Abstract: A method for successively executing first and subsequent block cryptographic computations. These cryptographic computations include transforming a respective input block (38, 64) composed of a plurality of elements (107k), via a plurality of linear transformations (109, 115, 116, SR) and non-linear transformations (112), into a corresponding output block. The method includes: implementing a functional correspondence between input and output of the non-linear transformations (112) applied on the elements of the first input block (38, 64) during the first block cryptographic computation, and applying dynamical obfuscation (124) by re-encoding the functional correspondence into a modified functional correspondence between the input and the output of the non-linear transformations applied on elements of the next input block during the next block cryptographic computation.

Abstract: A method for concurrently executing a first block cryptographic computation (60) and a second block cryptographic computation (61) using a ciphering circuit. The first block cryptographic computation includes computing a first output block (42) by executing a plurality of first processing rounds (70i, 78) based on a first input block (38, 64), and the second block cryptographic computation includes computing a second output block (43) by executing a plurality of second processing rounds (75j, 79) based on a second input block (39, 65). The method further includes alternatingly executing respective first and second processing rounds in a round-interleaved sequence.

Abstract: A pairing method between a user device (1) and an operator device (2), the user device (1) being intended to receive conditional access data from the operator device (2), the user device having a user device identifier (UID), the operator having an operator device identifier (OID). The method comprises receiving, by the user device, a user device key (KUID) derived from a first cryptographically secure function and receiving, by the operator device, an operator key (KOID) derived from a second cryptographically secure function. The user device comprises a user device bilinear mathematical function (e(KUID, OID)) and the operator device comprises an operator bilinear mathematical function (e(UID, KOID)) which each define a pairing over an elliptic curve.

Abstract: A method for pairing a content provider system and a receiving device, a cryptographic function and a receiving device unique identifier being populated in the receiving device. According to such method, the receiving device executes: obtaining a first key which is a result of a first function taking as arguments an Identity Based Encryption scheme master key owned by an authority server and an output of the cryptographic function applied to the receiving device unique identifier; receiving, from the content provider system, a content provider unique identifier; and computing a secret key which is a result of a second function taking as operands the first key and an output of the cryptographic function applied to the content provider unique identifier, the secret key being known from the content provider system.

Abstract: The disclosure relates to a method of obtaining a cryptographic key in a chipset (1). An initial configuration message may be generated using a physical unclonable function (hereinafter: PUF) (22) of the chipset (1). Said PUF (22) may generate a predetermined value when using the initial configuration message as input to the PUF (22). The initial configuration message may be transmitted to a client access server (31). An altered configuration message may be received from the client access server (31), wherein the altered configuration message is generated by the client access server (31) based on the initial configuration message. The cryptographic key may be obtained from the PUF (22) using the altered configuration message as input to the PUF (22).

Abstract: Public-key cryptography allows putting into practice concepts of digital signatures and public-key key exchange; methods used on a daily basis in digital systems. A method generates a protected secret value k? used as a first operand in a cryptographic group operation involving a base group element G of order n and including: generating random positive integers k1 and k2, that are strictly smaller than the order of the group element G due to a cryptographically secure random number generator, such that the generated random positive integers k1 and k2 do not share any divisor with the order n other than 1; generating the protected secret value k? based on the generating random positive integers such as k?=k1*k2, the protected secret value k? being used as a second operand in the group operation.

Abstract: The disclosure relates to a method of obtaining a cryptographic key in a chipset (1). An initial configuration message may be generated using a physical unclonable function (hereinafter: PUF) (22) of the chipset (1). Said PUF (22) may generate a predetermined value when using the initial configuration message as input to the PUF (22). The initial configuration message may be transmitted to a client access server (31). An altered configuration message may be received from the client access server (31), wherein the altered configuration message is generated by the client access server (31) based on the initial configuration message. The cryptographic key may be obtained from the PUF (22) using the altered configuration message as input to the PUF (22).

Abstract: Implementing a camouflage of current traces generated by a hardware component having one or more set of digital elements defining a plurality of operational datapaths comprises adjusting (761) one or more working condition(s) of the hardware component, measuring (762) a reaction of the hardware component to the working condition(s) by a logic test circuit through processing data operations along a reference datapath having a minimum duration corresponding to at least the longest of the operational datapaths, and in response to detecting an error (763) along the reference datapath, modifying (764) the working condition(s) so that the error generated by the logic test circuit is cancelled. Applications to countermeasures to side-channel attacks.

Abstract: The disclosure relates to a method for enabling the secure functions of a chipset (1) and especially the encryption of the content of the secure memory (7) when the device goes into low power mode. The content of the secure memory (7) may be encrypted and stored in an external memory (20) during low power mode of the chipset (1).

Abstract: A device for generating at least one cryptographic key by selecting at least three input data selected among, on one hand, a predetermined data and, on the other hand, a function of at least one piece of data having a type belonging to the group including: a physical unclonable type, corresponding to physical unclonable function data, a hardwired type, corresponding to data hardwired within said device, and a software type, corresponding to software data, assembling the at least three input data to produce an assembled input data, and applying the assembled input data into a cryptographic element to produce a cryptographic key.

Abstract: The disclosure relates to a method for enabling the secure functions of a chipset (1) and especially the encryption of the content of the secure memory (7) when the device goes into low power mode. The content of the secure memory (7) may be encrypted and stored in an external memory (20) during low power mode of the chipset (1).

Abstract: The present invention relates in particular to a pairing method between a multimedia unit and one operator having an operator identifier, the multimedia unit having a multimedia unit identifier and receiving conditional access data from said operator, the method being characterized in that: receiving by the multimedia unit a multimedia unit key formed by applying a first cryptographically function to a personalization key and to the multimedia unit identifier; receiving by the operator an operator key formed by applying a second cryptographically function to said personalization key and to the operator identifier; said multimedia unit further having a function of the multimedia unit and said operator further having a function of the operator, these functions being such that the result of the application of the function of the operator to said operator key and to said multimedia unit identifier is equal to the result of the application of the function of the multimedia unit to said multimedia unit key a

Abstract: System and method for establishing secure conference calls. In one example system, a central conference call server establishes point-to-point connections with accessory devices comprising a secure element and connected to corresponding participant devices. The conference call server includes an interface to a plurality of secure elements configured to perform scrambling and unscrambling of media signals communicated to and from the accessory devices. In another example, one of the participant devices operates as the central conference call server. In other examples, participant devices communicate on a conference call via point-to-point connections between all accessory devices connected to the participant devices. The accessory devices include secure elements for decryption and encryption of media signals communicated between the accessory devices.

Abstract: The disclosure relates to a method for enabling the secure functions of a chipset (1) and especially the encryption of the content of the secure memory (7) when the device goes into low power mode. The content of the secure memory (7) may be encrypted and stored in an external memory (20) during low power mode of the chipset (1).

Abstract: Implementing a camouflage of current traces generated by a hardware component having one or more set of digital elements defining a plurality of operational datapaths comprises adjusting (761) one or more working condition(s) of the hardware component, measuring (762) a reaction of the hardware component to the working condition(s) by a logic test circuit through processing data operations along a reference datapath having a minimum duration corresponding to at least the longest of the operational datapaths, and in response to detecting an error (763) along the reference datapath, modifying (764) the working condition(s) so that the error generated by the logic test circuit is cancelled. Applications to countermeasures to side-channel attacks.

Abstract: A method of monitoring execution in an execution environment of an operation, for example a cryptographic operation, comprising a sequence of instructions, is disclosed. Instructions sent in the sequence from a main processor to one or more auxiliary processors, for example cryptographic processors, to execute the operation are monitored and the sequence of instructions is verified using verification information. The method comprises enabling output from the execution environment of a result of the operation in response to a successful verification of the sequence, or generating a verification failure signal in response to a failed verification of the sequence.

Abstract: An integrated circuit and a method of configuring a plurality of integrated circuits are disclosed. Each integrated circuit comprises a cryptographic key specific to it. Each integrated circuit comprises a cryptographic key specific to it. Each cryptographic key can be generated on the respective integrated circuit using a physical unclonable function and data associated with the cryptographic key, e.g. a configuration message comprising instructions for generating the cryptographic key using the physical unclonable function. The cryptographic key specific to the integrated circuit is not stored on the integrated circuit. Each of the plurality of integrated circuits are configured using a data file that is encrypted with the respective cryptographic key specific to the integrated circuit, circuit.

Abstract: The disclosure relates to a method for enabling the secure functions of a chipset (1) and especially the encryption of the content of the secure memory (7) when the device goes into low power mode. The content of the secure memory (7) may be encrypted and stored in an external memory (20) during low power mode of the chipset (1).

Abstract: The disclosure relates to a method of obtaining a cryptographic key in a chipset (1). An initial configuration message may be generated using a physical unclonable function (hereinafter: PUF) (22) of the chipset (1). Said PUF (22) may generate a predetermined value when using the initial configuration message as input to the PUF (22). The initial configuration message may be transmitted to a client access server (31). An altered configuration message may be received from the client access server (31), wherein the altered configuration message is generated by the client access server (31) based on the initial configuration message. The cryptographic key may be obtained from the PUF (22) using the altered configuration message as input to the PUF (22).

Abstract: A method to protect a device key in a device comprising at least one secure element locally connected to at least one time programmable memory storing a global value in form of a bit string comprising locked bits and unlocked bits. The locked bits are irreversibly pre-programmed in the one-time-programmable memory during an initialization phase of the device while the un-locked bits remaining in an initial state may be programmable by the secure element. The secure element is configured to generate, at initialization of the device, a device specific value by using the global value, program the device specific value previously obtained in the one time programmable memory, and erase the global value by programming the unlocked bits of the corresponding bit string. A further object of the disclosure includes a device configured to carry out the method.