Abstract: The invention concerns a method for calculating a control datum of a secret key algorithm with N bits, including N-N/n random and encryption bits and N/n checksum bits. The invention is characterised in that it comprises the following steps: encrypting a specific message of K bits using N/n encryption bits of the key; constructing a control datum by selecting N/n bits among the K bits of the encrypted message; integrating one of the N/n bits of said control datum in all the n-1 encryption bits so as to constitute a complete secret key of N bits. The invention is particularly applicable to the data encryption standard (DES), the control datum being constructed from a constant message.

Abstract: The RSA enciphering algorithm is the most widely used public key enciphering algorithm. The invention consists of defining a method for considerably reducing the size of the signatures to be transmitted. The invention can be used easily in an electronic component of the smart card type.

Abstract: An operational instruction (Adrm) of the data reading, writing or modification type, or transaction, in a ROM memory (ME) of a microcontroller (CP) may be attacked by a command (COM) from a EEPROM memory (MC) of the microcontroller in order to access a secret data item (DS) instead of a public data item (CB), in response to an end instruction (Adr(m+3)). A test (Adr(m+1)) is immediately executed following an operational instruction (Adrm) in order to protect the latter. The test condition such as comparison is related to at least one operand (DPTR) of the said operational instruction. The result (CB) of the operational instruction is transferred to the EEPROM memory only when the condition is satisfied.

Abstract: The invention features a public key cryptography method based on the discrete logarithm which computes a value Gkmod p. Two solutions are proposed to reduce the number of multiplications, one consisting in generating “hollow” k exponents with a few bits of value 1, but of sufficient length to maintain the total security of the system, and the other consisting of performing calculations of the powers of g in parallel while combining the exponents with each other in order to prevent repeating the same power computations twice for a given exponent. The invention is useful for generating digital signatures, authentication and encryption.

Abstract: A method relating to probabilistic digital signatures of a message, between a signatory and a checker, uses an algorithm based on the calculation of a discrete logarithm. For the signatory, at least two signatures are generated for the same unchopped message, these signatures being calculated by the algorithm by means of the same public and private key parameters using respectively distinct random values. For the checker, all the signatures of the message are checked.

Abstract: A method for implementing private key protocols between two processing devices of which at least one is a portable storage medium. The devices are fitted with a digital processing circuit for performing modular calculation operations with a view to executing operations such as modular multiplication, the processing circuit is used to implement a private key encryption function consisting of a series of reversible operations comprising at least a combination of two operations, i.e. a modular calculation operation and a binary logic operation, and said function is applied either for encrypting or signing messages to be transmitted, or for decrypting received messages.

Abstract: Method of public key cryptography based on the discrete logarithm that makes use of the computation of the variable r=g.sup.k modp where p is a prime number called a modulus, the exponent k is a random number usually with a length of N bits and g is an integer called a base, wherein an entity E carries out operations of authentication and/or of signature, including exchanges of signals with another entity in which this variable comes into play.

Abstract: Processes for generating digital signatures for electronic messages. Modifying signature-generating algorithms, such as DSAs (Digital Signature Algorithms), in order to enable smart cards with reduced calculation and storage resources to produce digital signatures with a high degree of security in spite of their reduced resources. The signature-checking terminal sends a random number a and measures the time taken by the card to send back a signal s using this random number. If the time is greater than a given duration, the signature is rejected even if the check of its authenticity is positive. In addition, part of the signature (the part which does not use the secret card key but only the public algorithm parameters) is precalculated and stored in the card in the form of signature portions produced by a compression function such that they are short. Only the second part of the signature has to be calculated by the card.

Abstract: Normally, speed control is carried out by police using radar and camera. The speed of a car can also be recorded in a tachograph. According to the invention car speed is controlled and/or limited using driver-specific smart-cards and millimeter wave communications. When a car (13) enters the sector of a new transmitter (11), its card reader receives a signal telling the reader to consider the time information (t.sub.1) received from the transmitter as a starting time. When the car exits this first sector and penetrates the perimeter of a second transmitter (12), the reader receives over the air a second time information (t.sub.2) and other information (v.sub.1, d.sub.1) from which the speed is calculated and recorded within the card reader. The police can check the recorded information by inserting a special card into the reader.

Abstract: The invention relates to a process for generating digital signatures from portable apparatuses (A1, A2, . . . Ai . . . An) of the microprocessor-based card type, including means for computation, communication and retention of data, which means comprise at least one electrically programmable non-volatile memory, consisting in preparing enciphered data constituting coupons and loading these coupons into the non-volatile memories so as later to use these coupons in order to sign a message sent by a verifier device. According to the process, the preparation of the coupons is carried out by a certified central authority B or by the card itself.

Abstract: The present invention relates to a method, identification device and verification device for identification and/or performing digital signature which allows zero-knowledge access control. For many applications, e.g. smart cards for Pay-TV purposes, credit cards, passports, dongels or other kind of electronic keys, unforgeable systems for access control or digital signature are required. Such access control and signature systems may include public keys. But in many of such public key systems the key management becomes very complicated when the number of users increases. The invention uses the fact that it is difficult to compute roots mod n when factoring of n is unknown. The invention is based on the identity: x.sup.d (x.sup.-1).sup.d =1 mod n which is computed and verified between an identification device and a verification device. An authority records seed data, the modulus n, a pseudo-random function and a set of numbers derived from roots modulo n on an identifier device.

Abstract: An access control system involves a first cryptographic device communicating with a second cryptographic device using a modulo-based protocol. To transmit a message from the first device to the second device, a random number is combined with the number representing the message without using a modulo operation. As a result, the message is hidden. By performing a modulo operation in the second device on the received hidden message, the original message can be recovered. Modular operations by the first device can be avoided reducing the number of modular operations.

Abstract: In a system for controlling access to signals such as pay-TV signals, the signals include data packets that are received and by a decoder and forwarded to a smart card for access authorization processing. The data packets contain information that updates entitlement or access authorization data inside the smart card. Time-related data is added to the data packets. The smart card checks to determine if the time-related data evolves between two successive packets. If not, the smart card inhibits the delivering of descrambling parameters to the decoder.

Abstract: A system providing access control, including encryption and decryption capability, replaces a public key directory by a transmission between an authority, or a sender S, and a receiver R of a "seed" value. The seed is processed to provide both identity information for R and public keys, i.e. a "virtual public key directory", or VPKD. The VPKD is generated prior to execution of the algorithm requiring the public directory, i.e. the host algorithm.

Abstract: Memory cards are cheap and contain memory means, but can be forged and duplicated easily. Smart-cards contain also a microprocessor and can be used for cryptographic purposes, but are much more expensive. The plastic support of the card contains randomly distributed ferrite particles (eg. small steel marbles, introduced into the plastic paste during the melting process). This random distribution of the particles is assumed to be impossible to control or influence during the process of fabrication. For personalizing a card, the issuing authority scans the plastic support of the card with a magnetic inductance detector, thereby reading the emplacement of the ferrite particles as a number p. Then the authority computes s=SIG(ID,p), where "SIG" denotes any secure public-key digital signature algorithm and ID the identification details of the card's owner. Finally, s and ID are recorded in the memory means of the card.

Abstract: A system comprises at least, two parts, connected to each other by the means of a common communication interface wherein a first communicating apparatus A, having data processing means, communication means, memory means and random or pseudo-random generation means relies of the computational power of a second communicating apparatus B having data processing means, communication means and memory means in order to compute the inverse of a first number x modulo a second number n and use the resulting modular inverse in an encryption, decryption, key exchange, identification or digital signature cryptographic protocol.

Abstract: The process concerns a system, comprising communication devices A1, A2, . . . A.alpha. connected to a central verification device B by the means of communication interfaces wherein each device Ai, having data processing means, communication means, memory means and random or pseudo-random generation means, transmits to the device B, having data processing means, communication means and memory means, a set of DSS digital signatures. Once all the signatures has been received by device B, device B verifies them simultaneously by performing few calculations for verifying a great same number of signatures sequentially.