公开(公告)号：US20160105411A1

公开(公告)日：2016-04-14

申请号：US14879449

申请日：2015-10-09

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Jean-Philippe VALLIERES ,  Sebastien NEROT

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L9/0838 ,  H04L9/12 ,  H04L9/32 ,  H04L63/06 ,  H04L67/42

Abstract: An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays.

Abstract translation: 中间第三方从主设备接收一批预先生成的安全命令; 播放它，以顺序地发送到从设备的命令。 批量包括指示依赖于序列计数器的用会话密钥保护的信道的建立的初始命令，以及由作为会话密钥的函数的MAC代码保护的第二命令。 在安全通道的每个新建立上，从属装置的非易失性存储器中的顺序计数器的更新使得通过新的会话密钥使预生成的批处理过期。 为了允许批量重播，本发明提供了暂时存储在易失性存储器中的计数器的每个更新值，并且为在预定义事件上在非易失性存储器中覆盖当前值，包括到达的测试计数器 最大重播次数。

公开(公告)号：US20190020469A1

公开(公告)日：2019-01-17

申请号：US15316374

申请日：2015-05-29

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle DOTTAX ,  Florian GALDO ,  Jean-Philippe VALLIERES

IPC: H04L9/06 ,  G06F7/58 ,  H04L9/08 ,  H04L9/32

Abstract: A method for the authentication of a first electronic entity (C) by a second electronic entity (H), wherein the first electronic entity (C) implements the following steps: reception of a challenge (HCH) from the second electronic entity (H); generation of a number (CCH) according to a current value of a counter (SQC) and a first secret key (K-ENC); generation of a cryptogram (CAC) according to the challenge (HCH) and a second secret key (S-MAC); and transmission of a response including the cryptogram (CAC) to the second electronic entity (H), without transmission of the number (CCH).

公开(公告)号：US20170353315A1

公开(公告)日：2017-12-07

申请号：US15538709

申请日：2015-12-17

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle DOTTAX ,  Florian GALDO ,  Christophe GIRAUD ,  Jean-Philippe VALLIERES

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/06 ,  H04L9/30 ,  H04L9/00

CPC classification number: H04L9/3247 ,  G06F21/44 ,  G06F21/602 ,  G09C1/00 ,  H04L9/006 ,  H04L9/0631 ,  H04L9/0637 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3242 ,  H04W12/10

Abstract: Disclosed is a secure electronic entity including a memory unit storing data in the form of multiplets and a processing module designed to receive data from an electronic device. The processing module is designed to determine a proof-of-integrity element in accordance with the data received and at least one portion of the stored multiplets, and to transmit the proof-of-integrity element to the electronic device. Also disclosed is a method for verifying the integrity of data stored in such a secure electronic entity.