EP1911194A1 - Verfahren zur kontrolle sicherer transaktionen anhand eines einzelnen physikalischen geräts, entsprechendes physikalisches gerät, system und computerprogramm - Google Patents
Verfahren zur kontrolle sicherer transaktionen anhand eines einzelnen physikalischen geräts, entsprechendes physikalisches gerät, system und computerprogrammInfo
- Publication number
- EP1911194A1 EP1911194A1 EP06792517A EP06792517A EP1911194A1 EP 1911194 A1 EP1911194 A1 EP 1911194A1 EP 06792517 A EP06792517 A EP 06792517A EP 06792517 A EP06792517 A EP 06792517A EP 1911194 A1 EP1911194 A1 EP 1911194A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- key
- physical device
- certification
- provider
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Definitions
- Secure transaction control method implementing a single physical device, physical device, system, and corresponding computer program.
- the field of the invention is that of securing electronic transactions, including implementation of authentication, electronic signature and payment transactions, carried out through communication networks such as the Internet for example.
- the invention relates to a secure transaction control technique involving a physical device held by a user.
- a certificate makes it possible in particular to check the validity of a public cryptographic key used on a computer network, and is a message comprising, at least, a public key, an identifier of its holder, a period of validity, an identification of a certification authority, as well as a cryptographic signature of these different data, carried out by means of the secret key of this certification authority issuing the certificate.
- the reading of the certificate makes it possible to authenticate with certainty the sender of a message received in the case of the signature and the identifier of the sender who authenticates in the case of the authentication.
- a disadvantage of this technique of the prior art is that it does not allow a provider to ensure simply and remotely that the certificate of provider C that it delivers certifies a public key P 0 corresponding to a private key S 0 stored in a given physical device.
- the behavior of a physical device can be completely simulated by software so that at a distance, it is impossible for the provider to know if it corresponds to a physical device or a software emulation of such a device. device.
- the physical device can not be cloned, and therefore constitutes a single object, which alone is capable of producing the authenticators and the signatures corresponding to the public key P 0 , therefore to the certificate Ci, and therefore also to the identifier Idi by which the client is known to the third provider.
- the possessor of the physical device is then the only one to be able to authenticate or sign with the identifier Idi vis-à-vis the i leme provider, which is a property of non-repudiation strong, pledge of security for the provider.
- this physical device is the support for a paid subscription to a service provided by the provider (for for example, Internet access to newspaper articles published in a daily newspaper). Access to the paid service is conditioned, for the user, by opening a session with the provider, during which he authenticates by means of his physical device.
- a service provided by the provider for for example, Internet access to newspaper articles published in a daily newspaper.
- users are provided with physical devices such as smart cards or USB "Universal Serial Bus” dongles, which are conventionally associated with a pair of asymmetrical keys.
- P 0, S 0 having a private key S 0 and a public key P 0.
- the private key S 0 is an electronic element which must remain secret, and which is stored in a protected space of the physical device, protected from any intrusion attempt.
- the public key P 0 can be stored in free reading in the physical device, or delivered to the user on an external medium, such as a floppy disk, a CD-ROM, a paper document, or a placeholder a data server.
- This pair of keys (S 0 , P 0 ) is created in the factory, prior to the marketing and commissioning of the device.
- Such a physical device also conventionally comprises calculation means making it possible to implement an asymmetric cryptographic authentication and / or signature algorithm.
- RSA Raster-Shamir-Adleman
- DSA DSA
- GQ Guardou-Quisquater
- GPS GPS type algorithms
- this asymmetric cryptographic algorithm may be subject to the prior presentation of a carrier code (or PESf code for "Personal Identification Number ”) initialized during a (pre-) personalization phase of the physical device, and managed according to conventional techniques which are not the subject of the present patent application.
- a carrier code or PESf code for "Personal Identification Number ”
- the physical device can then be sold in this form to a user, by a distribution means independent of any provider.
- the user of the physical device also called client, must be issued by the service provider a certificate C 1 binder public key P 0 of the device and an identifier Id 1 relevant to the provider (Note: in systems where the anonymity of the user vis-à-vis the provider must be preserved, the identifier Id 1 is different from the civil identity of the user).
- This operation can be carried out with n different providers, so that the customer is assigned n provider certificates (C 1 , C 2 , ..., C n ⁇ linking n identifiers (Id 1 , Id 2, ..., Id n J (each of them being relevant for a given provider) with the same public key P 0 .
- n provider certificates C 1 , C 2 , ..., C n ⁇ linking n identifiers (Id 1 , Id 2, ..., Id n J (each of them being relevant for a given provider) with the same public key P 0 .
- the customer uses his physical device to sign a risk sent by the service provider (this is called authentication) or a message (this is called an electronic signature) thanks to its secret key S 0 and associating therewith the corresponding certificate Ci provided by the service provider, according to standardized protocols.
- the only solution allowing a provider to ensure that the current transaction is done by means of a given physical device is based on the physical manipulation of the device by the provider. Indeed, it can then read itself the public key P 0 in the device, in the case where it is stored there. In the opposite case, it can cause the device to be signed by means of the secret key S 0 , and then check the result of this signature by means of the public key P 0 supplied by the client on an external support.
- the invention particularly aims to overcome these disadvantages of the prior art.
- an object of the invention is to provide a secure transaction control technique implementing a physical device associated with a pair of asymmetric keys (P 0 , S 0 ), to ensure simple and possibly remote that a transaction is well done by means of a given physical device.
- the invention aims to propose such a technique that allows a provider to ensure that the public key P 0 that he must certify is a secret key S 0 stored in a physical device given.
- Another objective of the invention is to propose such a technique which is simple to implement and introduces little or no additional complexity into the physical devices used.
- a secure transaction control method implementing a physical device held by a user and carrying at least one pair of asymmetric keys, comprising a public device key (P 0 ) and a corresponding private device key (S 0 ).
- such a method comprises the following steps: prior to bringing into use of said physical device, a step of certifying said public device key (P 0 ) by signature by means of a first certification key (S T ) of a particular certification authority (PCA), issuing a device certificate (C 0 ) after verifying that said private device key S 0 is housed in a tamper-proof zone of said physical device (13); a step of verifying said device certificate (C 0 ) by means of a second certification key (P ⁇ ) corresponding to said first certification key (S T ); in case of positive verification, a step of registering said user with a provider delivering a provider certificate (Ci) corresponding to the signature by said provider of said public device key (P 0 ) and an identifier (Idi ) of this user.
- the invention is based on a completely new and inventive approach to securing electronic transactions. Indeed, the technique of the invention to intervene, to introduce an additional degree of security, a particular certification authority (ACP), to which the various providers give their full trust. This particular certification authority issues, prior to the putting into service of the physical device
- ACP certification authority
- USB Universal Serial Bus
- smart card a certificate relating to this physical device (and not as in the prior art a certificate relating to an identifier of its holder), whose verification of validity is a guarantee, for the service provider, that he is, even remotely, in the presence of a real physical device, and not equipment (computer, PDA, etc.) that would fraudulently reproduce the behavior.
- This security is based on a strong commitment by the particular certification authority to produce such device certificates C 0 from a first certification key S T , only for public keys P 0 corresponding to private keys S 0 stored in a given physical device.
- Verification of the device certificate can be done directly by the service provider, from a second certification key of the particular certification authority that it has communicated to him, or from a trusted third party.
- the transaction control method according to the invention uses the commitment of the ACP to assure a service provider that a client who wishes to engage in a secure transaction has a physical device, which has been certified by the ACP. This is very different from the prior art, which does not ensure that the user has a physical device at a distance. Indeed, the control techniques according to the prior art only ensure the identification of a user, if necessary using a chain of authentications and certifications based on the use of a succession of authorities certification, but always having the sole consequence of certifying the identity of a user.
- the method according to the invention comprises, in addition to the certification of the identity of the user, the prior certification of the physical device subsequently held by this user. This ensures a provider, possibly remote, that the user who authenticates with him has a physical device. Only this insurance allows the continuation of the establishment of the process of control of transaction.
- the service provider can then classically carry out the registration of the user, to which he issues a Ci provider certificate.
- said particular certification authority is the manufacturer of said physical device, which can then issue the device certificate C 0 , directly at the output of the production lines. It can of course also be a third-party certification authority, working for one or more separate manufacturers.
- said device certificate C 0 is stored in a memory zone in free reading of said physical device. It can easily be verified by the provider.
- said device certificate C 0 also signifies at least one representative piece of said physical device, which belongs to the group comprising the following information:
- the service provider thus has additional information on the physical device with which it deals, which may enable it, for example, to verify that the type of the device is appropriate to the nature of the transaction envisaged, or to ensure the traceability of the device, from its serial number.
- said verification step is performed by said provider.
- the provider knows directly whether or not he can register the user, without having to call on a third-party verification authority (which could also be considered in the context of the present invention).
- said first certification key S T is a private key and said second certification key P ⁇ is a public key.
- a pair of asymmetric keys is used, the private key S T of which is kept secret by the particular certification authority, unlike the public key that can be communicated to the service providers or published.
- said particular certification authority uses a symmetric key K, so that said first certification key S T and said second certification key P ⁇ are identical.
- said certification step is implemented from said symmetric key by said particular certification authority upon request from a manufacturer of said device, and said verification step is implemented by said particular certification authority upon request provider.
- this particular certification authority can of course be the manufacturer itself.
- the invention also relates to a physical device held by a user and intended to be used in secure transactions, said physical device carrying at least one pair of asymmetric keys, comprising a public device key P 0 and a private device key S 0 corresponding.
- such a device also carries a device certificate C 0 , issued after verification that said private device key S 0 is housed in a tamper-proof zone of said physical device (13), corresponding to the signature of said device key public P 0 by a first certification key S T of a particular certification authority, and said device certificate C 0 is stored in said physical device prior to its commissioning.
- the invention also relates to a computer program product downloadable from a communication network and / or stored on a computer readable medium and / or executable by a microprocessor, characterized in that it comprises program code instructions for the implementation of at least one step of the secure transaction control method described above.
- the invention also relates to a system for controlling secure transactions on a communication network, implementing a physical device held by a user and carrying at least one pair of asymmetric keys, comprising a public device key P 0 and a key of corresponding private device S 0 .
- Such a system comprises at least: a particular certification server connected to said network, delivering to said physical device, after verification that said private device key S 0 is housed in a tamper-proof zone of said physical device (13) and before it is put into service a device certificate C 0 corresponding to the signature of said public device key P 0 by a first certification key S T of said particular certification server; a verification server of said device certificate C 0 by means of a second certification key P ⁇ corresponding to said first certification key S T , said verification server being connected to said network; a server for registering said user with a provider, delivering to said user, in the event of a positive verification by said verification server, a provider certificate Ci corresponding to the signature by said provider of said public device key P 0 and d an identifier Idi of said user, said recording server being connected to said network.
- FIG. 1 illustrates the principle of the certification, by a particular certification authority, of the public key of a physical device, prior to its putting into service
- FIG. 2 presents a block diagram of the various steps implemented in the secure transaction control method of the invention
- FIG. 3 describes the various exchanges between a user and various servers of the invention, via a communication network, in the context of the method of FIG. 2. 7. Description of an embodiment of the invention
- the general principle of the invention is based on the certification of the public key P 0 of a physical device, prior to its putting into service, by a particular certification authority, to guarantee a provider, during a secure transaction (possibly remote), that it deals with a real physical device, in which is stored the private key S 0 associated with the public key P 0 .
- a particular certification authority has a pair of asymmetric keys (PT, ST) comprising a public key PT and a private key ST stored in a secret and inaccessible area 101.
- asymmetric keys PT, ST
- Such an ACP 10 is for example the manufacturer of the physical device: the secret zone 101 having stored therein the private key S T is then a particular physical device (a smart card for example) held by the manufacturer or a restricted access to protected memory area of one of its equipment computer.
- the public key P T for its part is published by the ACP 10, or provided on demand to potential providers that may need it (ie providers likely to carry out transactions with the holder of the physical device 13).
- asymmetric keys P 0 , S 0
- P 0 , S 0 asymmetric keys
- P 0 public key
- S 0 private key
- This protected area, or inviolable, 132 is designed to prevent reading of the private key S 0 and to resist any attempt of software or hardware intrusion.
- the public key P 0 can also be communicated to the holder of the physical device 13 to an external device, independent of the device itself.
- the operations illustrated in FIG. 1 are carried out before the physical device is sold at the factory, during a (pre-) personalization phase of the device. If this is a manufacturer-independent certification authority, these operations can be performed at the output of the production lines, before the distribution of physical devices to the end users.
- the physical device 13 communicates lia CPA 10 its public key P 0.
- the ACP 10 then signs with its private key S T the public key P 0 of the device 13.
- L 1 ACP 10 undertakes, of course, to produce such device certificates C 0 (ie such signatures with its private key S T ) as for public keys P 0 corresponding to private keys stored in a physical device of a given type.
- the certification operations of FIG. 1 may also, in an alternative embodiment of the invention, be pooled for several manufacturers of physical devices of different types.
- the ACP 10 is a trusted third party independent of all the manufacturers, which holds the private key S T and which, to produce the device certificate C 0 of a given physical device 13, signs, with its private key S T, the torque (P 0, ⁇ device of the type>).
- Such information ⁇ type of the device> allows to provide information for example on the nature of the device 13, namely a "dongle" USB, a smart card, etc.. It can also be the product reference used by the manufacturer to designate one of the devices it builds.
- C 0 device certificate other information relevant for the use of the physical device 13 may be signed in the C 0 device certificate, such as the manufacturer's name ( ⁇ manufacturer's name), the type of cryptographic algorithm used ( ⁇ algorithm type>), the serial number of the device, etc.
- the key K can be shared between the manufacturer of the physical device 13 and one (or a few) trusted third parties, whose manufacturer knows they will keep this key K secret; in this case, only these third parties or the manufacturer himself will be able to check the certificate.
- the key K is used only by a manufacturer-independent ACP 10, which signs the symmetric key device certificate C 0 , only at the request of the manufacturer of physical devices 13.
- this ACP 10 will be alone. to be able to check the device certificates C 0 , at the request of the service providers wishing to carry out a transaction with the associated physical devices 13.
- this ACP 10 can of course be the manufacturer itself.
- the physical device 13 in which the certificate C 0 has been registered by the PCA 10 is sold by a distribution means independent of any provider, for example in a supermarket or at an authorized retailer.
- Such a provider 33 may for example, be a service provider (access to a weather service, or a geolocation service for example) or a seller of goods (Internet merchant for example).
- the physical device 13 has been acquired by a user 30 who wishes, for example, to use it to access the services offered by a provider 33, via a communication network 32, for example the global Internet network.
- a communication network 32 for example the global Internet network.
- Such a physical device 13 serves, for example, to support a paid subscription subscribed by the user 30 to the provider 33 (for example a subscription to a daily horoscope published on the Internet).
- This request s accompanied by the public key P 0 and the device certificate C 0 which has been prerecorded 21 by the PCA 10 in the physical device 13 (which, for the sake of simplicity, has not been shown in FIG. 3).
- the provider Before accessing the request of the user 30, the provider wants to verify that the public key P 0 that has been transmitted to him corresponds to a secret key S 0 stored in a given physical device. To do this, it carries out a verification 22 of the device certificate C 0 transmitted with the request, by means of the public key P T of the particular certification authority 10.
- the provider 33 can terminate the transaction 23, and deny the user 30 access to the requested good or service.
- the provider 33 is certain that the public key P 0 corresponds to a private key S 0 stored on a given physical device 13, and can therefore access the request of the user 30, by proceeding to the registration 24 of the latter under a relevant identifier (Idi). To do this, the provider 33 delivers to the user 30 a provider certificate Ci corresponding to the signature of the public key P 0 and said identifier (Idi) by the provider 33. This provider certificate Ci is transmitted to the communication terminal 31 of the user through the communication network 32 which is connected to the registration server of the provider 33.
- the verification 22 of the device certificate C 0 may be performed by the service provider 33 itself or by a dedicated verification server 34, also connected to the network 32.
- the provider 33 transmits the device certificate C 0 to the server by the network 32.
- the certification server 35 of the ACP 10 which has created the device certificate C 0 of the physical device 13, communicates or has communicated its public key P T to the verification server 34.
- the verification server 34 only has to use the public key P T of the certification server 35 to verify the authenticity of the certificate C 0 , then transmit the result of this verification to the provider 33, so that the latter knows it can proceed to the registration 24 of the user 30 or if he has to put end 23 to the exchange in progress.
- the user can then begin to carry out secure transactions with the provider 33: to do this, he uses his physical device 13 to sign a random provided by the provider (known as authentication) or a message (known as a signature) with its secret key S 0, and involving the certificate provider corresponding Ci, according to standard protocols that are not subject to this patent application and are therefore not described here in more detail.
- the user 30 can proceed to a registration 24 with several different providers, each of whom will issue a separate provider certificate Ci binding the public key P 0 of the physical device 13 to an ID Id of the user 30, relevant to the provider considered .
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0507990 | 2005-07-26 | ||
PCT/EP2006/064383 WO2007012583A1 (fr) | 2005-07-26 | 2006-07-18 | Procede de controle de transactions securisees mettant en oeuvre un dispositif physique unique, dispositif physique, systeme, et programme d'ordinateur correspondants |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1911194A1 true EP1911194A1 (de) | 2008-04-16 |
Family
ID=36121380
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP06792517A Withdrawn EP1911194A1 (de) | 2005-07-26 | 2006-07-18 | Verfahren zur kontrolle sicherer transaktionen anhand eines einzelnen physikalischen geräts, entsprechendes physikalisches gerät, system und computerprogramm |
Country Status (4)
Country | Link |
---|---|
US (1) | US20090106548A1 (de) |
EP (1) | EP1911194A1 (de) |
JP (1) | JP2009503967A (de) |
WO (1) | WO2007012583A1 (de) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7318050B1 (en) * | 2000-05-08 | 2008-01-08 | Verizon Corporate Services Group Inc. | Biometric certifying authorities |
US7613915B2 (en) * | 2006-11-09 | 2009-11-03 | BroadOn Communications Corp | Method for programming on-chip non-volatile memory in a secure processor, and a device so programmed |
US8332647B2 (en) * | 2009-06-25 | 2012-12-11 | Raytheon Company | System and method for dynamic multi-attribute authentication |
CN102231667B (zh) | 2011-07-29 | 2013-06-19 | 飞天诚信科技股份有限公司 | 串口设备注册的方法和装置 |
CN104184713B (zh) * | 2013-05-27 | 2018-03-27 | 阿里巴巴集团控股有限公司 | 终端识别方法、机器识别码注册方法及相应系统、设备 |
US9603019B1 (en) | 2014-03-28 | 2017-03-21 | Confia Systems, Inc. | Secure and anonymized authentication |
US20160359633A1 (en) * | 2015-06-02 | 2016-12-08 | Crater Dog Technologies, LLC | System and method for publicly certifying data |
US9787478B2 (en) * | 2015-06-10 | 2017-10-10 | Qualcomm Incorporated | Service provider certificate management |
US10484359B2 (en) | 2015-07-25 | 2019-11-19 | Confia Systems, Inc. | Device-level authentication with unique device identifiers |
US9602292B2 (en) * | 2015-07-25 | 2017-03-21 | Confia Systems, Inc. | Device-level authentication with unique device identifiers |
US10587421B2 (en) * | 2017-01-12 | 2020-03-10 | Honeywell International Inc. | Techniques for genuine device assurance by establishing identity and trust using certificates |
JP2020195100A (ja) * | 2019-05-29 | 2020-12-03 | 株式会社bitFlyer Blockchain | 公開鍵の信頼性を証明するための装置、方法及びそのためのプログラム |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH096236A (ja) * | 1995-06-26 | 1997-01-10 | Nippon Telegr & Teleph Corp <Ntt> | 公開鍵暗号の鍵生成・証明書発行方法及びそのシステム |
FR2751104B1 (fr) * | 1996-07-11 | 1998-12-31 | Stoffel Laurent | Procede de controle de transactions securisees independantes utilisant un dispositif physique unique |
US5903721A (en) * | 1997-03-13 | 1999-05-11 | cha|Technologies Services, Inc. | Method and system for secure online transaction processing |
JPH11231776A (ja) * | 1998-02-13 | 1999-08-27 | Nippon Telegr & Teleph Corp <Ntt> | 証明書発行方法およびその装置 |
GB9914262D0 (en) * | 1999-06-18 | 1999-08-18 | Nokia Mobile Phones Ltd | WIM Manufacture certificate |
EP1212732B1 (de) * | 1999-08-31 | 2004-01-21 | American Express Travel Related Services Company, Inc. | Verfahren und vorrichtung zum durchführen von elektronischen transaktionen |
JP2002032503A (ja) * | 2000-07-19 | 2002-01-31 | Hitachi Ltd | 証明書提供方法および証明書提供サービスシステム |
FI112904B (fi) * | 2001-06-29 | 2004-01-30 | Nokia Corp | Menetelmä suojata elektroninen laite ja elektroninen laite |
US8601566B2 (en) * | 2001-10-23 | 2013-12-03 | Intel Corporation | Mechanism supporting wired and wireless methods for client and server side authentication |
JP2004153711A (ja) * | 2002-10-31 | 2004-05-27 | Nippon Telegr & Teleph Corp <Ntt> | 相互認証方法及びプログラム、該プログラムを記録した記録媒体、icカード、端末装置並びにicカード管理サーバ装置 |
JP2007524275A (ja) * | 2003-06-17 | 2007-08-23 | ビザ インターナショナル サービス アソシエーション | 電子取引における安全なデータ交換のための方法およびシステム |
EP1779635B1 (de) * | 2004-08-19 | 2008-03-05 | France Télécom | Verfahren zur zuweisung eines authentifizierungszertifikats und infrastruktur zur zuweisung eines zertifikats |
US20080250246A1 (en) * | 2005-07-26 | 2008-10-09 | France Telecom | Method for Controlling Secure Transactions Using a Single Multiple Dual-Key Device, Corresponding Physical Deivce, System and Computer Program |
-
2006
- 2006-07-18 WO PCT/EP2006/064383 patent/WO2007012583A1/fr active Application Filing
- 2006-07-18 JP JP2008523317A patent/JP2009503967A/ja active Pending
- 2006-07-18 EP EP06792517A patent/EP1911194A1/de not_active Withdrawn
- 2006-07-18 US US11/996,181 patent/US20090106548A1/en not_active Abandoned
Non-Patent Citations (1)
Title |
---|
See references of WO2007012583A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2007012583A1 (fr) | 2007-02-01 |
US20090106548A1 (en) | 2009-04-23 |
JP2009503967A (ja) | 2009-01-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2007012584A1 (fr) | Procédé de contrôle de transactions sécurisées mettant en oeuvre un dispositif physique unique à bi-clés multiples, dispositif physique, système et programme d'ordinateur correspondants | |
WO2007012583A1 (fr) | Procede de controle de transactions securisees mettant en oeuvre un dispositif physique unique, dispositif physique, systeme, et programme d'ordinateur correspondants | |
WO2003056750A2 (fr) | Systeme cryptographique de signature de groupe | |
WO2003061193A1 (fr) | Procede et dispositif de signature anonyme au moyen d'une cle privee partagee | |
WO2009130089A1 (fr) | Procede de diffusion securisee de donnees numeriques vers un tiers autorise | |
WO2010046565A2 (fr) | Procédé de signature numérique en deux étapes | |
FR2930391A1 (fr) | Terminal d'authentification d'un utilisateur. | |
EP3991381B1 (de) | Verfahren und system zur erzeugung von chiffrierschlüsseln für transaktions- oder verbindungsdaten | |
EP3238150B1 (de) | Verfahren zur absicherung kontaktloser transaktionen | |
EP2306668B1 (de) | System und Verfahren einer gesicherten Online-Transaktion | |
WO2003060841A1 (fr) | Procede cryptographique de revocation a l'aide d'une carte a puce | |
FR3035248A1 (fr) | Systeme-sur-puce a fonctionnement securise et ses utilisations | |
EP3479325B1 (de) | Verfahren zur authentifizierung von zahlungsdaten, zugehörige vorrichtungen und programme | |
CA2831167C (fr) | Infrastructure non hierarchique de gestion de bi-cles de securite de personnes physiques ou d'elements (igcp/pki) | |
FR3073998B1 (fr) | Procede numerique de controle d'acces a un objet, une ressource ou service par un utilisateur | |
FR2730076A1 (fr) | Procede d'authentification par un serveur du porteur d'un objet portatif a microprocesseur, serveur et objet portatif correspondants | |
EP1794926A1 (de) | Kryptographische vorrichtung und verfahren mit öffentlichem schlüssel und zertifizierungs-server sowie an diese vorrichtung angepasste speicher | |
WO2017005644A1 (fr) | Procédé et système de contrôle d'accès à un service via un média mobile sans intermediaire de confiance | |
EP3673633A1 (de) | Verfahren zur authentifizierung eines benutzers mit einem authentifizierungsserver | |
EP3503500B1 (de) | Verfahren zur erstellung einer fern-elektronischen signatur mit dem fido-protokoll | |
FR2898423A1 (fr) | Procede securise de configuration d'un dispositif de generation de signature electronique. | |
EP3029878B1 (de) | Verfahren zur übertragung eines geheimnisses mit begrenzter lebensdauer, um eine transaktion zwischen einem mobilen endgerät und einer ausstattung durchzuführen | |
WO2017077210A1 (fr) | Procédé de verification d'identité lors d'une virtualisation | |
WO2014154961A1 (fr) | Procédé de délivrance de billets électroniques | |
FR2971109A1 (fr) | Systeme biometrique de verification de l'identite avec un signal de reussite, cooperant avec un objet portatif |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20071217 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: SIBERT, HERVE Inventor name: FRISCH, LAURENT Inventor name: ARDITTI, DAVID |
|
17Q | First examination report despatched |
Effective date: 20110126 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20110607 |