JP2016005274A - セキュアエレメントの設定方法、鍵導出プログラム、コンピュータプログラムプロダクト及び設定可能なセキュアエレメント - Google Patents
セキュアエレメントの設定方法、鍵導出プログラム、コンピュータプログラムプロダクト及び設定可能なセキュアエレメント Download PDFInfo
- Publication number
- JP2016005274A JP2016005274A JP2015115469A JP2015115469A JP2016005274A JP 2016005274 A JP2016005274 A JP 2016005274A JP 2015115469 A JP2015115469 A JP 2015115469A JP 2015115469 A JP2015115469 A JP 2015115469A JP 2016005274 A JP2016005274 A JP 2016005274A
- Authority
- JP
- Japan
- Prior art keywords
- secure element
- application
- key
- derivation program
- key derivation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
- G06Q20/3558—Preliminary personalisation for transfer to user
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/061—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Theoretical Computer Science (AREA)
- Telephone Function (AREA)
- Stored Programmes (AREA)
Abstract
Description
102 セキュアエレメント
104 メモリユニット
106 NFCコントローラ
108 NFCアンテナ
110 マイクロコントローラユニット
200 設定方法
202 アプリケーションを格納する
204 マスタ鍵を格納する
206 鍵導出プログラムを格納する
208 アプリケーション鍵を生成する
Claims (12)
- セキュアエレメントを設定する方法であって、前記方法は、
アプリケーションを前記セキュアエレメントに格納するステップ、
マスタ鍵を前記セキュアエレメントに格納するステップ、
鍵導出プログラムを前記セキュアエレメントに格納するステップ、及び
前記鍵導出プログラムによって、前記アプリケーションで使用する少なくとも1つのアプリケーション鍵を生成するステップを備え、
前記生成するステップは、前記マスタ鍵と前記セキュアエレメントの識別子とから導出するステップを備える、方法。 - 前記セキュアエレメントのマイクロコントローラユニットが前記アプリケーション、前記マスタ鍵及び前記鍵導出プログラムを格納し、前記マイクロコントローラユニットが前記アプリケーション鍵を生成するために前記鍵導出プログラムを実行する、請求項1に記載の方法。
- 前記鍵導出プログラム及び前記マスタ鍵は単一のソフトウェアパッケージに構成される、請求項1又は2に記載の方法。
- 前記セキュアエレメントの識別子は前記セキュアエレメントの一意の識別子(UID)である、請求項1乃至3のいずれか一項に記載の方法。
- 前記アプリケーションは仮想スマートカードアプリケーションである、請求項1乃至4のいずれか一項に記載の方法。
- 前記仮想スマートカードアプリケーションはMIFAREアプリケーションである、請求項5に記載の方法。
- 請求項1乃至6のいずれか一項に記載の方法で用いる鍵導出プログラム。
- 処理装置による実行時に請求項1乃至6のいずれか一項に記載の方法を実行又は制御する命令を備えるコンピュータプログラムプロダクト。
- アプリケーションと、
マスタ鍵と、
鍵導出プログラムと、
を備え、
当該セキュアエレメントは前記鍵導出プログラムを実行するように構成され、前記鍵導出プログラムはその実行時に前記アプリケーション用の少なくとも1つのアプリケーション鍵を前記マスタ鍵と当該セキュアエレメントの識別子とから導出して生成する、設定可能なセキュアエレメント。 - マイクロコントローラユニットを備え、前記マイクロコントローラユニットは、前記アプリケーション、前記マスタ鍵及び前記鍵導出プログラムを格納するように構成され、前記マイクロコントローラユニットは更に前記鍵導出プログラムを実行するように構成されている、請求項9に記載のセキュアエレメント。
- 請求項9又は10に記載のセキュアエレメントを備えるスマートカード。
- 請求項9又は10に記載のセキュアエレメントを備えるモバイル機器。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP14172145.6A EP2955872B1 (en) | 2014-06-12 | 2014-06-12 | Method for configuring a secure element, key derivation program, computer program product and configurable secure element |
EP14172145.6 | 2014-06-12 |
Publications (2)
Publication Number | Publication Date |
---|---|
JP2016005274A true JP2016005274A (ja) | 2016-01-12 |
JP5978351B2 JP5978351B2 (ja) | 2016-08-24 |
Family
ID=50942579
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2015115469A Expired - Fee Related JP5978351B2 (ja) | 2014-06-12 | 2015-06-08 | セキュアエレメントの設定方法、鍵導出プログラム、コンピュータプログラムプロダクト及び設定可能なセキュアエレメント |
Country Status (4)
Country | Link |
---|---|
US (1) | US20150365231A1 (ja) |
EP (1) | EP2955872B1 (ja) |
JP (1) | JP5978351B2 (ja) |
CN (1) | CN105279649A (ja) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
TW201633207A (zh) * | 2014-12-12 | 2016-09-16 | 納格維遜股份有限公司 | 裝置金鑰保護 |
GB201609460D0 (en) * | 2016-05-30 | 2016-07-13 | Silverleap Technology Ltd | Increased security through ephemeral keys for software virtual contactless card in a mobile phone |
US20180012037A1 (en) * | 2016-07-05 | 2018-01-11 | Nxp B.V. | Secure operation apparatuses and methods therefor |
CN107395344A (zh) * | 2017-07-18 | 2017-11-24 | 北京深思数盾科技股份有限公司 | 用户信息保护方法及装置 |
CN108696361B (zh) * | 2018-04-24 | 2022-02-22 | 北京小米移动软件有限公司 | 智能卡的配置方法、生成方法及装置 |
KR20210089486A (ko) | 2020-01-08 | 2021-07-16 | 삼성전자주식회사 | 키를 안전하게 관리하기 위한 장치 및 방법 |
US20230261881A1 (en) * | 2020-08-07 | 2023-08-17 | Nokia Solutions And Networks Oy | Secure network architecture |
FR3125902A1 (fr) * | 2021-07-30 | 2023-02-03 | Idemia France | Element securise pre-personalise et personnalisation embarquee |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000011101A (ja) * | 1998-06-19 | 2000-01-14 | Hitachi Ltd | Icカードおよび記録媒体 |
JP2007183931A (ja) * | 2005-12-07 | 2007-07-19 | Matsushita Electric Ind Co Ltd | セキュアデバイス、情報処理端末、サーバ、および認証方法 |
JP2009100394A (ja) * | 2007-10-19 | 2009-05-07 | Sony Corp | 情報処理装置および方法、記録媒体、プログラム、並びに情報処理システム |
JP2010529514A (ja) * | 2007-06-11 | 2010-08-26 | エヌエックスピー ビー ヴィ | 電子デバイスのための公開鍵生成方法及び電子デバイス |
JP2011010218A (ja) * | 2009-06-29 | 2011-01-13 | Toshiba Corp | 携帯可能電子装置、及び携帯可能電子装置の制御方法 |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1004992A3 (en) * | 1997-03-24 | 2001-12-05 | Visa International Service Association | A system and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
AU755458B2 (en) * | 1997-10-14 | 2002-12-12 | Visa International Service Association | Personalization of smart cards |
US7922080B1 (en) * | 2002-12-26 | 2011-04-12 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Automated banking machine that operates responsive to data bearing records |
EP1622098A1 (en) | 2004-07-30 | 2006-02-01 | ST Incard S.r.l. | IC card secure personalization method |
US7360253B2 (en) * | 2004-12-23 | 2008-04-15 | Microsoft Corporation | System and method to lock TPM always ‘on’ using a monitor |
US20120130838A1 (en) * | 2006-09-24 | 2012-05-24 | Rfcyber Corp. | Method and apparatus for personalizing secure elements in mobile devices |
US7908476B2 (en) * | 2007-01-10 | 2011-03-15 | International Business Machines Corporation | Virtualization of file system encryption |
GB2501847A (en) * | 2011-01-18 | 2013-11-06 | Fortress Gb Ltd | System and method for computerized negotiations based on coded integrity |
CN108846661A (zh) * | 2012-04-01 | 2018-11-20 | 深圳市可秉资产管理合伙企业(有限合伙) | 移动装置以及在两个移动装置间实现用于移动支付的方法 |
EP2696531B1 (en) * | 2012-08-08 | 2019-07-17 | Nxp B.V. | Initialization of embedded secure elements |
CN103530775B (zh) * | 2012-09-28 | 2020-11-03 | 深圳市可秉资产管理合伙企业(有限合伙) | 用于提供可控的可信服务管理平台的方法和系统 |
US8839353B2 (en) * | 2012-11-09 | 2014-09-16 | Microsoft Corporation | Attack protection for trusted platform modules |
-
2014
- 2014-06-12 EP EP14172145.6A patent/EP2955872B1/en not_active Not-in-force
-
2015
- 2015-06-03 US US14/730,178 patent/US20150365231A1/en not_active Abandoned
- 2015-06-08 JP JP2015115469A patent/JP5978351B2/ja not_active Expired - Fee Related
- 2015-06-10 CN CN201510315630.2A patent/CN105279649A/zh active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2000011101A (ja) * | 1998-06-19 | 2000-01-14 | Hitachi Ltd | Icカードおよび記録媒体 |
JP2007183931A (ja) * | 2005-12-07 | 2007-07-19 | Matsushita Electric Ind Co Ltd | セキュアデバイス、情報処理端末、サーバ、および認証方法 |
JP2010529514A (ja) * | 2007-06-11 | 2010-08-26 | エヌエックスピー ビー ヴィ | 電子デバイスのための公開鍵生成方法及び電子デバイス |
JP2009100394A (ja) * | 2007-10-19 | 2009-05-07 | Sony Corp | 情報処理装置および方法、記録媒体、プログラム、並びに情報処理システム |
JP2011010218A (ja) * | 2009-06-29 | 2011-01-13 | Toshiba Corp | 携帯可能電子装置、及び携帯可能電子装置の制御方法 |
Also Published As
Publication number | Publication date |
---|---|
EP2955872B1 (en) | 2016-10-12 |
CN105279649A (zh) | 2016-01-27 |
JP5978351B2 (ja) | 2016-08-24 |
US20150365231A1 (en) | 2015-12-17 |
EP2955872A1 (en) | 2015-12-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5978351B2 (ja) | セキュアエレメントの設定方法、鍵導出プログラム、コンピュータプログラムプロダクト及び設定可能なセキュアエレメント | |
US8807440B1 (en) | Routing secure element payment requests to an alternate application | |
CN107111500B (zh) | 应用库的无线储备 | |
JP6046248B2 (ja) | セキュアエレメント上でアプリケーションを保護し、管理するためのシステム、方法、およびコンピュータプログラム製品 | |
CN104380652B (zh) | 用于nfc使能设备的多发行商安全元件分区架构 | |
RU2639690C2 (ru) | Способ, устройство и защищенный элемент для выполнения безопасной финансовой транзакции в устройстве | |
EP2641162B1 (en) | System and method for providing secure data communication permissions to trusted applications on a portable communication device | |
EP3436937B1 (en) | Blocking and non-blocking firmware update | |
US10091652B2 (en) | Relay device | |
EP2795552A1 (en) | Multi user electronic wallet and management thereof | |
US20180336568A9 (en) | Method and device for making a payment transaction | |
US20200387888A1 (en) | Apparatus, system, and method for operating a digital transaction card | |
Alattar et al. | Host-based card emulation: Development, security, and ecosystem impact analysis | |
US11887022B2 (en) | Systems and methods for provisioning point of sale terminals | |
CN115668180A (zh) | 移动操作系统中基于应用的销售点系统 | |
US10037518B2 (en) | Interception of touch pad events for handling in a secure environment | |
CN110100410A (zh) | 密码系统管理 | |
CN102999839A (zh) | 一种基于云平台、虚拟se的电子货币安全支付系统和方法 | |
US9749303B2 (en) | Method for personalizing a secure element, method for enabling a service, secure element and computer program product | |
US20220374896A1 (en) | Identity, Payment and Access Control System | |
CN105825116B (zh) | 用于管理内容的方法和安全元件 | |
US20160119031A1 (en) | Managing contactless communications | |
EP2831802B1 (en) | Field revisions for a personal security device | |
CN105741104B (zh) | 一种脱机交易装置以及基于该脱机交易装置的方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A977 | Report on retrieval |
Free format text: JAPANESE INTERMEDIATE CODE: A971007 Effective date: 20160425 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20160510 |
|
A521 | Written amendment |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20160613 |
|
TRDD | Decision of grant or rejection written | ||
A01 | Written decision to grant a patent or to grant a registration (utility model) |
Free format text: JAPANESE INTERMEDIATE CODE: A01 Effective date: 20160628 |
|
A61 | First payment of annual fees (during grant procedure) |
Free format text: JAPANESE INTERMEDIATE CODE: A61 Effective date: 20160725 |
|
R150 | Certificate of patent or registration of utility model |
Ref document number: 5978351 Country of ref document: JP Free format text: JAPANESE INTERMEDIATE CODE: R150 |
|
R250 | Receipt of annual fees |
Free format text: JAPANESE INTERMEDIATE CODE: R250 |
|
LAPS | Cancellation because of no payment of annual fees |