WO2000056006A1 - Secure method for loading data between security modules - Google Patents
Secure method for loading data between security modules Download PDFInfo
- Publication number
- WO2000056006A1 WO2000056006A1 PCT/FR2000/000680 FR0000680W WO0056006A1 WO 2000056006 A1 WO2000056006 A1 WO 2000056006A1 FR 0000680 W FR0000680 W FR 0000680W WO 0056006 A1 WO0056006 A1 WO 0056006A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- module
- data
- sam
- memory
- rand
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Definitions
- the present invention relates to a method for securely loading secret data from a first security module to at least one second security module, said first module comprising at least one secret data file, said second module comprising a first non-memory volatile and a second volatile memory.
- the invention finds an application, particularly advantageous in the field of telephony.
- terminal administration systems which comprise a first security module embedded in an administration server and second security modules generally embedded in the aforementioned terminals.
- the terminals are called payphones.
- a second security module guarantees the validity of a user card inserted in a payphone, in particular through authentication of said card.
- said second security module includes in its first memory secret data making it possible to guarantee said validity of the user cards.
- the public phone administration systems as well as the secret data are managed by telephone operators. In order to reduce the risk of fraud consisting in spying on a communication network connecting the server and the payphones and thus in discovering said secret data, operators are required to regularly modify all or part of the secret data of a second security module of a payphone, from secret data contained in a file of the first security module.
- a method known in the art comprises the steps according to which: the secret data of the first security module which must be transmitted to the second security module and which are located in the administration server are encrypted,
- the public phone connects to the administration server when no conversation is in progress
- the secret data are transmitted to the second security module located in the public phone.
- pseudo-random data based on a value of a counter contained in the second security module is used.
- the value of the counter is incremented, the first security module must know the value of said counter and increment a local counter dedicated to said second module.
- a technical problem to be solved by the object of the present invention is to propose a method for secure loading of secret data from a first security module to at least a second security module, said first module comprising at least a secret data file, said second module comprising a first non-volatile memory and a second volatile memory, which would guarantee a perfectly diversified data exchange between a first and a second security module, in "off-line" mode, while avoiding too heavy management of databases.
- a solution to the technical problem posed is characterized, according to the invention, in that said loading method comprises the steps according to which:
- a secret datum of the file of said first module is encrypted, from the random data and an encryption algorithm, said encrypted secret datum is sent to the second module,
- the information is transferred, comprising the random data from the first memory of the second module, from the said first memory to the second memory of the said module, - the encrypted secret secret data is decrypted, using a decryption algorithm and the random data , and, in the second module, said secret data decrypted is recorded.
- the loading method of the invention makes it possible, by using random data for loading secret data, to improve the security of loading data by perfectly diversifying the transmitted data. .
- a fraudster who spies on a communication network and recovers the transmitted data never obtains the same encryption value and therefore cannot discover a secret relating to the secret data transmitted.
- the fact of recording the random data in a non-volatile memory of the second security module makes it possible to use it in "off-line" mode, since said random data is not lost when said second security module is turned off.
- FIG. 1 is a diagram showing a first security module and several second security modules.
- FIG. 2 is a diagram showing the first module and a second module in FIG. 1.
- FIG. 3 is a diagram showing an exchange of data between the first module and the second module of FIG. 2.
- FIG. 4 a diagram showing a second exchange of data between the first module and the second module of FIG. 2.
- FIG. 5 a diagram showing a third exchange of data between the first module and the second module of FIG. 2.
- FIG. 1 shows a first security module S and several second security SAM modules, each second SAM module comprising a first non-volatile memory M 1 and a second volatile memory M2 called working memory.
- Figure 2 shows the first S module and a second SAM module.
- the first module S comprises at least one file EF1 of secret data DATA and an encryption algorithm ALGO.
- a secret data file is generally associated with a given telephone operator.
- the second SAM module includes an ALGOP algorithm for reverse decryption of the ALGO encryption algorithm and secret DATA.
- the loading phase includes several steps described below.
- At least one random data item RAND is generated in the volatile memory M2 of the second SAM module.
- information INFO is recorded comprising said random data
- a memory location in said non-volatile memory M1 is reserved for this purpose and is initialized by default to an initialization value V.
- the information INFO comprising said random data RAND, includes an index relating to a secret data DATA.
- the index being for example a secret data number to be modified or a memory location index in which a secret data must be loaded in the second SAM module.
- the first random data RAND is sent to the first module S. Note that the second and third steps can be swapped.
- the generation and sending of the random RAND data as well as the recording of the INFO information in the second SAM module are done by means of a first ASKLOADING command.
- This first command is sent by the administration server to the second SAM module via the public phone (not shown).
- the secret data DATA of the file EF1 is encrypted which must be transmitted in the second module SAM.
- Encryption includes an encryption step using the ALGO encryption algorithm and random RAND data.
- the use of the random data RAND avoids having the same encryption value for a secret data DATA. Thus, a fraudster can hardly make a link between the different data transmitted over the communication network, these being different on each transmission.
- the encryption can also comprise, on the one hand, a step of signing the secret data DATA based on the random data RAND, and, on the other hand, a step of certifying the transmitted data. The signature verifies the authenticity of the secret DATA loaded and the certificate verifies the integrity of the transmitted data.
- said encrypted secret data DATAC is sent to the second SAM module.
- the information INFO is transferred, comprising the random data RAND from the non-volatile memory M1 of the second SAM module, from said memory Ml to the working memory M2 of said SAM module.
- the random data RAND which was used to encrypt the secret data DATA, as well as the associated information, is recovered in the working memory M2.
- the duplication of the RAND random data and associated information in two different memories of the second SAM module can generate inconsistencies in said module and security problems. Also, only one set of INFO information is kept in the second SAM module.
- the information INFO located in the second memory M2 of said second SAM module is deleted.
- said information INFO is deleted in said first memory M 1.
- said encrypted secret data DATAC is decrypted, from the algorithm ALGOP for decrypting the second SAM module and the random data RAND, and, said secret decrypted DATA is recorded in the second SAM module.
- the transfer of information INFO, the decryption of the secret data DATA in the second SAM module and the recording are done by means of a second command ADMINRECOVER.
- This second command is sent by the administration server to the second SAM module via the public phone (not shown).
- the memory location, in the non-volatile memory Ml, where the information INFO including the random data RAND is located is reset to the initialization value V. If an incident has occurred, other random RAND data is generated and the various steps of the method described above are carried out again.
- the second ADMINRECOVER command When the second ADMINRECOVER command is sent, it is checked that a random RAND datum has been generated and recorded. Thus, it is verified that the memory location of the first non-volatile memory Ml of the second SAM module, reserved for the random data RAND, does not include the initialization value V. If this is the case, the second command ADMINRECOVER is executed . Otherwise, it is not executed and the first step of the process is carried out.
- a second SAM module manages different types of user card and consequently comprises several secret data DATA associated with each type of user card, a type of card commonly corresponding to a given operator, supplier of said cards. It is usual to want to modify all of the secret DATA associated with a type of card.
- the first steps of the method of the invention are carried out as described above, but by applying them to all of the secret data DATA to be modified.
- several random data RAND are successively generated in the second memory M2 of the second SAM module and the information INFO comprising the random data generated RAND is recorded in the first memory M1 of the second SAM module, following each generation of random data RAND. As shown in the example of FIG.
- three random data RAND1, RAND2 and RAND3 are generated in the second module SAM and they are recorded in the non-volatile memory M1 of said module. Thereafter, the three random data generated are sent to the first module S of the administration server.
- the invention is in no way limited to the field of telephony, it can extend to other fields in which a data exchange system is implemented between a centralized module having secret data and off-site modules capable of receiving said secret data.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP00910997A EP1159798A1 (en) | 1999-03-17 | 2000-03-17 | Secure method for loading data between security modules |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR9903329A FR2791202B1 (en) | 1999-03-17 | 1999-03-17 | METHOD FOR THE SECURE LOADING OF DATA BETWEEN SECURITY MODULES |
FR99/03329 | 1999-03-17 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2000056006A1 true WO2000056006A1 (en) | 2000-09-21 |
Family
ID=9543323
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR2000/000680 WO2000056006A1 (en) | 1999-03-17 | 2000-03-17 | Secure method for loading data between security modules |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1159798A1 (en) |
CN (1) | CN1353897A (en) |
FR (1) | FR2791202B1 (en) |
WO (1) | WO2000056006A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4379031B2 (en) * | 2003-07-17 | 2009-12-09 | 日本ビクター株式会社 | Information transmission method and information transmitting apparatus and information receiving apparatus used therefor |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4731840A (en) * | 1985-05-06 | 1988-03-15 | The United States Of America As Represented By The United States Department Of Energy | Method for encryption and transmission of digital keying data |
FR2681165A1 (en) * | 1991-09-05 | 1993-03-12 | Gemplus Card Int | Process for transmitting confidential information between two chip cards |
US5517567A (en) * | 1994-08-23 | 1996-05-14 | Daq Electronics Inc. | Key distribution system |
-
1999
- 1999-03-17 FR FR9903329A patent/FR2791202B1/en not_active Expired - Fee Related
-
2000
- 2000-03-17 EP EP00910997A patent/EP1159798A1/en not_active Withdrawn
- 2000-03-17 WO PCT/FR2000/000680 patent/WO2000056006A1/en not_active Application Discontinuation
- 2000-03-17 CN CN 00806630 patent/CN1353897A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4731840A (en) * | 1985-05-06 | 1988-03-15 | The United States Of America As Represented By The United States Department Of Energy | Method for encryption and transmission of digital keying data |
FR2681165A1 (en) * | 1991-09-05 | 1993-03-12 | Gemplus Card Int | Process for transmitting confidential information between two chip cards |
US5517567A (en) * | 1994-08-23 | 1996-05-14 | Daq Electronics Inc. | Key distribution system |
Also Published As
Publication number | Publication date |
---|---|
CN1353897A (en) | 2002-06-12 |
EP1159798A1 (en) | 2001-12-05 |
FR2791202B1 (en) | 2001-04-27 |
FR2791202A1 (en) | 2000-09-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1805965B1 (en) | Method and system for communication between a secure information storage device and at least one third party, and corresponding entity, device and third party | |
EP1442557A2 (en) | System and method for creating a secure network using identity credentials of batches of devices | |
FR2689264A1 (en) | Authentication method performed between an integrated circuit card and a terminal unit and system provided for this purpose. | |
EP1402746A2 (en) | Method for remote loading of an encryption key in a telecommunication network station | |
FR2549989A1 (en) | AUTHENTICATION SYSTEM BETWEEN A CARD READER AND A PAYMENT CARD EXCHANGING INFORMATION | |
FR2922701A1 (en) | SECURE CUSTOMIZATION METHOD OF AN NFC CHIPSET | |
FR3006082A1 (en) | METHOD FOR IMPLEMENTING A RIGHT TO CONTENT | |
EP3221815A1 (en) | Method for securing a payment token | |
CA2258221A1 (en) | Process to transfer information between a subscriber identity module and a mobile radiocommunication terminal, plus the corresponding subscriber identity module and mobile terminal | |
FR2930391A1 (en) | AUTHENTICATION TERMINAL OF A USER. | |
CN110443047A (en) | Data exchange group system and method | |
CN109410049A (en) | Block chain bookkeeping methods, device, computer equipment and storage medium | |
WO2006035159A1 (en) | Public key cryptographic method and system, certification server and memories adapted for said system | |
FR2697929A1 (en) | Security protocol for information exchange with portable object - using exchange and updating of signatures, achieved through algorithm, certificate and random number | |
EP3991381A1 (en) | Method and system for generating encryption keys for transaction or connection data | |
EP1413088B2 (en) | Method of creating a virtual private network using a public network | |
WO2007006771A1 (en) | Transaction authorization method and device | |
WO2000042731A1 (en) | Method for secure data loading between two security modules | |
WO2000056006A1 (en) | Secure method for loading data between security modules | |
FR2965431A1 (en) | SYSTEM FOR EXCHANGING DATA BETWEEN AT LEAST ONE TRANSMITTER AND ONE RECEIVER | |
EP3095223B1 (en) | Method of transmitting encrypted data, method of reception, devices and computer programs corresponding thereto | |
EP4012972A1 (en) | Method for selective disclosure of data via a blockchain | |
CN111049808A (en) | Real-name authentication method and device | |
EP3743871A1 (en) | Secure system for transactions between terminals | |
EP3842970B1 (en) | Method for checking the password of a dongle, associated computer program, dongle and user terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 00806630.2 Country of ref document: CN |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN MX US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2000910997 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2000910997 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09936685 Country of ref document: US |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2000910997 Country of ref document: EP |