EP1726121A1 - Anonymes authentifikationsverfahren - Google Patents
Anonymes authentifikationsverfahrenInfo
- Publication number
- EP1726121A1 EP1726121A1 EP05736911A EP05736911A EP1726121A1 EP 1726121 A1 EP1726121 A1 EP 1726121A1 EP 05736911 A EP05736911 A EP 05736911A EP 05736911 A EP05736911 A EP 05736911A EP 1726121 A1 EP1726121 A1 EP 1726121A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- authentication
- counter
- entity
- value
- client entity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/42—Anonymization, e.g. involving pseudonyms
Definitions
- the present invention relates to a method of authentication by secret key of at least one user, for example in order to authorize or not this user to access resources when the anonymity of the user who s authenti ie, is required.
- resources must be taken with very broad acceptance and generally designates any function, application, service, set of data to which a user can access and whose access is conditioned by prior authorization issued at the end of an authentication procedure.
- it may be a service provided by a specialized server, a function for accessing a network, an IT resource such as a database or a software application available on a server. and can be shared by several users.
- authentication is a security service carried out by an authentication entity, the objective of which is to validate the identity of a user who wishes to identify himself, thereby contributing even proof of the legitimacy of this user to access the resources concerned.
- An authentication entity commonly designates any equipment, machine or computer system which makes it possible to centralize an authentication process and which is accessible by users wishing to authenticate themselves for access to resources, via a telecommunications network.
- a user wishing to trigger an authentication process has a client entity allowing him to communicate with the entity authentication.
- a client entity in the present description designates any electronic system or equipment making it possible to exchange data with the authentication entity, preferably without contact.
- authentication by secret key is essentially characterized by the succession of following steps as shown in FIG. 1.
- a client entity A when a client entity A wishes to authenticate itself with an authentication entity B , it first provides its identity to entity B, in the form of a static identifier which is specific to it, t then proves it by the use of a secret key K A known and shared by the entities A and B only.
- the authentication entity B receives an authentication request sent by a client entity presenting itself to it as the holder of identity A, said authentication entity first generates a random number called a random number, or also called challenge, and sends this hazard to client entity A.
- the client entity encrypts, we also say sign, the hazard received according to a predefined cryptographic algorithm with secret key, such as the DES algorithm ( English acronym for “Data Encryption Standard”).
- the entity A then returns to the authentication entity B the value C (K A , random), where C is a cryptographic function.
- Entity B performs the same calculation using the cryptographic function C and the secret key of AK A , and compares the result obtained with the value returned to it by entity A.
- the authentication entity B validates the authentication, thereby signifying that A has succeeded in authenticating itself.
- the validation of the authentication results for example, in the sending by the authentication entity to the client entity A which has been authenticated, of access rights to the resources.
- Such secret key authentication methods are widely used in telecommunications networks, but nevertheless present a certain number of drawbacks with regard to guaranteeing the anonymity of the client entity wishing to authenticate. Indeed, to initialize the authentication process, a specific identifier of the client entity is necessarily transmitted in clear to the authentication entity. Thus, a malicious third party is able to know the specific identifier of the entity which authenticates by observing the transaction between the authentication entity and the authenticated entity.
- the specific identifier of an entity wishing to authenticate can also be deduced by a malicious third party acting this time in an active way, that is to say by initiating an authentication process by posing as a authentication entity vis-à-vis the authenticating entity.
- An authenticating entity can still be recognized by observing its behavior and, more particularly by observing the responses provided by the entity during previous authentication processes. Indeed, the answers provided by . an authenticating entity are characteristic of certain entries corresponding to the hazards which have been submitted to it by the authenticating entity and, for the same entry, the authenticating entity will always provide the same response. By observing beforehand the response of the entity to characteristic random values, it is possible to recognize an authenticating entity by resubmitting to it one of these random values for which a response from the entity has already been observed.
- an entity that signs hazards to authenticate can be characterized by its response for a particular hazard valevr (for example, 0, 10, 100, 1000, etc.). By observing two successive identifications with the same hazard, it is therefore possible to deduce whether these are two distinct entities or the same entity which are authenticated.
- the present invention aims to remedy these drawbacks by proposing an authentication method based on a secret key encryption algorithm, in which the anonymity of the authenticating entity is guaranteed, so that only one legitimate authentication entity can recognize the identity of the authenticating entity and no one else.
- the subject of the invention is a method of authenticating at least one client entity with an authentication entity, said authentication entity comprising a set of secret keys, each being associated with a client entity. likely to be identified by said entity authentication, said method being characterized in that it comprises the following steps consisting in: a-transmitting an anonymous authentication request from the client entity to the authentication entity; b-send from the authentication entity to the client entity, an authentication counter value corresponding to the current state of a counter of the authentication entity; c-check, on the client entity side, that the counter value (of authentication received is strictly greater than a counter value stored by the client entity; d-calculate, on the client entity side, a counter signature by applying a cryptographic function shared by the client entity and the authentication entity, with as operands said authentication counter value and a secret key associated with the client entity; e-transmitting said counter signature to the entity authentication; f-update the counter value memorized by the client entity with said authentication counter value; g-search, at the authentication
- the search step consists in: i-calculating, for each client entity likely to be identified, the corresponding counter signature by application of the cryptographic function with as operands the authentication counter value and the associated secret key, so as to establish a list of pairs of client entity capable of being identified / corresponding counter signature, for said counter value; j -check the consistency between the counter signature received and at least one counter signature from said list.
- the list of pairs of client entity capable of being identified / corresponding counter signature established for a given authentication counter value is ordered, on the authentication entity side, according to the value of said counter signature.
- steps b) to h) are repeated until a single pair is obtained for which the signature counter corresponds to the counter signature received.
- the counter signature is calculated only for the client entities corresponding to said plurality of pairs determined in the previous iteration.
- the method according to the invention consists in implementing step i) in advance with respect to an authentication request originating from a client entity in step a), said advance step i) consisting to be pre-established, on the authentication entity side, for at least one future authentication counter value, the list of pairs of client entity likely to be identified / corresponding counter signature for each of said authentication counter values to come, and memorize said pre-established lists on the authentication entity side, any sending of the authentication entity to the client entity of an authentication counter value, corresponding to the sending of a value of authentication counter for which a list of client entity pairs likely to be identified / corresponding counter signature has already been pre-established.
- step h) consists in increasing the authentication counter by a fixed step.
- step h.) Consists in increasing the authentication counter by a random step.
- step b) in response to an authentication request, consists in sending, on the authentication entity side, in addition to the authentication counter value, a random value associated with said value of counter, said random value being different for each of the authentication counter values sent, each counter signing step implemented during said method being replaced by a step of signing the authentication counter value / value pair associated random, consisting of the application of the cryptographic function further comprising as operand said associated random value.
- step c) also consists in verifying that the difference between the authentication counter value received and the counter value stored by the client entity is less than or equal to a predetermined value.
- step c) when step c) is not verified, the following intermediate steps are implemented consisting of:
- step h updating the value of the authentication counter corresponding to the current state of the counter of the authentication entity with the value of the temporary authentication counter and implementing step h).
- step e) consists in further transmitting to the authentication entity the authentication counter value.
- the authentication counter value is coded at least 128 bits.
- the invention also relates to a smart card, characterized in that it comprises an integrated circuit and means for memorizing a secret key and for implementing the method according to the invention. Preferably, it is a contactless smart card.
- the invention also relates to an authentication entity of at least one client entity, characterized in that it comprises a smart card reader provided with means for implementing the method according to the invention.
- the authentication entity comprises a contactless smart card reader.
- FIG. 1 is a diagram illustrating a secret key authentication process according to the state of the art, and has already been described;
- FIG. 2 is a diagram illustrating the main steps of the authentication method according to the present invention.
- FIG. 2 therefore describes the main steps of the method of authentication by secret key of a client entity A by an authentication entity B, according to the present invention.
- the entity A wishing to authenticate has its own secret key K A , a means of memorizing a counter value CA, as well as a cryptographic signature function S, also shared by the authentication entity B, and which is intended to apply with the following two operands: a secret key and a counter value, so as to sign the counter value.
- the authentication entity B comprises a list of pairs (Ai, K A i), Ai being the name of one of the n client entities capable of being authenticated by the authentication entity B and K A i being the secret key associated with the client entity Ai which is specific to it.
- the authentication entity .. also includes a counter COMPTB delivering a counter value CB and the cryptographic function S, identical to that implemented in the client entity A.
- the procedure for the anonymous authentication process is as follows.
- the client entity A wants to authenticate with the authentication entity B, it signals itself to B by the transmission of an anonymous authentication request "RequestAuthentication”.
- the authentication entity B sends to the client entity A the counter value CB corresponding to the current state of its counter COMPTB.
- the client entity A compares the counter value CB received with the counter value CA memorized by client entity A.
- two possibilities are available to client entity A:
- the client entity A signs the counter value received CB by application of the cryptographic function S with as operands the secret key K A associated with the client entity A and the counter value CB.
- the result of this counter signature operation S (K A , CB) is transmitted from the client entity A to the authentication entity B.
- the client entity A then updates its counter value in a fifth step stored CA with the last lawful counter value transmitted to it by the authentication entity B, namely CB.
- the authentication entity B searches for at least one client entity Ai from among the n client entities that it is capable of authenticating, for which the corresponding signature of the counter value CB S (K A ⁇ , CB) is consistent with the counter signature received from the client entity seeking to authenticate S (K A , CB).
- the authentication entity B increases the counter value CB for a next authentication request.
- the authentication entity B can systematically repeat the authentication process at least a second time in order to ensure that it recognizes the same client entity each time. The process can even be repeated N times, until a probability of falling at random N times on a signature value "corresponding to the same client entity sufficiently low.
- Another optimization of the authentication process concerns the management of collision cases.
- a collision case that is to say that several client entities Ai capable of being identified by the authentication entity B have been found for which the counter signature S (K A ⁇ , CB) is consistent with the received counter signature S (K A , CB).
- the sixth step consisting of the search phase by the authentication entity of at least one client entity Ai among the n client entities that it is capable of authenticating, for which the corresponding signature of the value of counter CB S (K A ⁇ , CB) is consistent with the counter signature received from the client entity which seeks to authenticate S (K A , CB), can be implemented as follows.
- the authentication entity B calculates, for each client entity Ai capable of being identified, the corresponding counter signature S (K A ⁇ , CB) by application of the function cryptographic S with as operands the authentication counter value CB and the associated secret key K A ⁇ , so as to establish a list of client entity pairs capable of being identified / corresponding counter signature (Ai, S (K A i , CB)), for the current counter value CB.
- the phase of calculation by B, for each client entity Ai capable of being identified, of the corresponding counter signature S (K A i, CB), so as to establish the list of pairs of client entities likely to be identified / corresponding counter signature (Ai, S (K A ⁇ , CB)), for the current counter value CB can be very long and penalizing in terms of response time.
- the authentication entity ication B will respond by sending an authentication count value CB for which the list (Ai, S ( A i, CB)) will already have been established.
- any sending from B to A of an authentication counter value CB will correspond to an authentication counter value for which a list (Ai, S (K A ⁇ , CB) ) will already have been established.
- the search for a couple in this ordered list for which the counter signature S (K A i, CB) corresponds to S (K A , CB) can then be made according to a dichotomous search.
- the client entity sought is in this case found average after performing log 2 (n) operations, which saves a lot of time.
- the CB counter Since the CB counter is unique for each authentication, it can be used as an authentication session identifier. Thus, if several entities Ai are being authenticated simultaneously by the entity B, the latter can distinguish the dialogs thanks to this value. It is sufficient for this that the client entities seeking to authenticate return the value CB in addition to the signature value S (KA, CB).
- the counter COMPTB supplying the value of authentication counter CB increases by a fixed step.
- the fact that the counter CB grows by a fixed step makes it possible to predict the values of authentication counter which will be used during the future authentications.
- a hacker can request several values S (K A , CB) from an entity A for several values of counters CB and, subsequently, seek to authenticate himself with entity B by returning to him the values previously obtained from client entity A.
- the hacker can authenticate himself by posing as A.
- Two types of countermeasures against such an attack on the authentication system can be implemented.
- a first display consists in increasing the counter COMPTB by a random step at each authentication, so as to no longer use successive values of CB.
- the meter must have a greater capacity so as not to come into abutment.
- Another parade consists in no longer having the client entity A sign seeking to authenticate a simple counter value CB, but a couple (CB, random), CB incrementing regularly and random taking random values.
- the random value is intended to be different for each of the authentication counter values sent, and each counter signature step implemented during the authentication process in any of its variants is then replaced by a step. signature of the JCB pair, random), consisting in the application of the cryptographic function S with in addition as operand said associated random value.
- the authentication method as just described is vulnerable to counter jump attacks, based on the fact that the entities A and B synchronize with the counter value CB at each authentication.
- a malicious machine can impersonate the authentication entity B and send to the client entity A seeking to authenticate a counter value much greater than the effective authentication counter value CB, corresponding to the current value of the counter COMPTB of the entity B.
- the entity A can no longer respond following an authentication request as long as the value counter CB of the authentication entity B will not have caught up with this value CA, because of the test of the third step.
- the malicious machine provides entity A a maximum counter value, the latter, by updating its stored counter value CA to this maximum value, becomes permanently unusable thereafter.
- the countermeasures to these attacks relate more particularly to the third step of the authentication process, where the client entity A compares the counter value CB received with the counter value CA stored by the client entity A.
- the entity A signals to the entity B that its stored counter value CA is greater than the value CB and returns CA to it;
- the other steps of the authentication process are implemented on the basis of this value of CB t e m o r ai r e, and if the authentication of the entity A succeeds with CB temp0r ai re , then l entity B updates its value of authentication counter CB corresponding to the current state of its counter COMPTB with the value of authentication counter CB tem p 0 rai r e. Finally, the counter is incremented for a next authentication.
- This process allows the authentication entity to guard against a counter jump attack. Indeed, it will first authenticate the client entity A with CBtemp or aire, before updating its counter. This process also allows the client entity A to synchronize the counter of the authentication entity B with its stored counter value, if the latter had suffered a counter jump attack.
- entity B can also implement additional protections. For example, B may allow only a certain number of these counter synchronizations per client entity and per period. Likewise, B can authorize these protections only within a reasonable limit where the difference between the value of counter memorized by the client entity CA and the value of authentication counter CB is less than a predetermined value.
- the counter values CA and CB can be binary numbers coded on at least 128 bits, which makes it possible to execute 2,128 authentications before the system arrives at the completion of the counter COMPTB.
- the steps of the method according to the invention on the client entity side are implemented on a smart card, preferably a contactless smart card.
- a smart card for implementing the steps of the method according to the invention requires only little computational capacity since the operations to be executed are simple (at most the signature of a counter).
- the authentication entity then takes the form of a smart card reader with or without contact.
- only a legitimate authentication entity can recognize the identity of the client entity seeking to authenticate.
- the identity of the client entity A seeking to authenticate itself is known only to the authentication entity B and is never revealed during the authentication.
- the client entity A does not know under which name it is identified by the authentication entity.
- the authenticating entity actually has no static identity that could be revealed.
- a malicious third party is unable to distinguish entities. In view of two successive authentications, it is not possible to say whether these are two separate entities or the same entity that have authenticated. Anonymity is therefore complete.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0402674A FR2867930A1 (fr) | 2004-03-16 | 2004-03-16 | Procede d'authentification anonyme |
PCT/FR2005/000528 WO2005101726A1 (fr) | 2004-03-16 | 2005-03-04 | Procede d'authentification anonyme |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1726121A1 true EP1726121A1 (de) | 2006-11-29 |
Family
ID=34896544
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP05736911A Withdrawn EP1726121A1 (de) | 2004-03-16 | 2005-03-04 | Anonymes authentifikationsverfahren |
Country Status (6)
Country | Link |
---|---|
US (1) | US20080270798A1 (de) |
EP (1) | EP1726121A1 (de) |
JP (1) | JP2007529935A (de) |
CN (1) | CN1934823A (de) |
FR (1) | FR2867930A1 (de) |
WO (1) | WO2005101726A1 (de) |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2874144A1 (fr) * | 2004-08-03 | 2006-02-10 | France Telecom | Procede d'authentification anonyme base sur un algorithme cryptographique de type asymetrique |
WO2007048969A1 (fr) * | 2005-10-24 | 2007-05-03 | France Telecom | Serveur, systeme et procede pour le chiffrement de donnees numeriques, en particulier pour la signature electronique de donnees numeriques au nom d'un groupe d'utilisateurs |
GB2450131B (en) * | 2007-06-13 | 2009-05-06 | Ingenia Holdings | Fuzzy Keys |
US8051097B2 (en) * | 2008-12-15 | 2011-11-01 | Apple Inc. | System and method for authentication using a shared table and sorting exponentiation |
JP5434203B2 (ja) * | 2009-04-02 | 2014-03-05 | 大日本印刷株式会社 | 認証装置、認証プログラム、認証システム、パスワード生成装置、携帯型セキュリティデバイス、およびパスワード生成プログラム |
CN101997688B (zh) * | 2010-11-12 | 2013-02-06 | 西安西电捷通无线网络通信股份有限公司 | 一种匿名实体鉴别方法及系统 |
CN101984577B (zh) | 2010-11-12 | 2013-05-01 | 西安西电捷通无线网络通信股份有限公司 | 匿名实体鉴别方法及系统 |
EP2461534A1 (de) * | 2010-12-01 | 2012-06-06 | Irdeto B.V. | Steuerwortschutz |
US20120222100A1 (en) * | 2011-02-24 | 2012-08-30 | International Business Machines Corporation | Advanced captcha using integrated images |
CN103312499B (zh) | 2012-03-12 | 2018-07-03 | 西安西电捷通无线网络通信股份有限公司 | 一种身份认证方法及系统 |
CN103312670A (zh) | 2012-03-12 | 2013-09-18 | 西安西电捷通无线网络通信股份有限公司 | 一种认证方法及系统 |
US9998494B2 (en) * | 2013-09-13 | 2018-06-12 | GM Global Technology Operations LLC | Methods and apparatus for secure communication in a vehicle-based data communication system |
MX2021003138A (es) | 2018-10-02 | 2021-05-14 | Capital One Services Llc | Sistemas y metodos para autentificacion criptografica de tarjetas sin contacto. |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2203131C (en) * | 1994-10-27 | 2004-03-30 | Gene Tsudik | Method and apparatus for secure identification of a mobile user in a communication network |
FR2757723B1 (fr) * | 1996-12-24 | 1999-01-15 | France Telecom | Procede d'authentification aupres d'un systeme de controle d'acces et/ou de paiement |
US5708710A (en) * | 1995-06-23 | 1998-01-13 | Motorola, Inc. | Method and apparatus for authentication in a communication system |
FR2745965B1 (fr) * | 1996-03-08 | 1998-09-04 | Inside Technologies | Procede d'authentification d'un emetteur au cours d'une communication a un seul sens |
US6519647B1 (en) * | 1999-07-23 | 2003-02-11 | Microsoft Corporation | Methods and apparatus for synchronizing access control in a web server |
JP4326189B2 (ja) * | 2002-06-10 | 2009-09-02 | 健 坂村 | 自律型icカード及び通信システム |
US7373509B2 (en) * | 2003-12-31 | 2008-05-13 | Intel Corporation | Multi-authentication for a computing device connecting to a network |
-
2004
- 2004-03-16 FR FR0402674A patent/FR2867930A1/fr not_active Withdrawn
-
2005
- 2005-03-04 EP EP05736911A patent/EP1726121A1/de not_active Withdrawn
- 2005-03-04 WO PCT/FR2005/000528 patent/WO2005101726A1/fr active Application Filing
- 2005-03-04 JP JP2007503366A patent/JP2007529935A/ja not_active Withdrawn
- 2005-03-04 CN CNA2005800086938A patent/CN1934823A/zh active Pending
- 2005-03-04 US US10/593,124 patent/US20080270798A1/en not_active Abandoned
Non-Patent Citations (1)
Title |
---|
See references of WO2005101726A1 * |
Also Published As
Publication number | Publication date |
---|---|
FR2867930A1 (fr) | 2005-09-23 |
US20080270798A1 (en) | 2008-10-30 |
JP2007529935A (ja) | 2007-10-25 |
CN1934823A (zh) | 2007-03-21 |
WO2005101726A1 (fr) | 2005-10-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2005101726A1 (fr) | Procede d'authentification anonyme | |
EP1922632B1 (de) | Verfahren und vorrichtung für ein erweitertes einmaliges passwort | |
EP2347541B1 (de) | Authentifikationssystem | |
EP3280089B1 (de) | Schlüsselerzeugungsverfahren und zugangskontrollverfahren | |
EP2811708B1 (de) | System und Methode zur Authentifizierung eines Benutzers | |
WO2006024732A1 (fr) | Procede d'authentification anonyme base sur un algorithme cryptographique de type asymetrique | |
EP2345202A2 (de) | Digitalsignaturverfahren in zwei schritten | |
FR2964812A1 (fr) | Procede d'authentification pour l'acces a un site web | |
EP1055203B1 (de) | Zugangskontrollprotokoll zwischen einem schlüssel und einem elektronischen schloss | |
EP1851901B1 (de) | Verfahren zur schnellen vorauthentifikation durch distanzerkennung | |
EP1166496A1 (de) | Verfahren und vorrichtung zur authentifizierung und digitalen signaturerzeugung einer nachricht, mit der hilfe von kleineren parametern | |
EP2509025A1 (de) | Zugriffsverfahren auf eine geschützte Quelle einer gesicherten persönlichen Vorrichtung | |
EP0803790B1 (de) | Verfahren zur Verdeckung eines Geheimcodes in einer Rechnerbeglaubigungsvorrichtung | |
EP2568406B1 (de) | Verfahren zur Verwendung von kryptografischen Daten eines Benutzers, die in einer Datenbank gespeichert sind, von einem Endgerät aus | |
WO2003107587A1 (fr) | Procede et dispositif d’interface pour echanger de maniere protegee des donnees de contenu en ligne | |
CN109145543B (zh) | 一种身份认证方法 | |
WO2019145620A1 (fr) | Système sécurisé de transactions entre terminaux | |
WO2006027430A1 (fr) | Procede d’authentification entre entites communiquant entre elles au travers d’un reseau de telecommunications | |
WO2012022856A1 (fr) | Procédé d'authentification d' un utilisateur du réseau internet | |
WO2011012788A1 (fr) | Procede d'authentification securisee d'acces a des donnees chiffrees | |
EP2115657A2 (de) | Verfahren und system zur autorisierung des zugriffs auf einen server | |
FR3076153A1 (fr) | Procede pour creer une signature electronique a distance au moyen du protocole fido | |
FR2875981A1 (fr) | Procede et dispositif de filtrage pour detecter une usurpation d'adresse dans un reseau informatique | |
WO2013140078A1 (fr) | Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet | |
EP1323260A1 (de) | Verfahren zum authentifizieren eines elektronischen dokuments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20060905 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: CHARLES, OLIVIER Inventor name: ARDITTI, DAVID Inventor name: NGUYEN NGOC, SEBASTIEN Inventor name: BARITAUD, THIERRY |
|
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20081001 |