公开(公告)号：US20190020469A1

公开(公告)日：2019-01-17

申请号：US15316374

申请日：2015-05-29

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle DOTTAX ,  Florian GALDO ,  Jean-Philippe VALLIERES

IPC: H04L9/06 ,  G06F7/58 ,  H04L9/08 ,  H04L9/32

Abstract: A method for the authentication of a first electronic entity (C) by a second electronic entity (H), wherein the first electronic entity (C) implements the following steps: reception of a challenge (HCH) from the second electronic entity (H); generation of a number (CCH) according to a current value of a counter (SQC) and a first secret key (K-ENC); generation of a cryptogram (CAC) according to the challenge (HCH) and a second secret key (S-MAC); and transmission of a response including the cryptogram (CAC) to the second electronic entity (H), without transmission of the number (CCH).

公开(公告)号：US20180191511A1

公开(公告)日：2018-07-05

申请号：US15740781

申请日：2016-06-28

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle DOTTAX ,  Francis CHAMBEROT ,  Bruno CLIMEN

IPC: H04L9/32 ,  H04L9/14 ,  G06Q20/34

Abstract: An authentication method is performed between a first party and a second party. The method includes: i) determining a challenge; ii) sending the challenge to the second party; receiving a response from the second party including a second cryptogram; computing a first cryptogram using the challenge and the key of the first party; determining if the first cryptogram matches the second cryptogram received from the second party. If the first cryptogram does not match the second cryptogram, the method further includes performing a computation using the first cryptogram and the second cryptogram; and comparing a result of the computation with a stored set of results to recover a first data element carried by the second cryptogram.

公开(公告)号：US20170353315A1

公开(公告)日：2017-12-07

申请号：US15538709

申请日：2015-12-17

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle DOTTAX ,  Florian GALDO ,  Christophe GIRAUD ,  Jean-Philippe VALLIERES

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/06 ,  H04L9/30 ,  H04L9/00

CPC classification number: H04L9/3247 ,  G06F21/44 ,  G06F21/602 ,  G09C1/00 ,  H04L9/006 ,  H04L9/0631 ,  H04L9/0637 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3242 ,  H04W12/10

Abstract: Disclosed is a secure electronic entity including a memory unit storing data in the form of multiplets and a processing module designed to receive data from an electronic device. The processing module is designed to determine a proof-of-integrity element in accordance with the data received and at least one portion of the stored multiplets, and to transmit the proof-of-integrity element to the electronic device. Also disclosed is a method for verifying the integrity of data stored in such a secure electronic entity.

公开(公告)号：US20180227143A1

公开(公告)日：2018-08-09

申请号：US15853309

申请日：2017-12-22

Applicant: Oberthur Technologies

Inventor： Emmanuelle DOTTAX

IPC: H04L12/28 ,  H04L29/06

CPC classification number: H04L12/2869 ,  H04L63/0876 ,  H04L63/102 ,  H04W4/70 ,  H04W12/04 ,  H04W84/12

Abstract: In a network including an application server, a network server, and a device having a memory storing an application cryptographic key, a method includes: testing the memory for the absence or presence of a cryptographic key associated with the network; if the key is absent, the device sending a request to join the network, the application server producing derivation data, the application server encrypting the derivation data by the application cryptographic key, and the device receiving the encrypted derivation data; and in the event of the key being present, the device sending a request to join the network, the network server producing derivation data, the network server encrypting the derivation data by a network cryptographic key equal to or derived from the cryptographic key associated with the network, and the device receiving the encrypted derivation data. A method performed in the device, and an associated electronic entity are also described.

公开(公告)号：US20170351849A1

公开(公告)日：2017-12-07

申请号：US15538841

申请日：2015-12-17

Applicant: OBERTHUR TECHNOLOGIES

Inventor： Emmanuelle DOTTAX ,  Philippe MURESIANU ,  Michele SARTORI ,  Fabien CORDIER

IPC: G06F21/32 ,  H04L29/06 ,  H04L9/32 ,  H04W12/06

CPC classification number: G06F21/32 ,  G06F21/83 ,  G06F2221/2103 ,  H04L9/3231 ,  H04L63/0861 ,  H04W12/06

Abstract: Disclosed is a method for authenticating a user by using an electronic apparatus including an authentication module and a secure module, which includes the following steps: the authentication module transmits a recognition result to the secure module according to a process that allows the authentication module to be authenticated by the secure module; the secure module generates an authentication token by signing, with a private key stored in the secure module, data including data representing at least one feature of the authentication module; and transmitting the generated authentication token. Also disclosed is an associated secure module, electronic apparatus and system.

公开(公告)号：US20140245005A1

公开(公告)日：2014-08-28

申请号：US14190236

申请日：2014-02-26

Applicant: Oberthur Technologies

Inventor： Emmanuelle DOTTAX ,  Michele SARTORI

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06F21/46 ,  G06F2221/2133

Abstract: A cryptographic processing method using a sensitive data item in a cryptographic processing system including in memory a test making it possible to tell a human and a computer apart and a reference value obtained by applying a cryptographic function to a pair of values P and R, where P is the sensitive data item and R is a solution to the memorized test, the method including the steps of: configuring the cryptographic processing system, including obtaining and memorizing the reference value in the cryptographic system; transmitting the memorized test to a user; obtaining the user's response to the transmitted test; a cryptographic processing step based on the sensitive data item, using the obtained response, the reference value and the cryptographic function. The reference value and memorized test are in the memory of the system and the solution is not in the memory of the system, during the transmission step.

Abstract translation: 一种在密码处理系统中使用敏感数据项的加密处理方法，该密码处理系统包括在存储器中，使得能够将人和计算机分开的测试和通过将密码函数应用于一对值P和R而获得的参考值，其中 P是敏感数据项，R是存储测试的解决方案，该方法包括以下步骤：配置加密处理系统，包括获取和存储加密系统中的参考值; 将记忆测试发送给用户; 获取用户对传输测试的响应; 使用获得的响应，参考值和密码函数，基于敏感数据项的密码处理步骤。 参考值和存储测试在系统的存储器中，并且解决方案不在系统的存储器中，在传输步骤期间。