公开(公告)号：WO2011126425A1

公开(公告)日：2011-10-13

申请号：PCT/SE2011/050206

申请日：2011-02-23

Applicant: EXFORMATION COMMUNICATION AB ,  HAGBARD, Stefan

Inventor： HAGBARD, Stefan

IPC: H04L9/00 ,  H04K1/00

CPC classification number: H04K1/00 ,  H04L9/065 ,  H04L9/0827 ,  H04L9/0841 ,  H04L63/0457 ,  H04L2209/80 ,  H04W12/02 ,  H04W88/02

Abstract: A method for encrypting information that is transferred between two communication units such as mobile telephones, personal computers, palm-top computers, etc., where a security module is present in each mobile telephone and where a security application contains encryption and decryption algorithms. The invention is characterised in that the security application is caused to be stored on an SD card (2) that is caused to be introduced into a card-holder location in the relevant mobile telephone (1), in that the security application is caused to be transferred from the SD card (2) to the security module (4) of the mobile telephone (1) in addition to a session key stored on the SD card, in that a key stream is caused to be formed in the SD card (2) on the basis of the session key, in that the key stream is caused during encryption to be transferred from the SD card (2) to the security module (4) of the mobile telephone, in that the encryption is caused to take place in the security module (4) of the mobile telephone (1), after which such an encrypted stream of data is transmitted by the mobile telephone, in that the stream of data is received by a second mobile telephone, in that decryption is caused to take place with the aid of a corresponding key stream in the security module (4) of the second mobile telephone and in that the said corresponding key stream is caused to be formed in the SD card (2) of the second mobile telephone on the basis of the said session key.

Abstract translation: 一种用于加密在每个移动电话中存在安全模块的两个通信单元（例如移动电话，个人计算机，掌上电脑等）之间传送的信息的方法，以及安全应用程序包含加密和解密算法的方法。 本发明的特征在于，将安全应用存储在被引入相关移动电话（1）中的卡持有者位置的SD卡（2）上，因为安全应用被引起 除了存储在SD卡上的会话密钥之外，还从SD卡（2）传送到移动电话（1）的安全模块（4），因为在SD卡中形成密钥流（ 2）基于会话密钥，由于密码流在加密期间被从SD卡（2）传送到移动电话的安全模块（4），因为导致加密发生 在移动电话（1）的安全模块（4）中，之后由移动电话发送这样的加密数据流，因为数据流被第二移动电话接收，因为解密被引起 借助于安全模块（4）中的对应的密钥流来进行， 并且基于所述会话密钥使所述对应的密钥流形成在第二移动电话的SD卡（2）中。

公开(公告)号：WO2012070997A1

公开(公告)日：2012-05-31

申请号：PCT/SE2011/051045

申请日：2011-08-31

Applicant: EXFORMATION COMMUNICATION AB ,  HAGBARD, Stefan

Inventor： HAGBARD, Stefan

IPC: H04L9/32 ,  G06Q20/02

CPC classification number: G06Q20/425 ,  G06Q20/02 ,  G06Q20/322 ,  H04L9/3215 ,  H04L2209/56

Abstract: Method for verifying electronic transactions. A transaction is initiated by a user interacting with a transaction source. The transaction source transfers un unverified transaction request to the user's mobile phone. The user can either deny or approve the transaction. If the transaction is approved, the user enters a pin-code and a security module in the mobile phone signs the transaction request with an electronic id. The signed transaction request is sent to a computer which verifies the transaction request with a verification system.

Abstract translation: 电子交易验证方法。 交易由与交易源交互的用户发起。 交易源将未经验证的交易请求传送给用户的手机。 用户可以拒绝或批准交易。 如果交易被批准，用户输入PIN码，并且移动电话中的安全模块用电子身份签署交易请求。 签署的交易请求被发送到用验证系统验证交易请求的计算机。