公开(公告)号：US12074972B2

公开(公告)日：2024-08-27

申请号：US17270605

申请日：2019-08-22

Applicant: THALES DIS FRANCE SAS

Inventor： Michel Anslot ,  Jean-Yves Fine

IPC: H04L9/08 ,  H04L9/06 ,  H04L9/32 ,  H04W12/0431 ,  H04W12/06 ,  H04W12/30

CPC classification number: H04L9/0891 ,  H04L9/0656 ,  H04L9/3273 ,  H04W12/0431 ,  H04W12/06 ,  H04W12/35

Abstract: The invention is a method for updating a first secret data in a credential container including a subscriber identity module. The credential container comprises a set of secret parameters customized for a network operator and is configured to execute a symmetric mutual authentication algorithm using said set. The credential container receives from a remote server a second secret data enciphered using a second algorithm different from said symmetric mutual authentication algorithm and a subset of said secret parameters, the credential container deciphers the enciphered second secret data by using both the subset and a third algorithm and replaces the first secret data with the second secret data.

公开(公告)号：US11910477B2

公开(公告)日：2024-02-20

申请号：US17683489

申请日：2022-03-01

Applicant: THALES DIS FRANCE SAS

Inventor： Marc Lamberton ,  Michel Anslot

IPC: H04W8/06 ,  H04W8/12 ,  H04L9/40 ,  H04W8/20 ,  H04W12/06

CPC classification number: H04W8/12 ,  H04L63/0853 ,  H04W8/06 ,  H04W8/20 ,  H04W12/06

Abstract: A central server for communicating with a user equipment and a cellular network is provided. The server is configured to exchange with the cellular network information relating to at least one preconfigured qualifier assigned to the user equipment and assigned to the central server. The server receives a payload item from the cellular network transmitted by the user equipment to said cellular network by means of an authentication failure message for authenticating a user equipment at a cellular network during an attach comprising the payload item, instead of receiving a SMS or establishing an IP connection with the user equipment. The payload item can result from a latest measurement data of user equipment regularly transmitting data to said central server and/or a sensor connectively coupled to the user equipment when operating as an Internet of Things (IoT) smart-metering device.

公开(公告)号：US11825551B2

公开(公告)日：2023-11-21

申请号：US17399535

申请日：2021-08-11

Applicant: THALES DIS FRANCE SAS

Inventor： Michel Anslot ,  Marc Lamberton

IPC: H04W36/00 ,  H04M3/00 ,  G06F11/00 ,  H04W8/20 ,  H04W76/10 ,  H04L5/14 ,  H04W8/18 ,  H04W8/26 ,  H04W4/70 ,  H04W48/18 ,  H04W4/50 ,  H04L9/40 ,  H04W12/04 ,  H04W12/06 ,  H04W12/30 ,  H04W12/041 ,  H04W12/069 ,  H04L61/5061 ,  H04L61/5092 ,  H04L67/01 ,  H04W12/42 ,  H04L101/654

CPC classification number: H04W8/205 ,  H04L5/14 ,  H04L61/5061 ,  H04L61/5092 ,  H04L63/0853 ,  H04L67/01 ,  H04W4/50 ,  H04W4/70 ,  H04W8/183 ,  H04W8/26 ,  H04W8/265 ,  H04W12/04 ,  H04W12/041 ,  H04W12/06 ,  H04W12/069 ,  H04W12/35 ,  H04W48/18 ,  H04W76/10 ,  H04L2101/654 ,  H04W12/42

Abstract: Provided is a method for establishing a bidirectional communication channel between a server and a secure element cooperating with a terminal in a cellular telecommunication network for exchanging data and commands. Provided also is an improved SM-DS+ comprising comprising a SM-OS server that provisions the HSS of a MNO with a temporary IMSI transmitted to said secure element, along with an ephemeral key contained also in said secure element. Other embodiments disclosed.

公开(公告)号：US11323870B2

公开(公告)日：2022-05-03

申请号：US16971819

申请日：2019-02-19

Applicant: THALES DIS FRANCE SAS

Inventor： Marc Lamberton ,  Michel Anslot

IPC: H04W8/20 ,  H04W8/12 ,  H04L29/06 ,  H04W8/06 ,  H04W12/06

Abstract: A user equipment for wireless communication, configured to operate in a cellular network, includes a credential container. The user equipment sends a set of payload items to a central server communicatively coupled to the cellular network, wherein the user equipment is configured to send an attach request message to the cellular network comprising a preconfigured qualifier for at least one of the user equipment and the credential container. The user equipment is further configured—to retrieve an authentication request message from the cellular network comprising a random value and an authentication code, —to determine a response token comprising a preconfigured identifier stored in at least one of the user equipment and the credential container and at least one out of the set of payload items, and—to submit said response token with an authentication failure message to the cellular network for forwarding to the central server.

公开(公告)号：US11974358B2

公开(公告)日：2024-04-30

申请号：US18095554

申请日：2023-01-11

Applicant: THALES DIS FRANCE SAS

Inventor： Michel Anslot ,  Marc Lamberton

IPC: H04M1/66 ,  H04L5/14 ,  H04L9/40 ,  H04L29/06 ,  H04L61/5061 ,  H04L61/5092 ,  H04L67/01 ,  H04W4/50 ,  H04W4/70 ,  H04W8/18 ,  H04W8/20 ,  H04W8/26 ,  H04W12/04 ,  H04W12/041 ,  H04W12/06 ,  H04W12/069 ,  H04W12/30 ,  H04W48/18 ,  H04W76/10 ,  H04L101/654 ,  H04W12/42

CPC classification number: H04W8/205 ,  H04L5/14 ,  H04L61/5061 ,  H04L61/5092 ,  H04L63/0853 ,  H04L67/01 ,  H04W4/50 ,  H04W4/70 ,  H04W8/183 ,  H04W8/26 ,  H04W8/265 ,  H04W12/04 ,  H04W12/041 ,  H04W12/06 ,  H04W12/069 ,  H04W12/35 ,  H04W48/18 ,  H04W76/10 ,  H04L2101/654 ,  H04W12/42

Abstract: A method for transmitting a subscription profile that includes transmitting from a POS of the MNO the unique identifier of the secure element to a SM-DP; creating or reserving the subscription profile at the SM-DP; provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI including a second MCC, a second MNC; provisioning in the HSS of the MNO the temporary IMSI and an ephemeral Ki; at the first attempt of the secure element to connect to the D-HSS server with its temporary profile, exchanging data in signaling messages between the secure element and the D-HSS for provisioning the secure element with the temporary IMSI; at the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

公开(公告)号：US11943612B2

公开(公告)日：2024-03-26

申请号：US17293700

申请日：2019-11-13

Applicant: THALES DIS FRANCE SAS

Inventor： Milas Fokle Kokou ,  Jean-Yves Fine ,  Michel Anslot

IPC: H04L29/00 ,  H04W12/041 ,  H04W12/06 ,  H04W12/71 ,  H04W12/72

CPC classification number: H04W12/06 ,  H04W12/041 ,  H04W12/71 ,  H04W12/72

Abstract: A method for authenticating by a network server a communication apparatus, the communication apparatus contains a tamper resistant area adapted to memorize a first secret, by receiving from the communication apparatus a request message including a subscriber identifier; providing, by consulting a database accessible by the network server, a device identifier associated to the received subscriber identifier allowing to identify the communication apparatus; identifying in a secure distributed ledger a record published by a manufacturer of at least a portion of the communication apparatus, the record including a second secret attributed to the identified communication apparatus; generating a challenge message including a random number and sending it to the communication apparatus for it to generate a first result; receiving from the communication apparatus a response message including the first result, the communication apparatus being authenticated by the network server if the first result is equal to a second result.

公开(公告)号：US11895486B2

公开(公告)日：2024-02-06

申请号：US17269455

申请日：2019-08-16

Applicant: THALES DIS FRANCE SAS

Inventor： Michel Anslot ,  Marc Lamberton ,  PHilippe Bouckaert

IPC: H04W12/041 ,  H04L9/08 ,  H04W8/20 ,  H04W8/26 ,  H04W12/30 ,  H04W48/14 ,  H04W60/04

CPC classification number: H04W12/041 ,  H04L9/0841 ,  H04W8/20 ,  H04W8/265 ,  H04W12/35 ,  H04W48/14 ,  H04W60/04

Abstract: A method for personalizing a UICC includes: i—sending from the UICC to a D-HSS an attach request message comprising an IMSI with a given MCC/MNC; ii—sending from the D-HSS to the UICC a command and first cryptographic data; iii—computing at the UICC a secret key by using the first cryptographic data; iv—sending from the UICC to the D-HSS a command and second cryptographic data; v—repeating steps ii to iv until the UICC holds the entire first cryptographic data and the D-HSS holds the entire second cryptographic data; vi—computing at the D-HSS the secret key by using the second entire cryptographic data; vii—allocating by the D-HSS a free IMSI belonging to an operator and transferring from the D-HSS to the UICC the free IMSI and other personalization data; viii—personalizing the UICC with the free IMSI, personalization data and the secret key.

公开(公告)号：US11601798B2

公开(公告)日：2023-03-07

申请号：US17340289

申请日：2021-06-07

Applicant: THALES DIS FRANCE SAS

Inventor： Michel Anslot ,  Marc Lamberton

IPC: H04M1/66 ,  H04L29/06 ,  H04W8/20 ,  H04W76/10 ,  H04L5/14 ,  H04W8/18 ,  H04W8/26 ,  H04W4/70 ,  H04W48/18 ,  H04W4/50 ,  H04L9/40 ,  H04W12/04 ,  H04W12/06 ,  H04W12/30 ,  H04W12/041 ,  H04W12/069 ,  H04L61/5061 ,  H04L61/5092 ,  H04L67/01 ,  H04W12/42 ,  H04L101/654

Abstract: A method for transmitting a subscription profile from an MNO to a secure element pre-provisioned with a temporary profile comprising a unique identifier, MCC and MNC, includes: —Transmitting from the MNO the unique identifier to a SM-DP; —Creating the subscription profile at the SM-DP; —Provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI comprising a second MCC, a second MNC; —Provisioning in the MNO the temporary IMSI and an ephemeral key; —At the first attempt of the secure element to connect to the D-HSS server, exchanging data in signaling messages for provisioning the secure element with the temporary IMSI; —At the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.