Abstract: A method of checking the authenticity of at least a first portion of the content of a non-volatile memory of an electronic device including a microcontroller and an embedded secure element is disclosed. The method includes starting the microcontroller with instructions stored in a first secure memory area associated with the microcontroller and starting the secure element. The secure element has a plurality of decipher keys, each associated with a portion of the content of a second reprogrammable non-volatile memory area associated with the microcontroller. The secure element performs a signature check on a first portion of the content of the second area. If the signature is verified, the secure element sends the decipher key associated with the first portion to the microcontroller. If the signature is not verified, the secure element executes a signature check on another portion of the content of the second memory area.

Abstract: In accordance with an embodiment, an electronic device includes a secure element configured to implement a plurality of operating systems; and a near field communication module coupled to the secure element by a single bus and by a routing circuit configured to route routing data between the plurality of operating systems and a receive circuit of the near field communication module.

Abstract: The present disclosure relates to an authentication method of a first device by a second device, each first, second device having a processor, at least one memory, and an authentication circuit, in which the authentication circuit is configured to prohibit the processor from reading data stored in at least part of said memory. The authenticating includes generating a first datum, and a second datum. The second device verifies that the first and second data match.

Abstract: An embedded electronic system includes a volatile memory and a processor configured to execute a low-level operating system that manages allocation of areas of the volatile memory to a plurality of high-level operating systems. Each high-level operating system executes one or more of applications. The volatile memory includes a first portion reserved for execution data of a first application and a second portion intended to store execution data of a second application. The system is configured so that once the execution data of the first application are loaded in the first portion, the low-level operating system forbids unloading of the execution data of the first application from the first portion so that the execution data of the first application remain in the volatile memory in case of a deactivation or of a setting to standby of the first application.

Abstract: Provided are techniques for protecting a transaction in near-field communication. Provided is an electronic device including a processor hosting an application, a near-field communication module, and a secure element distinct from the processor. The near-field communication module is configured to identify the type of terminal emitting a polling frame, addressed to the application, that the communication module receives by analyzing the type of the polling frame. The device is configured to compare the result of the analysis with at least one command received from the terminal during the implementation of an NFC transaction.

Abstract: An electronic device includes a secure element and an application programming interface. The secure element, in operation, executes a first application. The application programming interface, in operation, verifies a reliability of a received command directed to the first application, and transmits the command and a result of the verification to the first application.

Abstract: An electronic device includes a processor and one or more secure elements. The processor executes a first high-level operating system and a first application. The one or more secure elements execute a first low-level operating system to verify a reliability, an authenticity, or a reliability and an authenticity of the first high-level operating system, and execute a second low-level operating system to execute a second application and to perform wireless communication with the first application. At each booting of the electronic device, the first low-level operating system performs a verification of the reliability, of the authenticity, or of the reliability and the authenticity of the first high-level operating system. In response to a request from the first application to the second application, the second low-level operating system requests a result of the verification from the first low-level operating system, and transmits the result to the second application.

Abstract: The present disclosure relates to secure storage, in a non-volatile memory, of initial data encrypted using a second data, including selecting a pointer aimed at an initial address of a memory cell of an initial part of the non-volatile memory, and encrypting the pointer using the second data; and-storing the encrypted pointer in the non-volatile memory.

Abstract: A near field communication (NFC) router of a telecommunication device has communication pipes between gates of the NFC router. The pipes include a set of communication pipes to implement NFC transactions, which are coupled between radio-frequency gates of the NFC router and physical gates of the NFC router assigned to a security circuit. An attempt to use a pipe, other than one of the set, to implement an NFC transaction is detected by, in response to receiving a message in a NFC communication format via a pipe, comparing bits associated with the pipe with stored bits associated with the set of communication pipes. In response to the comparing indicating the pipe is not one of the set of communication pipes, implementation of the NFC transaction is blocked.

Abstract: A method and associated circuits protect data stored in a secure data circuit of a telecommunication device equipped with a near-field communication (NFC) router, a microcontroller, and the secure data circuit. In the method, each message received with the NFC router is parsed to retrieve a communication pipe identifier and an instruction code. The communication pipe identifier and the instruction code are compared to corresponding information in a filter table. Instruction codes of particular messages that attempt to modify a communication pipe by reassigning one end of the communication pipe from the port of the NFC router to a different circuit are acted upon. These messages are blocked from reaching the secure data circuit when the instruction code is not authorized in the filter table, and these messages are permitted when the instruction code is authorized in the filter table.

Abstract: The disclosure includes a method of authenticating a processor that includes an arithmetic and logic unit. At least one decoded operand of at least a portion of a to-be-executed opcode is received on a first terminal of the arithmetic and logic unit. A signed instruction is received on a second terminal of the arithmetic and logic unit. The signed instruction combines a decoded instruction of the to-be-executed opcode and a previous calculation result of the arithmetic and logic unit.

Abstract: A method of pairing between a first host device and a first peripheral device includes entering by a user of the first host device a verification value, as well as comparing, by the first peripheral device, between the verification value and a first secret value stored in a memory of the first peripheral device. When the verification corresponds to the first secret value, the method of pairing further includes calculating and storing a first pairing key by the first host device and the first peripheral device to perform the pairing.

Abstract: The disclosure includes a method of authenticating a processor that includes an arithmetic and logic unit. At least one decoded operand of at least a portion of a to-be-executed opcode is received on a first terminal of the arithmetic and logic unit. A signed instruction is received on a second terminal of the arithmetic and logic unit. The signed instruction combines a decoded instruction of the to-be-executed opcode and a previous calculation result of the arithmetic and logic unit.

Abstract: A method of checking the authenticity of at least a first portion of the content of a non-volatile memory of an electronic device including a microcontroller and an embedded secure element is disclosed. The method includes starting the microcontroller with instructions stored in a first secure memory area associated with the microcontroller and starting the secure element. The secure element has a plurality of decipher keys, each associated with a portion of the content of a second reprogrammable non-volatile memory area associated with the microcontroller. The secure element performs a signature check on a first portion of the content of the second area. If the signature is verified, the secure element sends the decipher key associated with the first portion to the microcontroller. If the signature is not verified, the secure element executes a signature check on another portion of the content of the second memory area.

Abstract: Cryptographic circuitry, in operation, generates N first pairs of elliptic curve cryptography (ECC) keys r(i), R(i), with i varying from 1 to N, using K second pairs of ECC keys p(k), P(k), with k varying from 1 to K, wherein K is smaller than N. Each pair r(i), R(i) of the first pairs of keys is a linear combination of pairs of the second pairs of ECC keys according to: ? i ? [ 1 ; N ] ? { r ? ( l ) = ? j = 1 K A ? ( i , j ) * p ? ( j ) R ? ( i ) = ? j = 1 K A ? ( i , j ) * P ? ( j ) , wherein A(i,j) designates a general term of a matrix A of size N*K, and all the sub-matrices of size K*K are invertible. The cryptographic circuitry, in operation, executes cryptographic operations using one or more pairs of the first pairs of ECC keys.

Abstract: A method of configuring a contactless communication device is provided. The contactless communication device includes integrated circuits hosting at least two applications compatible with different communication protocols or the same communication protocol and using different communication parameters and a contactless communication circuit. The method includes stopping, by the contactless communication circuit, the transmission of answers of the contactless communication device to requests transmitted by a proximity coupling reader during a transaction initiated by the reader to cause the initiation by the reader of a new transaction.

Abstract: Embedded systems and methods of reading or writing data or instructions of at least one application in a non-volatile memory are disclosed. A method includes reading or writing data or instructions of at least one application in a non-volatile memory of an embedded system. The data or instructions transit through a memory area and are interpreted by a distinct program of an operating system of the embedded system.

Abstract: The present disclosure relates to a monotonic counter whose value is represented by a number N of binary words of N memory cells of a non-volatile memory, and being able to implement a step increment operation wherein if only one first memory cell represents a first value different from zero, then a second value equal to the said first value incremented by two times the said step is written into a second memory cell of rank directly higher than the rank of the first memory cell; and if a third and a fourth memory cell of consecutive ranks represent, respectively, a third value and a fourth value different from zero, then the third value of the third memory cell of lower rank is erased.

Abstract: The present description concerns a method of starting a first application configured to be implemented by at least one low-level operating system of a secure element, including the verification of at least a first piece of information updated after each operation of resetting of the secure element, the first piece of information being associated with the at least one low-level operating system.

Abstract: A method of checking the authenticity of at least a first portion of the content of a non-volatile memory of an electronic device including a microcontroller and an embedded secure element is disclosed. The method includes starting the microcontroller with instructions stored in a first secure memory area associated with the microcontroller and starting the secure element. The secure element has a plurality of decipher keys, each associated with a portion of the content of a second reprogrammable non-volatile memory area associated with the microcontroller. The secure element performs a signature check on a first portion of the content of the second area. If the signature is verified, the secure element sends the decipher key associated with the first portion to the microcontroller. If the signature is not verified, the secure element executes a signature check on another portion of the content of the second memory area.