Abstract: A method of pre-authentication of a first entity (10) by a second entity (1) communicating with each other via a wireless connection. The second entity (1) sends (23?) a challenge value (c). If the first entity (10) receives (23) a challenge value (c?), it applies to the received challenge value a predefined transformation (g) known to the second entity to obtain a first transformed value (r) and then sends (24) the first transformed value (r) obtained. If the second entity receives (24?) a transformed value (r?), it compares (25?) the received transformed value to a second transformed value (r?) obtained by applying the predefined transformation (g) to the challenge value sent and considers the pre-authentication to have succeeded if the result of comparing the second transformed value obtained and the transformed value received is below a predefined threshold (m).

Abstract: A system and a method for cryptographic reduced-coupon reloading are provided, where a coupon includes a pseudo-random number ri=PRFK(i), where i is an index for labeling the coupon, PRF is a predetermined pseudo-random function and K is a regeneration key, and a “reduced-coupon” xi=ƒ(ri), where ƒ is a predetermined one-way function, where: a candidate device and a second device acquire a common value of a token T, the candidate device transmits a verification value vT to the second device, the second device verifies whether the verification value is equal to PRF?Q(T), where PRF? is a predetermined keyed pseudo-random function identical to, or derived from, the pseudo-random function PRF, where Q is an authentication key owned by the second device and known to the candidate device provided the candidate device is a legitimate reloading device, and if the verification is positive, one or several reduced-coupon(s) provided by the candidate device are stored in the second device.

Abstract: A method for authenticating an entity by a verifier, the entity having an identifier, the verifier having a pair of private and public keys, comprising: sending to the entity a first random number selected by the verifier; a step wherein the entity encrypts a value by means of the public key of the verifier, said value including the first random number and an authentication datum on which the identifier of the entity depends; and the entity of said encrypted value sending a reply to authenticate said entity. The invention can be applied to the field of low-cost cryptography, especially the field of radio-identification.

Abstract: The invention relates to a method for generating a list signature for a message to be signed, said method comprising steps which are carried out by an electronic material support of a member of a list. During said step, the electronic material support only generates an electronic signature according to a sequence number supplied to the electronic material support by a certifying authority, according to evidence of belonging to the list of members, to data relating to the electronic material support, and optionally to a key of an authority qualified to lift the anonymity of the generated signature.

Abstract: A technique for secure delegation of calculation of a value f(X,Y) of a bilinear application in a computational server. The technique comprises selection of two secret parameters a and b; calculation of the numbers Xa and Yb; supply of the two numbers Xa and Yb to the computational server; calculation of f(Xa, Yb) by said server; receipt of the value of f(Xa,Yb) from the server; extraction of the abth root of f(Xa,Yb).

Abstract: A method for authenticating an entity by a verifier, the entity having an identifier, the verifier having a pair of private and public keys, comprising: sending to the entity a first random number selected by the verifier; a step wherein the entity encrypts a value by means of the public key of the verifier, said value including the first random number and an authentication datum on which the identifier of the entity depends; and the entity of said encrypted value sending a reply to authenticate said entity. The invention can be applied to the field of low-cost cryptography, especially the field of radio-identification.

Abstract: A method and device for performing a cryptographic operation by a device controlled by a security application executed outside thereof in which a cryptographic value (y) is produced a calculation comprising at least one multiplication between first and second factors containing a security key (s) associated with the device and a challenge number (c) provided by the security application. The first multiplication factor comprises a determined number of bits (L) in a binary representation and the second factor is constrained in such a way that it comprises, in a binary representation, several bits at 1 with a sequence of at least L?1 bits at 0 between each pair of consecutive bits to 1 while the multiplication is carried out by assembling the binary versions of the first factor shifted according to positions of the bits at 1 of the second factor, respectively.

Abstract: Method of cryptography in a smart card comprising a central processing unit, said method implementing precomputation operations, characterized in that said precomputation operations are performed by the smart card and in that the precomputation operations are carried out at a session during the waiting periods of the inputs/outputs of the central processing unit.

Abstract: A system and a method for cryptographic coupon reloading are provided for, wherein a coupon comprises, on one hand, a pseudo-random number ri=PRFK(i), where i is an index for labeling the coupon, PRF is a predetermined pseudo-random function and K is a regeneration key, and, on the other hand, a “reduced-coupon” xi such that xi=ƒ(ri), where ƒ is a predetermined one-way function, characterized in that it comprises the following steps: a candidate device (1) and a second device (2) acquire a common value of a token T, said candidate device (1) transmits a verification value vT to the second device (2), the second device (2) verifies whether said verification value vT is given by vT=PRF?Q(T), where PRF? is a predetermined keyed pseudo-random function identical to, or derived from, said pseudo-random function PRF, and where Q is an authentication key owned by the second device (2) and known to the candidate device (1) provided the candidate device (1) is a legitimate reloading device (1), and if the verificati

Abstract: The cryptographic method is used in transactions for which a first entity generates, by use of a private RSA key, a proof verifiable by a second entity by use of a public RSA key associated with said private key. The public key includes an exponent and a modulus. The first entity generates a first element of proof by a calculation that can be performed independently of the transaction, and a second element of proof related to the first element of proof and which depends on a common number shared by the first and the second entities specifically for the transaction. The second entity verifies that the first element of proof is related, modulo the modulus of the public key, to a power of a generic number, with an exponent equal to a linear combination of the common number and of a product of the exponent of the public key by the second element of proof.

Abstract: The invention concerns a system enabling a member (M) of a group (G) to produce, by means of customized data (z; K), a message (m) accompanied by a signature (8) proving to a verifier that the message originates from a member of the group (G). The invention is characterized in that the customized data is in the form of an electronic physical medium (26). Advantageously, the latter also incorporates: encrypting means (B3) for producing a customized cipher (C) from the customized data prior to the signature S of the message (m), means (B5) for producing a combination of a message m to be signed and the cipher (C) associated with said message, for example in the form of a concatenation of the message (m) with the cipher (C), and means (B6) for signing (Sig) the message (m) with the customized data (z; K) in the form of a cipher (C) associated with said message. Advantageously, the physical medium is a smart card (26) or the like.

Abstract: The invention concerns a list signature method comprising: an organization phase whereby reliable authority defines parameters for implementing an anonymous electronic signature; a phase which consists in registering persons on a list of authorized members to generate a list signature, during which each person calculates a private key, and the reliable authority delivers to each person a certificate for membership of the list; a phase which consists in defining a serial number; a phase wherein a member of the list generates by means of certificate a signature containing an element common to all the signatures issued by one single member with one single serial number; a phase which consists in verifying whether the signature has been generated by a member of the list and whether the serial number has been used to generate the signature.

Abstract: An asymmetrical cryptographic method of protecting an electronic chip against fraud in transactions between the electronic chip and an application, involving calculating an authentication value V from input parameters in the electronic chip. The chip produces a pseudo-random number r specific to the transaction by means of a serial pseudo-random generator included in the chip. The chip sends the application a parameter x calculated by the application prior to the transaction, linked to the random number r by a mathematical relationship, and stored in a data memory of the chip. The chip calculates a parameter y constituting the whole or a portion of the authentication value V by means of a serial function whose input parameters are at least the random number r specific to the transaction and a private key s belonging to an asymmetrical pair of keys.

Abstract: A cryptographic method and apparatus for anonymously signing a message. Added to the anonymous signature is another signature which is calculated (operation 13) using a private key common to all the members of a group authorized to sign and unknown to all revoked members. The private key is updated (operations 8, 11) at group level on each revocation within the group and at member level only on anonymous signing of a message by the member.

Abstract: A method of pre-authentication of a first entity (10) by a second entity (1) communicating with each other via a wireless connection. The second entity (1) sends (23?) a challenge value (c). If the first entity (10) receives (23) a challenge value (c?), it applies to the received challenge value a predefined transformation (g) known to the second entity to obtain a first transformed value (r) and then sends (24) the first transformed value (r) obtained. If the second entity receives (24?) a transformed value (r?), it compares (25?) the received transformed value to a second transformed value (r?) obtained by applying the predefined transformation (g) to the challenge value sent and considers the pre-authentication to have succeeded if the result of comparing the second transformed value obtained and the transformed value received is below a predefined threshold (m).

Abstract: The present invention relates to a cryptographic method of protecting an electronic chip against fraud and a device including an electronic chip which is adapted to protect the electronic chip against fraud. The method includes: mixing some or all of the input parameters (Em) to supply an output data item E?=(e?1, e?2, . . . , e?n, . . . , e?N), changing the state of a finite state automaton from an old state to a new state as a function of the data item E?=(e?1, e?2, . . . , e?n, . . . , e?N), and calculating a certificate (S) by means of an output function having at least one state of the automaton as an input argument. The device includes: mixing means, a finite state automaton, and output means for calculating a certificate (S).

Abstract: A public key cryptographic method based on groups of braids. The method employs a secret key defined by a representative s of a given braid S in a braid group G, a public key defined by a representative v of the braid T(S) converted from the braid S by an operator T, and an operation of verifying the equality of two braids, i.e. the equivalence of representatives of the two braids.

Abstract: A method and device for performing a cryptographic operation by a device controlled by a security application executed outside thereof in which a cryptographic value (y) is produced a calculation comprising at least one multiplication between first and second factors containing a security key (s) associated with the device and a challenge number (c) provided by the security application. The first multiplication factor comprises a determined number of bits (L) in a binary representation and the second factor is constrained in such a way that it comprises, in a binary representation, several bits at 1 with a sequence of at least L?1 bits at 0 between each pair of consecutive bits to 1 while the multiplication is carried out by assembling the binary versions of the first factor shifted according to positions of the bits at 1 of the second factor, respectively.

Abstract: The invention concerns a cryptographic method whereby a second entity (B) verifies by means of a public key, a proof provided by a first entity (A), which consists in the generation by the first entity (A) of a first random number r much higher than any first integer s included in a private key kept secret by the first entity (A). The first entity (A) generates a first element of proof resulting from a modulo n exponentiation of a first integer G included or not in said public key and whereof the exponent is the first random number r. In combination with the first element of proof, a so-called common number, is generated so that the second entity (B) and the first entity (A) should have knowledge of the common number. The first entity (A) generates an image y of said private key by linear combination of the first random number r and of at least a first private key integer s. At least a multiplicative coefficient of the linear combination is said common number.

Abstract: Authentication and signature process with reduced number of calculations. The process involves a first entity called the “prover”, which possesses a public key v and a secret key s, these keys verify the relation v=s?t (mod n), where n is an integer called modulus and t is a parameter, and a second entity called a “verifier”, which knows the public key v. This process implies exchange of information following a “zero-knowledge protocol” between the verifier and the prover and cryptographic calculations on this information, some calculations being carried out “modulo n”. The process of the invention is characterised by the fact that the modulus n is specific to the prover that communicates this modulus to the verifier.