摘要 |
The present invention relates to a cryptographic method of protection against fraud in transactions between an application (1) and an electronic chip (2) of a user. The method consists in: both the electronic chip (2) and the application (1) computing (15, 16) a certificate (Sp, S) which is the result of applying a non-linear function f to a list of arguments (e1, e2) comprising at least a seed R and a secret key K, allocating to the electronic chip (2) a second secret key K' known only to the electronic chip (2) and to the application (1) and kept secret (6) in the electronic chip (2), on each authentication of the electronic chip (2), determining (17, 18) a mask M computed from at least a portion of the secret key K', masking (19) the value of the certificate (Sp) by means of the mask M to make available to the application (1) only the masked value of the certificate (Spm), and using the application (1) to verify the masked value of the certificate (Spm) computed by the electronic chip (2).
|