EP2893667A1 - Procédé d'authentification d'un support de données portable - Google Patents

Procédé d'authentification d'un support de données portable

Info

Publication number
EP2893667A1
EP2893667A1 EP13747354.2A EP13747354A EP2893667A1 EP 2893667 A1 EP2893667 A1 EP 2893667A1 EP 13747354 A EP13747354 A EP 13747354A EP 2893667 A1 EP2893667 A1 EP 2893667A1
Authority
EP
European Patent Office
Prior art keywords
key
secret
data carrier
public
ski
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP13747354.2A
Other languages
German (de)
English (en)
Inventor
Gisela Meister
Jens Urmann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Giesecke and Devrient Mobile Security GmbH
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of EP2893667A1 publication Critical patent/EP2893667A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/047Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
    • H04W12/0471Key exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the invention relates to a method for authenticating a portable data carrier in relation to a term device, a correspondingly set up portable data carrier, a correspondingly set up terminal device and a system consisting thereof.
  • a portable data carrier for example in the form of an electronic identity document, comprises an integrated circuit with a processor and a memory.
  • the memory typically stores data that provides information about the owner of the volume, such as the name of the owner.
  • An authentication application can be executed on the processor, via which the data carrier can authenticate against a term device, in the case of an identification document, for example, at a border control or the like.
  • a secure data confor- mation between the data carrier and the term device is prepared by agreeing a secret communication key for the symmetric encryption of a subsequent data communication, for example by means of the known Diffie and Hellman key exchange method or other suitable methods. Furthermore, as a rule, at least the terrestrial device verifies the authenticity of the data carrier, for example by means of a certificate.
  • both the terminal and the data carrier each have a secret key and a public key Provide key.
  • the certificate of the volume may affect its public key.
  • each volume of a set or group of volumes is personalized with an individual key pair consisting of a public key and a secret key, problems arise with regard to the anonymity of the owner of the volume. It would then be possible to uniquely assign each use of the data carrier to the corresponding owner on the basis of the individual public key, thus creating, for example, a complete movement profile of the owner.
  • WO2012 / 031681 describes an authentication method which preserves the anonymity of the owner of a data carrier and in which the compromising of one of the data carriers has no negative effects on the security of other data carriers.
  • a public key and a secret key of the data carrier as well as a public session key and a secret session key of the term device are used.
  • the volume uses a public group key as the public key.
  • a secret key the volume uses a secret key derived from a secret group key associated with the public group key.
  • the public key used is the public group key, which is not volume-specific, but is identical for all volumes in the group. In this regard, all volumes of a group are indistinguishable. Thus, the anonymity of the owner of the data carrier can be maintained.
  • the attacker issuing the disk calculates the following values:
  • PK0 A SKT an attacker can successfully portray himself as an authentic data carrier in relation to a terrestrial device without knowing the private group key SKO or a key derived therefrom, eg SKI.
  • the object of the present invention is to ensure that the process described in WO 2012/031681 while retaining its advantages over the attack described above.
  • the data carrier uses the public group key PKO as the public key and a key SKI as the secret key, which is derived from a secret group key SKO assigned to the public group key PKO using a derivation parameter RND1.
  • the portable data carrier uses the secret group key SKO to generate a digital signature Sig (gl) of a data element gl required for the authentication, into which the derivation parameter RND1 flows.
  • the secret key of the data carrier SKI is replaced by a secret key SKI "of the data carrier derived from the secret key. ⁇ br/> ⁇ br/> ⁇ br/> ⁇ br/> ⁇ br/> ⁇ br/> ⁇ br/> ⁇ br/>
  • the secret key SKI" deriving from the secret key is preferably replaced by a first multiplication of the secret key.
  • key SKI with another random number RND1 1 and a second multiplication with another random number RND1 "generated.
  • the public group key PKO and the secret key SKI of the data carrier and the public session key PKT and the secret session key SKT of the term means a communication key KK between the data carrier and the Terrnmal raised agreed, preferably by means of a Diffie-Hellman ScM Kunststoffe.
  • the Schnorr signature is used, into which the secret group key SKO flows.
  • the secret key SKI is derived from the secret group key SKO using a first random number RND1.
  • the public group key PKO is determined by exponentiation of a given prirnitivwurzel or base g with the secret group key SKO, the secret key SKI formed by multiplication of the secret group key SKO with a first random number RND1 and a derived base gl means of an exponentiation of the primitive root or Basis g formed with the reciprocal of the first random number RND1.
  • the derived base gl of the term means is provided by the data carrier.
  • the public session key PKT of the terminal device is determined by means of exponentiation of the derivative base gl provided by the data carrier with the secret session key SKT of the terrestrial device.
  • a portable data carrier comprising a processor, a memory, and a data correspondence courier to a terminal device, the portable data medium adapted to authenticate to the terminal device using a public key PKO and a secret key SKI of the disk coming out of a public secret key PKO is derived using a derivation parameter RND1, and a public session key PKT and a secret session key SKT of the terrestrial device, wherein the portable data carrier is further configured to use the secret group key SKO a digital signature Sig (gl ) to generate a required for the authentication data element gl, in which the derivative parameter RND1 flows.
  • a term means is provided which is set up to authenticate to a portable data carrier using a public key PKO and a secret key SKI of the data carrier which consists of a public group key PKO secret group key SKO using a Derivation parameter RND1 is derived, as well as a public session key PKT and a secret session key SKT the Termmal Vietnamese perform, the Termmal pain is adapted to check using the secret group key SKO a digital signature Sig (gl) of a data required for the authentication data gl, in that the derivative parameter RND1 flows into.
  • the term means is adapted to determine its public key PKT using a derived base gl provided by the data carrier in combination with the secret session key SKT of the term means.
  • FIG. 2 is a flowchart showing steps of a preferred embodiment of the method according to the invention for authenticating a data carrier
  • Fig. 3 is a flow chart, the further steps of a preferred
  • Embodiment of the inventive method for au- thentization of a data carrier with respect to a terminal device shows, and
  • FIG. 4 shows a flow diagram which, according to a preferred embodiment, shows the steps made by the data carrier for authenticating in a further session with a terminal device.
  • 1 shows a schematic representation of a preferred embodiment of a portable data carrier according to the invention in the form of a chip card 10.
  • the chip card 10 is configured to exchange data with an external entity in the form of a termmarker 20.
  • a data exchange can be described by the transmitter-receiver model known from information theory: data or information is encoded in characters and then transmitted from a transmitter to a receiver via a transmission channel.
  • both the chip card 10 and the term device 20 have suitable communication interfaces 12 and 22.
  • the interfaces 12 and 22 may, for example, be designed such that the communication between them or between the chip card 10 and the term device 20 is contactless, ie via the air interface, as indicated in FIG.
  • the chip card 10 via the interface 12 galvanic, ie contact-related, with the interface 22 of the Termmal boots 20 are in communication.
  • the interface 12 is usually designed as a contact field arranged on the chip card 10 with a plurality of contact surfaces for data exchange with the terminal device 20.
  • the present invention also includes portable data carriers which both have an interface to the contact-type as well as an interface for contactless Koimnunikation with a terminal device and the Professional in the context of smart cards are known as dual-interface smart cards.
  • the portable data carrier 10 in the form of a chip card comprises a central processing unit (CPU) in the form of a microprocessor 14 which is in communication with the interface 12 for communication with the term device 20 stands.
  • the central tasks of the CPU or the microprocessor 14 include the execution of arithmetic and logic functions and the reading and writing of data, as defined by a computer program running on the microprocessor 14 in the form of machine instructions.
  • a memory unit 16 which is in communication with the microprocessor 14 comprises, in particular, a volatile random access memory (RAM) for receiving the machine instructions of a computer program to be executed by the microprocessor 14.
  • RAM volatile random access memory
  • the memory unit 16 may comprise a nonvolatile, preferably rewritable memory in which data can be securely stored, which relate, inter alia, to the owner of the portable data carrier 10.
  • the nonvolatile memory is a flash memory (flash EEPROM). This may be, for example, a flash memory with a NAND or a NOR architecture.
  • the memory unit 16 may also comprise a read-only memory (ROM).
  • ROM read-only memory
  • a portable data carrier 10 according to the invention may have further electronic elements than those shown in FIG.
  • the portable data carrier 10 could also have a memory management unit interacting with the microprocessor 14 for managing the memory unit 16, or the microprocessor 14 could have its own internal memory unit or a coprocessor for performing cryptographic calculations ,
  • the portable data carrier 10 if it represents, for example, an electronic identity document, further features (not shown). These can be visibly applied to a surface of the portable data carrier 10, for example printed on it, and designate the holder of the data carrier, for example by its name or a photo.
  • FIG. 2 shows preparatory steps. These can be carried out, for example, during the production of the data carrier 10, for example in a personalization phase.
  • a secret group key SKO and a public group key PKO are formed as part of a public key infrastructure (PKI).
  • PKI public key infrastructure
  • the public group key PKO is calculated as the result of an exponentiation of a given base gO, which is also known to the person skilled in the art as a primitive root or generator, modulo a predetermined prime number p. All calculations described below are to be read modulo the prime number p, without this being always explicitly stated.
  • the two keys SKO and PKO form a group key pair and provide the basis for the key architecture for a group of like volumes 10 described below.
  • step S2 a certificate Cert (PK0) is formed, which serves for the verification of the public group key PKO.
  • the data carrier 10 which represents a data carrier of a given group of data carriers, is equipped with a key pair.
  • the public group key PKO serves the volume 10 as a public key.
  • a secret key SKI of the data carrier 10 is randomized, ie using a random number RND1, from the derived secret group key SKO.
  • each data carrier 10 of the group is equipped with a key pair, which differs from a corresponding key pair of another data carrier of the group-due to the randomized component in the key derivation-by respectively different secret keys SKI.
  • all volumes 10 of the group comprise the same public key PKO.
  • all secret keys of the group of volumes have been derived from the same secret group key SKO.
  • a derived basis gl for the data carrier is calculated.
  • the reciprocal 1 / RND1 of the random number RND1 forms the multiplicative inverse of the random number RND1 with respect to the multiplication modulo the prime number p and is also known in the art as RND1 -1 .
  • a signature Sig (gl) of the derived base gl is created using the secret group key SKO.
  • the Schnorr signature is used here.
  • H stands for a suitable hash function and M
  • r for the concatenation of the data element M to be signed with the value r g A k derived from the random number r.
  • Schnorr signature as well as other signature methods suitable according to the invention, such as DSA, ElGamal and the like, can be found, for example, in section 11 and in particular section 11.5 of the book "Handbook of Applied Cryptography" by A. Menezes, P. van Oorschot and S. Vanstone, 1997, to which reference is hereby incorporated by reference.
  • the Schnorr signature preferred according to the present invention as the signature method
  • the key SKI derived from the secret group key SKO and the public group key PKO are written in substep TS34 together with the derived base gl, the signature sig (gl) of the derived base g1, the original base g0 and the certificate Cert (PKO) in the memory unit 16 of the portable data carrier 10 is stored.
  • the original base gO can be included in the certificate Cert (PKO).
  • the Random number RND1 and secret group key SKO are not stored in the volume 10. This is set up to perform an authentication with respect to the termimaging device 20, as will be described in greater detail with reference to FIG.
  • the portable data carrier 10 provides the terminal device 20 with the data necessary for mutual authentication.
  • a communication key KK requires the term means 20 in the illustrated embodiment, the derived base gl and the public group key PKO.
  • the signature device 20 provides the signature Sig (g1) of the derived base g1 created in substep TS33 and the original base g0.
  • the terrestrial device 20 requires the corresponding certificate Cert (PKO).
  • PKO certificate Cert
  • the original base gO can also be integrated in such a chain or be part of the certificate Cert (PKO), for example, if it is a certificate according to the standard X.509. It is also possible that the data to be provided to the termmaker 20 in step S4 are stored in a freely readable memory area of the memory unit 16 of the portable data carrier 10 and are read out by the termmaker 20 if necessary.
  • step S5 the terrestrial device 20 verifies by means of the digital signature Sig (gl) whether the derived base gl transmitted from the data carrier 10 corresponds to the base with which the signature Sig (gl) was originally created. that is.
  • the teririnal device 20 is followed by the signature Sig (gl) being generated by means of a matching secret key has been, ie by means of the secret group key SK0 or a key derived therefrom, e.g. the key SK, as is the case with a preferred embodiment of the invention described in connection with FIG. 4 at subsequent sessions.
  • step S6 the toll device 20 checks the certificate Cert (PKO) of the public group key PKO.
  • This check of the certificate can alternatively also take place after the agreement of the communication key KK in step S8 and / or of the secret session key SKT in step S7.
  • step S7 the toll device 20 prepares the authentication. It generates a secret session key SKT. This can be done, for example randomized, ie using a random number.
  • a public session key PKT of the term device 20 calculates this by means of exponentiation of the derived base gl provided by the portable data carrier 10 with its own secret session
  • PKT: gl A ST rj> he public session key PKT is provided to the portable volume 10 by the term means 20.
  • step S8 the communication key KK is now concretely agreed between the terrrunal worn 20 and the portable data carrier 10.
  • the data carrier 10 calculates this communication key KK by exponentiation of the public session key PKT of the term device 20 with its own derived secret key SKI:
  • the Termmal acquired 20 calculates the communication key KK by exponentiation of the public group key PK0 with the secret session key SKT the Terrnmal pain 20:
  • the portable data carrier 10 and the terrarium device 20 arrive at the same result, ie at the same key of the communication key KK, on the basis of the respective data available to them. This is the authentication between the portable data carrier 10 and the terminal device 20 is completed.
  • the data stored in the portable data carrier 10 are preferably in accordance with the following
  • the method described with reference to FIG. 4 varies from session to session. This relates to the derived secret key SKI as well as the derived base gl. This is, as described above, transmitted to the terminal device 20 as part of the authentication procedure or provided in another way. An unchanged, data carrier-individual basis gl could thus be used to identify the data carrier 10.
  • the deduced key SKI 'and the derived base gl' would be used in a further authentication session used in the preferred embodiment in which a sniffer Signature is used and in which in step S4 to verify the signature Sig (gl ') of the new base gl' of Terrrunal stimulating 20 both the new derived base gl 'and the previous base gl are transmitted, the Terrrunal stimulating 20 or a so Connected background sys tem clearly identify the portable data carrier 10, since the Terrrunal responded 20 and the background system knows the base gl and the original base gO that they have been provided by the portable data carrier 10 in the previous authentication session.
  • step S12 the further derived base is signed using the secret key SKI ', preferably again using the Schnorr signature
  • the further derived secret key SKI ", the further derived base gl", the signature Sig (Gl ") and the base gl 'derived in step S10 are stored in the data carrier 10 for the next authentication session.
  • the data carrier 10 would preferably provide the values gl ", Sig (gl"), gl 1 , PK0 and Cert (PKO) in a step analogous to step S4 of the term means 20. Since the memory device 20 can not relate the values gl "and gl 'to the values gl and gO used in the preceding authentication session, the preferred method illustrated in FIG. 4 ensures that the data carrier 10 can not be tracked.

Abstract

La présente invention concerne un procédé pour authentifier un support de données portable vis-à-vis d'un dispositif terminal, au moyen d'une clé publique et d'une clé confidentielle du support de données, ainsi que d'une clé de session publique et d'une clé de session confidentielle du dispositif terminal. Le support de données utilise comme clé publique une clé de groupe publique et comme clé confidentielle une clé qui est dérivée d'une clé de groupe confidentielle associée à la clé de groupe publique sur la base d'un paramètre de dérivation. Au moyen de la clé de groupe confidentielle, le support de données portable génère une signature numérique d'un élément de données nécessaire à l'authentification, élément dans lequel est intégré le paramètre de dérivation.
EP13747354.2A 2012-09-10 2013-08-01 Procédé d'authentification d'un support de données portable Withdrawn EP2893667A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102012017835.2A DE102012017835A1 (de) 2012-09-10 2012-09-10 Verfahren zur Authentisierung eines portablen Datenträgers
PCT/EP2013/002319 WO2014037075A1 (fr) 2012-09-10 2013-08-01 Procédé d'authentification d'un support de données portable

Publications (1)

Publication Number Publication Date
EP2893667A1 true EP2893667A1 (fr) 2015-07-15

Family

ID=48949117

Family Applications (1)

Application Number Title Priority Date Filing Date
EP13747354.2A Withdrawn EP2893667A1 (fr) 2012-09-10 2013-08-01 Procédé d'authentification d'un support de données portable

Country Status (3)

Country Link
EP (1) EP2893667A1 (fr)
DE (1) DE102012017835A1 (fr)
WO (1) WO2014037075A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102014019067A1 (de) * 2014-12-18 2016-06-23 Giesecke & Devrient Gmbh Verfahren zum pseudonymen Vereinbaren eines Schlüssels zwischen einem portablen Datenträger und einem Terminal

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6038322A (en) * 1998-10-20 2000-03-14 Cisco Technology, Inc. Group key distribution
DE10141396A1 (de) * 2001-08-23 2003-03-13 Deutsche Telekom Ag Verfahren zur Erzeugung eines asymmetrischen kryptografischen Gruppenschlüssels
DE102008055076A1 (de) * 2008-12-22 2010-07-01 Robert Bosch Gmbh Vorrichtung und Verfahren zum Schutz von Daten, Computerprogramm, Computerprogrammprodukt
DE102010035098A1 (de) 2010-08-23 2012-02-23 Giesecke & Devrient Gmbh Verfahren zum Authentisieren eines portablen Datenträgers
DE102010055699A1 (de) * 2010-12-22 2012-06-28 Giesecke & Devrient Gmbh Kryptographisches Verfahren

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO2014037075A1 *

Also Published As

Publication number Publication date
WO2014037075A1 (fr) 2014-03-13
DE102012017835A1 (de) 2014-03-13

Similar Documents

Publication Publication Date Title
DE102012202420B4 (de) Systeme und verfahren für die vorrichtungs- und datenauthentifizierung
EP2656535B1 (fr) Procédé cryptographique
DE102010002241B4 (de) Vorrichtung und Verfahren zur effizienten einseitigen Authentifizierung
DE102012206341A1 (de) Gemeinsame Verschlüsselung von Daten
DE112011100182T5 (de) Transaktionsprüfung für Datensicherheitsvorrichtungen
EP2609711B1 (fr) Procédé pour authentifier un support de données portatif
EP1368929B1 (fr) Procédé d'authentification
DE102013109513A1 (de) Verfahren zur Zertifikaterzeugung und zum Zertifikatwiderruf mit Privatsphärenschutz
DE19829643A1 (de) Verfahren und Vorrichtung zur Block-Verifikation mehrerer digitaler Signaturen und Speichermedium, auf dem das Verfahren gespeichert ist
DE102016205198A1 (de) Nachweisen einer Authentizität eines Gerätes mithilfe eines Berechtigungsnachweises
EP2684312B1 (fr) Procédé d'authentification, document à puce rfid, lecteur de puces rfid et produits programmes d'ordinateur
EP3465513B1 (fr) Authentification d'utilisateur au moyen d'un jeton d'identification
EP2545486B1 (fr) Procédé d'authentification d'un support de données portable
EP2893668B1 (fr) Procede de creation d'une instance derivee d'un support de donnees d'origine
EP2730050B1 (fr) Procédé de création et de vérification d'une signature électronique par pseudonyme
EP2893667A1 (fr) Procédé d'authentification d'un support de données portable
EP3271855B1 (fr) Procédé de génération d'un certificat pour un jeton de sécurité
EP3215977B1 (fr) Procédé de modification d'une structure de données enregistrée dans une carte à puce, dispositif de signature et système électronique
EP2677681A1 (fr) Procédé de communication sécurisée et authentifiée au moins d'un côté entre deux partenaires de communication
EP3235164B1 (fr) Procédé pour convenir de manière pseudonyme d'une clé entre un support d'informations portable et un terminal
DE102015208178A1 (de) Bereitstellen von langfristig gültigen Sicherheitsinformationen
EP2823598B1 (fr) Procédé d'établissement d'une instance dérivée
DE102016008267A1 (de) Einrichtung eines sicheren Kommunikationskanals

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20150410

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: GIESECKE+DEVRIENT MOBILE SECURITY GMBH

17Q First examination report despatched

Effective date: 20180601

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20200422

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20200903