Abstract: A technique for protecting a cryptographic key. A user has an identifier and an associated password. The first cryptographic key is designed to decrypt a piece of encrypted data. The user device generates a second cryptographic key by applying a key derivation algorithm to at least the password, then encrypts the first cryptographic key by applying an encryption algorithm parameterized by the second cryptographic key. The user device then provides the encryption of the first cryptographic key to a management device for storage. A response associated with a question is obtained from the user. The user device calculates a result of an application of a function to at least one response associated with a question, then provides a value dependent on the result to a management device for storage. The value then enables the user device to determine the password when it has the response to the corresponding question.

Abstract: A method is provided to anonymize “initial” data stored in a database of a computer system and resulting from aggregating personal data relating to a plurality of individuals. The method includes: an identification act identifying in the initial data a set of data that is “sensitive” that would be affected by personal data relating to one individual being added to or removed from the database; a partitioning act partitioning the sensitive data set into a plurality of subsets as a function of a sensitivity level of the sensitive data; a determination act determining a sensitivity level for each subset; and an anonymization act anonymizing the initial data and including, for each subset, adding noise to the sensitive data of that subset with a noise level that depends on the sensitivity level determined for the subset.

Abstract: A technique for protecting a cryptographic key. A user has an identifier and an associated password. The first cryptographic key is designed to decrypt a piece of encrypted data. The user device generates a second cryptographic key by applying a key derivation algorithm to at least the password, then encrypts the first cryptographic key by applying an encryption algorithm parameterized by the second cryptographic key. The user device then provides the encryption of the first cryptographic key to a management device for storage. A response associated with a question is obtained from the user. The user device calculates a result of an application of a function to at least one response associated with a question, then provides a value dependent on the result to a management device for storage. The value then enables the user device to determine the password when it has the response to the corresponding question.

Abstract: A method for detecting intrusions uses a searchable enciphering algorithm and includes: generating a trap bypass key for a security device, which is able to determine keywords characteristic of intrusions, generating by the security device a trap for each keyword by using the trap bypass key; providing the traps to an intrusions detection device; intercepting by the detection device character strings sent on the network by a sender and enciphered with a public key of a receiver; applying by the detection device a test procedure on the character strings enciphered using the traps; and detecting an intrusion on the network if there exists according to the test procedure an enciphered character string representative of a cipher of a keyword.

Abstract: A method for detecting intrusions uses a searchable enciphering algorithm and includes: generating a trap bypass key for a security device, which is able to determine keywords characteristic of intrusions, generating by the security device a trap for each keyword by using the trap bypass key; providing the traps to an intrusions detection device; intercepting by the detection device character strings sent on the network by a sender and enciphered with a public key of a receiver; applying by the detection device a test procedure on the character strings enciphered using the traps; and detecting an intrusion on the network if there exists according to the test procedure an enciphered character string representative of a cipher of a keyword.

Abstract: A method is provided to anonymize “initial” data stored in a database of a computer system and resulting from aggregating personal data relating to a plurality of individuals. The method includes: an identification act identifying in the initial data a set of data that is “sensitive” that would be affected by personal data relating to one individual being added to or removed from the database; a partitioning act partitioning the sensitive data set into a plurality of subsets as a function of a sensitivity level of the sensitive data; a determination act determining a sensitivity level for each subset; and an anonymization act anonymizing the initial data and including, for each subset, adding noise to the sensitive data of that subset with a noise level that depends on the sensitivity level determined for the subset.

Abstract: One embodiment relates to a method for enabling an entity to delegate calculation of a bilinear pairing value e(A,B) between two values A and B to a calculation server. The entity may select public elements P1 and P2 and secret elements S1 and S2, two of the elements from among P1, P2, S1, and S2 being selected to be equal to A and B, generate elements R1=vS1, R2=uS2, T1=uP1+S1, T2=vP2=S2, where u and v are random numbers, and transmit R1, R2, T1, and T2 to the calculation server. The server may calculate (a1)y=e(T1,T2)[e(R1,P2)e(P1,R2)]?1, and (a2)z=e(D1,D2), y and z designating two integers equal to 1 or to an integer c, D1 and D2 designating two public elements from among A and B or from among R1 and R2 and transmit a1 and a2 to the entity. The entity may obtain the value e(A,B) from a1 or a2.

Abstract: One embodiment relates to a method of updating, by an electronic device of a first user of a tree of data files and/or folders of the first user stored in a storage server configured to implement a re-encryption mechanism, this tree comprising at least one target folder that the first user has authorized a second user to access by providing the storage server with a re-encryption key for this target folder from the first user to the second user.

Abstract: One embodiment relates to a method of updating, by an electronic device of a first user of a tree of data files and/or folders of the first user stored in a storage server configured to implement a re-encryption mechanism, this tree comprising at least one target folder that the first user has authorized a second user to access by providing the storage server with a re-encryption key for this target folder from the first user to the second user.

Abstract: One embodiment relates to a method for enabling an entity to delegate calculation of a bilinear pairing value e(A,B) between two values A and B to a calculation server. The entity may select public elements P1 and P2 and secret elements S1 and S2, two of the elements from among P1, P2, S1, and S2 being selected to be equal to A and B, generate elements R1=vS1, R2=uS2, T1=uP1+S1, T2=vP2=S2, where u and v are random numbers, and transmit R1, R2, T1, and T2 to the calculation server. The server may calculate (a1)y=e(T1,T2)[e(R1,P2)e(P1,R2)]?1, and (a2)z=e(D1,D2), y and z designating two integers equal to 1 or to an integer c, D1 and D2 designating two public elements from among A and B or from among R1 and R2 and transmit a1 and a2 to the entity. The entity may obtain the value e(A,B) from a1 or a2.

Abstract: A method of anonymous access to a service, comprising the allocation, by at least one certifying entity, of a plurality of certificates to a user entity, the certificates being calculated on the basis of at least one attribute associated with the user entity, the calculation, by the user entity, of an aggregated certificate on the basis of a plurality of certificates among the certificates allocated to the user entity, the calculation, by the user entity, of a proof of knowledge of the aggregated certificate and a verification, performed by a verifying entity, of at least one of these certificates by means of said proof of knowledge, the access to the service being provided by the verifying entity to the user entity as a function of the result of this verification.

Abstract: A method for unique authentication of a user including federating an identity of said user for said service provider and an identity of the user for an identity provider, the federating including the steps of generating a user alias for that service provider and sending said identity provider a masked alias deduced from said alias, the identity provider associating said masked alias for that service provider with the identity of the user for the identity provider and sending the user elements for calculation by the user of a signature of a message containing the non-masked alias calculating said signature and sending the service provider said message with said signature, and the service provider verifying said signature, authenticating the user, and associating said alias with the user's identity.

Abstract: The invention relates to cryptographic method for the anonymous authentication and the identification of a user entity (Ui) respectively by a checking entity (D) and an identifying entity (O). According to this method, the checking entity (D) receives (130) from the user entity (U1) at least one first signature (?) and a first message (m), and checks (140) the first signature (?) using the first message (m) in order to authenticate the user (U), and the identifying entity (O) receives (150) from the checking entity (D) a second signature (??) connected to the first signature (?) and identifies (160) the user using the second signature and a secret key particular thereto. The invention also relates to a cryptographic system for implementing said method.

Abstract: A system for managing sensitive personal data includes a first data processing subsystem and a second data processing subsystem. The first data processing subsystem includes a generating unit and a private database. The generating unit generates a common key from data identifying a person. The private database associates the common key with the identification data. The second data processing subsystem includes an obtaining unit, a generating unit, a receiving unit and a storing unit. The obtaining unit obtains the common key. The generating unit generates a random number from the common key. The receiving unit receives a registration message including sensitive personal data of the person and the random number. The storing unit stores the personal data in a second database in association with the random number and the common key.

Abstract: The invention relates to a method of authenticating a radio tag by a radio reader, the tag possessing an identifier accessible to the reader via a database of tag identifiers, comprising: dispatching an authentication request by the reader to the tag, dispatching by the tag, a response, calculated by applying a first function to at least the identifier, a calculation by the tag and by the reader of a new identifier, by applying a second function to the identifier, comprising: if the response dispatched by the tag corresponds to a result obtained by applying said first function to an identifier of the base, a dispatching by the reader a first value, calculated by applying a third function to said identifier of the base.

Abstract: A method of anonymous access to a service, comprising the allocation, by at least one certifying entity, of a plurality of certificates to a user entity, the certificates being calculated on the basis of at least one attribute associated with the user entity, the calculation, by the user entity, of an aggregated certificate on the basis of a plurality of certificates among the certificates allocated to the user entity, the calculation, by the user entity, of a proof of knowledge of the aggregated certificate and a verification, performed by a verifying entity, of at least one of these certificates by means of said proof of knowledge, the access to the service being provided by the verifying entity to the user entity as a function of the result of this verification.

Abstract: A method for authenticating an entity by a verifier, the entity having an identifier, the verifier having a pair of private and public keys, comprising: sending to the entity a first random number selected by the verifier; a step wherein the entity encrypts a value by means of the public key of the verifier, said value including the first random number and an authentication datum on which the identifier of the entity depends; and the entity of said encrypted value sending a reply to authenticate said entity. The invention can be applied to the field of low-cost cryptography, especially the field of radio-identification.

Abstract: The cryptographic scheme subdivides time into periods with an index j=0, 1, 2, etc. A public key indicates elements u and v of a first cyclic group G1 of prime order p and, for each period j, an integer sj between 0 and p?1 and elements g1,j of the group G1 and g2,j, wj and hj of another cyclic group G2 of order p. The private key of a member of the group indicates an integer xi between 0 and p?1 and, for each period j, an element Ai,j of the group G1 such that Ai,n=[Ai,n-1/g1,n-1]1/(xi?sn) for 1?n?j. To sign a message during a period j?0, the member selects two integers ? and ? between 0 and p?1, calculates T1=u?, T2=Ai,j·v?, S1=g2,j? and S2=e(Ai,j, hj)? where e(., .) is a bilinear map of G1×G2 onto GT, and determines according to the message the data that justify the fact that the elements T1, T2, S1 and S2 are correctly formed with knowledge of the private key of the member for the period with index j.

Abstract: The invention relates to a method for generating a list signature for a message to be signed, said method comprising steps which are carried out by an electronic material support of a member of a list. During said step, the electronic material support only generates an electronic signature according to a sequence number supplied to the electronic material support by a certifying authority, according to evidence of belonging to the list of members, to data relating to the electronic material support, and optionally to a key of an authority qualified to lift the anonymity of the generated signature.

Abstract: The invention relates to cryptographic method for the anonymous authentication and the identification of a user entity (Ui) respectively by a checking entity (D) and an identifying entity (O). According to this method, the checking entity (D) receives (130) from the user entity (U1) at least one first signature (?) and a first message (m), and checks (140) the first signature (?) using the first message (m) in order to authenticate the user (U), and the identifying entity (O) receives (150) from the checking entity (D) a second signature (??) connected to the first signature (?) and identifies (160) the user using the second signature and a secret key particular thereto. The invention also relates to a cryptographic system for implementing said method.