Abstract: The present invention relates to a method for processing an image executed by a terminal (1), comprising steps of receiving a proof datum previously input by a user of the terminal (1), setting (104, 106) of at least one parameter to a first value when the proof datum is equal to a secret reference datum, and to a second value different to the first value when the proof datum is different to the secret reference datum, and generation (200) of an output datum from an input datum being or dependent on an image previously acquired by a sensor (4), and also from the parameter, the output datum having a value as function of the value the parameter has been set to.

Abstract: A method of sharing of a reference key (AppKey) between a connected object and at least one server. The method includes the object applying a function (f) to at least one datum (DevEUI, AppEUI, DevNonce) and to a key (KSE) specific to a secure element of the object to generate the reference key, transmitting to the server a join request of the object to a network of connected objects, which include the datum, and the key (KSE) of the secure element not being transmitted to the server. The method further includes obtaining, by the server, of the key (KSE) of the secure element on the basis of the request, the server applying the function (f) to the datum and to the key (KSE) obtained by the server, so as to obtain the reference key.

Abstract: The invention relates to a method for generating a cryptographic key for applying an access control method to a resource of a server (20) by a client-terminal (10), the method comprising the following steps: (E1) receiving a test biometric datum (DBtest), (E2) applying a decoding method to the test biometric datum (DBtest) and of a reference datum (Dref) for obtaining a cryptographic key (K?) such that: if the test biometric datum (DBtest) corresponds to the reference biometric datum (DBref), the cryptographic key generated (K?) is the legitimate cryptographic authentication key (Kl), otherwise, the generated cryptographic key (K?) is an illegitimate cryptographic authentication key (Ki) not allowing authentication of the client-terminal (10) at the server (20) during an access control, and (E3) using the generated key for applying an access control method (F3) to a resource of the server (20) by the client-terminal (10).

Abstract: A method for putting a first device in secure communication with a second device. The first device generating at least one first datum dependent on a private key specific to the first device and a public key specific to the second device. The second device generating at least one second datum dependent on a private key specific to the second device associated with the second device public key, and dependent on a third datum dependent on a public datum specific to the first device. Implementing a test verifying whether the first and second data meet a predetermined condition, and putting the first device in secure communication with the second device only if the predetermined condition is met. Before generating the second datum generating the third datum so that the predetermined condition is met only if input data are identical to reference secret data associated with the second device.

Abstract: A biometric identification method includes the steps of comparing a candidate print with a reference print and of validating the identification according to a certain number of characteristics common to both prints and a predetermined validation threshold. The method includes the steps of creating at least one deceiving print and comparing same with a candidate print. An identification device designed for implementing this method is also provided.

Abstract: The invention proposes a method comprising the evaluation of a function F obtained by applying to n sub-functions fi a first operation, the evaluation comprising: the application of a series of calculation steps in which a first unit assumes a role of a client and a second unit assumes a role of a server, and the repetition of the series of calculation steps in which the roles of client and of server are exchanged between the units, each series of steps comprising: a) randomly generating, by the server, first data, and a second datum, b) for each sub-function fi, generating by the server a set of elements formed by: a result of fi evaluated in the data of the client and of the server, masked by a first datum, by applying the first operation between the result and the first datum, and masked by the second datum, by applying between the masked result and the second datum of a second operation different from the first and distributed relatively to the latter, c) recovering by oblivious transfer, by the

Abstract: A method for calculating a function as a sub-function fX of a datum of a client, a sub-function fY of a datum, and a product of n indexed sub-functions fi of both data by randomly generating, n indexed invertible data ri from the set with m being a prime number, generating, for each i from 1 to n, a set for which each element is formed by a product of a datum ri with a possible result of the sub-function of two variables fi evaluated in both data, applying an oblivious transfer protocol between the client and a server so that the client recovers, for each i an intermediate datum ti equal to: ti=ri×fi(xi,Y), obtaining, by the client a result T from intermediate data such that: T=fX(X?)×?i=1nti, obtaining, by the server a result R from inverted data such that: R=fY(Y)×?i=1nri?1 using the results in a cryptographic application.

Abstract: A method for generating a message signature intended to be validated by a verifier server. A client device is configured to hold a private key and a corresponding public key. The method includes offline pre-computation by a hardware security module of a signature token, a result of encryption using a homomorphic encryption function, storage of the signature token generation of the signature of the encrypted message by the homomorphic encryption function from the result of the encryption by the homomorphic encryption function of the private key stored by the client device, of the signature token and of the message. The signature is intended to be validated by the verifier server by the public key.

Abstract: A method of securing a transaction carried out by a user having a computer unit connected to a computer server via a computer network, the user having a telecommunications terminal arranged to access a telephone network. The method includes a prior step of registering a synchronization parameter in the terminal, which parameter is shared with the server and varies in synchronized manner in the terminal and in the server. When the terminal cannot be connected to the telephone network, authentication is performed from a temporary code calculated by the terminal on the basis of the synchronization parameter and of a personal code of the user.

Abstract: The invention relates to a method of sharing of a reference key (AppKey) between a connected object (1) and at least one server (2), the method comprising the steps of: application (102) by the object (1) of a function (f) to at least one datum (DevEUI, AppEUI, DevNonce) and to a key (KSE) specific to a secure element of the object (1) to generate the reference key, transmission (108) to the server (2) of a join request of the object (1) to a network of connected objects, comprising the datum, the key (KSE) of the secure element (4) not being transmitted to the server (2), obtaining, by the server (2), of the key (KSE) of the secure element (4) on the basis of the request, application (208) by the server (2) of the function (f) to the datum and to the key (KSE) obtained by the server (2), so as to obtain the reference key.

Abstract: The present invention relates to a method for processing an image executed by a terminal (1), comprising steps of receiving a proof datum previously input by a user of the terminal (1), setting (104, 106) of at least one parameter to a first value when the proof datum is equal to a secret reference datum, and to a second value different to the first value when the proof datum is different to the secret reference datum, and generation (200) of an output datum from an input datum being or dependent on an image previously acquired by a sensor (4), and also from the parameter, the output datum having a value as function of the value the parameter has been set to.

Abstract: A biometric identification method of an entity including computation of a matching value between biometric data of an entity u and reference biometric data u?, by application of a function F to the biometric data. A non-interactive, publicly verifiable computation method is performed wherein representation of the function is obtained by converting an arithmetic circuit into a polynomial representation. A matching value is obtained by evaluating the arithmetic circuit and the reference biometric data as inputs. Proof of correction of the computation execution of the matching values is obtained. Verification of said received proof. The function is encoded with an integer k>1 of a vector of a biometric datum on at least one input wire of the circuit. The function includes at least m scalar products. Evaluation of the circuit is iteratively computed depending on the value of m.

Abstract: A functional program stored in a memory area of an electronic card may be protected against an attack by disturbance of electrical origin intended to modify at least one logic state of at least one code of this program. The method may include: a storage step during which codes of the functional program and codes of a check program intended to check the logical behavior of the functional program are stored in the memory of the card; and a step of executing at least one code of the functional program followed by a step of checking the logic states of the functional program by executing the check program. During the storage step, the codes of the check program are stored in a memory area formed by addresses that are defined so that the attack by disturbance of electrical origin has no influence on the logic states of this program.

Abstract: The invention presents a process for obtaining candidate reference data to compare to a data to be identified, implemented in a system comprising a client unit and a storage server comprising two databases, in which: —the first database comprises indexed memory blocks each comprising a corresponding encrypted indexed reference data, and —the second database comprises memory blocks indexed by all possible hash values obtained by a plurality of k indexed hash functions, and wherein each block contains a list of the indexes of the reference data which hashing by one of said hash function results in the hash value corresponding to said block, said process comprising the steps during which: —the client unit hashes the data to be identified with each of the plurality of hash functions, and reads the k memory blocks of the second database corresponding to the hash values thus obtained, the client unit identifies indexes contained in at least t out of k read memory blocks, and —the client unit reads the memory blocks

Abstract: The present invention relates to a method for configuring a cryptographic program (P) intended to be executed by a terminal (1), the method including the following steps implemented by the terminal (1): sending (102) to a secure element at least one execution command of an internal processing (F) by the secure element, receiving (104) at least one response datum (y) produced by the internal processing (F) executed by the secure element, the response datum (y) being specific to the secure element, updating the cryptographic program (P) according to the received response datum (y), such that output data produced by the cryptographic program (P) before and after the updating are different.

Abstract: The invention relates to an authentication method for authenticating a client device having an authentication token generated by means of a pseudo-homomorphic function and based on a secret element (PIN) known only by the client device, to a server, comprising: the generation (A1), by the client device, of proof of knowledge of the secret element based on a proof generation key masked with a first mask data item, said masked proof generation key being dependent on said secret element, the transmission to the server by the client device, of said generated proof of knowledge of the secret element (A2) and of the authentication token (J) masked using the mask data item (A3), the verification of the validity of the masked authentication token (A4) and of the validity of the proof of knowledge by the server (A6) by a zero-knowledge proof, proving the knowledge of said secret element by the client device without revealing it.

Abstract: The present invention concerns a method of generating a biometric certificate of a user performed by a data processing device of a certifying authority, comprising a step of generating (E4) a certificate for said user comprising data related to the identity of the user and truncated authentication data of said user generated using a method of generating a biometric authentication datum, comprising steps of: acquiring (E1) first biometric data of said user; generating (E2) a first a proof of knowledge of said first biometric data from the first acquired biometric data and from a pseudo-random function; generating (E3) a first truncated authentication datum by applying a truncation function to said first generated proof of knowledge.

Abstract: An embedded system and, in particular, a communication protocol suitable for a data transmission using auxiliary physical channels of such an embedded system. A transmission method suitable for such a channel includes the transmission of a data signal based on the encoding of three symbols. The message consists of a preamble allowing recognition of the symbols used, followed by the significant part of the message. The decoding of the message comprises a first step of learning the symbols used, prior to the decoding of the significant part of the message.

Abstract: A biometric identification method comprising the steps of comparing a candidate print with a reference print and validating identification as a function of a number of characteristics that are common in the two prints and of a predetermined validation threshold, the method being characterized in that it comprises the steps of altering the biometric characteristics of one of the two prints prior to comparison and of taking the alteration into account during validation.

Abstract: The invention relates to a method for generating a cryptographic key for applying an access control method to a resource of a server (20) by a client-terminal (10), the method comprising the following steps: (E1) receiving a test biometric datum (DBtest), (E2) applying a decoding method to the test biometric datum (DBtest) and of a reference datum (Dref) for obtaining a cryptographic key (K?) such that: if the test biometric datum (DBtest) corresponds to the reference biometric datum (DBref), the cryptographic key generated (K?) is the legitimate cryptographic authentication key (Kl), otherwise, the generated cryptographic key (K?) is an illegitimate cryptographic authentication key (Ki) not allowing authentication of the client-terminal (10) at the server (20) during an access control, and (E3) using the generated key for applying an access control method (F3) to a resource of the server (20) by the client-terminal (10).