公开(公告)号：US11159319B2

公开(公告)日：2021-10-26

申请号：US16060977

申请日：2016-12-09

Applicant: GEMALTO SA

Inventor： Aline Gouget ,  Mariya Georgieva

IPC: H04L9/30 ,  G07C13/00 ,  H04L9/32

Abstract: A method for operating an attribute assertion device having a processor and memory to create an unlinkable digital signature-equivalent of an assertion message that is verifiable—by a service provider receiving the unlinkable digital signature-equivalent—as being generated from a digital signature of a known attribute provider having a public key PKAP. Operating the processor of the attribute assertion device to transform a digital signature of the attribute message into an unlinkable digital signature-equivalent using a one-way transformation of the signature, with the transformation process using a random value generated by the attribute assertion device and a challenge provided by the service provider.

公开(公告)号：US10693645B2

公开(公告)日：2020-06-23

申请号：US15744402

申请日：2016-07-13

Applicant: GEMALTO SA

Inventor： Georges Debois ,  Aline Gouget ,  Michael Webster

IPC: H04L9/32 ,  H04L29/06

Abstract: The present invention relates to a security management system for performing a secure transmission of data from a token to a service provider server by means of an identity provider server, wherein said security management system comprises: —said identity provider server which is adapted to: —open with said token a secure messaging channel by means of a General Authentication Procedure using at least one certificate; —receive via said secure messaging channel from said token enciphered data; —transmit to said service provider server said enciphered data; —said service provider server which is adapted to: —receive from said identity provider server enciphered data of said token; —decipher said enciphered data to extract said data; —said token which is adapted to: —encipher data; and—transmit via said secure messaging channel to said identity provider server said enciphered data.

公开(公告)号：US10650164B2

公开(公告)日：2020-05-12

申请号：US15541322

申请日：2015-12-30

Applicant: GEMALTO SA

Inventor： Aline Gouget ,  Dan Tam Pham

IPC: G06F21/00 ,  G06F21/62 ,  G06F16/9535 ,  H04L29/06 ,  G06F21/31

Abstract: A system and method of operating a database system to protect personal identifiers from being revealed. The system and method obfuscates personal identifiers using a secret value, storing in a database records containing the obfuscated personal identifier, storing the secret value in a identifier translation device, receiving at a request preparer a record request identifying a requested record using a non-obfuscated personal identifier, and operating the request preparer to direct the identifier translation device to translate the non-obfuscated personal identifier into an obfuscated personal identifier using the secret value stored in the identifier translation device and using the obfuscated personal identifier in a query to the database.

公开(公告)号：US10251062B2

公开(公告)日：2019-04-02

申请号：US15568192

申请日：2016-04-25

Applicant: GEMALTO SA

Inventor： HongQian Karen Lu ,  Jean-Yves Fine ,  Benoît Gonzalvo ,  Aline Gouget

IPC: H04W12/06 ,  H04W12/08 ,  H04W12/12

Abstract: The invention is a method for managing access to a service wherein the method comprises the following steps: a client application sends to an application server a request to access the service by using credentials and a first anti-clone code, the application server performs a verification of the credentials and said first anti-clone code, the application server sends a second anti-clone code to the client application and deactivates said first anti-clone code only in case of successful verification, said second anti-clone code being required for the next attempt to access the service.

公开(公告)号：US20150254669A1

公开(公告)日：2015-09-10

申请号：US14438647

申请日：2013-10-18

Applicant: GEMALTO SA

Inventor： Lorenzo Gaston ,  Aline Gouget

IPC: G06Q20/40 ,  G06Q20/38

CPC classification number: G06Q20/4016 ,  G06Q20/0655 ,  G06Q20/38215

Abstract: The invention relates to a system (1) for issuing electonic money, transfering said money from an e-Money sender (30) to an e-Money receiver (40) and compensating said money, said system comprising an issuer (10) or e-Money Issuer for issuing said electonic money, characterized in that it comprises at least one regulated entity (60), so that the issuance of the electonic money is regulated, and the transfer and subsequent usage or misuse of the e-money is monitored.

Abstract translation: 本发明涉及一种用于发行电子货币的系统（1），将所述货币从电子货币发送者（30）转移到电子货币接收器（40）并补偿所述货币，所述系统包括发行人（10）或e - 发行人发行所述电子钱，其特征在于，它包括至少一个受管制实体（60），从而监管电子金钱的发行，并监督电子货币的转移和随后的使用或滥用。

公开(公告)号：US08893227B2

公开(公告)日：2014-11-18

申请号：US13760248

申请日：2013-02-06

Applicant: Gemalto SA

Inventor： HongQian Karen Lu ,  Aline Gouget

IPC: H04L9/32 ,  H04L9/00 ,  H04L29/06 ,  G06Q20/38

CPC classification number: H04L63/08 ,  G06Q20/0652 ,  G06Q20/383 ,  G07F15/00 ,  H04L63/0407 ,  H04L63/0853 ,  Y04S40/24

Abstract: Privacy-preserving smart metering for a smart grid. Issuing a privacy-enhanced credential to a consumer node having smart meter. Operating the consumer node to associate an id with the credential and to use the id to report usage. Other systems and methods are disclosed.

Abstract translation: 用于智能电网的隐私保护智能测量。 向具有智能电表的消费者节点颁发隐私增强凭证。 操作消费者节点将ID与凭证相关联，并使用该ID来报告使用情况。 公开了其它系统和方法。

公开(公告)号：US11201724B2

公开(公告)日：2021-12-14

申请号：US16337197

申请日：2017-09-22

Applicant: GEMALTO SA

Inventor： Aline Gouget

IPC: H04L9/00 ,  H04L9/06

Abstract: The present invention relates to a method to counter DCA attacks of order 2 and higher order applied on an encoded table-based (TCabi,j) implementation of block-cipher of a cryptographic algorithm to be applied to a message (m), said method comprising the steps of: —translating a cryptographic algorithm block-cipher to be applied on a message (m) into a series of look-up tables (Tabi,j),—applying secret invertible encodings to get a series of look-up tables (TCi,j),—computing message-dependent masking values, comprising the computation of at least two shares of masking value (mmask1, mmask2) for the input of the table network based on at least two different message derivation functions (F1, F2),—re-randomizing the tables (TCi,j) using the computed message-dependent masking values (mmask1, mmask2),—computing rounds to be applied on the message (m) based on the randomized network of tables (TCi,j).

公开(公告)号：US11233659B2

公开(公告)日：2022-01-25

申请号：US16467957

申请日：2017-12-06

Applicant: GEMALTO SA

Inventor： Mariya Georgieva ,  Aline Gouget

IPC: H04L9/32 ,  H04L9/00 ,  H04L9/08 ,  H04L9/30

Abstract: The present invention relates to a method of generating a secure RSA key by a server comprising the steps of: •generating (S1) a private RSA key d and a RSA modulus integer N; •splitting (S2) the secret key integer d in j key shares dJ of length n, with j in [1, J], J being an integer, and such that d=d1+d2+ . . . +dJ mod phi(N), with each key share dj being equal to (dj(0) . . . dj(i) . . . dj(n/b−1)) with each key share component dj(i) in {0 . . . 2{circumflex over ( )}b−1} and i in [0, n/b−1], b being an integer inferior to n and phi the Euler's totient function; •encrypting (S3) with a fully homomorphic encryption (FHE) algorithm each key share component dj(i) of the private RSA key d by using a Fully Homomorphic Encryption secret key ps of a set Ss comprising the index couple (i,j), to generate an encrypted key share component edj(i) of said secure RSA key, said set Ss being a set of integer couples, among a predetermined integer number u of disjoint sets {S1, S2 Ss, Ss+1, . . . Su} generated such that: U{Ss}={(i,j) such that i in [0, n/b−1], j in [1, J]} and each said set among {S1, . . . Su} being associated with a Fully Homomorphic Encryption (FHE) secret key.