EP2481183A1 - Procédé pour établir un canal de communication sécurisé - Google Patents

Procédé pour établir un canal de communication sécurisé

Info

Publication number
EP2481183A1
EP2481183A1 EP10762596A EP10762596A EP2481183A1 EP 2481183 A1 EP2481183 A1 EP 2481183A1 EP 10762596 A EP10762596 A EP 10762596A EP 10762596 A EP10762596 A EP 10762596A EP 2481183 A1 EP2481183 A1 EP 2481183A1
Authority
EP
European Patent Office
Prior art keywords
data carrier
terminal
public key
pkd
display device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP10762596A
Other languages
German (de)
English (en)
Inventor
Jan Eichholz
Gisela Meister
Dirk Wacker
Markus Sauermann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Giesecke and Devrient Mobile Security GmbH
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of EP2481183A1 publication Critical patent/EP2481183A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3823Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Definitions

  • the present invention relates to a method for establishing a secure communication channel between a portable data carrier and a terminal based on an asymmetric cryptosystem and a correspondingly set up portable data carrier.
  • Secured data communication between a portable data carrier, for example a chip card, and a terminal set up for communication with the data carrier takes place via a secure communication channel in that the transmitted data is transmitted in encrypted form.
  • the data transmission can be contact-based or contactless.
  • An efficient and secure encryption is ensured by means of known symmetric encryption methods, for example AES, DES or the like. However, the exchange of a secret key between the two communication partners is necessary.
  • This exchange is usually carried out by means of an asymmetric process, for example the Diffie-Hellman key exchange process.
  • an asymmetric method in which public keys of a corresponding cryptosystem are transmitted over an insecure communication channel, is susceptible to so-called "man-in-the-middle” (MIM) attacks, whereby an attacker overhears and gives the unsecured communication channel
  • MIM man-in-the-middle
  • Object of the present invention is to support the establishment of a secure communication channel between a portable data carrier and a terminal, in particular to complicate "man-in-the-middle” attacks on the communication channel.
  • the invention is based on the idea of including a display device of the data carrier in the method, in particular for authenticating a public key of the cryptosystem.
  • a value derived from a public key of the cryptosystem is displayed on a display device of the data carrier.
  • a corresponding data carrier comprises a display device and a control device for establishing a secure communication channel to a terminal based on an asymmetric cryptosystem via a data communication interface of the data carrier.
  • the control device is set up according to the invention, a value derived from a public key of the cryptosystem to display the Ari Albe worn.
  • the data carrier preferably has an input unit.
  • a corresponding value derived from a public key is also displayed on a display device of the terminal, for example the above-mentioned fingerprint.
  • This facilitates the direct visual check of the equality of the derived value displayed on the display device of the data carrier with the corresponding known value, but additionally displayed on the display device of the terminal.
  • This embodiment is particularly suitable for securing the transmission of the public keys between the data carrier and the terminal during a Diffie-Hellman key exchange procedure.
  • one communication partner each sends a public key assigned to it to the other communication partner.
  • a user of the data carrier can visually check whether, on the one hand, the public key sent from his data carrier to the terminal has been received there unchanged and, on the other hand, the data received from the data carrier
  • a derived value of a public key assigned to the communication partner is exchanged at the beginning of the communication between terminal and data carrier.
  • the respective public key is then transmitted and its derived value is verified by the communication partner.
  • the terminal forms a common secret of the public key of the volume and the private key of the terminal, while the volume is the shared secret of the public key of the terminal and the private key of the volume forms.
  • the derived value of the shared secret becomes transferred to the other communication partners.
  • a user of the data carrier can visually check whether, on the one hand, the shared secret sent from his data carrier to the terminal has been received there unchanged and, on the other hand, whether the secret received by the data carrier actually corresponds to the secret emitted by the terminal.
  • the data carrier generates a random number and transmits a derived value of the random number as well as a public key assigned to the data carrier to the terminal. Furthermore, a random number is generated by the terminal, this encrypted transmitted with the public key of the disk to the disk and then decrypted by this. Subsequently, the random number generated by the data carrier is transmitted to the terminal and its derived value is verified by the terminal. In a further step, both the terminal and the data carrier form a derived value from the random number of the card, the random number of the terminal and the public key of the data carrier and display this. Again, the user can visually check the agreement of the values.
  • the value displayed on the display device of the terminal can be replaced by an automatic check in the data carrier or in the terminal.
  • the data carrier comprises an input device, for example a keyboard
  • the value displayed on the display device of the terminal which has been derived, for example, from the terminal's public key, can be entered into the data carrier via the keyboard.
  • the control device of the data carrier is then set up to compare the entered value with a value that has been derived in a predetermined manner from the public key of the terminal received by the data carrier from the terminal. Mismatching values indicate an attack on the communication channel.
  • a value displayed on the display device of the data carrier which has been derived, for example, from the public key of the data carrier, can be input via an input device of the terminal into the terminal and there in the manner described with a value by a by the terminal has been derived from the disk received public key of the disk to be compared.
  • the respective other derived values may be displayed and input to the respective other device for checking, ie the value displayed on the display device of the terminal, which has been derived from the public key of the data carrier received by the terminal, may be checked in the data medium is entered and / or the value displayed on the display device of the data carrier, which value depends on the data received by the data carrier. can be entered in the terminal for verification.
  • a value derived from a public key of the cryptosystem is preferably formed by means of a hash function.
  • the entire hash value or optionally only a part thereof may be displayed, for example if a display device of the data carrier can display only a limited number of digits of such a value.
  • a hash function other suitable functions for forming the derived value may also be used.
  • an authentication test value (“message authentication code", MAC) can be used to form the derived value, which is additionally formed, for example, via the above-described hash value
  • An authentication check value is generally shorter than a hash Value and thus can also be displayed completely on a small display device of a data carrier, and thus without loss of security.
  • to compute an authentication check value requires a secret date which is known only to the data carrier and the terminal, for example a PIN or the like.
  • a PIN or an analogous secret date which is otherwise known only to the terminal and to the data carrier is provided.
  • a such PIN may, as mentioned, be used to form an authentication check value, which in turn may be used to form the value derived from a public key.
  • a PIN can also be used to encrypt a public key before transmitting, for example, from the data medium to the terminal.
  • the transmission of the key is already secured against "man-in-the-middle" attacks.Also, other steps of protocols used can be secured by the PIN, as described below, in particular the establishment of a secure communication channel itself.
  • the PIN or an analog secret date can be generated or specified by the data carrier or the Terrninal. It is possible, on the one hand, for the data carrier to specify the PIN, for example by being stored in the data carrier or generated internally in the data carrier and displayed on the display device of the data carrier. The displayed secret date can then be entered into the terminal via an input device, such as a keyboard. Conversely, however, the terminal can also generate and display the PIN, which is then entered into the data carrier via a corresponding input device or otherwise transferred to the data carrier.
  • a further method according to the invention for establishing a secure communication channel between a portable data carrier and a terminal based on a secret date-based cryptosystem can also be provided, ie the cryptosystem does not necessarily have to additionally be based on a described asymmetric key architecture. In general, however, this will be the case.
  • the secret date is determined by the Terminal provided, for example, generated therein, and displayed on a display device of the terminal. The displayed secret date is then transferred to the data carrier.
  • a corresponding data carrier according to the invention comprises a display device and a control device for establishing a secure communication channel to a terminal based on a secret date based cryptosystem via a Daterikorrimunikationsterrorism of the data carrier.
  • the control device is set up according to the invention to display a secret date received via the data communication shrunk point or an input device of the data carrier on the display device.
  • the secret date can be transferred to the data carrier by being entered into the data carrier by a user of the data carrier via an input device of the data carrier, for example a keyboard.
  • the input device can also be designed as an alternative, for example as an optical sensor or the like.
  • the entered secret date can then be displayed on the display device of the data carrier. However, such a display step can also be omitted.
  • the secret data transferred in this way is then displayed on the display device of the data carrier in order to check the error-free and manipulation-free transmission.
  • Figure 1 shows a preferred embodiment of a data carrier according to the invention
  • Figure 2 to Figure 6 schematically steps of various embodiments of the method according to the invention.
  • a portable data carrier 10 which is shown here as a chip card, comprises a data communication interface 20 in the form of a contact field set up for contact-type data communication and a data communication interface in the form of an antenna coil 22 set up for contactless data communication.
  • a data communication interface 20 in the form of a contact field set up for contact-type data communication
  • a data communication interface in the form of an antenna coil 22 set up for contactless data communication One of the two data commutation subscribers 20 , 22 may be missing.
  • the power supply of the data carrier 10 can take place via the data communication interfaces 20, 22 through the terminal or via a separate power supply of the data carrier 10, for example a battery (not shown).
  • Both data communication interfaces 20, 22 are connected to an integrated circuit 30 embedded in a data carrier body, which controls the data carrier 10 by means of a control device 32.
  • the data carrier 10 comprises a display device 40 in the form of a display and an input device 50 in the form of a keyboard.
  • the display device 40 is set up to display contents generated by the control device 32 and transmitted to the display device 40.
  • the issuing device 50 can be used for entering data into the data carrier 10, which are then further processed by the control device 32.
  • the control device 32 is set up to set up a secure data communication channel to a terminal (not shown) on the basis of an asymmetrical cryptosystem via one of the data grain communication interfaces 20, 22.
  • the controller 32 is adapted to send a public key of the data carrier 10 to a terminal or to receive a public key of a terminal and to further process it according to the communication protocol used, for example for determining a secret session key for symmetrically encrypting between the data carrier 10 and the terminal data to be transferred.
  • the control device 32 may form values derived from the public keys 42, for example by means of a hash function and / or an authentication check value, and transmit them to the display device 40 for display.
  • the control device 32 is set up to generate a secret date, for example in the form of a PIN or the like, and if necessary to transmit it to the display device 40 for display or to receive such a secret date via a data communication interface 20, 22 or via the input device 50 and process as intended.
  • step 100 public keys are exchanged between the data carrier 10 and the terminal, ie data carrier 10 sends its public key PKD to the terminal in step 101, which in step 100 stores its public key ⁇ sends to the disk 10.
  • the data carrier 10 likewise displays this value W via its display device 40 in step 111.
  • a user of the data carrier can thus check in step 120 whether the two values W and M coincide. If this is the case, the user can assume that the public key PKD was not manipulated by an unnoticed "man-in-the-middle" attack when transmitting from the data carrier 10 to the terminal.
  • step 140 The user also checks in step 140 the equality of these two values V and V and, if given, can be sure that the public Key ⁇ the terminal has been received unchanged in the disk 10.
  • both tests 120, 140 are positive, the communication channel between the data carrier 10 and the terminal can be established safely. In the opposite case, if at least one of the two tests 120, 140 has revealed inequality, the method is aborted 150.
  • a complete hash value ⁇ ( ⁇ ) or H (PKD) instead of a complete hash value ⁇ ( ⁇ ) or H (PKD), only a portion of a corresponding hash value can be displayed in steps 131 and 111 if the display device 40 of the data carrier 10 does not represent the complete hash value can.
  • the comparison in steps 120, 140 then relates only to the corresponding indicated proportion and is therefore associated with a certain degree of uncertainty.
  • a hash function H another suitable function for forming the derived values V, V, W can be used. It is also possible that the derived values are derived not from the public keys PKT, PKD but from values derived directly or indirectly from these keys, for example from a session-key determined by the key.
  • FIG. 2a A modification of the method according to FIG. 2 is shown in FIG. 2a.
  • steps 1000, 1010 values of public keys derived between data carrier 10 and terminal are exchanged.
  • the hash functions used for this purpose are preferably collision-resistant hash functions, such as SHA-2.
  • the terminal sends the public key PKT to the volume 10, which in step 1310 returns the derived value
  • V 2 H (PKT) checked. Accordingly, the data carrier 10 sends the public key PKD to the terminal in step 1110, which in step 1300 derives the derived value checked.
  • a derived value is further formed in step 1400 or 1410, respectively, by means of a hash function, which value is respectively displayed as illustrated in step 1500, 1510. Only a part of the hash function can be displayed here if the display device 40 of the data carrier 10 is not capable of complete display. Also, a function other than a hash function for forming the derived values is conceivable.
  • the derived values can not be determined directly by the public keys but by values directly or indirectly derived from these keys.
  • the user verifies the coincidence of the two values in step 1600. If so, the user may assume that the public keys PKD and PKT are not replaced by a "man-in-the-box" during transmission from the data carrier to the terminal and vice versa -Middle "- attack were manipulated accordingly being constructed. Otherwise, as shown in step 1700, the connection is broken.
  • the method illustrated with reference to FIG. 3 differs from the method in FIG. 2 in that for forming the public-key ⁇ , PKD-derived values exchanged in steps 200, 201, X, X ', Y, Y' are adjacent Furthermore, an authentication check value (MAC, "message authentication code") based on a PIN is formed in a hash function H. For this purpose, a user of the data carrier 10 enters a PIN into the terminal via an input device, eg a keyboard, in step 205 one.
  • MAC electronic authentication code
  • the PIN is predetermined by the data carrier 10 in this case.
  • the PIN can be assigned to the data carrier 10 with the production, for example, printed or stored in a memory of the data carrier 10.
  • the volume 10 may also be configured to generate the PIN session-specific and, as a stored PIN, display on the display 40 as needed.
  • the PIN it is possible, but not shown in FIG. 3, for the PIN to be stored in the terminal or session-specifically created in the terminal and displayed via the display of the terminal. From there, the user can then read the PIN and enter it into the data carrier via the input device 50. Other ways to transfer the PIN from the terminal to the disk are possible.
  • the terminal or the data carrier does not display the hash values H (PKD), H (PKT) on their respective display devices via the respective public keys PKD, PKT, but rather authentication check values MACPI (FIG. H (PKD)) or MACPIN (H (PKT)), which by means of the PIN in a known manner via the hash values H (PKD), ⁇ ( ⁇ ) have been formed, for example by means of block ciphers.
  • MACPI FIG. H (PKD)
  • MACPIN H (PKT)
  • Such a MAC formed via a hash value, is shorter than the hash value and can thus also be displayed completely on a small display device of the portable data carrier 10, and thus without loss of security.
  • the MAC can also be formed directly via the respective public key PKD, PT.
  • steps 220 and 240 the equality of the MAC values is checked instead of the equality of the hash values.
  • the method illustrated with reference to FIG. 4 differs from the method in FIG. 3 in that the checking of the equality of the MAC values is not checked visually by the user, but by machine through the terminal and the data carrier 10
  • the user enters the value Y 'into the data carrier 10 via the input device 50 of the data carrier 10 in step 332.
  • the data carrier 10 aborts the procedure, otherwise it continues as intended.
  • the PIN can alternatively be specified by the terminal.
  • the user checks in step 420, as described, the equality of these two displayed values W, W.
  • a PIN is entered into the terminal in step 425. This step can also be omitted.
  • the data carrier 10 decrypts the value N by means of its private key SKD of the cryptosystem in order to obtain the secret key K, and optionally checks the PIN also received with the message N.
  • the method according to FIG. 5 can be modified such that the public key PKD is already encrypted by means of the PIN before it is transmitted to the terminal.
  • the PIN can be entered before the transfer of the key PKD in the terminal. At the very least, entering the PIN must be done before the hash values are displayed, since otherwise the hash value can not be formed within the terminal via the unencrypted key PKD.
  • the terminal shows in a first step, as already described above with reference to FIG. 3, a secret date in the form of a PIN ("Personal Identification Number"), a SIN ("Session Identification Number ”) or the like.
  • the secret date is then entered by the user via the input device 50 in the data carrier 10. It is alternatively possible for the secret date to be transmitted to the data carrier via another route, for example via an optical sensor, via an air interface (OTA) or the like.
  • the transferred secret date can be displayed on the display device 40 of the data carrier 10, in particular if it has not been entered by the user himself.
  • any method based on such a secret date which does not necessarily depend on an asymmetric cryptosystem, can be used to build a secure communication channel - at least partially based on the secret date.
  • an asymmetric cryptosystem will also be involved in such methods, as described, for example, with reference to FIGS. 3 to 5.
  • known secret date based methods such as PACE, PACE-EU, SPEKE, and the like, which do not require display means in the data carrier to establish a secure channel between the data carrier and the terminal, may be implemented in the manner described.
  • the transmission of an image or a pictogram may also be provided.
  • a simple data carrier without a display device and without an input device can be expanded, for example, by means of a mobile radio terminal with which the data carrier, eg a (U) SIM mobile communication card, can be equipped with the necessary functionalities for carrying out the described methods. That is, the display device and the input device are provided by the mobile terminal connected to the data carrier.
  • a random number ZZ1 is first formed by the data carrier 10 in step 500, from this a derived value H (ZZ1) is formed by means of a hash function, for example, and the value H (ZZ1) and a public key of the data carrier PKD are sent to the terminal. Subsequently, the terminal encrypts a second random number ZZ2 with the public key PKD in a step 510 and sends the value B thus obtained to the data carrier 10.
  • the volume 10 determines the value of ZZ2 by decrypting B using the private key SKD of the asymmetric key pair PKD-SK D in step 520.
  • the data carrier 10 sends the random number ZZ1 to the terminal in step 530, which forms the derived value H (ZZ1) in step 540 and compares it with the value H (ZZ1) transmitted by the data carrier in step 500.
  • both the terminal and the data carrier 10 form the derived values D 'and D as derived values of ZZ2, ZZl and PKD and are displayed in steps 560 and 561, respectively.
  • the values of D and D ' are also compared with one another here by the user and a communication channel is established only after positive comparison. Otherwise, the grain communication between the data medium and the terminal is aborted.
  • the random number ZZ2 specified by the terminal may be a so-called "session key" which is used in the course of further communication between terminal and data carrier.
  • the user makes a declaration of intent before establishing a communication connection to the terminal. Entering one or multiple characters in the input device of the data carrier or any other suitable explanation to the disk, such as bending the card, key press or the like, makes it clear that the user deliberately uses the data medium.
  • the declaration of intent can be made at any time of the method according to the invention and the variants described in FIGS. 2 to 6, but preferably at the beginning or at the end of the method, but in any case before the establishment of the secure communication channel.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé pour établir un canal de communication sécurisé entre un support de données portatif (10) et un terminal sur la base d'un système cryptographique asymétrique. Selon ce procédé, une valeur (X; Y; V; W) dérivée d'une clé publique (PKD; PKT) du système cryptographique est affichée sur un dispositif d'affichage (40) du support de données (10).
EP10762596A 2009-09-22 2010-09-22 Procédé pour établir un canal de communication sécurisé Withdrawn EP2481183A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102009042284A DE102009042284A1 (de) 2009-09-22 2009-09-22 Verfahren zum Aufbauen eines gesicherten Kommunikationskanals
PCT/EP2010/005800 WO2011035899A1 (fr) 2009-09-22 2010-09-22 Procédé pour établir un canal de communication sécurisé

Publications (1)

Publication Number Publication Date
EP2481183A1 true EP2481183A1 (fr) 2012-08-01

Family

ID=43416943

Family Applications (1)

Application Number Title Priority Date Filing Date
EP10762596A Withdrawn EP2481183A1 (fr) 2009-09-22 2010-09-22 Procédé pour établir un canal de communication sécurisé

Country Status (4)

Country Link
US (1) US8953804B2 (fr)
EP (1) EP2481183A1 (fr)
DE (1) DE102009042284A1 (fr)
WO (1) WO2011035899A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015166216A1 (fr) * 2014-05-02 2015-11-05 Barclays Bank Plc Authentification de transactions
US20160191470A1 (en) * 2014-08-07 2016-06-30 Ajay Movalia Method and apparatus for securely transmitting communication between multiple users
FR3054056B1 (fr) * 2016-07-13 2018-06-29 Safran Identity & Security Procede de mise en relation securisee d'un premier dispositif avec un deuxieme dispositif

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5241599A (en) 1991-10-02 1993-08-31 At&T Bell Laboratories Cryptographic protocol for secure communications
EP0566811A1 (fr) 1992-04-23 1993-10-27 International Business Machines Corporation Méthode et système d'authentification à l'aide d'une carte à puce
US6278782B1 (en) * 1997-09-16 2001-08-21 Safenet, Inc. Method of implementing a key recovery system
ES2173652T5 (es) * 1997-10-28 2010-10-13 First Data Mobile Holdings Limited Procedimiento para la firma digital de un mensaje.
US20040205350A1 (en) * 2000-08-28 2004-10-14 Paul Waterhouse Low cost secure ID card and system
FR2824212A1 (fr) * 2001-04-25 2002-10-31 Thomson Licensing Sa Procede de gestion d'une cle symetrique dans un reseau de communication et dispositifs pour la mise en oeuvre
EP1743304B1 (fr) * 2004-03-09 2010-07-07 Bayerische Motorenwerke Aktiengesellschaft Documentation de prescriptions de service pour un vehicule automobile
GB0522531D0 (en) * 2005-11-04 2005-12-14 Isis Innovation Security in computing networks
EP1804220A1 (fr) * 2005-12-29 2007-07-04 AXSionics AG Procédé destiné à l'octroi légitime d'un service et appareil portatif destiné à la réalisation de celui-ci
US9401063B2 (en) * 2006-06-08 2016-07-26 Mastercard International Incorporated All-in-one proximity payment device with local authentication
GB0625851D0 (en) 2006-12-22 2007-02-07 Isis Innovation Improvements in communications security
DE102007050480B4 (de) 2007-10-19 2019-03-21 Bundesdruckerei Gmbh ID-Dokument mit einer Anzeigevorrichtung, System mit einem ID-Dokument und Verfahren zum Lesen eines ID-Dokuments
DE102007000589B9 (de) 2007-10-29 2010-01-28 Bundesdruckerei Gmbh Verfahren zum Schutz einer Chipkarte gegen unberechtigte Benutzung, Chipkarte und Chipkarten-Terminal

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO2011035899A1 *

Also Published As

Publication number Publication date
WO2011035899A1 (fr) 2011-03-31
US20120189125A1 (en) 2012-07-26
DE102009042284A1 (de) 2011-03-31
US8953804B2 (en) 2015-02-10

Similar Documents

Publication Publication Date Title
DE102009024604B4 (de) Erzeugung eines Session-Schlüssels zur Authentisierung und sicheren Datenübertragung
DE102007000589B9 (de) Verfahren zum Schutz einer Chipkarte gegen unberechtigte Benutzung, Chipkarte und Chipkarten-Terminal
EP3443705B1 (fr) Procédé et dispositif d'établissement d'une communication sécurisée entre un premier dispositif de réseau (initiateur) et un deuxième dispositif de réseau (répondant)
DE102013206185A1 (de) Verfahren zur Erkennung einer Manipulation eines Sensors und/oder von Sensordaten des Sensors
EP1290905B1 (fr) Procede d'identification controlable par cryptographie d'une unite physique dans un reseau de telecommunication ouvert sans fil
WO2013026875A1 (fr) Procédé pour authentifier un terminal de communication comprenant un module d'identité au niveau d'un dispositif serveur d'un réseau de télécommunication, utilisation d'un module d'identité,module d'identité et programme informatique
EP2656535B1 (fr) Procédé cryptographique
DE19716111A1 (de) Verfahren zur gegenseitigen Authentifizierung zweier Einheiten
EP3206154B1 (fr) Procede et dispositifs destines a la transmission fiable de donnees utiles
EP2481183A1 (fr) Procédé pour établir un canal de communication sécurisé
DE10244610A1 (de) Verfahren sowie Kommunikationsendgerät zum gesicherten Aufbau einer Kommunikationsverbindung
DE3922642C2 (fr)
DE102005014194B4 (de) Lesegerät mit integrierter Kryptographieeinheit
EP3882796A1 (fr) Authentification de l'utilisateur à l'aide de deux éléments de sécurité indépendants
EP3367285B1 (fr) Terminal, id-token, programme informatique et procédés correspondantes d'authentification d'une autorisation d'accès
EP2383672B1 (fr) Generateur de mot de passe a utilisation unique
EP2661022A2 (fr) Procédé de communication sécurisée entre un terminal mobile et un appareil d'un système domotique ou une communication de porte
EP2880810B1 (fr) Authentication d'un document à un dispositif de lecture
DE102014212219A1 (de) Verfahren zur Authentifizierung und Anbindung eines Geräts an ein Netzwerk sowie hierzu eingerichteter Teilnehmer des Netzwerks
DE102011015967B4 (de) Verfahren zur Entschlüsselung von digitalen Daten
WO2016188636A1 (fr) Authentification d'application
DE102013007202A1 (de) Verfahren zum Aufbauen einer Schlüsselinfrastruktur
DE102015102186A1 (de) Verfahren zur Registrierung eines Endgeräts zur Kommunikation mit einem Server
WO2005060148A1 (fr) Procede et dispositif pour generer un code secret
DE102014208977A1 (de) Verfahren zur Authentifizierung eines Geräts in einem lokalen Netzwerk sowie Nutzerendgerät und Gateway zum Einsatz in einem solchen Verfahren

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20120423

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: GIESECKE+DEVRIENT MOBILE SECURITY GMBH

17Q First examination report despatched

Effective date: 20180129

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20180809