Abstract: A method for the authentication of a first electronic entity (C) by a second electronic entity (H), wherein the first electronic entity (C) implements the following steps: reception of a challenge (HCH) from the second electronic entity (H); generation of a number (CCH) according to a current value of a counter (SQC) and a first secret key (K-ENC); generation of a cryptogram (CAC) according to the challenge (HCH) and a second secret key (S-MAC); and transmission of a response including the cryptogram (CAC) to the second electronic entity (H), without transmission of the number (CCH).

Abstract: A method for the authentication of a first electronic entity (C) by a second electronic entity (H), wherein the first electronic entity (C) implements the following steps: reception of a challenge (HCH) from the second electronic entity (H); generation of a number (CCH) according to a current value of a counter (SQC) and a first secret key (K-ENC); generation of a cryptogram (CAC) according to the challenge (HCH) and a second secret key (S-MAC); and transmission of a response including the cryptogram (CAC) to the second electronic entity (H), without transmission of the number (CCH).

Abstract: A method for receiving data (DATASEND) within an electronic entity (2) includes the following steps: establishment, between the electronic entity (2) and an external electronic apparatus, of a first secure channel by encipherment by element of a first cryptographic key (SK-ENC); reception, via the first secure channel, of a first command; reception of at least one second cryptographic key (BK-ENC) via the first secure channel; setting up, owing to the execution of the command, of a second secure channel by encipherment by element of the second cryptographic key (BK-ENC); and reception of the data (DATASEND) in the second secure channel. A corresponding electronic entity is also described.

Abstract: Disclosed is a secure electronic entity including a memory unit storing data in the form of multiplets and a processing module designed to receive data from an electronic device. The processing module is designed to determine a proof-of-integrity element in accordance with the data received and at least one portion of the stored multiplets, and to transmit the proof-of-integrity element to the electronic device. Also disclosed is a method for verifying the integrity of data stored in such a secure electronic entity.

Abstract: An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays.

Abstract: Disclosed are methods performed by, and devices including, a microcircuit card that makes it possible to set up a communication session between the microcircuit card and a contactless communication module via an SWP interface. An implementation of the method comprises: an initialization phase for the SWP interface; and a negotiation phase between the microcircuit card and the contactless communication module, the contactless communication module being suitable for maintaining the power supply of said microcircuit card during these phases. Among other reasons, the method is remarkable in that the microcircuit card prolongs said negotiation phase until the end of a procedure internal to the microcircuit card.

Abstract: An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays.

Abstract: Disclosed are methods performed by, and devices including, a microcircuit card that makes it possible to set up a communication session between the microcircuit card and a contactless communication module via an SWP interface. An implementation of the method comprises: an initialization phase for the SWP interface; and a negotiation phase between the microcircuit card and the contactless communication module, the contactless communication module being suitable for maintaining the power supply of said microcircuit card during these phases. Among other reasons, the method is remarkable in that the microcircuit card prolongs said negotiation phase until the end of a procedure internal to the microcircuit card.

Abstract: A method of access control to a communication interface of an integrated circuit, includes intercepting an event transmitted between a communication interface and an application performed by the integrated circuit, and transmitting the intercepted event if a specific parameter of the application indicates that the application is authorized to use the communication interface.

Abstract: A method of access control to a communication interface of an integrated circuit, includes intercepting an event transmitted between a communication interface and an application performed by the integrated circuit, and transmitting the intercepted event if a specific parameter of the application indicates that the application is authorized to use the communication interface.