One is familiar with systems used for the protection of data, and in particular, for example, the protection of transmitted data, and for performing authentication, in a reliable manner, of the person who has transmitted a message. Such a device is known through patent application EP 0 037 762 for example. However, such a device required a signature calculation to be performed in a portable object of the chip card type, then comparing the result of the calculation effected with the signature transmitted with the message, in order to then deliver to the outside world a “yes” or “no” result allowing authentication of the person who transmitted the message as the person who was in possession of a chip card whose confidential codes matched the confidential codes of the device that performed the authentication.
We are also familiar, from French patent application FR 2 526 977, with a device that allows authentication or certification of at least one information item contained in a memory of an electronic medium. Such a device and process employs a chip card, and can be used to calculate a result from knowledge of the data item stored in the electronic medium and of a parameter correlative to the position of the data item in the memory of the support. The same calculation is effected at the other end of the transmission by the device that transmitted the information, and the result supplied by one of the ends is compared in order to ensure that the registration has been completed correctly in the memory of a portable electronic medium such as the card.
Such a device conducts remote communication between a terminal equipped with a security module and a chip card in which one wishes to record an information item sent by this terminal. This takes no account of the problems of security at the level of the computer system of the terminal itself, and the certification and the authentication of the data recorded in the memory of the terminal.
We are also familiar, from patent application EP 0 285 520, with a process and a device for routing the confidential codes between two security modules connected by a communication resource. This routing of confidential codes allows one to ensure the confidentiality of these keys by transmitting the keys in an encrypted manner.
Finally, we are also familiar, from patent application EP 0 252 850, with a process and a device to certify the authenticity of a data item transmitted between two devices connected locally or remotely over a transmission line. The device and the process add, to the information to be transmitted, a predetermined condition that is independently of the value of the data item to be transmitted. This predetermined condition, together with the information to be transmitted, constitutes the message that is encrypted before transmission, and then decrypted on reception. After decryption, the receiver separates the received message into two fields and applies the same predetermined condition to one of the two fields, and if this predetermined condition is satisfied, the system considers that the transmission has taken place correctly.
However, most of the devices of the prior art have as their objective either to secure transmitted data from one terminal to another, or to authenticate a transmitter in relation to a receiver, or to allow access to a service by authenticating a person as being authorised to have access to the service.