-
公开(公告)号:US07526648B2
公开(公告)日:2009-04-28
申请号:US10472993
申请日:2002-06-07
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , G09C1/00 , H04L9/3263 , H04L2209/56
摘要: The present invention relates to a cryptographic method of protecting an electronic chip against fraud and a device including an electronic chip which is adapted to protect the electronic chip against fraud. The method includes: mixing some or all of the input parameters (Em) to supply an output data item E′=(e′1, e′2, . . . , e′n, . . . , e′N), changing the state of a finite state automaton from an old state to a new state as a function of the data item E′=(e′1, e′2, . . . , e′n, . . . , e′N), and calculating a certificate (S) by means of an output function having at least one state of the automaton as an input argument. The device includes: mixing means, a finite state automaton, and output means for calculating a certificate (S).
摘要翻译: 本发明涉及一种保护电子芯片免受欺诈的密码方法和一种包括适用于保护电子芯片免受欺诈的电子芯片的设备。 该方法包括:混合部分或全部输入参数(Em)以提供输出数据项E'=(e'1,e'2,...,e'n,...,e'N) 将有限状态自动机的状态从旧状态改变为新状态,作为数据项E'=(e'1,e'2,...,e'n,...,e'N的函数) ),并且通过具有自动机的至少一个状态的输出函数作为输入参数来计算证书(S)。 该装置包括:混合装置,有限状态自动机和用于计算证书(S)的输出装置。
-
2.发明授权Device for transforming a digital data sequence into a condensed digital data block using tables and logic operators 失效用于使用表和逻辑运算符将数字数据序列变换为缩合数字数据块的装置
公开(公告)号:US5347650A
公开(公告)日:1994-09-13
申请号:US672649
申请日:1991-03-21
申请人: David Arditti , Mireille Campana , Henri Gilbert
发明人: David Arditti , Mireille Campana , Henri Gilbert
CPC分类号: H04L9/0618 , H04L9/3247 , H04L9/3263 , H04L2209/20
摘要: An electronic device for processing digital data has an input for receiving data to be processed and processor means suitable for transforming the input data in non-falsifiable manner into a result condensed data block. The processor means tools that are simple and fast, such as arrays and logic operators, to provide an elementary anti-collision operation for use in condensing the digital data.
摘要翻译: 用于处理数字数据的电子设备具有用于接收要处理的数据的输入和适于将输入数据以不可伪造的方式变换成结果浓缩数据块的处理器装置。 处理器是指简单快速的工具,例如阵列和逻辑运算符,用于提供用于冷凝数字数据的基本防冲突操作。
-
公开(公告)号:US6125445A
公开(公告)日:2000-09-26
申请号:US76818
申请日:1998-05-13
申请人: David Arditti , Henri Gilbert , Jacques Stern , David Pointcheval
发明人: David Arditti , Henri Gilbert , Jacques Stern , David Pointcheval
CPC分类号: H04L9/3236 , H04L9/3218
摘要: A process for the identification of a claimant by a verifier. The process is of the public key type, where the public exponent is equal to 3. The claimant draws at random a first exponent .alpha., calculates r=g.sup..alpha. mod n and transmits R=r.sup.3. The verifier draws at random a second exponent .beta., calculates t=g.sup..beta. mod n, calculates T=t.sup.3 mod n and h=H.sub.1 (Z), where H.sub.1 is a hash function, and calculates Z=R.sup.3 mod n. The verifier transmits to the claimant the numbers T and h. The claimant calculates Y=T.sup..alpha. mod n, verifies the result H.sub.1 (Y), calculates H=H.sub.2 (Y), where H.sub.2 is another hash function, calculates z=rS mod n, and transmits z and H. The claimant also has a secret number S equal to the modulo n cubic root of a number I deduced from its identity so that the number S verifies S.sup.3 =I mod n. The verifier verifies that H received is equal to H.sub.2 (Z) and that z.sup.3 is equal to RI mod n.
摘要翻译: 验证者识别索赔人的过程。 该过程是公钥类型,其中公共指数等于3.索赔人随机抽取第一指数α,计算r = g alpha mod n并发送R = r3。 验证者随机抽取第二指数β,计算t = g beta mod n,计算T = t3 mod n和h = H1(Z),其中H1是散列函数,并计算Z = R3 mod n。 验证者向索赔人传送号码T和h。 索赔人计算Y = Tαmod n,验证结果H1(Y),计算H = H2(Y),其中H2是另一个哈希函数,计算z = rS mod n,并发送z和H.索赔人也有 秘密数S等于从其身份推断的数字的模n立方根,使得数S验证S3 = I mod n。 验证者验证H接收等于H2(Z),并且z3等于RI mod n。
-
公开(公告)号:US5862224A
公开(公告)日:1999-01-19
申请号:US731488
申请日:1996-10-16
申请人: Henri Gilbert , David Arditti
发明人: Henri Gilbert , David Arditti
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/367 , G06Q20/3678 , G06Q20/40975
摘要: A cryptographic process is for protection against fraud. An allocation of a secret key K is made to a card and to an application and an input value R is defined. The card and application calculate the modulo 2 scalar product of binary vectors constituted by words of R and words of K. The application checks whether the result obtained by the card is in agreement with its own result. An exemplary application is low cost cards.
摘要翻译: 加密过程是防止欺诈。 对卡和应用进行秘密密钥K的分配,并且定义输入值R. 卡和应用程序计算由R的单词和K组成的二进制向量的模2标量乘积。应用程序检查卡获得的结果是否与其自身的结果一致。 示例性应用是低成本卡。
-
公开(公告)号:US06529886B1
公开(公告)日:2003-03-04
申请号:US09331184
申请日:1999-08-18
IPC分类号: G06F1760
CPC分类号: H04L9/3226 , G06Q20/0855 , G06Q20/383 , H04L9/0833 , H04L9/321 , H04L2209/42 , H04L2209/56
摘要: This invention relates to an authentication process with an access control and/or payment system that maintains anonymity of the customer towards a third party, characterized in that a single-directional authentication protocol is used to send an authentication sequence that is completely different for each transaction, so that it is impossible for a third party to determine the identity of this customer, or even to determine which transactions are sent by a particular customer.
摘要翻译: 本发明涉及一种具有访问控制和/或支付系统的认证过程,该系统将客户的匿名维护向第三方,其特征在于使用单向认证协议来发送对于每个事务完全不同的认证序列 ,使得第三方不可能确定该客户的身份,或者甚至确定特定客户发送哪些交易。
-
公开(公告)号:US5602915A
公开(公告)日:1997-02-11
申请号:US201979
申请日:1994-02-25
申请人: Mireille Campana , Henri Gilbert , David Arditti
发明人: Mireille Campana , Henri Gilbert , David Arditti
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/40975 , H04L9/08 , H04L9/0844
摘要: A process for controlling communication between a first and a second smart card using key-based cryptography is provided. In the disclosed process, a first identity code is stored in the first smart card and a second identity code is stored in the second smart card. The smart cards are customized by writing into each of the smart cards an identical group secret key and respective algorithms for processing the identical group secret key and the first and second identity codes stored in the first and second smart cards, respectively. The smart cards are used by transmitting the first identity code to the second smart card, transmitting the second identity code to the first smart card, and calculating using the respective processing algorithms stored in the smart cards, first and second session keys for the first and second smart cards, respectively.
摘要翻译: 提供了使用基于密码的密码学来控制第一和第二智能卡之间的通信的过程。 在所公开的过程中,第一身份码存储在第一智能卡中,第二识别码存储在第二智能卡中。 智能卡通过将每个智能卡写入相同的组密钥和分别用于处理相同组密钥以及存储在第一和第二智能卡中的第一和第二身份码的各自的算法进行定制。 通过将第一身份码发送到第二智能卡,将第二身份码发送到第一智能卡,并使用存储在智能卡中的各个处理算法进行计算,第一和第二会话密钥用于第一和第 第二智能卡。
-
7.发明申请Method for Controlling Secure Transactions Using a Single Multiple Dual-Key Device, Corresponding Physical Deivce, System and Computer Program 审中-公开使用单个多重双键设备控制安全事务的方法,相应的物理设备,系统和计算机程序公开(公告)号:US20080250246A1
公开(公告)日:2008-10-09
申请号:US11996179
申请日:2006-07-18
申请人: David Arditti , Sidonie Caron , Laurent Frisch
发明人: David Arditti , Sidonie Caron , Laurent Frisch
IPC分类号: H04L9/06
CPC分类号: H04L9/3263 , H04L2209/56
摘要: A device is provided for controlling secure transactions using a physical device held by a user and bearing at least one first pair of asymmetric keys, including a first device public key and a first corresponding device private key. The control includes, prior to implementing the device, certifying a first device public key and characteristics data of the physical device by signing with a first certification key, delivering a factory certificate, after verifying that the device private key is housed in a tamper-proof zone of the physical device. At least one second pair of asymmetric keys is generated, including a second device public key and a second device private key housed in a tamper-proof zone of the device. A second device public key is certified by signing with at least the first device private key, delivering a provisional certificate. The factory and provisional certificate are verified using, respectively, a second certification key corresponding to the first certification key, and the first device public key. In case of positive verification, the method includes delivering by a trusted third party a device certificate corresponding to the signature by the provider at least the second device public key and an identifier of the user and the characteristic data of the device.
摘要翻译: 提供了一种用于使用由用户持有的物理设备来控制安全事务并且承载至少一个第一对非对称密钥(包括第一设备公钥和第一对应设备私钥)的设备。 该控制包括在实施该设备之前,在验证设备私钥被容纳在防篡改中之后,通过使用第一认证密钥进行签名来验证物理设备的第一设备公钥和特征数据,以交付工厂证书 物理设备的区域。 产生至少一个第二对非对称密钥,包括第二设备公钥和容纳在设备的防篡改区域中的第二设备私钥。 第二个设备公钥通过至少使用第一个设备私钥进行签名,提供临时证书。 分别使用与第一认证密钥对应的第二认证密钥和第一设备公钥来验证工厂和临时证书。 在正确验证的情况下,该方法包括至少由第二设备公钥和用户的标识符以及设备的特征数据来由可信任的第三方递送与提供者的签名相对应的设备证书。
-
公开(公告)号:US20080292104A1
公开(公告)日:2008-11-27
申请号:US12096426
申请日:2006-12-05
申请人: Julie H. Loc'H , David Arditti , Sylvie Camus
发明人: Julie H. Loc'H , David Arditti , Sylvie Camus
IPC分类号: H04L9/14
CPC分类号: H04L9/0894
摘要: At least one expired decryption key intended to be used for asymmetrical decryption of encrypted data is recovered in a terminal after generation of a cryptographic encryption key/decryption key pair stored in a cryptographic medium such as a microchip card. The expired decryption key is stored in a database accessible to a user of the terminal and encrypted beforehand as a function of the new generated encryption key. In the terminal connected to the cryptographic medium, the encrypted expired encryption key is decrypted as a function of the decryption key stored in the cryptographic medium so that the encrypted data is decrypted as a function of the thus decrypted expired decryption key.
摘要翻译: 在生成存储在诸如微芯片卡的密码介质中的密码加密密钥/解密密钥对之后,在终端中恢复旨在用于加密数据的非对称解密的至少一个到期的解密密钥。 过期的解密密钥存储在可由终端的用户访问的数据库中,作为新生成的加密密钥的函数预先加密。 在连接到密码介质的终端中,根据存储在密码介质中的解密密钥,加密的过期加密密钥被解密,从而根据这样解密的过期解密密钥对加密数据进行解密。
-
9.发明申请Method for Assigning an Authentication Certificate and Infrastructure for Assigning Said Certificate 审中-公开分配认证证书和基础设施以分配所述证书的方法公开(公告)号:US20070283426A1
公开(公告)日:2007-12-06
申请号:US11660543
申请日:2005-08-05
申请人: Loic Houssier , Laurent Frisch , David Arditti
发明人: Loic Houssier , Laurent Frisch , David Arditti
IPC分类号: H04L9/32
CPC分类号: H04L63/0823 , H04L63/0421 , H04L63/0861
摘要: This method provides for electronic certificate assignment in a certificate assignment infrastructure distributed in a network. The infrastructure includes at least one certificate server, an identity server and a registration server linked to the network. Prior to a certificate application request, information relating to the identity of a certificate applicant is stored in the identity server, the identity information being accessible by way of an identifier. In this method, an applicant requests a certificate from the registration server; the identifier is dispatched to the identity server; after verification of the identifier, the identity server dispatches the previously registered identity of the applicant, said identity being provided to the registration server; after receipt of the identity, the registration server dispatches a certificate request including the identity of the applicant to the certificate server, and the certificate server dispatches the certificate destined for the applicant.
摘要翻译: 该方法提供分布在网络中的证书分配基础中的电子证书分配。 基础设施包括至少一个证书服务器,身份服务器和链接到网络的注册服务器。 在证书申请请求之前,与证书申请人的身份有关的信息存储在身份服务器中,身份信息可通过标识符来访问。 在该方法中,申请人从注册服务器请求证书; 标识符被分派到身份服务器; 身份服务器在验证了该标识符之后,发送申请人先前注册的身份,所述身份被提供给注册服务器; 在收到身份后,注册服务器将包含申请人身份的证书请求发送到证书服务器,证书服务器发送发往申请人的证书。
-
10.发明授权
公开(公告)号:US5894519A
公开(公告)日:1999-04-13
申请号:US838646
申请日:1997-04-09
申请人: Olivier Clemot , Mireille Campana , David Arditti
发明人: Olivier Clemot , Mireille Campana , David Arditti
CPC分类号: H04L9/3234 , G06F21/31 , G06F21/34 , G06F2221/2107
摘要: A process for the dissimulation of concealment of a secret code in a data authentication device by encrypting the secret code by an encrypting function for forming an image of the secret code and storing the secret code image in the authentication device. Beforehand, an encrypting function is chosen such that with each stored secret code image corresponds a plurality of antecedent codes all differing from the secret code, but which, once encrypted by the encrypting function have an image identical to that of the secret code. The secret code of a user has an authentication device in which is stored the secret code image.
摘要翻译: 一种用于通过用于形成秘密码的图像的加密功能加密秘密码并将该秘密码图像存储在认证装置中来隐藏数据认证装置中的秘密码的隐藏的过程。 之前,选择加密功能,使得每个存储的密码图像对应于与密码不同的多个先行代码,但是一旦由加密函数加密,其具有与密码相同的图像。 用户的秘密码具有存储秘密码图像的认证装置。
-
-
-
-
-
-
-
-
-
搜索结果
18 条记录 (耗时 0.022 秒)
