WO2014037075A1 - Procédé d'authentification d'un support de données portable - Google Patents
Procédé d'authentification d'un support de données portable Download PDFInfo
- Publication number
- WO2014037075A1 WO2014037075A1 PCT/EP2013/002319 EP2013002319W WO2014037075A1 WO 2014037075 A1 WO2014037075 A1 WO 2014037075A1 EP 2013002319 W EP2013002319 W EP 2013002319W WO 2014037075 A1 WO2014037075 A1 WO 2014037075A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- key
- secret
- data carrier
- public
- ski
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/047—Key management, e.g. using generic bootstrapping architecture [GBA] without using a trusted network node as an anchor
- H04W12/0471—Key exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
- H04W12/108—Source integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- the public session key PKT of the terminal device is determined by means of exponentiation of the derivative base gl provided by the data carrier with the secret session key SKT of the terrestrial device.
- FIG. 2 shows preparatory steps. These can be carried out, for example, during the production of the data carrier 10, for example in a personalization phase.
- a secret group key SKO and a public group key PKO are formed as part of a public key infrastructure (PKI).
- PKI public key infrastructure
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
La présente invention concerne un procédé pour authentifier un support de données portable vis-à-vis d'un dispositif terminal, au moyen d'une clé publique et d'une clé confidentielle du support de données, ainsi que d'une clé de session publique et d'une clé de session confidentielle du dispositif terminal. Le support de données utilise comme clé publique une clé de groupe publique et comme clé confidentielle une clé qui est dérivée d'une clé de groupe confidentielle associée à la clé de groupe publique sur la base d'un paramètre de dérivation. Au moyen de la clé de groupe confidentielle, le support de données portable génère une signature numérique d'un élément de données nécessaire à l'authentification, élément dans lequel est intégré le paramètre de dérivation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP13747354.2A EP2893667A1 (fr) | 2012-09-10 | 2013-08-01 | Procédé d'authentification d'un support de données portable |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102012017835.2 | 2012-09-10 | ||
DE102012017835.2A DE102012017835A1 (de) | 2012-09-10 | 2012-09-10 | Verfahren zur Authentisierung eines portablen Datenträgers |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014037075A1 true WO2014037075A1 (fr) | 2014-03-13 |
Family
ID=48949117
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2013/002319 WO2014037075A1 (fr) | 2012-09-10 | 2013-08-01 | Procédé d'authentification d'un support de données portable |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2893667A1 (fr) |
DE (1) | DE102012017835A1 (fr) |
WO (1) | WO2014037075A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102014019067A1 (de) * | 2014-12-18 | 2016-06-23 | Giesecke & Devrient Gmbh | Verfahren zum pseudonymen Vereinbaren eines Schlüssels zwischen einem portablen Datenträger und einem Terminal |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012031681A2 (fr) | 2010-08-23 | 2012-03-15 | Giesecke & Devrient Gmbh | Procédé pour authentifier un support de données portatif |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6038322A (en) * | 1998-10-20 | 2000-03-14 | Cisco Technology, Inc. | Group key distribution |
DE10141396A1 (de) * | 2001-08-23 | 2003-03-13 | Deutsche Telekom Ag | Verfahren zur Erzeugung eines asymmetrischen kryptografischen Gruppenschlüssels |
DE102008055076A1 (de) * | 2008-12-22 | 2010-07-01 | Robert Bosch Gmbh | Vorrichtung und Verfahren zum Schutz von Daten, Computerprogramm, Computerprogrammprodukt |
DE102010055699A1 (de) * | 2010-12-22 | 2012-06-28 | Giesecke & Devrient Gmbh | Kryptographisches Verfahren |
-
2012
- 2012-09-10 DE DE102012017835.2A patent/DE102012017835A1/de not_active Withdrawn
-
2013
- 2013-08-01 WO PCT/EP2013/002319 patent/WO2014037075A1/fr active Application Filing
- 2013-08-01 EP EP13747354.2A patent/EP2893667A1/fr not_active Withdrawn
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012031681A2 (fr) | 2010-08-23 | 2012-03-15 | Giesecke & Devrient Gmbh | Procédé pour authentifier un support de données portatif |
Non-Patent Citations (1)
Title |
---|
A. MENEZES; P. VAN OORSCHOT; S. VANSTONE: "Hand- book of Applied Cryptography", 1997 |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102014019067A1 (de) * | 2014-12-18 | 2016-06-23 | Giesecke & Devrient Gmbh | Verfahren zum pseudonymen Vereinbaren eines Schlüssels zwischen einem portablen Datenträger und einem Terminal |
US10630475B2 (en) | 2014-12-18 | 2020-04-21 | Giesecke+Devrient Mobile Security Gmbh | Method for a pseudonymous key-agreement between a portable data carrier and a terminal |
Also Published As
Publication number | Publication date |
---|---|
EP2893667A1 (fr) | 2015-07-15 |
DE102012017835A1 (de) | 2014-03-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE102012202420B4 (de) | Systeme und verfahren für die vorrichtungs- und datenauthentifizierung | |
EP2656535B1 (fr) | Procédé cryptographique | |
DE102013109513B4 (de) | Verfahren und Vorrichtung zur Zertifikatverifizierung mit Privatsphärenschutz | |
DE102012206341A1 (de) | Gemeinsame Verschlüsselung von Daten | |
DE112011100182T5 (de) | Transaktionsprüfung für Datensicherheitsvorrichtungen | |
EP2609711B1 (fr) | Procédé pour authentifier un support de données portatif | |
DE102010002241A1 (de) | Vorrichtung und Verfahren zur effizienten einseitigen Authentifizierung | |
EP1368929B1 (fr) | Procédé d'authentification | |
CH711133B1 (de) | Protokoll zur Signaturerzeugung | |
DE19829643A1 (de) | Verfahren und Vorrichtung zur Block-Verifikation mehrerer digitaler Signaturen und Speichermedium, auf dem das Verfahren gespeichert ist | |
DE102016205198A1 (de) | Nachweisen einer Authentizität eines Gerätes mithilfe eines Berechtigungsnachweises | |
EP2684312B1 (fr) | Procédé d'authentification, document à puce rfid, lecteur de puces rfid et produits programmes d'ordinateur | |
EP3465513B1 (fr) | Authentification d'utilisateur au moyen d'un jeton d'identification | |
EP2545486B1 (fr) | Procédé d'authentification d'un support de données portable | |
EP2893668B1 (fr) | Procede de creation d'une instance derivee d'un support de donnees d'origine | |
EP2730050B1 (fr) | Procédé de création et de vérification d'une signature électronique par pseudonyme | |
EP2893667A1 (fr) | Procédé d'authentification d'un support de données portable | |
EP3901714B1 (fr) | Procédé de vérification de l'authenticité de modules électroniques d'un appareil de terrain modulaire de la technique d'automatisation | |
EP2399218A1 (fr) | Procédé pour générer un identifiant | |
EP3271855B1 (fr) | Procédé de génération d'un certificat pour un jeton de sécurité | |
EP2677681A1 (fr) | Procédé de communication sécurisée et authentifiée au moins d'un côté entre deux partenaires de communication | |
EP3235164B1 (fr) | Procédé pour convenir de manière pseudonyme d'une clé entre un support d'informations portable et un terminal | |
DE102015208178A1 (de) | Bereitstellen von langfristig gültigen Sicherheitsinformationen | |
EP2823598B1 (fr) | Procédé d'établissement d'une instance dérivée |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13747354 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2013747354 Country of ref document: EP |