公开(公告)号：US09787663B2

公开(公告)日：2017-10-10

申请号：US14879449

申请日：2015-10-09

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Jean-Philippe Vallieres ,  Sebastien Nerot

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/12 ,  H04L9/32

CPC classification number: H04L63/08 ,  H04L9/0838 ,  H04L9/12 ,  H04L9/32 ,  H04L63/06 ,  H04L67/42

Abstract: An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays.

公开(公告)号：US10268845B2

公开(公告)日：2019-04-23

申请号：US15128512

申请日：2015-03-25

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Sebastien Nerot

IPC: G06F21/77 ,  G06F21/51 ,  G06F21/57 ,  G06F21/64 ,  H04W8/24

Abstract: The securing of data loading originating from an external device into a code memory area defined by an initial program of the secure element and any modification of which is controlled solely by the latter. When the external device obtains data to be transmitted to the secure element, the latter simulates an image of the code memory area as it would be modified by the loading of these data. A signature is calculated on the basis of the simulated image, then dispatched to the secure element with the data. The initial program of the secure element compares a signature that it has calculated over the whole of the code memory area after the actual loading of the data, with the signature received from the external device. The identity between these signatures ensures that the code memory area conforms to the image simulated by the external device, and is unimpaired.