Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: Disclosed herein are methods and systems for link-based enforcement of routing of communication sessions via authorized media relays. In an embodiment, a media relay receives encrypted first payloads from a first endpoint and encrypted second payloads from a second endpoint as part of a session. The encrypted first payloads require a first key for decryption and the encrypted second payloads requite a second key for decryption. The media relay is preconfigured prior to the session with secrets useable for identifying the first and second keys. The media relay decrypts the first payloads using the first key and decrypts the second payloads using the second key, and transmits the first payloads to the second endpoint and the second payloads to the first endpoint as part of the session.

Abstract: Disclosed herein are methods and systems for encrypting communications using a secure element. An embodiment takes the form of a method including the steps of performing a key-exchange procedure with an endpoint via a voice-communication device to obtain a symmetric seed key for a secure voice session with the endpoint; generating first and second symmetric session keys for the secure voice session based on the obtained symmetric seed key; receiving outbound voice packets from the voice-communication device in connection with the secure voice session, each outbound voice packet including a header and an unencrypted payload; using a first symmetric encryption algorithm and the first symmetric session key, followed by a second symmetric encryption algorithm and the second symmetric session key to generate and output twice-encrypted outbound-voice-packet payloads to the voice-communication device for transmission to the endpoint in connection with the secure voice session.

Abstract: Disclosed herein are methods and systems for enabling legal-intercept mode for a targeted secure element.

Abstract: Disclosed herein are methods and systems for authentication using zero-knowledge code. One embodiment takes the form of a process that includes detecting an accessory-access-request event associated with a trusted accessory. The process includes generating a seed sequence having a first number of seed-sequence elements. The process includes outputting an indication of at least one seed-sequence element. The process includes receiving at least one seed-sequence-element-modifier signal for at least one of the seed-sequence elements. The process includes modifying the generated seed sequence in accordance with the at least one received seed-sequence-element-modifier signal. The process includes comparing the modified seed sequence with a stored access sequence. The process includes granting operational access to the trusted accessory when the modified seed sequence matches the stored access sequence.

Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: System and method for establish secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: Disclosed herein are methods and systems for link-based enforcement of routing of communication sessions via authorized media relays. In an embodiment, a media relay receives encrypted first payloads from a first endpoint and encrypted second payloads from a second endpoint as part of a session. The encrypted first payloads require a first key for decryption and the encrypted second payloads requite a second key for decryption. The media relay is preconfigured prior to the session with secrets useable for identifying the first and second keys. The media relay decrypts the first payloads using the first key and decrypts the second payloads using the second key, and transmits the first payloads to the second endpoint and the second payloads to the first endpoint as part of the session.

Abstract: Disclosed herein are methods and systems for enabling legal-intercept mode for a targeted secure element.

Abstract: Disclosed herein are methods and systems for encrypting communications using a secure element. An embodiment takes the form of a method including the steps of performing a key-exchange procedure with an endpoint via a voice-communication device to obtain a symmetric seed key for a secure voice session with the endpoint; generating first and second symmetric session keys for the secure voice session based on the obtained symmetric seed key; receiving outbound voice packets from the voice-communication device in connection with the secure voice session, each outbound voice packet including a header and an unencrypted payload; using a first symmetric encryption algorithm and the first symmetric session key, followed by a second symmetric encryption algorithm and the second symmetric session key to generate and output twice-encrypted outbound-voice-packet payloads to the voice-communication device for transmission to the endpoint in connection with the secure voice session.

Abstract: Disclosed herein are methods and systems for authentication using zero-knowledge code. One embodiment takes the form of a process that includes detecting an accessory-access-request event associated with a trusted accessory. The process includes generating a seed sequence having a first number of seed-sequence elements. The process includes outputting an indication of at least one seed-sequence element. The process includes receiving at least one seed-sequence-element-modifier signal for at least one of the seed-sequence elements. The process includes modifying the generated seed sequence in accordance with the at least one received seed-sequence-element-modifier signal. The process includes comparing the modified seed sequence with a stored access sequence. The process includes granting operational access to the trusted accessory when the modified seed sequence matches the stored access sequence.

Abstract: System and method for establish secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: A protection device equips an electronic device comprising hardware and software capable of executing a sensitive process. This protection device comprises i) a detection means arranged for detecting a fault effect into the electronic device, resulting from at least one fault attack of an attacker during execution of the sensitive process, and ii) a correction means arranged for correcting this detected fault effect before it may be detected by the attacker, so that set up of the fault be considered as missed by this attacker.

Abstract: The invention relates to a method for entering data, data to be entered comprising at least one digit. A first device comprises at least one touch sensitive interface. The touch sensitive interface is sensitive to at least one touch. According to the invention, at least one digit being associated with no touch or a count of at least one touch, the method comprises the following steps. The first device detects, in a predetermined time period, a count of at least one touch that is or is not present at once or several times. The first or a second device determines the digit associated with no detected touch or a detected count of at least one touch, the second device being connected to the first device. The invention also relates to corresponding device and system.

Abstract: The invention is a method of protecting a data intended to be accessed by an operating system embedded in an electronic device. The operating system is intended to manage an object comprising a header and a body. The data is stored in the body. The object is recorded in a memory of the electronic device. The electronic device comprises a memory manager able to provide access to the memory. The memory manager forbids the operating system to access the body as long as a preset action has not been successfully performed.

Abstract: The invention relates to a verification of applications in interpreted language of the byte-code type (pseudo-code) loaded on portable electronic devices, in particular a chipcard and a method for verification of an application (31) interpreted by a virtual machine (42), said application being loaded on a portable electronic device (1), comprising at least one processor (2) and one RAM (5). The method comprises carrying out the following after loading said application in the device and before validation thereof, checks in the code of said application by means of a process carried out by the processor (2), characterized in comprising, on starting a sub-program, a step of backing up the actual verification context (200 to 203) in the RAM (5), a step for creation and activation of a new verification context (206 to 209) for the sub-program and a step for restoration of the verification context (200 to 203) previously backed-up.

Abstract: The invention relates to a method for generating masks in a communicating object, the masks being intended to mask data to be stored in the communicating object. At least one master mask is stored in the communicating object. According to the invention, the method involves applying at least one diversifier to the master mask so as to generate a diversified mask; masking the datum to be stored in the communicating object by a reversible function using the diversified mask, the mask generating a masked datum; and storing the masked datum in the communicating object with the diversifier used to generate the diversified mask for obtaining the masked datum. The invention also relates to a communicating object including components for implementing such a method.

Abstract: The invention relates to a verification of applications in interpreted language of the byte-code type (pseudo-code) loaded on portable electronic devices, in particular a chipcard and a method for verification of an application (31) interpreted by a virtual machine (42), said application being loaded on a portable electronic device (1), comprising at least one processor (2) and one RAM (5). The method comprises carrying out the following after loading said application in the device and before validation thereof, checks in the code of said application by means of a process carried out by the processor (2), characterized in comprising, on starting a sub-programme, a step of backing up the actual verification context (200 to 203) in the RAM (5), a step for creation and activation of a new verification context (206 to 209) for the sub-programme and a step for restoration of the verification context (200 to 203) previously backed-up.