EP3724799A1 - Technique de protection d'une clé cryptographique au moyen d'un mot de passe utilisateur - Google Patents
Technique de protection d'une clé cryptographique au moyen d'un mot de passe utilisateurInfo
- Publication number
- EP3724799A1 EP3724799A1 EP18833097.1A EP18833097A EP3724799A1 EP 3724799 A1 EP3724799 A1 EP 3724799A1 EP 18833097 A EP18833097 A EP 18833097A EP 3724799 A1 EP3724799 A1 EP 3724799A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- cryptographic key
- user
- password
- key
- user device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2103—Challenge-response
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2131—Lost password, e.g. recovery of lost or forgotten passwords
Definitions
- the present invention relates to the field of service security and more specifically the field of data protection of a user, said sensitive data.
- a cryptographic encryption system It is usual to protect a user's data by means of a cryptographic encryption system.
- a cryptographic encryption system provides one or more cryptographic keys with which it is possible to encrypt data to protect it, then decrypt the encrypted data to recover it in the clear.
- the key used to encrypt the data is the same as the key used to decrypt it. We understand that this unique key is extremely sensitive and must be protected.
- the key used to encrypt the data is public and known to everyone, whereas the key used to decrypt, called the private key, is sensitive and must be protected as well.
- the decryption key line whether it is a secret key of a symmetric encryption system or a private key of an asymmetric encryption system, usually makes hundreds of bits. It is therefore complicated for a user to memorize it. However, because of its sensitivity, it is usual to secure access to this decryption key.
- the known example of securing access to a decryption key relies on the use of a login, or login, and a password specific to a user and easily stored by it. It is thus known to deterministically generate and regenerate a cryptographic key, such as the decryption key mentioned above, by applying a key derivation algorithm, for example PBKDF2 (from the English "Password-Based Key Derivation Function"). 2 ") to the login and password of the user. The user only has to memorize his login and password in order to regenerate on demand his decryption key and access his data in clear.
- PBKDF2 from the English "Password-Based Key Derivation Function"
- the decryption key of the user is encrypted by means of a cryptographic algorithm and a second cryptographic key.
- the encrypted decryption key thus obtained is stored on a remote server. Securing access to the decryption key of the user then amounts to protecting access to this second cryptographic key, which can be done for example according to the method described above, that is to say by means of a login and a password known to the user.
- This new decryption key is therefore not suitable for decrypting the previously encrypted and predicted data to be decrypted by means of the initial decryption key.
- password loss requires a third-party entity to provide the lost password or initial decryption key.
- This mechanism implemented by involving a third party entity, is better known as a key receiver.
- this third party entity has all the information enabling it to access the sensitive data of the user. The total confidentiality of the data of the user is not guaranteed.
- One of the aims of the invention is to remedy the shortcomings / disadvantages of the state of the art and / or to make improvements thereto.
- This first cryptographic key is intended to decrypt at least one encrypted data.
- This method implemented by a user device, comprises:
- the management device does not store any data enabling it to obtain the cryptographic key to access the sensitive data of the user.
- the management device may be a server or a security element, for example a smart card.
- the result corresponds to a third cryptographic key generated by applying a key derivation algorithm to said response and the value dependent on said result corresponds to the encryption of the password by means of the third generated cryptographic key.
- the value that is stored by the management device is protected and is not accessible by the management device.
- the result corresponds to a third cryptographic key generated by applying a key derivation algorithm to this response and to the corresponding question and the value dependent on said result corresponds to the encryption of the password by means of the cryptographic key generated.
- the protection method comprises for determining the password from a response obtained by the user device for said question:
- the user device can thus find the password in case of loss or forgetfulness of it by the user.
- the function is a polynomial of degree (n-1), n being greater than or equal to two, n corresponding to a number of questions to be asked to the user to determine the password, said polynomial taking the value of the password in zero and the value dependent on said result corresponds to said result.
- n degree
- the user device determines the polynomial from n values stored by the management device and n answers to questions obtained from the user. The password then corresponds to the value taken by the polynomial in zero.
- the function is a bijective polynomial of degree (n1), n being greater than or equal to two, n corresponding to a number of questions to be asked to the user to determine the password, the value dependent on said result corresponds to said result and the user device further provides the storage management device with the result of applying the function to the password.
- This third embodiment has the same advantages as the second embodiment, while simplifying the management of the password change. Indeed, the values stored by the management device are not changed during a change of password. Only the value taken by the polynomial in zero is modified.
- the user device determines the polynomial from n values stored by the management device and n answers to questions obtained from the user.
- the password is then determined by applying the inverse polynomial to the value taken by the zero polynomial provided during the recording.
- the protection method further comprises:
- the user device easily regenerates the first cryptographic key without the management device being able to access it.
- the protection method comprises a verification of the integrity of the first regenerated cryptographic key by means of a public key associated with the first cryptographic key stored in association with the encryption of said first cryptographic key.
- the protection method comprises a verification of the integrity of the first regenerated cryptographic key by means of an encryption of the identifier of the user by said first cryptographic key stored in association with the encryption of said first cryptographic key.
- the method comprises for modifying the password:
- a proof of knowledge is memorized in association with the encryption of the first cryptographic key and said proof of knowledge is verified before storing said new encryption of the first cryptographic key.
- a user device intended to be used by a user having an identifier and an associated password, a first cryptographic key being for decrypting at least one encrypted data.
- This user device comprises:
- a calculation module arranged to calculate a result of the application of a function to at least one answer associated with a question, the answer being obtained from the user;
- a supply module arranged to supply the management device for storing the encryption of said first cryptographic key and at least one value dependent on said result, said value enabling the user device to determine the password when it has the answer to that question.
- This user device can of course include in structural terms the various characteristics relating to the protection method as described above, which can be combined or taken in isolation.
- a program for a user device on a data carrier and loadable in the memory of a user device, comprising program code instructions for controlling the execution of the steps of the protection method previously described implemented by the user device, when this program is executed by this device and a recording medium readable by a device on which is recorded a program for a device.
- the advantages stated for the protection method according to the first aspect can be transposed directly to the program for a user device and to the recording medium.
- a management device comprising:
- a obtaining module arranged to obtain from a user device for storage in association with an identifier of a user an encryption of a first cryptographic key and a value dependent on a result calculated by the user device, this value allows the user device to determine the password when it has the answer to a question;
- a storage memory arranged to store data obtained from a user device.
- This management device can of course include in structural terms the various characteristics relating to the protection method as described above, which can be combined or taken separately.
- a program for a management device on a data medium and loadable in the memory of a management device, comprising program code instructions intended to control the execution of those of the steps of the protection method previously described implemented by the management device, when this program is executed by this device and a recording medium readable by a device on which is recorded a program for a device.
- a system for protecting a first cryptographic key comprising a management device according to the fourth aspect and a user device according to the second aspect.
- FIGS. 1a, 1b, 1c and 1d represent steps of different phases of a method of protecting a cryptographic key by means of a user password, according to an exemplary embodiment
- FIG. 2 is a schematic representation of a user device able to implement steps of the method of protecting a cryptographic key by means of a user password, according to an exemplary embodiment
- FIG. 3 is a schematic representation of a management device adapted to implement steps of the method of protecting a cryptographic key by means of a user password, according to an exemplary embodiment.
- a user has a so-called sensitive cryptographic key, denoted sk, intended to be used for decrypting data that is specific to the user, said sensitive data.
- This cryptographic key is a sensitive key in the sense that its disclosure allows a person who has obtained it to access all the sensitive data of the user that have been previously encrypted.
- the user is equipped with a device such as a personal computer, a mobile terminal, etc.
- the device and the user are associated and called “user device” this device controlled by the user.
- the sensitive cryptographic key sk is used in a public key cryptography system, for example RSA (for "Rivest Shamir and Adleman").
- the sensitive cryptographic key sk is a private key, or decryption key, of a public key / private key pair, intended to be used for decrypting sensitive content.
- the encryption of the sensitive content is implemented by means of the associated public key, denoted pk.
- pk PKGen (sk).
- a public key encryption system is usually used to manage so-called long-term keys. This system is therefore well suited to the use case described here.
- the method described here also applies to a case where the sensitive cryptographic key is used in a secret key cryptosystem.
- the user is associated with a pair comprising a login identifier and a password pwd that he is alone to know. It is further assumed that the user is associated with a set of personal questions and associated responses, ie [l, l], where l is greater than or equal to equal to one, that he alone knows. For example, her mother's maiden name, the pet name of her childhood, and so on.
- the protection method implemented by the user device and by a management device is described in a first embodiment.
- an S server said management device, so that the latter protects its sensitive cryptographic key sk, while managing changes or even loss of the user's password.
- the user and therefore the user device is identified with the server S by its login identifier; however, the server S does not know the password pwd of the user.
- the user's sensitive cryptographic key sk is encrypted by the user device by means of a second cryptographic key denoted by k, derived from the user's password and login by means of a function of key derivation, eg PBKDF2 (for "Password-Based Key Derivation Function 2").
- a function of key derivation eg PBKDF2 (for "Password-Based Key Derivation Function 2"
- the second cryptographic key k is generated by the user device by applying a key derivation algorithm to the login identifier and the password pwd of the user.
- k PBKDF2 (login ⁇ ⁇ pwd), where the operator ⁇ G represents concatenation.
- the user's sensitive cryptographic key sk is encrypted by the user device by means of the second cryptographic key k generated in the previous step E00.
- the AES (Advanced Encryption Standard) secret key cryptography algorithm parameterized by the second cryptographic key k, is applied to the user's sensitive cryptographic key sk to obtain the encryption key.
- the sensitive cryptographic key noted c.
- c AESEnc (k, sk).
- the user device sends the encryption of the sensitive cryptographic key c to the server S for storage in association with the login identifier of the user.
- the user device also sends the public key pk to the server S, which stores it in association with the login identifier.
- the sending of the public key pk is intended to allow the user device to check the integrity of the sensitive cryptographic key sk during its regeneration. This thus prevents the user device from memorizing the public key pk.
- a step E02 the user device calculates a result of the application of a function to at least one response t associated with a question q t .
- the result corresponds to a cryptographic key generated by applying a key derivation algorithm to the response cqet to the corresponding question q t .
- a cryptographic key associated with the question cq and the response a j is generated using a key generation algorithm such as that used in step E00.
- the user device supplies the server S with storage with at least one value dependent on the result. More precisely, in this first embodiment, the user device encrypts the password pwd of the user for each key / q generated associated with the pair i formed by the question q t and the response associated with the message. as in step E01, use the AES algorithm.
- the encrypted password pwd obtained are noted C j .
- C j AESEnc ki, pwd).
- the encrypts C j of the password pwd are sent to the server S, which stores them in association with the login identifier. No limitation is attached to the encryption algorithm used at this step, an algorithm different from that of step E01 can be used.
- the server S stores in association with the user's login identifier, the encryption c of the user's sensitive cryptographic key sk, the encrypted data obtained. by encrypting the password pwd of the user by means of each key / q associated with the pair (cq, cq) and optionally the public key pk. Encrypted C j allow, as described later, the user device to determine the password based on an answer to a question asked the user.
- step E02 the user device calculates a result of the application of a function to at least one response cq associated with a question cq.
- the result corresponds to a cryptographic key generated by applying a key derivation algorithm to the response cq.
- a cryptographic key associated with the response cq is generated using a key generation algorithm, for example that used during the step E00.
- step E03 the user device encrypts the password pwd of the user for each key / q generated associated with the response cq. Then, the encrypted password pwd are sent to the server S, which memorize them in association with the login identifier.
- the server S stores in association with the user's login identifier, the encryption c of the user's sensitive cryptographic key sk, the encrypted obtained by encrypting the password pwd of the user by means of each key / q associated with a response a j and optionally the public key pk.
- Encrypted C j allow, as described later, the user device to determine the password based on an answer to a question asked the user.
- the encrypted sending c is intended to allow the user device to check the integrity of the sensitive cryptographic key sk during its regeneration.
- the server S stores in association with the user's login identifier, the encryption c of the user's sensitive cryptographic key sk, the encrypts q obtained by encrypting the password. pwd of the user by means of each key / q associated with the answers a, - and if appropriate, with the corresponding questions q t and optionally the c c.
- the user only memorizes his username and his password pwd. He also knows the answers to personal questions. It does not have to memorize a sensitive key such as its sensitive cryptographic key sk, the second cryptographic key k or the set of keys / q associated with the answers a, - and, if appropriate, with the questions corresponding. The user device also does not memorize them.
- a sensitive key such as its sensitive cryptographic key sk, the second cryptographic key k or the set of keys / q associated with the answers a, - and, if appropriate, with the questions corresponding.
- the user device also does not memorize them.
- the server S stores protected or encrypted data. Not holding the key k used to encrypt the user's sensitive cryptographic key sk, this key k having been generated and used on the user device, the server S is therefore unable to recover the user's sensitive cryptographic key sk and to access the sensitive data of the user protected by this key sk. In addition, the server S is unable to recover keys / q associated with the responses and, if so, to the corresponding questions q t and therefore can not obtain the password pwd.
- the encryption of the sensitive cryptographic key c and the encrypted values C j of the password pwd are sent to the server S during two different steps (E01 and E03) for storage in association with the login identifier of the server. 'user. It is understood that this is only an example embodiment and that the user device can also send to the server S the encryption of the sensitive cryptographic key c and the encrypted values C j of the password pwd in one times during step E03 for storage in association with the user's login ID.
- the user device covers the sensitive cryptographic key sk in order to use this key to access in clear data of the user.
- the user device sends the server S a request to obtain the encryption of the sensitive cryptographic key c, this request including its login identifier.
- the server S sends to the user device the encryption of the sensitive cryptographic key c and optionally the public key pk associated with the sensitive cryptographic key sk.
- step E12 of obtaining the second cryptographic key the user device regenerates the second cryptographic key k by applying the key derivation algorithm used in step E00, in this case PBKDF2, to its identifier. login and password pwd.
- PBKDF2 the key derivation algorithm used in step E00, in this case PBKDF2 (login ⁇ ⁇ pwd).
- step El 1 when the user-sensitive cryptographic key of G is used in a secret key encryption system, in step El 1, the server S sends the user device the encryption of the sensitive cryptographic key c and optionally the number c.
- the user device can use its sensitive cryptographic key sk to decrypt sensitive data that it has stored encrypted.
- a phase P2 of changing the password illustrated by Figure 1c and independent of the phase of recovery of the sensitive cryptographic key of the user, the user wishes to change his password pwd.
- this password has been compromise, or the user has been requested to change this password after a predetermined period.
- the password modification phase can of course only be implemented after the recording PO phase. The user wants to change his password pwd to a new password, noted pwd '.
- the user first recovers his sensitive cryptographic key sk. It implements the steps El0 to El4 of the phase P1 of recovering the sensitive cryptographic key as described above.
- step E20 of generating a third cryptographic key similar to step E00 described above, the user device generates a third cryptographic key k 'by means of its new password pwd'.
- a third cryptographic key k ' For this purpose, it applies the same key derivation algorithm that was used during step E00, in this case PBKDF2, to its login identifier and to its new password pwd '.
- PBKDF2 key derivation algorithm that was used during step E00
- PBKDF2 login ⁇ ⁇ wd'
- step E21 of encryption of the sensitive cryptographic key similar to the step E01 described above, the user device encrypts its sensitive cryptographic key sk by means of the third cryptographic key k 'generated during the previous step E20 in using the same encryption algorithm as used in step E01.
- the user device calculates a non-interactive knowledge proof p with zero disclosure of knowledge of the sensitive cryptographic key sk with integrity control of the new encrypted c 'of the sensitive cryptographic key sk.
- the proof of knowledge p is intended to guarantee the server S that the user device knows the sensitive cryptographic key sk. This verification is a prerequisite for replacing the encryption c of the sensitive cryptographic key sk by the new encryption c 'of this same sensitive cryptographic key in the storage memory of the server S.
- the proof of knowledge p type NIZK (English “Non-Interactive Zero-knowledge proof of Knowledge") based on the public key encryption scheme EL Gamal.
- the user device sends to the server S its login identifier, the new encryption c 'of the sensitive cryptographic key sk, the new encryptions c ⁇ of the password pwd' and the proof of knowledge p calculated during step E22.
- the server S checks the proof of knowledge p and if this is correct, the server S replaces in its storage memory the encryption c of the sensitive cryptographic key sk by the new encrypted it's the same key and the new encrypted c ⁇ in association with the login ID.
- the user device computes a non-interactive knowledge proof with zero disclosure of knowledge.
- the sensitive cryptographic key sk with integrity control of the new encryption c 'of the sensitive cryptographic key sk.
- the password pwd is changed to a new password pwd ', the new encryption c' of the sensitive cryptographic key sk calculated by means of the third cryptographic key k 'derived from the new password pwd'.
- the new encrypted c ⁇ are stored by the server S without the latter does not access at any time to the sensitive cryptographic key sk of the user.
- the server can thus not at any time access the data in clear of the user.
- the user device can then implement the recovery phase P1 described above in order to recover the sensitive cryptographic key sk from the new password pwd 'and use it to access its data in the clear.
- a password loss management phase P3 illustrated by FIG. 1d and independent of the recovery phase P1 of the user's sensitive cryptographic key and the password modification phase P2 previously described.
- the user who has forgotten or lost his password wishes to recover his sensitive cryptographic key sk in order to access his encrypted stored data.
- the phase P3 for managing a loss of password can of course only be implemented after the recording PO phase.
- a step E30 of sending an identifier the user device sends the server S its login identifier.
- the server S extracts from all the l personal questions q t associated with the user n questions, n l, randomly. We note / all the indices associated with the n questions.
- the server S then sends the user device a subset comprising the n questions q t extracted and the encrypted n C j of the password pwd (remember that these cipher were obtained in step E03 by means of the keys k L associated with the questions q t and the answers c q calculated during the step E 02).
- the server S sends to the user the subset noted ⁇ (3 ⁇ 4; C j )) ie / ⁇ It is emphasized here that in this first embodiment, this subset may comprise only one question and the cipher the associated password.
- each of the questions iq of the subset ⁇ (3 ⁇ 4; Cj)) ie / is put to the user, and the user enters for each question q t a response associated with the means of an interface -man machine of the user device.
- a next step E33 of calculation it is calculated from each question q t and from each answer a [provided by the user during the previous step, a subset of cryptographic keys k [, iel, each key k [of this subset being associated with the question q t using the same key generation algorithm as that used in step E02.
- a next step E34 of recovery of the password it is calculated for each iel, a current password, noted pwdi, by decrypting the encrypted n q password pwd using the keys k [calculated above.
- the password pwd of the user has been encrypted by the user device by means of each of the keys / q associated with the answers and, if appropriate, relevant questions q t and the encrypted C j thus obtained were then sent to the server S.
- the decryption algorithm corresponding to the encryption algorithm used in the step E03 is used.
- the user device temporarily stores the recovered password pwd and uses it to implement the steps of the password change phase P2. Indeed, it is advisable to change this password, previously forgotten.
- all previously calculated pwdi passwords are identical to the password pwd that the user has forgotten. This means that the user was not mistaken in any of the answers that he provided in step E32.
- the user corresponding to a case where the user has provided some answers to [erroneous, then the user remembers as recovered password pwd that which appears the greatest number of times during step E34 recovery.
- the encryption (es) that were provided to the management device during step E03 allow the user device to determine the password when it has n answer (s) to n question (s).
- a third party may know, either by chance or by knowing details of the life of the user via a social network, for example, one or more of the answers to L questions q t .
- the third party can implement the steps of the phase P3 of managing a password loss and try all the password pwd, recovered during the step E34 to find a word of pass pwd, which is the user's password pwd.
- the third party could then obtain the user's sensitive cryptographic key sk and access his data in the clear. In order to overcome such an attack, it is possible to compel the user to answer all the questions asked in the case of a loss of password.
- step E00 cryptographic key cryptographic key k, E01 of the sensitive cryptographic key sk of the user by the user device by means of the second cryptographic key k generated during the previous step E00 are executed.
- step E01 is also implemented.
- n being greater than or equal to two, to the user device, for example with the personal questions /,.
- the result corresponds to the application of the polynomial P to at least one response associated with a question.
- the user device sends the server S the values p ⁇ calculated for each ie [1, l] for storage in association with the identifier of the login user.
- the result is sent directly to the server S.
- the server S stores in association with the user's login identifier, the encryption c of the sensitive cryptographic key sk of the user, the p-values. L obtained by applying the polynomial P to the responses a, and optionally the public key pk or the c number according to the exemplary embodiments.
- the values p L allow, as described later, the user device to determine the password based on an answer to a question asked to the user.
- the encryption of the sensitive cryptographic key c and the values Pi obtained by applying the polynomial P to the responses a * are sent to the server S during two different steps (E01 and E03) for storage in association with the user login ID. It is understood that this is only an exemplary embodiment and that the user device can also send to the server S the encryption of the sensitive cryptographic key c and the values p L at one time during the process. step E03 for storage in association with the user's login ID.
- the recovery phase P1 of the cryptographic key is unchanged in this second embodiment.
- the phase P2 of changing the password will now be described in this second embodiment.
- the user wants to change his password pwd to a new password, noted pwd '.
- the user first recovers his sensitive cryptographic key sk. It implements the steps El0 to El4 of the phase P1 of recovering the cryptographic key as described above.
- the step E20 of generating a third cryptographic key is executed to generate a third cryptographic key k 'by means of the new password pwd'.
- Step E21 previously described in relation to the first embodiment, is also executed to encrypt the sensitive cryptographic key sk by means of the third cryptographic key k ', ie the new cipher c'.
- Step E22 previously described in relation to the first embodiment, is executed to compute a non-interactive proof of knowledge with zero disclosure of knowledge of the sensitive cryptographic key sk with integrity control of the new encryption c 'of the sensitive cryptographic key sk.
- the sending step E23 is executed to send to the server S the login identifier, the new encryption c 'of the sensitive cryptographic key sk and the proof of knowledge p computed at during step E22.
- the server S executes the step E24 to check the proof of knowledge p.
- the server S sends to the user device a set of questions q t for each ie [1, Z].
- the user device sends the server S pi 'values calculated for each ie [IJ] to replace in its storage memory the previous values p ,.
- the server S thus memorizes association with the identifier of the user login the new encryption c 'of the sensitive cryptographic key sk and the new values p,'.
- the password pwd is changed to a new password pwd '; the new encryption c 'of the sensitive cryptographic key sk calculated using the third cryptographic key k' derived from the new password pwd 'and the new encrypted C j are stored by the server S without the latter having access to any moment at the sensitive cryptographic key sk of the user.
- the server can thus not at any time access the data in clear of the user.
- the phase P3 of loss management of the password will now be described in this second embodiment.
- the user has forgotten or lost his password and wants to recover his sensitive cryptographic key sk to access his encrypted data encrypted.
- the step E30 is executed by the user device to send to the server S its login identifier.
- the step E31 is executed by the server S to extract from all the personal questions associated with the user n questions, randomly, and to send to the user device a subset comprising the n questions q are extracted and the n values p, (it is recalled that these values were obtained in step E03 of the second embodiment by means of a polynomial P and are each associated with a response ai).
- the server S sends the user the set noted ⁇ (q t , t )) for iel.
- step E32 of questions and answers each of the questions q t of the subset is posed to the user, and the user enters for each question q t an associated answer by means of an interface -man machine of the user device.
- the user device determines the polynomial P from the n responses obtained a ⁇ and n values p, - associated for example by performing a Lagrange interpolation.
- step E34 the user device calculates P (0) to obtain the password pwd.
- the user device temporarily stores the recovered password pwd and uses it to implement the steps of the password change phase P2.
- the value or values that were provided to the server S during the step E03 allow the user device to determine the password when it has n answers to the n questions.
- step E00 of a second cryptographic key k, E01 of the encryption of the sensitive cryptographic key sk of the user by the user device the means of the second cryptographic key k generated during the previous step E00 are executed.
- step E0G is also implemented.
- the server S sent an integer n to the user device, for example with the personal questions ⁇ 7, ⁇ .
- the user device chooses a bijective polynomial P of degree n-1.
- n is two
- the polynomial is of degree one and is always bijective.
- restrictions on the input domain and / or output domain may achieve the same goal.
- the result corresponds to the application of the polynomial P to at least one response associated with a question.
- the user device sends to the server S the values p ⁇ calculated for each ie [1, 1] and the value p 0 for storage in association with the identifier of the user login.
- the result is sent directly to the server S.
- the server S stores, in association with the user's login identifier, the encryption c of the user's sensitive cryptographic key sk, the values p L obtained by applying the polynomial P responses h p 0 value and optionally the public key pk and the encrypted c according to the embodiments.
- the values p L allow, as described later, the user device to determine the password based on n answers to n questions asked to the user.
- the encryption of the sensitive cryptographic key c, the value p 0 and the values p L obtained by applying the polynomial P to the responses a, - are sent to the server S during two different steps (E01 and E03). for storage in association with the user's login ID. It is understood that this is only an exemplary embodiment and that the user device can also send to the server S the encryption of the sensitive cryptographic key c, the value p 0 and the values p L in a single times during step E03 for storage in association with the user's login ID.
- the recovery phase P1 of the cryptographic key is unchanged in this third embodiment.
- the phase P2 of changing the password will now be described in this third embodiment.
- the user wants to change his password pwd to a new password, noted pwd '.
- the user first recovers his sensitive cryptographic key sk. It implements the steps El0 to El4 of the phase P1 of recovering the sensitive cryptographic key as described above.
- the step E20 of generating a third cryptographic key is executed to generate a third cryptographic key k 'by means of the new password pwd'.
- Step E21 previously described in relation to the first embodiment, is also executed to encrypt the sensitive cryptographic key sk by means of the third cryptographic key k ', ie the new cipher c'.
- Step E22 previously described in relation to the first embodiment, is executed to compute a non-interactive proof of knowledge with zero disclosure of knowledge of the sensitive cryptographic key sk with integrity control of the new encryption c 'of the sensitive cryptographic key sk.
- the server S sends to the user device a set of / questions q t for each ie [l, l].
- Each question q t is asked to the user, and the user enters for each question q t a reply [associated with an interface man-machine user device.
- the user device determines as a function of the values p 0 , Pi and the responses el the polynomial P by interpolation.
- the user device determines, according to the polynomial P, the value taken for the password pwd ', denoted p 0 '.
- the sending step E23 is executed to send to the server S the login identifier, the new encryption c 'of the sensitive cryptographic key k, the proof of knowledge p computed at course of step E22 and the value p 0 '.
- the server S executes the step E24 to check the proof of knowledge p.
- the server S thus memorizes in association with the login user's login the new encryption c 'of the sensitive cryptographic key sk and the new value p 0 '.
- the password pwd is changed to a new password pwd '; the new encryption c 'of the sensitive cryptographic key sk calculated by means of the third cryptographic key k' derived from the new password pwd 'and the new value p 0 ' are stored by the server S without the latter being able to access no time at the sensitive cryptographic key sk of the user.
- the server can thus not at any time access the data in clear of the user. It is emphasized here that during this change of password, the values p t are not modified.
- the phase P3 of loss management of the password will now be described in this third embodiment.
- the user has forgotten or lost their password and wishes recover its sensitive cryptographic key sk in order to access its stored encrypted plaintext data.
- the step E30 is executed by the user device to send to the server S its login identifier.
- the step E31 is executed by the server S to extract from all the personal questions associated with the user n questions, randomly, and to send to the user device a subset comprising the n questions q t extracted and the n values p, - (remember that these values were obtained in step E03 of the third embodiment by means of a polynomial P and are each associated with a response cq) and the value p 0 .
- the server S sends the user the set noted ⁇ (q ⁇ Pi) ⁇ for iel and p ".
- step E32 of questions and answers each of the questions q t of the subset is put to the user, and the user enters for each question q t a response to [associated by means of an interface -man machine of the user device.
- the user device determines the polynomial P from the n responses obtained ad and n values p, - associated for example by executing a polynomial interpolation.
- step E34 the user device calculates P ⁇ po) to obtain the password pwd, where P 1 corresponds to the inverse function of the polynomial P.
- the user device temporarily stores the recovered password pwd and uses it to implement the steps of the password change phase P2.
- the value or values that were provided to the server S during the step E03 allow the user device to determine the password when it has n answers to n questions.
- the management device is a server S.
- Any storage device such as a security element, can also implement steps of the protection method as described above.
- the user device 20 adapted to implement some of the steps of the method of protecting a cryptographic key by means of a user password, according to an exemplary embodiment, will now be described in relation to FIG.
- User 20 is intended to be used by a user having an identifier and an associated password.
- Cryptographic key line is intended to decrypt at least one encrypted data.
- the user device comprises:
- CPU Central Processing Unit
- the storage memory 23 is arranged to store data and applications.
- the storage memory 23 stores a software module for protecting a sensitive cryptographic key by means of a user password arranged to implement the steps of the method of protection of a cryptographic key described above which are implemented. implemented by the user device.
- the user device 20 also comprises:
- a generation module 24 of a second cryptographic key by applying a key derivation algorithm at least to the password
- a calculation module 26 arranged to calculate a result of the application of a function to at least one answer associated with a question, the response being obtained from the user;
- a supply module 27 in particular arranged to provide the management device for storing data in association with an identifier. These data correspond to the encryption of the cryptographic key and at least one value dependent on the result, this value enabling the user device to determine the password when it has the answer to said question;
- a human-machine interface module 28 arranged to communicate with a user
- a module 29 for obtaining arranged to obtain data from the management device.
- These data may correspond to a set of questions q t, an issue having an associated response has been to be supplied by the user, these questions are obtained from a user registration phase with the management device or during a password loss management phase by the user device.
- This data may also correspond to the data that has been previously provided by the user device to the management device for storage in association with the user's identifier.
- the supply module 27 is a sending module and the obtaining module 29 is a receiving module.
- the value supplied corresponds to an encryption c t of the password pwd of the user, the user's password having been encrypted by means of a cryptographic key associated with a response to a question, and if so, the corresponding question.
- the value provided corresponds to an application of a polynomial P to at least one response associated with a question.
- module may correspond in this document to both a software component, a hardware component or a set of hardware components and / or software, able to implement a function or a set of functions, as described above for the module concerned.
- a software component corresponds to one or more computer programs, one or more subroutines of a program, or more generally to any element of a program or software.
- Such a software component is stored in memory and then loaded and executed by a data processor of a physical entity and is able to access the hardware resources of this physical entity (memories, recording media, communication buses, electronic cards of a physical entity). input / output, user interfaces, etc.).
- a material component corresponds to any element of a material set (or hardware). It may be a programmable hardware component or not, with or without an integrated processor for running software. This is for example an integrated circuit, a smart card, an electronic card for executing a firmware, etc.
- the generation 24, encryption 25, calculation 26, obtaining 29 and delivery 27 modules are software modules comprising software instructions for implementing those of the steps of the protection method of a cryptographic key by means of a password, as previously described, which are executed by the user device.
- the invention therefore also relates to:
- a computer program comprising program instructions intended to control the execution of those steps of the method of protecting a cryptographic key by means of a password as described previously implemented by a user device, when this program is executed by a processor of the user device, and
- the software modules can be stored in or transmitted by a data carrier.
- a data carrier This may be a hardware storage medium, for example a CD-ROM, a magnetic diskette or a hard disk, or a transmission medium such as an electrical signal, optical or radio, or a telecommunications network.
- a management device 30, arranged to implement some of the steps of the method of protecting a cryptographic key by means of a user password, according to an exemplary embodiment, will now be described in relation to FIG.
- the management device 30 is a computer equipment which conventionally comprises:
- the storage memory 33 is arranged to memorize data and applications.
- the storage memory 33 stores a software module for protecting a cryptographic key by means of a user password arranged to implement the steps of the method of protection of a cryptographic key described above that are implemented. implemented by the management system.
- the management device also includes:
- a obtaining module 35 in particular arranged to obtain from a user device data to be stored in association with an identifier of a user.
- This data corresponds in particular to the encryption of a cryptographic key c, sent by the user device to step E01 of the protection method described above, and to a value dependent on a result calculated by the user device, this value enabling the device user to determine the password when he has the answer to a question;
- a supply module 36 arranged to provide a user device with data. These data may correspond to a set of questions q t, an issue having an associated response has been to be supplied by the user, these questions are provided in a user registration phase with the management device or during a password loss management phase by the user device. This data may also correspond to the data previously obtained from the user device by the management device for storage in association with the user's identifier.
- a storage memory 34 arranged to store the data received from a registered user device.
- the obtaining module 35 is a receiving module and the supply module 36 is a sending module.
- the received value corresponds to an encryption C j of the password pwd of the user, the password of the user having been encrypted by means of a cryptographic key associated with a response to a question and, where appropriate, the corresponding question.
- the value received corresponds to an application of a polynomial P to at least one response associated with a question.
- the obtaining module 35 and the supply module 36 are software modules comprising software instructions for implementing those of the steps of the method for protecting a cryptographic key by means of a password. pass, as described above, which are executed by the management device.
- the invention therefore also relates to:
- a computer program comprising program instructions intended to control the execution of those steps of the method of protection of a cryptographic key by means of a password as described above, implemented by a device of management, when this program is executed by a processor of the management device, and - a readable recording medium on which is recorded the computer program described above.
- the invention also relates to a system for protecting a cryptographic key by means of a user password.
- Lin such system includes:
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR1762283A FR3075423A1 (fr) | 2017-12-15 | 2017-12-15 | Technique de protection d'une cle cryptographique au moyen d'un mot de passe utilisateur |
PCT/FR2018/053233 WO2019115943A1 (fr) | 2017-12-15 | 2018-12-12 | Technique de protection d'une clé cryptographique au moyen d'un mot de passe utilisateur |
Publications (1)
Publication Number | Publication Date |
---|---|
EP3724799A1 true EP3724799A1 (fr) | 2020-10-21 |
Family
ID=62143269
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP18833097.1A Pending EP3724799A1 (fr) | 2017-12-15 | 2018-12-12 | Technique de protection d'une clé cryptographique au moyen d'un mot de passe utilisateur |
Country Status (4)
Country | Link |
---|---|
US (1) | US11483146B2 (fr) |
EP (1) | EP3724799A1 (fr) |
FR (1) | FR3075423A1 (fr) |
WO (1) | WO2019115943A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116633544A (zh) * | 2023-07-21 | 2023-08-22 | 杭州海康威视数字技术股份有限公司 | 硬件密码模组内多核密钥分级存储与同步方法及装置 |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2022549671A (ja) * | 2019-09-25 | 2022-11-28 | コモンウェルス サイエンティフィック アンド インダストリアル リサーチ オーガナイゼーション | ブラウザアプリケーション用の暗号化サービス |
CN112052469A (zh) * | 2020-09-10 | 2020-12-08 | 鹏元征信有限公司 | 一种加密方法、解密方法、存储介质及终端设备 |
CN114189388A (zh) * | 2021-12-17 | 2022-03-15 | 中国电子科技网络信息安全有限公司 | 一种联盟链密钥管理***及方法 |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060233484A1 (en) | 2005-03-24 | 2006-10-19 | Richard Van Neste | Adhesive-assembled fiber-optic interferometer |
US8108683B2 (en) * | 2006-08-10 | 2012-01-31 | International Business Machines Corporation | Mitigating dictionary attacks on password-protected local storage |
US20080313473A1 (en) * | 2007-06-12 | 2008-12-18 | Les Technologies Deltacrypt | Method and surveillance tool for managing security of mass storage devices |
JP4764447B2 (ja) * | 2008-03-19 | 2011-09-07 | 株式会社東芝 | グループ署名システム、装置及びプログラム |
FR2929701B1 (fr) | 2008-04-07 | 2011-01-07 | Commissariat Energie Atomique | Capteur d'allongement a fibre optique. |
US20100037050A1 (en) * | 2008-08-06 | 2010-02-11 | Cuneyt Karul | Method and apparatus for an encrypted message exchange |
US8731203B2 (en) * | 2012-02-13 | 2014-05-20 | Alephcloud Systems, Inc. | Securing a secret of a user |
US9294267B2 (en) * | 2012-11-16 | 2016-03-22 | Deepak Kamath | Method, system and program product for secure storage of content |
US9634999B1 (en) * | 2013-11-04 | 2017-04-25 | Mobile Iron, Inc. | Mobile device key management |
WO2015070160A1 (fr) * | 2013-11-08 | 2015-05-14 | MustBin Inc. | Cryptage d'objet de données à activation corbeille et appareils, procédés et systèmes de stockage |
CN106104562B (zh) * | 2014-03-10 | 2020-04-28 | 钱晓燕 | 机密数据安全储存和恢复***及方法 |
US9589143B2 (en) * | 2014-04-17 | 2017-03-07 | Xerox Corporation | Semi-trusted Data-as-a-Service platform |
US10530576B2 (en) * | 2015-02-13 | 2020-01-07 | Insyde Software Corp. | System and method for computing device with improved firmware service security using credential-derived encryption key |
US10334062B2 (en) * | 2016-02-25 | 2019-06-25 | InAuth, Inc. | Systems and methods for recognizing a device |
US10608817B2 (en) * | 2016-07-06 | 2020-03-31 | Masimo Corporation | Secure and zero knowledge data sharing for cloud applications |
US10476862B2 (en) * | 2017-03-31 | 2019-11-12 | Mastercard International Incorporated | Systems and methods for providing digital identity records to verify identities of users |
-
2017
- 2017-12-15 FR FR1762283A patent/FR3075423A1/fr not_active Withdrawn
-
2018
- 2018-12-12 US US16/772,478 patent/US11483146B2/en active Active
- 2018-12-12 EP EP18833097.1A patent/EP3724799A1/fr active Pending
- 2018-12-12 WO PCT/FR2018/053233 patent/WO2019115943A1/fr unknown
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116633544A (zh) * | 2023-07-21 | 2023-08-22 | 杭州海康威视数字技术股份有限公司 | 硬件密码模组内多核密钥分级存储与同步方法及装置 |
CN116633544B (zh) * | 2023-07-21 | 2023-10-10 | 杭州海康威视数字技术股份有限公司 | 硬件密码模组内多核密钥分级存储与同步方法及装置 |
Also Published As
Publication number | Publication date |
---|---|
FR3075423A1 (fr) | 2019-06-21 |
US11483146B2 (en) | 2022-10-25 |
WO2019115943A1 (fr) | 2019-06-20 |
US20200389302A1 (en) | 2020-12-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3724799A1 (fr) | Technique de protection d'une clé cryptographique au moyen d'un mot de passe utilisateur | |
EP2767111B1 (fr) | Procédé de transfert du contrôle d'un module de sécurité d'une première entité à une deuxième entité | |
FR2922702A1 (fr) | Securisation de fichiers informatiques telechargeables sur un aeronef basee sur l'identite d'entites, procede d'authenfication, systeme et aeronef associes | |
FR2930390A1 (fr) | Procede de diffusion securisee de donnees numeriques vers un tiers autorise. | |
EP2345202A2 (fr) | Procédé de signature numérique en deux étapes | |
EP1774699A1 (fr) | Procede d'authentification anonyme base sur un algorithme cryptographique de type asymetrique | |
FR2930391A1 (fr) | Terminal d'authentification d'un utilisateur. | |
WO2016207527A1 (fr) | Procédé de conversion d'un premier chiffré en un deuxième chiffré | |
EP1958371A2 (fr) | Recouvrement de cles de dechiffrement perimees | |
EP3965361B1 (fr) | Echange de données entre un client et un dispositif distant, par exemple un module sécurisé | |
WO2007051769A1 (fr) | Procede de depot securise de donnees numeriques, procede associe de recuperation de donnees numeriques, dispositifs associes pour la mise en œuvre des procedes, et systeme comprenant les dits dispositifs | |
EP3456025B1 (fr) | Technique d'authentification d'un dispositif utilisateur | |
EP1794926A1 (fr) | Systeme et procede cryptographique a cle publique et serveur de certification, memoires adaptees pour ce systeme | |
EP2919412A1 (fr) | Procédé et système de chiffrement/déchiffrement de données à clé distante et vérification préalable de jeton | |
WO2011030069A1 (fr) | Procede de generation d'un certificat numerique | |
EP3266148B1 (fr) | Dispositif et procédé d'administration d'un serveur de séquestres numériques | |
FR3086417A1 (fr) | Procede cryptographique de comparaison securisee de deux donnees secretes x et y | |
EP3899765B1 (fr) | Réinitialisation d'un secret applicatif au moyen du terminal | |
WO2023062095A1 (fr) | Procédé et dispositif de transfert d'une communication d'une station de base à une autre | |
EP1642413B1 (fr) | Procede de chiffrement/dechiffrement d un message et disposi tif associe | |
EP4128700A1 (fr) | Procede et dispositif d'authentification d'un utilisateur aupres d'une application | |
WO2017005644A1 (fr) | Procédé et système de contrôle d'accès à un service via un média mobile sans intermediaire de confiance | |
FR2990818A1 (fr) | Procede de transfert et de stockage securise de documents et appareils associes au procede. | |
WO2021165625A1 (fr) | Procede de calcul d'une cle de session, procede de recuperation d'une telle cle de session | |
WO2016156737A1 (fr) | Procede d'obtention d'une liste d'au moins une donnee sensible |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: UNKNOWN |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE |
|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE |
|
17P | Request for examination filed |
Effective date: 20200702 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAV | Request for validation of the european patent (deleted) | ||
DAX | Request for extension of the european patent (deleted) | ||
RAP3 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: ORANGE |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20220114 |