公开(公告)号：US20190268169A1

公开(公告)日：2019-08-29

申请号：US16348739

申请日：2017-11-10

Applicant: GEMALTO SA

Inventor： Laurent CASTILLO

IPC: H04L9/32 ,  H04L9/08 ,  H04L29/06 ,  H04W12/08 ,  H04W12/04 ,  H04W12/06 ,  B60R25/24

Abstract: This invention relates to a physical key for provisioning a communication device with data allowing said communication device to access a vehicle resource by operating remotely a vehicle lock system in which a first cryptographic key called master key is stored, comprising a secure enclave also storing the master key, the physical key being configured to: establish a communication link with the communication device; derive by the secure enclave a second cryptographic key called derived key from the master key; transmit to the communication device via the secure communication link the derived key for enabling the communication device to answer a security challenge from the vehicle lock system and the vehicle lock system to verify said answer, the access to the vehicle resource being allowed if the answer is successfully verified.

公开(公告)号：US20150341340A1

公开(公告)日：2015-11-26

申请号：US14654547

申请日：2013-12-20

Applicant: GEMALTO SA

Inventor： HongQian Karen LU ,  Laurent CASTILLO ,  Philippe SMADJA

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/32 ,  G06F21/34

CPC classification number: H04L63/0421 ,  G06F17/30867 ,  G06F21/34 ,  G06F21/6254 ,  G06F21/6263 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0815 ,  H04L67/02 ,  H04L2209/42

Abstract: Method and System for enhanced privacy in privacy-preserving identity solutions. The technology provides for a redirect of a request to generate a proof of an attribute from a service provider to a separator. The separator removes source identification from the attribute-proof request and redirects the attribute-proof request, free of original source identification, to a credential issuer which issues the credential. A security device of the user generates a presentation token from the privacy-preserving credential and presents the presentation token to the service provider as proof of the attribute. Other systems and methods are disclosed.

Abstract translation: 用于增强隐私保护身份解决方案隐私的方法和系统。 该技术提供了请求的重定向，以生成从服务提供商到分隔符的属性证明。 分离器从拒绝属性的请求中移除源标识，并将没有原始来源标识的属性检查请求重定向到颁发证书的凭据颁发者。 用户的安全设备从隐私保护凭证生成呈现令牌，并将呈现令牌呈现给服务提供者作为属性的证明。 公开了其它系统和方法。

公开(公告)号：US20180137511A1

公开(公告)日：2018-05-17

申请号：US15568108

申请日：2015-09-25

Applicant: GEMALTO SA

Inventor： Frank ARNOLD ,  Jean LAMBERT ,  Laurent CASTILLO

IPC: G06Q20/40 ,  G06Q20/34 ,  G06Q20/32 ,  H04L29/06

CPC classification number: G06Q20/4014 ,  G06Q20/3226 ,  G06Q20/3227 ,  G06Q20/3229 ,  G06Q20/341 ,  G06Q20/352 ,  G06Q20/353 ,  G06Q20/3823 ,  G06Q20/40 ,  G06Q2220/00 ,  H04L63/0853 ,  H04L63/0892

Abstract: A system for authenticating an electronic device by means of an authentication server in order to authenticate a user of said electronic device. The system is adapted to perform an authentication based on a fictive payment transaction and includes the authentication server which is adapted to execute a fictive payment transaction with a predetermined transaction amount with said electronic device and during said execution to receive a first cryptogram from said electronic device; send said first cryptogram to a banking server; and receive from said banking server an acknowledgment if said first cryptogram is valid; when said fictive payment transaction has been executed, compute an authentication identification based on said electronic device's data; said electronic device which is a payment electronic device and which is adapted to execute said fictive payment transaction with said authentication server and during said execution to send said first cryptogram to said authentication server.

公开(公告)号：US20150052359A1

公开(公告)日：2015-02-19

申请号：US13969903

申请日：2013-08-19

Applicant: Gemalto SA

Inventor： Laurent CASTILLO ,  HongQian Karen Lu ,  Asad Ali

IPC: H04L29/06

CPC classification number: H04L63/061 ,  H04L9/0822 ,  H04L9/0825 ,  H04L63/062 ,  H04L63/0853 ,  H04L2463/062

Abstract: The present invention relates to a method to securely and asynchronously provisioning keys from one source secure device to a target secure device through a key provisioning server for which the keys to be provisioned through the method remain unknown.

Abstract translation: 本发明涉及一种通过密钥提供服务器将密钥从一个源安全设备安全地和异步地提供给目标安全设备的方法，密钥提供服务器将通过该方法提供的密钥是未知的。