WO2017005644A1 - Method and system for controlling access to a service via a mobile media without a trusted intermediary - Google Patents

Method and system for controlling access to a service via a mobile media without a trusted intermediary Download PDF

Info

Publication number
WO2017005644A1
WO2017005644A1 PCT/EP2016/065563 EP2016065563W WO2017005644A1 WO 2017005644 A1 WO2017005644 A1 WO 2017005644A1 EP 2016065563 W EP2016065563 W EP 2016065563W WO 2017005644 A1 WO2017005644 A1 WO 2017005644A1
Authority
WO
WIPO (PCT)
Prior art keywords
media
digital
key
rights
transmission
Prior art date
Application number
PCT/EP2016/065563
Other languages
French (fr)
Inventor
Pierre TERREE
Nicolas DEMAILLY
Original Assignee
Ixxi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to FR1556335A priority Critical patent/FR3038414B1/en
Priority to FR1556335 priority
Application filed by Ixxi filed Critical Ixxi
Publication of WO2017005644A1 publication Critical patent/WO2017005644A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
    • H04W12/04Key management, e.g. by generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0823Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Abstract

The invention relates to a method and a system for controlling access rights to a service which a user U accesses by means of a mobile media (3), having application in particular in secure transactions involving electronic ticketing, electronic money or access control to a transport network, for which a user equipped with a mobile media asserts, by the intermediary of said media, a right which must be controlled. The method comprises sending, by a rights transmission system (1), of a digital access right to the service associated with the mobile media (3), the transmission to, and storage in, the media (3) of the digital right transmitted by the sending system (1), and control of the validity of the digital right stored in the media (3) by a rights acceptance terminal (2), which comprises the transmission to the acceptance terminal (2) of the digital right stored in the media (3) and a single-use transaction certificate generated by the media (3), and the control by the acceptance terminal (2), in a mode disconnected from the sending system (1), of the authenticity of the digital right and of the validity of the transaction certificate.

Description

Process and access control system to a service via a mobile media without trusted intermediary

The present invention relates to a method and a system of control of access rights to a service in which a user accesses through a mobile media without trusted intermediary. It finds particular application to a secure transaction ticketing, electronic banking, or monitoring access to a transport network for which a user equipped with a mobile media submits via this media, a right that must be controlled.

known control processes and systems operate via a terminal that is either online, that is to say connected to a remote server or offline, that is to say disconnected from any remote server.

Specifically, in the first case, the user authenticates to the terminal and it then contacts the remote server to check online if the user has access rights to the service to which it is trying to access.

To authenticate, the user can use media whose function is limited to the identification and stores no right of access to information.

In the second case, the user has a media comprising a secure memory storing access right information, which allows it both to authenticate the terminal and to assert offline its right to access.

As indicated above, in this second case, the media is provided with a secure memory storage, that is to say that its data can not be changed without having cryptographic elements. This is usually the case of microprocessor smart cards.

One of the problems by the methods and systems in which the terminal is operating in connected mode to the server, is that of the limited transaction speed.

Indeed, depending on the field of application, it may be required a significant transaction speed for checking rights. However, the quality of the terminal's network connectivity may be difficult to ensure, especially in the case where the terminal is embedded in a moving vehicle. Therefore, in the field of ticketing for transport network, it is common that the verification of network access law is made by the terminal in offline mode.

However, the methods and systems in which the terminal operates in disconnected from the server mode in particular poses the problem of using a medium provided with a secure memory. Indeed, the distribution of memory media secured by an operator of a service to users is complex and expensive, especially because of the fact that the secure memory media are closed nature with hosting data systems complex and expensive.

The following documents are also known from the prior art:

WO 2015/092261 -A1, FR 2950450-A1 and US 2003/0093695-A1.

One goal of the invention is therefore to solve the aforementioned problems. Thus, the invention includes the objective to provide a method and a fast and reliable control system access rights to a service to which a user accesses by means of a mobile media provided with a non-secure memory.

Thus, the invention provides, in a first aspect, a method for controlling access rights to a service to which a user accesses by means of a mobile medium, as defined in claim 1.

According to some embodiments, the method further comprises one or more of the features of claims 2 to 7.

The invention also relates to, according to a second aspect, a free control system for access to a service accessible to a user via a mobile media as defined in claim 8.

According to some embodiments, the system further comprises one or more of the features of claims 9 to 1 of 1.

Thus, the method and system of the invention allow the rapid control of a user's access rights to a service, since the acceptance terminal operates independently offline of the transmission system for checking access rights.

Moreover, the method and system of the invention are reliable in terms of security of transactions, without the constraints of complexity and management cost for a service provider, relating to the use of media to secure memory.

This security is provided in particular by the use of a single-use transaction certificate, and with protection against duplication and forgery of access rights.

In addition, users can for example use a media already in their possession, regardless of their registration as users of the service in question, such as a mobile phone.

In fact, a mobile phone may incorporate a chip with a secure memory such as SIM, but also includes an unsecure memory. Or the ability to store data in the unsecure memory is free, simple to implement, and without capacity constraint.

And thanks to the fact that the private media encryption key is generated by the mobile media itself, instead of being purchased from a trusted third party, the security of mobile media and access to the service s 'improved. Indeed, the risk of compromising the security of the media key is reduced.

Moreover, in this way, it dispenses with the need for a trusted third party to acquire the private media encryption key, which reduces the cost and complexity of the implementation of the control system of access rights . Furthermore, it is common in known systems, a private media encryption key acquired from a trusted third party or used for several different applications, which increases the risk of compromising security.

The features and advantages of the invention will become apparent from reading the following description given purely by way of example and not limitation, with reference to the following appended figures:

- Figure 1: schematic representation, in an example embodiment and implementation, a first portion of the system and method according to the invention;

- Figure 2: schematic representation, in an example embodiment and implementation, of a second part of the system and method according to the invention;

- Figure 3: schematic representation, in one exemplary implementation, the entire process of the invention.

The method according to the invention comprises two main steps. The first, illustrated in Figure 1 of an example of implementation relates to obtaining a right of access by a user with an issuer operator and loading it into a mobile media. The second, shown in Figure 2 of an example of implementation relates to the presentation of the media by the user terminal to an acceptor for validation of access.

Figure 1 therefore relates more particularly to the issue of access rights by the control system, specifically by 1 rights issue system.

This transmission system can be one computer server type, comprising a basic user data and rights 6 and a secure key manager 7 notably including a private key emission denoted K Em Priv.

The transmission system 1 is thus able to encrypt and decrypt information using its private key K Priv Em issue, as the principle of asymmetric encryption or public key encryption. The private key of Priv Em K emission is associated with a public key K_Pub_Em issue which will be discussed later in this description.

More generally, the transmission system 1 is adapted to securely manage asymmetrical cryptographic certificates, so the generation of keys and digital data signatures.

The basic user data and rights 6 includes user identifiers associated with human data, as well as public media PubJVIedia K corresponding to the 3 mobile media keys used by the respective users.

3 Mobile media are also able to securely manage asymmetric cryptographic certificates, so the key generation and digital signature data, using a secure key manager 5 which include a private key denoted K Media Media Priv. This private key Priv Digital Media K is generated by the secure key manager specifically 5 for the service concerned.

In this way, the private key Priv Digital Media K is from the beginning registered in the secure memory of the secure key manager 5. It is not necessary to acquire the private key Priv Digital Media K with a third of confidence, or trusted intermediary, external to the media 3, which would reduce the safety of medium 3.

The media 3 are thus able to encrypt and decrypt information using their private key Priv respective media K Media, according to the principle of asymmetric encryption or public key encryption. Digital media K Priv private keys are therefore respectively associated with public keys K PubJVIedia media which will be discussed later in this description.

Each medium 3 connected to the service concerned generates through its Secure Key Manager 5, one key K Priv Media and its audience as is the public key media PubJVIedia K for the said service.

3 These media have also an unsecure memory 4, which we shall see later that it can store a digital access to the service. These media 3 are therefore suitable for processing and storing data in a 4 untrusted storage environment.

The media have 3 communication interfaces, which can be eg visual type, radio or sound, to allow communication with the potentially remote transmission system 1 and the close communication with acceptance terminals 2 rights as shown in Figure 2 which will be described later.

In a step (E2), a digital right is transmitted by the transmission system 1 and transmitted by the latter to the media 3. This is a digital right to access a particular service associated with the media 3 in the database 6 of the transmission system 1. This digital right is thus recovered and stored in the non-secure memory 4 of medium 3.

During initialization of the service on the media 3, the latter generates a first time, in a secure way, a certificate for the service linked to the media 3, through the secure key manager 5.

A certificate is a private key Priv Digital Media K remains without ever leaving in the secure manager secure memory key 5 Media 3.

A certificate is also a public key media PubJVIedia K, which can be extracted and communicated to external entities, so that such foreign entity is able, through this public key media K PubJVIedia authenticate strong way the 3 media in question.

In order to recover the digital right by the transmission system 1, the media 3 communicates with the transmission system 1 during a step (E1) during which it authenticates with the transmission system 1 and it transmits its public key media K_Pub_Media.

The authentication method from the one issuing system is linked to the user, but not necessarily to the media 3, the important thing is that the user carrying the medium 3 to be authenticated to the emission of one strong way system . It can be for example an exchange of user name and password, to the enrichment of a network request, etc ..

Once the user is authenticated through the media 3, the latter thus transmits its public key media K PubJVIedia the transmission system 1. This media 3 is saved in the database 6 of the transmission system 1 as belonging to the previously authenticated user.

The transmission system 1 has in turn its own certificate generated by the secure key manager 7.

A certificate is a private key of Priv K Em issue remains, without ever leaving in the secure manager secure memory keys 7 of the transmission system 1. A certificate is also a public key K_Pub_Em show, which can be extracted and communicated to external entities.

As mentioned above, during step (E2), the transmission system generates and transmits to Media 3 access digital right to the service, the user previously authenticated in step (E1) and 3 media previously recorded during this step (E1) as belonging to the authenticated user.

Thus, step (E2) is subsequent to the step (E1).

A digital right thus corresponds to the service access right data, certified as related to a medium 3, thus indirectly to a user as a media 3 is linked to a user in the database 6 of the system transmission 1.

But digital rights must be certified as having been issued by the transmission system 1.

Thus, the transmission system 1 provides the three media message data forming the digital rights, including rights data associated with the media 3 via its public key K PubJVIedia media, and a digital signature of the rights data and the public key media K PubJVIedia media 3 from the private key Priv emission K Em of the transmission system 1.

This digital signature thus corresponding to encryption, the private key Priv emission K Em of the transmission system 1, the right data and the public key media K PubJVIedia Media 3.

This digital right is then stored in non-secure memory 4 of medium 3.

2 relates specifically for its control of access rights to the service with an acceptance terminal 2 rights for a media 3 carried by a user with the control to access said service.

The terminal 2 operates autonomously, in disconnected mode of the transmission system 1 shown in FIG 1.

This acceptance terminal 2 stores the public key K_Pub_Em transmission in a storage area 8 appropriate key obtained for example during the commissioning of the acceptance terminal 2 via a connection to the transmission system 1. If they have not been previously obtained, the public key K_Pub_Em issue may possibly be included in the digital right, so the acceptance Terminal 2 can use when checking the right as will be explained below. In this case, the public key of K_Pub_Em program must be certified by a third trusted authority recognized by the acceptance terminal 2. Furthermore, the acceptance device 2 may include a transaction random generator 9 which the function will be explained later, and an interpreter free 10.

Thus, when the user presents his media 3 for the digital control law previously obtained from the transmission system 1 and stored in its non-secure memory 4, as explained above, to enforce the digital right to the terminal acceptance 2, the latter need not be connected to the transmission system 1 to check the validity of digital rights presented.

To operate this validity check, the digital right stored in the media 3 is transmitted (E4) the acceptance terminal 2, which will authenticate both the media 3 and the digital right presented. After this validity check performed by the acceptance device 2, the access rights contained in the validated numerical law is interpreted by the interpreter of law 10 of the acceptance device 2.

To prevent the digital right to be cloned, it is necessary to protect the communication transaction of digital rights by the media 3 to acceptance terminal 2, against replay. To do this, the media 3 transmits the acceptance terminal 2 further digital rights, a one-time transaction certificate generated by this media 3.

This one-time transaction certificate is generated by the Secure Key Manager 5 Media 3, using a single-use random value.

If communication between the acceptance terminal 2 and the media 3 is bidirectional, the random value is generated by the transaction random generator 9 of acceptance terminal 2 and transmitted (E3) by the latter with media 3 .

If, against, communication between the acceptance terminal 2 and the media is unidirectional 3 of medium 3 to the acceptance terminal 2, this random value can be predetermined by the medium 3, for example in the form of a timestamp limited validity (eg current date and time).

The acceptance terminal 2 obtains the medium 3 in both the digital right, that is to say, the digital message previously issued and signed by the transmission system 1 and containing the public key media K PubJVIedia and the certificate transaction generated by the media 3.

This transaction certificate corresponds to a digital digital countersignature law and the value of disposable hazard by the private key Priv Digital Media K.

For the reliability of the control method, it is necessary that the acceptance terminal 2 has confidence in the transmission system 1. This is why the acceptance terminal 2 has the public key K_Pub_Em emission of the transmission system 1, as discussed above.

To check the validity of digital rights, the acceptance device 2 can therefore control two signatures: the signature associated with the right digital generated by the transmission system 1, for authentication of the right; countersigning associated with the transaction certificate generated by the media 3, for authentication of the media 3 and its user.

The two parties signed checks can be performed in any order.

Thus, the verification of the authenticity of the digital rights obtained from the media 3 is performed by the acceptance terminal 2 through the public key K_Pub_Em emission of the transmission system 1, a key to which the terminal acceptance 2 implicitly trust (see above some possibilities of obtaining the acceptance terminal 2 of this public key K_Pub_Em issue).

By decrypting the digital signature contained in the digital right, using the public key of K_Pub_Em issue, acceptance terminal 2 verifies the authenticity of digital right. It can determine that the law in question has been issued by the transmission system 1 concerned, to the 3 specific media (since the public key K PubJVIedia media is part of the data in the digital right).

If the digital right is authenticated, then the acceptance terminal 2 has confidence in the media 3.

Moreover, the control of the validity of the single use transaction certificate obtained from media 3 is produced by the acceptance terminal 2 via the public key media K PubJVIedia.

By deciphering digital countersignature corresponding to single-use transaction certificate, using the public key K PubJVIedia media, the acceptance terminal 2 verifies the authenticity of the medium 3. If the decrypted random number is valid, the terminal of acceptance 2 authenticates the media 3.

Both signing checks allow the acceptance terminal 2 firstly determine the user with its media control 3 has many authentic rights of access to the service concerned, that is to say that the right controlled is attached to the media 3 stored in the database 6 of the transmission system ,, and secondly to authenticate the media 3 and the right, that is to say, to verify that the law does has been cloned by other media. 3 illustrates synthetically the whole process decomposed above with reference to Figures 1 and 2.

The user U performs initialization (a) service concerned on his media 3, which generates public and private key pair K Priv Media Media and K PubJVIedia via its secure key manager 5.

Then, the user U, through the media 3, selects (c) a right of access he wishes to obtain from the transmission system 1.

The media 3 authenticates (d) then to the transmission system 1 and transmits (e) selecting the user U.

Once successfully authenticated, the transmission system 1 generates (f) then transmits

(G) to the media 3, the digital right which contains the signature of the rights data and the public key K PubJVIedia media via the private key Priv emission K Em.

Then, the user U has (h) the media 3 for control of the access right by the accepting terminal 2.

The media generates 3 (i) while the single use transaction certificate, so the countersignature of digital rights and the value of disposable hazard, via the private key Priv Digital Media K.

Depending on the type of communication interface used for communication between the media and the acceptance 3 Terminal 2, the digital right and the single use transaction certificate is transmitted by the media 3 to acceptance terminal 2, or directly read (j) by the acceptance device 2.

The acceptance terminal 2 proceeds (k) while the control of digital rights and the single-use transaction certificate and possibly notify (I) the result of media control 3 if the interface.

A notification may also be sent (m) by the acceptance device 2 to the user U, via a visual or audible interface for example.

The validation information is optionally subsequently lifts the transmission system 1, this time by the operation acceptance mode terminal 2 connected to the transmission system 1.

Possibly also, the generation information of a certificate, such as a transport certificate when the service in question concerns access to, and use of, transmission system, can be traced back (o) the medium 3 to the transmission system 1. In the following, two examples of application of the method and system of the invention are described.

The first example ticketing by tag radio with 3 Mobile Media NFC ( "Near Field Communication") - HCE ( "Host Card Emulation"), corresponding to a ticketing system operating in a closed system, that is, -dire wherein the transmission system 1 and the acceptance two terminals are operated by the same operator.

The transmission system 1 is for example a ticketing server 1 Online, to which service users are registered. This means users of accounts through which they can authenticate online, for example via a conventional authentication system type username / password.

Acceptance two terminals correspond for example to validators 2 equipped with a NFC type coupler and having the public key K_Pub_Em emission ticketing server 1.

The ticketing server 1 may offer the opportunity to shop the rights associated with user accounts.

The ticketing server 1 also may offer via an application store, a mobile application for the service to download on the 3 mobile media users.

When you first start, the mobile application performs the generation of the certificate of 3 mobile media on which it is run, thus generating the pair of public and private media keys K and K PubJVIedia Media Priv.

The application can also allow the user client's registration with the ticketing server 1.

This mobile application can be used as user interface for the purchase of rights to the ticketing server 1.

When authenticating the user to the ticketing server 1 via mobile, it can transmit to the ticketing server 1 Media Certificate 3 to associate the media 3 to the corresponding user account.

So that the user can enforce their rights acquired access to the service concerned, the mobile application downloads in the first unsecure memory media 3 the rights associated with this media 3 (via the public key media PubJVIedia K) and signed by the private key of Priv K Em issue of ticketing server 1, since ticketing server 1. Secondly, the user can present its Media 3 with a validator 2, to assert its rights. With a 3 mobile media NFC-HCE type with a radio antenna for communication in a proximity card emulation mode, and if the mobile application is defined as a service type HCE, then this mobile application can be selected by the validator 2 for radio communication.

The transaction is initiated by the selection of the mobile application by the validator 2 upon detection of a presence of a 3-mobile media NFC in the electromagnetic field emitted by the validator 2.

Following this selection, the validator 2 provides a value transaction hazard.

The mobile application generates the transaction certificate and transmits it with the rights to validator 2.

The validator 2 then verifies that the rights have been issued by the ticketing server 1 concerned, and that the transaction certificate is authentic, as described above.

If the hazard is valid, the validator 2 considers the certificate of the mobile application is associated with the rights provided by the user, and recognizes those rights.

The second example of application relates to the ticketing system by visual tag with a 3 mobile media.

In this embodiment, the communication between the mobile and each three media validator

2 is unidirectional, the media 3 towards each validator 2.

These validator 2 are equipped with a camera or a sensor reading of the data presented on the display media 3, this data can for example take the form of a QR code.

The steps of acquiring and loading rights are identical to those described above with respect to the first application example.

Regarding the presentation of rights in validator 2, it is unable to pass a value hazard, it is replaced by a predetermined value, such as the current time, with a limited validity for example a few seconds.

The transaction can then be triggered by a user action in the mobile application, so that the transaction certificate is generated and transaction data and digital rights are displayed on the screen 3 media.

When Media screen 3 is presented to the validator 2 is collected by the data presented and verifies their validity. The invention thus makes it possible to guarantee the authenticity and integrity of the rights data associated with the carrier (3 recorded media to the user).

The invention is easily implemented for access rights to specific validity period. During the period of validity, the law can be presented to the acceptance terminals repeatedly. For each transaction, the mobile media generates a single-use transaction certificate, but the right data remains static.

To overcome the loss or theft of a mobile media, the system may offer the possibility of revocation of a mobile media. The public keys of a mobile media are then removed parameterized opposition list on acceptance terminals.

In the case of consumables rights or count as usual, it is necessary, during the validation of transactions, updating of data in the unsecure memory of mobile media. It may be important to provide transmission system countermeasures side, with limited risk. Depending validation lift to the transmission system, a correlation can be performed by the latter. If deviations rights, mobile media can then be automatically revoked. The time interval between each consistency check determines the risk taken by the service operator.

This description is given by way of example and is not restrictive of the invention.

In particular, the invention is not limited to the control of access to a service accessible to a user via a mobile phone, but extends to the control of access to a service accessible to a user via any media Mobile may store the digital right and generate a one-time transaction certificate.

Claims

1 .- A method for controlling access rights to a service to which a user (U) accesses by means of a medium (3) mobile, said method comprising transmitting (E2), by a transmission system (1 ) free, an access right to digital service associated with a media (3) mobile, the transmission (E2) to, and storage in, media (3) of the digital rights transmitted by the transmission system (1), and the validity check of the digital right stored in the media (3) by an acceptance terminal (2) free, characterized in that the validity check of the digital right by the accepting terminal (2 ) includes the transmission (E3, E4) the acceptance terminal (2) of the digital right stored in the media (3) and a single-use transaction certificate generated by the media (3), and control by the acceptance terminal (2), in disconnected mode of the transmitting system (1), the authenticity of the digital right and validity of certific Has transaction, and in that, prior to the issue of digital rights by the transmission system (1), the media (3):
generates a media key private encryption (K Priv Media) and key public media encryption (K PubJVIedia) using a secure key manager (5) Media and
- transmits (E1) its public key media (PubJVIedia K) to the transmitting system (1).
2. A process according to claim 1, the transmission system (1) comprising transmitting private encryption key (K Priv Em), and the media (3) comprising a media public encryption key (K PubJVIedia) characterized in that the digital rights transmitted by the transmitting system (1) comprises a part of the rights data associated with the media (3) and secondly a digital signature corresponding to the encryption of rights data and media public key (K PubJVIedia) from the private key transmission (K Priv Em).
3. A process according to Claim 2, the media (3) comprising the key media private encryption (K Priv Media), characterized in that the medium (3) generates the single use transaction certificate in the form of a countersignature digital encryption corresponding to the right data and a value of disposable hazard from the media private key (K Priv Media).
4. - Method according to claim 3, characterized in that the single-use random number value is transmitted (E3) by the acceptance device (2) Media (3) during an initialization of the communication between the acceptance terminal (2) and the media (3), or is predetermined by the medium (3), for example in the form of a limited validity in time stamp.
5. - Method according to any one of claims 3 and 4, characterized in that the monitoring of the validity of the transaction certificate by the acceptance device (2) comprises decrypting the digital countersignature from the public key media (K PubJVIedia) and verification in the decrypted data to the validity of the one-time random value.
6. - Process according to any one of claims 1 to 5, the transmission system (1) comprising a public encryption key transmission (K_Pub_Em), characterized in that the public key transmission (K_Pub_Em) is precharged in acceptance terminal (2), or is included in the digital right transmitted the acceptance terminal (2).
7. - Method according to claim 6, characterized in that the verification of the authenticity of the digital right by the acceptance device (2) comprises decrypting the digital signature using the public key transmission (K_Pub_Em) and verification in the decrypted data that the digital rights has been issued by the transmission system (1) to the medium (3).
8.- System for control of access rights to a service accessible to a user (U) by means of a medium (3) mobile, said control system comprising, firstly, a transmission system (1) of free adapted to transmit an access right to the digital service associated with a medium (3) movable and transmitting the digital right to the storage medium (3), and secondly at least one acceptance terminal (2) free capable of controlling the validity of a digital right stored in a medium (3) mobile,
characterized in that the acceptance device (2) is adapted to verify the validity of a digital right stored in a medium (3) movable receiving said digital right and a single use transaction certificate generated by the media (3), and control, in offline mode of the transmission system (1) the authenticity of said digital law and the validity of the transaction certificate, and that the media (3) includes a secure manager key (5) capable of generating a media key private encryption (K Priv Media) and key public media encryption (K PubJVIedia) prior to the issue of digital rights, and that the media (3) is able to transmit its public key media (PubJVIedia K) to the transmitting system (1).
9. - Control system according to claim 8, the medium (3) including the media key public encryption (K PubJVIedia), characterized in that the transmitting system (1) comprises a private encryption key transmission ( K Priv Em) and is adapted to transmit a digital rights comprising firstly the rights data associated with the media (3) and secondly a digital signature corresponding to the encryption of the rights data and the media public key (K PubJVIedia) from the private key of issue (K_Priv_Em).
10. - Control system according to claim 9 wherein the media (3) comprising the media private encryption key (K Priv Media) and being capable of generating the single use transaction certificate in the form of a digital countersignature corresponding to encryption of rights data and a value of single-use random number from the media private key (K Priv Media), characterized in that the acceptance device (2) is adapted to control the validity of a transaction certificate generated by the media (3), decryption of digital countersignature from the media public key (K PubJVIedia) and verification in the decrypted data to the validity of the one-time random value.
January 1. - Control system according to any one of claims 8 to 10, characterized in that the transmitting system (1) includes a public encryption key transmission (K_Pub_Em), the acceptance terminal (2) is adapted receiving said public key transmission (K_Pub_Em) by preloading or by inclusion of said public key transmission (K_Pub_Em) in the digital right received by the accepting terminal (2), and in that the acceptance terminal (2) is adapted to control the authenticity of a digital right received from the medium (3) by decrypting the digital signature of the public key transmission (K_Pub_Em) and by verification in the decrypted data that the digital right has been transmitted by the transmitting system (1) to the media (3).
PCT/EP2016/065563 2015-07-03 2016-07-01 Method and system for controlling access to a service via a mobile media without a trusted intermediary WO2017005644A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
FR1556335A FR3038414B1 (en) 2015-07-03 2015-07-03 Method and access control system has a service via a mobile media.
FR1556335 2015-07-03

Publications (1)

Publication Number Publication Date
WO2017005644A1 true WO2017005644A1 (en) 2017-01-12

Family

ID=54783726

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2016/065563 WO2017005644A1 (en) 2015-07-03 2016-07-01 Method and system for controlling access to a service via a mobile media without a trusted intermediary

Country Status (2)

Country Link
FR (1) FR3038414B1 (en)
WO (1) WO2017005644A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2694745C1 (en) * 2018-09-24 2019-07-16 Некоммерческая организация "Фонд - оператор программы финансового содействия инновационным проектам Фонда "Сколково" (Фонд "ВЭБ-Инновации") Method for safe transmission and storage of information on the right to use services

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030093695A1 (en) 2001-11-13 2003-05-15 Santanu Dutta Secure handling of stored-value data objects
FR2950450A1 (en) 2009-09-18 2011-03-25 Oberthur Technologies Method for verification of the validity of an electronic ticket parking.
WO2015092261A1 (en) 2013-12-19 2015-06-25 Orange System and method for providing a service to the user of a mobile terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030093695A1 (en) 2001-11-13 2003-05-15 Santanu Dutta Secure handling of stored-value data objects
FR2950450A1 (en) 2009-09-18 2011-03-25 Oberthur Technologies Method for verification of the validity of an electronic ticket parking.
WO2015092261A1 (en) 2013-12-19 2015-06-25 Orange System and method for providing a service to the user of a mobile terminal

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"Chapter 10: Identification and Entity Authentication ED - Menezes A J; Van Oorschot P C; Vanstone S A", 1 October 1996 (1996-10-01), XP001525010, ISBN: 978-0-8493-8523-0, Retrieved from the Internet <URL:http://www.cacr.math.uwaterloo.ca/hac/> *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2694745C1 (en) * 2018-09-24 2019-07-16 Некоммерческая организация "Фонд - оператор программы финансового содействия инновационным проектам Фонда "Сколково" (Фонд "ВЭБ-Инновации") Method for safe transmission and storage of information on the right to use services

Also Published As

Publication number Publication date
FR3038414B1 (en) 2018-06-29
FR3038414A1 (en) 2017-01-06

Similar Documents

Publication Publication Date Title
AU2008203506B2 (en) Trusted authentication digital signature (TADS) system
EP2359526B1 (en) System and methods for online authentication
EP3217308B1 (en) A smart card reader with a secure logging feature
CN104662864B (en) Using a convenient user authentication method and apparatus of a mobile authentication application
JP4553565B2 (en) Of electronic value authentication method and the authentication system and the device
US7775427B2 (en) System and method for binding a smartcard and a smartcard reader
US7558965B2 (en) Entity authentication in electronic communications by providing verification status of device
US20090172402A1 (en) Multi-factor authentication and certification system for electronic transactions
US20100153273A1 (en) Systems for performing transactions at a point-of-sale terminal using mutating identifiers
CN103716167B (en) A safe collection and distribution method and apparatus for transmission key
RU2674329C2 (en) Secure remote payment transaction processing
RU158940U1 (en) Strong authentication token with visual output PKI signatures (pki)
US9832019B2 (en) Authentication in ubiquitous environment
US9124433B2 (en) Remote authentication and transaction signatures
US20130311382A1 (en) Obtaining information for a payment transaction
US7552333B2 (en) Trusted authentication digital signature (tads) system
EP2524471B1 (en) Anytime validation for verification tokens
US9083533B2 (en) System and methods for online authentication
US20130308778A1 (en) Secure registration of a mobile device for use with a session
CA2782713C (en) System and methods for identity attribute validation
US9642005B2 (en) Secure authentication of a user using a mobile device
US9467292B2 (en) Hardware-based zero-knowledge strong authentication (H0KSA)
US9734496B2 (en) Trusted remote attestation agent (TRAA)
JPWO2004066177A1 (en) Card settlement method using a portable electronic device with a fingerprint sensor
CA2838763C (en) Credential authentication methods and systems

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16736044

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16736044

Country of ref document: EP

Kind code of ref document: A1