EP1290646A1 - Securisation d'echanges de donnees entre des controleurs - Google Patents

Securisation d'echanges de donnees entre des controleurs

Info

Publication number
EP1290646A1
EP1290646A1 EP01938340A EP01938340A EP1290646A1 EP 1290646 A1 EP1290646 A1 EP 1290646A1 EP 01938340 A EP01938340 A EP 01938340A EP 01938340 A EP01938340 A EP 01938340A EP 1290646 A1 EP1290646 A1 EP 1290646A1
Authority
EP
European Patent Office
Prior art keywords
controller
key
sim
application
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP01938340A
Other languages
German (de)
English (en)
French (fr)
Inventor
Pierre Girard
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gemplus SA
Original Assignee
Gemplus Card International SA
Gemplus SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus Card International SA, Gemplus SA filed Critical Gemplus Card International SA
Publication of EP1290646A1 publication Critical patent/EP1290646A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the telephone operator marketing SIM cards is unable to foresee, when they are configured, the introduction of all the mother keys in each SIM card, relating to the different additional cards or to the applications which they contain. It is therefore impossible to memorize all the mother keys of the additional cards in the SIM identity cards.
  • the terminal TE also includes a speech coding and decoding circuit 31 connected to a microphone 310 and a loudspeaker 311, a microprocessor 32 associated with a non-volatile memory of EEPROM programs 33 and a RAM data memory 34 , and an input-output interface 35 serving the SIM and CA smart cards, a keyboard 36 and a graphic display 37.
  • the microprocessor 32 is connected by a bus BU to the interface 30, to the circuit 31, and to the memories 33 and 34 and " by another bus BS at the input-output interface 35.
  • the SIM card and the SO short message server communicate through a bidirectional short message service (SMS) channel.
  • SMS short message service
  • the first authentication A1 assures the additional card C1 that the "daughter" key KA of the selected application AP has indeed been determined by the network RR, that is to say by the server SO.
  • the first authentication A1 includes steps Ail to A16. Following step E8, the SIM card transmits a random number request message to the card CA in step Ail.
  • the card CA reads a random number NC from its non-volatile memory 22, or else supplies this random number NC thanks to a pseudo-random generator included in the processor 20, in step A12.
  • the random number NC is transmitted from the CA card to the SIM card which stores it temporarily.
  • an encryption key KC is determined by applying the random numbers NC and
  • the encrypted key KAC which is decrypted into the initial key KA in step E15.
  • the key KA is then stored in the RAM memory 13 of the SIM card so to use it for mutual authentication of the SIM and CA cards according to the algorithm shown in FIG. 4, or for the determination of the data unit encryption key according to the algorithm shown in FIG. 5.
  • the determined number NCi is then transmitted to "first "controller in the SIM card so that the latter selects the set of parameters [NCi, SSi, NSi, RSi] in the quadruplet table received as a function of the determined number NCi transmitted in step al3.
  • the invention has been described above with respect to securing data exchange between the controllers of two SIM and CA smart cards, the invention applies generally to securing between any first controller and any second controller having to communicate with each other, the term controller covering a data processing means or unit, such as a microprocessor, or even more completely an entity, such as a terminal, a server, etc.
  • the first controller may be a point of sale terminal and the second controller a credit card, the telecommunications network to which the terminal is connected then being the switched telephone network.
  • the first and second controllers are those of a dual-mode radiotelephone terminal.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mobile Radio Communication Systems (AREA)
EP01938340A 2000-05-26 2001-05-25 Securisation d'echanges de donnees entre des controleurs Withdrawn EP1290646A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0006880 2000-05-26
FR0006880A FR2809555B1 (fr) 2000-05-26 2000-05-26 Securisation d'echanges de donnees entre des controleurs
PCT/FR2001/001621 WO2001093215A1 (fr) 2000-05-26 2001-05-25 Securisation d'echanges de donnees entre des controleurs

Publications (1)

Publication Number Publication Date
EP1290646A1 true EP1290646A1 (fr) 2003-03-12

Family

ID=8850755

Family Applications (1)

Application Number Title Priority Date Filing Date
EP01938340A Withdrawn EP1290646A1 (fr) 2000-05-26 2001-05-25 Securisation d'echanges de donnees entre des controleurs

Country Status (6)

Country Link
US (1) US20030119482A1 (zh)
EP (1) EP1290646A1 (zh)
CN (1) CN1185586C (zh)
AU (1) AU2001264025A1 (zh)
FR (1) FR2809555B1 (zh)
WO (1) WO2001093215A1 (zh)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2825555B1 (fr) * 2001-05-30 2004-03-12 Nilcom Systeme de messages courts, notamment de messages prepayes
US7551913B1 (en) * 2001-12-05 2009-06-23 At&T Mobility Ii Llc Methods and apparatus for anonymous user identification and content personalization in wireless communication
NZ533176A (en) * 2001-12-25 2005-10-28 Ntt Docomo Inc Device and method for restricting content access and storage
US8060139B2 (en) 2002-06-24 2011-11-15 Toshiba American Research Inc. (Tari) Authenticating multiple devices simultaneously over a wireless link using a single subscriber identity module
WO2004105359A2 (en) * 2003-05-19 2004-12-02 Einar Rosenberg An apparatus and method for increased security of wireless transactions
US8676249B2 (en) 2003-05-19 2014-03-18 Tahnk Wireless Co., Llc Apparatus and method for increased security of wireless transactions
US20090015379A1 (en) * 2004-05-19 2009-01-15 Einar Rosenberg Apparatus and method for context-based wireless information processing
FR2856229B1 (fr) * 2003-06-11 2005-09-16 Ercom Engineering Reseaux Comm Systeme permettant de securiser des donnees transmises au moyen de telephones mobiles programmables via un reseau de telephonie mobile, notamment de type gsm
EP1680720B1 (en) * 2003-11-07 2012-01-04 Telecom Italia S.p.A. Method and system for the authentication of a user of a data processing system
FR2863425B1 (fr) * 2003-12-04 2006-02-10 Gemplus Card Int Procede et systeme de configuration automatique d'appareil dans un reseau de communication
US7907935B2 (en) * 2003-12-22 2011-03-15 Activcard Ireland, Limited Intelligent remote device
US7613480B2 (en) * 2003-12-31 2009-11-03 At&T Mobility Ii Llc Multiple subscription subscriber identity module (SIM) card
WO2006002649A1 (en) * 2004-06-25 2006-01-12 Telecom Italia S.P.A. Method and system for protecting information exchanged during communication between users
TWI280770B (en) * 2004-07-09 2007-05-01 Inventec Appliances Corp System against illegal use of mobile phone
US20060099991A1 (en) * 2004-11-10 2006-05-11 Intel Corporation Method and apparatus for detecting and protecting a credential card
JP4709556B2 (ja) * 2005-01-13 2011-06-22 株式会社東芝 端末機器に装着される電子装置及び通信システム
KR101207467B1 (ko) * 2005-12-16 2012-12-03 삼성전자주식회사 이동 통신 시스템에서 세션 정보 관리 방법 및 시스템과 그장치
CN101102190A (zh) * 2006-07-04 2008-01-09 华为技术有限公司 生成本地接口密钥的方法
WO2008042302A2 (en) 2006-09-29 2008-04-10 Narian Technologies Corp. Apparatus and method using near field communications
US8254573B2 (en) * 2007-03-30 2012-08-28 Tektronix, Inc. System and method for ciphering key forwarding and RRC packet deciphering in a UMTS monitoring system
HU230695B1 (hu) * 2007-10-20 2017-09-28 Andrá Vilmos Eljárás egyedi hozzáférésű információtartalom kommunikációs eszköz biztonságos tároló részegységében történő elhelyezésének előkészítésére, valamint elhelyezésére
CN101459512B (zh) * 2007-12-11 2010-11-10 结行信息技术(上海)有限公司 通过不受信任通讯渠道对智能卡安装/初始化应用的方法
US9189256B2 (en) * 2008-11-20 2015-11-17 Nokia Technologies Oy Method and apparatus for utilizing user identity
US8447699B2 (en) * 2009-10-13 2013-05-21 Qualcomm Incorporated Global secure service provider directory
WO2011085314A1 (en) * 2010-01-08 2011-07-14 Gallagher Kevin N Guest check presenter having a wireless communication device
EP2458808A1 (en) * 2010-11-30 2012-05-30 Gemalto SA Method for accessing a secure element and corresponding secure element and system
US9064253B2 (en) * 2011-12-01 2015-06-23 Broadcom Corporation Systems and methods for providing NFC secure application support in battery on and battery off modes
FR2999748A1 (fr) * 2012-12-14 2014-06-20 France Telecom Procede de securisation d'une demande d'execution d'une premiere application par une deuxieme application

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB9104909D0 (en) * 1991-03-08 1991-04-24 Int Computers Ltd Access control in a distributed computer system
US5369705A (en) * 1992-06-03 1994-11-29 International Business Machines Corporation Multi-party secure session/conference
FR2719925B1 (fr) * 1994-05-10 1996-06-07 Bull Cp8 Procédé pour produire une clé commune dans deux dispositifs en vue de mettre en Óoeuvre une procédure cryptographique commune, et appareil associé.
US5537474A (en) * 1994-07-29 1996-07-16 Motorola, Inc. Method and apparatus for authentication in a communication system
US6069957A (en) * 1997-03-07 2000-05-30 Lucent Technologies Inc. Method and apparatus for providing hierarchical key system in restricted-access television system
FR2771528B1 (fr) * 1997-11-25 2000-01-14 Gemplus Card Int Procede de gestion des donnees dans une carte a puce
US6418472B1 (en) * 1999-01-19 2002-07-09 Intel Corporation System and method for using internet based caller ID for controlling access to an object stored in a computer
US6952770B1 (en) * 2000-03-14 2005-10-04 Intel Corporation Method and apparatus for hardware platform identification with privacy protection

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO0193215A1 *

Also Published As

Publication number Publication date
FR2809555A1 (fr) 2001-11-30
CN1185586C (zh) 2005-01-19
US20030119482A1 (en) 2003-06-26
WO2001093215A1 (fr) 2001-12-06
CN1444755A (zh) 2003-09-24
FR2809555B1 (fr) 2002-07-12
AU2001264025A1 (en) 2001-12-11

Similar Documents

Publication Publication Date Title
EP1290646A1 (fr) Securisation d'echanges de donnees entre des controleurs
EP1190399B1 (fr) Procede de pre-controle d'un programme contenu dans une carte a puce additionnelle d'un terminal
EP1757130B1 (fr) Deverrouillage securise d'un terminal mobile
EP1547426B1 (fr) Identification d un terminal aupres d un serveur
EP1179271B1 (fr) Terminal radiotelephonique avec une carte a puce dotee d'un navigateur
EP1371207B1 (fr) Dispositif portable pour securiser le trafic de paquets dans une plate-forme hote
EP1909462B1 (fr) Procédé de mise à disposition cloisonnée d'un service électronique
CA2566186A1 (fr) Transfert de donnees entre deux cartes a puce
EP1157575B1 (fr) Authentification dans un reseau de radiotelephonie
EP2047697B1 (fr) Personnalisation d'un terminal de radiocommunication comprenant une carte sim
FR2820848A1 (fr) Gestion dynamique de listes de droits d'acces dans un objet electronique portable
EP1190398B1 (fr) Preparation et execution d'un programme dans une carte a puce additionnelle d'un terminal
WO2007066039A2 (fr) Recouvrement de cles de dechiffrement perimees
EP2041686A1 (fr) Serveur de gestion de donnees confidentielles anonymes
EP1400090B1 (fr) Procede et dispositif de securisation des communications dans un reseau informatique
WO2001093528A2 (fr) Procede de communication securisee entre un reseau et une carte a puce d'un terminal
EP3021273A1 (fr) Procédé de sécurisation d'une transaction entre un terminal mobile et un serveur d'un fournisseur de service par l'intermédiaire d'une plateforme
WO2003079714A1 (fr) Procede d'echange d'informations d'authentification entre une entite de communciation et un serveur-operateur
EP1636767A1 (fr) METHODE D&Dacute;ALLOCATION DE RESSOURCES SECURISEES DANS UN MODUE DE SECURITE
EP1413158A1 (fr) Procede d'acces a un service specifique propose par un operateur virtuel et carte a puce d'un dispositif correspondant
EP1461970A1 (fr) Procede de transmission de donnees entre un terminal d un reseau de telecommunication et un equipement de ce reseau
EP1808831A1 (fr) Préparation et exécution d'un programme dans une carte à puce additionnelle d'un terminal
FR2872978A1 (fr) Procede d'authentification securise sur un reseau sans fil conforme a la norme 802.11, systeme et dispositif pour la mise en oeuvre du procede
WO2003003655A1 (fr) Procede de communication radiofrequence securisee

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20021227

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20070704