Abstract: A method and apparatus are provided for identifying and authenticating a radio tag by a radio reader. The tag forms part of a set of tags in a radio range of the reader and has selected a time slot from a set of available time slots. The method includes: a step of the reader sending a query message during the selected time slot; and a step of the reader receiving a reply message from the tag that selected the time slot. The reply message includes a random value selected by the tag. The tag stores authentication coupons and the reply from the tag received by the reader during the time slot contains, as a random value selected by the tag, a value that is a function of one of the coupons.

Abstract: A method and apparatus are provided for mutually authenticating a reader and a radio tag. The method includes: a step of the tag sending data to the reader, the data enabling an index to be determined for identifying an authentication coupon of the reader, the index being selected by the tag; a step of the reader obtaining the coupon from the determined index and of the reader sending the coupon to the tag; a step of the tag obtaining an authentication value from the selected index and of the tag verifying that the coupon received from the reader corresponds to the authentication value that is obtained, if the verification is positive, then a step of finalizing the authentication of the tag by the reader; and if the verification is negative, interrupting the mutual authentication method.

Abstract: A method for converting, by means of a conversion entity, a first digit into a second digit, the first cipher corresponding to the result of a symmetric probabilistic encryption of an plain message element using a first secret matrix parameterized by a random vector, the second digit corresponding to the result of a symmetric probabilistic encryption of the plain message element using a second secret matrix that is parameterized by the random vector, characterized in that the method includes a step of: calculating the second digit by encrypting the first digit using a secret conversion matrix which is a function of the first and second secret matrices, and which is parameterized by the random vector.

Abstract: A method and apparatus are provided to perform a cryptographic task on at least one numerical datum in an electronic hardware component. The method includes a step of at least partial use of an encryption function. This encryption function includes a basic encryption function obtained by the addition between an intermediate function arising from composition of a coding function with a first function, and a second function. This method can be applied to the encryption of a datum or to the decryption of a datum. Also, a method is provided for generating a public key and a device able to implement one of these methods.

Abstract: The invention relates to a method of probabilistic symmetric encryption of a plaintext message element with the aid of a secret key that can be represented in the form of a matrix. It comprises an operation of encrypting the plaintext message element, with the aid of the matrix parametrized by a random vector, so as to obtain an encrypted message element coupled to the random vector. Furthermore, there is envisaged a step of encoding the plaintext message element as a code word with the aid of an error correcting code having a given correction capacity and a step of adding a noise vector. The error correcting code and the noise vector are adapted so that the Hamming weight of the noise vector is less than or equal to the correction capacity of the correcting code.

Abstract: A secure communications method is provided for use in a telecommunications network, wherein a transaction between an entity A and an entity B of the network comprises: entity A sending an authorization request to an Authorization Server S, in which request the entity A identifies itself and authenticates itself; the entity A declares to the Authorization Server its intention to communicate with a certain entity B; the Authorization Server determines a secret key that it shares with the entity B; the Authorization Server generates a session key and sends it to the entity A; the session key being a one-way function of the secret key and also being a function of an integer (transaction number) allocated to the transaction; the Authorization Server also generates a transaction identifier that is a function depending at least on the transaction number in non-invertible manner.

Abstract: A method of generating a pseudorandom sequence of terms belonging to a finite body K of cardinal q?2 intended to be used in a cryptographic procedure, said method comprising the iterative calculation, from an initialization n-tuple X(0)=(X(0)1, X(0)2, . . . , X(0)n), where n?2, of elements of K, of n-tuples X(i)=(X(i)1, X(i)2, . . . , X(i)n) of elements of K (where i=1, 2, . . . ), each n-tuple X(i) being obtained on iteration number i in a predetermined manner at least from certain components Y(i)k of an m-tuple Y(i)=(Y(i)1, Y(i)2, . . . , Y(i)m), where m?n, of elements of K and the terms of said pseudorandom sequence being extracted in a predetermined manner from the n-tuples X and/or the m-tuples Y. For at least one value of i, among said components Y(i)k of the m-tuple Y(i) that are used to obtain the multiplet X(i), at least E(n/2) of them are each represented by a predetermined second degree polynomial function, with coefficients in K, of the components of the n-tuple X(i?1).

Abstract: An authentication method of a prover device by a verifier device using cryptographic coupons is provided, where a coupon includes a pseudo-random number ri, where i is an index for labeling the coupon, and a reduced-coupon xi such that xi=ƒ(ri), where ƒ is a predetermined one-way function, the method including the following steps: the verifier device sends a challenge consisting of a random value c to the prover device; the prover device sends to the verifier device a response y calculated by using the pseudo-random number ri, the challenge c, and a secret key s belonging to the prover device; and the verifier device checks the validity of the response y based on the challenge c, the reduced-coupon xi corresponding to the pseudo-random number ri, and a public key V corresponding to the secret key s, the reduced-coupon xi being received by the verifier device from a source external to the prover device.

Abstract: A method of implementing a block cipher algorithm by a device storing a fixed initialization datum includes determining, before execution of a first iteration of the algorithm in the course of a session, a modified initialization datum by way of a determined function supplied as input with the fixed initialization datum and a state value specific to the session. The state value may be stored in the device. The modified initialization datum may be used to implement the first iteration of the algorithm.

Abstract: A system and a method for cryptographic reduced-coupon reloading are provided, where a coupon includes a pseudo-random number ri=PRFK(i), where i is an index for labeling the coupon, PRF is a predetermined pseudo-random function and K is a regeneration key, and a “reduced-coupon” xi=ƒ(ri), where ƒ is a predetermined one-way function, where: a candidate device and a second device acquire a common value of a token T, the candidate device transmits a verification value vT to the second device, the second device verifies whether the verification value is equal to PRF?Q(T), where PRF? is a predetermined keyed pseudo-random function identical to, or derived from, the pseudo-random function PRF, where Q is an authentication key owned by the second device and known to the candidate device provided the candidate device is a legitimate reloading device, and if the verification is positive, one or several reduced-coupon(s) provided by the candidate device are stored in the second device.

Abstract: A method of authenticating an entity by a verification entity, said entities sharing a pair of secret keys X and Y which are n×m (n, m>i) binary matrices. The method may be applied to cryptographic protocols for authenticating electronic chips at a very low cost.

Abstract: The invention relates to a secure communication between an electronic label (A) and a reader (B), in particular for the authentication of the label by the reader, in which: the reader (31) transmits at least one datum (Ch) to the label, the label calculates a combination comprising at least the datum from the reader (Ch)) and a secret (Si) specific to the label, and the label communicates (32) the result (C(Si, Ch)) of the combination to the reader (B) for verification purposes. The aforementioned combination (C(Si, Ch)) is preferably calculated using a current secret value (Si) delivered by a pseudo-random number generator (33). The reader (B) is also provided with a homologous pseudo-random generator.

Abstract: The invention relates to a method of generating a pseudorandom string of terms belonging to a finite body K of cardinal q?2 intended to be used in a cryptography procedure, said method comprising the iterative calculation of a system (?) of m polynomials with n variables belonging to the finite body K. According to the invention, the coefficients of these m polynomials are regenerated at each iteration. The invention also relates to pseudorandom string generator intended to implement this method.

Abstract: A method and apparatus are provided for identifying and authenticating a radio tag by a radio reader. The tag forms part of a set of tags in a radio range of the reader and has selected a time slot from a set of available time slots. The method includes: a step of the reader sending a query message during the selected time slot; and a step of the reader receiving a reply message from the tag that selected the time slot. The reply message includes a random value selected by the tag. The tag stores authentication coupons and the reply from the tag received by the reader during the time slot contains, as a random value selected by the tag, a value that is a function of one of the coupons.

Abstract: A method and apparatus are provided for encrypting a plaintext message element into a ciphertext message element associated with a random vector a first subset of encrypting users. The message element is encoded using an error correcting code and then encrypted by a secret matrix, parameterized by the random vector and with noise added by a noise vector. The method includes obtaining the secret matrix parameterized by the random vector and with noise by adding together user secret matrices specific to each of the encryption users. The user secret matrices are parameterized by the random vectors and having noise added by respective noise vectors specific to the encrypting users.

Abstract: A method for converting, by means of a conversion entity, a first digit into a second digit, the first cipher corresponding to the result of a symmetric probabilistic encryption of an plain message element using a first secret matrix parameterized by a random vector, the second digit corresponding to the result of a symmetric probabilistic encryption of the plain message element using a second secret matrix that is parameterized by the random vector, characterized in that the method includes a step of: calculating the second digit by encrypting the first digit using a secret conversion matrix which is a function of the first and second secret matrices, and which is parameterized by the random vector.

Abstract: A method and apparatus are provided for mutually authenticating a reader and a radio tag. The method includes: a step of the tag sending data to the reader, the data enabling an index to be determined for identifying an authentication coupon of the reader, the index being selected by the tag; a step of the reader obtaining the coupon from the determined index and of the reader sending the coupon to the tag; a step of the tag obtaining an authentication value from the selected index and of the tag verifying that the coupon received from the reader corresponds to the authentication value that is obtained, if the verification is positive, then a step of finalizing the authentication of the tag by the reader; and if the verification is negative, interrupting the mutual authentication method.

Abstract: A secure communications method is provided for use in a telecommunications network, wherein a transaction between an entity A and an entity B of the network comprises: entity A sending an authorization request to an Authorization Server S, in which request the entity A identifies itself and authenticates itself; the entity A declares to the Authorization Server its intention to communicate with a certain entity B; the Authorization Server determines a secret key that it shares with the entity B; the Authorization Server generates a session key and sends it to the entity A; the session key being a one-way function of the secret key and also being a function of an integer (transaction number) allocated to the transaction; the Authorization Server also generates a transaction identifier that is a function depending at least on the transaction number in non-invertible manner.

Abstract: A device and a method of cryptographically hashing a message M, including the following steps: forming a sequence (M1, . . . , Mi, . . . , Mc) of data m-tuples M1=(a1,1, . . . , a1,m), . . . Mi=(ai,1, . . . , ai,m), . . . , Mc=ac,1, . . . , ac,m), where m is a strictly positive integer, from said message M; iteratively calculating successive output p-tuples V1, . . . , Vi, . . . , Vc, where p is a strictly positive integer, corresponding to said sequence (M1, . . . , Mi, . . . , Mc) of data m-tuples as a function of at least one set of multivariate polynomials defined over a finite field; and determining a hashing value of said message M as a function of the last output p-tuple Vc.

Abstract: A method and apparatus are provided to perform a cryptographic task on at least one numerical datum in an electronic hardware component. The method includes a step of at least partial use of an encryption function. This encryption function includes a basic encryption function obtained by the addition between an intermediate function arising from composition of a coding function with a first function, and a second function. This method can be applied to the encryption of a datum or to the decryption of a datum. Also, a method is provided for generating a public key and a device able to implement one of these methods.