Abstract: For cryptographically processing data, data (X) and a key (K) are fed to a cryptographic process (P), which may be a known process. In order to veil the nature of the process (P), auxiliary values as fed to the process, such as a supplementary key (K*), using which a supplementary process (P*) generates the key proper (K). The combination of the original process (P) and the supplementary process (P*) provides an unknown process, hence, the relationship between the supplementary key (K*) and the processed data (Y) is unknown. As a result, improved cryptographic security results.

Abstract: The invention provides a method for protectedly debiting an electronic payment mechanism, such as a telephone card. In the communication protocol between the payment mechanism and a payment station, an authentication is used to identify the payment mechanism during various steps of the protocol. According to the invention, the authentications are mutually related by states of a cryptographic process in order to be capable of detecting an interference in the protocol. The method may be applied to existing payment cards having a dynamic memory, it being guaranteed that the contents of the dynamic memory, in which there is located information related to the authentication, is not lost during the protocol.

Abstract: A method of loading commands (C1, C2, . . . ) in a security module (2) of a terminal (1) is disclosed. The method comprises the steps of: a station (4) transferring the commands (C1-Cn) to the terminal (1), the terminal (1) transferring the commands (C1-Cn) to the security module (2), the security module (2) executing the commands (C1-Cn), the terminal (1) selectively recording actual results (R1'-Rm') of the executed commands (C1-Cn), and the transfer means (3) transferring the results (R1'-Rm') back to the station (4). The commands may have associated expected results (e.g. R1), which the terminal (1) may compare with the actual results (e.g. R1' ). This allows both a flexible loading of data in the security module (2) by means of commands and a remote check of the functioning of the security module.

Abstract: The invention provides a method for protectedly debiting an electronic payment mechanism, such as a telephone card. In the communication protocol between the payment mechanism and payment station, an authentication is used to identify the payment mechanism during various steps of the protocol. According to the invention, the authentications are mutually related by states of a cryptographic process in order to be capable of detecting an interference in the protocol. The method may be applied to existing payment cards having a dynamic memory, it being guaranteed that the contents of the dynamic memory, in which there is located information related to the authentication, is not lost during the protocol.