by means of a serving base node, the mobile communication device further being connected to a subscriber identity module, the mobile communication device being configured to operate in a power optimization mode wherein the power optimization mode comprises extended paging periods, and the mobile communication device is further configured to set up a communication context with the base node using authentication means of the subscriber identity module, wherein the mobile communication device is further configured, in case of detection of a removal of the subscriber identity module and when the power optimization mode is activated: to send an removal alert message to the serving base node by means of said communication context, afterwards to terminate the communication context.

公开(公告)号：US10965690B2

公开(公告)日：2021-03-30

申请号：US16099562

申请日：2017-05-22

Applicant: GEMALTO SA

Inventor： Ly Thanh Phan

IPC: G06F21/00 ,  H04L29/06 ,  H04W12/00 ,  H04W12/12 ,  G06F16/23 ,  H04L9/00 ,  H04W4/70 ,  H04L9/08

Abstract: This invention relates to a method for managing the status of a connected device by publishing assertions in an immutable distributed database composed of a plurality of compute nodes, a pair of keys comprising a public key and a private key being associated with the connected device. The method comprises the steps of: receiving from a first terminal associated to a first user an instruction message; verifying that the first user is allowed to modify the status of the connected device; sending an assertion request to the immutable distributed database for publishing an assertion comprising the status information.

公开(公告)号：US10939265B2

公开(公告)日：2021-03-02

申请号：US15768211

申请日：2016-09-06

Applicant: GEMALTO SA

Inventor： Milas Fokle ,  Benoit Gonzalvo ,  Guillaume Huysmans

IPC: H04W4/50 ,  H04W4/60 ,  H04W12/02 ,  H04W12/06 ,  H04W12/00 ,  G06F21/12 ,  G06F21/31 ,  G06F21/44 ,  G06F21/60 ,  H04L9/32 ,  H04L29/06 ,  H04L29/08

Abstract: The invention is a method for managing an application that includes a generic part and an additional part. The generic part is pre-installed on a device. The device gets a fingerprint of itself and after a user authentication sends to a server a request for getting the additional part. The request comprises credentials associated with the user or a reference of the user, the fingerprint and a reference of the application. The server generates a ciphered part of the additional part using a key based on both the credentials and the fingerprint and builds an auto-decrypt program configured to decipher the ciphered part. The device receives the ciphered part and the auto-decrypt program. It gets the fingerprint and the credentials and retrieves the additional part by running the auto-decrypt program with said fingerprint and credentials as input parameters.

公开(公告)号：US10812467B2

公开(公告)日：2020-10-20

申请号：US15578895

申请日：2016-05-24

Applicant: GEMALTO SA

Inventor： Gil Bernabeu ,  Olivier Potonniee ,  HongQian Karen Lu

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/00 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32

Abstract: The invention is a method for managing a secure channel between a server and a secure element embedded in a first device, wherein a user agent embedded in a second device establishes a HTTPS session with the server and retrieves a web application from the server, the method comprising the steps: the server sends to the web application an application certificate which is linked to a specific data reflecting the identity of the server, the secure element gets the application certificate and the specific data, the secure element checks the validity of the application certificate and that the application certificate is consistently linked to the specific data, in case of successful checks, the secure element and the server generate an ephemeral session key and use it for opening a secure channel.

公开(公告)号：US10756927B2

公开(公告)日：2020-08-25

申请号：US14429795

申请日：2013-09-27

Applicant: Gemalto SA

Inventor： Marc Gemeto ,  Jean-Yves Fine

IPC: H04W12/00 ,  H04L12/00 ,  H04L12/46 ,  H04L29/06 ,  H04W12/08 ,  H04W4/80 ,  H04W76/14

Abstract: The invention specifically relates to a method for virtually connecting two persons, with the first person having a first NFC device and the second person having a second NEC device. One of the NFC devices is a telecommunications terminal comprising an application, and both NFC devices comprise the identity of the person to which they belong. According to the invention, the method includes transmitting the identity of the first person from the first NFC device to the second NFC device; transmitting the identity of the second person from the second NFC device to the first NFC device; generating a secret shared by the persons using the application, with the shared secret giving access to an Internet space shared by the persons; and storing the shared secret in the NFC devices, with a reference relating to the virtual connection thereof.

公开(公告)号：US10693842B2

公开(公告)日：2020-06-23

申请号：US15567346

申请日：2016-04-13

Applicant: GEMALTO SA

Inventor： Alain Rhelimi

IPC: G06F12/14 ,  H04L9/00 ,  H04L9/08 ,  H04L29/06 ,  G06F21/79 ,  G09C1/00 ,  H04L9/06 ,  G06F21/74 ,  G06F21/85

Abstract: A device for managing multiple accesses to a secure module of a system on chip of an apparatus, and comprises a stream ciphering means arranged for computing on the fly and in a single pass an integrity check for data to be transferred between secure and non secure modules of the system on chip with a seed and an encryption key, and for encrypting/decrypting on the fly and in this single pass these data with the encryption key, and a control means for providing the encryption key and seed to the stream ciphering means and for requesting data transfer and retrieving status to the secure and non secure modules for allowing the transfer of encrypted/decrypted data between the secure and non secure modules.

公开(公告)号：US10673632B2

公开(公告)日：2020-06-02

申请号：US16108578

申请日：2018-08-22

Applicant: GEMALTO SA

Inventor： HongQian Karen Lu

IPC: H04L29/00 ,  H04L9/32 ,  H04L9/08

Abstract: The invention is a method for deploying a trusted identity for a user issued by an issuer. The user has a user device configured to send a request for signature to an issuer device handled by the issuer. The request comprises a user public key allocated to the user. The issuer device is configured to compute an issuer signature by signing both the user's trusted identity and the user public key using an issuer private key allocated to the issuer. A block chain transaction containing the issuer signature is created and submitted to a Block Chain for transaction verification and storage.

公开(公告)号：US10673610B2

公开(公告)日：2020-06-02

申请号：US15578033

申请日：2016-05-27

Applicant: GEMALTO SA

Inventor： David Vigilant ,  Sabine Azzi

IPC: H04L9/00 ,  H04L9/06 ,  H04L9/14 ,  H04L9/32 ,  H04L9/30 ,  H03M13/13

Abstract: A system, method and computer-readable storage medium with instructions for protecting an electronic device against fault attack. Given a data represented as an input codeword of a systematic linear error correcting code, the technology provides the secure computation of the output codeword corresponding to the result of the non-linear function applied to this data. Other systems and methods are disclosed.