公开(公告)号：US10581589B2

公开(公告)日：2020-03-03

申请号：US15316374

申请日：2015-05-29

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle Dottax ,  Florian Galdo ,  Jean-Philippe Vallieres

IPC: H04L9/06 ,  H04L29/06 ,  H04L9/00 ,  H04L9/32 ,  H04L9/08 ,  G07F7/08 ,  G06Q20/34 ,  H04W12/06 ,  G06F7/58

Abstract: A method for the authentication of a first electronic entity (C) by a second electronic entity (H), wherein the first electronic entity (C) implements the following steps: reception of a challenge (HCH) from the second electronic entity (H); generation of a number (CCH) according to a current value of a counter (SQC) and a first secret key (K-ENC); generation of a cryptogram (CAC) according to the challenge (HCH) and a second secret key (S-MAC); and transmission of a response including the cryptogram (CAC) to the second electronic entity (H), without transmission of the number (CCH).

公开(公告)号：US09210134B2

公开(公告)日：2015-12-08

申请号：US14190236

申请日：2014-02-26

Applicant: Oberthur Technologies

Inventor： Emmanuelle Dottax ,  Michele Sartori

IPC: H04L29/06 ,  G06F21/46

CPC classification number: H04L63/0428 ,  G06F21/46 ,  G06F2221/2133

Abstract: A cryptographic processing method using a sensitive data item in a cryptographic processing system including in memory a test making it possible to tell a human and a computer apart and a reference value obtained by applying a cryptographic function to a pair of values P and R, where P is the sensitive data item and R is a solution to the memorized test, the method including the steps of: configuring the cryptographic processing system, including obtaining and memorizing the reference value in the cryptographic system; transmitting the memorized test to a user; obtaining the user's response to the transmitted test; a cryptographic processing step based on the sensitive data item, using the obtained response, the reference value and the cryptographic function. The reference value and memorized test are in the memory of the system and the solution is not in the memory of the system, during the transmission step.

Abstract translation: 一种在密码处理系统中使用敏感数据项的加密处理方法，该密码处理系统包括在存储器中，使得能够将人和计算机分开的测试和通过将密码函数应用于一对值P和R而获得的参考值，其中 P是敏感数据项，R是存储测试的解决方案，该方法包括以下步骤：配置加密处理系统，包括获取和存储加密系统中的参考值; 将记忆测试发送给用户; 获取用户对传输测试的响应; 使用获得的响应，参考值和密码函数，基于敏感数据项的密码处理步骤。 参考值和存储测试在系统的存储器中，并且解决方案不在系统的存储器中，在传输步骤期间。

公开(公告)号：US20130218775A1

公开(公告)日：2013-08-22

申请号：US13773298

申请日：2013-02-21

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Guillaume DABOSVILLE ,  Emmanuelle Dottax ,  Yannick Sierra ,  Elder Dos Santos ,  Olivier Condemine ,  Omar Laazimani

IPC: G06Q20/40

CPC classification number: G06Q20/40 ,  G06F1/1694 ,  G06F3/0346 ,  G06F3/04847 ,  G06F21/316 ,  G06F2221/2133 ,  G06Q20/10 ,  G06Q20/32 ,  G06Q20/3229 ,  G06Q20/3274 ,  G06Q20/3278 ,  G06Q20/401 ,  G06Q20/4012 ,  G06Q20/4016 ,  G06Q20/42

Abstract: A method for determining the presence of a human being, comprising: measuring (S6) a movement (MOV) of a first device (4) by a sensor (44) of said first device (4), determining the presence of a human being on the basis of the measured movement (MOV).

Abstract translation: 一种用于确定人的存在的方法，包括：通过所述第一装置（4）的传感器（44）来测量（S6）第一装置（4）的移动（MOV），确定人的存在 基于测量的运动（MOV）。

公开(公告)号：US10721081B2

公开(公告)日：2020-07-21

申请号：US15740781

申请日：2016-06-28

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle Dottax ,  Francis Chamberot ,  Bruno Climen

IPC: H04L9/32 ,  G06Q20/40 ,  G06Q20/38 ,  G06Q20/34 ,  H04L9/14

Abstract: An authentication method is performed between a first party and a second party. The method includes: i) determining a challenge; ii) sending the challenge to the second party; receiving a response from the second party including a second cryptogram; computing a first cryptogram using the challenge and the key of the first party; determining if the first cryptogram matches the second cryptogram received from the second party. If the first cryptogram does not match the second cryptogram, the method further includes performing a computation using the first cryptogram and the second cryptogram; and comparing a result of the computation with a stored set of results to recover a first data element carried by the second cryptogram.

公开(公告)号：US09338142B2

公开(公告)日：2016-05-10

申请号：US13933658

申请日：2013-07-02

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle Dottax ,  Paul Dischamp ,  Marc Bertin

IPC: H04L29/06 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/0428 ,  H04L9/3006 ,  H04L9/302 ,  H04L9/321 ,  H04L2209/26

Abstract: A method for verifying the security of a device for generating private and public cryptographic keys. Such a method includes generating at least one pair of private and public cryptographic keys by the device from at least one random variable coming from a random-variable generator; transmitting at least one constituent element of a generated private or public key to at least one device for verifying; and determining a level of security of the device from the at least one transmitted element, as a function of pieces of information stored by the device for verifying.

Abstract translation: 一种用于验证用于生成私有和公共密钥的设备的安全性的方法。 这种方法包括由来自随机变量发生器的至少一个随机变量由设备产生至少一对专用密钥和公钥密钥; 将至少一个所生成的专用或公共密钥的组成元件发送到至少一个用于验证的设备; 以及根据由所述设备存储的用于验证的多条信息来确定来自所述至少一个传送的元件的所述设备的安全级别。

公开(公告)号：US10038560B2

公开(公告)日：2018-07-31

申请号：US14266327

申请日：2014-04-30

Applicant: Oberthur Technologies

Inventor： Emmanuelle Dottax ,  Franck Rondepierre

IPC: H04L9/30 ,  H04L9/32 ,  H04L9/00 ,  G06F21/34 ,  G06F21/44

CPC classification number: H04L9/3252 ,  G06F21/34 ,  G06F21/44 ,  H04L9/002 ,  H04L9/3066 ,  H04L9/3239 ,  H04L2209/72 ,  H04L2209/805

Abstract: An electronic device is proposed, which is configured to receive at least one cryptographic parameter and validate the at least one cryptographic parameter. The electronic device is is configured to validating the parameter by determining an imprint from a one-way function and from at least the cryptographic parameter; detecting at least one part of the imprint in a dedicated memory zone of the electronic device, and delivering a piece of information on validation should there be effective detection.

公开(公告)号：US09049021B2

公开(公告)日：2015-06-02

申请号：US13723552

申请日：2012-12-21

Applicant: Oberthur Technologies

Inventor： Emmanuelle Dottax ,  Sebastien Aumonier

IPC: H04L9/28 ,  G06F7/72 ,  H04L9/30

CPC classification number: H04L9/28 ,  G06F7/725 ,  H04L9/3066

Abstract: A method and apparatus are proposed for cryptographic computations implemented in an electronic component. The method includes determining the cofactor of an elliptic curve E defined over a finite field Fq with q elements, the elliptic curve comprising a base point P having an order equal to n. The step of determining includes determining a value of floor((q+2ceil(b/2)+1+1)/n) when n>6√q, where the function ceil corresponds to the ceiling function, floor corresponds to the floor function, and b corresponds to the size q in number of bits of q.

Abstract translation: 提出了一种用于在电子部件中实现的密码计算的方法和装置。 该方法包括确定在具有q个元素的有限域Fq上定义的椭圆曲线E的辅因子，该椭圆曲线包括具有等于n的阶数的基点P. 确定步骤包括当n>6√q时确定floor（（q + 2ceil（b / 2）+ 1 + 1）/ n）的值，其中功能ceil对应于天花板功能，floor对应于floor 函数，b对应于q的位数q。

公开(公告)号：US10984080B2

公开(公告)日：2021-04-20

申请号：US15538841

申请日：2015-12-17

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle Dottax ,  Philippe Muresianu ,  Michele Sartori ,  Fabien Cordier

IPC: G06F21/32 ,  H04L29/06 ,  H04L9/32 ,  G06F21/83 ,  H04W12/069

Abstract: Disclosed is a method for authenticating a user by using an electronic apparatus including an authentication module and a secure module, which includes the following steps: the authentication module transmits a recognition result to the secure module according to a process that allows the authentication module to be authenticated by the secure module; the secure module generates an authentication token by signing, with a private key stored in the secure module, data including data representing at least one feature of the authentication module; and transmitting the generated authentication token. Also disclosed is an associated secure module, electronic apparatus and system.

公开(公告)号：US20140369493A1

公开(公告)日：2014-12-18

申请号：US14266327

申请日：2014-04-30

Applicant: Oberthur Technologies

Inventor： Emmanuelle Dottax ,  Franck Rondepierre

IPC: H04L9/32

CPC classification number: H04L9/3252 ,  G06F21/34 ,  G06F21/44 ,  H04L9/002 ,  H04L9/3066 ,  H04L9/3239 ,  H04L2209/72 ,  H04L2209/805

Abstract: An electronic device is proposed, which is configured to receive at least one cryptographic parameter and validate the at least one cryptographic parameter. The electronic device is is configured to validating the parameter by determining an imprint from a one-way function and from at least the cryptographic parameter; detecting at least one part of the imprint in a dedicated memory zone of the electronic device, and delivering a piece of information on validation should there be effective detection.

Abstract translation: 提出了一种电子设备，其被配置为接收至少一个加密参数并验证所述至少一个加密参数。 电子设备被配置为通过从单向功能和至少所述密码参数确定压印来验证参数; 在所述电子设备的专用存储区中检测所述印记的至少一部分，并且如果有有效的检测，则传送一条关于验证的信息。

公开(公告)号：US20140013102A1

公开(公告)日：2014-01-09

申请号：US13933658

申请日：2013-07-02

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle Dottax ,  Paul Dischamp ,  Marc Bertin

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/3006 ,  H04L9/302 ,  H04L9/321 ,  H04L2209/26

Abstract: A method for verifying the security of a device for generating private and public cryptographic keys. Such a method includes generating at least one pair of private and public cryptographic keys by the device from at least one random variable coming from a random-variable generator; transmitting at least one constituent element of a generated private or public key to at least one device for verifying; and determining a level of security of the device from the at least one transmitted element, as a function of pieces of information stored by the device for verifying.

Abstract translation: 一种用于验证用于生成私有和公共密钥的设备的安全性的方法。 这种方法包括由来自随机变量发生器的至少一个随机变量由设备产生至少一对专用密钥和公钥密钥; 将至少一个所生成的专用或公共密钥的组成元件发送到至少一个用于验证的设备; 以及根据由所述设备存储的用于验证的多条信息来确定来自所述至少一个传送的元件的所述设备的安全级别。