公开(公告)号：WO2008044112A3

公开(公告)日：2008-06-12

申请号：PCT/IB2007002928

申请日：2007-10-03

Applicant: AXALTO SA ,  SALGADO STEPHANIE ,  VIGILANT DAVID ,  FUMAROLI GUILLAUME

Inventor： SALGADO STEPHANIE ,  VIGILANT DAVID ,  FUMAROLI GUILLAUME

IPC: H04L1/00

CPC classification number: H04L1/0061

Abstract: The invention relates to a method for checking the integrity of a set of data packets received by a receiving communication device from a sending communication device, the data packets of the set being received in unpredictable order. The invention also relates to a communication device implementing a method according to the invention, in particular to a smart card.

Abstract translation: 本发明涉及一种用于检查由接收通信设备从发送通信设备接收的一组数据分组的完整性的方法，该组的数据分组以不可预知的顺序被接收。 本发明还涉及实现根据本发明的方法的通信设备，具体涉及智能卡。

公开(公告)号：WO2008044113A3

公开(公告)日：2008-07-10

申请号：PCT/IB2007002931

申请日：2007-10-03

Applicant: AXALTO SA ,  SALGADO STEPHANIE ,  VIGILANT DAVID ,  FUMAROLI GUILLAUME

Inventor： SALGADO STEPHANIE ,  VIGILANT DAVID ,  FUMAROLI GUILLAUME

IPC: G06F21/52 ,  G06F21/55

CPC classification number: G06F21/52 ,  G06F11/1004 ,  G06F21/50 ,  G06F21/556 ,  H04L9/003 ,  H04L9/3234 ,  H04L9/3249 ,  H04L63/123 ,  H04L2209/20 ,  H04L2209/34

Abstract: The invention relates to a method for protecting a sensitive operation by checking the integrity of at least a subset of the data manipulated by the sensitive operation. Data to be checked are divided into blocks, an intermediate integrity check value being computed for each block, the intermediate integrity check values being computed in random order. The invention also relates to a cryptographic device wherein at least one sensitive operation of the cryptographic device is protected by a method according to the invention.

Abstract translation: 本发明涉及一种通过检查由敏感操作操纵的数据的至少一个子集的完整性来保护敏感操作的方法。 要检查的数据被分成块，为每个块计算中间完整性检查值，中间完整性检查值以随机顺序计算。 本发明还涉及一种密码装置，其中通过根据本发明的方法保护密码装置的至少一个敏感操作。

公开(公告)号：WO2006000875A3

公开(公告)日：2006-08-24

申请号：PCT/IB2005001746

申请日：2005-06-20

Applicant: AXALTO SA ,  SALGADO STEPHANIE ,  ABELLAN SEVILLA JORGE

Inventor： SALGADO STEPHANIE ,  ABELLAN SEVILLA JORGE

IPC: H04L9/08 ,  H04L9/32 ,  H04W12/06

CPC classification number: H04L63/0853 ,  H04L9/0844 ,  H04L2209/80 ,  H04W12/06

Abstract: The present invention concerns a personal token for a mobile terminal in a communication network including an authentication server and a secure server producing derived key material on the basis of a random and a secret key (K) for use in an authentification and key agreement (AKA) procedure in a third-generation mobile system, said personal token including program instructions for re-computing the derived key material (Ck, Ik) on the basis of the received random and the secret key (K) as stored in the personal token, characterized in that the personal token includes program instructions for using a re-computed part of the derived key material in order to interpret the received additional data. This modification of the standard AKA procedure allows the personal token to keep the key material unavailable to the mobile terminal.

Abstract translation: 本发明涉及用于通信网络中的移动终端的个人令牌，其包括认证服务器和安全服务器，其基于用于认证和密钥协商（AKA）中的随机和秘密密钥（K）来生成派生密钥材料 ）程序，所述个人令牌包括基于存储在个人令牌中的所接收的随机和秘密密钥（K）重新计算导出的密钥资料（Ck，Ik）的程序指令， 其特征在于，个人令牌包括用于使用所导出的密钥材料的重新计算的部分以便解释所接收的附加数据的程序指令。 标准AKA程序的这种修改允许个人令牌保持移动终端的密钥材料不可用。

公开(公告)号：DE602004017200D1

公开(公告)日：2008-11-27

申请号：DE602004017200

申请日：2004-08-30

Applicant: AXALTO SA

Inventor： BERNARD EDDY ,  SALGADO STEPHANIE

IPC: H04L29/06 ,  H04W12/06 ,  H04W28/04 ,  H04W28/18

Abstract: Method of authentication in a system comprising two entities communicating between themselves by way of a network, a first entity (CARD) authenticating a second one (SERVER) and data received from said second entity, each entity storing the same secret key K, said first entity receiving a message authenticating code (MAC) and other parameters (RAND, SQN, AMF, ...), the message authenticating code calculation including the key K and said other parameters (RAND, SQN, AMF, ...), the authentication procedure consisting in challenging the received code (MAC) and an expected code (XMAC), the expected code being computed in using the received parameters and the key K stored in said first entity, characterized in that each time the two codes (MAC, XMAC) don't match, the authentication procedure is aborted, a failure counter storing the number of occurrences of abortion.

公开(公告)号：AT411691T

公开(公告)日：2008-10-15

申请号：AT04744327

申请日：2004-08-30

Applicant: AXALTO SA

Inventor： BERNARD EDDY ,  SALGADO STEPHANIE

IPC: H04L29/06 ,  H04W12/06 ,  H04W28/04 ,  H04W28/18

Abstract: Method of authentication in a system comprising two entities communicating between themselves by way of a network, a first entity (CARD) authenticating a second one (SERVER) and data received from said second entity, each entity storing the same secret key K, said first entity receiving a message authenticating code (MAC) and other parameters (RAND, SQN, AMF, ...), the message authenticating code calculation including the key K and said other parameters (RAND, SQN, AMF, ...), the authentication procedure consisting in challenging the received code (MAC) and an expected code (XMAC), the expected code being computed in using the received parameters and the key K stored in said first entity, characterized in that each time the two codes (MAC, XMAC) don't match, the authentication procedure is aborted, a failure counter storing the number of occurrences of abortion.