Patents by Inventor Sebastien Nerot
Sebastien Nerot has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11974119Abstract: A process for processing a received message, where the message includes encrypted data and at least one indicator element, is disclosed. The process includes generating a complete indicator from data stored in the electronic device and from the received indicator element, generating a key from the complete indicator, and decrypting the encrypted data using said key. The disclosure also relates to a corresponding sending process.Type: GrantFiled: October 26, 2021Date of Patent: April 30, 2024Inventors: Eric Therene, Sébastien Nerot, Anthony Fonteneau
-
Publication number: 20220132305Abstract: A process for processing a received message, where the message includes encrypted data and at least one indicator element, is disclosed. The process includes generating a complete indicator from data stored in the electronic device and from the received indicator element, generating a key from the complete indicator, and decrypting the encrypted data using said key. The disclosure also relates to a corresponding sending process.Type: ApplicationFiled: October 26, 2021Publication date: April 28, 2022Inventors: Eric THERENE, Sébastien NEROT, Anthony FONTENEAU
-
Patent number: 10862956Abstract: A server includes a first server configured to receive requests and a plurality of second servers configured to service requests. A method of client-server communication includes receiving, at the first server, a request from the client and allocating the request to one of the second servers. The server determines if the allocated second server can provide a response to the request within a predetermined time period. If the allocated second server cannot provide a response to the request within the predetermined time period it sends a reply to the client indicating when the server system can provide a response to the request and including an identifier of the allocated second server. Server generates a response to the request. Server receives a callback message from the client. Server sends the response to the client.Type: GrantFiled: December 18, 2015Date of Patent: December 8, 2020Assignee: IDEMIA FRANCEInventors: Sebastien Nerot, Rami Wehbi, Christian Sieng
-
Patent number: 10268845Abstract: The securing of data loading originating from an external device into a code memory area defined by an initial program of the secure element and any modification of which is controlled solely by the latter. When the external device obtains data to be transmitted to the secure element, the latter simulates an image of the code memory area as it would be modified by the loading of these data. A signature is calculated on the basis of the simulated image, then dispatched to the secure element with the data. The initial program of the secure element compares a signature that it has calculated over the whole of the code memory area after the actual loading of the data, with the signature received from the external device. The identity between these signatures ensures that the code memory area conforms to the image simulated by the external device, and is unimpaired.Type: GrantFiled: March 25, 2015Date of Patent: April 23, 2019Assignee: IDEMIA FRANCEInventor: Sebastien Nerot
-
Publication number: 20170353540Abstract: A server includes a first server configured to receive requests and a plurality of second servers configured to service requests. A method of client-server communication includes receiving, at the first server, a request from the client and allocating the request to one of the second servers. The server determines if the allocated second server can provide a response to the request within a predetermined time period. If the allocated second server cannot provide a response to the request within the predetermined time period it sends a reply to the client indicating when the server system can provide a response to the request and including an identifier of the allocated second server. Server generates a response to the request. Server receives a callback message from the client. Server sends the response to the client.Type: ApplicationFiled: December 18, 2015Publication date: December 7, 2017Inventors: Sebastien NEROT, Rami WEHBI, Christian SIENG
-
Patent number: 9787663Abstract: An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays.Type: GrantFiled: October 9, 2015Date of Patent: October 10, 2017Assignee: OBERTHUR TECHNOLOGIESInventors: Jean-Philippe Vallieres, Sebastien Nerot
-
Publication number: 20170109546Abstract: The securing of data loading originating from an external device into a code memory area defined by an initial program of the secure element and any modification of which is controlled solely by the latter. When the external device obtains data to be transmitted to the secure element, the latter simulates an image of the code memory area as it would be modified by the loading of these data. A signature is calculated on the basis of the simulated image, then dispatched to the secure element with the data. The initial program of the secure element compares a signature that it has calculated over the whole of the code memory area after the actual loading of the data, with the signature received from the external device. The identity between these signatures ensures that the code memory area conforms to the image simulated by the external device, and is unimpaired.Type: ApplicationFiled: March 25, 2015Publication date: April 20, 2017Inventor: Sebastien NEROT
-
Publication number: 20160105411Abstract: An intermediary third-party receives, from a master device, a batch of pre-generated secure commands; plays it so as to send sequentially, to a slave device, the commands. The batch includes an initial command indicating the establishment of a channel secured with a session key dependent on a sequence counter, and second commands protected by a MAC code that is a function of the session key. An update of the sequence counter in non-volatile memory of the slave on each new establishment of a secure channel renders the pre-generated batch obsolete by virtue of a new session key. In order to allow the batch to be replayed, the invention provides for each update value of the counter to be temporarily stored in volatile memory, and for the current value to be overwritten in non-volatile memory on predefined events, including a test counter reaching a maximum number of replays.Type: ApplicationFiled: October 9, 2015Publication date: April 14, 2016Inventors: Jean-Philippe VALLIERES, Sebastien NEROT
-
Patent number: 8861733Abstract: The invention relates to a method for personalizing a secure processor in a NFC system to execute a secure application, comprising steps of obtaining by a server identification data of a user memorized in a secure storage medium, personalization data corresponding to the user identification data, and identification data of a NFC system of the user, comprising an encryption key of the secure processor, encrypting by the server personalization data using the encryption key, transmitting to the NFC system encrypted personalization data, receiving by the secure processor encrypted personalization data, deciphering personalization data, and memorizing in a secured way personalization data by the secure processor.Type: GrantFiled: December 7, 2007Date of Patent: October 14, 2014Assignee: Inside SecureInventors: Bruno Benteo, Benoit Feix, Sebastien Nerot
-
Publication number: 20110274271Abstract: A countermeasure method in an electronic component implementing an asymmetric private key encryption algorithm includes generating a protection parameter, calculating, using a primitive, an intermediate data from the protection parameter, dividing the binary representation of the private key into several binary blocks, transforming each binary block using the protection parameter and, for each transformed binary block, performing an intermediate calculation using the primitive, and calculating an output data by combining the intermediate data with the intermediate calculations.Type: ApplicationFiled: July 21, 2010Publication date: November 10, 2011Applicant: INSIDE CONTACTLESSInventors: Bruno BENTEO, Benoît FEIX, Sébastien NEROT
-
Publication number: 20110170685Abstract: A countermeasure method in an electronic component implementing an asymmetric private key encryption algorithm includes generating a first output data, using a primitive, and a protection parameter, transforming, using the protection parameter, at least one element of a set consisting of the private key and an intermediate parameter obtained from the first output data, to respectively supply first and second operands, and generating, from an operation involving the first and second operands, a second output data.Type: ApplicationFiled: July 21, 2010Publication date: July 14, 2011Applicant: INSIDE CONTACTLESSInventors: Bruno Benteo, Benoit Feix, Sébastien Nerot
-
Publication number: 20100287386Abstract: An integrated circuit includes a communication interface circuit, a cryptographic algorithm, a countermeasure configured to protect the cryptographic algorithm against side-channel attacks, and a mask generator configured to provide the countermeasure with mask values. The integrated circuit is configured to execute a specific command requiring the disclosure of mask values used by the countermeasures to protect the cryptographic algorithm during a cryptographic session, and, in response to such a command, to send the mask values through the communication interface circuit.Type: ApplicationFiled: May 7, 2010Publication date: November 11, 2010Applicant: INSIDE CONTACTLESSInventors: Benoît FEIX, Sébastien NEROT, Gary CHEW, Bernard VIAN
-
Publication number: 20100262840Abstract: A method of protecting a microcircuit against attacks aimed at discovering secret data used on the execution, by the microcircuit, of an encryption algorithm includes generating at least one protection parameter for the secret data and modifying the execution of the encryption algorithm through that protection parameter. Generation of the at least one protection parameter includes defining a function generating, by successively applying to at least one secret parameter which is stored in memory, a sequence of values which can only be determined from that secret parameter and that function, and to generate the protection parameter in a reproducible way from at least one value in that sequence.Type: ApplicationFiled: April 28, 2010Publication date: October 14, 2010Applicant: INSIDE CONTACTLESSInventors: Bruno BENTEO, Benoit FEIX, Sébastien NEROT
-
Publication number: 20090103732Abstract: The invention relates to a method for personalizing a secure processor in a NFC system to execute a secure application, comprising steps of obtaining by a server identification data of a user memorized in a secure storage medium, personalization data corresponding to the user identification data, and identification data of a NFC system of the user, comprising an encryption key of the secure processor, encrypting by the server personalization data using the encryption key, transmitting to the NFC system encrypted personalization data, receiving by the secure processor encrypted personalization data, deciphering personalization data, and memorizing in a secured way personalization data by the secure processor.Type: ApplicationFiled: December 7, 2007Publication date: April 23, 2009Applicant: INSIDE CONTACTLESSInventors: Bruno Benteo, Benoit Feix, Sebastien Nerot