EP1726121A1 - Anonymes authentifikationsverfahren - Google Patents

Anonymes authentifikationsverfahren

Info

Publication number
EP1726121A1
EP1726121A1 EP05736911A EP05736911A EP1726121A1 EP 1726121 A1 EP1726121 A1 EP 1726121A1 EP 05736911 A EP05736911 A EP 05736911A EP 05736911 A EP05736911 A EP 05736911A EP 1726121 A1 EP1726121 A1 EP 1726121A1
Authority
EP
European Patent Office
Prior art keywords
authentication
counter
entity
value
client entity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP05736911A
Other languages
English (en)
French (fr)
Inventor
Olivier Charles
David Arditti
Sébastien NGUYEN NGOC
Thierry Baritaud
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Orange SA
Original Assignee
France Telecom SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by France Telecom SA filed Critical France Telecom SA
Publication of EP1726121A1 publication Critical patent/EP1726121A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms

Definitions

  • the present invention relates to a method of authentication by secret key of at least one user, for example in order to authorize or not this user to access resources when the anonymity of the user who s authenti ie, is required.
  • resources must be taken with very broad acceptance and generally designates any function, application, service, set of data to which a user can access and whose access is conditioned by prior authorization issued at the end of an authentication procedure.
  • it may be a service provided by a specialized server, a function for accessing a network, an IT resource such as a database or a software application available on a server. and can be shared by several users.
  • authentication is a security service carried out by an authentication entity, the objective of which is to validate the identity of a user who wishes to identify himself, thereby contributing even proof of the legitimacy of this user to access the resources concerned.
  • An authentication entity commonly designates any equipment, machine or computer system which makes it possible to centralize an authentication process and which is accessible by users wishing to authenticate themselves for access to resources, via a telecommunications network.
  • a user wishing to trigger an authentication process has a client entity allowing him to communicate with the entity authentication.
  • a client entity in the present description designates any electronic system or equipment making it possible to exchange data with the authentication entity, preferably without contact.
  • authentication by secret key is essentially characterized by the succession of following steps as shown in FIG. 1.
  • a client entity A when a client entity A wishes to authenticate itself with an authentication entity B , it first provides its identity to entity B, in the form of a static identifier which is specific to it, t then proves it by the use of a secret key K A known and shared by the entities A and B only.
  • the authentication entity B receives an authentication request sent by a client entity presenting itself to it as the holder of identity A, said authentication entity first generates a random number called a random number, or also called challenge, and sends this hazard to client entity A.
  • the client entity encrypts, we also say sign, the hazard received according to a predefined cryptographic algorithm with secret key, such as the DES algorithm ( English acronym for “Data Encryption Standard”).
  • the entity A then returns to the authentication entity B the value C (K A , random), where C is a cryptographic function.
  • Entity B performs the same calculation using the cryptographic function C and the secret key of AK A , and compares the result obtained with the value returned to it by entity A.
  • the authentication entity B validates the authentication, thereby signifying that A has succeeded in authenticating itself.
  • the validation of the authentication results for example, in the sending by the authentication entity to the client entity A which has been authenticated, of access rights to the resources.
  • Such secret key authentication methods are widely used in telecommunications networks, but nevertheless present a certain number of drawbacks with regard to guaranteeing the anonymity of the client entity wishing to authenticate. Indeed, to initialize the authentication process, a specific identifier of the client entity is necessarily transmitted in clear to the authentication entity. Thus, a malicious third party is able to know the specific identifier of the entity which authenticates by observing the transaction between the authentication entity and the authenticated entity.
  • the specific identifier of an entity wishing to authenticate can also be deduced by a malicious third party acting this time in an active way, that is to say by initiating an authentication process by posing as a authentication entity vis-à-vis the authenticating entity.
  • An authenticating entity can still be recognized by observing its behavior and, more particularly by observing the responses provided by the entity during previous authentication processes. Indeed, the answers provided by . an authenticating entity are characteristic of certain entries corresponding to the hazards which have been submitted to it by the authenticating entity and, for the same entry, the authenticating entity will always provide the same response. By observing beforehand the response of the entity to characteristic random values, it is possible to recognize an authenticating entity by resubmitting to it one of these random values for which a response from the entity has already been observed.
  • an entity that signs hazards to authenticate can be characterized by its response for a particular hazard valevr (for example, 0, 10, 100, 1000, etc.). By observing two successive identifications with the same hazard, it is therefore possible to deduce whether these are two distinct entities or the same entity which are authenticated.
  • the present invention aims to remedy these drawbacks by proposing an authentication method based on a secret key encryption algorithm, in which the anonymity of the authenticating entity is guaranteed, so that only one legitimate authentication entity can recognize the identity of the authenticating entity and no one else.
  • the subject of the invention is a method of authenticating at least one client entity with an authentication entity, said authentication entity comprising a set of secret keys, each being associated with a client entity. likely to be identified by said entity authentication, said method being characterized in that it comprises the following steps consisting in: a-transmitting an anonymous authentication request from the client entity to the authentication entity; b-send from the authentication entity to the client entity, an authentication counter value corresponding to the current state of a counter of the authentication entity; c-check, on the client entity side, that the counter value (of authentication received is strictly greater than a counter value stored by the client entity; d-calculate, on the client entity side, a counter signature by applying a cryptographic function shared by the client entity and the authentication entity, with as operands said authentication counter value and a secret key associated with the client entity; e-transmitting said counter signature to the entity authentication; f-update the counter value memorized by the client entity with said authentication counter value; g-search, at the authentication
  • the search step consists in: i-calculating, for each client entity likely to be identified, the corresponding counter signature by application of the cryptographic function with as operands the authentication counter value and the associated secret key, so as to establish a list of pairs of client entity capable of being identified / corresponding counter signature, for said counter value; j -check the consistency between the counter signature received and at least one counter signature from said list.
  • the list of pairs of client entity capable of being identified / corresponding counter signature established for a given authentication counter value is ordered, on the authentication entity side, according to the value of said counter signature.
  • steps b) to h) are repeated until a single pair is obtained for which the signature counter corresponds to the counter signature received.
  • the counter signature is calculated only for the client entities corresponding to said plurality of pairs determined in the previous iteration.
  • the method according to the invention consists in implementing step i) in advance with respect to an authentication request originating from a client entity in step a), said advance step i) consisting to be pre-established, on the authentication entity side, for at least one future authentication counter value, the list of pairs of client entity likely to be identified / corresponding counter signature for each of said authentication counter values to come, and memorize said pre-established lists on the authentication entity side, any sending of the authentication entity to the client entity of an authentication counter value, corresponding to the sending of a value of authentication counter for which a list of client entity pairs likely to be identified / corresponding counter signature has already been pre-established.
  • step h) consists in increasing the authentication counter by a fixed step.
  • step h.) Consists in increasing the authentication counter by a random step.
  • step b) in response to an authentication request, consists in sending, on the authentication entity side, in addition to the authentication counter value, a random value associated with said value of counter, said random value being different for each of the authentication counter values sent, each counter signing step implemented during said method being replaced by a step of signing the authentication counter value / value pair associated random, consisting of the application of the cryptographic function further comprising as operand said associated random value.
  • step c) also consists in verifying that the difference between the authentication counter value received and the counter value stored by the client entity is less than or equal to a predetermined value.
  • step c) when step c) is not verified, the following intermediate steps are implemented consisting of:
  • step h updating the value of the authentication counter corresponding to the current state of the counter of the authentication entity with the value of the temporary authentication counter and implementing step h).
  • step e) consists in further transmitting to the authentication entity the authentication counter value.
  • the authentication counter value is coded at least 128 bits.
  • the invention also relates to a smart card, characterized in that it comprises an integrated circuit and means for memorizing a secret key and for implementing the method according to the invention. Preferably, it is a contactless smart card.
  • the invention also relates to an authentication entity of at least one client entity, characterized in that it comprises a smart card reader provided with means for implementing the method according to the invention.
  • the authentication entity comprises a contactless smart card reader.
  • FIG. 1 is a diagram illustrating a secret key authentication process according to the state of the art, and has already been described;
  • FIG. 2 is a diagram illustrating the main steps of the authentication method according to the present invention.
  • FIG. 2 therefore describes the main steps of the method of authentication by secret key of a client entity A by an authentication entity B, according to the present invention.
  • the entity A wishing to authenticate has its own secret key K A , a means of memorizing a counter value CA, as well as a cryptographic signature function S, also shared by the authentication entity B, and which is intended to apply with the following two operands: a secret key and a counter value, so as to sign the counter value.
  • the authentication entity B comprises a list of pairs (Ai, K A i), Ai being the name of one of the n client entities capable of being authenticated by the authentication entity B and K A i being the secret key associated with the client entity Ai which is specific to it.
  • the authentication entity .. also includes a counter COMPTB delivering a counter value CB and the cryptographic function S, identical to that implemented in the client entity A.
  • the procedure for the anonymous authentication process is as follows.
  • the client entity A wants to authenticate with the authentication entity B, it signals itself to B by the transmission of an anonymous authentication request "RequestAuthentication”.
  • the authentication entity B sends to the client entity A the counter value CB corresponding to the current state of its counter COMPTB.
  • the client entity A compares the counter value CB received with the counter value CA memorized by client entity A.
  • two possibilities are available to client entity A:
  • the client entity A signs the counter value received CB by application of the cryptographic function S with as operands the secret key K A associated with the client entity A and the counter value CB.
  • the result of this counter signature operation S (K A , CB) is transmitted from the client entity A to the authentication entity B.
  • the client entity A then updates its counter value in a fifth step stored CA with the last lawful counter value transmitted to it by the authentication entity B, namely CB.
  • the authentication entity B searches for at least one client entity Ai from among the n client entities that it is capable of authenticating, for which the corresponding signature of the counter value CB S (K A ⁇ , CB) is consistent with the counter signature received from the client entity seeking to authenticate S (K A , CB).
  • the authentication entity B increases the counter value CB for a next authentication request.
  • the authentication entity B can systematically repeat the authentication process at least a second time in order to ensure that it recognizes the same client entity each time. The process can even be repeated N times, until a probability of falling at random N times on a signature value "corresponding to the same client entity sufficiently low.
  • Another optimization of the authentication process concerns the management of collision cases.
  • a collision case that is to say that several client entities Ai capable of being identified by the authentication entity B have been found for which the counter signature S (K A ⁇ , CB) is consistent with the received counter signature S (K A , CB).
  • the sixth step consisting of the search phase by the authentication entity of at least one client entity Ai among the n client entities that it is capable of authenticating, for which the corresponding signature of the value of counter CB S (K A ⁇ , CB) is consistent with the counter signature received from the client entity which seeks to authenticate S (K A , CB), can be implemented as follows.
  • the authentication entity B calculates, for each client entity Ai capable of being identified, the corresponding counter signature S (K A ⁇ , CB) by application of the function cryptographic S with as operands the authentication counter value CB and the associated secret key K A ⁇ , so as to establish a list of client entity pairs capable of being identified / corresponding counter signature (Ai, S (K A i , CB)), for the current counter value CB.
  • the phase of calculation by B, for each client entity Ai capable of being identified, of the corresponding counter signature S (K A i, CB), so as to establish the list of pairs of client entities likely to be identified / corresponding counter signature (Ai, S (K A ⁇ , CB)), for the current counter value CB can be very long and penalizing in terms of response time.
  • the authentication entity ication B will respond by sending an authentication count value CB for which the list (Ai, S ( A i, CB)) will already have been established.
  • any sending from B to A of an authentication counter value CB will correspond to an authentication counter value for which a list (Ai, S (K A ⁇ , CB) ) will already have been established.
  • the search for a couple in this ordered list for which the counter signature S (K A i, CB) corresponds to S (K A , CB) can then be made according to a dichotomous search.
  • the client entity sought is in this case found average after performing log 2 (n) operations, which saves a lot of time.
  • the CB counter Since the CB counter is unique for each authentication, it can be used as an authentication session identifier. Thus, if several entities Ai are being authenticated simultaneously by the entity B, the latter can distinguish the dialogs thanks to this value. It is sufficient for this that the client entities seeking to authenticate return the value CB in addition to the signature value S (KA, CB).
  • the counter COMPTB supplying the value of authentication counter CB increases by a fixed step.
  • the fact that the counter CB grows by a fixed step makes it possible to predict the values of authentication counter which will be used during the future authentications.
  • a hacker can request several values S (K A , CB) from an entity A for several values of counters CB and, subsequently, seek to authenticate himself with entity B by returning to him the values previously obtained from client entity A.
  • the hacker can authenticate himself by posing as A.
  • Two types of countermeasures against such an attack on the authentication system can be implemented.
  • a first display consists in increasing the counter COMPTB by a random step at each authentication, so as to no longer use successive values of CB.
  • the meter must have a greater capacity so as not to come into abutment.
  • Another parade consists in no longer having the client entity A sign seeking to authenticate a simple counter value CB, but a couple (CB, random), CB incrementing regularly and random taking random values.
  • the random value is intended to be different for each of the authentication counter values sent, and each counter signature step implemented during the authentication process in any of its variants is then replaced by a step. signature of the JCB pair, random), consisting in the application of the cryptographic function S with in addition as operand said associated random value.
  • the authentication method as just described is vulnerable to counter jump attacks, based on the fact that the entities A and B synchronize with the counter value CB at each authentication.
  • a malicious machine can impersonate the authentication entity B and send to the client entity A seeking to authenticate a counter value much greater than the effective authentication counter value CB, corresponding to the current value of the counter COMPTB of the entity B.
  • the entity A can no longer respond following an authentication request as long as the value counter CB of the authentication entity B will not have caught up with this value CA, because of the test of the third step.
  • the malicious machine provides entity A a maximum counter value, the latter, by updating its stored counter value CA to this maximum value, becomes permanently unusable thereafter.
  • the countermeasures to these attacks relate more particularly to the third step of the authentication process, where the client entity A compares the counter value CB received with the counter value CA stored by the client entity A.
  • the entity A signals to the entity B that its stored counter value CA is greater than the value CB and returns CA to it;
  • the other steps of the authentication process are implemented on the basis of this value of CB t e m o r ai r e, and if the authentication of the entity A succeeds with CB temp0r ai re , then l entity B updates its value of authentication counter CB corresponding to the current state of its counter COMPTB with the value of authentication counter CB tem p 0 rai r e. Finally, the counter is incremented for a next authentication.
  • This process allows the authentication entity to guard against a counter jump attack. Indeed, it will first authenticate the client entity A with CBtemp or aire, before updating its counter. This process also allows the client entity A to synchronize the counter of the authentication entity B with its stored counter value, if the latter had suffered a counter jump attack.
  • entity B can also implement additional protections. For example, B may allow only a certain number of these counter synchronizations per client entity and per period. Likewise, B can authorize these protections only within a reasonable limit where the difference between the value of counter memorized by the client entity CA and the value of authentication counter CB is less than a predetermined value.
  • the counter values CA and CB can be binary numbers coded on at least 128 bits, which makes it possible to execute 2,128 authentications before the system arrives at the completion of the counter COMPTB.
  • the steps of the method according to the invention on the client entity side are implemented on a smart card, preferably a contactless smart card.
  • a smart card for implementing the steps of the method according to the invention requires only little computational capacity since the operations to be executed are simple (at most the signature of a counter).
  • the authentication entity then takes the form of a smart card reader with or without contact.
  • only a legitimate authentication entity can recognize the identity of the client entity seeking to authenticate.
  • the identity of the client entity A seeking to authenticate itself is known only to the authentication entity B and is never revealed during the authentication.
  • the client entity A does not know under which name it is identified by the authentication entity.
  • the authenticating entity actually has no static identity that could be revealed.
  • a malicious third party is unable to distinguish entities. In view of two successive authentications, it is not possible to say whether these are two separate entities or the same entity that have authenticated. Anonymity is therefore complete.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
EP05736911A 2004-03-16 2005-03-04 Anonymes authentifikationsverfahren Withdrawn EP1726121A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0402674A FR2867930A1 (fr) 2004-03-16 2004-03-16 Procede d'authentification anonyme
PCT/FR2005/000528 WO2005101726A1 (fr) 2004-03-16 2005-03-04 Procede d'authentification anonyme

Publications (1)

Publication Number Publication Date
EP1726121A1 true EP1726121A1 (de) 2006-11-29

Family

ID=34896544

Family Applications (1)

Application Number Title Priority Date Filing Date
EP05736911A Withdrawn EP1726121A1 (de) 2004-03-16 2005-03-04 Anonymes authentifikationsverfahren

Country Status (6)

Country Link
US (1) US20080270798A1 (de)
EP (1) EP1726121A1 (de)
JP (1) JP2007529935A (de)
CN (1) CN1934823A (de)
FR (1) FR2867930A1 (de)
WO (1) WO2005101726A1 (de)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2874144A1 (fr) * 2004-08-03 2006-02-10 France Telecom Procede d'authentification anonyme base sur un algorithme cryptographique de type asymetrique
WO2007048969A1 (fr) * 2005-10-24 2007-05-03 France Telecom Serveur, systeme et procede pour le chiffrement de donnees numeriques, en particulier pour la signature electronique de donnees numeriques au nom d'un groupe d'utilisateurs
GB2450131B (en) * 2007-06-13 2009-05-06 Ingenia Holdings Fuzzy Keys
US8051097B2 (en) * 2008-12-15 2011-11-01 Apple Inc. System and method for authentication using a shared table and sorting exponentiation
JP5434203B2 (ja) * 2009-04-02 2014-03-05 大日本印刷株式会社 認証装置、認証プログラム、認証システム、パスワード生成装置、携帯型セキュリティデバイス、およびパスワード生成プログラム
CN101997688B (zh) * 2010-11-12 2013-02-06 西安西电捷通无线网络通信股份有限公司 一种匿名实体鉴别方法及系统
CN101984577B (zh) 2010-11-12 2013-05-01 西安西电捷通无线网络通信股份有限公司 匿名实体鉴别方法及系统
EP2461534A1 (de) * 2010-12-01 2012-06-06 Irdeto B.V. Steuerwortschutz
US20120222100A1 (en) * 2011-02-24 2012-08-30 International Business Machines Corporation Advanced captcha using integrated images
CN103312499B (zh) 2012-03-12 2018-07-03 西安西电捷通无线网络通信股份有限公司 一种身份认证方法及系统
CN103312670A (zh) 2012-03-12 2013-09-18 西安西电捷通无线网络通信股份有限公司 一种认证方法及系统
US9998494B2 (en) * 2013-09-13 2018-06-12 GM Global Technology Operations LLC Methods and apparatus for secure communication in a vehicle-based data communication system
MX2021003138A (es) 2018-10-02 2021-05-14 Capital One Services Llc Sistemas y metodos para autentificacion criptografica de tarjetas sin contacto.

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2203131C (en) * 1994-10-27 2004-03-30 Gene Tsudik Method and apparatus for secure identification of a mobile user in a communication network
FR2757723B1 (fr) * 1996-12-24 1999-01-15 France Telecom Procede d'authentification aupres d'un systeme de controle d'acces et/ou de paiement
US5708710A (en) * 1995-06-23 1998-01-13 Motorola, Inc. Method and apparatus for authentication in a communication system
FR2745965B1 (fr) * 1996-03-08 1998-09-04 Inside Technologies Procede d'authentification d'un emetteur au cours d'une communication a un seul sens
US6519647B1 (en) * 1999-07-23 2003-02-11 Microsoft Corporation Methods and apparatus for synchronizing access control in a web server
JP4326189B2 (ja) * 2002-06-10 2009-09-02 健 坂村 自律型icカード及び通信システム
US7373509B2 (en) * 2003-12-31 2008-05-13 Intel Corporation Multi-authentication for a computing device connecting to a network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2005101726A1 *

Also Published As

Publication number Publication date
FR2867930A1 (fr) 2005-09-23
US20080270798A1 (en) 2008-10-30
JP2007529935A (ja) 2007-10-25
CN1934823A (zh) 2007-03-21
WO2005101726A1 (fr) 2005-10-27

Similar Documents

Publication Publication Date Title
WO2005101726A1 (fr) Procede d'authentification anonyme
EP1922632B1 (de) Verfahren und vorrichtung für ein erweitertes einmaliges passwort
EP2347541B1 (de) Authentifikationssystem
EP3280089B1 (de) Schlüsselerzeugungsverfahren und zugangskontrollverfahren
EP2811708B1 (de) System und Methode zur Authentifizierung eines Benutzers
WO2006024732A1 (fr) Procede d'authentification anonyme base sur un algorithme cryptographique de type asymetrique
EP2345202A2 (de) Digitalsignaturverfahren in zwei schritten
FR2964812A1 (fr) Procede d'authentification pour l'acces a un site web
EP1055203B1 (de) Zugangskontrollprotokoll zwischen einem schlüssel und einem elektronischen schloss
EP1851901B1 (de) Verfahren zur schnellen vorauthentifikation durch distanzerkennung
EP1166496A1 (de) Verfahren und vorrichtung zur authentifizierung und digitalen signaturerzeugung einer nachricht, mit der hilfe von kleineren parametern
EP2509025A1 (de) Zugriffsverfahren auf eine geschützte Quelle einer gesicherten persönlichen Vorrichtung
EP0803790B1 (de) Verfahren zur Verdeckung eines Geheimcodes in einer Rechnerbeglaubigungsvorrichtung
EP2568406B1 (de) Verfahren zur Verwendung von kryptografischen Daten eines Benutzers, die in einer Datenbank gespeichert sind, von einem Endgerät aus
WO2003107587A1 (fr) Procede et dispositif d’interface pour echanger de maniere protegee des donnees de contenu en ligne
CN109145543B (zh) 一种身份认证方法
WO2019145620A1 (fr) Système sécurisé de transactions entre terminaux
WO2006027430A1 (fr) Procede d’authentification entre entites communiquant entre elles au travers d’un reseau de telecommunications
WO2012022856A1 (fr) Procédé d'authentification d' un utilisateur du réseau internet
WO2011012788A1 (fr) Procede d'authentification securisee d'acces a des donnees chiffrees
EP2115657A2 (de) Verfahren und system zur autorisierung des zugriffs auf einen server
FR3076153A1 (fr) Procede pour creer une signature electronique a distance au moyen du protocole fido
FR2875981A1 (fr) Procede et dispositif de filtrage pour detecter une usurpation d'adresse dans un reseau informatique
WO2013140078A1 (fr) Procede de generation et de verification d'identite portant l'unicite d'un couple porteur-objet
EP1323260A1 (de) Verfahren zum authentifizieren eines elektronischen dokuments

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20060905

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

RIN1 Information on inventor provided before grant (corrected)

Inventor name: CHARLES, OLIVIER

Inventor name: ARDITTI, DAVID

Inventor name: NGUYEN NGOC, SEBASTIEN

Inventor name: BARITAUD, THIERRY

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20081001