Abstract: Various embodiments relate to a system for provisioning a cryptographic device, including: a memory; a processor coupled to the memory, wherein the processor is further configured to: determine the maximum key generation seed size, maximum PQC private key size, maximum PQC public key size, and maximum PQC updater size of a plurality of post quantum cryptography algorithms; provision memory in the cryptographic device to store a key generation seed, PQC private key, PQC public key, and PQC updater based upon the determined maximum key generation seed size, maximum PQC private key size, maximum PQC public key size, and maximum PQC updater size; and provision the cryptographic device with a non-PQC secret key, a non-PQC public key, and non-PQC algorithm code configured to carry out non-PQC cryptographic algorithms.

Abstract: Various embodiments relate to a system for provisioning a cryptographic device, including: a memory; a processor coupled to the memory, wherein the processor is further configured to: determine a maximum PQC private key size, maximum PQC public key size, and maximum PQC updater size of a plurality of post quantum cryptography algorithms; provision memory in the cryptographic device to store a PQC-update non-PQC private key, a secret PQC-update non-PQC public key, PQC private key, PQC public key, and PQC updater based upon the determined maximum PQC private key size, maximum PQC public key size, and maximum updater size; and provision the cryptographic device with the PQC-update non-PQC private key, the secret PQC-update non-PQC public key, a non-PQC secret key, a non-PQC public key, and non-PQC algorithm code configured to carry out non-PQC cryptographic algorithms.

Abstract: According to an aspect of the invention, an electronic lock is conceived, being adapted to harvest energy from a radio frequency (RF) connection established between a mobile device and said electronic lock, further being adapted to use the harvested energy for processing an authorization token received via said RF connection from the mobile device, and further being adapted to use the harvested energy for controlling an unlocking switch in dependence on a result of said processing.

Abstract: A system and method for obtaining an authorization key to use a product utilizes a secured product identification code, which includes a serial number and at least one code that is generated based on a cryptographic algorithm.

Abstract: A method for storing or reading data in a memory array of a transponder and a corresponding transponder, read/write device and program element is described. Therein, a data structure for storing data within the memory array is defined by a predetermined protocol. The data structure comprises: a header data block including predefined header data; an application data block for storing application data; a memory control data block including a reservation indicator for indicating a reserved partial memory area of the memory array where, in accordance with the predetermined protocol, application data cannot be read or written by a protocol compliant reader device. The method for storing data comprises storing additional application data in the reserved partial memory area.

Abstract: A method for low-level security based on the UID. In particular it enhances an RFID system by adding the ability to dynamically modify the UID of the smartcard or to randomly generate a new UID for the smartcard.

Abstract: An apparatus for storing or reading data in a memory array of a transponder and a corresponding transponder, read/write device and program element is described. Therein, a data file system for storing data within the memory array is defined by a predetermined protocol. The storing additional data includes checking whether a memory size of the application data file is larger than the memory size indicated by the application data length indicator; and storing second application data in a partial memory area of the application data file not occupied by the first application data. Thereby, memory areas which, according to the predetermined protocol, are not used can be used for new applications, data can be hidden in these areas such that they can not be read by protocol compliant reader devices and the data structure read or written is compatible with the former predetermined protocol.

Abstract: A system and method for obtaining an authorization key to use a product utilizes a secured product identification code, which includes a serial number and at least one code that is generated based on a cryptographic algorithm.

Abstract: According to an aspect of the invention, an electronic lock is conceived, being adapted to harvest energy from a radio frequency (RF) connection established between a mobile device and said electronic lock, further being adapted to use the harvested energy for processing an authorization token received via said RF connection from the mobile device, and further being adapted to use the harvested energy for controlling an unlocking switch in dependence on a result of said processing.

Abstract: A system and method for obtaining an authorization key to use a product utilizes a secured product identification code, which includes a serial number and at least one code that is generated based on a cryptographic algorithm.

Abstract: Certain legacy contactless card readers recognize only applets having a short-form AID. However, the long-form AID applets can allow more functionality and specifically can allow use of multiple software applications within a mobile device. A legacy card reader requests invocation of a software applet based on the short-form AID known to the legacy card reader. A router applet operating on the mobile device receives the request for the short-form AID applet, determines the long-form AID applet corresponding to the short-form AID applet, and routes the request to the long-form AID applet, thereby invoking the long-form AID applet. In this manner, legacy readers that have stored therein only the short-form AID applet can invoke the functionality of the long-form AID applet on the smart card. Additionally, newer readers implementing the long-form AID applet can request directly the long-form AID applet.

Abstract: Systems, methods, computer programs, and devices are disclosed herein for partitioning the namespace of a secure element in contactless smart card devices and for writing application data in the secure element using requests from a software application outside the secure element. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. A control software application resident in the same or a different secure element provides access types and access bits, for each access memory block of the secure element namespace, thereby portioning the namespace into different access types. Further, a software application outside the secure element manages the control software application by passing commands using a secure channel to the secure element, thereby enabling an end-user of the contactless smart card device or a remote computer to control the partitioning and use of software applications within the secure element.

Abstract: An apparatus for storing or reading data in a memory array of a transponder and a corresponding transponder, read/write device and program element is described. Therein, a data file system for storing data within the memory array is defined by a predetermined protocol. The storing additional data includes checking whether a memory size of the application data file is larger than the memory size indicated by the application data length indicator; and storing second application data in a partial memory area of the application data file not occupied by the first application data. Thereby, memory areas which, according to the predetermined protocol, are not used can be used for new applications, data can be hidden in these areas such that they can not be read by protocol compliant reader devices and the data structure read or written is compatible with the former predetermined protocol.

Abstract: A method and system for managing a set of applications stored on a mobile terminal, comprising an access to said set of applications enabling at least one specific function to be accessed by at least one application using an application manager.

Abstract: An integrated circuit 100 is provided, which is configured for authentication itself and technical information concerning the integrated circuit or its installed software to an external computing device 200. The integrated circuit 100 comprises a signer 130 for producing a signature over the information and a challenge using a cryptographic signing key, and a communication module 110 for providing the information and the signature to the computing device 200. In response to receiving the information and the authentication, the computing device 200 may install new application code on the integrated circuit. After the installation, the integrated circuit may authenticate information concerning the new application code to other computing devices. The integrated circuit is advantageously a multiple application smart card, since it allows application providers to obtain trust in the multiple application smart card without having a relationship with its manufacturer.

Abstract: A method for storing or reading data in a memory array of a transponder and a corresponding transponder, read/write device and program element is described. Therein, a data file system for storing data within the memory array is defined by a predetermined protocol. The method for storing additional data includes checking whether a memory size of the application data file is larger than the memory size indicated by the application data length indicator; and storing second application data in a partial memory area of the application data file not occupied by the first application data. Thereby, memory areas which, according to the predetermined protocol, are not used can be used for new applications, data can be hidden in these areas such that they can not be read by protocol compliant reader devices and the data structure read or written by the method of the invention is compatible with the former predetermined protocol.

Abstract: Communication between a software application midlet of a contactless payment device and a control applet resident within a secure element of the contactless payment device includes selecting, on the software application midlet, a card applet to configure from a registered list of card applets, the list comprising application identifiers (AIDs) of card applets resident in the secure element; transmitting, through a secure channel, to the control applet on the secure element, the selected card applet's AID and an instruction for a selected function to be performed on the selected card applet; invoking, by the control applet, process method function calls of a card runtime environment, wherein the process method function calls are defined by the card issuer or the card runtime environment for performing the selected function on the selected card applet; and rendering the process method function calls, thereby performing the selected function on the selected card applet.

Abstract: Systems, methods, computer programs, and devices are disclosed herein for partitioning the namespace of a secure element in contactless smart card devices and for writing application data in the secure element using requests from a software application outside the secure element. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. A control software application resident in the same or a different secure element provides access types and access bits, for each access memory block of the secure element namespace, thereby portioning the namespace into different access types. Further, a software application outside the secure element manages the control software application by passing commands using a secure channel to the secure element, thereby enabling an end-user of the contactless smart card device or a remote computer to control the partitioning and use of software applications within the secure element.

Abstract: A contactless tag reader device comprises upper and lower electrodes which together define a tag location zone between them in which multiple tags can be placed. The lower electrode and the upper electrode are offset from each other such that they substantially do not overlap. This structure is used to sandwich tags vertically between two horizontally (laterally) offset reader electrodes. This enables power coupling and data transfer using capacitive coupling.

Abstract: Systems, methods, computer programs, and devices are disclosed herein for partitioning the namespace of a secure element in contactless smart card devices and for writing application data in the secure element using requests from a software application outside the secure element. The secure element is a component of a contactless smart card incorporated into a contactless smart card device. A control software application resident in the same or a different secure element provides access types and access bits, for each access memory block of the secure element namespace, thereby portioning the namespace into different access types. Further, a software application outside the secure element manages the control software application by passing commands using a secure channel to the secure element, thereby enabling an end-user of the contactless smart card device or a remote computer to control the partitioning and use of software applications within the secure element.