Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
  • H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
  • H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
  • H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/60—Protecting data
  • G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
  • G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
  • G06F21/6227—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
  • H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
  • H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
  • H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/42—Anonymization, e.g. involving pseudonyms
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/80—Wireless

Definitions

• the invention relates to the secure deposit of data by an applicant on a possibly insecure storage medium, and the subsequent recovery of these data by a recipient possibly unknown to the applicant, or nonexistent at the time of filing.
• the data is digital data, or digitized analog data.
• a first solution known as total delegation, is for the depositor to encrypt the data with a key of a trusted third party and to transmit the encrypted data to the trusted third party.
• the recipient authenticates with the trusted third party who sends back to him the data he has previously decrypted with his key and possibly encrypted with a key provided by the recipient.
• a second solution known as delegation of rights, is for the applicant to, on the one hand, encrypt the data with a transfer key and store the encrypted data on a storage medium accessible to the recipient and, on the other hand, on the other hand, to encrypt the transfer key with the key of the trusted third party and to transmit the encrypted transfer key to the trusted third party.
• the recipient authenticates with the trusted third party who sends back to him the transfer key that he has previously decrypted with his key and possibly encrypted with a key provided by the recipient. The recipient will then retrieve the encrypted data on the storage medium, then decrypts it with the transfer key he has obtained from the trusted third party.
• the encryption of the data and / or the transfer key can be achieved either by a symmetric encryption method or by an asymmetric encryption method.
• a communication channel is required between the depositor and the trusted third party to transmit the data or at least one transfer key.
• the trusted third party must keep information, data or at least a transfer key, for an unknown duration and possibly unlimited if the recipient does not come to recover the data. This is unrealistic if there is a large number of applicants and / or large amounts of data to keep.
• the trusted third party has clear access to the data to be transmitted.
• the subject of the invention is a secure data depositing method and a data recovery method which do not have the drawbacks mentioned above of the known methods.
• the invention also relates to devices for implementing the methods of the invention.
• the subject of the invention is a method for the secure deposit of data, during which an applicant encrypts the data with a transfer key and encrypts the transfer key with a key of a trusted third party, and then deposits the encrypted data and the encrypted transfer key on a storage medium.
• the invention also relates to a data recovery method, in which:
• a recipient retrieves on a storage medium encrypted data with a transfer key, and a transfer key encrypted with a key of a trusted third party,
• the recipient authenticates with the trusted third party, ⁇ the recipient sends the encrypted transfer key to the trusted third party, • after authentication of the recipient, the trusted third party decrypts the encrypted transfer key with its key and returns the key of transfer to the recipient,
• the invention further relates to a secure data deposit device comprising:
• RAND random transfer key
• the applicant has no contact with the trusted third party and does not transmit any information to him, even not a key.
• no communication channel is not necessary between the applicant and the trusted third party and the anonymity of the applicant is guaranteed vis-à-vis the trusted third party.
• the trusted third party does not have data to keep or information about the data. He may not even be aware that a recipient may be able to contact him one day.
• the third party does not have clear access to the data unless it has physical access to the data storage medium.
• FIG. 1 is a flowchart of a secure deposit method according to the invention
• FIG. 2 is a flowchart of a data recovery method, according to the invention
• FIG. 3 is an example of a system implementing the deposition method according to FIG. 1 and the recovery method according to FIG. 2.
• FIG. 3 represents a system that can be used for implementing the methods according to the invention in the field of mobile communication.
• the system of FIG. 3 allows a first user having a mobile equipment 1 with access on a communication network 2 and a personal authentication module 3 to authorize a second user (or the same first user) to use the mobile equipment 1 with a second authentication module 4 to access the communication network 2.
• the first authentication module securely deposit in the memory of the mobile equipment data necessary to access the network 2.
• the system thus allows the secure transfer of data from the first module to the second module through the memory of the mobile equipment.
• the mobile equipment is a mobile phone, a terminal, a personal PC, etc.
• the personal authentication module is a UICC card.
• FIG. 1 represents a general flowchart of the deposition process according to the invention.
• an applicant A encrypts data DATA with a transfer key RAND, and encrypts the transfer key RAND with a public key pkB of a trusted third party B.
• A then stores the encrypted data E RAND (DATA) and the encrypted transfer key E pkB (RAND) on a storage medium.
• the applicant A is a first user authentication module 3.
• the trusted third party B is an operator operating a mobile communication network 2.
• the operator may be a legal entity that owns the network, or the network locat ⁇ ce, or even a legal entity that outsources the operation of the network to another person.
• the storage medium D is a memory
• the module 3 is naturally connected to the mobile equipment 1.
• the first authentication module 3 comprises in particular a memory 31, a random number generator 32, a first calculation means 33, a second calculation means 34, a storage means 35 and a control device 36.
• the memory 31 stores DATA data which are in the example data necessary for the identification of the mobile equipment 1 on the communication network 2, and a public key pkB of the communication operator 2.
• the random number generator 32 provides on request from the control device a random transfer key RAND to the first calculation means 33.
• the first calculation means 33 is adapted to implement an asymmetric encryption method such as an RSA method ( Rivest Shamir Adelman) or a process based on elliptic curve calculations. It is used to encrypt the RAND key with the public key pkB.
• the second calculation means 34 is adapted to implement a symmetric encryption method such as a DES (Data Encryption Standard) or AES (Advanced Encryption Standard) method. It is used to encrypt DATA data with the RAND key it receives from the random number generator.
• the storage means 35 is adapted to store in the memory 11 of the portable equipment 1 the encrypted transfer key E pkB (RAND) and the encrypted data E RAND (DATA).
• the control device 36 is adapted to control the operation of the memory 31, the random number generator 32, the first calculation means 33, the second calculation means 34, and the storage means 35. control device is for example activated by the user of the first authentication module.
• the first authentication module implements the deposition method according to Figure 1 as follows.
• control device 36 of the first module 3 In a first step, the control device 36 of the first module 3:
• FIG. 2 represents a general flowchart of the secure data recovery method according to the invention.
• the recipient C retrieves the encrypted data E RAND (DATA) and the encrypted transfer key E PkB (RAND) on the storage medium D.
• the recipient C authenticates to the trusted third party B.
• the recipient C transmits the encrypted transfer key to the trusted third party.
• the third decrypts the encrypted transfer key E pkB (RAND) with its private key and sends the transfer key RAbJD to the recipient C.
• the recipient C decrypts the encrypted data E RAND (DATA) with the transfer key.
• the trusted third party B is the mobile communication operator 2
• the recipient C is a second user authentication module 4
• the storage medium D is the memory 11 of the user.
• the second authentication module 4 comprises in particular a reading means 41, a communication means 42, a third calculation means 43, a memory 44 and a control device 45.
• the reading means 41 is adapted to read in the memory 11 the encrypted data and encrypted transfer key.
• the communication means 42 is adapted to exchange information and / or data with the mobile communication operator 2, and in particular to: ⁇ transmit to the operator personal authentication data,
• the third calculation means 43 is adapted to decrypt the encrypted data E RAND (DATA) using the transfer key provided by the operator.
• the data DATA can then for example be stored in a memory 44 of the second module 4.
• the control device 45 is adapted to control the operation of the reading means 41, the communication means 42, the third calculation means 43 and the memory 44.
• the control device 45 is for example activated by the owner of the first module authentication.
• the recovery method according to FIG. 1 is implemented by the following way.
• the second authentication module 4 is connected to the mobile equipment 1 for the implementation of the method.
• control device 45 activates the reading means 41 which will read the encrypted data and the encrypted transfer key into the memory
• control device 45 activates the communication means 42, which transmits to the operator 2 authentication information of the second module 4.
• control device 45 activates the communication means 42, which transmits to the operator 2 the encrypted transfer key.
• the operator 2 authenticates the second module 4.
• the operator decrypts the transfer key with his personal private key, and returns the transfer key to the second module.
• control device 45 activates the third calculation means which decrypts the encrypted data E RMJD (DATA) with the transfer key.
• the trusted third party is the mobile communication operator. It could be any other person in the broadest sense: physical or moral person, but also data server, etc. It suffices that said person has a set of keys comprising a public key pkB and an associated private key, and hardware means to use it obviously.
• the public key pkB trusted third is stored in the memory 31 of the first module 3. The said key could also be stored in the memory 11 of the mobile equipment. It could also be requested: by the module 3, to the trusted third party for example or to any other person having this key, 3 uste before its use for the encryption of the key RAND.
• a symmetric encryption method is used to encrypt the data.
• An asymmetric encryption method could also be used, but its implementation would be slower and more expensive than the implementation of a symmetrical method.
• an asymmetric encryption method is used to encrypt the RAND transfer key. This prevents the applicant and the recipient from agreeing beforehand on a transfer key to use.
• an unsecured implementation of this encryption method is sufficient and inexpensive, and easily achievable on a smart card.
• the associated decryption method which is much more expensive, is implemented by the trusted third party which has much more substantial hardware resources such as a server.
• the recipient C transmits to the trusted third party B information relating to his identity that the third party B checks to authenticate the recipient C or not, that is to say to validate or not the right It has thus been assumed that the third party B previously had sufficient information to authenticate the recipient C.
• the authentication information in the example is indications of membership of the network. communication system such as a subscription number. The applicant A can thus in the example allow the use of mobile equipment to anyone with an authentication module 1 to the same network, without specifying any person explicitly.
• the applicant A also stores on the storage medium access criteria ID to the data including in particular a hash of the key RAND and authentication information of the addressee C. access criteria prove that the RAND key is associated with the data. These criteria are encrypted with the key pkB and signed by the applicant.
• the recipient will pass the access criteria to the trusted third party with his or her personal authentication data. The third party will then use these ID criteria and the personal identification data transmitted by the recipient to authenticate it.
• the storage medium D is the memory 11 of the mobile equipment 1.
• the storage medium is a sort of container, a means for storing digital data.
• the storage medium D may for example be a removable storage medium, such as a compact disc CD, a DVD (Digital Versatile Disc), a non-volatile memory, a memory module, a SD (Secured Digital Card) or any other type of memory card. It can be kept by a natural or legal person, and / or stored in a data server.
• a removable storage medium such as a compact disc CD, a DVD (Digital Versatile Disc), a non-volatile memory, a memory module, a SD (Secured Digital Card) or any other type of memory card. It can be kept by a natural or legal person, and / or stored in a data server.
• Figure 3 shows an application of the invention in the field of mobile communication.
• the invention can for example be used for the transmission of information within a dynamic group, whose members enter and leave at any time, the members do not necessarily know each other.
• the methods according to the invention can be used to allow different stakeholders (people, companies) on a given site
• the trusted third party may be, for example, the owner, the site manager or any other person who coordinates the actions of the various stakeholders on the site, without having the need or interest to know the information exchanged between the parties.
• the invention can also advantageously be used for any application in which the applicant wishes to transmit information while maintaining complete anonymity, or in which the addressee is anonymous to the applicant. It should be noted that the existence of the recipient is not necessary at the time of the deposit of the data. Similarly, the existence of the applicant is no longer necessary at the time of the withdrawal of the data.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Signal Processing (AREA)
• Computer Networks & Wireless Communication (AREA)
• Theoretical Computer Science (AREA)
• General Health & Medical Sciences (AREA)
• Computer Hardware Design (AREA)
• Software Systems (AREA)
• Physics & Mathematics (AREA)
• General Engineering & Computer Science (AREA)
• General Physics & Mathematics (AREA)
• Bioethics (AREA)
• Health & Medical Sciences (AREA)
• Databases & Information Systems (AREA)
• Storage Device Security (AREA)
• Mobile Radio Communication Systems (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=36599104

Family Applications (1)

Country Status (6)

Families Citing this family (7)

Family Cites Families (16)

• 2005
  • 2005-11-02 FR FR0511124A patent/FR2892876A1/fr active Pending
• 2006
  • 2006-10-27 EP EP06819179A patent/EP1949590A1/de not_active Withdrawn
  • 2006-10-27 JP JP2008538346A patent/JP2009515393A/ja active Pending
  • 2006-10-27 US US12/084,301 patent/US20090154710A1/en not_active Abandoned
  • 2006-10-27 KR KR1020087013360A patent/KR20080073316A/ko not_active Application Discontinuation
  • 2006-10-27 WO PCT/EP2006/067897 patent/WO2007051769A1/fr active Application Filing

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events