公开(公告)号：US09210134B2

公开(公告)日：2015-12-08

申请号：US14190236

申请日：2014-02-26

Applicant: Oberthur Technologies

Inventor： Emmanuelle Dottax ,  Michele Sartori

IPC: H04L29/06 ,  G06F21/46

CPC classification number: H04L63/0428 ,  G06F21/46 ,  G06F2221/2133

Abstract: A cryptographic processing method using a sensitive data item in a cryptographic processing system including in memory a test making it possible to tell a human and a computer apart and a reference value obtained by applying a cryptographic function to a pair of values P and R, where P is the sensitive data item and R is a solution to the memorized test, the method including the steps of: configuring the cryptographic processing system, including obtaining and memorizing the reference value in the cryptographic system; transmitting the memorized test to a user; obtaining the user's response to the transmitted test; a cryptographic processing step based on the sensitive data item, using the obtained response, the reference value and the cryptographic function. The reference value and memorized test are in the memory of the system and the solution is not in the memory of the system, during the transmission step.

Abstract translation: 一种在密码处理系统中使用敏感数据项的加密处理方法，该密码处理系统包括在存储器中，使得能够将人和计算机分开的测试和通过将密码函数应用于一对值P和R而获得的参考值，其中 P是敏感数据项，R是存储测试的解决方案，该方法包括以下步骤：配置加密处理系统，包括获取和存储加密系统中的参考值; 将记忆测试发送给用户; 获取用户对传输测试的响应; 使用获得的响应，参考值和密码函数，基于敏感数据项的密码处理步骤。 参考值和存储测试在系统的存储器中，并且解决方案不在系统的存储器中，在传输步骤期间。

公开(公告)号：US20140351583A1

公开(公告)日：2014-11-27

申请号：US14283364

申请日：2014-05-21

Applicant: Oberthur Technologies

Inventor： Luk Bettale ,  Michele Sartori

IPC: H04W12/04 ,  H04L29/06

CPC classification number: H04W12/04 ,  G06F21/10 ,  H04L63/061 ,  H04L63/062 ,  H04N21/222 ,  H04N21/41407 ,  H04N21/4405 ,  H04N21/4433 ,  H04N21/4435 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/8355

Abstract: Disclosed are methods and systems of implementing a right over a content or contents. Various implementations may include means and operations for receiving, for example in an execution environment and from a secure element, a first key for implementing a right over an encrypted content; decrypting said content in said execution environment with the help of the first key; and implementing the right over the content in said execution environment. Various implementations may also include means and operations for receiving a second key in, for example, said execution environment, from the secure element; and encrypting said content in sad execution environment with the help of the second key.

Abstract translation: 公开了实现对内容或内容的权利的方法和系统。 各种实现可以包括用于例如在执行环境中和从安全元件接收用于在加密内容上实现权利的第一密钥的装置和操作; 借助于第一密钥对所述执行环境中的所述内容进行解密; 并在所述执行环境中实现对内容的权利。 各种实施方式还可以包括用于从安全元件接收例如所述执行环境中的第二密钥的装置和操作; 并在第二个键的帮助下在悲伤的执行环境中加密所述内容。

公开(公告)号：US10984080B2

公开(公告)日：2021-04-20

申请号：US15538841

申请日：2015-12-17

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle Dottax ,  Philippe Muresianu ,  Michele Sartori ,  Fabien Cordier

IPC: G06F21/32 ,  H04L29/06 ,  H04L9/32 ,  G06F21/83 ,  H04W12/069

Abstract: Disclosed is a method for authenticating a user by using an electronic apparatus including an authentication module and a secure module, which includes the following steps: the authentication module transmits a recognition result to the secure module according to a process that allows the authentication module to be authenticated by the secure module; the secure module generates an authentication token by signing, with a private key stored in the secure module, data including data representing at least one feature of the authentication module; and transmitting the generated authentication token. Also disclosed is an associated secure module, electronic apparatus and system.

公开(公告)号：US10037426B2

公开(公告)日：2018-07-31

申请号：US14932347

申请日：2015-11-04

Applicant: Oberthur Technologies

Inventor： Axel Francois ,  Michele Sartori

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/62 ,  G06F21/74

CPC classification number: G06F21/57 ,  G06F21/6218 ,  G06F21/74 ,  G06F2221/034

Abstract: In an electronic device designed to function in a trusted execution environment (TEE), because of the execution of a trusted operating system by a processor of the electronic device, or in a rich execution environment (REE), a method of loading files into random access memory includes the following steps: reception (E10) by the trusted operating system of information (L1) identifying at least one file; verification (E11) by the trusted operating system of the conformance of the identified file to at least one given criterion; in the event of conformance, loading (E13) the identified file into an area (Z2) of random access memory accessible in read only mode when functioning in the rich execution environment (REE). An associated electronic device is also proposed.

公开(公告)号：US10339307B2

公开(公告)日：2019-07-02

申请号：US15032098

申请日：2014-10-27

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Guillaume Dabosville ,  Michele Sartori

IPC: G06F21/00 ,  G06F21/55 ,  G06F21/74 ,  H04L9/06

Abstract: Intrusion detection systems dedicated to an operating system, and an intrusion detection system in a device implementing at least a first operating system and a second operating system are provided. The intrusion detection systems includes: a listening module configured to be executed in the first operating system in order to listen to the activity of this first operating system; a collecting module configured to be executed in the first operating system in order to collect data characterizing the activity of the first operating system; and an analysis and detection module configured to be executed in the second operating system in order to analyze the data collected in the first operating system and detect a suspicious activity in the first operating system depending on the analysis.

公开(公告)号：US09769654B2

公开(公告)日：2017-09-19

申请号：US14283364

申请日：2014-05-21

Applicant: Oberthur Technologies

Inventor： Luk Bettale ,  Michele Sartori

IPC: H04L29/06 ,  H04W12/04 ,  G06F21/10 ,  H04N21/222 ,  H04N21/414 ,  H04N21/4405 ,  H04N21/443 ,  H04N21/4627 ,  H04N21/6334 ,  H04N21/8355

CPC classification number: H04W12/04 ,  G06F21/10 ,  H04L63/061 ,  H04L63/062 ,  H04N21/222 ,  H04N21/41407 ,  H04N21/4405 ,  H04N21/4433 ,  H04N21/4435 ,  H04N21/4627 ,  H04N21/63345 ,  H04N21/8355

Abstract: Disclosed are methods and systems of implementing a right over a content or contents. Various implementations may include means and operations for receiving, for example in an execution environment and from a secure element, a first key for implementing a right over an encrypted content; decrypting said content in said execution environment with the help of the first key; and implementing the right over the content in said execution environment. Various implementations may also include means and operations for receiving a second key in, for example, said execution environment, from the secure element; and encrypting said content in sad execution environment with the help of the second key.