PE20212000A1 - Un chip de circuito y un metodo para su funcionamiento - Google Patents

Un chip de circuito y un metodo para su funcionamiento

Info

Publication number
PE20212000A1
PE20212000A1 PE2021000730A PE2021000730A PE20212000A1 PE 20212000 A1 PE20212000 A1 PE 20212000A1 PE 2021000730 A PE2021000730 A PE 2021000730A PE 2021000730 A PE2021000730 A PE 2021000730A PE 20212000 A1 PE20212000 A1 PE 20212000A1
Authority
PE
Peru
Prior art keywords
circuit chip
integrated circuit
patch
digital certificate
extension
Prior art date
Application number
PE2021000730A
Other languages
English (en)
Inventor
Sebastien Chapellier
Mario-Locas Ranti
Jervis Wang-Zw
Yong Jie Foo
Original Assignee
Thales Dis France Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales Dis France Sa filed Critical Thales Dis France Sa
Publication of PE20212000A1 publication Critical patent/PE20212000A1/es

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B42BOOKBINDING; ALBUMS; FILES; SPECIAL PRINTED MATTER
    • B42DBOOKS; BOOK COVERS; LOOSE LEAVES; PRINTED MATTER CHARACTERISED BY IDENTIFICATION OR SECURITY FEATURES; PRINTED MATTER OF SPECIAL FORMAT OR STYLE NOT OTHERWISE PROVIDED FOR; DEVICES FOR USE THEREWITH AND NOT OTHERWISE PROVIDED FOR; MOVABLE-STRIP WRITING OR READING APPARATUS
    • B42D25/00Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
    • B42D25/20Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof characterised by a particular use or purpose
    • B42D25/24Passports
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B42BOOKBINDING; ALBUMS; FILES; SPECIAL PRINTED MATTER
    • B42DBOOKS; BOOK COVERS; LOOSE LEAVES; PRINTED MATTER CHARACTERISED BY IDENTIFICATION OR SECURITY FEATURES; PRINTED MATTER OF SPECIAL FORMAT OR STYLE NOT OTHERWISE PROVIDED FOR; DEVICES FOR USE THEREWITH AND NOT OTHERWISE PROVIDED FOR; MOVABLE-STRIP WRITING OR READING APPARATUS
    • B42D25/00Information-bearing cards or sheet-like structures characterised by identification or security features; Manufacture thereof
    • B42D25/30Identification or security features, e.g. for preventing forgery
    • B42D25/305Associated digital information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/033Test or assess software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography
    • G06Q2220/10Usage protection of distributed data files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/26Government or public services
    • G06Q50/265Personal security, identity or safety

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Tourism & Hospitality (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Marketing (AREA)
  • Primary Health Care (AREA)
  • Strategic Management (AREA)
  • Human Resources & Organizations (AREA)
  • General Business, Economics & Management (AREA)
  • Economics (AREA)
  • Educational Administration (AREA)
  • Development Economics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)

Abstract

Parcheo seguro de un sistema operativo del chip de circuito integrado. Un servidor de parches cifra un parche en el sistema operativo del chip de circuito integrado y transmite el parche cifrado a un servidor de autoridad emisora. El servidor de la autoridad emisora agrega el parche cifrado a un certificado digital en una extension del certificado digital y transmite el certificado digital, incluido el parche cifrado, a un terminal. El terminal transmite el certificado digital al chip de circuito integrado. El chip de circuito integrado recupera la extension del segundo certificado digital y descifra la extension mediante una clave de descifrado del fabricante del chip de circuito integrado, y recupera asi el parche en el sistema operativo del chip de circuito integrado e instala el parche en el sistema operativo del chip de circuito integrado.
PE2021000730A 2018-11-21 2019-11-20 Un chip de circuito y un metodo para su funcionamiento PE20212000A1 (es)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP18306538.2A EP3656577A1 (en) 2018-11-21 2018-11-21 In-the-field patching of an operating system using a digital certificate extension
PCT/EP2019/081955 WO2020104537A1 (en) 2018-11-21 2019-11-20 A circuit chip and a method of operating it

Publications (1)

Publication Number Publication Date
PE20212000A1 true PE20212000A1 (es) 2021-10-18

Family

ID=65228298

Family Applications (1)

Application Number Title Priority Date Filing Date
PE2021000730A PE20212000A1 (es) 2018-11-21 2019-11-20 Un chip de circuito y un metodo para su funcionamiento

Country Status (11)

Country Link
US (1) US11849049B2 (es)
EP (2) EP3656577A1 (es)
JP (1) JP7108257B2 (es)
KR (1) KR102519828B1 (es)
CA (1) CA3119676A1 (es)
CO (1) CO2021008019A2 (es)
IL (1) IL283250A (es)
MX (1) MX2021005971A (es)
PE (1) PE20212000A1 (es)
WO (1) WO2020104537A1 (es)
ZA (1) ZA202103391B (es)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113489592B (zh) * 2021-07-01 2023-03-24 公安部第三研究所 针对eID电子证照实现快捷通关能力开通处理的***及其方法
CN116070219B (zh) * 2023-04-06 2023-07-25 北京紫光青藤微***有限公司 用于写补丁的方法及***、电子设备、存储介质

Family Cites Families (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6338435B1 (en) 1999-01-15 2002-01-15 Todd Carper Smart card patch manager
JP4207465B2 (ja) * 2002-06-07 2009-01-14 ソニー株式会社 データ処理権限管理システム、情報処理装置、および方法、並びにコンピュータ・プログラム
US7802085B2 (en) * 2004-02-18 2010-09-21 Intel Corporation Apparatus and method for distributing private keys to an entity with minimal secret, unique information
US7836306B2 (en) * 2005-06-29 2010-11-16 Microsoft Corporation Establishing secure mutual trust using an insecure password
US8572219B1 (en) * 2006-03-02 2013-10-29 F5 Networks, Inc. Selective tunneling based on a client configuration and request
JP2008181228A (ja) * 2007-01-23 2008-08-07 Sony Corp 管理システムおよび管理方法、端末装置、管理サーバ、並びにプログラム
JP5180678B2 (ja) * 2008-05-19 2013-04-10 株式会社日立製作所 Icカード、icカードシステムおよびその方法
JP4377450B1 (ja) * 2009-03-12 2009-12-02 パナソニック株式会社 帳票リーダ装置および帳票認証方法
WO2012094254A1 (en) * 2011-01-05 2012-07-12 Smith Micro Software, Inc. Device api for securely monitoring and managing mobile broadband devices
DE102011015711A1 (de) 2011-03-31 2012-10-04 Giesecke & Devrient Gmbh Aktualisierung einer Datenträgerapplikation
ES2558008T3 (es) * 2011-05-06 2016-02-01 Nokia Technologies Oy Determinación de la configuración de aparatos y datos de programación
US8990356B2 (en) * 2011-10-03 2015-03-24 Verisign, Inc. Adaptive name resolution
WO2016073202A1 (en) * 2014-11-04 2016-05-12 Intelligent Technologies International, Inc. Smartcard
WO2016076880A1 (en) * 2014-11-14 2016-05-19 Hewlett Packard Enterprise Development Lp Secure update of firmware and software
US20160315777A1 (en) * 2015-04-24 2016-10-27 Citrix Systems, Inc. Certificate updating
US20190005268A1 (en) * 2015-05-27 2019-01-03 Vishal Gupta Universal original document validation platform
CN106295385B (zh) * 2015-05-29 2019-10-22 华为技术有限公司 一种数据保护方法和装置
US10523435B2 (en) * 2015-07-20 2019-12-31 Digicert, Inc. Mutable fields in digital certificates
PL3352993T3 (pl) * 2015-09-24 2020-07-13 Sicpa Holding Sa Zdalne znakowanie paszportów i dokumentów bezpieczeństwa
US9998285B2 (en) * 2015-12-22 2018-06-12 T-Mobile Usa, Inc. Security hardening for a Wi-Fi router
US20170300317A1 (en) * 2016-03-24 2017-10-19 Knight Point Systems, Inc. System and method for patching software in a target computer system device
CN107341393A (zh) * 2016-04-29 2017-11-10 腾讯科技(深圳)有限公司 应用程序安装包的检测方法和装置
US10498540B2 (en) * 2016-05-24 2019-12-03 Arris Enterprises Llc Efficient encrypted software distribution mechanism
US10855462B2 (en) * 2016-06-14 2020-12-01 Honeywell International Inc. Secure in-band upgrade using key revocation lists and certificate-less asymmetric tertiary key pairs
US10505730B2 (en) * 2017-02-06 2019-12-10 Red Hat, Inc. Secure data management
AU2018219696B2 (en) * 2017-02-10 2021-03-25 Huawei Technologies Co., Ltd. Method for updating certificate issuer public key, and related device and system
JP7208707B2 (ja) * 2017-02-17 2023-01-19 キヤノン株式会社 情報処理装置及びその制御方法とプログラム
CN109547400A (zh) * 2017-09-22 2019-03-29 三星电子株式会社 通信方法、完整性验证方法和客户端的服务器注册方法
US10861600B2 (en) * 2017-09-28 2020-12-08 General Electric Company Method and system for user-verifiable certification of software for medical devices
US10542091B2 (en) * 2017-11-14 2020-01-21 Sap Se Repository-based shipment channel for cloud and on-premise software
EP3489853B1 (en) * 2017-11-27 2021-02-24 Schneider Electric Industries SAS A method for providing a firmware update of a device
US11533184B2 (en) * 2018-01-29 2022-12-20 Arris Enterprises Llc Method and apparatus for online and offline generation of unique digital certificates
US11323274B1 (en) * 2018-04-03 2022-05-03 Amazon Technologies, Inc. Certificate authority
US20190386822A1 (en) * 2018-06-17 2019-12-19 Altair Semiconductor Ltd. Personalizing an Integrated Circuit that is Produced with Embedded Root of Trust Secret
US10805087B1 (en) * 2018-09-28 2020-10-13 Amazon Technologies, Inc. Code signing method and system
WO2020073206A1 (zh) * 2018-10-09 2020-04-16 华为技术有限公司 芯片、生成私钥的方法和可信证明的方法

Also Published As

Publication number Publication date
EP3883782A1 (en) 2021-09-29
EP3883782C0 (en) 2024-05-22
KR102519828B1 (ko) 2023-04-10
KR20210107681A (ko) 2021-09-01
US20220014387A1 (en) 2022-01-13
EP3883782B1 (en) 2024-05-22
WO2020104537A1 (en) 2020-05-28
ZA202103391B (en) 2022-08-31
MX2021005971A (es) 2021-09-14
CO2021008019A2 (es) 2021-11-30
EP3656577A1 (en) 2020-05-27
IL283250A (en) 2021-07-29
JP7108257B2 (ja) 2022-07-28
CA3119676A1 (en) 2020-05-28
US11849049B2 (en) 2023-12-19
JP2022509794A (ja) 2022-01-24

Similar Documents

Publication Publication Date Title
CN103229451B (zh) 用于硬件设备的密钥供应的方法和装置
US8677144B2 (en) Secure software and hardware association technique
PE20212000A1 (es) Un chip de circuito y un metodo para su funcionamiento
CO2019007875A2 (es) Direccionamiento de un entorno de ejecución confiable utilizando clave de firma
GB2498039B (en) Password recovery service
WO2018098081A3 (en) Apparatus and method for sharing credentials in an internet of things (iot) system
CN109034796B (zh) 基于联盟链的交易监管方法、电子装置及可读存储介质
WO2016057086A8 (en) Common modulus rsa key pairs for signature generation and encryption/decryption
RU2018141237A (ru) Использование аппаратно-обеспечиваемой защищенной изолированной области для предотвращения пиратства и мошенничества в электронных устройствах
CU24586B1 (es) Método para la autenticación de una red de servicio por un equipo de usuario (ue) utilizando credenciales de una red doméstica
EP2544400A3 (en) PUF based Cryptographic communication system and cryptographic communication method
GB2528226A (en) Method performed by at least one server for processing a data packet from a first computing device to a second computing device to permit end-to-end
MX2016007218A (es) Metodo y sistema para la transmision segura de mensajes del servicio de notificacion a distancia a dispositivos moviles sin elementos de seguridad.
MX2018016420A (es) Sistema de gestion de credenciales electrónicas.
MX361152B (es) Aprovisionamiento de licencias de gestión de derechos digitales (drm) en un dispositivo cliente que utiliza un servidor de actualizaciones.
MX2017005313A (es) Mensajeria de transacciones.
AR099338A1 (es) Sistema y método de autenticación
ATE523020T1 (de) Verfahren zur synchronisierung zwischen server und mobiler vorrichtung
WO2007027241A3 (en) Multi-key cryptographically generated address
WO2014120436A3 (en) Framework for provisioning devices with externally acquired component-based identity data
BR112017009372A2 (pt) autenticação de mensagens em uma comunicação sem fio
GB2533748A (en) Polymorphic encryption key matrices
MX2018010943A (es) Anti-clonacion de modem de cable.
CL2021003062A1 (es) Anticlonación de cablemódem
MX2016000585A (es) Metodo para proteger claves de desencriptacion en un decodificador y decodificador para implementar dicho metodo.