Patents Assigned to THALES DIS FRANCE SAS
-
Patent number: 12273436Abstract: Provided is a method for testing if a candidate data element, belongs to a list of reference data elements, performed by a client device (102) and comprising the steps of generating an encrypted candidate data element (y?) by encrypting said candidate data element (x?) with a leveled fully homomorphic encryption scheme, transmitting said encrypted candidate data element (y?) to a server device (103), storing said reference data elements (xi) receiving, from said server device, a delta value depending on a product of differences, decrypting said delta value with said leveled fully homomorphic encryption scheme, based on said decrypted delta value, determining whether said candidate data element (x?) belongs to said list of reference data elements (xi). Other embodiments disclosed.Type: GrantFiled: February 10, 2021Date of Patent: April 8, 2025Assignee: THALES DIS FRANCE SASInventor: Aline Gouget
-
Patent number: 12265608Abstract: The present invention relates to a method for protecting a program in a computer system, the method comprising: when a subroutine of said program is called, pushing a return address on to a stack to start forming a stack frame; when pushing said return address, generating a checksum for said stack frame; each time a predetermined opcode is detected for said subroutine, updating said checksum according to an operand associated with said predetermined opcode; if the predetermined opcode is a pop opcode, in addition to said updating, determining whether the operand associated with said pop opcode is said return address; if it is determined that said operand is said return address, verifying said checksum before executing said predetermined opcode in order to detect an attack.Type: GrantFiled: June 1, 2021Date of Patent: April 1, 2025Assignee: THALES DIS FRANCE SASInventors: Naveed Ahmed, Prasanna Hegde
-
Publication number: 20250094621Abstract: A secure element for a device includes an operative system the secure element including a first security applet configure to communicate with the device operative system, wherein the first security applet is configure to accept any first external application, after performing a key registration, as a local administrator application for some first data provided by the first external application, so that no other external application may access the first data without a permission of the first external application. The disclosure also provides a telecommunications device and a method of management of secure information in such a secure element.Type: ApplicationFiled: June 30, 2022Publication date: March 20, 2025Applicant: THALES DIS FRANCE SASInventors: Qi Rong LAI, Harmony Stephanie Yu ANG, Junjie Daniel NGUI, Fabien COURTIADE, Gerald MAUNIER, Januar LIANTO, Tung Shen ANG
-
Patent number: 12254103Abstract: A system, mobile device, and method for managing security policies for data items stored in an electronic identification (eID) wallet on the mobile device. Security policies are associated with each of a plurality of supported namespaces on a mobile device and a verifier terminal operates to select a namespace to access a data item stored on the mobile device based on the security policies associated with the plurality of supported namespaces on the mobile device.Type: GrantFiled: September 25, 2020Date of Patent: March 18, 2025Assignee: THALES DIS FRANCE SASInventors: Mourad Faher, Carole Bayle
-
Patent number: 12255884Abstract: Provided is a method for establishing a secure connection from a chip to a network. The method comprises sending a connection request with a decentralized identifier address, sending a request for getting a decentralized identifier, sending, to the network, the decentralized identifier, sending, to the chip, an authentication request with data, and determining and sending, to the network, authentication data, and authenticating the chip. It further include sending, to the ledger, a request for getting subscription data associated with the decentralized identifier address, verifying, whether the decentralized identifier address is associated with a subscription wallet address or a subscription address in an operator wallet sending, to the network, associated subscription data, verifying whether valid, and establishing, when valid, a connection to the chip.Type: GrantFiled: December 18, 2020Date of Patent: March 18, 2025Assignee: THALES DIS FRANCE SASInventors: Julien Delsuc, Stéphane Schirar
-
Patent number: 12256468Abstract: Provided is a method for pushing data to a mobile network operator (MNO), the method being suitable to be implemented by a server and comprising the following steps of: receiving, from the MNO, a message comprising at least one communication pattern associated with at least one device identifier identifying a type or a provider of a device; receiving, from a user, a request for downloading a subscription profile of the MNO; sending, in response to the request, the subscription profile to a device of the user; identifying, from the at least one communication pattern, a communication pattern applicable to the subscription profile according to device data obtained from the request; and pushing data comprising an identifier of the subscription profile and the applicable communication pattern to the MNO.Type: GrantFiled: February 1, 2021Date of Patent: March 18, 2025Assignee: THALES DIS FRANCE SASInventors: Jean-Yves Fine, Frederic Dao
-
Publication number: 20250088356Abstract: Provided is a method for securely transferring data element values stored in a first device to a second device, where each stored data element value being encrypted with a storage key (KSi). It includes mutually agreeing on a short term session key (STK), determining, for each stored data element value an ephemeral key as a sub-sequence of a pseudorandom sequence (bsi) derived from the short term session key (STK), encrypting, each stored data element values using said ephemeral key, decrypting, each data element value encrypted with an ephemeral key, using the storage key (KSi), to obtain KSi-decrypted data element values, transferring said KSi-decrypted data element values from the first device to the second device, obtaining, by the second device, the ephemeral keys from the short term session key (STK), and decrypting the transferred data element values using the obtained ephemeral key.Type: ApplicationFiled: July 20, 2022Publication date: March 13, 2025Applicant: THALES DIS FRANCE SASInventors: Michael ADJEDJ, Véronique CHARPEIGNET, Aline GOUGET
-
Patent number: 12250216Abstract: The present invention relates to a method for authentication of a user using a user equipment, comprising an authentication engine for authenticating at least one user, said authentication engine being configured to operate with a local authentication model, wherein the method comprises the step for the user equipment of enhancing its local authentication model by at least one authentication factor, wherein said at least one authentication factor is stored in the local authentication model with a validity indication, indicating the time the authentication factor is valid for taking into account by the authentication engine, and authenticating a user by means of a match of the local authentication model with a set of user behavior indications retrieved by the user equipment through the authentication engine.Type: GrantFiled: March 15, 2019Date of Patent: March 11, 2025Assignee: THALES DIS FRANCE SASInventors: Frédéric Dao, Thomas Dandelot, Frédéric Paillart, Frédéric Faure, Fabrice Delhoste
-
Publication number: 20250080527Abstract: The invention is a method for managing a remote server that assigns to a user agent (30) a session reference (31) and a user authentication request. The user agent (30) delegates the authentication request to an identity wallet (20) that sends a proof (21) of identity to the remote server (10). The user agent and the identity wallet are two separate devices, one of which generates and displays an ephemeral confirmation token (60) and sends to the remote server a control token (65) generated from the ephemeral confirmation token. The other of said devices gets a code (61) entered by the user then communicates with the remote server for contributing to a checking of the code by using the control token. The remote server grants rights associated to the session reference only if the proof of the identity is valid and if said checking is successful.Type: ApplicationFiled: December 6, 2022Publication date: March 6, 2025Applicant: THALES DIS FRANCE SASInventor: Stéphane DURAND
-
Patent number: 12238518Abstract: Provided is a method to operate a secure chip card for connecting to a user equipment operating in a cellular network comprising a plurality of network slices, wherein for at least one network slice a slice authentication server is operational, the secure chip card comprising a secured memory with at least one slice authentication application.Type: GrantFiled: November 19, 2020Date of Patent: February 25, 2025Assignee: THALES DIS FRANCE SASInventors: Jan Siba, Lionel Rozak-Draicchio, Vincent Dany
-
Publication number: 20250054334Abstract: Provided is a cross-spectral face recognition learning method based on a set of associated face images, a thermal image and a visual image, of a plurality of persons. The thermal image is coded in two different ways. A style encoder provides a style code of the thermal image. An identity encoder provides an identity code of the thermal image. The visual image is coded in a similar way with a style encoder providing a style code and with an identity encoder providing an identity code. The two face images of the same person share in the identity features a common part in the respective identity codes, noted as common identity code, whereas the style codes for the two images comprise features only relevant two the specific style, i.e. either thermal or visual, of the image. Other embodiments disclosed.Type: ApplicationFiled: December 13, 2022Publication date: February 13, 2025Applicants: THALES DIS FRANCE SAS, THALES, BOARD OF TRUSTEES OF MICHIGAN STATE UNIVERSITY, INRIA INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET EN AUTOMATIQUEInventors: David ANGHELONE, Philippe FAURE, Cunjian CHEN, Arun ROSS, Antitza DANTCHEVA
-
Publication number: 20250055687Abstract: Provided is a method to secure against side channel attacks performing a cryptographic operation of a cryptographic algorithm. It includes selecting a multiplier integer t and determining a second integer q? by multiplying said first integer q, determining (S2) an invertible random polynomial R[X] in said first polynomial ring Rq, randomizing (S3) the coefficients Ai of said input polynomial A[X] based on said determined second integer q? and said determined random polynomial R[X], performing (S4) the polynomial operation of the cryptographic operation on said randomized input polynomials A?[X], and unmasking (S5) the result polynomial Res?(X) by applying to its coefficients a modulo said first integer q operation. Other embodiments disclosed.Type: ApplicationFiled: December 15, 2022Publication date: February 13, 2025Applicant: THALES DIS FRANCE SASInventors: David VIGILANT, Mylène ROUSSELET, Fabrice PERION
-
Publication number: 20250054335Abstract: Provided is a thermal face and landmark detection method for providing a ground truth reference database, capturing a thermal image comprising at least one face, detecting a face in the thermal image, cropping the thermal image creating a cropped face thermal image, applying a Gaussian filters method to the cropped face thermal image creating an improved cropped face thermal image and applying a landmark detector to the improved cropped face thermal image creating an landmarked cropped face thermal image. Other embodiments disclosed.Type: ApplicationFiled: December 13, 2022Publication date: February 13, 2025Applicants: THALES DIS FRANCE SAS, THALES, BOARD OF TRUSTEES OF MICHIGAN STATE UNIVERSITY, INRIAInventors: David ANGHELONE, Philippe FAURE, Cunjian CHEN, Antitza DANTCHEVA, Valeriya STRIZHKOVA
-
Publication number: 20250053766Abstract: Provided is a data carrier comprising at least a first metallic layer, at least one electronic module, at least one antenna, and at least a second metallic layer. The second metallic layer is arranged after the first metallic layer with respect to an extension direction (E). The antenna is in connection with the electronic module. The first metallic layer is a continuous metallic layer delimiting a recess, and wherein the electronic module is at least partially arranged within said recess. Other embodiments disclosed.Type: ApplicationFiled: December 21, 2022Publication date: February 13, 2025Applicant: THALES DIS FRANCE SASInventors: Sébastien SUBRA, Jean-Luc MERIDIANO, Claude COLOMBARD, Stéphanie MILANINI
-
Patent number: 12225502Abstract: Provided is a method to operate a user equipment communicatively connected to at least two subscriber identity modules, which are at least assigned to a first and a cellular network, wherein the user equipment has assigned an independent paging identity in each of the first and second cellular networks for registration in said cellular networks. Other embodiments disclosed.Type: GrantFiled: November 18, 2020Date of Patent: February 11, 2025Assignee: THALES DIS FRANCE SASInventors: Volker Breuer, Ly-Thanh Phan, Benoît Jouffrey
-
Publication number: 20250047670Abstract: Method for provisioning a secure element with a profile, said secure element cooperating with a M2M terminal and being connected to the network of a first MNO thanks to a first profile, including requesting by a M2M service provider a second profile to the network of a second MNO; provisioning by said second MNO said second profile in the network of said second MNO; sending from said network to a subscription manager an order to download said second profile; terminating said first profile to the network of said first MNO; barring by said first MNO said subscription in the network of said first MNO; performing by said secure element a Fall-Back procedure; attaching said secure element to a provisioning HLR by using said provisioning profile; downloading from said subscription manager to said secure element said second profile; and enabling said second profile to become an operational profile.Type: ApplicationFiled: November 30, 2022Publication date: February 6, 2025Applicant: THALES DIS FRANCE SASInventors: Pierre SAGNES, Marc LAMBERTON, Gerald GLINKA-HECQUET
-
Publication number: 20250047478Abstract: Provided is a method for generating, by a random number generator of a cryptographic system, an independent bit sequence from a binary candidate random stream, said random generator comprising a source of randomness configured to generate a random noise, an analog to digital converter configured to generate a binary raw random stream by digitizing said random noise, said candidate random stream being obtained from said raw random stream. Other embodiments disclosed.Type: ApplicationFiled: December 2, 2022Publication date: February 6, 2025Applicant: THALES DIS FRANCE SASInventors: Benjamin DUVAL, Olivier FOURQUIN, Yannick TEGLIA
-
Publication number: 20250045231Abstract: The present disclosure relates to a data processing system comprising a bus interconnect structure, a slave device coupled to the bus interconnect structure, a slave protection unit coupled to the bus interconnect structure, a plurality of master devices coupled to the bus interconnect structure, each master device of said plurality of master devices having a master identifier, wherein a master device is configured to run concurrently different threads, and, when a thread run by said master device requests access to said slave device, for issuing on the bus interconnect structure an access request comprising its master identifier and a thread identifier assigned to said thread.Type: ApplicationFiled: September 20, 2022Publication date: February 6, 2025Applicants: THALES DIS FRANCE SAS, THALESInventors: Yannick TEGLIA, Jean Roch COULON, André SINTZOFF, Antoine CHRISTIN
-
Publication number: 20250038979Abstract: Provided is a method for non-repudiable endorsement of a private attestation. The method includes receiving an attestation from a Private Attribute Provider responsive to a request from a user declaring the attestation, securely binding pivotal attributes in the Attestation selected by the user once authenticated to an Issuing Authority, and securely binding the user to the attestation by way of their connected device. The method produces an endorsed attestation that includes signed server proof. This is provided by the user through their connected device to a service provider for receiving a service otherwise requiring third party trusted proof. Other embodiments are disclosed.Type: ApplicationFiled: December 2, 2022Publication date: January 30, 2025Applicant: THALES DIS FRANCE SASInventors: Frederic ROMANE, Georges DEBOIS, Mourad FAHER
-
Publication number: 20250030732Abstract: Provided is a method and device for protecting a computerized digital security device against side-channel, fault injection, and timing attacks, the method comprising identifying asynchronous tasks to be performed by the computerized digital security device by placing identified asynchronous tasks in an asynchronous task queue; and executing a first application, including non-linearizing execution of the application by selecting at least one task from the asynchronous task queue, executing the selected at least one task, removing the selected at least one task from the asynchronous task queue. Other embodiments disclosed.Type: ApplicationFiled: December 5, 2022Publication date: January 23, 2025Applicant: THALES DIS FRANCE SASInventors: Emmanuel LEPAVEC, Xavier MINETTE DE SAINT-MARTIN, Dominique BOUVERON