公开(公告)号：WO2018024603A1

公开(公告)日：2018-02-08

申请号：PCT/EP2017/069024

申请日：2017-07-27

Applicant: GEMALTO SA

Inventor： PETIT, Sébastien ,  RUFFIER, Benjamin ,  LE-CARDINAL, Daniel

IPC: H04L29/06 ,  H04L9/32 ,  H04W12/06

Abstract: The invention related to a method for generating by a first device (330) a modified one-time password (303), the first device being operated by a user, the method comprising the steps of: providing a first one-time password OTP_P (303) generated by a generator (300) implemented by the first device and using a piece of data (302) as an input; providing by the user an authentication password (304); applying (305) a post-treatment function F which uses said one-time password OTP_P (303) and said authentication password (304) as inputs in order to generate as an output a modified one-time password M_OTP having the same format as OTP_P, the function F being chosen such that OTP_P is recoverable from said modified one-time password by applying the inverse function of F and if only the same authentication password as the one used for generating M_OTP is used as an input of said inverse function.

Abstract translation: 本发明涉及用于由第一设备（330）生成经修改的一次性密码（303）的方法，所述第一设备由用户操作，所述方法包括以下步骤：提供 由第一设备实现的发生器（300）生成并使用一段数据（302）作为输入的第一一次性密码OTP_P（303） 由用户提供认证密码（304）; 应用（305）使用所述一次性密码OTP_P（303）和所述认证密码（304）作为输入的后处理功能F，以便生成具有与OTP_P（303）相同的格式的修改后的一次性密码M_OTP作为输出 ，函数F被选择为使得通过应用F的反函数并且如果仅使用与用于生成M_OTP的认证密码相同的认证密码作为所述反函数的输入，则可以从所述修改的一次性密码中恢复OTP_P。 / p>

公开(公告)号：WO2019129422A1

公开(公告)日：2019-07-04

申请号：PCT/EP2018/081759

申请日：2018-11-19

Applicant: GEMALTO SA

Inventor： DELHOSTE, Fabrice ,  PAILLART, Frédéric ,  PETIT, Sébastien

IPC: G06F21/32 ,  G06F21/35

CPC classification number: G06F21/35 ,  G06F21/32 ,  G06F2221/2107

Abstract: The invention relates to an authentication method. The method comprises: - collecting (24), based on a predetermined authentication policy, at least one context data element; - constituting (28), based on the at least one collected context data element, a data packet; - generating (216), by using a predetermined hash type algorithm and the data packet, as input to the predetermined hash type algorithm, a hash; - sending the generated hash; - generating (220), as a hash distance generation step, a hash distance between the generated hash and a predetermined reference hash; and - authenticating (224) successfully or not (223) based on the generated hash distance, as an authentication step. The invention also relates to corresponding device and system.

公开(公告)号：WO2015144747A1

公开(公告)日：2015-10-01

申请号：PCT/EP2015/056354

申请日：2015-03-25

Applicant: GEMALTO SA

Inventor： LANSLER, Martin ,  PETIT, Sébastien ,  PIERQUIN, Guillaume

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/12

CPC classification number: H04L63/067 ,  G06F21/602 ,  H04L9/0863 ,  H04L9/0869 ,  H04L9/12 ,  H04L9/3226 ,  H04L9/3228 ,  H04L63/0838

Abstract: The present invention relates to a method to manage a One Time Password key, referenced OTP key, used in an OTP algorithm in an user device having access to an unsafe storage including the steps of: -retrieving a Personal Identification Number, named PIN, of an user of the user device, -deriving a symmetric key from the PIN, -encrypting the OTP key using the derived symmetric key, -storing the encrypted OTP key in the unsafe storage. -decrypting the OTP key using the derived symmetric key, -generating a next OTP key using an incremental parameter, said method being characterized in that the start value (SV) of the incremental parameter of the OTP key generation is random (R).

Abstract translation: 本发明涉及一种用于管理在具有访问不安全存储的用户设备中的OTP算法中使用的一次密码密钥（OTP密钥）的方法，包括以下步骤： - 保留个人识别号码 用户设备的用户 - 从PIN中获得对称密钥， - 使用导出的对称密钥来加密OTP密钥， - 在不安全存储器中存储加密的OTP密钥。 - 使用导出的对称密钥来解密OTP密钥， - 使用增量参数生成下一个OTP密钥，所述方法的特征在于，OTP密钥生成的增量参数的起始值（SV）是random（R）。