• 专利附录
  • 专利说明
  • 权利要求
  • 类似技术
  • 同族专利
  • 引用文献
  • 法律状态
  • 优先权
    • 专利摘要:
    An electronic entity (2) comprises a communication interface (4), a processor (5), a secure element (6) and a subsystem (8). The processor (5) is connected to the communication interface (4) by means of a first bus (A), to the secure element (6) by means of a second bus (B) and to the subsystem (8). The processor (5) is adapted to operate in a first mode, in which it reproduces on the second bus (B) signals received from the communication interface (4) on the first bus (A). A method implemented in such an electronic entity is also proposed.
    公开号:FR3038423A1
    申请号:FR1556170
    申请日:2015-06-30
    公开日:2017-01-06
    发明作者:Nicolas Bousquet;Florian Vallee
    申请人:Oberthur Technologies SA;
    IPC主号:
    专利说明:

    Technical field to which the invention relates
    The present invention relates to electronic entities intended to interact with a reader, such as microcircuit cards.
    It relates more particularly to an electronic entity and a method implemented in such an electronic entity. The invention applies particularly advantageously in the case where a subsystem, such as a biometric sensor (or other user interface, for example a screen, possibly a touch screen, or a loudspeaker), must be integrated into an entity. using an existing secure element.
    Technological background
    Electronic entities, such as microcircuit cards, are known in which a secure element is directly accessible to an external reader via a communication interface, for example in accordance with the IS07816 standard.
    In the context of the design of such electronic entities, it is advantageous to be able to take back a secure element used in a previous application, in particular to avoid the costs of development and certification of a new type of secure element.
    It is also more and more desirable to make the secure element of such an electronic entity interact with another subsystem equipping the electronic entity, such as a biometric sensor.
    These two objectives are unfortunately often incompatible because the existing secure elements use conventional interaction means (for example in accordance with the IS07816 standard), which are rarely adapted to an exchange with the aforementioned subsystem (the available biometric sensors may use example of SRI or I2C serial interfaces).
    Document FR 2 938 094 discloses an electronic entity comprising a communication interface (in this case USB type), a secure element, a subsystem (comprising a memory or a biometric sensor) and a processor (in particular the occurrence of a microcontroller) connected to the communication interface by means of a first bus, to the secure element by means of a second bus and to the subsystem.
    In this document, the processor manages the communication between the USB type communication interface and the secure element. This document does not therefore concern the case where an external reader must be able to access the secure element directly via the communication interface.
    Object of the invention
    In this context, the present invention provides an electronic entity comprising a communication interface, a processor, a secure element and a subsystem, the processor being connected to the communication interface by means of a first bus, to the secure element by means of a second bus and to the subsystem (for example by means of a third bus), characterized in that the processor is adapted to operate in a first mode, in which it reproduces on the second bus signals received from the communication interface on the first bus.
    When it is received in a reader connected to the communication interface, such an electronic entity thus makes it possible to simulate a direct exchange between the reader and the secure element (when the processor is in its first mode of operation); the secure element can furthermore exchange with the subsystem via the processor, even if the subsystem and the secure element do not have a common interface.
    According to other optional features, and therefore not limiting: the processor is designed to operate alternatively in the first mode and in a second mode, in which it generates on the second bus signals determined according to information received from the subsystem. system (via the third bus) or transmits information to the subsystem below; the processor is designed to reproduce on the first bus, in the first mode, signals received from the secure element on the second bus; the processor is adapted to transmit in anticipation on the first bus, in response to said signals received from the communication interface, expected signals coming from the secure element on the second bus; the processor is designed to send, in the second mode, data intended for the subsystem; the processor is designed to transmit, in the second mode, waiting signals on the first bus destined for the communication interface; the processor is designed to switch from the first mode to the second mode on receiving specific data on the second bus coming from the secure element; the processor is designed to analyze the data transmitted on the first bus; the processor is adapted to switch from the first mode to the second mode when specific data is transmitted on the first bus and analyzed by the processor; the processor is designed to switch from the second mode to the first mode when the data processing obtained using the subsystem is completed within the secure element; the subsystem is a man-machine interface; the subsystem is a communication module (for example of the Bluetooth or Wi-Fi type); the subsystem is a biometric sensor (alternatively, the subsystem could be a screen, for example a touch screen, a loudspeaker or any user interface); said information is biometric data; the processor is connected to the subsystem by a serial link, for example of the SRI or I2C type; the communication interface has a plurality of contacts; the communication interface complies with the IS07816 standard; the first bus and the second bus each carry an input-output signal conforming to the IS07816 standard. The invention also proposes a method implemented in an electronic entity comprising a communication interface, a processor, a secure element and a subsystem, the processor being connected to the communication interface by means of a first bus, to the secure element by means of a second bus and to the subsystem (for example by means of a third bus), characterized in that it comprises the following steps: - detection by the processor of first signals received from the communication interface on the first bus; - Reproduction of said first signals on the second bus.
    As indicated above, these steps correspond for example to a first mode of operation.
    In addition, the following steps can be provided, for example for a second mode of operation: reception of information from the subsystem (via the third bus); generating on the second bus signals determined according to the information received.
    The optional features presented above in the context of the electronic entity may apply analogously to such a method.
    In particular, the method may comprise at least one of the following steps: reproduction, by the processor (in the first mode) and on the first bus, of signals received from the secure element on the second bus; transmitting by the processor in advance on the first bus, in response to said signals received from the communication interface, signals expected from the secure element on the second bus; - sending, by the processor (in the second mode), data to the subsystem; - sending, by the processor (in the second mode), waiting signals on the first bus to the communication interface; - switching, by the processor, the first mode to the second mode receiving specific data on the second bus from the secure element; - analysis by the processor of the data transmitted on the first bus; - switching, by the processor, the first mode to the second mode when specific data is transmitted on the first bus and analyzed by the processor; - Switching, by the processor, the second mode to the first mode when the data processing obtained by using the subsystem is completed within the secure element.
    Detailed description of an example of realization
    The following description with reference to the accompanying drawings, given as non-limiting examples, will make it clear what the invention consists of and how it can be achieved.
    In the accompanying drawings: FIG. 1 is a view from above of an example of an electronic entity according to the invention; FIG. 2 diagrammatically represents the main elements of the electronic entity of FIG. 1, in connection with a reader; FIG. 3 represents an example of a possible connection for some of the elements of FIG. 2; FIG. 4 is a logic diagram illustrating a first part of an exemplary method implemented in the electronic entity of FIG. 1; FIG. 5 is a logic diagram illustrating the second part of this method; and FIG. 6 is a logic diagram illustrating an alternative embodiment of this second process part.
    FIG. 1 shows an electronic entity according to the invention, here a microcircuit card 2.
    The microcircuit card 2 comprises a communication interface 4 formed of a plurality of contacts flush with the upper face of the microcircuit card 2.
    In the embodiment described, the microcircuit card 2 further comprises a biometric sensor 8 (here a fingerprint sensor), a portion of which is also flush with the upper surface of the microcircuit card 2.
    Alternatively, another subsystem could be used instead (or possibly in addition) of the biometric sensor 8, for example a screen, speaker or other user interface.
    FIG. 2 represents the main elements of the electronic entity 2 in a situation where the electronic entity 2 is connected, via its communication interface 4, to a reader 10 (which occurs in practice when the electronic entity 2 is inserted in the reader 10).
    In addition to the communication interface (with contacts) 4 and the biometric sensor 8 already mentioned, the microcircuit card 2 comprises a microcontroller 5 and a secure element 6.
    The microcontroller 5 comprises a processor (here a microprocessor), a random access memory and a nonvolatile memory (or NVM for "Non Volatile Memory"), which is generally rewritable (for example of the EEPROM type for "Electrically Erasable and Programmable Read-Only Memory" "or Flash type).
    A memory of the microcontroller 5 (here the non-volatile rewritable memory) stores computer program instructions executable by the processor of the microcontroller 5. Some of these instructions cause, when they are executed by the processor of the microcontroller 5, the setting implemented by the microcontroller 5 of the methods described below with reference to FIGS. 4 to 6. The secure element 6 is in the form of a microcircuit (or integrated circuit) and also comprises a processor (for example a microprocessor ) and memories, such as a random access memory and a rewritable non-volatile memory. A memory of the secure element 6 (here the rewritable non-volatile memory) stores computer program instructions executable by the processor of the secure element 6. Some of these instructions cause, when they are executed by the processor the secure element 6, the implementation by the secure element 6 of the methods described below with reference to Figures 4 to 6. The secure element 6 is also designed, because of its physical construction and the computer programs that it memorizes, so as to make it very difficult, if not impossible, for an attacker access (by reading and / or modification) to the confidential data that it memorizes. Thus, the secure element 6 has for example an assurance level EAL greater than 4 in the sense of the Common Criteria (ISO15408 standard), for example a level EAL4 + (VAN5) or higher, and / or a level greater than 3 according to the FIPS 140-2 (for "Federal Information Processing Standard") The secure element 6 is connected to an antenna 7 by means of which the secure element 6 can exchange data with other electronic entities via a wireless link proximity, such as a link complying with the IS01443 standard or using a Near Field Communication (NFC) type technology (commonly known as NFC).
    The microcontroller 5 is connected on the one hand to the communication interface 4 by means of a first bus A and to the secure element 6 by means of a second bus B, here identical to the first bus A. It is provided by retaliation here that the secure element 6 is not directly connected to the communication interface 4.
    In the example described, the first bus A and the second bus B are each designed to carry data exchanges in accordance with the IS07816 standard.
    When the microcircuit card 2 is inserted in the reader 10 and the microcontroller 5 is thus connected to the reader 10 via the communication interface (contacts) 4, a connection according to the IS07816 standard can thus be established (notably via the first bus A) between the reader 10 and the microcontroller 5.
    Similarly, a connection according to the IS07816 standard can be established between the microcontroller 5 and the secure element 6 via the second bus B.
    The microcontroller 5 and the biometric sensor 8 are connected by a connection C, here different from that permitted by the first bus A or the second bus B, such as a serial link, for example of the SRI type (for "Serial Peripheral Interface ") or I2C (for" Inter Integrated Circuit ").
    As explained in detail below, the microcontroller 5 has two modes of operation: in a first mode of operation, the microcontroller 5 reproduces on the second bus B signals received from the communication interface 4 on the first bus A , and reproduces on the first bus A signals received from the secure element 6 on the second bus B; in a second mode, the microcontroller 5 generates on the second bus B signals determined according to received information (via the link C) of the biometric sensor 8 and transmits, to the biometric sensor 8 (via the link C), data (eg instructions) determined according to signals received on the second bus B.
    Thus, in the first mode of operation, the microcontroller 5 emulates the reader 10 for the secure element 6 and the secure element 6 for the reader 10: the reader 10 and the secure element 6 exchange signals (for example according to IS07816) as if they were directly connected via the communication interface 4.
    In the second mode of operation, the microcontroller 5 acts as an intermediary and allows a data exchange between the biometric sensor 8 and the secure element 6 although they do not use the same communication protocol.
    It can further be provided that during the second mode of operation, the microcontroller 5 generates signals on the first bus A, to the reader 10 (for example waiting signals) so as to maintain the link established with the reader (here according to IS07816), as explained later.
    FIG. 3 represents an exemplary connection that can be envisaged for the communication interface 4, the microcontroller 5 and the secure element 6.
    As already indicated, the communication interface 4 is designed to carry signals conforming to the IS07816 standard and therefore comprises a contact VCC dedicated to a supply signal, a contact CLK dedicated to a clock signal, a contact RST dedicated to a reset signal and an I / O contact dedicated to a data signal (input-output type, that is to say bidirectional).
    In the example described here, the VCC contact is connected to a power supply pin V5 of the microcontroller 5 and to a supply pin V6 of the secure element 6. Similarly, the contact CLK is connected to a pin of FIG. clock T5 of the microcontroller 5 and a clock pin T6 of the secure element 6. The use of a common clock (represented by the signal carried by the CLK contact) for the microcontroller 5 and the secure element 6 facilitates the synchronization of these two elements during the processes described below.
    The RST contact of the communication interface 4 is connected to a first reset pin R5 of the microcontroller 5, while the I / O contact of the communication interface 4 is connected to a first data pin D5 of the microcontroller 5, which corresponds to the first bus A mentioned above.
    A second reset pin R 'of the microcontroller 5 is moreover connected to a reset pin R6 of the secure element 6 and a second data pin D' of the microcontroller 5 is connected to a data pin D6 of the secure element 6, which corresponds to the second bus B mentioned above.
    Note that the secure element 6 is designed to operate in the context of the IS07816 standard (and may have been developed for a previous application in this context) and that the reset pin R6 and the data pin D6 of the secure element 6 are therefore intended in this context to respectively receive a reset signal such as that present on the contact RST of the communication interface 4 and a data signal such as that present on the contact I / O of the communication interface 4.
    FIG. 4 is a logic diagram illustrating a first part of an exemplary method implemented in the electronic entity 2.
    This process starts when the microcircuit card 2 is inserted in the reader 10 and a supply voltage (supplied by the reader 10 and carried by the contact VCC of the communication interface 4) is thus present on the pins supply V5, V6 of the microcontroller 5 and the secure element 6. On power up, the microcontroller 5 is initialized in its first operating mode (step E2) and is placed waiting for a signal from the reader 10.
    The reader 10 emits in step E4 a reset signal (high level on the RST contact) which is transmitted to the microcontroller via the first bus A (precisely via the contact RST and the first reset pin R5).
    The microcontroller 5 thus receives the reset signal in step E6 and generates a signal of the same type on the second bus B, destined for the secure element 6, here by leveling up the signal present on the second pin of reset R '(step E8).
    This reset signal is received by the secure element 6 in step E10 (by passing up the reset pin R6). The secure element 6, which is designed as already indicated to operate in accordance with IS07816, prepares a response in the form of an ATR message ("Answer To Resef") and transmits this message at step E12 on the second bus B, precisely on the data pin D 6. The message ATR contains data relating to the secure element 6 (type of secure element, state of the secure element) and communication parameters proposed by the secure element 6.
    The microcontroller 5 receives in step E14 the ATR message via the second bus B (precisely on the second data pin D ') and transmits it on the first bus A, that is to say to the reader 10 and via the communication interface 4, in step E16, reproducing on the first data pin D5 the signals detected on the second data pin D '.
    According to one conceivable variant, in order to respect certain time constraints imposed by the IS07861 standard, the microcontroller 5 anticipates the transmission of certain data forming the ATR message on the first bus A (to the reader 10), for example the first byte of the ATR message. (of constant value equal to 3B in hexadecimal). The data sent in advance are emitted for example between steps E6 and E8 described above, or during or immediately after step E8. In such a case, only the data which has not been issued in advance are reproduced on the first bus A (here the data forming the ATR other than the first byte of hexadecimal value 3B).
    The microcontroller may optionally analyze the data transmitted within the ATR message, in particular to check the state of the secure element 6 and become acquainted with the proposed communication parameters.
    The reader 10 thus receives in step E18 the ATR message and can process the data contained in this message.
    Note that the reader 10 and the secure element 6 function as if they were directly connected to each other, as provided in the IS07816 standard. In the first mode of operation, the microcontroller 5 thus acts as a tunnel through which pass the information exchanged between the reader 10 and the secure element 6.
    When the connection parameters received within the ATR message indicate that the secure element 6 imposes a specific communication protocol (that is to say in the presence of TA2 type data in the context of the IS07816 standard), the method proceeds directly to step E36 (as indicated by a dotted arrow in FIG. 4).
    If, on the contrary, the communication protocol is not imposed (that is, in the absence of TA2 type data in the context of the IS07816 standard), the process continues as indicated at present for negotiation of the protocol communication between the reader 10 and the secure element 6.
    The reader emits at step E20 a request of the PRS type (for "Protocol and Parameters Selection") on the communication interface 4 (precisely on the I / O contact). The PRS request is accompanied by parameters envisaged for the communication (for example, in the context of the IS07816 standard, data representing an integer Fi and data representing an integer Di, the ratio Fi / Di indicating the number of clock periods corresponding to a unit of elementary time - or ETU for "Elementary Time Unit", which corresponds to the duration assigned to the transmission or reception of a data bit). These parameters are for example determined by the reader 10 as a function of the data appended to the ATR message received in step E18,
    The PRS request accompanied by the communication parameters is received by the microcontroller 5 via the first bus A (precisely on the first data pin D5) in the step E22, which enables the microcontroller 5 to become acquainted with the communication parameters and storing data relating to the type of communication envisaged (these stored data being for example identical to the data accompanying the PRS request).
    The microcontroller 5 then transmits the request PRS to the secure element 6 (step E24) by reproducing on the second bus B (here on the second data pin D ') the signals received in step E22 on the first bus A. The secure element 6 thus receives, via the second bus B, the PRS request and the parameters envisaged for the communication (step E26) and processes these elements, for example by memorizing the received parameters and accepting them.
    As provided by the ISO 7816 standard, in the event of acceptance of the communication parameters by the secure element 6, the latter sends (here in step E28) a PRS response accompanied by parameters identical to those received in step E26 .
    The microcontroller 5 thus receives this PRS response via the second bus B in step E30.
    The microcontroller 5 can thus verify that the communication parameters appended to the response PRS are identical to those received (and stored) in step E22, which confirms that the secure element 6 has agreed to set up a communication with these settings. The microcontroller 5 can then possibly adapt its own configuration to the specified communication parameters in order to correctly process the subsequent exchanges, as indicated below in step E35.
    The microcontroller 5 also transmits the PRS response to the reader 10 via the first bus A (step E32), reproducing on the first bus A (here on the first data pin D5) the signals received in step E30 on the second bus B (here on the second data pin D ').
    The reader 10 receives in step E34 the PRS response accompanied by the communication parameters, identical to those emitted in step E20 in the example described, as if the secure element 6 had responded directly via the communication interface 4 .
    In this case, the communication parameters are adopted for the rest of the exchanges. To do this, the reader 10, the microcontroller 5 and the secure element 6 (as well as possibly the subsystem 8, for example under the control of the microcontroller 5) each update their communication parameters in step E35. (according to the negotiated parameters as indicated above).
    The reader 10 then continues its operation by emitting at step E36 an ARDU ("Application Protocol Data Unit") type command on the communication interface 4 (precisely here on the I / O contact).
    The microcontroller 5 detects in step E38 the signals corresponding to this ARDU command on the first bus A. To do this, as indicated above, the microcontroller 5 takes into account, if necessary, the communication parameters received with the response. PRS at step E30. The microcontroller 5 can also analyze the detected signals, for example in order to be able to determine in advance when the signals representing the ARDU command end.
    The microcontroller 5 then transmits (step E40) the ARDU command to the secure element 6 via the second bus B by reproducing on this second bus B the signals detected on the first bus A during the step E38. After this step E40, the microcontroller 5 analyzes the signals of the second bus B waiting for the step E46 described below. The secure element 6 receives this ARDU command via the second bus B in step E42 and performs the processing required by this command.
    After processing, the secure element 6 transmits in step E44 a response message RS P on the second bus B, which includes a status of the response (in the context of the IS07816 standard, two bytes equaling 9000 in hexadecimal when the processing was successful) and possibly response data.
    The response message RSP is detected by the microcontroller 5 in the step E46 and transmitted by the microcontroller 5 to the reader 10 via the first bus A (step E48) by reproduction, on the first bus A (here on the first data pin D5), signals detected in step E46 on the second bus B (precisely here on the second data pin D ').
    The response message RSP is thus received by the reader 10 in step E50.
    Note that the process just described in steps E36 to E50 can be repeated for any ARDU type command issued by the reader 10 and whose processing can be performed by the secure element 6 alone.
    An example of a process implemented when the processing requested by an ARDU type command requires the use of another subsystem, here the biometric sensor 8, is described with reference to FIG.
    FIG. 5 is indeed a logic diagram showing the continuation of the method which has just been described with reference to FIG. 4.
    The reader 10 sends in step E52 an ARDU type command (denoted ARDU 'in FIG. 5) to the electronic entity 2, that is to say on the communication interface 4. This command ARDU' is for example accompanied by a message to sign.
    The signals representing this ARDU 'command are detected on the first bus A (precisely on the first data pin D5) by the microcontroller 5 during the step E54 and reproduced on the second bus B (precisely on the second data pin D ') in step E56, in a manner analogous to that described above in steps E36 and E38. The secure element 6 thus receives the command ARDU 'via the second bus B in step E58 and thus initiates the processing required by this command.
    It is considered here that the ARDU 'command requires for its processing the use of a subsystem of the electronic entity 2 connected to the microcontroller 5, this subsystem here being the biometric sensor 8. The secure element 6 thus determines upon receipt of the command ARDU '(step E58) that the processing of this command requires biometric data taken by the biometric sensor 8 and for this purpose sends to step E60, on the second bus B (here on the data pin D6), specific data PROP (or pattern), indicative of a request for data from the subsystem (here biometric data).
    The specific data PROP are received in step E62 by the microcontroller 5, which determines, by analysis of these data, that the use of the subsystem (biometric sensor 8) is required.
    The microcontroller 5 then switches (step E64) in its second mode of operation.
    In this second mode of operation, the microcontroller 5 regularly (for example periodically) transmits waiting messages WT on the first bus A to the reader 10, as diagrammatically represented in step E66 in FIG. WT wait is for example the NULL byte (value 60 in hexadecimal) of a procedure message for the reader 10 in the context of the protocol T = 0 provided by the standard IS078176, or a block of request for extension of time response (or "WTX requesf) under the T = 1 protocol.
    The reader 10 receives these waiting messages WT (as shown schematically in the step E68), which makes it possible to maintain effective communication between the reader 10 and the electronic entity (microcircuit card) 2 while the following processes are carried out.
    Indeed, during the second mode of operation, the microcontroller 5 uses the subsystem (here the biometric sensor 8) via the link C (step E70), for example by sending on the link C a request for the subsystem , here a request ACQ acquisition of biometric data.
    The subsystem (here the biometric sensor 8) receives this request in step E72 and performs the processing indicated by this request, here an acquisition of biometric data.
    The data generated by this processing (here an IMG image taken by the biometric sensor 8, in this case an image of a fingerprint) are transmitted via the link C in step E74, to the microcontroller 5.
    The microcontroller 5 receives via the link C the data generated by the subsystem (here the IMG image generated by the biometric sensor 8) in step E76 and proceeds to a possible processing of these data (step E78), such that an extraction of biometric characteristics BIO (or "template"), here characteristics representative of the fingerprint represented in the IMG image, for example a set of minutiae.
    The microcontroller 5 then optionally reformats the data obtained by using the subsystem (raw data generated by the subsystem and / or data resulting from the processing of step E78, here the extracted biometric characteristics B10) so as to they can be transmitted in step E80 on the second bus B, for example within ARDU commands or in accordance with another standard or proprietary protocol. The aforementioned formatting of data includes, for example, encapsulation of data within a data block having a predetermined format (and representing for example a command). Alternatively, no formatting is performed and the raw data (generated by the subsystem) is (directly) transmitted on the second bus B in step E80.
    The microcontroller 5 can then switch to the first operating mode (step E82) and is waiting for signals on the second bus B. The microcontroller 5 can thus end the occasional periodic transmission of waiting messages WT . Note that the switchover of the microcontroller 5 in the first operating mode may possibly be performed only when the processing (described below) of data obtained using the subsystem is completed within the secure element 6. The secure element 6 receives in step E84 the data obtained by the use of the subsystem, here the biometric characteristics BIO, via the second bus B. Note that the secure element 6 was waiting for these data since its transmission of PROP specific data in step E60. The secure element 6 can thus perform in step E86 the processing corresponding to the command APDU '(received in step E58) using the data obtained by the use of the subsystem (here the biometric characteristics BIO). This processing comprises for example the comparison of the data received in step E84 to corresponding data stored in the secure element 6 and, in the event of a successful comparison, the signature of the message to be signed (appended to the APDU command 'as indicated above) by means of a secret key (or private key) stored in the secure element 6, that is to say the application to the message to be signed with a cryptographic signature algorithm using the secret key.
    As a variant, the processing could be, for example, the unlocking of a functionality of the secure element 6, this functionality possibly being a specific command executable by the secure element 6 or an applet stored in the secure element 6. The element Secure 6 transmits a response message RSP '(containing the signed message if successful comparison above) on the second bus B (step E88). It is furthermore possible to provide that the response message RSP 'contains an error code in the event of failure of the abovementioned comparison (or other operating anomaly).
    The microcontroller 5 detects the signals representing this response message RSP 'on the second bus B in step E90 and reproduces these signals on the first bus A (step E92).
    The reader 10 thus receives the response message RSP 'at the step E94 (via the communication interface 4) as if it had been sent directly by the secure element 6 on the communication interface 4.
    FIG. 6 is a logic diagram illustrating an alternative embodiment of the method which has just been described with reference to FIG.
    Such an alternative method therefore follows, for example, a method such as that described with reference to FIG. 4 (up to step E50).
    The reader 10 issues an APDU type command on the communication interface 4 in step E100. This command includes a tag TAG indicating that biometric data is required by the secure element 6 to process the command. This tag TAG can be either the command itself (for example when it is possible to deduce from the type of command that biometric data is required, as is the case for example for a biometric verification command), or additional specific data attached to the order.
    The microcontroller 5 receives the command including the tag TAG via the first bus A in step E102 and analyzes the received data.
    The microcontroller 5 memorizes for example a list of APDU type commands for which it is expected that the microcircuit card 2 imposes the presence of its carrier (verified using the fingerprint sensor 8): the microcontroller 5 can thus compare the type of command received with the stored command types. In this case, as already indicated, the tag TAG detected by the microcontroller 5 corresponds to the type of command.
    In a variant, the microcontroller 5 searches the received data for the additional specific data mentioned above.
    Due to the detection (during the analysis of the data by the microcontroller 5) of the tag TAG, the microcontroller 5 switches to step E104 in its second mode of operation.
    Although this is not shown in FIG. 6, the microcontroller 5 may possibly issue periodic waiting messages on the first bus A, destined for the reader 10, during the entire duration of the second operating mode.
    The microcontroller 5 emits at step E106 a REQ request for acquiring biometric data for the biometric sensor 8 via the link C.
    The biometric sensor 8 receives this request REQ in step E108 and starts in step E100 an acquisition of the biometric data (for example an image of a fingerprint of the wearer) and a possible treatment.
    The biometric data obtained RES in step E110 are sent in response to the destination of the microcontroller 5 in step E112.
    The microcontroller 5 receives the biometric data RES in step E114.
    The microcontroller 5 may then proceed to a complementary processing of the received biometric data (for example, as in the context of FIG. 5, to an extraction of the biometric characteristics).
    The microcontroller 5 then proceeds to step E116 in formatting the biometric data (if necessary processed), here in the format of the IS07816 standard.
    Microcontroller 5 also switches to step E118 in the first mode of operation.
    The microcontroller 5 then emits on the second bus B the command received in step E102 (step E120), reproducing on the second data pin D 'the signals detected in step 102 on the first data pin D5.
    The microcontroller 5 also transmits on the second bus B, during this step E120, the formatted biometric data (for example according to a format defined by a standard, such as the ISO 19794 standard, or a proprietary format, the format corresponding generally to a format adapted to the comparison step described below). The secure element 6 receives the command and the biometric data in step E122 and processes the command in step E124.
    This treatment comprises, for example, the comparison of the biometric data received with biometric data stored in the secure element 6, as well as possibly, in the case of a positive comparison, the signature of a message (which can be appended to the command received). by means of a cryptographic algorithm using a secret key stored in the secure element 6. The secure element 6 sends an RS P response message (which possibly includes response data, such as the above-mentioned signed message) on the second bus B (i.e., by sending signals representing this RSP response message on data pin D6),
    In particular, because it is in its first mode of operation, the microcontroller 5 detects these signals on its second data pin D 'in step E128 and reproduces these signals on its first data pin (ie say on the first bus A) in step E130.
    The reader 10 thus receives (via the communication interface 4) the response message RSP in step E132.
    权利要求:
    Claims (34)
    [1" id="c-fr-0001]
    An electronic entity (2) comprising a communication interface (4), a processor (5), a secure element (6) and a subsystem (8), the processor (5) being connected to the communication interface (4) by means of a first bus (A), to the secure element (6) by means of a second bus (B) and to the subsystem (8), characterized in that the processor (5) is designed to operate in a first mode, in which it reproduces on the second bus (B) signals received from the communication interface (4) on the first bus (A).
    [2" id="c-fr-0002]
    An electronic entity according to claim 1, wherein the processor (5) is adapted to operate alternately in the first mode and in a second mode, wherein it generates on the second bus (B) signals determined according to information. received from the subsystem (8).
    [3" id="c-fr-0003]
    An electronic entity according to claim 1 or 2, wherein the processor (5) is adapted to reproduce on the first bus (A), in the first mode, signals received from the secure element (6) on the second bus. (B).
    [4" id="c-fr-0004]
    An electronic entity according to claim 3, wherein the processor (5) is arranged to transmit in anticipation on the first bus (A), in response to said signals received from the communication interface (4), signals expected from from the secure element (6) on the second bus (B).
    [5" id="c-fr-0005]
    5. Electronic entity according to one of claims 2 to 4, claim 3 being taken in dependence of claim 2, wherein the processor (5) is designed to transmit, in the second mode, data to the sub -System (8).
    [6" id="c-fr-0006]
    6. Electronic entity according to one of claims 2 to 5, claim 3 being taken in accordance with claim 2, wherein the processor (5) is designed to transmit, in the second mode, waiting signals on the first bus (A) to the communication interface (4).
    [7" id="c-fr-0007]
    7. Electronic entity according to one of claims 2 to 6 taken in dependence of claim 2, wherein the processor (5) is adapted to switch from the first mode to the second mode to receive specific data on the second bus (B ) from the secure element (6).
    [8" id="c-fr-0008]
    8. Electronic entity according to one of claims 2 to 6 taken in dependence of claim 2, wherein the processor (5) is adapted to analyze the data transmitted on the first bus (A) and to switch from the first mode to second mode when specific data is transmitted on the first bus (A) and analyzed by the processor (5).
    [9" id="c-fr-0009]
    9. The electronic entity according to one of claims 2 to 8 taken in dependence of claim 2, wherein the processor (5) is adapted to switch from the second mode to the first mode when the data processing obtained by using the sub- system (8) is completed within the secure element (6).
    [10" id="c-fr-0010]
    10. Electronic entity according to one of claims 1 to 9, wherein the subsystem (8) is a human machine interface or a communication module.
    [11" id="c-fr-0011]
    11. Electronic entity according to one of claims 1 to 10, wherein the subsystem is a biometric sensor (8).
    [12" id="c-fr-0012]
    12. Electronic entity according to one of claims 2 to 11 taken in accordance with claim 2, wherein said information is biometric data.
    [13" id="c-fr-0013]
    13. Electronic entity according to one of claims 1 to 12, wherein the processor (5) is connected to the subsystem (8) by a serial link (C).
    [14" id="c-fr-0014]
    14. Electronic entity according to claim 13, wherein the serial link (C) is of SRI or I2C type.
    [15" id="c-fr-0015]
    15. Electronic entity according to one of claims 1 to 14, wherein the communication interface (4) has a plurality of contacts.
    [16" id="c-fr-0016]
    16. Electronic entity according to one of claims 1 to 15, wherein the communication interface (4) is in accordance with the IS07816 standard.
    [17" id="c-fr-0017]
    17. Electronic entity according to one of claims 1 to 16, wherein the first bus (A) and the second bus (B) each carry an input-output signal according to the IS07816 standard.
    [18" id="c-fr-0018]
    18. Method implemented in an electronic entity (2) comprising a communication interface (4), a processor (5), a secure element (6) and a subsystem (8), the processor being connected to the communication interface (4) by means of a first bus (A), to the secure element (6) by means of a second bus (B) and to the subsystem (8), characterized in that comprises the following steps: - detection (E6; E22; E38; E54; E102) by the processor (5) of first signals received from the communication interface (4) on the first bus (A); - reproducing (E8; E24; E40; E56; E120) said first signals on the second bus (B).
    [19" id="c-fr-0019]
    The method of claim 18, comprising the steps of: receiving (E76; E114) information from the subsystem (8); - generating (E80; E120) on the second bus (B) signals determined according to the received information.
    [20" id="c-fr-0020]
    20. The method of claim 18 or 19, comprising a step of reproducing, by the processor (5) and on the first bus (A), signals received from the secure element (6) on the second bus (B).
    [21" id="c-fr-0021]
    21. The method according to claim 20, comprising a step of sending by the processor (5) in advance on the first bus (A), in response to said signals received from the communication interface (4), signals expected in from the secure element (6) on the second bus (B).
    [22" id="c-fr-0022]
    22. Method according to one of claims 18 to 21, comprising a step of sending, by the processor (5), data to the subsystem (8).
    [23" id="c-fr-0023]
    23. Method according to one of claims 18 to 22, comprising a step of sending, by the processor (5), waiting signals on the first bus (A) to the communication interface (4). .
    [24" id="c-fr-0024]
    24. Method according to one of claims 18 to 23, comprising a step of switching, by the processor (5), a first mode to a second mode receiving specific data on the second bus (B) from the secure element (6).
    [25" id="c-fr-0025]
    25. The method as claimed in one of claims 18 to 23, comprising a step of analysis, by the processor (5), of data transmitted on the first bus (A) and of switching, by the processor (5), of a first mode to a second mode when specific data is transmitted on the first bus (A) and analyzed by the processor (5).
    [26" id="c-fr-0026]
    26. The method of claim 24 or 25, comprising a step of switching, by the processor (5), the second mode to the first mode when the data processing obtained using the subsystem (8) is completed within the first mode. secure element (6).
    [27" id="c-fr-0027]
    27. Method according to one of claims 18 to 26, wherein the subsystem (8) is a human machine interface or a communication module.
    [28" id="c-fr-0028]
    28. Method according to one of claims 18 to 27, wherein the subsystem is a biometric sensor (8).
    [29" id="c-fr-0029]
    29. The method according to one of claims 19 to 28 taken in dependence on claim 19, wherein said information is biometric data.
    [30" id="c-fr-0030]
    30. Method according to one of claims 18 to 29, wherein the processor (5) is connected to the subsystem (8) by a serial link (C).
    [31" id="c-fr-0031]
    31. The method of claim 30, wherein the serial link (C) is of the SPI or I2C type.
    [32" id="c-fr-0032]
    32. Method according to one of claims 18 to 31, wherein the communication interface (4) has a plurality of contacts.
    [33" id="c-fr-0033]
    33. Method according to one of claims 18 to 32, wherein the communication interface (4) is in accordance with the IS07816 standard.
    [34" id="c-fr-0034]
    34. Method according to one of claims 18 to 33, wherein the first bus (A) and the second bus (B) each carry an input-output signal according to the IS07816 standard.
    类似技术:
    公开号 | 公开日 | 专利标题
    EP3317819B1|2020-12-02|Electronic entity and method implemented in an electronic entity
    EP2735969B1|2019-09-04|Electronic assembly including a deactivation module
    EP3608833A1|2020-02-12|Acquisition of a biometric fingerprint from a smart card
    EP1958418B1|2018-02-14|Portable electronic entity for setting up secured voice communication over ip
    EP2077515A1|2009-07-08|Device, systems and method for securely starting up a computer system
    EP3154284A1|2017-04-12|Pairing method in a peripheral device and in a communication terminal, corresponding devices and program
    WO2015097402A1|2015-07-02|Transmission and processing of data relating to a contactless transaction
    FR2904505A1|2008-02-01|Detachable secure portable electronic entity i.e. universal serial bus key, for exchanging e.g. multimedia data, has digital content delayed retransmission secure unit preventing reproduction of received content before its transmission
    EP2058746A1|2009-05-13|Portable electronic entity, host station and associated method
    EP1950577A2|2008-07-30|Method for verifying the integrity of a clock tree
    EP3671500A1|2020-06-24|Assisted autonomous enrolment method and system for holder of biometric device
    WO2012052080A1|2012-04-26|Method for checking an integrated circuit
    FR2961328A1|2011-12-16|Securing device e.g. universal serial bus key, for use with laptop to secure access to executing function of software application on host station, has authorizing unit to authorize access to function only if two comparisons are equal
    EP2158721B1|2018-04-18|Method and device for detecting an attempt to substitute an original casing portion of an electronic system with a replacement casing portion
    EP3667530A1|2020-06-17|Secure access to encrypted data from a user terminal
    FR3092412A1|2020-08-07|Authentication of a user of an electronic device
    WO2020249889A1|2020-12-17|Chip card user authentication
    WO2021123686A1|2021-06-24|Fingerprint-based enrolment on a chip card
    EP2564600B1|2017-09-20|Method of detecting an abnormal environmental operating condition of an element embedded in an apparatus and corresponding element
    FR2823167A1|2002-10-11|DEVICE FOR CONTROLLING A SECURITY DEVICE
    EP3241137A1|2017-11-08|Method implemented in an identity document and associated identity document
    FR3028697A1|2016-05-20|IMPROVING THE AUTHENTIC INTEGRITY OF DATA USING THE LATEST BLOCK ENCRYPTING THESE DATA IN CBC MODE
    FR2991122A1|2013-11-29|METHOD FOR TRANSMITTING / RECEIVING DIGITAL INFORMATION IN THE FORM OF FRAMES WITH POSSIBLY ENCRYPTED PARITY BITS AND CORRESPONDING TRANSMITTING / RECEIVING DEVICE
    WO2010043789A1|2010-04-22|Portable object with a microprocessor and a secured non-volatile memory, and external device to be connected to a portable object
    同族专利:
    公开号 | 公开日
    EP3317819A1|2018-05-09|
    EP3317819B1|2020-12-02|
    CN107735802A|2018-02-23|
    US20180197056A1|2018-07-12|
    ES2848381T3|2021-08-09|
    BR112017028239A2|2018-09-04|
    CN107735802B|2020-06-05|
    WO2017001746A1|2017-01-05|
    JP2018520439A|2018-07-26|
    US10496912B2|2019-12-03|
    HK1250407A1|2018-12-14|
    FR3038423B1|2018-07-20|
    KR20180022894A|2018-03-06|
    引用文献:
    公开号 | 申请日 | 公开日 | 申请人 | 专利标题
    FR2680262A1|1991-08-08|1993-02-12|Gemplus Card Int|Integrated circuits for chip card and multichip card using these circuits|
    EP2207131A1|2009-01-13|2010-07-14|Gemalto SA|Memory card equipped with a personalised microcontroller|
    DE10303740B4|2003-01-30|2006-09-14|Infineon Technologies Flash Gmbh & Co. Kg|Security memory card and manufacturing process|
    US20070043887A1|2005-08-16|2007-02-22|Phison Electronics Corp.|[adaptor device for ms memory card interface]|
    US20070174548A1|2005-08-29|2007-07-26|Phison Electronics Corp.|[memory card with identifier]|
    CN100545816C|2006-08-25|2009-09-30|上海华虹集成电路有限责任公司|Double-interface smart card simulation card|
    FR2914459B1|2007-03-30|2009-07-03|Oberthur Card Syst Sa|MICROPROCESSOR CARD|
    US20100031026A1|2007-11-01|2010-02-04|Infineon Technologies North America Corp.|Method and system for transferring information to a device|
    EP2141706A1|2008-07-04|2010-01-06|Gemalto SA|Memory card adaptor|
    FR2938094B1|2008-11-03|2015-06-12|Neowave|USB KEY WITH NON-CONTACT DRIVE FUNCTIONS AND NON-CONTACT CHIP CARD EMULATION|
    EP2582113A1|2011-10-13|2013-04-17|Gemalto SA|Adapter device between a contactless reader and a radiofrequency device|
    EP2930641B1|2014-04-07|2019-04-03|Nxp B.V.|Method of Programming a Smart Card, Computer Program Product and Programmable Smart Card|GB2577477B|2018-08-31|2021-11-17|Idex Asa|Biometric Interface|
    CN109828175B|2019-03-14|2021-06-01|四川海特亚美航空技术有限公司|Built-in test method for electronic sequential assembly|
    FR3108755A1|2020-03-27|2021-10-01|StmicroelectronicsSas|Microcircuit card|
    法律状态:
    2016-05-24| PLFP| Fee payment|Year of fee payment: 2 |
    2017-01-06| PLSC| Publication of the preliminary search report|Effective date: 20170106 |
    2017-05-23| PLFP| Fee payment|Year of fee payment: 3 |
    2018-05-25| PLFP| Fee payment|Year of fee payment: 4 |
    2018-11-09| CD| Change of name or company name|Owner name: IDEMIA FRANCE, FR Effective date: 20181009 |
    2020-05-20| PLFP| Fee payment|Year of fee payment: 6 |
    2020-10-02| CA| Change of address|Effective date: 20200826 |
    2020-10-02| CJ| Change in legal form|Effective date: 20200826 |
    2021-05-19| PLFP| Fee payment|Year of fee payment: 7 |
    优先权:
    申请号 | 申请日 | 专利标题
    FR1556170|2015-06-30|
    FR1556170A|FR3038423B1|2015-06-30|2015-06-30|ELECTRONIC ENTITY AND METHOD IMPLEMENTED IN SUCH AN ELECTRONIC ENTITY|FR1556170A| FR3038423B1|2015-06-30|2015-06-30|ELECTRONIC ENTITY AND METHOD IMPLEMENTED IN SUCH AN ELECTRONIC ENTITY|
    CN201680037974.4A| CN107735802B|2015-06-30|2016-06-21|Electronic unit and method executed in the electronic unit|
    EP16742335.9A| EP3317819B1|2015-06-30|2016-06-21|Electronic entity and method implemented in an electronic entity|
    KR1020187002652A| KR20180022894A|2015-06-30|2016-06-21|Electronic units and methods performed in such electronic devices|
    US15/740,775| US10496912B2|2015-06-30|2016-06-21|Electronic unit with a secure element and method carried out in such an electronic unit facilitating communication with the secure element|
    JP2017567662A| JP2018520439A|2015-06-30|2016-06-21|Electronic unit and method carried out in the electronic unit|
    BR112017028239-9A| BR112017028239A2|2015-06-30|2016-06-21|electronic unit and method performed on such an electronic unit|
    ES16742335T| ES2848381T3|2015-06-30|2016-06-21|Electronic entity and method put into practice in an electronic entity|
    PCT/FR2016/051520| WO2017001746A1|2015-06-30|2016-06-21|Electronic unit and method carried out in such an electronic unit|
    HK18109754.7A| HK1250407A1|2015-06-30|2018-07-27|Electronic unit and method carried out in such an electronic unit|
    [返回顶部]