Search International and National Patent Collections

1. (WO2018119852) METHOD FOR MUTUAL AUTHENTICATION BETWEEN DEVICE AND SECURE ELEMENT

Pub. No.:    WO/2018/119852    International Application No.:    PCT/CN2016/112969
Publication Date: Fri Jul 06 01:59:59 CEST 2018 International Filing Date: Fri Dec 30 00:59:59 CET 2016
IPC: H04L 29/06
Applicants: GEMALTO SMART CARDS TECHNOLOGY CO., LTD.
Inventors: ZHAO, Shunhua
QI, Yongsheng
LIU, Ren
Title: METHOD FOR MUTUAL AUTHENTICATION BETWEEN DEVICE AND SECURE ELEMENT
Abstract:
A method for mutual authentication between a device (10) and a secure element (11), the device being pre-personalized with secure's element public key, the secure element (11) being pre-provisioned by a private and a public key and a digest of the device (11), is provided. The method comprising: generating by the device (10) for each communication to be established between the device (10) and the secure element (11) an ephemeral private key and an ephemeral public key pair; computing by the device (10) a shared secret from its ephemeral private key and secure element's public key; deriving by the device (10) a session key from the shared secret; encrypting by the device (10) with the session key a digital digest from part of its code; sending from the device (10) to the secure element (11) a secureTransport command carrying the ephemeral public key, the encrypted digital digest and a nonce; on reception of the secureTransport command by the secure element (11), regenerating the shared secret with device's ephemeral public key and secure's element (11) private key, and deriving the session key from the shared secret; extracting by the secure element (11) the digest with the session key and verifying it with the digest pre-personalized in the secure element (11) in order to authenticate the device (10); signing by the secure element (11) with its private key the nonce; encrypting by the secure element (11) the signature with the session key, and sending them to the device (10) as a response; on reception of response by the device (10), decrypting them with the session key to extract signature of the nonce; verifying by the device (10) the signature of the nonce to authenticate the secure element (11).