Processing

Please wait...

Settings

Settings

Goto Application

1. WO2020115545 - METHODS AND DEVICES FOR REMOTE INTEGRITY VERIFICATION

Publication Number WO/2020/115545
Publication Date 11.06.2020
International Application No. PCT/IB2019/001279
International Filing Date 29.11.2019
IPC
H04L 9/08 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
08Key distribution
H04W 12/10 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
10Integrity
G06F 21/57 2013.01
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04W 12/12 2009.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
12Fraud detection
CPC
G06F 21/57
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 9/0631
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
06the encryption apparatus using shift registers or memories for block-wise ; or stream; coding, e.g. DES systems ; or RC4; Hash functions; Pseudorandom sequence generators
0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
H04L 9/0637
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
06the encryption apparatus using shift registers or memories for block-wise ; or stream; coding, e.g. DES systems ; or RC4; Hash functions; Pseudorandom sequence generators
0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
0637Modes of operation, e.g. cipher block chaining [CBC], electronic codebook [ECB] or Galois/counter mode [GCM]
H04L 9/0869
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
08Key distribution ; or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
0869involving random numbers or seeds
H04L 9/0891
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
08Key distribution ; or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
0891Revocation or update of secret information, e.g. encryption key update or rekeying
H04W 12/10
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
WWIRELESS COMMUNICATION NETWORKS
12Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity ; ; Protecting confidentiality; Key management; Integrity; Mobile application security; Using identity modules; Secure pairing of devices; Context aware security; Lawful interception
10Integrity
Applicants
  • NAGRAVISION S.A. [CH]/[CH]
Inventors
  • GREMAUD, Fabien
Agents
  • HAARTSEN, Peter
Priority Data
18209909.303.12.2018EP
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) METHODS AND DEVICES FOR REMOTE INTEGRITY VERIFICATION
(FR) PROCÉDÉS ET DISPOSITIFS DE VÉRIFICATION DE L'INTÉGRITÉ À DISTANCE
Abstract
(EN)
A computer-implemented method for use by a client device is provided. The client device comprises a memory and is configured to send data according to a cryptographic protocol that uses a key. The method comprises: generating a data unit and a seed related to the data unit; generating a measurement result of the client device related to the seed; generating an attestation key based on the measurement result and a key that is agreed in accordance with the cryptographic protocol; encrypting the data unit at least in part based on the attestation key; and generating an output comprising the encrypted data unit. Related methods for use by a server device and a network component, and related client device, server device and network component are also provided.
(FR)
La présente invention concerne un procédé mis en œuvre par ordinateur et destiné à être utilisé par un dispositif client. Le dispositif client comprend une mémoire et est configuré pour envoyer des données selon un protocole cryptographique qui utilise une clé. Le procédé consiste à : générer une unité de données et une graine associée à l'unité de données; générer un résultat de mesure du dispositif client associé à la graine; générer une clé d'attestation sur la base du résultat de mesure et d'une clé qui est convenue conformément au protocole cryptographique; chiffrer l'unité de données au moins en partie sur la base de la clé d'attestation; et générer une sortie comprenant l'unité de données chiffrées. L'invention concerne également des procédés associés destinés à être utilisés par un dispositif serveur et un composant de réseau, ainsi qu'un dispositif client, un dispositif serveur et un composant de réseau associés.
Also published as
Latest bibliographic data on file with the International Bureau