Abstract: A method of executing a program by a processor, and an electronic entity including such a processor, the method includes the following steps: a calling program calling a subprogram and passing at least one parameter; the subprogram determining a return status indicator; the subprogram determining a return word by using a predetermined function to combine at least the return status indicator and the parameter; returning to the calling program with the determined return word as a result; and the calling program comparing the return word and a determined word determined by using the predetermined function to combine at least one possible value of the return status indicator and the parameter passed when calling the subprogram.

Abstract: Devices and methods for masking and unmasking sensitive data, based on a standard cryptographic algorithm defining a ciphering algorithm, and a deciphering algorithm using more resources than the ciphering algorithm are described. The masking of sensitive data is done by applying the deciphering algorithm to the sensitive data to obtain masked sensitive data. The unmasking of the masked sensitive data is done by applying the ciphering algorithm to the masked sensitive data to obtain sensitive data in plain form.

Abstract: A secure element includes a boot program comprises instructions for the execution a startup step to determine if a non-volatile memory stores an active operating system, and, in the affirmative, to launch execution of the operating system, an authentication step of a updater device, as a function of first authentication data determined by a secure element and second authentication data received from the updater device, and, in response to the authentication step, a storage step of a new operating system received from the update, device in the non-volatile memory and an activation step of the new operating system, when said instructions are executed by a microprocessor.

Abstract: Devices and methods for masking and unmasking sensitive data, based on a standard cryptographic algorithm defining a ciphering algorithm, and a deciphering algorithm using more resources than the ciphering algorithm are described. The masking of sensitive data is done by applying the deciphering algorithm to the sensitive data to obtain masked sensitive data. The unmasking of the masked sensitive data is done by applying the ciphering algorithm to the masked sensitive data to obtain sensitive data in plain form.

Abstract: Devices and methods for masking and unmasking sensitive data, based on a standard cryptographic algorithm defining a ciphering algorithm, and a deciphering algorithm using more resources than the ciphering algorithm are described. The masking of sensitive data is done by applying the deciphering algorithm to the sensitive data to obtain masked sensitive data. The unmasking of the masked sensitive data is done by applying the ciphering algorithm to the masked sensitive data to obtain sensitive data in plain form.

Abstract: A method for the performance of a function by a microcircuit, includes: at least one step of determining (205) whether an anomaly is detected or whether the operation of the microcircuit is normal; when it is determined that an anomaly is detected, a step of performing (210) a protection function; when it is determined that the operation of the microcircuit is normal, a step of performing (215) a decoy function simulating the protection function by being perceptible, from the outside of the microcircuit, in a manner more or less identical to the protection function; the method being characterized in that it includes an interruption (250) of the performance of the decoy function by a timer.

Abstract: A method of executing a program by a processor, and an electronic entity including such a processor, the method includes the following steps: a calling program calling a subprogram and passing at least one parameter; the subprogram determining a return status indicator; the subprogram determining a return word by using a predetermined function to combine at least the return status indicator and the parameter; returning to the calling program with the determined return word as a result; and the calling program comparing the return word and a determined word determined by using the predetermined function to combine at least one possible value of the return status indicator and the parameter passed when calling the subprogram.

Abstract: An electronic appliance includes a first processor and a secure electronic entity equipped with a second processor, the electronic appliance being designed to operate by the execution by the first processor of a trusted operating system. An element situated outside the secure electronic entity and distinct from the trusted operating system is designed to trigger the execution of an application by the second processor; the application executed by the second processor is designed to request the implementation of a service of the trusted operating system. A method implemented in such an electronic appliance is also described.

Abstract: The invention in particular relates to provide security for intermediate programming code for its execution by a virtual machine. After having received (200) a plurality of pseudo-instructions of the intermediate programming code, the plurality of bytecode instructions is converted (230, 235), the conversion including a step of inserting at least one bytecode instruction relative to a function for execution checking of at least one bytecode instruction of the plurality of bytecode instructions. A following step is directed to generating bytecode, the generated bytecode including the plurality of converted bytecode instructions.

Abstract: A method for the performance of a function by a microcircuit, includes: at least one step of determining (205) whether an anomaly is detected or whether the operation of the microcircuit is normal; when it is determined that an anomaly is detected, a step of performing (210) a protection function; when it is determined that the operation of the microcircuit is normal, a step of performing (215) a decoy function simulating the protection function by being perceptible, from the outside of the microcircuit, in a manner more or less identical to the protection function; the method being characterized in that it includes an interruption (250) of the performance of the decoy function by a timer.

Abstract: Devices and methods for masking and unmasking sensitive data, based on a standard cryptographic algorithm defining a ciphering algorithm, and a deciphering algorithm using more resources than the ciphering algorithm are described. The masking of sensitive data is done by applying the deciphering algorithm to the sensitive data to obtain masked sensitive data. The unmasking of the masked sensitive data is done by applying the ciphering algorithm to the masked sensitive data to obtain sensitive data in plain form.

Abstract: A secure element includes a boot program comprises instructions for the execution a startup step to determine if a non-volatile memory stores an active operating system, and, in the affirmative, to launch execution of the operating system, an authentication step of a updater device, as a function of first authentication data determined by a secure element and second authentication data received from the updater device, and, in response to the authentication step, a storage step of a new operating system received from the update, device in the non-volatile memory and an activation step of the new operating system, when said instructions are executed by a microprocessor.

Abstract: The method includes in placing an instruction presence parameter in the “argument” field of a binary word defining a read/write command generated by generic management programs (drivers) for removable data storage units. This makes it possible to circumvent the limitation of the set of the commands authorized by a generic program for managing a removable data storage unit, without running the risk of data being interpreted wrongly as instructions.

Abstract: A smart card (1) storing a first and a second application (120, 220) and elements for receiving commands originating from outside the card (1), the first application (120) being capable of executing first commands, the smart card includes elements (130) for determining (706) whether a received command is implemented by the first application so as to transmit (708) the received command to the second application (220) in the case of a negative determination. Notably, the determination can implement either a table (130) listing the first commands, or conditional instructions provided within the execution code for the first application. Application of the invention to a second highly-securitized application, of the banking transaction type, and to a first less-securitized application, of the mobile telephone application type.

Abstract: The invention in particular relates to provide security for intermediate programming code for its execution by a virtual machine. After having received (200) a plurality of pseudo-instructions of the intermediate programming code, the plurality of bytecode instructions is converted (230, 235), the conversion including a step of inserting at least one bytecode instruction relative to a function for execution checking of at least one bytecode instruction of the plurality of bytecode instructions. A following step is directed to generating bytecode, the generated bytecode including the plurality of converted bytecode instructions.

Abstract: A smartcard (1) includes: first and second microcircuits (100, 200) respectively storing first and second applications (120, 220), elements for communicating (14) with the outside of the card (1), connected to the first microcircuit (100), the first application (120) being capable of transmitting (708) a command received by the communication elements (14) to the second application (220) the first application (120) being capable of receiving a response to the command transmitted to the second application (220) and of aggregating (718) the response with at least one data value stored in a memory of the first microcircuit (200) in such a manner as to form an overall response to the command received from the outside.

Abstract: A smartcard (1) includes: a first and a second microprocessor (110, 210), elements for receiving (14) commands each coming from a first or a second communications channel external to the card (1) and for transmitting the received commands to the first microprocessor, characterized in that the first microprocessor includes elements for determining (706) whether a received command has been received on the second communications channel so as to transmit (708) the received command to the second microprocessor (210) in the case of a positive determination. Notably, the determination can be carried out by detecting an electrical contact of the communications interface of the card, over which the command is received. Application of the invention to a card having a second microprocessor for executing a highly securitized application, of the banking transaction type, and a first less securitized application, of the mobile telephony application type.

Abstract: The microprocessor card includes a first microprocessor and a second microprocessor, the first microprocessor including elements for commanding the second microprocessor. In embodiments, the card includes electrical contacts adapted to carry command signals, these electrical contacts being connected exclusively to the first microprocessor. In embodiments, the first microprocessor includes elements for commanding the second microprocessor via commands conforming to the ISO 7816 standard. The first microprocessor uses a lower level of security than the second microprocessor.

Abstract: The method includes in placing an instruction presence parameter in the “argument” field of a binary word defining a read/write command generated by generic management programs (drivers) for removable data storage units. This makes it possible to circumvent the limitation of the set of the commands authorized by a generic program for managing a removable data storage unit, without running the risk of data being interpreted wrongly as instructions.

Abstract: The method of protection of a microcircuit against an attack includes: a step (205) of determining if an attack has been detected, if an attack has been detected, a step (210, 510) of executing a protection function, and if no attack has been detected, a step (215, 515) of executing a decoy function simulating the protection function and perceptible from outside the microcircuit in a manner substantially identical to the protection function. In some embodiments the decoy function has a power consumption substantially identical to that of the protection function, the protection function effects a step of writing predetermined data at a first address of a non-volatile memory, and the decoy function effects a step of writing in non-volatile memory at a second address different from the first address.