WO2017157859A1 - Duplication process of operational data contained in a source secure element into one or more recipient secure elements allowing, at most, one secure element to be operational at a given time - Google Patents
Duplication process of operational data contained in a source secure element into one or more recipient secure elements allowing, at most, one secure element to be operational at a given time Download PDFInfo
- Publication number
- WO2017157859A1 WO2017157859A1 PCT/EP2017/055858 EP2017055858W WO2017157859A1 WO 2017157859 A1 WO2017157859 A1 WO 2017157859A1 EP 2017055858 W EP2017055858 W EP 2017055858W WO 2017157859 A1 WO2017157859 A1 WO 2017157859A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- message
- data
- public key
- secure element
- certificate
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 54
- 230000008569 process Effects 0.000 title claims abstract description 52
- 230000005012 migration Effects 0.000 claims abstract description 60
- 238000013508 migration Methods 0.000 claims abstract description 60
- 230000007704 transition Effects 0.000 claims abstract description 21
- 230000001360 synchronised effect Effects 0.000 claims abstract description 10
- 238000012546 transfer Methods 0.000 claims description 33
- 238000012795 verification Methods 0.000 claims description 16
- 238000013479 data entry Methods 0.000 claims description 12
- 230000008859 change Effects 0.000 claims description 9
- 239000000284 extract Substances 0.000 claims description 4
- 230000009849 deactivation Effects 0.000 claims description 3
- 230000004913 activation Effects 0.000 claims description 2
- 238000001514 detection method Methods 0.000 claims description 2
- 150000001875 compounds Chemical class 0.000 claims 1
- 238000012545 processing Methods 0.000 description 3
- 238000012550 audit Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000000295 complement effect Effects 0.000 description 1
- 230000006866 deterioration Effects 0.000 description 1
- 230000003449 preventive effect Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/108—Transfer of content, software, digital rights or licenses
- G06F21/1082—Backup or restore
Definitions
- the present invention is applicable to any type of secure element where it is desirable to duplicate its content into another secure element either for backup purposes, for example, in the event of the loss, of the theft or of the deterioration of the original secure element ; or for an immediate transfer of the content of the original secure element into another secure element, for example, in the event of a change of its physical format, where in both cases, at any time, at most one and only one secure element holding the content of the original secure element can be operational at a given time.
- secure elements are delivered pre-personalized by a supplier (or an issuer) and, in the event of loss or of theft, a new secure element will be delivered by the same supplier.
- the disadvantage is that such a replacement is not instantaneous, but allows to fulfil the required objective, i.e. to provide to the rightful owner, a new secure element with the same content as the one that was initially present. That explains why techniques of controlled duplications of data contained in secure elements have not been developed.
- a secure element allows, in particular, to obtain access tokens indicating that the owner of the access token is major, it is particularly important to prevent that another secure element containing the same operational data of the first secure element could be created and placed in an operational state and then transmitted to a person who would be minor, because in such a case this person could consequently obtain an access token indicating that she is major, whereas it is not the case.
- the objective of the process is to create one or more copies of the operational data contained in one source secure element into one or more other recipient secure elements but to have, at any given time, at most, one and only one secure element in an operational state.
- the process includes two variants which allow to perform:
- a given user shall only be able to use at any given time only one such operational secure element.
- One of the objectives is to prevent a user to duplicate the operational data contained in his operational secure element into another operational secure element and to transmit it to another user.
- the process allows to perform:
- the copy of operational data between secure elements shall be prevented if one of the secure elements has been declared as being lost or stolen.
- Each secure element shall be delivered by the manufacturer, the supplier or the customizer of the secure element with the following data:
- the public key certificate contains at least information making it possible to know, by the means of a contact to a certificate status server (Cert. status), if the public key contained in the public key certificate specific to the secure element is still valid (using white lists) or has been invalidated (using black lists). If an operational secure element has been declared as lost or stolen, the public key certificate of this secure element must be revoked by the user as soon as possible. That is applicable for source secure elements as well as for recipient secure elements which would have received a copy of the information contained in a source secure element.
- MS migration server
- the operational data does not flow through the migration servers, but is carried out directly between the secure elements with an encipherment and an integrity control of the exchanged data.
- an address (e.g. a URL) giving access to the migration server associated with the secure element may also be present in the secure element.
- the address giving access to a migration server of a secure element is optional, because it can be obtained through as means, e.g. it may be deduced from the content of the public key certificate of the secure element or be integrated as an extension in the public key certificate of the secure element.
- the process includes two phases:
- This second phase has two variants whether it is carried out:
- FIG.1 The components of architecture are specified on figure 1 (Fig.1). These components are :
- the migration server associated with the two secure elements may be the same.
- Each secure element contains at least three data originally loaded by a manufacturer or a customizer of the secure element, namely:
- an address (e.g. a URL) giving access the migration server to which this secure element is associated.
- a copy or a backup of the operational data between the secure elements shall only be possible if that the recipient secure element has the adequate properties for the implementation of this process and if does not contain any operational data at the beginning of the copy or backup process.
- the recipient secure element has adequate properties for the implementation of this process is materialized by the fact that it has an ad- hoc public key certificate delivered by a trusted certification authority, that this public key certificate is within its validity period and is valid (e.g. not revoked).
- the copy phase or the backup phase of the operational data from the source secure element (SE_A) towards a non-operational recipient secure element (SE_B) can thus only start if the secure element (SE_B) does not contain any operational data. If the recipient secure element already contains operational data or if the user did not erase it beforehand, the operational data shall be erased and/or reinitialised before the beginning of the copy or of the backup process.
- the goal is to prevent from being able to add operational data to operational data that would be already present in a recipient secure element. In this way, at the end of the copy or of the backup process, the content of the operational data in the two secure elements will be identical.
- the secure element SE_B verifies that the zone that it will use to store the data communicated by the SE_A is empty or has been re-initialised. If the zone is not empty or has not been re-initialised, an error is returned.
- the secure element SE_B also contains specific data intended to store a cryptographic checksum value computed on this zone.
- the secure element SE_B verifies that it is not in an operational state. If this is not the case, it shall be placed beforehand into a non-operational state.
- FIG. 2 illustrates the exchanges between the various components of the system.
- the dialog starts with a signed Diffie-Hellman key exchange carried out between the operational source secure element (SE_A) and the non-operational recipient secure element (SE_B).
- SE_A operational source secure element
- SE_B non-operational recipient secure element
- a signed Diffie-Hellman key exchange entails three messages:
- the number of messages can be reduced to two by combining the message 1 (M1) and the message 2 (M2).
- the message 1 (M1) can be sent at the same time as the message 2 (M2) or the message 3 (M3) combined with the message 1 (M1) can be sent before the message 2 (M2).
- the order of the messages 2 (M2) and 3 (M3) can be reversed.
- the resulting secret key "k” built using the signed Diffie-Hellmann key exchange is random number "n” elevated to the secret power "ab", the whole being reduced modulo p. A “man in the middle” is unable to compute it.
- Each server or workstation supporting a secure element obtains an address (e.g. a URL) giving access the migration server of that secure element.
- That address can be prefixed and predefined within the framework of a convention or can be deduced from the content of the public key certificate of the secure element or can be integrated as an extension in the public key certificate of the secure element or can be present in the secure element.
- a challenge is requested from each migration server by the server or by the workstation supporting the secure element.
- the server or the workstation supporting the SE_A sends a request for a challenge (Ch_A Req) to the MS_A and receives in return a challenge A (Ch_A).
- This challenge A is then relayed by the server or by the workstation supporting the SE_A to the server or the workstation supporting the SE_B.
- the server or the workstation supporting the SE_B sends a request for challenge (Ch_B Req) to the MS_B and receives in return a challenge B (Ch_B).
- This challenge B is then relayed by the server or by the workstation supporting the SE_B to the server or workstation supporting the SE_A.
- the SE_B generates a message 4 (M4) that is sent by the server or by the workstation supporting the SE_B to the server or to the workstation supporting the SE_A which is then relayed as message M4_R to the MS_A.
- M4 message 4
- This message 4 (M4) includes the following data:
- the public key certificate of the SE_B can be placed after the digital signature and this case it does not enter into the computation of the digital signature.
- the server or the workstation supporting the secure element SE_A requests a challenge to the MS_B which provides in return a challenge B which is then transmitted to the SE_A.
- the SE_A then generates a message 5 (M5) which is sent by the server or by the workstation supporting the SE_A to the server or the workstation supporting the SE_B which is then relayed as message M5_R to the MS_B.
- M5 message 5
- This message 5 (M5) includes the following data:
- the URL giving access the MS_A and/or the public key certificate of the SE_A can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
- Each message is then sent by the secure element to its migration server.
- the MS_A server verifies that it is indeed a message of type 4, that the challenge which is present is identical to the one it has just sent, that the public key certificate of the SE_A is delivered by a trusted certification authority, that this certificate has the adequate properties for the implementation of this process, that it is during its validity period and that it is valid (e.g. not revoked) using the messages 6 (M6) and 7 (M7) that are sent to a server holding certificate statuses (Cert. status).
- the MS_A server stores in a data entry the following data:
- the date of the writing or/and the date of the modification of each entry can advantageously be added in order to be able to know the date of the event.
- a data entry relative to the SE_A shall be removed by the MS_A before the end of the validity period of the public key certificate of the SE_A.
- the server MS_B verifies that it is indeed a message of type 5, that the challenge which is present is identical to the one which it has just sent, that the public key certificate of the SE_B is delivered by a trusted certification authority, that this certificate contains the adequate properties for the implementation of this process, that it is during its validity period and that it is valid (e.g. not revoked) using the messages 8 (M8) and 9 (M9) that are sent to a server holding certificate statuses (Cert. status).
- the MS_B server stores in a data entry the following data:
- the URL giving access the migration server of SE_A can also be stored.
- a data entry relative to the SE_B shall be removed before the end of the validity period of the public key certificate of the SE_B.
- the date of the writing or/and of the modification of each entry may be added in order to know the date of the event.
- the first data of a data entry already contains the public key certificate of the SE_B, a new entry shall be added afterwards. It can be observed that the same secure element can successively be carrying operational data of various secure elements. The last entry (or the more recent entry) makes it possible to identify the source secure element of the last operational data copied into a given recipient secure element. These data will be used later on to control the changes of the operational states, in order to make sure that a secure element SE_B which is a candidate to obtain an operational state is still indeed carrying the operational data which it received from the SE_A.
- the public key certificate of the SE_A makes possible for the MS_B to specify to the MS_A the source secure element which may be concerned by a deactivation operation.
- the public key allowing to authenticate the origin of the messages transmitted by the MS_A, and the address (e.g. a URL) giving access the MS_A makes possible for the MS_B to contact the MS_A and to make sure that it is indeed connected with the MS_A.
- the migration server MS_A then returns to the server or to the workstation supporting the secure element SE_A that contacted it a message 10 (M10) which contains:
- the data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a single data already present in a previous message.
- a data allowing to detect replays in message 6 can be data already present in message 4 (M4), such as the value of the digital signature computed using the private key of the SE_A.
- M6 data allowing to detect replays in message 6
- M4 data already present in message 4 (M4), such as the value of the digital signature computed using the private key of the SE_A.
- a convention shall be defined between the secure element and its migration server to determine which is the data making possible to detect replays.
- the SE_A verifies that the message that it received from the MS_A is indeed a message of type 10 and that the value making possible to detect replays has the expected value.
- the SE_A verifies the digital signature of the message using the public key of the MS_A.
- the SE_A verifies the presence of the agreement indicator for the transfer of the operational data between the secure elements.
- the migration server MS_B returns to the server or to the workstation of the secure element SE_B which contacted it a message 11 (M11) which contains:
- the data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, it can be a single data already present in a previous message. As an example, data allowing to detect replays in message 11 (M11) can be data already present in the relayed message 5 (M5_R), such as value of the digital signature computed using the private key of the SE_A.
- a convention shall be defined between the secure element and its migration server to determine which is the data making possible to detect replay.
- the SE_B verifies that that the message that it received from the MS_A is indeed a message of type 11 and that the value making possible to detect replays has the expected value.
- the SE_B verifies the digital signature of the message using the public key of the MS_B.
- the SE_B verifies the presence of the agreement indicator for the transfer of the operational data between the secure elements.
- the SE_A verifies that the message that it received is indeed a message of type 10 and that the value making possible to detect replays has the expected value.
- the SE_A verifies the digital signature of the message by means of the public key of the MS_A.
- the SE_A verifies the presence of the agreement indicator for the transfer of the operational data between the secure elements.
- Each secure element announces to the other that is ready to begin the transfer of the operational data. This transfer is carried out by means of messages exchanged directly between the two secure elements via the servers or the workstations supporting these secure elements.
- Figure 3 illustrates the exchanges carried out between the two secure elements. It is a succession of n exchanges numbered E1, E2, until E1n and E2n. Each message entails a message identifier making it possible to know that it is a message of type “transfer of operational data”.
- the operational data of the SE_A are transferred to the SE_B:
- the secret key "k” is the key which was built during the Diffie-Hellmann key exchange: it is the random number "n” elevated to the secret power "ab", the whole being reduced modulo "p”.
- the received data is deciphered by the SE_B before being stored in the SE_B.
- a cryptographic checksum is progressively computed while the data is being transferred (Fig. 3).
- the SE_B verifies that the value of the final cryptographic checksum that is sent is equal to the one that it has locally computed.
- the operational data which was present in the SE_A is now present in the SE_B.
- the SE_B uses an internal indicator to memorize the fact that it contains the full set of the operational data of another secure element.
- the SE_B is still in a non-operational state.
- the migration server to which is associated the source secure element has been able to memorize data making possible to know to which secure element(s) the operational data of this source secure element has been transferred (making the assumption that the transfer of the operational data has been successfully accomplished)
- the migration server to which is associated the recipient secure element has been able to memorize data making possible to know from which secure element(s) the operational data of this recipient secure element has been received (making the assumption that the transfer of the operational data has been successfully accomplished).
- the data that has been memorized for a source secure element is one or more data entries composed of :
- the data that has been memorized for a recipient secure element is one or more data entries composed of:
- each entry allows to know towards which recipient secure element(s) the operational data of this source SE_A has been transferred.
- each entry allows to know from which source secure element(s) the operational data has been transferred to this recipient SE_B.
- the process has two variants.
- the MS_A is directly contacted by the SE_A
- the MS_A is indirectly contacted by the SE_A via the SE_B and the MS_B.
- the recipient secure elements of the operational data will only be able to switch into an operational state after having received an approval from the migration server to which of the source secure element is associated.
- This variant is a simplified process that shall never be used if one of the two secure elements support the process of a transition into an operational state using the asynchronous mode, because the MS_B does not track the operational state changes of the recipient secure elements.
- FIG. 4 which is placed chronologically after figure 3 (Fig. 3) illustrates the exchanges between the various components of the system.
- the SE_A sends to the MS_A a message 12 (M12) which contains:
- the public key certificate of the SE_A can also be placed after the digital signature and this case it does not enter into the computation of the digital signature.
- the data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a single data already present in a previous message, as an example, the digital signature present in message 10 (M10),
- the MS_A verifies that message 12 (M12) it received is indeed a message of type 12, that is not a replay of a previous message and that is correctly signed by the SE_A.
- the MS_A anticipates this change of the operational state, because the SE_B only will become operational after the reception and the processing of the message 14 (M14).
- the MS_A sends to the SE_A a message 13 (M13) which contains:
- the data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the digital signature present in message 12 (M12).
- the SE_A then places itself into a non-operational state and authorizes the change of the operational state of the SE_B into an operational state by means of the message 14 (M14) which is composed of:
- the data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the cryptographic checksum computed over the last exchange of the operational data between the two secure elements.
- the SE_B verifies that the message it received is indeed a message of type 14 and that the value making possible to detect replays has the expected value. Using the secret key "k” or a key derived from the key "k”, the SE_B verifies that the message contains the expected cryptographic checksum. It verifies the presence of the agreement indicator for the transition into an operational state and then places itself into an operational state.
- a recipient secure element shall only be able to transit into an operational state after its MS_B has received the approval of the migration server associated with the source secure element SE_A.
- the messages are exchanged immediately after the copy of the operational data contained in the SE_A into the SE_B, without powering off the SE_A or the SE_B.
- the data making possible for the MS_B to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the digital signature contained in the message 11 (M 11) that has been sent by the MS_B to the SE_B.
- the SE_B first requests a challenge (Ch_B Req) to the MS_B and receives back a challenge called Ch_B.
- FIG. 5 which is chronologically placed after figure 3 (Fig. 3) illustrates the other exchanges between the various components of the system.
- the SE_B sends to the SE_A a message 15 (M15) which contains:
- the SE_A verifies that the message it received is indeed a message of type 15 and using the secret key "k” or a key derived from the key "k”, the SE_A verifies that the message contains the expected cryptographic checksum. It then places itself into a non-operational state.
- the SE_A sends to the SE_B a message 16 (M16) which contains:
- the SE_B verifies that the message 16 (M16) that it received is indeed a message of type 16 and that the value making possible to detect replays has the expected value. Using the secret key "k" of a key derived from the key "k”, the SE_B verifies that the message contains the expected cryptographic checksum.
- the exchanges continue to signal to the MS_A that a given SE_B wishes a transition into an operational state. Additional messages are thus needed to be exchanged to support this variant.
- the server or the workstation supporting the SE_B connects to the MS_B and requests a challenge to the MS_B (Ch_B req).
- the server or the workstation supporting the SE_B communicates this challenge B (Ch_B) to the SE_B.
- the SE_B sends to the MS_B a message 17 (M17) which contains :
- the MS_B then extracts from the message 16 (M16):
- the MS_B then verifies that that the message that it received is indeed a message of type 16 and that the value making possible to detect replays has the expected value.
- the MS_B verifies the digital signature of the message using the public key certificate of the SE_A.
- the MS_B browses through the entries that it has memorized looking for entries containing the public key certificate of the SE_B and recovers from the last entry:
- the MS_B verifies that both the public key certificate of the SE_A and the public key certificate of the SE_B are issued by a trusted certification authority, that they have the adequate properties for the implementation of this process, that they are within their validity period and that they are valid (e.g. they have not been revoked).
- the MS_B connects to the MS_A using an address (e.g. a URL) allowing to access the MS_A associated with this SE_A and requests a challenge (Ch_A Req) to the MS_A.
- an address e.g. a URL
- the MS_B sends to the MS_A a message 20 (M20) which contains:
- the public key of the MS_B can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
- the MS_A verifies that the message that it received is indeed a message of type 20 and that challenge A contained in message 20 (M20) is identical to the challenge which it had sent. If this is not the case, an error is returned.
- the MS_A verifies the digital signature of message 20 (M20) using the public key of the MS_B contained in this entry. If the verification is not conclusive, an error is returned.
- the MS_A extracts from the message 20 (M20) the public key certificate of the SE_A and makes sure that the public key certificate of the SE_A has already been memorized. If this is not the case, an error is returned.
- the MS_A verifies that the public key certificate of the SE_A is valid (e.g. it has not been revoked).
- the MS_A examines all the entries associated with the certificate of the SE_A. If anyone entry already contains an indicator specifying that a secure element moved into an operational state, an error is returned.
- the MS_A recovers the entries associated with the certificate of the SE_A, i.e. one or more entries, each entry being composed of:
- the MS_A modifies the indicator specifying the operational state of the SE_B and places it into an operational state. In practice, the MS_A anticipates this change of state, because the SE_B only will become operational after the reception and the processing by the SE_B of the message 24 (M24).
- the MS_A sends to the MS_B a message 23 (M23) which contains:
- the data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 20 (M20), or a data sent specifically to this end in an additional message.
- the MS_B verifies that the message that it received is indeed a message of type 23 and that the value making possible to detect replays has the expected value. The MS_B verifies that the digital signature is correct. The MS_B then indicates to the SE_B that it is authorized to switch into an operational state using the message 24 (M24).
- the MS_B sends to the SE_B a message 24 (M24) which contains:
- the data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 17 (M17), or a data sent specifically to this end in an additional message.
- the SE_B verifies that the message that it received is indeed a message of type 24 and that the value making possible to detect replays has the expected value and that the value of the public key certificate of the SE_B matches with its own public key certificate.
- the SE_B verifies that the digital signature of message 24 (M24) is correct. If this is not the case, an error is returned. If this is the case, the SE_B switches into an operational state.
- Figure 6 (Fig. 6) illustrates the exchanges between the various components of the system.
- the SE_B verifies itself that it is in a non-operational state and that it contains a full transfer of backed up operational data by verifying the presence of an internal indicator that memorizes the fact that it contains the full set of the operational data of another secure element. If these verifications are unsuccessful, then an error is returned by the SE_B.
- the server or the workstation supporting the SE_B connects to the MS_B and requests a challenge to the MS_B by means of a message (Ch_B Req).
- the server or the workstation supporting the SE_B communicates this challenge B to the SE_B by means of a message (Ch_B).
- the SE_B generates to the attention of the migration server MS_B a message 25 (M25) which contains:
- the public key certificate of the SE_B can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
- an error message is returned to the SE_B.
- the MS_B browses through the entries that it memorized looking for an entry containing in the first element of the entry the public key certificate of the SE_B. If such an entry is missing, an error message is returned to the SE_B.
- the MS_B recovers the last entry associated with the certificate of the SE_B which shall at least contain:
- the MS_B verifies that the public key certificate of the SE_A has been issued by a trusted certification authority, that it has the adequate properties for the implementation of this process, that it is during its validity period.
- the MS_B verifies that the public key certificate of the SE_A is no more valid (e.g. it has been revoked) and that the public key certificate of the SE_B is valid (e.g. it has not been revoked). If these verifications are not carried out successfully then an error message is returned to the MS_B and then after to the SE_B.
- the server MS_B contacts the MS_A using an address (e.g. a URL) giving access the MS_A associated with this SE_A.
- an address e.g. a URL
- the MS_B requests a challenge to the MS_A (Ch_A Req).
- the MS_A communicates this challenge A (Ch_A) to the MS_B.
- the MS_B generates for the MS_A a message 28 (M28) which contains:
- the public key of the MS_B can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
- the MS_A verifies that the message that it received is indeed a message of type 28 and that the challenge contained in the message 28 (M28) is identical to the challenge (Ch_A) which it has sent.
- the MS_A verifies the digital signature using the public key of the MS_B. If one of these verification fails, an error message is returned to the MS_B and then after to the SE_B.
- the MS_A browses through the entries which it memorized looking for an entry containing in the first element of the entry the public key certificate of the SE_A. If this entry is missing, an error message is returned to the MS_B and then after to the SE_B.
- the MS_A can authorize the transition of the SE_B into an operational state, it is necessary that no other secure element containing the data of this SE_A already switched into an operational state. To this end, the MS_A examines all the entries associated with the certificate of the SE_A. If anyone of these entries contains an indicator specifying in the third element of the entry that a recipient secure element already switched into an operational state, an error message is returned to the MS_B and then after to the SE_B.
- the MS_A looks for an entry containing in the second element of that entry the certificate of the recipient secure element SE_B as contained in the message 28 (M28). If this certificate does not appear in any entry, an error message is returned to the MS_B and then after to the SE_B.
- the MS_A modifies the indicator specifying the operational state of the SE_B and positions it to indicate an operational state. In practice, the MS_A anticipates this change of state, because the SE_B will only become operational after the reception and the processing of a further message, message 32 (M32).
- the MS_A then sends to the MS_B a message 31 (M31) composed of the following data:
- the data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 28 (M28), or a data sent specifically to this end in an additional message.
- M28 digital signature present in the message 28
- the MS_B verifies that the message that it received is indeed a message of type 31 and that the value making possible to detect replays has the expected value.
- the MS_B also verifies that the digital signature is correct using the public key of the MS_A. If one of these verifications fails, an error message is returned to the MS_A and another one to the SE_B.
- the MS_B then indicates to the SE_B that it is authorized to switch into an operational state.
- the MS_B sends to the SE_B a message 32 (M32) composed of the following data:
- the data allowing to detect replays will be unique data already present in the previous message, as an example, the digital signature present in message 25 (M25) or a data sent specifically to this end in an additional message.
- the SE_B verifies that the message that has been received is indeed a message of type 32 and that the value making possible to detect replays has the expected value and that the value of the public key certificate of the SE_B matches with its own public key certificate.
- the SE_B also verifies that the digital signature is correct using the public key of the MS_B. If this is not the case, an error is returned. If this is the case, the SE_B switches itself into an operational state.
- the audit of the operations of backup, copy and switching into an operational state is thus ensured.
- This audit may be particularly useful if one of the secure elements containing a backup copy of the operational data from the legitimate owner of a secure element switched into an operational state against the willingness of its legitimate owner (e.g. subsequent to operations performed under constraint). Afterwards, the legitimate user will be able to contact the MS_A in order to identify the SE_B that became operational and to request the invalidation of its certificate, hence making it unusable as soon as the certificate status of that certificate will be checked. This may limit damages.
- Each entry stored by a migration server associated with a source secure element shall at least contain:
- Each entry stored by a migration server associated with a recipient secure element shall at least contain:
- Figure 1 illustrates the architecture of the system and the possible dialogs between the various components of the system.
- Figure 2 illustrates the dialogs to be able to carry out the transfer of the operational data.
- FIG. 3 illustrates only the phase of the transfer of the operational data.
- Figure 4 illustrates the transition into an operational state of a SE_B containing a copy of the operational data of a SE_A, in a synchronous mode, consecutively with a dialog with the SE_A where the MS_A is directly contacted by the SE_A.
- Figure 5 illustrates the transition into an operational state of a SE_B containing a copy of the operational data of a SE_A, in a synchronous mode, consecutively with a dialog with the SE_A where the MS_A is indirectly contacted by the SE_A via the SE_B and the MS_B.
- Figure 6 illustrates the transition in an operational state of a SE_B containing a backup of the operational data of a SE_A, in an asynchronous mode, without dialog with the SE_A.
- the secure element may be implemented by means of a single electronic component, e.g. a Trusted Platform Module (TPM) or a coprocessor, or by means of several electronic components encapsulated in another component, or by means of several electronic components protected by a security enclosure, generally called a “cryptographic enclosure” or a “Hardware Security Module (HSM), one or the other of these achievements having the functionalities required by the invention.
- TPM Trusted Platform Module
- HSM Hardware Security Module
- the aforementioned “secure element” may be interfaced with its external environment, either by means of an interface with contacts, e.g. a smart card with contacts, or by means of an interface without contact, e.g. a smart card without contacts or a Near Field Contact (NFC) card.
- NFC Near Field Contact
- the servers or the workstations supporting the secure elements will be connected between them by means of a network.
- the migration servers will be connected between them by means of a network and also to the servers or working stations supporting the secure elements by means of a network.
- each secure element is governed by the same migration server, there is only one migration server instead of two.
Abstract
Process allowing, under the control of one or more trusted migration servers, a copy or a backup of the operational data contained in a source secure element into a recipient secure element where, at any time, at most, one and only one secure element holding the content of the source secure element can be operational at a given time. The process allows to perform: - either a copy of the operational data contained in a source secure element into a recipient secure element, and then, without powering off the two secure elements to continue immediately, in a synchronous mode, with a transition into a non-operational state of the source secure element followed by a transition into an operational state of the recipient secure element, or - a backup of the operational data of a source secure element into one or more recipient secure elements, and then, after powering off the two secure elements, to continue later on, in an asynchronous mode, with a transition into an operational state of one, and only one, of these recipient secure elements by making sure that the source secure element is no more operational.
Description
The present invention is applicable to any type of secure element where it is desirable to duplicate its content into another secure element either for backup purposes, for example, in the event of the loss, of the theft or of the deterioration of the original secure element ; or for an immediate transfer of the content of the original secure element into another secure element, for example, in the event of a change of its physical format, where in both cases, at any time, at most one and only one secure element holding the content of the original secure element can be operational at a given time.
Generally, secure elements are delivered pre-personalized by a supplier (or an issuer) and, in the event of loss or of theft, a new secure element will be delivered by the same supplier. The disadvantage is that such a replacement is not instantaneous, but allows to fulfil the required objective, i.e. to provide to the rightful owner, a new secure element with the same content as the one that was initially present. That explains why techniques of controlled duplications of data contained in secure elements have not been developed.
However some secure elements accumulate data (which was thus not present at the time of the initial handing-over) or are delivered without any user data, additional data being accumulated by the owner of the secure element during its use.
The original user data (if any) and the additional data accumulated later on (if any) as well as the internal permanent states of the secure element is called in this document ‘operational data’.
For secure elements which support the FIDO standard, there is originally no user data while pairs of pseudonyms and private keys are accumulated during the life of the secure element (see: https://fidoalliance.org/specs/).
If the secure element which contains these data is lost, stolen or damaged, the user does not have any more an access to the accounts that he could reach using these pseudonyms and these private keys within the framework of U2F (Universal Second Factor) protocol of FIDO.
If the secure element which contains these data is lost, stolen or damaged, the user does not have any more an access to the accounts that he could reach using these pseudonyms and these private keys within the framework of U2F (Universal Second Factor) protocol of FIDO.
The process of copying the content of a secure element to another secure element is particularly useful as a complement of an “access method to an on line service by means of access tokens and secure elements restricting the use of these access tokens to their legitimate owner" that is the topic of another patent application.
Indeed, taking into account the fact that, within the framework of this other patent application, a secure element allows, in particular, to obtain access tokens indicating that the owner of the access token is major, it is particularly important to prevent that another secure element containing the same operational data of the first secure element could be created and placed in an operational state and then transmitted to a person who would be minor, because in such a case this person could consequently obtain an access token indicating that she is major, whereas it is not the case.
In other words, if it is allowed for a legitimate owner of a secure element to duplicate its content, only one secure element containing the operational data of the original secure element shall be able to be operational at a given time.
The objective of the process is to create one or more copies of the operational data contained in one source secure element into one or more other recipient secure elements but to have, at any given time, at most, one and only one secure element in an operational state.
The process includes two variants which allow to perform:
- either a copy of the operational data contained in a source secure element into a recipient secure element then to continue immediately, in a synchronous mode, with a transition into a non-operational state of the source secure element followed immediately by a transition into an operational state of this other secure element, or
- a backup of the operational data of a source secure element into one or more recipient secure elements, and then to continue, after powering off the two secure elements, in an asynchronous mode, by a transition into a non-operational state of the source secure element followed by a transition into an operational state of one, and only one, of these recipient secure elements.
A given user shall only be able to use at any given time only one such operational secure element. One of the objectives is to prevent a user to duplicate the operational data contained in his operational secure element into another operational secure element and to transmit it to another user.
The process allows to perform:
- either a copy of the operational data contained in a source secure element into a recipient secure element, or
- as a preventive measure, a backup of the operational data contained in source secure element into one or more other secure elements.
The copy of operational data between secure elements shall be prevented if one of the secure elements has been declared as being lost or stolen.
Each secure element shall be delivered by the manufacturer, the supplier or the customizer of the secure element with the following data:
- a public key certificate specific to the secure element,
- a private key associated this public key certificate, where the private key and the public key contained in the public key certificate form a single pair,
- a public key allowing to authenticate the origin of the messages transmitted by the migration server associated with this secure element.
The public key certificate contains at least information making it possible to know, by the means of a contact to a certificate status server (Cert. status), if the public key contained in the public key certificate specific to the secure element is still valid (using white lists) or has been invalidated (using black lists).
If an operational secure element has been declared as lost or stolen, the public key certificate of this secure element must be revoked by the user as soon as possible. That is applicable for source secure elements as well as for recipient secure elements which would have received a copy of the information contained in a source secure element.
If an operational secure element has been declared as lost or stolen, the public key certificate of this secure element must be revoked by the user as soon as possible. That is applicable for source secure elements as well as for recipient secure elements which would have received a copy of the information contained in a source secure element.
However, since secure elements do not usually possess a reliable clock, they do not have the possibility to check by themselves a revocation date. So it is mandatory to rely upon an on line server, called a “migration server” (MS), which has a clock synchronized with the UTC (Universal Coordinated Time).
Within the framework of this process, the operational data does not flow through the migration servers, but is carried out directly between the secure elements with an encipherment and an integrity control of the exchanged data.
As an option, an address (e.g. a URL) giving access to the migration server associated with the secure element may also be present in the secure element. The address giving access to a migration server of a secure element is optional, because it can be obtained through as means, e.g. it may be deduced from the content of the public key certificate of the secure element or be integrated as an extension in the public key certificate of the secure element.
The process includes two phases:
- a copy phase or a backup phase of the operational data contained in an operational source secure element into a recipient secure element placed in a non-operational state, with data confidentiality protection and data integrity protection / detection during the data transfer,
- the deactivation of the operational state of the source secure element followed by the activation of the operational state of one, and only one, recipient secure element containing the operational data originally contained in the source secure element.
This second phase has two variants whether it is carried out:
- in a synchronous mode, i.e. immediately following the copy phase or a backup phase without powering off the secure elements, or
- in an asynchronous mode, i.e. later on, once the backup phase has been completed and once the secure elements have been disconnected.
1. Copy phase or backup phase of the operational data contained in a source secure element into a non-operational recipient secure element
The components of architecture are specified on figure 1 (Fig.1). These components are :
- a source secure element A (SE_A), which is a secure element in an operational state containing operational data. This component is numbered 1.
- a server or a workstation (S/STA) supporting the secure element A (SE_A). This component is numbered 2.
- a recipient secure element B (SE_B), which is initially in an non-operational phase and that is not containing any operational data and which will receive, later on, operational data from the secure element A (SE_A). This component is numbered 3.
- a server or workstation supporting the secure element B (SE_B).
This component is numbered 4. - a migration server A (MS_A) associated with the secure element A (SE_A). This component is numbered 5.
- a migration server B (MS_B) associated with the secure element B (SE_B). This component is numbered 6.
- certificate status Information (Cert Info.). accessible to the migration servers. This component is numbered 7.
Note: In certain cases, there may only be one server or only one workstation supporting the two secure elements.
Note: In certain cases, the migration server associated with the two secure elements may be the same.
The role of these migration servers is to make sure that each of the two secure elements which will be involved in the transfer of the operational data strictly fulfils the constraints associated with the transfer and according to the case:
- to authorize or to prohibit the backup or the copy of the operational data from a source a secure element into another recipient secure element, and/or
- to authorize or to prohibit the change of status of the secure elements from an operational state into a non-operational state and vice versa.
Each secure element contains at least three data originally loaded by a manufacturer or a customizer of the secure element, namely:
- a public key certificate specific to the secure element. This public key certificate materializes the fact that the secure element has the adequate properties for the implementation of this process. It is delivered by a certification authority trusted by the migration servers.
- an associated private key,
- a public key allowing the secure element to authenticate the origin of the messages generated by the migration server associated with the secure element.
As an option, an address (e.g. a URL) giving access the migration server to which this secure element is associated.
A copy or a backup of the operational data between the secure elements shall only be possible if that the recipient secure element has the adequate properties for the implementation of this process and if does not contain any operational data at the beginning of the copy or backup process.
The fact that the recipient secure element has adequate properties for the implementation of this process is materialized by the fact that it has an
ad- hoc public key certificate delivered by a trusted certification authority, that this public key certificate is within its validity period and is valid (e.g. not revoked).
ad- hoc public key certificate delivered by a trusted certification authority, that this public key certificate is within its validity period and is valid (e.g. not revoked).
The copy phase or the backup phase of the operational data from the source secure element (SE_A) towards a non-operational recipient secure element (SE_B) can thus only start if the secure element (SE_B) does not contain any operational data. If the recipient secure element already contains operational data or if the user did not erase it beforehand, the operational data shall be erased and/or reinitialised before the beginning of the copy or of the backup process.
The goal is to prevent from being able to add operational data to operational data that would be already present in a recipient secure element. In this way, at the end of the copy or of the backup process, the content of the operational data in the two secure elements will be identical.
The secure element SE_B verifies that the zone that it will use to store the data communicated by the SE_A is empty or has been re-initialised. If the zone is not empty or has not been re-initialised, an error is returned. The secure element SE_B also contains specific data intended to store a cryptographic checksum value computed on this zone. The secure element SE_B verifies that it is not in an operational state. If this is not the case, it shall be placed beforehand into a non-operational state.
Figure 2 (Fig. 2) illustrates the exchanges between the various components of the system. The dialog starts with a signed Diffie-Hellman key exchange carried out between the operational source secure element (SE_A) and the non-operational recipient secure element (SE_B).
A signed Diffie-Hellman key exchange entails three messages:
- a message 1 (M1): a random number "n" and a modulo "p" are exchanged between the SE_A and the SE_B. This message is numbered (M1) on figure 2,
- a message 2 (M2): a random number "n" elevated to the secret power "a" by the SE_A, reduced to the modulo "p", a digital signature computed over the previous data using the private key of the SE_A associated with the public key certificate of the SE_A. This message is numbered (M2) on figure 2,
- a message 3 (M3): a random number "n" elevated to the secret power "b" by the SE_B, reduced to the modulo "p", a digital signature computed over the previous data using the private key of the SE_B associated with the public key certificate of the SE_B. This message is numbered (M3) on figure 2.
The number of messages can be reduced to two by combining the message 1 (M1) and the message 2 (M2). The message 1 (M1) can be sent at the same time as the message 2 (M2) or the message 3 (M3) combined with the message 1 (M1) can be sent before the message 2 (M2). According to the secure element which takes the initiative of the dialog, the order of the messages 2 (M2) and 3 (M3) can be reversed.
The resulting secret key "k" built using the signed Diffie-Hellmann key exchange is random number "n" elevated to the secret power "ab", the whole being reduced modulo p. A “man in the middle” is unable to compute it.
Each server or workstation supporting a secure element obtains an address (e.g. a URL) giving access the migration server of that secure element. That address can be prefixed and predefined within the framework of a convention or can be deduced from the content of the public key certificate of the secure element or can be integrated as an extension in the public key certificate of the secure element or can be present in the secure element.
So that the migration server can detect replays, a challenge is requested from each migration server by the server or by the workstation supporting the secure element.
The server or the workstation supporting the SE_A sends a request for a challenge (Ch_A Req) to the MS_A and receives in return a challenge A (Ch_A). This challenge A is then relayed by the server or by the workstation supporting the SE_A to the server or the workstation supporting the SE_B.
The server or the workstation supporting the SE_B sends a request for challenge (Ch_B Req) to the MS_B and receives in return a challenge B (Ch_B). This challenge B is then relayed by the server or by the workstation supporting the SE_B to the server or workstation supporting the SE_A.
The SE_B generates a message 4 (M4) that is sent by the server or by the workstation supporting the SE_B to the server or to the workstation supporting the SE_A which is then relayed as message M4_R to the MS_A.
This message 4 (M4) includes the following data:
- a message identifier allowing to know that it is a message of
type 4, - the challenge A (Ch_A) obtained from the MS_A,
- a message 2 (M2) that the SE_B received from the SE_A
(which contains the public key certificate of the SE_A), - the public key certificate of the SE_B,
- a digital signature computed over the previous data using the private key of the SE_B.
Alternatively the public key certificate of the SE_B can be placed after the digital signature and this case it does not enter into the computation of the digital signature.
The server or the workstation supporting the secure element SE_A requests a challenge to the MS_B which provides in return a challenge B which is then transmitted to the SE_A.
The SE_A then generates a message 5 (M5) which is sent by the server or by the workstation supporting the SE_A to the server or the workstation supporting the SE_B which is then relayed as message M5_R to the MS_B.
This message 5 (M5) includes the following data:
- a message identifier allowing to know that it is a message of
type 5, - the challenge (Ch_B) obtained from the MS_B,
- a message 3 (M3) that the SE_A received from SE_B
(which contains the public key certificate of the SE_B), - the public key allowing to authenticate the origin of the messages issued by the MS_A,
- the public key certificate of the SE_A,
- as an option, an address (e.g. a URL) giving access the MS_A,
- a digital signature computed over the previous data using the private key of the SE_A.
Note: the URL giving access the MS_A and/or the public key certificate of the SE_A can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
These messages are sent and received by the server or by the workstation supporting the secure element. It is obvious that the order of the messages 4 (M4) and 5 (M5) can be reversed.
Each message is then sent by the secure element to its migration server.
The MS_A server verifies that it is indeed a message of type 4, that the challenge which is present is identical to the one it has just sent, that the public key certificate of the SE_A is delivered by a trusted certification authority, that this certificate has the adequate properties for the implementation of this process, that it is during its validity period and that it is valid (e.g. not revoked) using the messages 6 (M6) and 7 (M7) that are sent to a server holding certificate statuses (Cert. status).
It also verifies that the message 2 (M2) which is contained in this message 4 (M4) is correctly signed by the public key contained in the public key certificate of the SE_B, that the public key certificate of the SE_B is a certificate issued by a trusted certification authority, that is has the adequate properties for the implementation of this process, that it is during its validity period and that it is valid (e.g. not revoked).
It also verifies that the whole data set is correctly signed using the private key corresponding to the public key certificate of the SE_A.
Following the reception and the checking of a message of type 4, the MS_A server stores in a data entry the following data:
- the public key certificate of the SE_A,
- the public key certificate of the SE_B,
- an indicator specifying the operational state of the SE_B, and in this case this indicator is positioned to indicate a non-operational state,
- the public key allowing to authenticate the origin of the messages issued by the migration server (MS_B) of this SE_B.
Note: the date of the writing or/and the date of the modification of each entry can advantageously be added in order to be able to know the date of the event.
In no case, a data entry relative to the SE_A shall be removed by the MS_A before the end of the validity period of the public key certificate of the SE_A.
In no case, a data entry relative to the SE_A shall be removed by the MS_A before the end of the validity period of the public key certificate of the SE_A.
If the first data of a data entry already contains the public key certificate of the SE_A, a new entry shall be added afterwards. This information makes it possible to identify the recipient secure elements which got a copy or a backup of the operational data of a given source secure element.
It should be observed that the operational data contained in one source secure element can be backed up into more than one recipient secure elements.
As it will be explained later on, these entries will make possible to control and carry out the change into an operational state of one, and only one, recipient secure element to which the operational data of the SE_A will have been transferred beforehand.
In the same way, the server MS_B verifies that it is indeed a message of type 5, that the challenge which is present is identical to the one which it has just sent, that the public key certificate of the SE_B is delivered by a trusted certification authority, that this certificate contains the adequate properties for the implementation of this process, that it is during its validity period and that it is valid (e.g. not revoked) using the messages 8 (M8) and 9 (M9) that are sent to a server holding certificate statuses (Cert. status). It also verifies that the message 3 (M3) which is contained in this message 5 (M5) is correctly signed by the public key contained in the public key certificate of the SE_A, that the public key certificate of the SE_A is a certificate issued by a trusted certification authority, that it has the adequate properties for the implementation of this process, that it is during its validity period and that it is valid (e.g. not revoked).
It also verifies that the whole data set is correctly signed using the private key corresponding to the public key certificate of the SE_B.
Following the reception and the checking of a message of type 5, the MS_B server stores in a data entry the following data:
- the public key certificate of the SE_B,
- the public key certificate of the SE_A,
- the public key allowing to authenticate the origin of the messages issued by the migration server of SE_A (MS_A).
As an option, the URL giving access the migration server of SE_A (MS_A) can also be stored.
In no case, a data entry relative to the SE_B shall be removed before the end of the validity period of the public key certificate of the SE_B.
Note: the date of the writing or/and of the modification of each entry may be added in order to know the date of the event.
If the first data of a data entry already contains the public key certificate of the SE_B, a new entry shall be added afterwards. It can be observed that the same secure element can successively be carrying operational data of various secure elements. The last entry (or the more recent entry) makes it possible to identify the source secure element of the last operational data copied into a given recipient secure element. These data will be used later on to control the changes of the operational states, in order to make sure that a secure element SE_B which is a candidate to obtain an operational state is still indeed carrying the operational data which it received from the SE_A.
The public key certificate of the SE_A makes possible for the MS_B to specify to the MS_A the source secure element which may be concerned by a deactivation operation.
The public key allowing to authenticate the origin of the messages transmitted by the MS_A, and the address (e.g. a URL) giving access the MS_A makes possible for the MS_B to contact the MS_A and to make sure that it is indeed connected with the MS_A.
Note: The order of the verification of messages 4 (M4) and 5 (M5) can be reversed.
The migration server MS_A then returns to the server or to the workstation supporting the secure element SE_A that contacted it a message 10 (M10) which contains:
- a message identifier allowing to know that it is a message of type 10,
- data allowing to detect replays,
- an agreement indicator for the transfer of the operational data between the secure elements, and
- a digital signature computed over the previous data using the private key of the MS_A.
The data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a single data already present in a previous message. As an example, a data allowing to detect replays in message 6 (M6) can be data already present in message 4 (M4), such as the value of the digital signature computed using the private key of the SE_A. A convention shall be defined between the secure element and its migration server to determine which is the data making possible to detect replays.
The SE_A verifies that the message that it received from the MS_A is indeed a message of type 10 and that the value making possible to detect replays has the expected value. The SE_A verifies the digital signature of the message using the public key of the MS_A.
If the digital signature is correct, the SE_A verifies the presence of the agreement indicator for the transfer of the operational data between the secure elements.
The migration server MS_B returns to the server or to the workstation of the secure element SE_B which contacted it a message 11 (M11) which contains:
- a message identifier allowing to know that it is a message of type 11,
- data allowing to detect replays,
- an agreement indicator for the of the transfer of the operational data between the secure elements, and
- a digital signature computed over the previous data using the private key of the MS_B.
The data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, it can be a single data already present in a previous message. As an example, data allowing to detect replays in message 11 (M11) can be data already present in the relayed message 5 (M5_R), such as value of the digital signature computed using the private key of the SE_A.
A convention shall be defined between the secure element and its migration server to determine which is the data making possible to detect replay.
The SE_B verifies that that the message that it received from the MS_A is indeed a message of type 11 and that the value making possible to detect replays has the expected value. The SE_B verifies the digital signature of the message using the public key of the MS_B.
If the digital signature is correct, the SE_B verifies the presence of the agreement indicator for the transfer of the operational data between the secure elements.
In the same way, the SE_A verifies that the message that it received is indeed a message of type 10 and that the value making possible to detect replays has the expected value. The SE_A verifies the digital signature of the message by means of the public key of the MS_A.
If the digital signature is correct, the SE_A verifies the presence of the agreement indicator for the transfer of the operational data between the secure elements.
Each secure element announces to the other that is ready to begin the transfer of the operational data. This transfer is carried out by means of messages exchanged directly between the two secure elements via the servers or the workstations supporting these secure elements.
Figure 3 (Fig.3) illustrates the exchanges carried out between the two secure elements. It is a succession of n exchanges numbered E1, E2,
until E1n and E2n. Each message entails a message identifier making it possible to know that it is a message of type “transfer of operational data”.
until E1n and E2n. Each message entails a message identifier making it possible to know that it is a message of type “transfer of operational data”.
The operational data of the SE_A are transferred to the SE_B:
- enciphered using the key "k" or a key derived from the key "k", and
- integrity protected using the key "k" or a key derived from the key "k".
The secret key "k" is the key which was built during the Diffie-Hellmann key exchange: it is the random number "n" elevated to the secret power "ab", the whole being reduced modulo "p".
The received data is deciphered by the SE_B before being stored in the SE_B.
In order to make sure that no message is removed during the transfer, a cryptographic checksum is progressively computed while the data is being transferred (Fig. 3). The SE_B verifies that the value of the final cryptographic checksum that is sent is equal to the one that it has locally computed.
If this is not the case, the whole of the data already transferred on the SE_B is erased. A new transfer of the data may however be attempted.
If this is the case, the operational data which was present in the SE_A is now present in the SE_B. The SE_B uses an internal indicator to memorize the fact that it contains the full set of the operational data of another secure element.
At this stage, the SE_B is still in a non-operational state.
2. Phase of setting the source secure element in a non-operational state followed by the transition to an operational state for the recipient secure element containing the operational data that has been transferred to it
Beforehand, it is recalled that during a transfer of operational data between secure elements:
(a) the migration server to which is associated the source secure
element has been able to memorize data making possible to know to
which secure element(s) the operational data of this source secure
element has been transferred (making the assumption that the
transfer of the operational data has been successfully accomplished),
and
(b) the migration server to which is associated the recipient secure
element has been able to memorize data making possible to know
from which secure element(s) the operational data of this recipient
secure element has been received (making the assumption that the
transfer of the operational data has been successfully accomplished).
(a) the migration server to which is associated the source secure
element has been able to memorize data making possible to know to
which secure element(s) the operational data of this source secure
element has been transferred (making the assumption that the
transfer of the operational data has been successfully accomplished),
and
(b) the migration server to which is associated the recipient secure
element has been able to memorize data making possible to know
from which secure element(s) the operational data of this recipient
secure element has been received (making the assumption that the
transfer of the operational data has been successfully accomplished).
In the case (a), the data that has been memorized for a source secure element (SE_A) is one or more data entries composed of :
- the public key certificate of a secure element (SE_A),
- the public key certificate of a SE_B,
- the public key allowing to authenticate the origin of the messages sent by the MS_B,
- an indicator specifying if this SE_B is in an operational state or in a non-operational state.
In the case (b), the data that has been memorized for a recipient secure element (SE_B) is one or more data entries composed of:
- the public key certificate of a secure element (SE_B),
- the public key certificate of a SE_A,
- the public key allowing to authenticate the origin of the messages sent by the MS_A.
For the MS_A, each entry allows to know towards which recipient secure element(s) the operational data of this source SE_A has been transferred.
For the MS_B, each entry allows to know from which source secure element(s) the operational data has been transferred to this recipient SE_B.
In order to allow the SE_B to switch into an operational state, it is first necessary to place the SE_A in a non-operational state. There are two ways so that the SE_A can switch from an operational state to a non-operational state:
- to carry out a setting into a non-operational state for the SE_A with a direct dialog between the SE_A and the SE_B, or
- to carry out a setting in non-operational state for the SE_A without a dialog with the SE_A. In this case, the owner of the secure element must beforehand ask for the invalidation (e.g. the revocation) of the public key certificate of the secure element which it used.
2.1. Setting in an operational state of a recipient secure element of operational data in an synchronous mode with a dialog between the SE_A and the SE_B
The process that is described hereafter is always immediately performed after the copy of the operational data contained in the SE_A into the SE_B, without powering off the SE_A, nor the SE_B. It thus requires the physical presence of the SE_A and is carried out without the checking of the validity of the certificate of the SE_A since the non-revocation of the public key certificate of the SE_A has already been checked before the beginning of the copy of information of the SE_A towards the SE_B, it is thus not necessary to check it once again.
The process that is described hereafter is always immediately performed after the copy of the operational data contained in the SE_A into the SE_B, without powering off the SE_A, nor the SE_B. It thus requires the physical presence of the SE_A and is carried out without the checking of the validity of the certificate of the SE_A since the non-revocation of the public key certificate of the SE_A has already been checked before the beginning of the copy of information of the SE_A towards the SE_B, it is thus not necessary to check it once again.
It is thus recalled that the two secure elements still share a secret key "k" which is a random number "n" exchanged in the beginning elevated to the secret power "ab", the whole being reduced modulo p.
The process has two variants. In the first variant, the MS_A is directly contacted by the SE_A, while in the second variant, the MS_A is indirectly contacted by the SE_A via the SE_B and the MS_B.
2.2.1. Variant 1: the MS_A is directly contacted by the SE_A
The recipient secure elements of the operational data will only be able to switch into an operational state after having received an approval from the migration server to which of the source secure element is associated.
This variant is a simplified process that shall never be used if one of the two secure elements support the process of a transition into an operational state using the asynchronous mode, because the MS_B does not track the operational state changes of the recipient secure elements.
This variant is a simplified process that shall never be used if one of the two secure elements support the process of a transition into an operational state using the asynchronous mode, because the MS_B does not track the operational state changes of the recipient secure elements.
Figure 4 (Fig. 4) which is placed chronologically after figure 3 (Fig. 3) illustrates the exchanges between the various components of the system.
The SE_A sends to the MS_A a message 12 (M12) which contains:
- a message identifier allowing to know that it is a message of type 12,
data allowing to detect replays, - the public key certificate of the SE_A,
- a digital signature computed over the previous data using the private key of the SE_A.
Note: the public key certificate of the SE_A can also be placed after the digital signature and this case it does not enter into the computation of the digital signature.
Note: It is not required to encipher this exchange.
The data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a single data already present in a previous message, as an example, the digital signature present in message 10 (M10),
The MS_A verifies that message 12 (M12) it received is indeed a message of type 12, that is not a replay of a previous message and that is correctly signed by the SE_A.
In an entry that contains in its first element the certificate of the SE_A, it examines the second element looking for an element that contains the value of the public key certificate of the SE_B. If this entry is not found, then an error message is returned to the SE_A. Otherwise, the MS_A modifies the indicator specifying whether the secure element SE_B is or not in an operational state and positions it into an “operational” state".
In practice, the MS_A anticipates this change of the operational state, because the SE_B only will become operational after the reception and the processing of the message 14 (M14).
The MS_A sends to the SE_A a message 13 (M13) which contains:
- a message identifier allowing to know that it is a message of type 13,
- data allowing to detect replays,
- an agreement indicator for the setting of the SE_B into an operational state,
- a digital signature computed over the previous data using the private key of the MS_A.
The data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the digital signature present in message 12 (M12).
The SE_A verifies:
- that the message which it received is indeed of a message of type 13,
- that the data allowing to detect replay has the expected value,
- that the agreement indicator for the passage into an operational state of the SE_B is present,
- that the digital signature is valid by using the public key of the MS_A.
The SE_A then places itself into a non-operational state and authorizes the change of the operational state of the SE_B into an operational state by means of the message 14 (M14) which is composed of:
- a message identifier allowing to know that it is a message of type 14,
- data allowing to detect replays,
- an agreement indicator for the setting of the SE_B into an operational state,
- a cryptographic checksum computed over the previous data using the secret key "k" or a key derived from the key "k".
Note: It is not required to encipher this exchange.
The data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the cryptographic checksum computed over the last exchange of the operational data between the two secure elements.
The SE_B verifies that the message it received is indeed a message of type 14 and that the value making possible to detect replays has the expected value. Using the secret key "k" or a key derived from the key "k", the SE_B verifies that the message contains the expected cryptographic checksum. It verifies the presence of the agreement indicator for the transition into an operational state and then places itself into an operational state.
2.2.2. Variant 2: the MS_A is indirectly contacted by the SE_A
A recipient secure element shall only be able to transit into an operational state after its MS_B has received the approval of the migration server associated with the source secure element SE_A.
The messages are exchanged immediately after the copy of the operational data contained in the SE_A into the SE_B, without powering off the SE_A or the SE_B.
The data making possible for the MS_B to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the digital signature contained in the message 11 (M 11) that has been sent by the MS_B to the SE_B. When an additional exchange is being used, the SE_B first requests a challenge (Ch_B Req) to the MS_B and receives back a challenge called Ch_B.
Figure 5 (Fig. 5) which is chronologically placed after figure 3 (Fig. 3) illustrates the other exchanges between the various components of the system.
The SE_B sends to the SE_A a message 15 (M15) which contains:
- a message identifier allowing to know that it is a message of type 15,
- data allowing the MS_B to detect replays,
- a cryptographic checksum computed over the previous data using the secret key "k" or a key derived from the key "k".
The SE_A verifies that the message it received is indeed a message of type 15 and using the secret key "k" or a key derived from the key "k",
the SE_A verifies that the message contains the expected cryptographic checksum. It then places itself into a non-operational state.
the SE_A verifies that the message contains the expected cryptographic checksum. It then places itself into a non-operational state.
The SE_A sends to the SE_B a message 16 (M16) which contains:
- a message identifier allowing to know that it is a message of type 16,
- data allowing both the MS_B and the SE_B to detect replays,
- the public key certificate of the SE_A,
- an indicator stating that the SE_A has been placed into a non-operational state,
- a digital signature computed over the previous data using the private key of the SE_A.
- a cryptographic checksum computed on the previous data using the secret key "k" of a key derived from the key "k".
Note: It is not required to encrypt this exchange.
The SE_B verifies that the message 16 (M16) that it received is indeed a message of type 16 and that the value making possible to detect replays has the expected value. Using the secret key "k" of a key derived from the key "k", the SE_B verifies that the message contains the expected cryptographic checksum.
Since it is necessary to centralize at the level of a migration server (the MS_A) the changes of operational states of the source secure elements, the exchanges continue to signal to the MS_A that a given SE_B wishes a transition into an operational state. Additional messages are thus needed to be exchanged to support this variant.
The server or the workstation supporting the SE_B connects to the MS_B and requests a challenge to the MS_B (Ch_B req). The server or the workstation supporting the SE_B communicates this challenge B (Ch_B) to the SE_B.
The SE_B sends to the MS_B a message 17 (M17) which contains :
- a message identifier allowing to know that it is a message of type 17,
- the message 16 (M16),
- the challenge (Ch_B) received from the MS_B allowing to detect replays,
- the public key certificate of the SE_B,
- a digital signature computed over the previous data using the private key of the SE_B.
The MS_B verifies that:
- the message is indeed a message of type 17,
- the challenge contained in the message 17 (M17) corresponds to the challenge (Ch_B) that has been sent,
- the message 17 (M17) contains the expected digital signature using the public key of the SE_B.
The MS_B then verifies that :
- the message that is included in the message 17 (M17) is indeed a message of type 16,
- the challenge contained in the message 16 (M16) corresponds to the challenge (Ch_B) that has been sent,
- the message 16 (M16) contains the expected digital signature using the public key of the SE_A.
The MS_B then extracts from the message 16 (M16):
- the message identifier allowing to know that it is a message of type 16,
- data allowing to detect replays,
- the public key certificate of the SE_A,
- an indicator stating that the SE_A has been placed into a
non-operational state, - a digital signature computed over the previous data using the private key of the SE_A.
The MS_B then verifies that that the message that it received is indeed a message of type 16 and that the value making possible to detect replays has the expected value. The MS_B verifies the digital signature of the message using the public key certificate of the SE_A.
The MS_B browses through the entries that it has memorized looking for entries containing the public key certificate of the SE_B and recovers from the last entry:
- the public key certificate of a SE_A,
- the public key allowing to authenticate the origin of the messages issued by the migration server of SE_A (MS_A).
By means of the messages 18 (M18) and 19 (M19) addressed to a certificate status server (Cert. status), the MS_B verifies that both the public key certificate of the SE_A and the public key certificate of the SE_B are issued by a trusted certification authority, that they have the adequate properties for the implementation of this process, that they are within their validity period and that they are valid (e.g. they have not been revoked).
If all these verifications are satisfied then the MS_B connects to the MS_A using an address (e.g. a URL) allowing to access the MS_A associated with this SE_A and requests a challenge (Ch_A Req) to the MS_A.
The MS_B sends to the MS_A a message 20 (M20) which contains:
- a message identifier allowing to know that it is a message of type 20,
- the challenge A (Ch_A) generated by the MS_A,
- the public key certificate of the SE_A,
- the public key of the MS_B,
- a digital signature computed over the previous data using the private key of the MS_B.
Note: the public key of the MS_B can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
The MS_A verifies that the message that it received is indeed a message of type 20 and that challenge A contained in message 20 (M20) is identical to the challenge which it had sent. If this is not the case, an error is returned.
The MS_A verifies the digital signature of message 20 (M20) using the public key of the MS_B contained in this entry. If the verification is not conclusive, an error is returned.
The MS_A extracts from the message 20 (M20) the public key certificate of the SE_A and makes sure that the public key certificate of the SE_A has already been memorized. If this is not the case, an error is returned.
By means of the messages 21 (M21) and 22 (M22) addressed to a certificate status server (Cert. status), the MS_A verifies that the public key certificate of the SE_A is valid (e.g. it has not been revoked).
The MS_A examines all the entries associated with the certificate of the SE_A. If anyone entry already contains an indicator specifying that a secure element moved into an operational state, an error is returned.
The MS_A recovers the entries associated with the certificate of the SE_A, i.e. one or more entries, each entry being composed of:
- the certificate of a SE_A,
- the certificate of a SE_B,
- an indicator specifying whether this SE_B is or is not operational,
- the public key allowing to authenticate the origin of the messages issued by the MS_B of this SE_B.
It looks for the last entry containing the certificate of this SE_B. If this certificate does not appear in any entry, an error is returned. In that entry, the MS_A modifies the indicator specifying the operational state of the SE_B and places it into an operational state. In practice, the MS_A anticipates this change of state, because the SE_B only will become operational after the reception and the processing by the SE_B of the message 24 (M24).
The MS_A sends to the MS_B a message 23 (M23) which contains:
- a message identifier allowing to know that it is a message of type 23,
- data allowing to detect replays,
- the public key certificate of the SE_B,
- an agreement indicator for the transition into an operational state of the SE_B,
- a digital signature computed over the previous data using the private key of the MS_A.
The data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 20 (M20), or a data sent specifically to this end in an additional message.
The MS_B verifies that the message that it received is indeed a message of type 23 and that the value making possible to detect replays has the expected value. The MS_B verifies that the digital signature is correct. The MS_B then indicates to the SE_B that it is authorized to switch into an operational state using the message 24 (M24).
The MS_B sends to the SE_B a message 24 (M24) which contains:
- a message identifier allowing to know that it is a message of type 24,
- data allowing to detect replays,
- the public key certificate of the SE_B,
- an agreement indicator for the switching into an operational state of the SE_B,
- a digital signature computed over the previous data using the private key of the MS_B.
The data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 17 (M17), or a data sent specifically to this end in an additional message.
The SE_B verifies that the message that it received is indeed a message of type 24 and that the value making possible to detect replays has the expected value and that the value of the public key certificate of the SE_B matches with its own public key certificate. The SE_B verifies that the digital signature of message 24 (M24) is correct. If this is not the case, an error is returned. If this is the case, the SE_B switches into an operational state.
2.1. Setting into an operational state of a recipient secure element SE_B using the asynchronous mode without any dialog with the SE_A
Figure 6 (Fig. 6) illustrates the exchanges between the various components of the system.
The SE_B verifies itself that it is in a non-operational state and that it contains a full transfer of backed up operational data by verifying the presence of an internal indicator that memorizes the fact that it contains the full set of the operational data of another secure element. If these verifications are unsuccessful, then an error is returned by the SE_B.
The server or the workstation supporting the SE_B connects to the MS_B and requests a challenge to the MS_B by means of a message (Ch_B Req). The server or the workstation supporting the SE_B communicates this challenge B to the SE_B by means of a message (Ch_B).
The SE_B generates to the attention of the migration server MS_B a message 25 (M25) which contains:
- a message identifier allowing to know that it is a message of type 25,
- the challenge B (Ch_B),
- the public key certificate of the SE_B,
- a digital signature computed over the previous data using the private key of the SE_B.
Note: the public key certificate of the SE_B can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
The MS_B verifies that:
- the message which it received is indeed a message of type 25,
- the challenge Ch_B corresponds to the one that has just been sent,
- the public key certificate of the SE_B has been issued by a trusted certification authority, that it has the adequate properties for the implementation of this process, that it is during its validity period,
- by means of the messages 26 (M26) and 27 (M27) that public key certificate of the SE_B is valid (e.g. not revoked),
- the digital signature is valid, using the public key contained in the public key certificate of the SE_B.
If anyone of these conditions is not verified, an error message is returned to the SE_B. The MS_B browses through the entries that it memorized looking for an entry containing in the first element of the entry the public key certificate of the SE_B. If such an entry is missing, an error message is returned to the SE_B.
The MS_B recovers the last entry associated with the certificate of the SE_B which shall at least contain:
- the public key certificate of a SE_B,
- the public key certificate of a SE_A,
- the public key allowing to authenticate the origin of the messages transmitted by the MS_A associated with this SE_A.
The MS_B verifies that the public key certificate of the SE_A has been issued by a trusted certification authority, that it has the adequate properties for the implementation of this process, that it is during its validity period. By means of the messages 26 (M26) and 27 (M27) addressed to a certificate status server (Cert. status), the MS_B verifies that the public key certificate of the SE_A is no more valid (e.g. it has been revoked) and that the public key certificate of the SE_B is valid (e.g. it has not been revoked). If these verifications are not carried out successfully then an error message is returned to the MS_B and then after to the SE_B.
If all these verifications are satisfied, then the server MS_B contacts the MS_A using an address (e.g. a URL) giving access the MS_A associated with this SE_A.
The MS_B requests a challenge to the MS_A (Ch_A Req). The MS_A communicates this challenge A (Ch_A) to the MS_B.
The MS_B generates for the MS_A a message 28 (M28) which contains:
- a message identifier allowing to know that it is a message of type 28,
- the challenge A (Ch_A) generated by the MS_A,
- the public key certificate of the SE_A,
- the public key certificate of the SE_B,
- the public key of the MS_B,
- a digital signature computed over the previous data using the private key of the MS_B.
Note: the public key of the MS_B can also be placed after the digital signature and in this case it does not enter into the computation of the digital signature.
The MS_A verifies that the message that it received is indeed a message of type 28 and that the challenge contained in the message 28 (M28) is identical to the challenge (Ch_A) which it has sent. The MS_A verifies the digital signature using the public key of the MS_B. If one of these verification fails, an error message is returned to the MS_B and then after to the SE_B.
The MS_A browses through the entries which it memorized looking for an entry containing in the first element of the entry the public key certificate of the SE_A. If this entry is missing, an error message is returned to the MS_B and then after to the SE_B.
If this entry is present, it makes sure by means of messages 29 (M29) and 30 (M30) addressed to a certificate status server (Cert. status) that the certificate of the SE_A is no more valid (e.g. it has been revoked) and that the certificate of the SE_B is valid (e.g. it has not been revoked). If this is not the case, an error message is returned to the MS_B and then after to the SE_B.
So that the MS_A can authorize the transition of the SE_B into an operational state, it is necessary that no other secure element containing the data of this SE_A already switched into an operational state. To this end, the MS_A examines all the entries associated with the certificate of the SE_A. If anyone of these entries contains an indicator specifying in the third element of the entry that a recipient secure element already switched into an operational state, an error message is returned to the MS_B and then after to the SE_B.
The MS_A looks for an entry containing in the second element of that entry the certificate of the recipient secure element SE_B as contained in the message 28 (M28). If this certificate does not appear in any entry, an error message is returned to the MS_B and then after to the SE_B.
In the entry that contains the value of the public key certificate of the SE_B, the MS_A modifies the indicator specifying the operational state of the SE_B and positions it to indicate an operational state. In practice, the MS_A anticipates this change of state, because the SE_B will only become operational after the reception and the processing of a further message, message 32 (M32).
The MS_A then sends to the MS_B a message 31 (M31) composed of the following data:
- a message identifier allowing to know that it is a message of type 31,
- data allowing to detect replays,
- the public key certificate of the SE_B,
- an agreement indicator for the setting into operational state the SE_B,
- a digital signature computed over the previous data using the private key of the MS_A.
The data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 28 (M28), or a data sent specifically to this end in an additional message.
The MS_B verifies that the message that it received is indeed a message of type 31 and that the value making possible to detect replays has the expected value. The MS_B also verifies that the digital signature is correct using the public key of the MS_A. If one of these verifications fails, an error message is returned to the MS_A and another one to the SE_B.
Otherwise, the MS_B then indicates to the SE_B that it is authorized to switch into an operational state.
For that purpose, the MS_B sends to the SE_B a message 32 (M32) composed of the following data:
- a message identifier allowing to know that it is a message of type 32,
- data allowing to detect replays,
- the public key certificate of the SE_B,
- an agreement indicator for the switching into an operational state of the SE_B,
- a digital signature computed over the previous data using the private key of the MS_B.
The data allowing to detect replays will be unique data already present in the previous message, as an example, the digital signature present in message 25 (M25) or a data sent specifically to this end in an additional message.
The SE_B verifies that the message that has been received is indeed a message of type 32 and that the value making possible to detect replays has the expected value and that the value of the public key certificate of the SE_B matches with its own public key certificate. The SE_B also verifies that the digital signature is correct using the public key of the MS_B. If this is not the case, an error is returned. If this is the case, the SE_B switches itself into an operational state.
If only the process of the switching into an operational state in a synchronous mode is supported by both the source and the recipient secure elements, then it is not essential to inform the MS_A of the switching into an operational state of the SE_B and messages 12 (M12) and 13 (M13) can then be omitted (See Figure 4).
In this case, an order is addressed to the SE_A so that it is placed into a non-operational state and the SE_A then authorizes the transition of the SE_B into an operational state by means of the message 14 (M14).
3. New backups are then strongly recommended
Once a SE_B became operational, it is strongly recommended that the user carries out as soon as possible a backup of the data contained in the new secure element into one or more other secure elements. If other backups of the SE_A have been performed on other recipient secure elements, unless the operational data contained in these recipient secure elements is deleted, these secure elements are not usable anymore for back up or recovery purposes.
4. Advantages of the process
Making the assumption that all the exchanges were successfully accomplished, it is possible to know whether a secure element has participated to a copy or to a backup process and if it is the case :
- by querying the migration server associated with a source secure element (e.g. MS_A) to know towards which recipient secure element(s) the content of that source secure element has been transferred and whether the operational state of that source secure element has or has not been transferred to one of these recipient secure elements, and /or
- by querying the migration server associated with a recipient secure element (e.g. MS_B) to know from which source secure element(s), operational data has been successively transferred into a given recipient secure element.
The audit of the operations of backup, copy and switching into an operational state is thus ensured. This audit may be particularly useful if one of the secure elements containing a backup copy of the operational data from the legitimate owner of a secure element switched into an operational state against the willingness of its legitimate owner (e.g. subsequent to operations performed under constraint). Afterwards, the legitimate user will be able to contact the MS_A in order to identify the SE_B that became operational and to request the invalidation of its certificate, hence making it unusable as soon as the certificate status of that certificate will be checked. This may limit damages.
Each entry stored by a migration server associated with a source secure element (e.g. MS_A) shall at least contain:
- the public key certificate of a source secure element SE_A,
- the public key certificate of a recipient secure element SE_B,
- an indicator specifying the operational state of the recipient secure element SE_B,
- the public key allowing to authenticate the origin of the messages issued by the MS_B of this recipient secure element SE_B.
Each entry stored by a migration server associated with a recipient secure element (e.g. MS_B) shall at least contain:
- the public key certificate of a recipient secure element SE_B,
- the public key certificate of a SE_A,
- the public key allowing to authenticate the origin of the messages issued by the migration server of the source secure element SE_A (MS_A).
Figure 1 illustrates the architecture of the system and the possible dialogs between the various components of the system.
Figure 2 illustrates the dialogs to be able to carry out the transfer of the operational data.
Figure 3 illustrates only the phase of the transfer of the operational data.
Figure 4 illustrates the transition into an operational state of a SE_B containing a copy of the operational data of a SE_A, in a synchronous mode, consecutively with a dialog with the SE_A where the MS_A is directly contacted by the SE_A.
Figure 5 illustrates the transition into an operational state of a SE_B containing a copy of the operational data of a SE_A, in a synchronous mode, consecutively with a dialog with the SE_A where the MS_A is indirectly contacted by the SE_A via the SE_B and the MS_B.
Figure 6 illustrates the transition in an operational state of a SE_B containing a backup of the operational data of a SE_A, in an asynchronous mode, without dialog with the SE_A.
The secure element may be implemented by means of a single electronic component, e.g. a Trusted Platform Module (TPM) or a coprocessor, or by means of several electronic components encapsulated in another component, or by means of several electronic components protected by a security enclosure, generally called a “cryptographic enclosure” or a "Hardware Security Module (HSM), one or the other of these achievements having the functionalities required by the invention. When the secure element is placed in a device, the aforementioned “secure element” may be interfaced with its external environment, either by means of an interface with contacts, e.g. a smart card with contacts, or by means of an interface without contact, e.g. a smart card without contacts or a Near Field Contact (NFC) card.
The servers or the workstations supporting the secure elements will be connected between them by means of a network. The migration servers will be connected between them by means of a network and also to the servers or working stations supporting the secure elements by means of a network. When each secure element is governed by the same migration server, there is only one migration server instead of two.
Claims (1)
- Process allowing to carry out, under the control of one or more migration servers, either a copy of the operational data contained in a source secure element into a recipient secure element, or a backup of the operational data contained in a source secure element into one or more recipient secure elements, and allowing, at most, one secure element to be operational at any given time where the process includes two phases:- a copy phase or a backup phase of the operational data contained in asource operational secure element into a recipient secure element placed ina non-operational state, with data confidentiality protection and dataintegrity detection during the data transfer,- the deactivation of the operational state of the source secure elementfollowed by the activation of the operational state of one, and only one,recipient secure element containing the operational data originallycontained in the source secure element.The second phase has two variants whether it is carried out:- in a synchronous mode, i.e. immediately following a copy phase whilethe secure elements are still being connected, or- in an asynchronous mode, i.e. later on, once the backup phase has beenaccomplished and after the secure elements have been disconnected.Claim 2. Process according to claim 1 characterized in that every secure element supporting this process is associated with one migration server, where the role of that migration server is to authorize or to prohibit :- the backup or the copy of the operational data from one source secureelement into another recipient secure element, and/or- the change of the status of one secure element from an operational stateinto a non-operational state and vice versa.Claim 3. Process according to claims 1 and 2 characterized in that every secure element shall be personalized beforehand at least with the following data:- a public key certificate specific to the secure element,- a private key associated this public key certificate,- a public key allowing the secure element to authenticate the origin of themessages issued by the migration server associated with the secureelement.The process requires the availability for the migration servers of revocation status information related to the public key certificates issued to the secure elements by the certification authorities issuing these certificates.Claim 4. Process according to the claims 1, 2 and 3 characterized in that the migration server to which a source secure element is associated is able to memorize data making possible to know to which recipient secure element(s) the operational data contained in the source secure element has been successfully transferred (making the assumption that all the exchanges were successfully accomplished).Claim 5. Process according to the claims 1 to 4 characterized in that the migration server to which a recipient secure element is associated is able to memorize data making possible to know from which source secure element(s) the operational data contained in the source secure element has been successfully transferred (making the assumption that all the exchanges were successfully accomplished).Claim 6. Process according to claims 1 to 5 characterized in that, before a backup or a copy can take place, a secure element that will be a recipient of operational data shall:- contain a zone able to store the operational data communicated by thesource secure element which must be originally empty or re-initialised. Ifthis is not the case, that zone shall be beforehand erased or re-initialised.- contain a zone able to memorize a cryptographic checksum computed overthe operational data that will be transferred.- be in a non-operational state. If this is not the case, the secure elementshall be placed beforehand in a non-operational state.Claim 7. Process according to claims 1 to 6, characterized in that the backup or the copy of the operational data contained in a source secure element (SE_A) in another secure element (SE_B) is carried out by means of the following protocol exchanges:(a) the dialog starts with a signed Diffie-Hellman key exchange performedbetween the operational source secure element (SE_A) and the non-operational recipient secure element (SE_B),- message 1 (M1): a random number "n" and a modulo "p" areexchanged between the SE_A and the SE_B.- a message 2 (M2): a random number "n" elevated to the secret power"a" by the SE_A, reduced to the modulo "p", a digital signaturecomputed over the previous data using the private key of the SE_Aassociated with the public key certificate of the SE_A.- message 3 (M3): a random number "n" elevated to the secret power"b" by the SE_B, reduced to the modulo "p", a digital signaturecomputed over the previous data using the private key of the SE_Bassociated with the public key certificate of the SE_B.The message 1 (M1) can be sent at the same time as the message 2 (M2) or message 3 (M3) compound with message 1 (M1) can be sent before message 2 (M2). According to the secure element which takes the initiative of the dialog, the order of messages 2 (M2) and 3 (M3) can be reversed.The resulting secret key "k" built using the signed Diffie-Hellmann key exchange is random number "n" elevated to the secret power "ab", the whole being reduced modulo p. A “man in the middle” will be unable to compute it.(b) each server or each workstation supporting a secure element obtains anaddress (e.g. a URL) giving access the migration server of that secureelement.So that the migration server can detect replays, a challenge is requested from each migration server by the server or by the workstation supporting the secure element.(c) the server or the workstation supporting the SE_A sends a request for achallenge (Ch_A Req) to the MS_A and receives in return a challenge A(Ch_A). Challenge A is then relayed by the server or by the workstationsupporting the SE_A to the server or the workstation supporting theSE_B.(d) the server or the workstation supporting the SE_B sends a request forchallenge (Ch_B Req) to the MS_B and receives in return a challenge B(Ch_B). The challenge B is then relayed by the server or by theworkstation supporting the SE_B to the server or workstation supportingthe SE_A.(e) the SE_B generates a message 4 (M4) that is sent by the server or by theworkstation supporting the SE_B to the server or to the workstationsupporting the SE_A which is then relayed to the MS_A.This message 4 (M4) includes the following data:- a message identifier allowing to know that it is a message of type 4,- the challenge A (Ch_A) obtained from the MS_A,- a message 2 (M2) that the SE_B received SE_A (which contains thepublic key certificate of the SE_A),- the public key certificate of the SE_B,- a digital signature computed over the previous data using the specificprivate key of the SE_B.(f) the server or the workstation supporting the secure element SE_Arequests a challenge to the MS_B which provides in return a challenge Bwhich is then transmitted to the SE_A.(g) the SE_A then generates a message 5 (M5) which is sent by the serveror by the workstation supporting the SE_A to the server or the workstationsupporting the SE_B then which is relayed as message M5_R to theMS_B.This message 5 (M5) includes the following data:- a message identifier allowing to know that it is a message of type 5,- the challenge (Ch_B) obtained from the MS_B,- a message 3 (M3) that the SE_A received SE_B (which contains thepublic key certificate of the SE_B),- the public key allowing to authenticate the origin of the messagestransmitted by the MS_A,- the public key certificate of the SE_A,- as an option, a URL giving access the MS_A,- a digital signature computed over the previous data using the specificprivate key of the SE_A.These messages are sent and received by the server or by the workstation supporting the secure element. It is obvious that the order of the messages 4 (M4) and 5 (M5) can be reversed.Each message is then sent by the secure element to its migration server.(h) The MS_A server verifies that it is indeed a message of type 4, that thechallenge which is present is identical to the one it has just sent, that thepublic key certificate of the SE_A is delivered by a trusted certificationauthority, that this certificate has the adequate properties for theimplementation of this process, that it is during its validity period and thatit is valid (e.g. not revoked) using the messages 6 (M6) and 7 (M7) thatare sent to a server holding certificate statuses (Cert. status).It also verifies that message 2 (M2) which is contained in this message 4(M4) is correctly signed by the public key contained in the public keycertificate of the SE_B, that the public key certificate of the SE_B is acertificate issued by a trusted certification authority, that it has theadequate properties for the implementation of this process, that it isduring its validity period and that it is valid (e.g. not revoked).It also verifies that the whole data set is correctly signed using the privatekey corresponding to the public key certificate of the SE_A.Following the reception and the checking of a message of type 4, the MS_A server stores in a data entry the following data :- the public key certificate of the SE_A,- the public key certificate of the SE_B,- an indicator specifying the operational state of the SE_B, and in thiscase this indicator is positioned to indicate a non-operational state,- the public key allowing to authenticate the origin of the messagesissued by the migration server (MS_B) of this SE_B.In no case, these data shall be removed by the MS_A before the end of the validity period of the public key certificate of the SE_A.If the first data of an entry already contains the public key certificate of the SE_A, a new entry is added afterwards.(i) the MS_B server verifies that it is indeed a message of type 5, that thechallenge which is present is identical to that which he has just sent, thatthe public key certificate of the SE_B is delivered by a trusted certificationauthority, that this certificate contains the adequate properties for theimplementation of this process, that it is during its validity period and thatit is valid (e.g. not revoked) using the messages 8 (M8) and 9 (M9) thatare sent to a server holding certificate statuses (Cert. status).It also verifies that message 3 (M3) which is contained in this message 5(M5) is correctly signed by the public key contained in the public keycertificate of the SE_A, that the public key certificate of the SE_A is acertificate issued by a trusted certification authority, that it lays out theadequate properties for the implementation of this process, that it isduring its validity period and that it is valid (e.g. not revoked).It also verifies that the whole data set is correctly signed using the privatekey corresponding to the public key certificate of the SE_B.Following the reception and the checking of a message of type 5, the MS_B stores in a data entry, the following data:- the public key certificate of the SE_B,- the public key certificate of the SE_A,- the public key allowing to authenticate the origin of the messagestransmitted by the migration server of SE_A (MS_A).As an option, the URL giving access the migration server of SE_A (MS_A) may also be stored.In no case, these data shall be removed before the end of the validity period of the public key certificate of the SE_B.If the first data of an entry already contains the public key certificate of the SE_B, a new entry shall be added afterwards.The order of the verification of the messages 4 (M4) and 5 (M5) can be reversed.(j) the migration server MS_A returns then to the server or to theworkstation supporting the secure element SE_A that contacted it amessage 10 (M10) which contains:- a message identifier allowing to know that it is a message of type 10,- data allowing to detect replays,- an agreement indicator for the transfer of the operational data betweenthe secure elements, and- a digital signature computed over the previous data using the privatekey of the MS_A.The data allowing to detect replays shall be unique data. It can be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a single data already present in a previous message, as an example, data allowing to detect replays in message 6 (M6) can be data already present in message 4 (M4), such as the value of the digital signature computed using the private key of the SE_A.A convention shall be defined between the secure element and its migration server to determine which is the data making possible to detect replays.(k) the SE_A verifies that the message that it received from the MS_A isindeed a message of type 10 and that the value making possible todetect replays has the expected value. The SE_A verifies the digitalsignature of the message using the public key of the MS_A.If the digital signature is correct, the SE_A verifies the presence of theagreement indicator for the transfer of the operational data between thesecure elements.(l) the migration server MS_B returns then to the server or to theworkstation of the secure element SE_B which contacted it a message11 (M11) which contains:- a message identifier allowing to know that it is a message of type 11,- data allowing to detect replays,- an agreement indicator for the transfer of the operational data betweenthe secure elements, and- a digital signature computed over the previous data using the privatekey of the MS_B.The data allowing to detect replays shall be unique data. It can be communicated by means of an additional exchange or in order to avoid this additional exchange, it can be a single data already present in a previous message. As an example, data allowing to detect replays in message 11 (M11) can be data already present in the relayed message 5 (M5_R), such as the value of the digital signature computed using the private key of the SE_A.A convention shall be defined between the secure element and its migration server to determine which is the data making possible to detect replay.(m) the SE_B verifies that the message that it received is indeed a messageof type 11 and that the value making possible to detect replays has theexpected value. The SE_B verifies the digital signature of the messageby means of the public key of the MS_B. If the digital signature iscorrect, the SE_B verifies the presence of the agreement indicator forthe transfer of the operational data between the secure elements.(n) each secure element announces with the other one that it is ready tobegin the transfer of the operational data. This transfer is carried out bymeans of messages exchanged directly between the two secureelements via the servers or the workstations supporting these secureelements. It is a succession of "n" numbered exchanges. Each messageentails a message identifier making it possible to know that it is amessage of type “transfer of operational data”.(o) the operational data of the SE_A are transferred to the SE_B:- enciphered using the key "k" or a key derived from the key "k", and- integrity protected using the key "k" or a key derived from the key "k".The secret key "k" is the key which was built during the exchange of Diffie-Hellmann key: it is random number n" elevated to the secret power "ab", the whole being reduced modulo "p". The received data are deciphered by the SE_B before being stored in the SE_B.In order to make sure that no message is removed during the transfer, a cryptographic checksum is progressively computed while the data is being transferred and is transmitted in the last message.The SE_B verifies that the value of the final value cryptographic checksum that is sent is equal to the one that it has locally computed. If this is not the case, the whole of the data already transferred is erased. A new transfer of the data may however be attempted. If this is the case, the operational data which was present in the SE_A is now present in the SE_B. The SE_B uses an internal indicator to memorize that property. At this stage, the SE_B is still in a non-operational state.Claim 8. Process according to claims 1, 2, 3, 4, 5, 6 and 7, characterized in that the setting in operational state of a secure element SE_B recipient of operational data which have been just copied is consecutively carried out with a dialog with the SE_A where the MS_A is directly contacted by the SE_A in the following way :(a) the messages are exchanged immediately after the end of the copy ofthe operational data contained in the SE_A into of the SE_B, withoutpowering off the SE_A nor the SE_B,(b) the SE_A sends to the MS_A a message 12 (M12) which contains:- a message identifier allowing to know that it is a message of type 12,- data allowing to detect replays,- the public key certificate of the SE_A,- a digital signature computed over the previous data using the privatekey of the SE_A.The data allowing to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a single data already present in a previous message, as an example, the digital signature present in message 10 (M10).(c) the MS_A verifies that the message it received is indeed a message oftype 12 and which message 12 (M12) that is not a replay of a previousmessage and that is correctly signed by the SE_A. In an entry thatcontains in its first element the certificate of the SE_A, it examines thesecond element looking for an element that contains the value of thepublic key certificate of the SE_B. If this entry is not found, then an errormessage is returned to the SE_A. Otherwise, the MS_A modifies theindicator specifying whether the secure element SE_B is or not in anoperational state and positions it into an “operational” state".(d) the MS_A sends to the SE_A a message 13 (M13) which contains:- a message identifier allowing to know that it is a message of type 13,- data allowing to detect replays,- an agreement indicator for the setting of the SE_B into an operationalstate,- a digital signature computed over the previous data using the privatekey of the MS_A.The data allowing to detect replays will be shall be unique data. It maybe communicated by means of an additional exchange or in order toavoid this additional exchange, that can be a single data already presentin a previous message, for example, the digital signature present inmessage 12 (M12).(e) the SE_A verifies:- that the message which it received is indeed a message of type 13,- that the data allowing to detect replay has the expected value,- that the agreement indicator for the transition into an operational stateof the SE_B is present,- that the digital signature is valid by using the public key of the MS_A.The SE_A then places itself in a non-operational state and authorizes the change of the state of the SE_B into an operational state by means of the message 14 (M14) which is composed of:- a message identifier allowing to know that it is a message of type 14,- data allowing to detect replays,- an agreement indicator for the setting of the SE_B into an operationalstate,- a cryptographic checksum computed over the previous data using thesecret key "k" or a key derived from the key "k".The data allowing to detect replays shall be unique data present. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the previous cryptographic checksum computed over the last exchange of the operational data between the two secure elements.(f) the SE_B verifies that the message it received is indeed a message oftype 14 and that the value making possible to detect replays has theexpected value. Using the secret key "k" or a key derived from the key"k", the SE_B verifies that the message contains the expectedcryptographic checksum. It verifies the presence of the agreementindicator for the transition into an operational state and then places itselfinto an operational state.Claim 9. Process according to claims 1, 2, 3, 4, 5, 6 and 7, characterized in that the setting into an operational state of a recipient secure element SE_B is carried out immediately after the successful transfer of operational data between two secure elements using a dialog between the SE_A and the SE_B and where the MS_A is indirectly contacted by the SE_A via the SE_B and via the MS_B.The messages are exchanged immediately after the transfer of the operational data contained in the SE_A into the SE_B, without powering off the SE_A or the SE_B.The data making possible for the MS_B to detect replays shall be unique data. It may be communicated by means of an additional exchange or in order to avoid this additional exchange, that can be a data already present in a previous message, for example, the digital signature contained in the message 11 (M 11) that has been sent by the MS_B to the SE_B. When an additional exchange is being used, the SE_B first requests a challenge (Ch_B Req) to the MS_B and receives back a challenge called Ch_B. The other exchanges are as follows.(a) the SE_B sends to the SE_A a message 15 (M15) which contains:- a message identifier allowing to know that it is a message of type 15,- data allowing the MS_B to detect replays,- a cryptographic checksum computed over the previous data using thesecret key "k" or a key derived from the key "k".(b) the SE_A verifies that the message it received is indeed a message oftype 15 and using the secret key "k" or a key derived from the key "k",the SE_A verifies that the message contains the expected cryptographicchecksum.It then places itself into a non-operational state.(c) the SE_A sends to the SE_B a message 16 (M16) which contains:- a message identifier allowing to know that it is a message of type 16,- data allowing both the MS_B and the SE_B to detect replays,- the public key certificate of the SE_A,- an indicator stating that the SE_A has been placed into anon-operational state,- a digital signature computed over the previous data using the privatekey of the SE_A.- a cryptographic checksum computed on the previous data using thesecret key "k" of a key derived from the key "k".(d) the SE_B verifies that the message that it received is indeed a messageof type 16 and that the value making possible to detect replays has theexpected value. Using the secret key "k" of a key derived from the key"k", the SE_B verifies that the message contains the expectedcryptographic checksum.(e) the server or the workstation supporting the SE_B connects to the MS_Band requests a challenge to the MS_B (Ch_B req). The server or theworkstation supporting the SE_B communicates this challenge B (Ch_B)to the SE_B.(f) the SE_B sends to the MS_B a message 17 (M17) which contains:- a message identifier allowing to know that it is a message of type 17,- the message 16 (M16),- the challenge (Ch_B) received from the MS_B allowing to detectreplays,- the public key certificate of the SE_B,- a digital signature computed over the previous data using the privatekey of the SE_B.(g) the MS_B verifies that:- the message which it received is indeed a message of type 17,- the challenge contained in the message 17 (M17) corresponds to thechallenge (Ch_B) that has been sent,- the message 17 (M17) contains the expected digital signature usingthe public key of the SE_B.(h) the MS_B then verifies that :- the message that is included in the message 17 (M17) is indeed amessage of type 16,- the challenge contained in the message 16 (M16) corresponds to thechallenge (Ch_B) that has been sent,- the message 16 (M16) contains the expected digital signature usingthe public key of the SE_A.(i) the MS_B then extracts from the message 16 (M16):- the message identifier allowing to know that it is a message of type 16,- data allowing to detect replays,- the public key certificate of the SE_A,- an indicator stating that the SE_A has been placed into anon-operational state,- a digital signature computed over the previous data using the privatekey of the SE_A.(j) the MS_B then verifies that that the message that it received is indeed amessage of type 16 and that the value making possible to detect replayshas the expected value. The MS_B verifies the digital signature of themessage using the public key certificate of the SE_A.(k) the MS_B browses through the entries that it has memorized looking forentries containing the public key certificate of the SE_B and recoversfrom the last entry:- the public key certificate of a SE_A,- the public key allowing to authenticate the origin of the messagesissued by the migration server of SE_A (MS_A).By means of the messages 18 (M18) and 19 (M19) addressed to a certificate status server (Cert. status), the MS_B verifies that both the public key certificate of the SE_A and the public key certificate of the SE_B are issued by a trusted certification authority, that they have the adequate properties for the implementation of this process, that they are within their validity period and that they are valid (e.g. they have not been revoked).If all these verifications are satisfied then the server MS_B connects to the MS_A using an address (e.g. a URL) giving access the MS_A associated with this SE_A and requests a challenge to the MS_A.(l) the MS_B sends to the MS_A a message 20 (M20) which contains:- a message identifier allowing to know that it is a message of type 20,- the challenge A (Ch_A) generated by the MS_A,- the public key certificate of the SE_A,- the public key of the MS_B,- a digital signature computed over the previous data using the privatekey of the MS_B.(m) the MS_A verifies that the message that it received is indeed amessage of type 20 and that challenge A contained in message 20(M20) is identical to the challenge which it had sent. If this is not thecase, an error is returned.The MS_A verifies the digital signature of message 20 (M20) using thepublic key of the MS_B contained in this entry. If the verification is notconclusive, an error is returned.The MS_A extracts from the message 20 (M20) the public key certificateof the SE_A and makes sure that the public key certificate of the SE_Ahas already been memorized. If this is not the case, an error is returned.By means of the messages 21 (M21) and 22 (M22) addressed to a certificate status server (Cert. status), the MS_A verifies that the public key certificate of the SE_A is valid (e.g. it has not been revoked).The MS_A examines all the entries associated with the certificate of the SE_A. If anyone entry already contains an indicator specifying that a secure element moved into an operational state, an error is returned. The MS_A recovers the data entries associated with the certificate of the SE_A, i.e. one or more data entries, each entry being composed of:- the certificate of a SE_A,- the certificate of a SE_B,- an indicator specifying whether this SE_B is or is not operational,,- the public key allowing to authenticate the origin of the messagesissued by the MS_B of this SE_B.It looks for the last entry containing the certificate of this SE_B. If thiscertificate does not appear in any entry, an error is returned. In thatentry, the MS_A modifies the indicator specifying the operational stateof the SE_B and places it into an operational state.(n) the MS_A sends to the MS_B a message 23 (M23) which contains:- a message identifier allowing to know that it is a message of type 23,- data allowing to detect replays,- an agreement indicator for the setting into operational state the SE_B,- a digital signature computed over the previous data using the privatekey of the MS_A.The data allowing to detect replays shall be unique data already presentin the previous message, for example, the digital signature present in themessage 20 (M20), or a data sent specifically to this end in an additionalmessage.(o) the MS_B verifies that the message that it received is indeed a messageof type 23 and that the value making possible to detect replays has theexpected value. The MS_B also verifies that the digital signature iscorrect.(p) the MS_B sends to the SE_B a message 24 (M24) which contains:- a message identifier allowing to know that it is a message of type 24,- data allowing to detect replays,- the public key certificate of the SE_B,- an agreement indicator for the transition into an operational state ofthe SE_B,- a digital signature computed over the previous data using the privatekey of the MS_B.The data allowing to detect replays shall be unique data already presentin the previous message, for example, the digital signature present inthe message 17 (M17), or a data sent specifically to this end in anadditional message.(q) the SE_B verifies that the message that it received is indeed a messageof type 24 and that the value making possible to detect replays has theexpected value and that the value of the public key certificate of theSE_B matches with its own public key certificate. The SE_B verifiesthat the digital signature of message 24 (M24) is correct. If this is notthe case, an error is returned. If this is the case, the SE_B switches intoan operational state.Claim 10. Process according to claims 1, 2, 3, 4, 5, 6 and 7, characterized in that the switching into an operational state of recipient secure element SE_B is carried out in asynchronous mode without a dialog with the SE_A in the following way:(a) the SE_B verifies itself that it is in a non-operational state and that itcontains a complete transfer of backed up operational data by verifyingthe presence of an internal indicator that memorizes the fact that itcontains the full set of the operational data of another secure element.If these verifications are unsuccessful, then an error is returned by theSE_B.(b) the server or the workstation supporting the SE_B connects to the MS_Band requests a challenge to the MS_B by means of message(Ch_B Req). The server or the workstation supporting the SE_Bcommunicates this challenge B to the SE_B by means of a message(Ch_B).(c) the SE_B generates to the attention of the migration server MS_B amessage 25 (M25) which contains:- a message identifier allowing to know that it is a message of type 25,- the challenge B (Ch_B),- the public key certificate of the SE_B,- a digital signature computed over the previous data using the privatekey of the SE_B.(d) the MS_B verifies that:- the message which it received is indeed a message of type 25,- the challenge B corresponds to the one that has just been sent,- the public key certificate of the SE_B was issued by a trustedcertification authority, that it has the adequate properties for theimplementation of this process, that it is during its validity period andby means of the messages 26 (M26) and 27 (M27) that it is valid(e.g. not revoked),- the digital signature is valid, using the public key contained in thepublic key certificate of the SE_B.If anyone of these conditions is not verified, an error message is returned to the SE_B.(e) the MS_B browses through the entries which it memorized looking for anentry containing in the first element of the entry the public key certificateof the SE_B. If such an entry is missing, an error message is returned tothe SE_B.The MS_B recovers the last entry associated with the certificate of theSE_B which shall at least contain:- the public key certificate of a SE_B,- the public key certificate of a SE_A,- the public key allowing to authenticate the origin of the messagestransmitted by the MS_A associated with this SE_A.The MS_B verifies that the public key certificate of the SE_A has beenissued by a trusted certification authority, that it has the adequateproperties for the implementation of this process, that it is during itsvalidity period. By means of the messages 26 (M26) and 27 (M27)addressed to a certificate status server (Cert. status). The MS_B verifiesthat the public key certificate of the SE_A is no more valid (e.g. it hasbeen revoked) and that the public key certificate of the SE_B is valid(e.g. it has not been revoked). If these verifications are not carried outsuccessfully then an error message is returned to the MS_B and thenafter to the SE_B.If all these verifications are satisfied then the server MS_B contacts the MS_A using an address (e.g. a URL) giving access the MS_A associated with this SE_A.(f) the MS_B requests a challenge to the MS_A (Ch_A Req). The MS_Acommunicates this challenge A (Ch_A) to the MS_B. The MS_Bgenerates for the MS_A a message 28 (M28) which contains:- a message identifier allowing to know that it is a message of type 28,- the challenge A (Ch_A) generated by the MS_A,- the public key certificate of the SE_A,- the public key certificate of the SE_B,- the public key of the MS_B,- a digital signature computed over the previous data using the privatekey of the MS_B.(g) the MS_A verifies that the message that it received is indeed a messageof type 28 and that the challenge contained in the message 28 (M28) isidentical to the challenge (Ch_A) which it has sent. The MS_A verifiesthe digital signature using the public key of the MS_B. If one of theseverification fails, an error message is returned to the MS_B and thenafter to the SE_B. The MS_A browses through the entries which itmemorized looking for an entry containing in the first element of theentry the public key certificate of the SE_A. If this entry is missing, anerror message is returned to the MS_B and then after to the SE_B.If this entry is present, it makes sure by means of messages 29 (M29)and 30 (M30) addressed to a certificate status server (Cert. status) thatthe certificate of the SE_A is no more valid (e.g. it has been revoked)and that the certificate of the SE_B is valid (e.g. it has not beenrevoked). If this is not the case, an error message is returned to theMS_B and then after to the SE_B.The MS_A examines all the entries associated with the certificate of theSE_A. If anyone of these entries contains an indicator specifying in thethird element of the entry that a recipient secure element alreadyswitched into an operational state, an error message is returned to theMS_B.The MS_A looks for an entry containing in the second element of thatentry the certificate of the recipient secure element SE_B as contained inthe message 28 (M28). If this certificate does not appear in any entry, anerror message is returned to the MS_B.In the entry that contains the value of the public key certificate of theSE_B, the MS_A modifies the indicator specifying the operational stateof the SE_B and positions it to indicate an operational state.The MS_A then sends to the MS_B a message 31 (M31) composed ofthe following data:- a message identifier allowing to know that it is a message of type 31,- data allowing to detect replays,- the public key certificate of the SE_B,- an agreement indicator for the setting into operational state the SE_B,- a digital signature computed over the previous data using the privatekey of the MS_A.The data allowing to detect replays shall be unique data already presentin the previous message, for example, the digital signature present in themessage 28 (M28), or a data sent specifically to this end in an additionalmessage.(h) the MS_B verifies that the message that it received is indeed a messageof type 31 and that the value making possible to detect replays has theexpected value. The MS_B also verifies the digital signature of themessage using the public key of the MS_A. If one of these verificationsfails, an error message is returned to the MS_A and another one to theSE_B.(i) otherwise, the MS_B then indicates to the SE_B that it is authorized toswitch into an operational state. For that purpose, the MS_B sends to theSE_B a message 32 (M32) composed of the following data:- a message identifier allowing to know that it is a message of type 32,- data allowing to detect replays,- the public key certificate of the SE_B,- an agreement indicator for the switching into an operational state ofthe SE_B,- a digital signature computed over the previous data using the privatekey of the MS_B.The data allowing to detect replays shall be unique data already present in the previous message, for example, the digital signature present in the message 25 (M25), or a data sent specifically to this end in an additional message.(j) the SE_B verifies that the message that has been received is indeed amessage of type 32 and that the value making possible to detect replayshas the expected value and that the value of the public key certificate ofthe SE_B matches with its own public key certificate. The SE_B alsoverifies that the digital signature is correct using the public key of theMS_B. If this is not the case, an error is returned. If this is the case, thenthe SE_B switches itself into an operational state.Claim 11. Process according to claims 1, 2, 3, 4, 6 and 7, characterized in that, if only the process of the switching into an operational state in a synchronous mode is supported by both the source and the recipient secure elements, an order may be addressed to the SE_A so that it is placed into a non-operational state and the SE_A then authorizes the transition of the SE_B into an operational state by means of the message 14 (M14). Hence, messages 12 (M12) and 13 (M13) can then be omitted.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP17726195.5A EP3430552A1 (en) | 2016-03-15 | 2017-03-13 | Duplication process of operational data contained in a source secure element into one or more recipient secure elements allowing, at most, one secure element to be operational at a given time |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1670107 | 2016-03-15 | ||
FR1670107A FR3049083A1 (en) | 2016-03-15 | 2016-03-15 | A METHOD FOR DUPLICATING DATA FROM A SECURE MICROCIRCUIT TO ANOTHER SECURE MICROCIRCUIT SO AT LEAST ONE SECURE MICROCIRCUIT SECURE TO BE OPERATIONAL TO A GIVEN TIME |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017157859A1 true WO2017157859A1 (en) | 2017-09-21 |
Family
ID=58010095
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2017/055858 WO2017157859A1 (en) | 2016-03-15 | 2017-03-13 | Duplication process of operational data contained in a source secure element into one or more recipient secure elements allowing, at most, one secure element to be operational at a given time |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP3430552A1 (en) |
FR (1) | FR3049083A1 (en) |
WO (1) | WO2017157859A1 (en) |
Cited By (101)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10425129B1 (en) | 2019-02-27 | 2019-09-24 | Capital One Services, Llc | Techniques to reduce power consumption in near field communication systems |
US10438437B1 (en) | 2019-03-20 | 2019-10-08 | Capital One Services, Llc | Tap to copy data to clipboard via NFC |
US10467622B1 (en) | 2019-02-01 | 2019-11-05 | Capital One Services, Llc | Using on-demand applications to generate virtual numbers for a contactless card to securely autofill forms |
US10467445B1 (en) | 2019-03-28 | 2019-11-05 | Capital One Services, Llc | Devices and methods for contactless card alignment with a foldable mobile device |
US10489781B1 (en) | 2018-10-02 | 2019-11-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10498401B1 (en) | 2019-07-15 | 2019-12-03 | Capital One Services, Llc | System and method for guiding card positioning using phone sensors |
US10505738B1 (en) | 2018-10-02 | 2019-12-10 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10506426B1 (en) | 2019-07-19 | 2019-12-10 | Capital One Services, Llc | Techniques for call authentication |
US10510074B1 (en) | 2019-02-01 | 2019-12-17 | Capital One Services, Llc | One-tap payment using a contactless card |
US10511443B1 (en) | 2018-10-02 | 2019-12-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10516447B1 (en) | 2019-06-17 | 2019-12-24 | Capital One Services, Llc | Dynamic power levels in NFC card communications |
US10523708B1 (en) | 2019-03-18 | 2019-12-31 | Capital One Services, Llc | System and method for second factor authentication of customer support calls |
US10535062B1 (en) | 2019-03-20 | 2020-01-14 | Capital One Services, Llc | Using a contactless card to securely share personal data stored in a blockchain |
US10542036B1 (en) | 2018-10-02 | 2020-01-21 | Capital One Services, Llc | Systems and methods for signaling an attack on contactless cards |
US10541995B1 (en) | 2019-07-23 | 2020-01-21 | Capital One Services, Llc | First factor contactless card authentication system and method |
US10546444B2 (en) | 2018-06-21 | 2020-01-28 | Capital One Services, Llc | Systems and methods for secure read-only authentication |
US10554411B1 (en) | 2018-10-02 | 2020-02-04 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10565587B1 (en) | 2018-10-02 | 2020-02-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
WO2020036070A1 (en) * | 2018-08-13 | 2020-02-20 | 日本電信電話株式会社 | Terminal registration system and terminal registration method |
US10579998B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10581611B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10582386B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10592710B1 (en) | 2018-10-02 | 2020-03-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10607214B1 (en) | 2018-10-02 | 2020-03-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10607216B1 (en) | 2018-10-02 | 2020-03-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10615981B1 (en) | 2018-10-02 | 2020-04-07 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10623393B1 (en) | 2018-10-02 | 2020-04-14 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10630653B1 (en) | 2018-10-02 | 2020-04-21 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10643420B1 (en) | 2019-03-20 | 2020-05-05 | Capital One Services, Llc | Contextual tapping engine |
US10657754B1 (en) | 2019-12-23 | 2020-05-19 | Capital One Services, Llc | Contactless card and personal identification system |
US10664941B1 (en) | 2019-12-24 | 2020-05-26 | Capital One Services, Llc | Steganographic image encoding of biometric template information on a card |
US10680824B2 (en) | 2018-10-02 | 2020-06-09 | Capital One Services, Llc | Systems and methods for inventory management using cryptographic authentication of contactless cards |
US10685350B2 (en) | 2018-10-02 | 2020-06-16 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10686603B2 (en) | 2018-10-02 | 2020-06-16 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10701560B1 (en) | 2019-10-02 | 2020-06-30 | Capital One Services, Llc | Client device authentication using contactless legacy magnetic stripe data |
US10713649B1 (en) | 2019-07-09 | 2020-07-14 | Capital One Services, Llc | System and method enabling mobile near-field communication to update display on a payment card |
US10733601B1 (en) | 2019-07-17 | 2020-08-04 | Capital One Services, Llc | Body area network facilitated authentication or payment authorization |
US10733283B1 (en) | 2019-12-23 | 2020-08-04 | Capital One Services, Llc | Secure password generation and management using NFC and contactless smart cards |
US10733645B2 (en) | 2018-10-02 | 2020-08-04 | Capital One Services, Llc | Systems and methods for establishing identity for order pick up |
US10748138B2 (en) | 2018-10-02 | 2020-08-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10757574B1 (en) | 2019-12-26 | 2020-08-25 | Capital One Services, Llc | Multi-factor authentication providing a credential via a contactless card for secure messaging |
US10771254B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for email-based card activation |
US10771253B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10783519B2 (en) | 2018-10-02 | 2020-09-22 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10797882B2 (en) | 2018-10-02 | 2020-10-06 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10832271B1 (en) | 2019-07-17 | 2020-11-10 | Capital One Services, Llc | Verified reviews using a contactless card |
US10841091B2 (en) | 2018-10-02 | 2020-11-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10862540B1 (en) | 2019-12-23 | 2020-12-08 | Capital One Services, Llc | Method for mapping NFC field strength and location on mobile devices |
US10860914B1 (en) | 2019-12-31 | 2020-12-08 | Capital One Services, Llc | Contactless card and method of assembly |
US10860814B2 (en) | 2018-10-02 | 2020-12-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10861006B1 (en) | 2020-04-30 | 2020-12-08 | Capital One Services, Llc | Systems and methods for data access control using a short-range transceiver |
US10871958B1 (en) | 2019-07-03 | 2020-12-22 | Capital One Services, Llc | Techniques to perform applet programming |
US10885514B1 (en) | 2019-07-15 | 2021-01-05 | Capital One Services, Llc | System and method for using image data to trigger contactless card transactions |
US10885410B1 (en) | 2019-12-23 | 2021-01-05 | Capital One Services, Llc | Generating barcodes utilizing cryptographic techniques |
US10909527B2 (en) | 2018-10-02 | 2021-02-02 | Capital One Services, Llc | Systems and methods for performing a reissue of a contactless card |
US10909544B1 (en) | 2019-12-26 | 2021-02-02 | Capital One Services, Llc | Accessing and utilizing multiple loyalty point accounts |
US10915888B1 (en) | 2020-04-30 | 2021-02-09 | Capital One Services, Llc | Contactless card with multiple rotating security keys |
US10949520B2 (en) | 2018-10-02 | 2021-03-16 | Capital One Services, Llc | Systems and methods for cross coupling risk analytics and one-time-passcodes |
US10963865B1 (en) | 2020-05-12 | 2021-03-30 | Capital One Services, Llc | Augmented reality card activation experience |
US10970712B2 (en) | 2019-03-21 | 2021-04-06 | Capital One Services, Llc | Delegated administration of permissions using a contactless card |
CN112636916A (en) * | 2020-11-30 | 2021-04-09 | 捷德(中国)科技有限公司 | Data processing method, data processing device, storage medium and electronic equipment |
US10984416B2 (en) | 2019-03-20 | 2021-04-20 | Capital One Services, Llc | NFC mobile currency transfer |
US10992477B2 (en) | 2018-10-02 | 2021-04-27 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11030339B1 (en) | 2020-04-30 | 2021-06-08 | Capital One Services, Llc | Systems and methods for data access control of personal user data using a short-range transceiver |
US11038688B1 (en) | 2019-12-30 | 2021-06-15 | Capital One Services, Llc | Techniques to control applets for contactless cards |
US11037136B2 (en) | 2019-01-24 | 2021-06-15 | Capital One Services, Llc | Tap to autofill card data |
US11063979B1 (en) | 2020-05-18 | 2021-07-13 | Capital One Services, Llc | Enabling communications between applications in a mobile operating system |
US11062098B1 (en) | 2020-08-11 | 2021-07-13 | Capital One Services, Llc | Augmented reality information display and interaction via NFC based authentication |
US11100511B1 (en) | 2020-05-18 | 2021-08-24 | Capital One Services, Llc | Application-based point of sale system in mobile operating systems |
US11113685B2 (en) | 2019-12-23 | 2021-09-07 | Capital One Services, Llc | Card issuing with restricted virtual numbers |
US11120453B2 (en) | 2019-02-01 | 2021-09-14 | Capital One Services, Llc | Tap card to securely generate card data to copy to clipboard |
US11165586B1 (en) | 2020-10-30 | 2021-11-02 | Capital One Services, Llc | Call center web-based authentication using a contactless card |
US11182771B2 (en) | 2019-07-17 | 2021-11-23 | Capital One Services, Llc | System for value loading onto in-vehicle device |
US11200563B2 (en) | 2019-12-24 | 2021-12-14 | Capital One Services, Llc | Account registration using a contactless card |
US11210656B2 (en) | 2020-04-13 | 2021-12-28 | Capital One Services, Llc | Determining specific terms for contactless card activation |
US11210664B2 (en) | 2018-10-02 | 2021-12-28 | Capital One Services, Llc | Systems and methods for amplifying the strength of cryptographic algorithms |
US11216799B1 (en) | 2021-01-04 | 2022-01-04 | Capital One Services, Llc | Secure generation of one-time passcodes using a contactless card |
US11222342B2 (en) | 2020-04-30 | 2022-01-11 | Capital One Services, Llc | Accurate images in graphical user interfaces to enable data transfer |
US11245438B1 (en) | 2021-03-26 | 2022-02-08 | Capital One Services, Llc | Network-enabled smart apparatus and systems and methods for activating and provisioning same |
US11354555B1 (en) | 2021-05-04 | 2022-06-07 | Capital One Services, Llc | Methods, mediums, and systems for applying a display to a transaction card |
US11361302B2 (en) | 2019-01-11 | 2022-06-14 | Capital One Services, Llc | Systems and methods for touch screen interface interaction using a card overlay |
US11373169B2 (en) | 2020-11-03 | 2022-06-28 | Capital One Services, Llc | Web-based activation of contactless cards |
US11392933B2 (en) | 2019-07-03 | 2022-07-19 | Capital One Services, Llc | Systems and methods for providing online and hybridcard interactions |
US11438329B2 (en) | 2021-01-29 | 2022-09-06 | Capital One Services, Llc | Systems and methods for authenticated peer-to-peer data transfer using resource locators |
US11455620B2 (en) | 2019-12-31 | 2022-09-27 | Capital One Services, Llc | Tapping a contactless card to a computing device to provision a virtual number |
US11482312B2 (en) | 2020-10-30 | 2022-10-25 | Capital One Services, Llc | Secure verification of medical status using a contactless card |
US11521262B2 (en) | 2019-05-28 | 2022-12-06 | Capital One Services, Llc | NFC enhanced augmented reality information overlays |
US11521213B2 (en) | 2019-07-18 | 2022-12-06 | Capital One Services, Llc | Continuous authentication for digital services based on contactless card positioning |
US11562358B2 (en) | 2021-01-28 | 2023-01-24 | Capital One Services, Llc | Systems and methods for near field contactless card communication and cryptographic authentication |
US11615395B2 (en) | 2019-12-23 | 2023-03-28 | Capital One Services, Llc | Authentication for third party digital wallet provisioning |
US11637826B2 (en) | 2021-02-24 | 2023-04-25 | Capital One Services, Llc | Establishing authentication persistence |
US11651361B2 (en) | 2019-12-23 | 2023-05-16 | Capital One Services, Llc | Secure authentication based on passport data stored in a contactless card |
US11682012B2 (en) | 2021-01-27 | 2023-06-20 | Capital One Services, Llc | Contactless delivery systems and methods |
US11687930B2 (en) | 2021-01-28 | 2023-06-27 | Capital One Services, Llc | Systems and methods for authentication of access tokens |
US11694187B2 (en) | 2019-07-03 | 2023-07-04 | Capital One Services, Llc | Constraining transactional capabilities for contactless cards |
US11777933B2 (en) | 2021-02-03 | 2023-10-03 | Capital One Services, Llc | URL-based authentication for payment cards |
US11792001B2 (en) | 2021-01-28 | 2023-10-17 | Capital One Services, Llc | Systems and methods for secure reprovisioning |
US11823175B2 (en) | 2020-04-30 | 2023-11-21 | Capital One Services, Llc | Intelligent card unlock |
US11902442B2 (en) | 2021-04-22 | 2024-02-13 | Capital One Services, Llc | Secure management of accounts on display devices using a contactless card |
US11935035B2 (en) | 2021-04-20 | 2024-03-19 | Capital One Services, Llc | Techniques to utilize resource locators by a contactless card to perform a sequence of operations |
US11961089B2 (en) | 2021-04-20 | 2024-04-16 | Capital One Services, Llc | On-demand applications to extend web services |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10997132B2 (en) | 2017-02-07 | 2021-05-04 | Oracle International Corporation | Systems and methods for live data migration with automatic redirection |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1702266A2 (en) * | 2004-01-08 | 2006-09-20 | Matsushita Electric Industries Co., Ltd. | Content management apparatus |
US20080027868A1 (en) * | 2006-07-28 | 2008-01-31 | Sony Ericsson Mobile Communications Ab | Transfer of digital rights management information |
-
2016
- 2016-03-15 FR FR1670107A patent/FR3049083A1/en active Pending
-
2017
- 2017-03-13 EP EP17726195.5A patent/EP3430552A1/en not_active Withdrawn
- 2017-03-13 WO PCT/EP2017/055858 patent/WO2017157859A1/en active Application Filing
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1702266A2 (en) * | 2004-01-08 | 2006-09-20 | Matsushita Electric Industries Co., Ltd. | Content management apparatus |
US20080027868A1 (en) * | 2006-07-28 | 2008-01-31 | Sony Ericsson Mobile Communications Ab | Transfer of digital rights management information |
Cited By (147)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10546444B2 (en) | 2018-06-21 | 2020-01-28 | Capital One Services, Llc | Systems and methods for secure read-only authentication |
US10878651B2 (en) | 2018-06-21 | 2020-12-29 | Capital One Services, Llc | Systems and methods for secure read-only authentication |
WO2020036070A1 (en) * | 2018-08-13 | 2020-02-20 | 日本電信電話株式会社 | Terminal registration system and terminal registration method |
US11728994B2 (en) | 2018-10-02 | 2023-08-15 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10623393B1 (en) | 2018-10-02 | 2020-04-14 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11301848B2 (en) | 2018-10-02 | 2022-04-12 | Capital One Services, Llc | Systems and methods for secure transaction approval |
US10505738B1 (en) | 2018-10-02 | 2019-12-10 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11297046B2 (en) | 2018-10-02 | 2022-04-05 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11233645B2 (en) | 2018-10-02 | 2022-01-25 | Capital One Services, Llc | Systems and methods of key selection for cryptographic authentication of contactless cards |
US10511443B1 (en) | 2018-10-02 | 2019-12-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11232272B2 (en) | 2018-10-02 | 2022-01-25 | Capital One Services, Llc | Systems and methods for contactless card applet communication |
US11321546B2 (en) | 2018-10-02 | 2022-05-03 | Capital One Services, Llc | Systems and methods data transmission using contactless cards |
US11336454B2 (en) | 2018-10-02 | 2022-05-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10542036B1 (en) | 2018-10-02 | 2020-01-21 | Capital One Services, Llc | Systems and methods for signaling an attack on contactless cards |
US11699047B2 (en) | 2018-10-02 | 2023-07-11 | Capital One Services, Llc | Systems and methods for contactless card applet communication |
US11210664B2 (en) | 2018-10-02 | 2021-12-28 | Capital One Services, Llc | Systems and methods for amplifying the strength of cryptographic algorithms |
US10554411B1 (en) | 2018-10-02 | 2020-02-04 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10565587B1 (en) | 2018-10-02 | 2020-02-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11341480B2 (en) | 2018-10-02 | 2022-05-24 | Capital One Services, Llc | Systems and methods for phone-based card activation |
US10579998B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10581611B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10582386B1 (en) | 2018-10-02 | 2020-03-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10592710B1 (en) | 2018-10-02 | 2020-03-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10607214B1 (en) | 2018-10-02 | 2020-03-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10607216B1 (en) | 2018-10-02 | 2020-03-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10615981B1 (en) | 2018-10-02 | 2020-04-07 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10841091B2 (en) | 2018-10-02 | 2020-11-17 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10630653B1 (en) | 2018-10-02 | 2020-04-21 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11349667B2 (en) | 2018-10-02 | 2022-05-31 | Capital One Services, Llc | Systems and methods for inventory management using cryptographic authentication of contactless cards |
US11843700B2 (en) | 2018-10-02 | 2023-12-12 | Capital One Services, Llc | Systems and methods for email-based card activation |
US11804964B2 (en) | 2018-10-02 | 2023-10-31 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10680824B2 (en) | 2018-10-02 | 2020-06-09 | Capital One Services, Llc | Systems and methods for inventory management using cryptographic authentication of contactless cards |
US10685350B2 (en) | 2018-10-02 | 2020-06-16 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10686603B2 (en) | 2018-10-02 | 2020-06-16 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11790187B2 (en) | 2018-10-02 | 2023-10-17 | Capital One Services, Llc | Systems and methods for data transmission using contactless cards |
US11195174B2 (en) | 2018-10-02 | 2021-12-07 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11182784B2 (en) | 2018-10-02 | 2021-11-23 | Capital One Services, Llc | Systems and methods for performing transactions with contactless cards |
US11784820B2 (en) | 2018-10-02 | 2023-10-10 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10733645B2 (en) | 2018-10-02 | 2020-08-04 | Capital One Services, Llc | Systems and methods for establishing identity for order pick up |
US10748138B2 (en) | 2018-10-02 | 2020-08-18 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11770254B2 (en) | 2018-10-02 | 2023-09-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10771254B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for email-based card activation |
US10771253B2 (en) | 2018-10-02 | 2020-09-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10778437B2 (en) | 2018-10-02 | 2020-09-15 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10783519B2 (en) | 2018-10-02 | 2020-09-22 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11182785B2 (en) | 2018-10-02 | 2021-11-23 | Capital One Services, Llc | Systems and methods for authorization and access to services using contactless cards |
US10797882B2 (en) | 2018-10-02 | 2020-10-06 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11924188B2 (en) | 2018-10-02 | 2024-03-05 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10489781B1 (en) | 2018-10-02 | 2019-11-26 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11843698B2 (en) | 2018-10-02 | 2023-12-12 | Capital One Services, Llc | Systems and methods of key selection for cryptographic authentication of contactless cards |
US11144915B2 (en) | 2018-10-02 | 2021-10-12 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards using risk factors |
US10860814B2 (en) | 2018-10-02 | 2020-12-08 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11658997B2 (en) | 2018-10-02 | 2023-05-23 | Capital One Services, Llc | Systems and methods for signaling an attack on contactless cards |
US11129019B2 (en) | 2018-10-02 | 2021-09-21 | Capital One Services, Llc | Systems and methods for performing transactions with contactless cards |
US10880327B2 (en) | 2018-10-02 | 2020-12-29 | Capital One Services, Llc | Systems and methods for signaling an attack on contactless cards |
US11423452B2 (en) | 2018-10-02 | 2022-08-23 | Capital One Services, Llc | Systems and methods for establishing identity for order pick up |
US11438311B2 (en) | 2018-10-02 | 2022-09-06 | Capital One Services, Llc | Systems and methods for card information management |
US10887106B2 (en) | 2018-10-02 | 2021-01-05 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11610195B2 (en) | 2018-10-02 | 2023-03-21 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10909527B2 (en) | 2018-10-02 | 2021-02-02 | Capital One Services, Llc | Systems and methods for performing a reissue of a contactless card |
US11563583B2 (en) | 2018-10-02 | 2023-01-24 | Capital One Services, Llc | Systems and methods for content management using contactless cards |
US11544707B2 (en) | 2018-10-02 | 2023-01-03 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US10949520B2 (en) | 2018-10-02 | 2021-03-16 | Capital One Services, Llc | Systems and methods for cross coupling risk analytics and one-time-passcodes |
US10965465B2 (en) | 2018-10-02 | 2021-03-30 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11102007B2 (en) | 2018-10-02 | 2021-08-24 | Capital One Services, Llc | Contactless card emulation system and method |
US11438164B2 (en) | 2018-10-02 | 2022-09-06 | Capital One Services, Llc | Systems and methods for email-based card activation |
US11502844B2 (en) | 2018-10-02 | 2022-11-15 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11444775B2 (en) | 2018-10-02 | 2022-09-13 | Capital One Services, Llc | Systems and methods for content management using contactless cards |
US10992477B2 (en) | 2018-10-02 | 2021-04-27 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11469898B2 (en) | 2018-10-02 | 2022-10-11 | Capital One Services, Llc | Systems and methods for message presentation using contactless cards |
US11456873B2 (en) | 2018-10-02 | 2022-09-27 | Capital One Services, Llc | Systems and methods for cryptographic authentication of contactless cards |
US11361302B2 (en) | 2019-01-11 | 2022-06-14 | Capital One Services, Llc | Systems and methods for touch screen interface interaction using a card overlay |
US11037136B2 (en) | 2019-01-24 | 2021-06-15 | Capital One Services, Llc | Tap to autofill card data |
US10510074B1 (en) | 2019-02-01 | 2019-12-17 | Capital One Services, Llc | One-tap payment using a contactless card |
US10467622B1 (en) | 2019-02-01 | 2019-11-05 | Capital One Services, Llc | Using on-demand applications to generate virtual numbers for a contactless card to securely autofill forms |
US11120453B2 (en) | 2019-02-01 | 2021-09-14 | Capital One Services, Llc | Tap card to securely generate card data to copy to clipboard |
US10425129B1 (en) | 2019-02-27 | 2019-09-24 | Capital One Services, Llc | Techniques to reduce power consumption in near field communication systems |
US10523708B1 (en) | 2019-03-18 | 2019-12-31 | Capital One Services, Llc | System and method for second factor authentication of customer support calls |
US10438437B1 (en) | 2019-03-20 | 2019-10-08 | Capital One Services, Llc | Tap to copy data to clipboard via NFC |
US10535062B1 (en) | 2019-03-20 | 2020-01-14 | Capital One Services, Llc | Using a contactless card to securely share personal data stored in a blockchain |
US10984416B2 (en) | 2019-03-20 | 2021-04-20 | Capital One Services, Llc | NFC mobile currency transfer |
US10783736B1 (en) | 2019-03-20 | 2020-09-22 | Capital One Services, Llc | Tap to copy data to clipboard via NFC |
US10643420B1 (en) | 2019-03-20 | 2020-05-05 | Capital One Services, Llc | Contextual tapping engine |
US10970712B2 (en) | 2019-03-21 | 2021-04-06 | Capital One Services, Llc | Delegated administration of permissions using a contactless card |
US10467445B1 (en) | 2019-03-28 | 2019-11-05 | Capital One Services, Llc | Devices and methods for contactless card alignment with a foldable mobile device |
US11521262B2 (en) | 2019-05-28 | 2022-12-06 | Capital One Services, Llc | NFC enhanced augmented reality information overlays |
US10516447B1 (en) | 2019-06-17 | 2019-12-24 | Capital One Services, Llc | Dynamic power levels in NFC card communications |
US10871958B1 (en) | 2019-07-03 | 2020-12-22 | Capital One Services, Llc | Techniques to perform applet programming |
US11694187B2 (en) | 2019-07-03 | 2023-07-04 | Capital One Services, Llc | Constraining transactional capabilities for contactless cards |
US11392933B2 (en) | 2019-07-03 | 2022-07-19 | Capital One Services, Llc | Systems and methods for providing online and hybridcard interactions |
US10713649B1 (en) | 2019-07-09 | 2020-07-14 | Capital One Services, Llc | System and method enabling mobile near-field communication to update display on a payment card |
US10885514B1 (en) | 2019-07-15 | 2021-01-05 | Capital One Services, Llc | System and method for using image data to trigger contactless card transactions |
US10498401B1 (en) | 2019-07-15 | 2019-12-03 | Capital One Services, Llc | System and method for guiding card positioning using phone sensors |
US10733601B1 (en) | 2019-07-17 | 2020-08-04 | Capital One Services, Llc | Body area network facilitated authentication or payment authorization |
US11182771B2 (en) | 2019-07-17 | 2021-11-23 | Capital One Services, Llc | System for value loading onto in-vehicle device |
US10832271B1 (en) | 2019-07-17 | 2020-11-10 | Capital One Services, Llc | Verified reviews using a contactless card |
US11521213B2 (en) | 2019-07-18 | 2022-12-06 | Capital One Services, Llc | Continuous authentication for digital services based on contactless card positioning |
US10506426B1 (en) | 2019-07-19 | 2019-12-10 | Capital One Services, Llc | Techniques for call authentication |
US10541995B1 (en) | 2019-07-23 | 2020-01-21 | Capital One Services, Llc | First factor contactless card authentication system and method |
US11638148B2 (en) | 2019-10-02 | 2023-04-25 | Capital One Services, Llc | Client device authentication using contactless legacy magnetic stripe data |
US10701560B1 (en) | 2019-10-02 | 2020-06-30 | Capital One Services, Llc | Client device authentication using contactless legacy magnetic stripe data |
US11651361B2 (en) | 2019-12-23 | 2023-05-16 | Capital One Services, Llc | Secure authentication based on passport data stored in a contactless card |
US10733283B1 (en) | 2019-12-23 | 2020-08-04 | Capital One Services, Llc | Secure password generation and management using NFC and contactless smart cards |
US11113685B2 (en) | 2019-12-23 | 2021-09-07 | Capital One Services, Llc | Card issuing with restricted virtual numbers |
US10862540B1 (en) | 2019-12-23 | 2020-12-08 | Capital One Services, Llc | Method for mapping NFC field strength and location on mobile devices |
US10657754B1 (en) | 2019-12-23 | 2020-05-19 | Capital One Services, Llc | Contactless card and personal identification system |
US11615395B2 (en) | 2019-12-23 | 2023-03-28 | Capital One Services, Llc | Authentication for third party digital wallet provisioning |
US10885410B1 (en) | 2019-12-23 | 2021-01-05 | Capital One Services, Llc | Generating barcodes utilizing cryptographic techniques |
US11200563B2 (en) | 2019-12-24 | 2021-12-14 | Capital One Services, Llc | Account registration using a contactless card |
US10664941B1 (en) | 2019-12-24 | 2020-05-26 | Capital One Services, Llc | Steganographic image encoding of biometric template information on a card |
US10757574B1 (en) | 2019-12-26 | 2020-08-25 | Capital One Services, Llc | Multi-factor authentication providing a credential via a contactless card for secure messaging |
US10909544B1 (en) | 2019-12-26 | 2021-02-02 | Capital One Services, Llc | Accessing and utilizing multiple loyalty point accounts |
US11038688B1 (en) | 2019-12-30 | 2021-06-15 | Capital One Services, Llc | Techniques to control applets for contactless cards |
US11455620B2 (en) | 2019-12-31 | 2022-09-27 | Capital One Services, Llc | Tapping a contactless card to a computing device to provision a virtual number |
US10860914B1 (en) | 2019-12-31 | 2020-12-08 | Capital One Services, Llc | Contactless card and method of assembly |
US11210656B2 (en) | 2020-04-13 | 2021-12-28 | Capital One Services, Llc | Determining specific terms for contactless card activation |
US11562346B2 (en) | 2020-04-30 | 2023-01-24 | Capital One Services, Llc | Contactless card with multiple rotating security keys |
US11222342B2 (en) | 2020-04-30 | 2022-01-11 | Capital One Services, Llc | Accurate images in graphical user interfaces to enable data transfer |
US11823175B2 (en) | 2020-04-30 | 2023-11-21 | Capital One Services, Llc | Intelligent card unlock |
US11030339B1 (en) | 2020-04-30 | 2021-06-08 | Capital One Services, Llc | Systems and methods for data access control of personal user data using a short-range transceiver |
US11270291B2 (en) | 2020-04-30 | 2022-03-08 | Capital One Services, Llc | Systems and methods for data access control using a short-range transceiver |
US10915888B1 (en) | 2020-04-30 | 2021-02-09 | Capital One Services, Llc | Contactless card with multiple rotating security keys |
US10861006B1 (en) | 2020-04-30 | 2020-12-08 | Capital One Services, Llc | Systems and methods for data access control using a short-range transceiver |
US10963865B1 (en) | 2020-05-12 | 2021-03-30 | Capital One Services, Llc | Augmented reality card activation experience |
US11100511B1 (en) | 2020-05-18 | 2021-08-24 | Capital One Services, Llc | Application-based point of sale system in mobile operating systems |
US11063979B1 (en) | 2020-05-18 | 2021-07-13 | Capital One Services, Llc | Enabling communications between applications in a mobile operating system |
US11062098B1 (en) | 2020-08-11 | 2021-07-13 | Capital One Services, Llc | Augmented reality information display and interaction via NFC based authentication |
US11165586B1 (en) | 2020-10-30 | 2021-11-02 | Capital One Services, Llc | Call center web-based authentication using a contactless card |
US11482312B2 (en) | 2020-10-30 | 2022-10-25 | Capital One Services, Llc | Secure verification of medical status using a contactless card |
US11373169B2 (en) | 2020-11-03 | 2022-06-28 | Capital One Services, Llc | Web-based activation of contactless cards |
CN112636916A (en) * | 2020-11-30 | 2021-04-09 | 捷德(中国)科技有限公司 | Data processing method, data processing device, storage medium and electronic equipment |
US11216799B1 (en) | 2021-01-04 | 2022-01-04 | Capital One Services, Llc | Secure generation of one-time passcodes using a contactless card |
US11682012B2 (en) | 2021-01-27 | 2023-06-20 | Capital One Services, Llc | Contactless delivery systems and methods |
US11687930B2 (en) | 2021-01-28 | 2023-06-27 | Capital One Services, Llc | Systems and methods for authentication of access tokens |
US11792001B2 (en) | 2021-01-28 | 2023-10-17 | Capital One Services, Llc | Systems and methods for secure reprovisioning |
US11922417B2 (en) | 2021-01-28 | 2024-03-05 | Capital One Services, Llc | Systems and methods for near field contactless card communication and cryptographic authentication |
US11562358B2 (en) | 2021-01-28 | 2023-01-24 | Capital One Services, Llc | Systems and methods for near field contactless card communication and cryptographic authentication |
US11438329B2 (en) | 2021-01-29 | 2022-09-06 | Capital One Services, Llc | Systems and methods for authenticated peer-to-peer data transfer using resource locators |
US11777933B2 (en) | 2021-02-03 | 2023-10-03 | Capital One Services, Llc | URL-based authentication for payment cards |
US11637826B2 (en) | 2021-02-24 | 2023-04-25 | Capital One Services, Llc | Establishing authentication persistence |
US20220311475A1 (en) | 2021-03-26 | 2022-09-29 | Capital One Services, Llc | Network-enabled smart apparatus and systems and methods for activating and provisioning same |
US11848724B2 (en) | 2021-03-26 | 2023-12-19 | Capital One Services, Llc | Network-enabled smart apparatus and systems and methods for activating and provisioning same |
US11245438B1 (en) | 2021-03-26 | 2022-02-08 | Capital One Services, Llc | Network-enabled smart apparatus and systems and methods for activating and provisioning same |
US11935035B2 (en) | 2021-04-20 | 2024-03-19 | Capital One Services, Llc | Techniques to utilize resource locators by a contactless card to perform a sequence of operations |
US11961089B2 (en) | 2021-04-20 | 2024-04-16 | Capital One Services, Llc | On-demand applications to extend web services |
US11902442B2 (en) | 2021-04-22 | 2024-02-13 | Capital One Services, Llc | Secure management of accounts on display devices using a contactless card |
US11354555B1 (en) | 2021-05-04 | 2022-06-07 | Capital One Services, Llc | Methods, mediums, and systems for applying a display to a transaction card |
Also Published As
Publication number | Publication date |
---|---|
EP3430552A1 (en) | 2019-01-23 |
FR3049083A1 (en) | 2017-09-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2017157859A1 (en) | Duplication process of operational data contained in a source secure element into one or more recipient secure elements allowing, at most, one secure element to be operational at a given time | |
US11743054B2 (en) | Method and system for creating and checking the validity of device certificates | |
JP5885178B2 (en) | Device authenticity determination system, device authenticity determination method, and embedded device mounted with semiconductor chip | |
JP4644900B2 (en) | Service providing system, service providing method, service mediating apparatus, and program providing medium via communication means | |
KR100731242B1 (en) | Encoding backup method and decoding restore method | |
CN101145906B (en) | Method and system for authenticating legality of receiving terminal in unidirectional network | |
CN106656488B (en) | Key downloading method and device for POS terminal | |
KR101544722B1 (en) | Method for performing non-repudiation, payment managing server and user device therefor | |
JP2015065495A (en) | Encryption key supply method, semiconductor integrated circuit and encryption key management device | |
WO2003105400A1 (en) | Data processing system, data processing device, data processing method, and computer program | |
JP2004013600A (en) | Data processing system, data processing device and method, and its computer program | |
CN103107996A (en) | On-line download method and system of digital certificate and digital certificate issuing platform | |
CN103036681B (en) | A kind of password safety keyboard device and system | |
CN102957708B (en) | Application encrypting and decrypting method, server and terminal | |
JP6264626B2 (en) | Certificate issuing system, communication method and management apparatus | |
CN104735064B (en) | The method that safety is cancelled and updated is identified in a kind of id password system | |
CN111797367A (en) | Software authentication method and device, processing node and storage medium | |
JP2004015507A (en) | Access right management system, communication processor and method, and computer program | |
KR101287669B1 (en) | Apparatus and method for multiplexing hardware security module | |
CN112182551B (en) | PLC equipment identity authentication system and PLC equipment identity authentication method | |
CN114298722A (en) | Intelligent equipment warranty processing method, server and intelligent equipment | |
JP2004015495A (en) | Authority management system, information processing apparatus and method therefor, as well as computer program | |
JP2004015527A (en) | Data processing right management system, information processor and method, and computer program | |
JP6524556B2 (en) | Authentication key replication system | |
CN109951319B (en) | Method for backing up lock of manager of encryption equipment and encryption equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2017726195 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2017726195 Country of ref document: EP Effective date: 20181015 |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17726195 Country of ref document: EP Kind code of ref document: A1 |