EP1290646A1 - Securisation d'echanges de donnees entre des controleurs - Google Patents
Securisation d'echanges de donnees entre des controleursInfo
- Publication number
- EP1290646A1 EP1290646A1 EP01938340A EP01938340A EP1290646A1 EP 1290646 A1 EP1290646 A1 EP 1290646A1 EP 01938340 A EP01938340 A EP 01938340A EP 01938340 A EP01938340 A EP 01938340A EP 1290646 A1 EP1290646 A1 EP 1290646A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- controller
- key
- sim
- application
- card
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1016—Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Definitions
- the telephone operator marketing SIM cards is unable to foresee, when they are configured, the introduction of all the mother keys in each SIM card, relating to the different additional cards or to the applications which they contain. It is therefore impossible to memorize all the mother keys of the additional cards in the SIM identity cards.
- the terminal TE also includes a speech coding and decoding circuit 31 connected to a microphone 310 and a loudspeaker 311, a microprocessor 32 associated with a non-volatile memory of EEPROM programs 33 and a RAM data memory 34 , and an input-output interface 35 serving the SIM and CA smart cards, a keyboard 36 and a graphic display 37.
- the microprocessor 32 is connected by a bus BU to the interface 30, to the circuit 31, and to the memories 33 and 34 and " by another bus BS at the input-output interface 35.
- the SIM card and the SO short message server communicate through a bidirectional short message service (SMS) channel.
- SMS short message service
- the first authentication A1 assures the additional card C1 that the "daughter" key KA of the selected application AP has indeed been determined by the network RR, that is to say by the server SO.
- the first authentication A1 includes steps Ail to A16. Following step E8, the SIM card transmits a random number request message to the card CA in step Ail.
- the card CA reads a random number NC from its non-volatile memory 22, or else supplies this random number NC thanks to a pseudo-random generator included in the processor 20, in step A12.
- the random number NC is transmitted from the CA card to the SIM card which stores it temporarily.
- an encryption key KC is determined by applying the random numbers NC and
- the encrypted key KAC which is decrypted into the initial key KA in step E15.
- the key KA is then stored in the RAM memory 13 of the SIM card so to use it for mutual authentication of the SIM and CA cards according to the algorithm shown in FIG. 4, or for the determination of the data unit encryption key according to the algorithm shown in FIG. 5.
- the determined number NCi is then transmitted to "first "controller in the SIM card so that the latter selects the set of parameters [NCi, SSi, NSi, RSi] in the quadruplet table received as a function of the determined number NCi transmitted in step al3.
- the invention has been described above with respect to securing data exchange between the controllers of two SIM and CA smart cards, the invention applies generally to securing between any first controller and any second controller having to communicate with each other, the term controller covering a data processing means or unit, such as a microprocessor, or even more completely an entity, such as a terminal, a server, etc.
- the first controller may be a point of sale terminal and the second controller a credit card, the telecommunications network to which the terminal is connected then being the switched telephone network.
- the first and second controllers are those of a dual-mode radiotelephone terminal.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0006880 | 2000-05-26 | ||
FR0006880A FR2809555B1 (fr) | 2000-05-26 | 2000-05-26 | Securisation d'echanges de donnees entre des controleurs |
PCT/FR2001/001621 WO2001093215A1 (fr) | 2000-05-26 | 2001-05-25 | Securisation d'echanges de donnees entre des controleurs |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1290646A1 true EP1290646A1 (fr) | 2003-03-12 |
Family
ID=8850755
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01938340A Withdrawn EP1290646A1 (fr) | 2000-05-26 | 2001-05-25 | Securisation d'echanges de donnees entre des controleurs |
Country Status (6)
Country | Link |
---|---|
US (1) | US20030119482A1 (zh) |
EP (1) | EP1290646A1 (zh) |
CN (1) | CN1185586C (zh) |
AU (1) | AU2001264025A1 (zh) |
FR (1) | FR2809555B1 (zh) |
WO (1) | WO2001093215A1 (zh) |
Families Citing this family (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2825555B1 (fr) * | 2001-05-30 | 2004-03-12 | Nilcom | Systeme de messages courts, notamment de messages prepayes |
US7551913B1 (en) * | 2001-12-05 | 2009-06-23 | At&T Mobility Ii Llc | Methods and apparatus for anonymous user identification and content personalization in wireless communication |
NZ533176A (en) * | 2001-12-25 | 2005-10-28 | Ntt Docomo Inc | Device and method for restricting content access and storage |
US8060139B2 (en) | 2002-06-24 | 2011-11-15 | Toshiba American Research Inc. (Tari) | Authenticating multiple devices simultaneously over a wireless link using a single subscriber identity module |
WO2004105359A2 (en) * | 2003-05-19 | 2004-12-02 | Einar Rosenberg | An apparatus and method for increased security of wireless transactions |
US8676249B2 (en) | 2003-05-19 | 2014-03-18 | Tahnk Wireless Co., Llc | Apparatus and method for increased security of wireless transactions |
US20090015379A1 (en) * | 2004-05-19 | 2009-01-15 | Einar Rosenberg | Apparatus and method for context-based wireless information processing |
FR2856229B1 (fr) * | 2003-06-11 | 2005-09-16 | Ercom Engineering Reseaux Comm | Systeme permettant de securiser des donnees transmises au moyen de telephones mobiles programmables via un reseau de telephonie mobile, notamment de type gsm |
EP1680720B1 (en) * | 2003-11-07 | 2012-01-04 | Telecom Italia S.p.A. | Method and system for the authentication of a user of a data processing system |
FR2863425B1 (fr) * | 2003-12-04 | 2006-02-10 | Gemplus Card Int | Procede et systeme de configuration automatique d'appareil dans un reseau de communication |
US7907935B2 (en) * | 2003-12-22 | 2011-03-15 | Activcard Ireland, Limited | Intelligent remote device |
US7613480B2 (en) * | 2003-12-31 | 2009-11-03 | At&T Mobility Ii Llc | Multiple subscription subscriber identity module (SIM) card |
WO2006002649A1 (en) * | 2004-06-25 | 2006-01-12 | Telecom Italia S.P.A. | Method and system for protecting information exchanged during communication between users |
TWI280770B (en) * | 2004-07-09 | 2007-05-01 | Inventec Appliances Corp | System against illegal use of mobile phone |
US20060099991A1 (en) * | 2004-11-10 | 2006-05-11 | Intel Corporation | Method and apparatus for detecting and protecting a credential card |
JP4709556B2 (ja) * | 2005-01-13 | 2011-06-22 | 株式会社東芝 | 端末機器に装着される電子装置及び通信システム |
KR101207467B1 (ko) * | 2005-12-16 | 2012-12-03 | 삼성전자주식회사 | 이동 통신 시스템에서 세션 정보 관리 방법 및 시스템과 그장치 |
CN101102190A (zh) * | 2006-07-04 | 2008-01-09 | 华为技术有限公司 | 生成本地接口密钥的方法 |
WO2008042302A2 (en) | 2006-09-29 | 2008-04-10 | Narian Technologies Corp. | Apparatus and method using near field communications |
US8254573B2 (en) * | 2007-03-30 | 2012-08-28 | Tektronix, Inc. | System and method for ciphering key forwarding and RRC packet deciphering in a UMTS monitoring system |
HU230695B1 (hu) * | 2007-10-20 | 2017-09-28 | Andrá Vilmos | Eljárás egyedi hozzáférésű információtartalom kommunikációs eszköz biztonságos tároló részegységében történő elhelyezésének előkészítésére, valamint elhelyezésére |
CN101459512B (zh) * | 2007-12-11 | 2010-11-10 | 结行信息技术(上海)有限公司 | 通过不受信任通讯渠道对智能卡安装/初始化应用的方法 |
US9189256B2 (en) * | 2008-11-20 | 2015-11-17 | Nokia Technologies Oy | Method and apparatus for utilizing user identity |
US8447699B2 (en) * | 2009-10-13 | 2013-05-21 | Qualcomm Incorporated | Global secure service provider directory |
WO2011085314A1 (en) * | 2010-01-08 | 2011-07-14 | Gallagher Kevin N | Guest check presenter having a wireless communication device |
EP2458808A1 (en) * | 2010-11-30 | 2012-05-30 | Gemalto SA | Method for accessing a secure element and corresponding secure element and system |
US9064253B2 (en) * | 2011-12-01 | 2015-06-23 | Broadcom Corporation | Systems and methods for providing NFC secure application support in battery on and battery off modes |
FR2999748A1 (fr) * | 2012-12-14 | 2014-06-20 | France Telecom | Procede de securisation d'une demande d'execution d'une premiere application par une deuxieme application |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB9104909D0 (en) * | 1991-03-08 | 1991-04-24 | Int Computers Ltd | Access control in a distributed computer system |
US5369705A (en) * | 1992-06-03 | 1994-11-29 | International Business Machines Corporation | Multi-party secure session/conference |
FR2719925B1 (fr) * | 1994-05-10 | 1996-06-07 | Bull Cp8 | Procédé pour produire une clé commune dans deux dispositifs en vue de mettre en Óoeuvre une procédure cryptographique commune, et appareil associé. |
US5537474A (en) * | 1994-07-29 | 1996-07-16 | Motorola, Inc. | Method and apparatus for authentication in a communication system |
US6069957A (en) * | 1997-03-07 | 2000-05-30 | Lucent Technologies Inc. | Method and apparatus for providing hierarchical key system in restricted-access television system |
FR2771528B1 (fr) * | 1997-11-25 | 2000-01-14 | Gemplus Card Int | Procede de gestion des donnees dans une carte a puce |
US6418472B1 (en) * | 1999-01-19 | 2002-07-09 | Intel Corporation | System and method for using internet based caller ID for controlling access to an object stored in a computer |
US6952770B1 (en) * | 2000-03-14 | 2005-10-04 | Intel Corporation | Method and apparatus for hardware platform identification with privacy protection |
-
2000
- 2000-05-26 FR FR0006880A patent/FR2809555B1/fr not_active Expired - Fee Related
-
2001
- 2001-05-25 EP EP01938340A patent/EP1290646A1/fr not_active Withdrawn
- 2001-05-25 US US10/296,547 patent/US20030119482A1/en not_active Abandoned
- 2001-05-25 CN CNB018133568A patent/CN1185586C/zh not_active Expired - Fee Related
- 2001-05-25 WO PCT/FR2001/001621 patent/WO2001093215A1/fr not_active Application Discontinuation
- 2001-05-25 AU AU2001264025A patent/AU2001264025A1/en not_active Abandoned
Non-Patent Citations (2)
Title |
---|
None * |
See also references of WO0193215A1 * |
Also Published As
Publication number | Publication date |
---|---|
FR2809555A1 (fr) | 2001-11-30 |
CN1185586C (zh) | 2005-01-19 |
US20030119482A1 (en) | 2003-06-26 |
WO2001093215A1 (fr) | 2001-12-06 |
CN1444755A (zh) | 2003-09-24 |
FR2809555B1 (fr) | 2002-07-12 |
AU2001264025A1 (en) | 2001-12-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1290646A1 (fr) | Securisation d'echanges de donnees entre des controleurs | |
EP1190399B1 (fr) | Procede de pre-controle d'un programme contenu dans une carte a puce additionnelle d'un terminal | |
EP1757130B1 (fr) | Deverrouillage securise d'un terminal mobile | |
EP1547426B1 (fr) | Identification d un terminal aupres d un serveur | |
EP1179271B1 (fr) | Terminal radiotelephonique avec une carte a puce dotee d'un navigateur | |
EP1371207B1 (fr) | Dispositif portable pour securiser le trafic de paquets dans une plate-forme hote | |
EP1909462B1 (fr) | Procédé de mise à disposition cloisonnée d'un service électronique | |
CA2566186A1 (fr) | Transfert de donnees entre deux cartes a puce | |
EP1157575B1 (fr) | Authentification dans un reseau de radiotelephonie | |
EP2047697B1 (fr) | Personnalisation d'un terminal de radiocommunication comprenant une carte sim | |
FR2820848A1 (fr) | Gestion dynamique de listes de droits d'acces dans un objet electronique portable | |
EP1190398B1 (fr) | Preparation et execution d'un programme dans une carte a puce additionnelle d'un terminal | |
WO2007066039A2 (fr) | Recouvrement de cles de dechiffrement perimees | |
EP2041686A1 (fr) | Serveur de gestion de donnees confidentielles anonymes | |
EP1400090B1 (fr) | Procede et dispositif de securisation des communications dans un reseau informatique | |
WO2001093528A2 (fr) | Procede de communication securisee entre un reseau et une carte a puce d'un terminal | |
EP3021273A1 (fr) | Procédé de sécurisation d'une transaction entre un terminal mobile et un serveur d'un fournisseur de service par l'intermédiaire d'une plateforme | |
WO2003079714A1 (fr) | Procede d'echange d'informations d'authentification entre une entite de communciation et un serveur-operateur | |
EP1636767A1 (fr) | METHODE D&Dacute;ALLOCATION DE RESSOURCES SECURISEES DANS UN MODUE DE SECURITE | |
EP1413158A1 (fr) | Procede d'acces a un service specifique propose par un operateur virtuel et carte a puce d'un dispositif correspondant | |
EP1461970A1 (fr) | Procede de transmission de donnees entre un terminal d un reseau de telecommunication et un equipement de ce reseau | |
EP1808831A1 (fr) | Préparation et exécution d'un programme dans une carte à puce additionnelle d'un terminal | |
FR2872978A1 (fr) | Procede d'authentification securise sur un reseau sans fil conforme a la norme 802.11, systeme et dispositif pour la mise en oeuvre du procede | |
WO2003003655A1 (fr) | Procede de communication radiofrequence securisee |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20021227 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Extension state: AL LT LV MK RO SI |
|
GRAP | Despatch of communication of intention to grant a patent |
Free format text: ORIGINAL CODE: EPIDOSNIGR1 |
|
GRAS | Grant fee paid |
Free format text: ORIGINAL CODE: EPIDOSNIGR3 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20070704 |