公开(公告)号：EP4280530A1

公开(公告)日：2023-11-22

申请号：EP23172237.2

申请日：2023-05-09

Applicant: STMicroelectronics S.r.l.

Inventor： VENEROSO, Amedeo ,  PASCARIELLO, Vincenzo ,  TRAMONTANO, Alfonso

IPC: H04L9/00

Abstract: The present disclosure relates to a method comprising :
- the generation, by a computing device (400), of a first key ( K ) and a bootstrapping key ( b k );
- the provision of the first key and an identifier (id) of the bootstrapping key to an electronic device (100) and the provision of the bootstrapping key and the identifier to a server (102);
- the fully homomorphic encryption, by the electronic device, of a first data value, stored in the electronic device, by using the first key; and
- the provision, by the electronic device, of the encrypted first data value ( c 1 , ...,c N ) and of the identifier, to the server.

公开(公告)号：EP4261693A1

公开(公告)日：2023-10-18

申请号：EP23161676.4

申请日：2023-03-14

Applicant: STMicroelectronics S.r.l.

Inventor： VENEROSO, Amedeo ,  CIMINO, Carlo

IPC: G06F12/02 ,  G06F12/10

Abstract: A method of managing memory (1084) in an integrated circuit card (108) using a Java Card platform, said integrated circuit card (108) comprising a non-volatile memory portion (51) and a RAM memory portion (52), said method comprising a procedure for the allocation of one or more transient arrays in said RAM memory portion (52), said procedure comprising
creating in a non-volatile memory heap (51) one or more array pointers (RA1, RA2, RA3), corresponding to one or more transient arrays (RB1, RB2, RB3) to be allocated, each array pointer (RA1, RA2, RA3) comprising a transient array size (BS) and a transient array address (LA; IA),
wherein
said creating (205) operation comprises
creating one or more array pointers (RA) comprising as transient array address a logical address (LA; IA) of the area of the RAM memory portion in which the respective transient array (RB1, RB2, RB3) is to be allocated
said procedure (200) further comprising
assigning (210) then in said RAM memory (52) area memory only to transient arrays (RB1, RB2, RB3), corresponding to said respective one or more array pointers (RA), which comprise at least a value different from zero.

公开(公告)号：EP4071642A1

公开(公告)日：2022-10-12

申请号：EP22162880.3

申请日：2022-03-18

Applicant: STMicroelectronics S.r.l.

Inventor： CASERTA, Francesco ,  VENEROSO, Amedeo

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30

Abstract: Method for concealing a subscription identifier (SI), in particular Subscription Permanent Identifier (SUPI), at a user equipment (11) of a mobile communication network, comprising a mobile equipment (11a) and an integrated circuit card (12) which stores subscription data for accessing said mobile communication network including said subscription identifier (PI),
said method comprising, upon receiving at said user equipment (11) a corresponding request (RQT) by a server (13) to provide a corresponding subscription identifier (PI, CI), performing an Elliptical Curve encryption of said subscription identifier (PI) generating a concealed subscription identifier (CI), said concealing operation (100) comprising that said mobile equipment (11a) of the user equipment (11) sends an identity retrieve command, in particular a GET IDENTITY command (GI), to an integrated circuit card (12) in the mobile equipment (11a),
said Elliptical Curve encryption including performing at the integrated circuit card (12) the operations of:
generating an ephemeral key pair (ephPrK, ephPuK) comprising an ephemeral private key (ephPrK) and ephemeral public key (ephPuK), performing a first scalar multiplication (Eq. 1) of the ephemeral private key (ephPrK) by a generator value (G) to obtain said ephemeral public key (ephPuK),
generating a Shared secret key (ShS) performing a second scalar multiplication (Eq. 2) of the Ephemeral Private key (ephPrK) by a server public key (srvPuK);
using said shared secret key (ShS) to derive keys to encrypt the subscription identifier (SI), which is to be sent to said server (13) as concealed subscription identifier (CI) as response of said identity retrieve command (GI),

said scalar multiplication being performed iteratively performing and iteration (i) comprising a set of operations for each bit of the Ephemeral Private key (ephPrK),
said method comprising performing, before receiving said identity retrieve command (GI) at the card (12), a pre-calculation of said ephemeral key pair (ephPrK, ephPuK) comprising an ephemeral private key (ephPrK) and ephemeral public key (ephPuK) and said shared secret key (ShS),
said pre-calculation including
performing an interruptible calculation (100) of said first (Eq. 1) and second (Eq. 2) scalar multiplication during the execution time of given periodic commands, in particular APDU STATUS commands, sent by the mobile equipment (11) to the card (12), storing a respective state of completion (EPuKState, ShSState) of said calculation (100),
said interruptible calculation (100) including checking (110, 130) at the beginning of each of said execution time said respective state of completion (EPuKState, ShSState),
if said respective state of completion (EPuKState, ShSState) indicates that completion of the computation of a valid ephemeral key pair or shared secret (ShS),
storing the corresponding values of ephemeral private key (ephPrK), ephemeral public key (ephPuK) and shared secret (ShS) in a table in a memory, in particular a flash memory, of the integrated circuit card (12) at the user equipment (11).

公开(公告)号：EP3647975A1

公开(公告)日：2020-05-06

申请号：EP19203500.4

申请日：2019-10-16

Applicant: STMicroelectronics S.r.l.

Inventor： DI COSMO, Luca ,  VENEROSO, Amedeo

IPC: G06F21/10 ,  G06F21/71 ,  H04W12/08 ,  G06Q20/32 ,  H04L29/06 ,  H04W4/50 ,  H04W4/60 ,  H04W12/00

Abstract: A tamper resistant device (11; 21) implementing an embedded Universal Integrated Circuit Card (15) comprising at least a security domain (P0) in which at least a telecommunication profile (Pj) is stored, said device (21) comprising a physical interface (18) configured to allow access from a processor (13) configured to operate with at least a mobile telecommunications network to said at least a telecommunication profile (Pj. Said tamper resistant device (21) a further security domain (PS0) storing at least an application profile (Si; PSi) and a further physical interface (17) configured to allow access from an application processor (12) to said at least an application profile (Si; PSi) stored in said further security domain (PSO),
said single tamper resistant device (21) being configured to enable accessibility to the at least an application profile (PSi) if corresponding commands (C) are received in signals exchanged on the first interface (17) and to enable accessibility to the telecommunication profile (Pj) if corresponding commands (C) are received in signals exchanged on the second interface (18).

公开(公告)号：EP3267699B1

公开(公告)日：2019-01-23

申请号：EP17162796.1

申请日：2017-03-24

Applicant: STMicroelectronics S.r.l.

Inventor： VENEROSO, Amedeo

IPC: H04W4/00

公开(公告)号：EP3073773B1

公开(公告)日：2019-11-27

申请号：EP15201541.8

申请日：2015-12-21

Applicant: STMicroelectronics S.r.l.

Inventor： VENEROSO, Amedeo

IPC: H04W8/18 ,  H04W8/20 ,  H04L29/08 ,  H04B1/3816 ,  H04W12/06 ,  H04L29/12 ,  H04W12/00

公开(公告)号：EP3267699A1

公开(公告)日：2018-01-10

申请号：EP17162796.1

申请日：2017-03-24

Applicant: STMicroelectronics S.r.l.

Inventor： VENEROSO, Amedeo

IPC: H04W4/00

CPC classification number: H04W8/183 ,  H04B1/3816 ,  H04W4/60 ,  H04W8/205

Abstract: A method for performing a management of a multi-subscription SIM module (108a), said multi-subscription SIM module (108a) comprising at least one memory (1084a) adapted to store at least a first (P1) and a second (P2) profile associated with a respective first and a second mobile network operator, said memory (1084) comprising a volatile portion (1084R), said operation of storing including installing or updating (1004) profiles (PI, P2) by downloading one or more downloaded profiles (Pd) from a remote host (30a), said management including selecting one or more enabled profiles (Ps) comprising an application to be executed and allocating a partition of the volatile portion (1084R) of the memory to said one or more enabled profile (Ps),
specifically, dividing (2005) the area of the volatile memory (1084R) in a partition (OSP) for the operative system, a partition (SPP) for the each of the one or more enabled profiles and a partition for a downloaded profile (DPP), said partition for the enabled profile (SPP) and partition for a downloaded profile (DPP) having the same size,
allocating (2010) the partition for the enabled profile (SPP) to the enabled profile (Ps), maintaining the partition for a downloaded profile (DPP) not accessible,
during a profile download operation (1004), accessing (2015) only the partition for a downloaded profile (DPP) allocating said partition for a downloaded profile (DPP) to the downloaded profile (Pd),
during a profile change operation (1006) swapping (2020) the downloading profile (Pd) from the partition for a downloaded profile (DPP) to one of the partitions for the enabled profile (SPP).

Abstract translation: 一种用于执行多订阅SIM模块（108a）的管理的方法，所述多订阅SIM模块（108a）包括适于至少存储第一（P1）和第二（P2）存储器的至少一个存储器（1084a） 所述存储器（1084）包括易失性部分（1084R），所述存储操作包括通过下载一个或多个下载的简档来安装或更新（1004）简档（P1，P2） （30a）接收来自远程主机（30a）的分区（Pd），所述管理包括选择包括要执行的应用的一个或多个启用简档（Ps），并将存储器的易失性部分（1084R）的分区分配给所述一个或多个启用简档 （Ps），具体地，划分（2005）用于操作系统的分区（OSP）中的易失性存储器（1084R）的区域，用于所述一个或多个启用的配置文件中的每一个的分区（SPP） 下载配置文件（DPP），表示分区为 （DPP）的已启用配置文件（SPP）和分区，为启用配置文件（Ps）分配（2010）已启用配置文件分区（SPP），维护已下载配置文件分区（DPP） 在配置文件下载操作（1004）期​​间，在配置文件更改操作（1004）期​​间访问（2015）仅用于下载的配置文件（DPP）的分区以将下载的配置文件（DPP） 1006）将用于下载简档（DPP）的分区的下载简档（Pd）交换（2020）到用于启用简档（SPP）的其中一个分区。

公开(公告)号：EP3073773A3

公开(公告)日：2017-01-11

申请号：EP15201541.8

申请日：2015-12-21

Applicant: STMicroelectronics S.r.l.

Inventor： VENEROSO, Amedeo

IPC: H04W8/18 ,  H04W8/20 ,  H04L29/08 ,  H04B1/3816 ,  H04W12/06 ,  H04L29/12

Abstract: A method for performing a remote management of a multi-subscription SIM module (108a) is disclosed. The multi-subscription SIM module (108a) comprises at least one memory adapted to store a first (P1) and a second (P2) profile associated with a respective first (MNO1) and a second (MNO2) mobile network operator, such that a respective content may be associated with each profile (P1, P2).
Specifically, the method comprises receiving a remote management message from a remote host (30a, 30b), wherein the remote management message comprises a remote management command, and a sender address and/or a destination address. Next, the remote management message is processed in order to determine the sender address and/or the destination address and a target profile (P1; P2) of the remote management command is determined as a function of the sender address and/or the destination address. Accordingly, once having determined the target profile, the remote management command may be executed in order to interact with the content of the target profile (P1; P2).