Portable electronic device for safe communication system, and method for initializing its parameters
First Claim
1. Portable electronic device for secure communication with at least one electronic unit for use of a plurality of functions, including:
- data storage means, interface means with at least one external tool for loading data into said storage means, data processing means including initialization means for enabling, in response to the application of a secret personalizing access code specific to said device, modification of said specific secret personalizing access code and loading of personalizing data into said storage means, first loading means controlled by said specific secret personalizing access code for loading into said storage means reprogrammable particular secret data respectively representative of different particular secret personalizing access codes, each said particular secret personalizing access code being assigned to personalizing in said device a particular one of said functions, second loading means controlled by said particular secret personalizing access codes for loading into said storage means particular personalizing data assigned to the implementation of said functions by said processing means, and inhibitor means for authorizing, for each said functions, only in response to the application of one said particular secret personalizing access codes already assigned to said function, (i) modification of one said reprogammable particular secret data loaded into said storage means and representative of said particular secret personalizing access code and (ii) said loading of said particular personalizing data.
4 Assignments
0 Petitions
Accused Products
Abstract
This device includes data storage unit, interface unit with an external tool for loading data into the storage unit, data processing unit including initialization unit for enabling modification of a specific secret personalizing access code and loading of personalizing data into the storage unit, first loading unit controlled by the specific access code for loading into the storage unit reprogrammable particular secret personalizing access codes assigned to personalizing in the device a plurality of functions, second loading unit controlled by the particular access codes for loading into the storage unit particular personalizing data assigned to the implementation of the functions, and inhibitor unit for authorizing, for each of the functions, only in response to the application of one particular access code already assigned to the function, (i) modification of the particular access code and (ii) the loading of the particular personalizing data.
-
Citations
21 Claims
-
1. Portable electronic device for secure communication with at least one electronic unit for use of a plurality of functions, including:
-
data storage means, interface means with at least one external tool for loading data into said storage means, data processing means including initialization means for enabling, in response to the application of a secret personalizing access code specific to said device, modification of said specific secret personalizing access code and loading of personalizing data into said storage means, first loading means controlled by said specific secret personalizing access code for loading into said storage means reprogrammable particular secret data respectively representative of different particular secret personalizing access codes, each said particular secret personalizing access code being assigned to personalizing in said device a particular one of said functions, second loading means controlled by said particular secret personalizing access codes for loading into said storage means particular personalizing data assigned to the implementation of said functions by said processing means, and inhibitor means for authorizing, for each said functions, only in response to the application of one said particular secret personalizing access codes already assigned to said function, (i) modification of one said reprogammable particular secret data loaded into said storage means and representative of said particular secret personalizing access code and (ii) said loading of said particular personalizing data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. Method of initializing a portable electronic device for secure communication with at least one electronic unit for use of a plurality of functions, said portable electronic device including:
-
data storage means, interface means with at least one external tool for loading data into said storage means, data processing means including initialization means for enabling, in response to the application of a secret personalizing access code specific to said device, modification of said specific secret personalizing access code and loading of personalizing data into said storage means, first loading means controlled by said specific secret personalizing access code for loading into said storage means reprogrammable particular secret data respectively representative of different particular secret personalizing access codes and each assigned to personalizing in said device a particular one of said functions, second loading means controlled by said particular secret personalizing access codes for loading into said storage means particular personalizing data assigned to the implementation of said functions by said processing means, and inhibitor means for authorizing, for each said functions, only in response to the application of one said particular secret personalizing access codes already assigned to said function, (i) modification of one said reprogammable particular secret data loaded into said storage means and representative of said particular secret personalizing access code and (ii) said loading of said particular personalizing data, wherein said method includes;
an initialization step of defining and storing in said storage means a reprogrammable specific personalizing secret key specific to said device, a first personalizing step of loading into said storage means, by means of said specific secret personalizing access code dependent on said reprogrammable specific personalizing secret key, common personalizing data which are common to said functions and reprogrammable particular secret keys for calculating said particular secret personalizing access secret codes each assigned to one of said functions, and a second personalizing step of loading said particular personalizing data relating to each said functions into said storage means by means of said particular secret personalizing access code assigned to personalizing said function. - View Dependent Claims (14, 15, 16, 17, 18)
at least one first initialization phase consisting in defining at least one common secret datum which is common to a set of devices intended for a same entity, at least one second initialization phase including the steps of, for each device of said set;
a) reading a specific identification datum carried by said device, b) calculating a first specific personalizing secret key as a function of said common secret datum and said specific identification datum, c) storing said specific identification datum and said first specific personalizing secret key in said storage means.
-
-
16. Method according to claim 15, wherein said first pesonalizing step includes the following steps, for each device of said set:
-
a) extracting said specific identification datum from said device, b) calculating in a first external tool said first specific personalizing secret key as a function of said common secret datum and said specific identification datum, c) calculating in said first external tool a first specific secret personalizing access code as a function of said first specific personalizing secret key and a challenge transmitted by said device, d) transmitting from said first external tool to said device said first specific secret personalizing access code with personalizing parameters including a second specific personalizing secret key different from said first specific personalizing secret key, e) calculating in said system a verification code as a function of said first specific personalizing secret key and said challenge for verifying said first specific secret personalizing access code received from said first external tool, f) comparing in said device said first specific secret personalizing access code and said verification code and, in response to a match of said codes;
g) storing said personalizing parameters in said storage means, and h) substituting said second specific personalizing secret key for said first specific personalizing secret key in said storage means.
-
-
17. Method according to claim 15, wherein said initialization step includes a third initialization phase consisting in initially storing a common base secret key in a permanent memory of said storage means and wherein steps a) and b) of said second initialization phase comprise:
-
applying said common secret datum and said common base secret key to a second external tool, reading said specific identification datum by means of said second external tool, calculating said specific personalizing secret key by means of said second external tool, encrypting said specific personalizing secret key by means of said common base secret key in said second external tool, transmitting the result of said encryption from said second external tool to said device, and decrypting said result in said device by means of said common base secret key to reconstitute said specific personalizing secret key.
-
-
18. Method according to claim 15, wherein said initialization step includes a third initialization phase consisting in initially storing a common base secret key in a permanent memory of said storage means, said first initialization phase equally consists in encrypting said common secret datum by means of said common base secret key and applying the result of said encryption to a second external tool, and said second initialization phase equally comprises:
-
a) reading said specific identification datum by means of said second external tool and transmitting said specific identification datum and the result of said encryption to said device, b) decrypting said result in said device by means of said common base secret key to restore said common secret datum and thereafter calculating said specific personalizing secret key.
-
-
19. Secure communication system comprising:
-
(a) a set of portable electronic devices for secure communication with at least one electronic unit for use of a plurality of functions, each said portable electronic device including;
data storage means, interface means with at least one external tool for loading data into said storage means, data processing means including initialization means for enabling, in response to the application of a secret personalizing access code specific to said device, modification of said specific secret personalizing access code and loading of personalizing data into said storage means, first loading means controlled by said specific secret personalizing access code for loading into said storage means reprogrammable particular secret data respectively representative of different particular secret personalizing access codes and each assigned to personalizing in said device a particular one of said functions, second loading means controlled by said particular secret personalizing access codes for loading into said storage means particular personalizing data assigned to the implementation of said functions by said processing means, and inhibitor means for authorizing, for each said functions, only in response to the application of one said particular secret personalizing access codes already assigned to said function, (i) modification of one said reprogammable particular secret data loaded into said storage means and representative of said particular secret personalizing access code and (ii) said loading of said particular personalizing data,and (b) at least one external tool for initializing personalizing parameters for loading into each of said devices;
common personalizing data which are common to said functions of said device, said particular personalizing data, and said reprogrammable particular secret data. - View Dependent Claims (20)
-
-
21. Secure communication system comprising:
-
(a) a set of portable electronic device for secure communication with at least one electronic unit for use of a plurality of functions, each said portable electronic device including;
data storage means, interface means with at least one external tool for loading data into said storage means, data processing means including initialization means for enabling, in response to the application of a secret personalizing access code specific to said device, modification of said specific secret personalizing access code and loading of personalizing data into said storage means, first loading means controlled by said specific secret personalizing access code for loading into said storage means reprogrammable particular secret data respectively representative of different particular secret personalizing access codes and each assigned to personalizing in said device a particular one of said functions, second loading means controlled by said particular secret personalizing access codes for loading into said storage means particular personalizing data assigned to the implementation of said functions by said processing means, said personalizing data including at least one plurality of authentication secret keys which are different from each other and each of which is assigned to one of said functions, and inhibitor means for authorizing, for each said functions, only in response to the application of one said particular secret personalizing access codes already assigned to said function, (i) modification of one said reprogammable particular secret data loaded into said storage means and representative of said particular secret personalizing access code and (ii) said loading of said particular personalizing data, and (b) at least one verification unit, wherein said processing means include calculating means for calculating an authentication code vis-á
-vis said verification unit as a function of one of said authentication secret keys.
-
Specification