WO2020011393A1 - Sécurisation d'une transmission de données - Google Patents

Sécurisation d'une transmission de données Download PDF

Info

Publication number
WO2020011393A1
WO2020011393A1 PCT/EP2019/000213 EP2019000213W WO2020011393A1 WO 2020011393 A1 WO2020011393 A1 WO 2020011393A1 EP 2019000213 W EP2019000213 W EP 2019000213W WO 2020011393 A1 WO2020011393 A1 WO 2020011393A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
security
data
key
security key
Prior art date
Application number
PCT/EP2019/000213
Other languages
German (de)
English (en)
Inventor
Nikola Mamuzic
Original Assignee
Giesecke+Devrient Mobile Security Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke+Devrient Mobile Security Gmbh filed Critical Giesecke+Devrient Mobile Security Gmbh
Priority to EP19742288.4A priority Critical patent/EP3821579A1/fr
Publication of WO2020011393A1 publication Critical patent/WO2020011393A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the present invention is directed to a method for the automatic provision of SIM card data to a crypto server, in which a secure data transmission can be established between a terminal and the cryptoserver.
  • a master key or a global key which is already known both on the transmitter side and on the receiver side, and thus further data communication can be omitted.
  • the invention is also related to a safety arrangement and to a computer program product with control commands which implement the method or operate the arrangement.
  • DE 10 2013 112406 A1 shows a subscriber identity system comprising a virtual SIM host, a memory that is configured to store an authorization certificate, and data communication, which, however, is configured asymmetrically in the present case.
  • WO 2017/102080 A1 shows a method for setting up a subscriber identity module for agreeing one or more exchange keys.
  • DE 60031137 T2 shows a method for providing telecommunication services in a telecommunication system, comprising at least one mobile terminal. This document also suggests transferring subscriber data.
  • a general problem in data communication systems is the encryption of transmitted data or the data channel, which does not allow third parties to intercept data or when intercepting data not to decrypt them.
  • symmetrical cryptography methods are known, among other things.
  • problems here in that, in order to decrypt data, cryptographic information must first be exchanged between the participating components, and thus confidential information can already be intercepted. This creates a security risk and data interception can be illegally read out using the intercepted key.
  • there is a general need for improved methods which provide a clever distribution of security keys in a network in order to be able to secure data transmission.
  • cryptographic methods often comprise essentially software-based systems and only hardware tokens are used
  • physical structures are also known from the prior art which are intended to secure data communication or storage.
  • security elements which can also be designed in terms of hardware in such a way that they are particularly robust against attackers. Separate memories or separate data lines can thus be seen, so that the memory itself is not protected by software, but rather a separate memory for confidential information can be provided.
  • SIM card can either be designed to be exchangeable and thus exists as a Universal Integrated Circuit Card UICC, or can also be designed in one piece with the surrounding infrastructure.
  • embedded SIM card which is also an embedded Universal Integrated Circuit Card eUICC referred to as.
  • Such SIM cards store data that are required to establish a connection with a telecommunications service.
  • IMSI International Mobile Subscriber Identity Number
  • IoT Internet of Things
  • everyday objects are equipped with telecommunications modules and can therefore also act actively in a network.
  • IoT devices are not equipped with a voice connection, which distinguishes them from a mobile phone, for example.
  • voice connection which distinguishes them from a mobile phone, for example.
  • IoT end devices usually only have low hardware capacities and should nevertheless establish a data connection.
  • a disadvantage of the prior art is that secret information is generally required for decryption, which must be distributed over the network. If this secret information becomes known, even unauthorized third parties can decrypt the data communication. In addition, especially with the so-called Internet of Things, data communication is often complex because these end devices only have low computing capacities or low energy supplies.
  • a method for automatically providing SIM card data to a crypto server for secure data transmission between a terminal and the crypto server comprising storing a plurality of security keys in both a data memory of the terminal and in a further data memory of the crypto server, whereby for a unique security key identifier is provided for each security key, deriving an individual key from a security key for personalizing a security element in the terminal, encrypting data to be transmitted using the derived individual key in the terminal, transmitting that key -Identifier, which refers to the individual key that was used to personalize the end device and send the encrypted data from the end device to the cryptoserv er, and decrypting the encrypted and transmitted data by the crypto server using the individual key to which the transmitted security key identifier refers.
  • a SIM card can be the security element. This is preferably in a so-called Internet-der- Things end device installed. Consequently, the terminal according to the invention is preferably a mobile terminal.
  • the SIM card data in particular the UICC-specific data, are used to secure data transmission. For data transmission, the specialist recognizes that additional network technology components must be provided. For example, the terminal and the crypto server communicate using a telecommunication network and / or the Internet.
  • a table can be created, for example, which provides a plurality of unique security keys, which are also referred to as a master key.
  • a corresponding security key identifier is provided for each security key so that each security key can be clearly addressed or saved.
  • the security key identifier is a consecutive number, for example a line numbering. It is only necessary to ensure that the identifier number is so unique that it is always clear which security key should be addressed.
  • the security keys or the security key identifiers are stored on both sides, that is to say on the part of the sender and the recipient.
  • the crypto server and the terminal each receive a corresponding number of security keys with security key identifiers.
  • these security keys are stored in a preparatory method step, so that the process proceeds in the further method. It can be ensured that the information is known on both sides. This offers the advantage that corresponding data no longer have to be exchanged in terms of communication technology, but rather both sides have the corresponding data. Consequently, in the further course of the method, according to one aspect of the present invention, only the identifier can be transmitted, and the other side thus has information on the security key itself, since a security key is clearly assigned to each identifier. As a result, the security keys no longer have to be exchanged in terms of network technology.
  • Tables, linked lists or even vectors can be used to save the security keys and identifiers.
  • a database can be provided which stores the security key identifier in a first column and the security key itself in a second column. Here it plays a subordinate role how the respective security key can be designed.
  • a longer security key typically increases the security of the process.
  • a security key can be numerical or alphanumeric. The security key is therefore simply a character string.
  • an individual key is derived from a security key for personalizing a security element in the terminal. The individual key is thus generated depending on the security key.
  • the security key can be taken over or another computing operation can be carried out on it.
  • the data to be transmitted is then encrypted using the derived individual key in the terminal. This is not to be understood conclusively, so that further data can also be taken into account when encrypting. This means that at least the individual key is used. Conventional methods can be used for encryption itself.
  • the crypto server As soon as the data to be transmitted, i.e. the payload, is encrypted, it is sent to the crypto server, and the security key identifier that refers to the individual key that was used to personalize the end device is also sent.
  • the security key identifier that refers to the individual key that was used to personalize the end device is also sent.
  • the security key itself is not transmitted, but the security key identifier is transmitted, and thus the opposite side, i.e. the crypto server, can automatically calculate which security key was used based on the security key identifier. This is the case because on both Both the security keys and the security key identifiers are stored on the data communication side.
  • the confidential information of the security key is not sent, but rather it is sufficient to transmit the corresponding identifier, which is so clear that the original security key can actually be inferred again. Then this security key is just read from the database.
  • this crypto server can now decrypt the data, for which purpose at least the individual key is used.
  • the encrypted and transmitted data is also decrypted by the crypto server using the security key to which the transmitted security key identifier refers.
  • This procedural step therefore involves accepting the identifier, whereupon the security key is read out of the database. Since this security key is now also known on the crypto server side, the data can be decrypted.
  • the individual key can also be generated on the part of the crypto server on the basis of the security key that has been read out and that it is then used for decryption. For this purpose, the crypto server also knows the computing operations for deriving the individual key.
  • the individual key is generated on the basis of a security key identifier which refers to the security key to be used.
  • a security key identifier refers to the security key to be used.
  • the individual key has a characteristic value of the security element.
  • This has the advantage that the use and introduction of a security key identifier and the use of a device-specific feature, ie the characteristic value, means that a prior distribution of device-specific data to the crypto server is no longer required.
  • a characteristic value of the security element can be a value that is stored on the security element and that reliably distinguishes a first security element from a second security element.
  • the individual key has an International Mobile Subscriber Identity IMSI.
  • IMSI International Mobile Subscriber Identity
  • the encryption and decryption are carried out using a symmetrical encryption method.
  • This has the advantage that the master key, which is used on the part of the terminal for generating the individual key, can also be used to decrypt the crypto server.
  • the expert knows symmetrical encryption methods ren, which are used particularly advantageously in the context of the present invention. It is only necessary to distribute the security key initially, and in later iterations the security key is known on both sides of the communication link.
  • the data memory of the terminal and the data memory of the crypto server are each provided as a hardware security module HSM.
  • HSM hardware security module
  • the security element is provided as a UICC or an eUICC. This has the advantage that known frameworks can be used again and only the existing interfaces have to be used to connect a secure data storage. In addition, these components are typically already in the end device and do not have to be purchased.
  • the terminal is provided as a mobile terminal.
  • the mobile terminal is preferably a cell phone, but this should not be interpreted restrictively. Rather, any end device can be used in the context of the Internet of Things.
  • the terminal has no voice support. This has the advantage that hardware-efficient components can be used, and in particular it is often a feature of end devices from the area of application of the Internet of Things that such end devices have no language support. This can be seen as a distinguishing criterion for a mobile phone.
  • the security keys are stored as a linked list. This has the advantage that the linked list implicitly has identifiers which serve to index the security key. Each saved security key thus has a unique storage location and can therefore be addressed via this identifier.
  • the security key together with the security key identifier are stored in a table or a vector.
  • This has the advantage that known methods can be used and thus the safety-critical information can be stored efficiently. It is possible for the table or the vector to have further data, but this is optional.
  • the data memories are protected in terms of hardware and / or software.
  • a multiplicity of terminals communicates with the crypto server.
  • This has the advantage that different communication connections can be secured, and in particular in the context of the Internet of Things, it is advantageous to have several end devices communicate with the crypto server, since the end devices only occupy small bandwidths and thus also serve a large number of end devices can be.
  • a security arrangement for the automatic provision of SIM card data to a crypto server for secure data transmission between a terminal and the cryptos ver comprising an interface unit, set up for storing a plurality of security keys both in a data memory of the terminal and also In a further data memory of the crypto server, where a unique security key identifier is provided for each security key, the terminal is set up to derive an individual key from a security key to personalize a security element in the terminal, and the terminal is also set up to decrypt data to be transmitted under Use of the derived individual key in the terminal, another interface unit set up for sending that security key identifier which is also f refers to the individual key or the security key which was used to personalize the terminal and send the encrypted data from the terminal to the crypto server, and the crypto server set up to decrypt the encrypted and transmitted data by the crypto server with encryption Use of the individual key or the security key to which the security key identifier sent refers.
  • the person skilled in the art recognizes that essentially a terminal device and a crypto server are proposed which communicate with one another in terms of communication technology.
  • the interface units can be the same or separate interface units.
  • the object is also achieved by a computer program product with control commands which implement the method or operate the arrangement.
  • the proposed method has method steps which can also be functionally simulated by the arrangement.
  • the arrangement also has structural features that provide functions that can be implemented as process steps.
  • the computer program pro product serves both to save the method steps and to provide control commands for operating the safety arrangement.
  • Fig. 1 a schematic block diagram of the proposed fuse arrangement
  • FIG. 2 shows a schematic flowchart of the proposed method for the automatic provision of SIM card data.
  • 1 shows components of the terminal on the left and components of the crypto server on the right.
  • a plurality of security keys which are referred to in the present case as master key, are stored under reference number 1. These have a unique identifier, for example 0001. This means that each master key can be addressed uniquely using this identifier. Saving takes place on both sides.
  • the individual key is then generated, which is generated at least using a master key 2.
  • further information can also be included, such as the IMSI.
  • the individual key corresponds to the security key, although the individual key can have further components such as the characteristic value of the security element. This characteristic value can be the so-called International Mobile Subscriber Identity IMSI.
  • the data to be transmitted is then encrypted, namely the so-called payload data.
  • the individual key which can have the master key and the so-called IMSI, is shown under reference number 3.
  • the information to be transmitted is encrypted and transmitted over the network 4.
  • the IMSI is transmitted with the security key identifier and the encrypted data.
  • the security key identifier is now available on the crypto server side, optionally the IMSI and the user data. Using the identifier, the master key or the security key can now be read from the table and, based on the information available, the user data can also be decrypted 5.
  • the master keys are stored in hardware security modules (Perso and Operation HSM) under a specific number (MasterKey Id). This MasterKey Id must be unique and identical in all HSMs involved.
  • the UICC in the IOT devices is personalized with an individual key that is derived from a MasterKey.
  • a UICC-specific value for example the IMSI of a SIM card together with the MasterKey, identified by the MasterKey Id, is used to generate the derivation value.
  • the personalized and derived key is used to encrypt the data to be secured (payload).
  • FIG. 2 shows a schematic flow diagram of the proposed method for automatically providing SIM card data to a crypto server for secure data transmission between a terminal and the crypto server, comprising storing 100 a plurality of security keys in both a data storage device Terminal as well as in a further data store of the crypto server, whereby a unique security key identifier is provided for each security key, a derivation 101 of an individual key advises from a security key to personalize 102 a security element in the end device, an encryption 103 from transmitting data using the derived 101 individual key in the terminal, a translation 104 of that security key identifier, which refers to the individual key or the security key that personalizes 102 of the terminal was used, and sending the encrypted 103 data from the terminal to the crypto server and decrypting 105 the encrypted 103 and transmitted 104 data by the cryptoserver using the individual

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

La présente invention porte sur un procédé destiné à préparer automatiquement des données de carte SIM au niveau d'un serveur chiffré, une transmission de données sécurisée pouvant être établie entre un terminal et le serveur chiffré. Selon l'invention, une clé-maître ou une clé globale, laquelle est déjà connue aussi bien du côté de l'émetteur que du côté du récepteur, est préparée, et une autre communication de données peut ainsi cesser. L'invention porte également sur un système de sécurisation ainsi que sur un progiciel informatique dont les instructions de commande mettent en œuvre le procédé ou font fonctionner le système de sécurisation.
PCT/EP2019/000213 2018-07-11 2019-07-10 Sécurisation d'une transmission de données WO2020011393A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP19742288.4A EP3821579A1 (fr) 2018-07-11 2019-07-10 Sécurisation d'une transmission de données

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102018005502.8 2018-07-11
DE102018005502.8A DE102018005502A1 (de) 2018-07-11 2018-07-11 Sicherung einer Datenübertragung

Publications (1)

Publication Number Publication Date
WO2020011393A1 true WO2020011393A1 (fr) 2020-01-16

Family

ID=67390042

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/000213 WO2020011393A1 (fr) 2018-07-11 2019-07-10 Sécurisation d'une transmission de données

Country Status (3)

Country Link
EP (1) EP3821579A1 (fr)
DE (1) DE102018005502A1 (fr)
WO (1) WO2020011393A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE60031137T2 (de) 1999-08-31 2007-08-23 Nokia Corp. Verwendung von teilnehmerdaten in einem telekommunikationssystem
US20080056498A1 (en) * 2006-06-29 2008-03-06 Nokia Corporation Content protection for oma broadcast smartcard profiles
DE102013112406A1 (de) 2012-11-20 2014-05-22 Intel Mobile Communications GmbH Teilnehmer-Identitätssysteme, Server, Verfahren für ein Steuern eines Teilnehmer-Identitätssystems und Verfahren für ein Steuern eines Servers
US20140337236A1 (en) * 2013-05-10 2014-11-13 Erick Wong Device provisioning using partial personalization scripts
WO2017102080A1 (fr) 2015-12-15 2017-06-22 Giesecke & Devrient Gmbh Accord de clés d'échange à partir de deux paires de clés asymétriques statiques

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9106633B2 (en) * 2011-05-26 2015-08-11 First Data Corporation Systems and methods for authenticating mobile device communications
US20160005042A1 (en) * 2014-07-02 2016-01-07 Mistral Mobile Host card emulation out-of-bound device binding verification

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE60031137T2 (de) 1999-08-31 2007-08-23 Nokia Corp. Verwendung von teilnehmerdaten in einem telekommunikationssystem
US20080056498A1 (en) * 2006-06-29 2008-03-06 Nokia Corporation Content protection for oma broadcast smartcard profiles
DE102013112406A1 (de) 2012-11-20 2014-05-22 Intel Mobile Communications GmbH Teilnehmer-Identitätssysteme, Server, Verfahren für ein Steuern eines Teilnehmer-Identitätssystems und Verfahren für ein Steuern eines Servers
US20140337236A1 (en) * 2013-05-10 2014-11-13 Erick Wong Device provisioning using partial personalization scripts
WO2017102080A1 (fr) 2015-12-15 2017-06-22 Giesecke & Devrient Gmbh Accord de clés d'échange à partir de deux paires de clés asymétriques statiques

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SIEMENS: "Introduction of a UICC-based Generic Bootstrapping Architecture", 3GPP DRAFT; S3-040217_SIE CR GBA_U, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, vol. SA WG3, no. Beijing; 20040412, 12 April 2004 (2004-04-12), XP050275471 *

Also Published As

Publication number Publication date
EP3821579A1 (fr) 2021-05-19
DE102018005502A1 (de) 2020-01-16

Similar Documents

Publication Publication Date Title
EP3574625B1 (fr) Procédé de réalisation d'une authentification
DE102011118367B4 (de) Verfahren zur Authentisierung eines Telekommunikationsendgeräts umfassend ein Identitätsmodul an einer Servereinrichtung eines Telekommunikationsnetzes, Verwendung eines Identitätsmoduls, Identitätsmodul und Computerprogramm
DE69916277T2 (de) Aufbau einer gesicherten Sitzungsverbindung basierend auf dem Wireless Application Protocol
EP4158516B1 (fr) Personnalisation d'un élément sécurisé
WO2015082123A1 (fr) Procédé d'accès à une mémoire de données d'un système informatique en nuage
DE10393847T5 (de) Verfahren und Vorrichtung zum Auffinden einer gemeinsam genutzten vertraulichen Information ohne Beeinträchtigung nicht-gemeinsam genutzter vertraulicher Informationen
EP3157192A1 (fr) Procédé et système de déduction de code asymétrique
EP2575385B1 (fr) Procédé d'initialisation et/ou d'activation d'au moins un compte d'utilisateur, de réalisation d'une transaction, ainsi que terminal
EP1240794B1 (fr) Procédé de codage de données et terminal de télécommunications et carte d'autorisation d'accés
EP3206154A1 (fr) Procede et dispositifs destines a la transmission fiable de donnees utiles
EP3050244B1 (fr) Production et utilisation de clés pseudonymes dans le cryptage hybride
WO2020011393A1 (fr) Sécurisation d'une transmission de données
DE102014212443A1 (de) Verringerung des Speicherbedarfs für kryptographische Schlüssel
DE102012111042B4 (de) Mobilkommunikationsendgerät und -verfahren
DE102016000324B4 (de) Verfahren zur Verwaltung von Identifikationsdaten mehrerer Anwendungen
EP3276911A1 (fr) Liaison authentifiée entre au moins deux partenaires de communication
WO2021228537A1 (fr) Procédé de couplage d'un moyen d'authentification à un véhicule
WO2014063775A1 (fr) Procédé pour la gestion sûre de données d'identité de participants
EP3882796A1 (fr) Authentification de l'utilisateur à l'aide de deux éléments de sécurité indépendants
EP4242890B1 (fr) Procédé d'identification sécurisée d'une personne par une instance de vérification
EP2723111B1 (fr) Authentification multifactorielle pour terminaux mobiles
DE102024002220A1 (de) Verfahren zum verschlüsselten Austauschen von Daten
DE102014002603A1 (de) Verfahren zum entfernten Verwalten eines auf einem Sicherheitselement gespeicherten Datenelements
DE102011122874B4 (de) Verfahren zum Durchführen einer Transaktion, sowie Endgerät
DE102016111858A1 (de) DLMS-Server, DLMS-Client und Verfahren für die DLMS-Kommunikationssicherheit

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19742288

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE