Abstract: This invention relates to an authentication process with an access control and/or payment system that maintains anonymity of the customer towards a third party, characterized in that a single-directional authentication protocol is used to send an authentication sequence that is completely different for each transaction, so that it is impossible for a third party to determine the identity of this customer, or even to determine which transactions are sent by a particular customer.

Abstract: The present invention relates to a procedure for controlling independent secure transactions using a single physical apparatus (11) that is the property of the user, wherein: the user of said apparatus obtains the apparatus independently of any service provider, on presentation by the user of said apparatus (11) to a service provider (P1, P2, P3) said service provider supplies a set of data identifying the user associated with the apparatus for access to a given service (S1, S2, S3) the combination of the apparatus and the data enables a secure transaction to be conducted with the service.

Abstract: The present invention relates to a process for accepting a request for use of a virtual prepaid card involving the following stages:a user of a virtual prepaid card is connected to a server containing a data base, particularly version numbers, which are incremented when the corresponding cards are empty or obsolete,said user is authenticated with the server by communicating thereto an authentication sequence and a version number,said server supplies these numbers to a security processor having the capacity to recalculate the authentication sequence and check the validity thereof,in the case of the validity thereof, the processor transmits to the server a consumption authorization,after receiving said authorization the server gives agreement to the use request, within the limits of the credit remaining on the card and the validity date of the latter.

Abstract: A process for the dissimulation of concealment of a secret code in a data authentication device by encrypting the secret code by an encrypting function for forming an image of the secret code and storing the secret code image in the authentication device. Beforehand, an encrypting function is chosen such that with each stored secret code image corresponds a plurality of antecedent codes all differing from the secret code, but which, once encrypted by the encrypting function have an image identical to that of the secret code. The secret code of a user has an authentication device in which is stored the secret code image.

Abstract: A system for control of access by messages to computer machines which are connected in a host private network by at least one private terminal that comprises an access control module interconnected at each input-output point of the host private network, each module allowing the selective transmission by inhibition, free or conditional authorization of the transmission of the messages to the host private network. A centralized supervisor module is associated with the host private network and interconnected by a specialized link to each access control module, allowing thus to control the selective transmission of the messages by each access control module.

Abstract: The terminal and the user module are authenticated in a combined manner on the basis of an authentication key calculated on the one hand by the terminal and on the other hand by the network. A session key is firstly calculated by the user module on the basis of a secret user key, of a terminal identification parameter and of a first random number. Calculation of the authentication key by the terminal involves this session key calculated by the user module, a secret terminal identification key and a second random number. The network calculates in the same way the session key and the authentication key by retrieving the secret keys on the basis of the identification parameters transmitted by the terminal. The terminals can then be authenticated by the network independently of the associated user modules.

Abstract: A process for controlling communication between a first and a second smart card using key-based cryptography is provided. In the disclosed process, a first identity code is stored in the first smart card and a second identity code is stored in the second smart card. The smart cards are customized by writing into each of the smart cards an identical group secret key and respective algorithms for processing the identical group secret key and the first and second identity codes stored in the first and second smart cards, respectively. The smart cards are used by transmitting the first identity code to the second smart card, transmitting the second identity code to the first smart card, and calculating using the respective processing algorithms stored in the smart cards, first and second session keys for the first and second smart cards, respectively.

Abstract: A process is provided for authentication in a data processing system using a data processing terminal having a programmable memory. The terminal supplies to a server an identify code (ID), the server checks the identify code, and in the case of agreement, supplies a random number (ALEA-A) to the terminal. The terminal encodes the random number using a signature algorithm (B) defined by a secret key (SID), and supplies a first signed random number (ALEA-S) to the server, which applies a signature checking algorithm (T, B, C) to the number (ALEA-S). The identity code and an encrypted secret key (KID) are written into the memory. The secret key (SID) used for the signature of the random number is determined using a decrypting algorithm (INVA) using the encrypted secret key (KID) and a password (MP) supplied by the terminal user. Particular utility for the present invention is found in the area of data processing, although other utilities are also contemplated.

Abstract: An electronic device for processing digital data has an input for receiving data to be processed and processor means suitable for transforming the input data in non-falsifiable manner into a result condensed data block. The processor means tools that are simple and fast, such as arrays and logic operators, to provide an elementary anti-collision operation for use in condensing the digital data.