公开(公告)号：US09419790B2

公开(公告)日：2016-08-16

申请号：US14530905

申请日：2014-11-03

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC: H04L9/00 ,  G06F1/32 ,  G06F7/00 ,  G06F21/55 ,  G06F21/75 ,  G06F21/77 ,  G06K19/073 ,  G06Q20/34 ,  G07F7/08 ,  G07F7/10 ,  G06F1/06 ,  G09C1/00

CPC classification number: H04L9/0618 ,  G06F1/06 ,  G06F1/266 ,  G06F1/3225 ,  G06F7/00 ,  G06F21/75 ,  G06F21/755 ,  G06F21/77 ,  G06F2207/7223 ,  G06F2207/7266 ,  G06K19/073 ,  G06K19/07363 ,  G06Q20/341 ,  G06Q20/382 ,  G06Q20/409 ,  G07F7/08 ,  G07F7/082 ,  G07F7/1008 ,  G09C1/00 ,  H04L9/003 ,  H04L2209/04 ,  H04L2209/08 ,  H04L2209/56 ,  H04L2209/805

Abstract: Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.

Abstract translation: 从智能卡和其他防篡改加密设备泄露的信息可以进行统计分析，以确定密钥或其他秘密数据。 数据采集​​和分析系统配置有连接的模拟 - 数字转换器，用于测量设备在设备处理期间变化的设备的电力消耗或目标设备的某些其他属性。 当目标设备执行加密操作时，对于每个密码操作记录来自A / D转换器的数据。 然后使用统计分析处理存储的数据，产生整个密钥，或者可以用于加速强力搜索或其他攻击的密钥的部分信息。

公开(公告)号：US20020099948A1

公开(公告)日：2002-07-25

申请号：US09948473

申请日：2001-09-06

Applicant: Cryptography Research, Inc.

Inventor： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC: G06F012/14

CPC classification number: G06F21/602 ,  G06F21/10 ,  G06F21/72 ,  G06F2211/007 ,  G06F2221/0753 ,  G06F2221/2101 ,  G06Q20/367 ,  H04L9/0833 ,  H04L2209/127 ,  H04L2209/603

Abstract: Abstract of DisclosureBefore use, a population of tamper-resistant cryptographic enforcement devices is partitioned into groups and issued one or more group keys. Each tamper-resistant device contains multiple computational units to control access to digital content. One of the computational units within each tamper-resistant device communicates with another of the computational units acting as an interface control processor, and serves to protect the contents of a nonvolatile memory from unauthorized access or modification by other portions of the tamper-resistant device, while performing cryptographic computations using the memory contents. Content providers enforce viewing privileges by transmitting encrypted rights keys to a large number of recipient devices. These recipient devices process received messages using the protected processing environment and memory space of the secure unit. The processing result depends on whether the recipient device was specified by the content provider as authorized to view some encrypted digital content. Authorized recipient devices can use the processing result in decrypting the content, while unauthorized devices cannot decrypt the content. A related aspect of the invention provides for securing computational units and controlling attacks. For example, updates to the nonvolatile memory, including program updates, are supported and protected via a cryptographic unlocking and validation process in the secure unit, which can include digital signature verification.

Abstract translation: 摘要在使用之前，将一批防篡改加密强制设备分成几组，并发出一个或多个组密钥。 每个防篡改设备包含多个计算单元来控制对数字内容的访问。 每个防篡改设备中的一个计算单元与作为接口控制处理器的另一个计算单元进行通信，并且用于保护非易失性存储器的内容免受篡改设备的其他部分的未经授权的访问或修改， 同时使用存储器内容执行加密计算。 内容提供商通过将加密的权限密钥发送到大量的收件人设备来强制执行查看权限。 这些收件人设备使用受保护的处理环境和安全单元的存储空间处理接收到的消息。 处理结果取决于收件人设备是否被内容提供商指定为授权查看某些加密的数字内容。 授权收件人设备可以使用处理结果解密内容，而未经授权的设备则无法解密内容。 本发明的相关方面提供了保护计算单元和控制攻击。 例如，通过安全单元中的加密解锁和验证过程来支持和保护对非易失性存储器的更新，包括程序更新，这可以包括数字签名验证。