Abstract: A method is described for implementing a current service of a chain of n services, the method including receiving, from the service preceding the current service in the chain, a first routing token comprising message routing data between the services in the chain, and verifying that the current service is a legitimate recipient of the first routing token. After implementing a function of the current service, the method also includes generating a current chaining token from a data of evidence of a passage through the current service, and transmitting, to the service following the current service in the chain, the current chaining token and a second routing token determined from the first routing token.

Abstract: A method is described for implementing a current service, of a chain of n services, the method including receiving, from the service preceding the current service in the chain, a first routing token comprising message routing data between the services of the chain and a first chaining token comprising data of evidence of a passage through the previous service, and verifying that the current service is a legitimate recipient of the first routing token. The method also includes implementing a function of the current service, generating a second chaining token based on the first chaining token and a second routing token determined from the first routing token, and transmitting, to the service following the current service in the chain, the second chaining token and the second routing token.

Abstract: A secure method for data exchange between a terminal and a server is described. The server can use a cryptographic module configured to encrypt or decrypt a message based on input parameters comprising the message, a response to a challenge and a symmetric key. The terminal can use a white-box cryptography module constituting a white-box implementation of the cryptographic module of the server for this symmetric key.

Abstract: A method for mutual authentication between user equipment and a communications network. The network includes a mobility management entity and a home subscriber server. The method, implemented by the user equipment, includes: receiving an authentication challenge having an token based on a first index and a first authentication message calculated by the home subscriber server and based on a first sequence number; checking that a condition of a set is true, the set including: the first sequence number is the same as a second sequence number stored in the user equipment, and the first sequence number is the same as a preceding value of the second sequence number and the first index is higher than a second index stored in the client equipment; and calculating and sending, when a condition is true, an authentication result and an authentication message, based on the preceding value of the second sequence number.

Abstract: A method for mutual authentication between user equipment and a communications network. The network includes a mobility management entity and a home subscriber server. The method, implemented by the user equipment, includes: receiving an authentication challenge having an token based on a first index and a first authentication message calculated by the home subscriber server and based on a first sequence number; checking that a condition of a set is true, the set including: the first sequence number is the same as a second sequence number stored in the user equipment, and the first sequence number is the same as a preceding value of the second sequence number and the first index is higher than a second index stored in the client equipment; and calculating and sending, when a condition is true, an authentication result and an authentication message, based on the preceding value of the second sequence number.

Abstract: A method is provided for generating a correspondence table suitable for use in a cryptographic processing method and comprising storing a plurality of input data and of output data in the table, each input datum being associated with at least one output datum in the table. For each input datum, at least one of the output data is obtained by applying a coding function to a first subsidiary datum and to an encrypted intermediate datum depending on the input datum. Also provided are a corresponding encryption method, a storage unit suitable for storing the correspondence table generated by the above generation method, a device for physically implementing such a correspondence table, a decryption device including such a storage unit, and a computer program product suitable for implementing the above generation method.

Abstract: A method and apparatus are provided to perform a cryptographic task on at least one numerical datum in an electronic hardware component. The method includes a step of at least partial use of an encryption function. This encryption function includes a basic encryption function obtained by the addition between an intermediate function arising from composition of a coding function with a first function, and a second function. This method can be applied to the encryption of a datum or to the decryption of a datum. Also, a method is provided for generating a public key and a device able to implement one of these methods.

Abstract: A method is provided for generating a correspondence table suitable for use in a cryptographic processing method and comprising storing a plurality of input data and of output data in the table, each input datum being associated with at least one output datum in the table. For each input datum, at least one of the output data is obtained by applying a coding function to a first subsidiary datum and to an encrypted intermediate datum depending on the input datum. Also provided are a corresponding encryption method, a storage unit suitable for storing the correspondence table generated by the above generation method, a device for physically implementing such a correspondence table, a decryption device including such a storage unit, and a computer program product suitable for implementing the above generation method.

Abstract: A method and apparatus are provided to perform a cryptographic task on at least one numerical datum in an electronic hardware component. The method includes a step of at least partial use of an encryption function. This encryption function includes a basic encryption function obtained by the addition between an intermediate function arising from composition of a coding function with a first function, and a second function. This method can be applied to the encryption of a datum or to the decryption of a datum. Also, a method is provided for generating a public key and a device able to implement one of these methods.

Abstract: In a method of establishing a secure communication link between a first terminal and a second terminal, the first terminal is connected to a third terminal which can be connected to a mobile telephone network and the second terminal is connected to an authentication element of the telephone network. The method includes: transfer of an authentication datum from the third terminal to the network authentication element; following authentication of the third terminal, the transfer of a random variable from the network authentication element to the third terminal; the parallel generation of a session key by the third terminal and the network authentication element from the random variable; the generation by the first and second terminals of a shared key from the session key; and the opening of a secure communication link with the use of the shared key.

Abstract: The invention relates to a public key cryptographic method and system, a certification server and memories adapted for said system. In said public key cryptographic system, there is insufficient information contained in an electronic public key certificate alone to retrieve the public key. The inventive system comprises at least a second memory (52, 72) in which complementary information is stored, which can be used to retrieve the public key when used together with the information contained in the certificate. According to the invention, access to said complementary information is reserved to a limited number of authorised terminals among the group of terminals that can verify the certificate signature.

Abstract: A method of enciphering information constituted by a finite sequence {S1,S2, . . . ,SN} of N symbols (S1,S2, . . . ,SN) selected from an alphabet A. There are defined both a secret convention of p key symbols K1, . . . ,Kp selected form a second alphabet B, and a multivariate function M having m+1 variables (m<=N): M(Xi1, . . . ,Xim,Y) operating Am?B in A, {i1, . . . ,im} being m distinct indices in the range [1,N] and the function M being bijective relative to at least one (Xi1) of the m variables of A. A succession of X permutations are performed on the sequences {S1,S2, . . . ,SN} such that where {S1,S2, . . . ,SN} is the sequence prior to the jth permutation, the sequence after the jth permutation is {S2,S3, . . . ,SN,Zj}, where Zj is equal to M(Si1, . . . ,Sim,Kj) the enciphered information being constituted by the sequence {S?1,S?2, . . . ,S?N} obtained after the Xth permutation.

Abstract: In order to prevent the use of a virtual prepaid card illegitimately acquired and transmitting only one identification code, for example read after the card has been scratched, to a service provision server, a second code is delivered on paying for the card, and the two codes have to be authenticated so that the user-purchaser of the card can subsequently use the service concerned in the server still using only the first code.

Abstract: A method of enciphering information constituted by a finite sequence {S1,S2, . . . ,SN} of N symbols (S1,S2, . . . ,SN) selected from an alphabet A. There are defined both a secret convention of p key symbols K1, . . . ,Kp selected form a second alphabet B, and a multivariate function M having m+1 variables (m<=N): M(Xi1, . . . ,Xim,Y) operating Am□B in A, {i1, . . . ,im} being m distinct indices in the range [1,N] and the function M being bijective relative to at least one (Xi1) of the m variables of A. A succession of X permutations are performed on the sequences {S1,S2, . . . ,SN} such that where {S1,S2, . . . ,SN} is the sequence prior to the jth permutation, the sequence after the jth permutation is {S2,S3, . . . ,SN,Zj}, where Zj is equal to M(Si1, . . . ,Sim,Kj) the enciphered information being constituted by the sequence {S′1,S′2, . . . ,S′N} obtained after the Xth permutation.

Abstract: In order to prevent the use of a virtual prepaid card illegitimately acquired and transmitting only one identification code, for example read after the card has been scratched, to a service provision server, a second code is delivered on paying for the card, and the two codes have to be authenticated so that the user-purchaser of the card can subsequently use the service concerned in the server still using only the first code.