FR3106910B1 - Circuit intégré configuré pour réaliser des opérations de chiffrement symétrique sans transmission de clé secrète - Google Patents
Circuit intégré configuré pour réaliser des opérations de chiffrement symétrique sans transmission de clé secrète Download PDFInfo
- Publication number
- FR3106910B1 FR3106910B1 FR2000996A FR2000996A FR3106910B1 FR 3106910 B1 FR3106910 B1 FR 3106910B1 FR 2000996 A FR2000996 A FR 2000996A FR 2000996 A FR2000996 A FR 2000996A FR 3106910 B1 FR3106910 B1 FR 3106910B1
- Authority
- FR
- France
- Prior art keywords
- secret key
- key
- tag
- signature
- gen2
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000005540 biological transmission Effects 0.000 title 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0637—Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mathematical Physics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
- Semiconductor Integrated Circuits (AREA)
Abstract
L’invention concerne un circuit intégré comprenant un environnement matériel sécurisé (EMS) comprenant : - une première entrée pour recevoir un numéro de clé (IV),- un dispositif de génération de clé (SK_GEN2) pour générer une clé secrète (SK) à partir du numéro de clé (IV) et d’une clé unique (HUK),- un dispositif (TAG_GEN2) de génération de signature associée au numéro de clé (IV), - une deuxième entrée pour recevoir des données binaires chiffrées (E_DAT),- un dispositif de déchiffrement (DCH) configuré pour déchiffrer lesdites données binaires chiffrées (E_DAT) en utilisant la clé secrète (SK), - une troisième entrée configurée pour recevoir une signature d’authentification (EXP_TAG), - un dispositif d’authentification (AUT) configuré pour autoriser l’utilisation de la clé secrète (SK) pour déchiffrer lesdites données binaires chiffrées (E_DAT) si la signature (TAG) générée par le dispositif (TAG_GEN2) de génération de signature est identique à la signature d’authentification (EXP_TAG). Figure pour l’abrégé : Figure 4
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR2000996A FR3106910B1 (fr) | 2020-01-31 | 2020-01-31 | Circuit intégré configuré pour réaliser des opérations de chiffrement symétrique sans transmission de clé secrète |
US17/161,194 US11610025B2 (en) | 2020-01-31 | 2021-01-28 | Integrated circuit configured to carry out symmetric encryption operations without secret key transmission |
CN202110123217.1A CN113204799A (zh) | 2020-01-31 | 2021-01-29 | 配置为没有秘密密钥传输而执行对称加密操作的集成电路 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR2000996A FR3106910B1 (fr) | 2020-01-31 | 2020-01-31 | Circuit intégré configuré pour réaliser des opérations de chiffrement symétrique sans transmission de clé secrète |
FR2000996 | 2020-01-31 |
Publications (2)
Publication Number | Publication Date |
---|---|
FR3106910A1 FR3106910A1 (fr) | 2021-08-06 |
FR3106910B1 true FR3106910B1 (fr) | 2022-02-18 |
Family
ID=70738680
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
FR2000996A Active FR3106910B1 (fr) | 2020-01-31 | 2020-01-31 | Circuit intégré configuré pour réaliser des opérations de chiffrement symétrique sans transmission de clé secrète |
Country Status (3)
Country | Link |
---|---|
US (1) | US11610025B2 (fr) |
CN (1) | CN113204799A (fr) |
FR (1) | FR3106910B1 (fr) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11899829B2 (en) | 2020-12-01 | 2024-02-13 | Micron Technology, Inc. | Memory systems and devices including examples of generating access codes for memory regions using authentication logic |
US11537298B2 (en) * | 2020-12-01 | 2022-12-27 | Micron Technology, Inc. | Memory systems and devices including examples of accessing memory and generating access codes using an authenticated stream cipher |
Family Cites Families (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1569460B1 (fr) | 2002-11-25 | 2013-05-15 | Panasonic Corporation | Procede de compensation de mouvement, procede de codage d'image et procede de decodage d'image |
EP1832996B1 (fr) * | 2006-03-06 | 2009-02-18 | STMicroelectronics (Research & Development) Limited | Sécurité de circuit |
US8812871B2 (en) | 2010-05-27 | 2014-08-19 | Cisco Technology, Inc. | Method and apparatus for trusted execution in infrastructure as a service cloud environments |
KR102013841B1 (ko) | 2012-08-06 | 2019-08-23 | 삼성전자주식회사 | 데이터의 안전한 저장을 위한 키 관리 방법 및 그 장치 |
US9633210B2 (en) | 2013-09-13 | 2017-04-25 | Microsoft Technology Licensing, Llc | Keying infrastructure |
US9537657B1 (en) * | 2014-05-29 | 2017-01-03 | Amazon Technologies, Inc. | Multipart authenticated encryption |
US9806887B1 (en) * | 2014-09-23 | 2017-10-31 | Amazon Technologies, Inc. | Authenticating nonces prior to encrypting and decrypting cryptographic keys |
US9729319B2 (en) | 2014-12-15 | 2017-08-08 | Nxp Usa, Inc. | Key management for on-the-fly hardware decryption within integrated circuits |
US10142101B2 (en) * | 2015-09-29 | 2018-11-27 | Intel Corporation | Hardware enforced one-way cryptography |
US9735962B1 (en) | 2015-09-30 | 2017-08-15 | EMC IP Holding Company LLC | Three layer key wrapping for securing encryption keys in a data storage system |
US20170126414A1 (en) | 2015-10-28 | 2017-05-04 | Texas Instruments Incorporated | Database-less authentication with physically unclonable functions |
EP3321892A1 (fr) | 2016-11-10 | 2018-05-16 | Gemalto Sa | Clé physique de fourniture de données àun dispositif de communication lui permettant d'accéder à une ressource de véhicule |
US10474831B1 (en) | 2016-11-28 | 2019-11-12 | Amazon Technologies, Inc. | Large network attached storage encryption |
EP3720039A1 (fr) | 2019-04-05 | 2020-10-07 | Siemens Aktiengesellschaft | Procédé de configuration d'un module de sécurité au moyen d'au moins une clé dérivée |
US20210124818A1 (en) | 2019-10-23 | 2021-04-29 | Qualcomm Incorporated | Hardware-based throttling of user access |
-
2020
- 2020-01-31 FR FR2000996A patent/FR3106910B1/fr active Active
-
2021
- 2021-01-28 US US17/161,194 patent/US11610025B2/en active Active
- 2021-01-29 CN CN202110123217.1A patent/CN113204799A/zh active Pending
Also Published As
Publication number | Publication date |
---|---|
CN113204799A (zh) | 2021-08-03 |
FR3106910A1 (fr) | 2021-08-06 |
US20210240862A1 (en) | 2021-08-05 |
US11610025B2 (en) | 2023-03-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10769628B2 (en) | Transaction messaging | |
US9223994B2 (en) | Secure transaction method from a non-secure terminal | |
KR20060051957A (ko) | 암호화 데이터 배포 방법, 암호화 장치, 복호화 장치,암호화 프로그램 및 복호화 프로그램 | |
CN111464297B (zh) | 基于区块链的事务处理方法、装置、电子设备和介质 | |
CN106101150B (zh) | 加密算法的实现方法和系统 | |
WO2020155812A1 (fr) | Procédé et dispositif de stockage de données, et appareil | |
FR3106910B1 (fr) | Circuit intégré configuré pour réaliser des opérations de chiffrement symétrique sans transmission de clé secrète | |
CN108241974A (zh) | Nfc便携设备的写入、支付方法、装置以及设备 | |
CN106897631A (zh) | 数据处理方法、装置及系统 | |
TWI782502B (zh) | 資訊驗證方法、裝置及設備 | |
JP2012080152A (ja) | 暗号化システム、暗号化装置、復号装置、暗号化システムプログラム及び暗号化方法 | |
EP3657475A1 (fr) | Dispositif, procédé et programme de traitement de données | |
CN108564363A (zh) | 一种交易处理方法、服务器、客户端及系统 | |
CN105825142A (zh) | 用于对移动终端中文档加解密的方法和装置 | |
US20240048377A1 (en) | Ciphertext conversion system, conversion key generation method, and non-transitory computer readable medium | |
CN111125788B (zh) | 一种加密计算方法、计算机设备及存储介质 | |
EP4125236A1 (fr) | Protocole de vérification de code secret | |
WO2013138867A1 (fr) | Appareil nfc sécurisé et procédé correspondant | |
JP7046424B2 (ja) | ホワイトボックス暗号を利用したデータの暗号化/復号化方法及び装置 | |
Schürmann et al. | Openkeychain: an architecture for cryptography with smart cards and nfc rings on android | |
JP2014099727A (ja) | 鍵共有システム、鍵共有方法、プログラム | |
JP2018006896A (ja) | 端末登録方法、及び端末登録システム | |
JP2869165B2 (ja) | Icカードを使用した機密データ転送方法 | |
JP2009060528A (ja) | 鍵設定方法および鍵設定システム | |
US20190012469A1 (en) | Data processing method and data processing system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PLFP | Fee payment |
Year of fee payment: 2 |
|
PLSC | Publication of the preliminary search report |
Effective date: 20210806 |
|
PLFP | Fee payment |
Year of fee payment: 3 |
|
PLFP | Fee payment |
Year of fee payment: 4 |
|
PLFP | Fee payment |
Year of fee payment: 5 |