Abstract: The present disclosure includes methods, devises and systems for preparing and installing one or more application keys owned by application owners in a remote device. The present disclosure further proposes methods, devices and systems for secure installation of subsequent application keys on a device utilising corresponding key derivation functions to associate an application with a respective policy and identifier using significantly Imv bandwidth for transfer of keys for execution of the respective application on the device.

Abstract: A method for remotely programming a programmable device designed to provide an expected sensitive result. The method including transmitting a first program code to the programmable device, the first program code being configured to get at least one distinctive data unique and physically inherent to the programmable device, retrieving the distinctive data, and transmitting a second program code based on the retrieved distinctive data to the programmable device, so as to load the second program code into the programmable device.

Abstract: A secure element has a secure processor for securely processing the digital information stored in a memory external to the secure element, and a loading and pre-processing system configured to load the digital information from the external memory into the secure element, and pre-process said digital information by executing a cryptographic algorithm before processing said digital information by the secure processor. The system reads a version number of the digital information that has been loaded, from an internal memory of the secure element, and uses said version number in executing the cryptographic algorithm.

Abstract: A method is provided in which digital information is stored in a plurality of segments in an external memory. The method is performed by a processing device and comprises the steps of loading a first integrity table containing a plurality of first integrity elements respectively authenticating the plurality of segments of digital information, and an associated digital signature of the plurality of first integrity elements, from the external memory; verifying the digital signature associated with the first integrity table, and loading segments of digital information in a protected form from the external memory to the processing device.

Abstract: A method if provided for securely processing digital information performed by a secure element having a secure processor. The method includes loading the digital information from an external memory into the secure element; segmenting the digital information into words of digital information (Wij,k), generating error-detection codes or error-correction codes from said words of digital information and associating said error-detection codes with the corresponding words; transferring the words of digital information and the associated error-detection codes or error-correction codes to the secure processor; and in the secure processor, verifying the words of digital information based on the associated error-detection codes or error-correction codes before processing the digital information contained in said words.

Abstract: The present disclosure includes methods, devises and systems for preparing and installing one or more application keys owned by application owners in a remote device. The present disclosure further proposes methods, devices and systems for secure installation of subsequent application keys on a device utilising corresponding key derivation functions to associate an application with a respective policy and identifier using significantly Imv bandwidth for transfer of keys for execution of the respective application on the device.

Abstract: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack.

Abstract: The present disclosure includes methods, devises and systems for preparing and installing one or more application keys owned by application owners in a remote device. The present disclosure further proposes methods, devices and systems for secure installation of subsequent application keys on a device utilising corresponding key derivation functions to associate an application with a respective policy and identifier using significantly low bandwidth for transfer of keys for execution of the respective application on the device.

Abstract: A method for anti-replay protection of a memory of a device, wherein the memory is used by and external to a secure element of the device, the method comprising the following steps, wherein the steps are performed in the device after a content of the memory is modified: generating device state data indicative of a state of the content of the memory; transmitting the device state data to a remote system for updating an authentication key of the device stored in a data storage of the remote system and for use by the remote system in an authentication procedure; and providing authentication information based on the device state data from the secure element to the remote system in the authentication procedure between the device and the remote system to verify a validity of the content of the memory.

Abstract: The present invention relates to a device having a central processing unit, RAM memory and at least two hardware elementary operations, using registers of greater size than the one of the central processing unit, said device being such that construction of at least one part of RAM memory is managed only by the hardware elementary operations, hardware elementary operations themselves and masking of inputs/outputs/intermediary data are monitored by software instructions, said software instructions being able to address different cryptographic functionalities using said hardware elementary operations according to several ways depending on each concerned functionality, said software instructions being further able to address several levels of security in the execution of the different functionalities.

Abstract: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack.

Abstract: The present disclosure includes methods, devises and systems for preparing and installing one or more application keys owned by application owners in a remote device. The present disclosure further proposes methods, devices and systems for secure installation of subsequent application keys on a device utilising corresponding key derivation functions to associate an application with a respective policy and identifier using significantly low bandwidth for transfer of keys for execution of the respective application on the device.

Abstract: Methods and devices in accordance with the disclosure relate to the secure provision of one or more keys or key pairs to protect secret data for, or associated, with a computing device. The device is typically a computing device with at least one processor or processing module configured for executing one or more applications using the secret data. The present disclosure ensures secure key provisioning by ensuring that each key in a key pair, or at least one key among a plurality of keys is associated with a device or hardware module that is distinct to the device(s) or hardware module associated with the other or remaining keys. For asymmetric key provisioning, this relates to utilizing digital signatures verified by separate devices. For symmetric key provisioning, this relates to utilizing a secret key derivation function that will operates with secret seeds that are input from two separate sources.

Abstract: Public-key cryptography allows putting into practice concepts of digital signatures and public-key key exchange; methods used on a daily basis in digital systems. A method generates a protected secret value k? used as a first operand in a cryptographic group operation involving a base group element G of order n and including: generating random positive integers k1 and k2, that are strictly smaller than the order of the group element G due to a cryptographically secure random number generator, such that the generated random positive integers k1 and k2 do not share any divisor with the order n other than 1; generating the protected secret value k? based on the generating random positive integers such as k?=k1*k2, the protected secret value k? being used as a second operand in the group operation.

Abstract: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack.

Abstract: A processing unit executes a sensitive computation using multiple different and independent branches that each necessitate a given number of processing unit time units to be executed. Each execution of a sensitive computation includes: generating at least as many identifiers as the number of branches; associating each identifier to a unique branch; generating a random permutation of identifiers, wherein the number of occurrences of each identifier in the permutation is at least equal to the number of processing unit time units in the shortest of the branches; successively determining, wherein the determining includes processing each identifier in the random permutation, which branch to execute by each successive processing unit time units according to the identifier in the random permutation; and for each identifier of the random permutation, executing a processing unit time unit for the branch determined according to the identifier in the random permutation.

Abstract: The present invention relates to a method to generate prime numbers on board a portable device, said method comprising the steps of, each time at least one prime number is requested: when available, retrieve results from previously performed derivation calculation or, if not, select a start point for derivation; process derivation calculation to converge towards a prime number; if a prime number is found, store it and restart derivation calculation from a new start point; stop the derivation calculation after a predetermined amount of time; store intermediate results to be used a next time a prime number will be requested; output a stored prime number.

Abstract: The present invention relates to a device having a central processing unit, RAM memory and at least two hardware elementary operations, using registers of greater size than the one of the central processing unit, said device being such that construction of at least one part of RAM memory is managed only by the hardware elementary operations, hardware elementary operations themselves and masking of inputs/outputs/intermediary data are monitored by software instructions, said software instructions being able to address different cryptographic functionalities using said hardware elementary operations according to several ways depending on each concerned functionality, said software instructions being further able to address several levels of security in the execution of the different functionalities.

Abstract: A method for obtaining a public-key digital signature for a data message (103) based on EdDSA, wherein the signature comprises a first data component (124) and a second data component (170). The method comprises receiving the first data component, a public key (114), a secret-integer (112), a secret-hash (122) and the data message, the first data component being an intermediate result of the EdDSA obtained from the secret-hash and the data message, wherein the secret-integer is derived from a part of a EdDSA private key (101). In different implementations, a first hash (141) and a second hash (151) are computed based on the first data component, the public key and the data message. The second data component is computed based on the first and second hash, the secret-integer, the secret-hash and a random value (161). The second data component is correct only if the first and second hashes are identical.

Abstract: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack.