FR2796232A1 - METHOD AND DEVICE FOR SECURING ACCESS AND TRANSFERS OF DATA IN A COMPUTER SYSTEM - Google Patents

Abstract

The invention concerns a method for making secure data access and transfers in a computer system comprising at least a host and a peripheral provided with a smart card interface enabling access to the computer system while it is in use by means of smart cards. The invention also concerns a device for implementing the method. The invention is characterised in that it consists in: storing in the smart card(s) and in the host a secret key, said secret key being identical in the host and in the authorised smart cards; and during use sessions, in creating in the smart card and in the host a local session key by identical encryption of a random number using the secret key. When data are being transferred between the peripheral and the host, the method consists in: encrypting the data to be transferred by encryption means using the local session key; decrypting the transferred data symmetrically with encryption means using the other local session key; such that the transferred data are intelligible only if the same secret key is present in the host and in the smart card. The invention is applicable to a security system for authorisation and authentication.

Description

The present invention relates first of all to a method for securing access and data transfers in a computer system. It then relates to a device adapted to implement the method.

The device, integrated into the computer system, comprises at least one host and a device with a chip card interface to allow access to the computer system during the use sessions by the computer. Card bias <B> to </ B> chip.

The invention will apply to security, authorization and authentication systems. Particularly, card authentication <B> to </ B> chip and biometric sensors is targeted. The term "smart card" is understood to mean an authorization medium comprising a code or an authentication key of the bearer. The card reader <B> to </ B> usable chip may in particular be compliant with PCMCIA standards.

The term "computer system" means any installation including in particular a server or one or more computers to which access or communication is possible. Numerous computer systems are targeted by the invention which may especially relate to systems where a secret is necessary for any access or certain access depending on the degree of security.

<I> In this area, we </ I> know <I> the document <B> W08203286 </ B> which </ I> <I> relates to a data medium which is preferably </ I> <B> under </ B> the <I> form </ I> of a personal <I> card containing </ I> <I> information about: </ I> the holder, the <I> issuing company of </ i> I> <I> the card, the account number, </ I> etc ..., <I> and intended <B> to </ B> </ I> a <I> manual use <B> to < / B> </ I> 1 -the location: <I> of use or <B> to </ B> the help </ I> <I> of a device </ I> d / input <I> in </ I> memory <I> memory output </ I> <I> included in a device of a terminal. This </ I> data carrier <I> comprises means for internal processing of the identification information </ I> <I> provided concerning: </ I> the holder during a <I> verification process </ I> and <I> generation </ I> of a <I> </ I> <I> <I> Accepted <I> </ I> Acceptance </ I> </ I> signal </ I> I> right </ I> of the holder <B> to </ B> <I> use the data carrier. In </ I> <I> these means, a verification device is provided for </ I> performing <I> this verification process </ I> and <I> comprises a </ I> <I> detector device for detect the end </ I> of a <I> finger </ I> of the holder and <I> obtain </ I> Ilinformation <I> of papillary lines. </ i>

Such techniques most often call complex device devices where all the elements are integrated in order to avoid the transfer of information between different distinct components. As a result, these devices are expensive and complex in design.

<I> on </ I> knows: <I> moreover <B> W09908238 </ B> </ I> a <I> portable personal digital assistant </ I> with a <I> screen </ I> touch <B> or </ B> d-moon other <I> interface </ I> equivalent user. <I> This PDA includes a </ I> <I> microphone and a </ I > UC <I> local to process the </ I> <I> voice commands as well as </ I> biometric <I> authentication </ I> of the user.

A biometric authorization is proposed according to such techniques but, however, it does not avoid all risks of fraud. For example, in some cases, the finger or card may be simulated or the authentication device may be substituted by another device providing equivalent signals. In this case, the analysis of the communication signals makes it possible to deduce the keys of the protocol or the messages. This allows an unauthorized third party to replay the authentication scenario to trick the system and access resources or data that should be kept secret.

The invention aims to overcome the disadvantages of current techniques. It provides total security in data transfers or access permissions to a computer system. It allows authentication through a device, the device being able to communicate with a host system without risking, during the transfer, a subtraction of the data.

One of the advantages of the invention is that secret <I> keys used for data encryption can never be used directly. In addition, these secret keys are never transferred between two components of the computer system even coded.

Thus, no fundamental information to circumvent the conditions of authorization can not be transferred in hostile environment.

In the context of the use of a biometric sensor, the invention allows a conditioned authentication <B> to </ B> the presence of the card <B> to </ B> chip that has made the last authorization access. In this way, three conditions are cumulative <B> to </ B> know the recognition of the biomechanical measurement, the recognition of the card <B> to </ B> chip in the current session and the recognition of the card <B > to </ B> chip as the last card <B> to </ B> chip used for the last authorization.

The invention thus achieves perfect security without necessarily requiring the implementation of particularly complex means.

The present invention relates to a method for securing access and data transfers in a computer system comprising at least one host and a device having a card interface <B> to </ B> chip for authorizing the access to the computer system during use sessions by means of cards to chip, characterized by the fact that stored in the card <B> to </ B> chip and in the host a secret key, said secret key being identical in haste and in the allowed <B> to </ B> chip cards <B>; </ B> and that, during use sessions, one creates in the <B> to </ B> chip card and in the host a local session key by identically encrypting the same random number using the secret key <B>; </ B> and that during data transfers between the device and haste <B>: </ B> <B> - </ B> we encrypt the data <B> to </ B> transfer by encryption means using the local session key <B> - </ B> the data transferred symmetrically by encryption means using the other local session key <B>; </ B> so that the transferred data can only be understood if the same secret key is present in the host and in the card <B> to </ B> chip.

The method may be in the embodiments set out below: <B> - </ b> - </ b> - the random number is generated within the host and transmitted in the clear <B> to < / B> the card <B> to </ B> chip.

<B> - </ B> the device is equipped with at least one biometric sensor.

During the assignment <B> - </ B> the session key in the <B> to </ B> chip is stored nonvolatile for reuse <B> at the next session as previous session key <B> - </ B> one crypt, then one memorizes in haste the authentic biometric profile <B> to </ B> to compare with the measurement of the biometric sensor, by means of the encryption means using the local session key, so that the same <B> to </ B> chip, with the previous session key, is necessary for the decryption of the authentic profile at the next session. <B> - </ B> the biometric sensor measurements are encrypted within the device before any hasty transfer, by means of encryption means using the local session key.

<B> - </ B> the authentic biometric profile is made by <B> - </ B> measurement by the biometric sensor <B> - </ B> encryption within the device <B> - </ B> transfer <B> to </ b> hastily, <b> - </ b> decrypting within haste through encryption means using the local session key <B> - </ B> processing measurement data <B>; </ B> <B> - </ B> encryption within the host through the encryption means using the local session key stored in a file in volatile memory.

The following steps are performed for authentication: <B> - Biometric Sensor <B> - </ B> Encryption Within Device <B> - </ B > transfer <B> to </ B> the haste; <B> - </ b> decrypting within haste through encryption means using the local session key <B> - </ B> processing of measurement data <B>; </ B> <B> - </ B> comparison between the processed measurement data and the memorized biometric profile.

The invention also relates to a device for securing access and data transfers in a computer system, comprising at least one haste and a device with a card interface to allow authorization. access to the computer system during the use sessions by means of cards <B> to </ B> puce, able to <B> to </ B> implement the method characterized by the fact that it comprises <B> - </ B> nonvolatile storage means for storing an identical secret key in the authorized <B> to </ B> chip cards and the host, <B> - </ B> means generating a random number during the use sessions, said random number being exploitable by the host and the card <B> to </ B> puce, <B> - </ B> identical encryption means in the smart card, the device and the host for the creation in the smart card and the host of a local session key by encrypting the number a randomly using the secret key and the encryption of any data and its decryption, during transfers between the device and the host using the local session key, so that the transferred data is intelligible only if the same secret key is present in the host and in the card <B> to </ B> chip.

The device may be in the following embodiments: <B> - </ B> - the random number generating means are integrated <B> at </ B> the host .

<B> - </ B> the host has volatile memory for temporary storage of the local session key.

<B> - </ B> The link between the host and the device is performed by a serial bus connecting a host port <B> to a device port.

<B> - </ B> the encryption means are formed by modules implementing an encryption algorithm.

<B> - </ B> the device has at least one biometric sensor.

<B> - </ B> the authentic biometric profile <B> to </ B> compare with the measurement of the biometric sensor is stored in the nonvolatile memory of the host in a file after its encryption by the encryption means.

<B> - </ B> the host comprises means for processing the measurements of the biometric sensor and means for comparing said measurements and the file. The attached drawings are given <B> to </ B> as indicative and non-limiting example. They represent an embodiment according to the invention. They will make it easy to understand.

FIG. 1 is a general view of the device according to the invention in a particular embodiment. FIG. 2 is a diagram showing steps for implementing the method of the invention.

The present invention is for computer systems that will include at least one <B> (PC) </ B> host and a <B> (1) device. </ B>

Very diverse applications such as accessing and modifying databases or banking orders are within the scope of the invention.

The host <B> (PC) </ B> can be a computer or a computer server. It will include the necessary organs to the intended application and at least a processor and a memory space. To perform access permissions, a device <B> (1) </ B> is also present. It includes an interface card <B> to </ B> chip <B> (10) </ B> for binding (read <B> - </ B> write) with one or more <B> cards to </ B> puce <B> (SC). </ B>

This configuration is illustrated in Figure <B> 1. </ B>

The card interface <B> to </ B> chip <B> (10) </ B> can be of the PCMCIA type. However, other formats are usable.

Preferably, the <B> (10) </ B> interface is built into the <B> (1) </ B> device to secure their communications. In addition, the <B> to </ B> chip <B> (SC) itself </ B> can be integrated so as <B> to build a <B> device (1) </ B> for which the <B> to </ B> chip <B> (SC) </ B> card is non-removable and, for example, factory-mounted.

According to the invention, the device comprises storage means <B> (6,7) </ B> in the host <B> (PC), </ B> and in the card <B> to </ B > chip <B> (SC). </ B> A memory of the EEPROM type can be assigned <B> to </ B> this ef <B> f </ B> and.

The storage means <B> (6, 7) </ B> allow the storage of a secret key, by nature known per se, in haste <B> (PC) </ B> and in the card < B> to </ B> bullet <B> (SC). </ B>

the secret key Ksec <B> SC is assigned to the secret key stored in the <B> chip <B> (SC) </ B> card and the Ksec <B> PC reference to </ b> / B> that stored in haste <B> (PC). </ B>

According to the invention, the secret keys Ksec <B> PC </ B> and Ksec <B> <I> SC </ I> </ B> are identical if the card <B> to </ B> chip <B > (SC) </ B> is an authorized card. As explained further, this key identity will be required to <B> to </ B> the authorization.

The device further comprises generating means <B> (11) </ B> of a random number (Rand). In the preferred case illustrated in FIG. 1, the generating means <B> (11) </ B> are integrated <B> at </ B> the host <B> (PC). / B>

A random number (Rand) will be generated <B> at </ B> each usage session where the authorization device will be called <B> to </ B> function. The random number (Rand) generated is exploited <B> by <B> (PC) </ B> at the same time and by the <B> at </ B> chip <B> ( SC) to </ B> where it can be transmitted in the clear.

To exploit the random number (Rand), encryption means <B> (DES 2,3) </ B> are present in the host <B> (PC) </ B> and the card <B> to < / B> puce <B> <I> (SC). </ I> </ B> <I> They </ I> will be constituted identically.

They provide random number (Rand) encryption using the secret key (Ksec <B> SC, Ksec <B> PC). </ B>

In this way, we obtain two keys of local session (Kses <B> SC, </ B> Kses <B> PC) </ B> which will be identical only if the secret keys (Ksec <B> SC, </ B> Ksec <B> PC) </ B> are identical.

In haste <B> (PC) </ B> a volatile memory <B> (5) </ B> such as the RAM (Random Access Memory) of a computer will store the local session key (Kses <B> PC). </ B> This storage will be temporary, to ensure greater security and avoid any recovery of the key out of the current session.

In the <B> to </ B> chip <B> (SC) card, </ B> the local session key (Kses <B> SC) </ B> can be stored in non-volatile memory <B> ( 7). </ B>

In this way, it will be possible to use it as a previous session key (BK) at the next session and use it as another access condition: </ B> </ B> B> it will then be necessary to have not only the good secret key (Ksec <B> SC) </ B> but also the good last session key (Last Kses).

The encryption means <B> (DES </ B> 2, <B> DES 3) </ B> may be of current design and particularly be in the form of modules implementing an encryption algorithm.

The device will also include encryption means <B> (DES 1). </ B>

In a preferred embodiment, the latter means of encryption <B> (DES 1) </ B> are similar to other means of encryption <B> (DES </ B> 2, <B> DES 3). </ In this way, the same coding-decoding system is used to encrypt the random number (Rand) and to encrypt the data <B> to </ B> to transfer.

Indeed, the means of encryption <B> (DES 1, DES </ B> 2) present in the device <B> (1) </ B> and haste <B> (PC) </ B> allow the encryption of any data before its transfer and its decryption after the transfer.

In the case where the card interface <B> to </ B> chip <B> (10) </ B> is external to the device <B> (1), </ B> the encryption means <B> ( DES 3) may also have this data encryption feature for transfers to <B> (1) </ B> or haste <B> (PC). </ B>

The encryption means <B> (DES 1) </ B> can be integrated directly into the biometric sensor (2). <B> - </ B> For symmetric encryption or decryption of data, this is the key local session (Kses <B> PC, </ B> Kses <B> SC) </ B> that is used. Thus, the components of the computer system can be understood only if the keys of local session (Kses <B> PC, </ B> Kses <B> SC) </ B> are identical, without any secret codes or secret keys are transferred.

No attempt to recover these keys on the transfer routes will succeed.

In one embodiment, the link between the <B> (1) </ B> device and the <B> (PC) </ B> host is provided by a serial universal bus, often referred to as USB.

The data transmission channel will be exploited in this bus. The power supply path can be also, for example for the total or partial power supply of the device <B> (1). </ B>

In a preferred embodiment, corresponding to the <B> 1 </ B> and </ B> illustration, the <B> (1) </ B> device is provided with at least a biometric sensor (2). As a non-limiting example, a fingerprint capture sensor can be used.

The measurement of the biometric sensor (2) will be compared with an authentic biometric profile previously stored in non-volatile memory <B> (6) </ B> of the host <B> (PC). </ B>

To secure the storage of the profile, it is encrypted before storage by means of encryption means <B> (DES </ B> 2) using the session key (Kses <B> PC). </ B>

The resulting file is called the profile in Figure 1. <B> 1. </ B> To perform the comparison between the authentic profile and the measurement of the biometric sensor (2), means for processing (4) the measurements and means of comparison. will be used.

For example, in the case of fingerprint measurement, the processing may consist of image processing and extraction of minutiae.

The Profile file can be a minutiae file, in this case.

Figures <B> 1 </ B> and 2 show an illustration of the fingerprint with a darker line for measurement from the sensor (2) and a lighter line for the data after minutiae extraction.

The operation of the device and the process steps are presented below in an embodiment according to the figures and particularly <B> to </ B> in FIG. 2.

When creating the Profile file, a biometric sensor (2) measurement is performed at the <B> (1) device. </ B>

Before transfer, this data is encrypted by the encryption means <B> (DES 1). </ B> Encryption is possible by generating the random number (Rand) within the haste <B> (PC) < / B> and the consequent creation of local session keys (Kses <B> <I> SC, </ I> </ B> Kses <B> PC). </ B> As previously described, the use of a <B> to </ B> chip card with the required secret key (Ksec <B> <I> SC) </ I> </ B> will condition, beforehand, the smooth running of this operation.

After encryption, the measurement data is hastily transferred <B> (PC) </ B> from the <B> (9) </ B> port of the <B> (1) </ B> device to the <B> (8) </ B> port of haste <B> (PC). </ B>

For processing, the data is first decrypted by a symmetric operation <B> to </ B> the previous by means of encryption means <B> (DES </ B> 2) with the local session key (Kses < B> PC). </ B>

If the local session keys are not identical, the decryption does not have the desired effect.

In the case illustrated in FIG. 2, the processing means (4) allow the image processing and the extraction of the minutiae.

After key encryption (Kses <B> PC), a Profile file is created with the data on non-volatile memory <B> (6). </ B>

During a session where the access must be secure, an authorization is <B> already </ B> made by the card <B> to </ B> puce <B> (SC) </ B> which must contain the correct secret code.

As explained below, the <B> to </ B> chip <B> (SC) </ B> card will also participate in <B> the authorization made by biometric authentication.

This authentication firstly comprises the measurement of the biometric data of the user. His fingerprint is captured in the illustrated case.

As for entering the authentic profile, an encryption before transfer and decryption are performed using the local session keys (Kses <B> SC, </ B> Kses <B> PC). </ B> The necessary processing of data is then realized.

In the preferred case where the authentic profile has been encrypted before storage in the <B> (PC) host, </ B> the comparison will only succeed if the authentic profile can be correctly decrypted beforehand.

To do this, the user will also have to provide the previous session key (Last Kses) by which the encryption of the authentic profile has been performed. This provision will only be possible by using the same <B> to </ B> chip <B> (SC) </ B> that served <B> to the </ B> the previous session and on which, in this embodiment, the previous session key (Last Kses) has been stored.

Of course, the Authentic Profile can also be stored unencrypted to not require this additional access requirement.

It can also be stored, not in the <B> (PC) </ B> host, but on the <B> to </ B> chip <B> (SC) </ B> card which will therefore be reused <B> to </ B> the next session. Its transfer to the <B> to </ B> chip <B> (SC) </ B> card will use the decryption encryption described above. The Profile file will be transferred to the host <B> (PC) </ B> together with the measurement data to proceed to the <B> comparison. After comparison, access to the system will be allowed or not.

The same encryption principle may be used for transfers of any data during the session. REFERENCES <B> PC </ B> Host <B> <I> SC </ I> </ B> Card <B> to </ B> Rand Chip <B> - </ B> Random Number Ksec <B> PC - </ B> secret host key Ksec <B> <I> SC </ I> - <b> secret card <B> to </ B> chip Kses <B> PC - </ b> / B> local host session key Kses <B> <I> SC </ I> - <B> <B> <B> <B> local session key <B> </ B> previous session key <B> DES 1 </ B> means encrypting the device <B> DES </ B> 2 means of encrypting the host <B> DES 3 </ B> means of encryption from the <B> to </ B> chip Profile <B> - </ B> file <B> 1. </ B> Device 2. Biometric Sensor <B> 3. </ B> Microcontroller 4. Means of processing <B> 5. </ B> Volatile Memory <B> 6. </ B> Nonvolatile Host Memory <B> 7. </ B> Nonvolatile Memory Card <B> to </ B > smart <B> 8. </ B> Host Port <B> 9. </ B> Device Port <B> 10. <B> Card Interface <B> to </ B> Bullet <B > he. </ B> Generating means.

Claims (1)

<U> CLAIMS </ U> <B> 1. </ B> A method of securing access and data transfers in a computer system comprising at least one <B> (PC) </ B> host and a <B> (1) </ B> device with a card <B> to </ B> chip interface <B> (10) </ B> to allow access to the computer system during use through cards <B> to </ B> chip <B> (SC), </ B> characterized by storing in the <B> card <B> to </ B> chip < B> (SC) </ B> and in the host (PC) a secret key (Ksec <B> SC, </ B> Ksec <B> PC), </ B> said secret key being identical in the <B> (PC) </ B> and in the <B> at <B> (SC) <B> (<B>) </ B> smart cards, and that when sessions, we create in the <B> to </ B> chip <B> (SC) </ B> card and in the host <B> (PC) </ B> a local session key ( Kses <B> PC, </ B> Kses <B> SC) </ B> by identical encryption of the same random number (Rand) using the secret key (Ksec <B> PC, </ B> Ksec < B> SC); </ B> and that during data transfers between the device <B> (1) </ B> and the host <B> (PC): </ B> <B> - </ B> the data <B> is encrypted </ B> transfer by encryption means <B> (DES 1, DES </ B> 2) using the local session key (Kses <B> PC, <Kses <B> SC) </ B > <B> - </ B> the data transferred symmetrically by the encryption means <B> (DES 1, DES </ B> 2) using the other local session key (Kses <B> < I> SC, </ I> </ B> Kses <B> PC); </ B> so that the transferred data is intelligible only if the same secret key (Ksec <B> PC, </ B> Ksec <B> SC) </ B> is present in host <B> (PC) </ B> and in the <B> card <B> (B) (SC). </ B> 2 Method according to claim 1, characterized in that the random number (Rand) is generated within the host (PC) and transmitted in clear <B> to </ B> the card <B> to </ B> chip <B> (SC). <B> 3. </ B> Method according to one of claims <B> 1 </ B> or 2, characterized by the do we have dot e the device <B> (1) </ B> of at least one biometric sensor (2). 4. Method according to claim 3, characterized in that during session <B> - </ B> the session key (Kses <B> SC) is stored in a non-volatile manner. ) </ B> in the <B> to </ B> chip <B> (SC) </ B> card for reuse <B> to </ B> the next session as the previous session key (Last Kses) <B> - </ B> one crypt, then one memorizes in the host <B> (PC) </ B> the authentic biometric profile <B> to </ B> to compare with the measurement of the biometric sensor (2) , by means of the encryption means <B> (DES </ B> 2) using the local session key (Kses <B> PC), so that the same card <B> to </ B> puce <B> (SC), </ B> with the previous session key (Last Kses), is necessary for the decryption of the authentic profile during the next session. <B> 5. </ B> Method according to one of the claims <B> 3 </ B> or 4, characterized in that one encrypts the measurements of the biometric sensor (2) within the device <B> (1) </ B> before transferring to host <B> (PC), <c> encryption means <B> (DES 1) </ B> using the local session key (Kses <B> SC). </ B> <B> 6. </ B> The method according to claim 5, characterized in that the authentic biometric profile is constituted by <B> : </ B> <B> - </ B> measurement by the biometric sensor (2) <B> - </ B> encryption within the device <B> (1) </ B> <B> - </ B> Transfer <B> to <B> Host (B) (PC), </ B> - </ B> Decrypting Within Host <B> (PC) </ B> through encryption means (DES2) using the local session key (Kses <B> PC); </ B> <-> </ B> - processing measurement data <B> - </ B> encryption within host <B> (PC) </ B> through encryption means (DES2) using the local session key (Kses <B> PC) </ B> <B> - < / B> mem Orisation in a file (Profile) in non-volatile memory. <B> 7. </ B> A method according to claims <B> 5 </ B> and <B> 6, </ B> characterized by performing the following steps for authentication <B>: </ B> <B> - </ B> measurement by the biometric sensor (2); <B> - </ B> encryption within the device <B> (1) </ B> - </ B> transfer <B> to the <B> host (PC); <B> - </ B> decrypting within host <B> (PC) </ B> through encryption means <B> (DES </ B> -2) using the local session key (Kses <B> PC); </ B> - </ B> processing of the measurement data <B> - </ B> comparison between the processed measurement data and the memorized biometric profile . <B> 8. </ B> Device for securing access and data transfers in a computer system comprising at least one <B> (PC) </ B> host and <B> device (1) < / B> with a card interface <B> to </ B> smart card <B> (10) </ B> to allow access to the computer system during use sessions by means of cards < B> to </ B> chip <B> (SC), <B> to </ B> to implement the method according to any one of claims <B> 1 to 7, </ Characterized by the fact that it comprises <B>: <B> - </ B> nonvolatile storage means <B> (6,7) </ B> for storing a secret key (Ksec <B> SC, </ B> Ksec <B> PC) </ B> identical in authorized <B> to </ B> cards <B> (SC) </ B> and the host <B> (PC), <B> - </ B> generating means <B> (11) </ B> of a random number (Rand) during usage sessions, said number random being exploitable by host <B> (PC) </ B> and the <B> card to </ B> chip <B> (SC), </ B> <B> - </ B> means of costing <B> (DES 1, </ B> 2, <B> 3) </ B> identical in the <B> card to </ B> chip <B> (SC), <B> device (1) ) And host <B> (PC) </ B> for creation in the <B> to </ B> chip <B> (SC) </ B> card and host <B > (PC) </ B> of a local session key (Kses <B> <I> SC, </ I> </ B> Kses <B> PC) </ B> by encrypting the random number (Rand ) using the secret key (Ksec <B> SC, Ksec <B> PC) </ B> and encrypting any data and decrypting it, during transfers between the device <B> (1) < / B> and host <B> (PC) </ B> using the local session key (Kses <B> <I> SC, </ I> <K> <B> PC), < / B> so that the transferred data is intelligible only if the same secret key (Ksec <B> PC, Ksec <B> SC) </ B> is present in haste <B> (PC ) </ B> and in the <B> chip <B> (SC) card. </ B> <B>. </ B> Device according to claim 8, </ B> characterized in that the generator means <B> (11) </ B> of a random number (Rand) are integrated <B> at </ B> the host <B> (PC). </ B> > <B> 10. </ B> Device according to any one of claims <B> 8 </ B> or <B> 9, </ B> characterized by the fact that the haste <B> (PC) </ B> includes a volatile memory <B> (5) </ B> allowing the temporary storage of the local session key (Kses <B> PC). </ B> <B> 11. </ B> Device according to any one of claims 8 to 10, characterized in that the connection between the haste <B> (PC) </ B> and the peripheral <B> (1) </ B> is performed by a serial bus connecting a port <B> (8) </ B> from haste <B> (PC) to </ B> a port <B> (9) </ B> of device <B> (1). </ B> 12. Device according to any one of claims <b> s to it, </ B> characterized in that the means of encryption <B> (DES </ B > <B> 1, </ B> 2, <B> 3) </ B> are formed by modules implementing an encryption algorithm. <B> 13. </ B> Device according to any one of claims <B> 8 to </ B> 12, characterized in that the device <B> (1) </ B> is equipped with minus a biometric sensor (2). 14. Device according to claim 13, characterized in that the authentic biometric profile <B> to </ B> compare with the measurement of the biometric sensor (2) is stored in the non-volatile memory < B> (6) </ B> haste <B> (PC) </ B> in a file (Profile) after its encryption by means of encryption <B> (DES </ B> 2). <B> 15. </ B> Device according to claim 14, characterized in that the host <B> (PC) </ B> comprises means for processing (4) the measurements of the biometric sensor (2) and means for comparing said measurements and the <B> f </ B> ile (Profile) <B>. </ B>