公开(公告)号：US09918111B2

公开(公告)日：2018-03-13

申请号：US14412680

申请日：2013-07-01

Applicant: Cisco Technology, Inc.

Inventor： Eyal Farkash ,  Kevin Murray ,  Eliphaz Hibshoosh ,  Aliza Itzkowitz

IPC: H04N5/765 ,  H04N21/2343 ,  H04N21/44 ,  H04N21/462 ,  H04N21/61 ,  H04N21/845 ,  H04N21/236 ,  H04N21/434 ,  H04N21/8547

CPC classification number: H04N21/234327 ,  H04N21/23608 ,  H04N21/4347 ,  H04N21/44016 ,  H04N21/4622 ,  H04N21/6125 ,  H04N21/8456 ,  H04N21/8547

Abstract: A method for facilitating multiple recordings via a single tuner includes isolating data packets associated with recording candidate media assets from at least two broadcast data streams, generating at least one broadcast recording data stream from a subset of the isolated data packets, broadcasting the at least one broadcast recording data stream in parallel with the at least two broadcast data streams, where the broadcast recording data stream is broadcast via at least one dedicated broadcast “recording” device, and the at least two broadcast data streams are broadcast via other broadcast devices, storing remaining data packets not included in the isolated data packets in broadband data segments, and transmitting the broadband data segments via an IP connection to facilitate reassembly of partially recorded the media assets, where the partially recorded media assets were recorded from the broadcast recording stream. Related methods and apparatus are also disclosed.

公开(公告)号：US20140195809A1

公开(公告)日：2014-07-10

申请号：US14238255

申请日：2012-11-01

Applicant: Cisco Technology, Inc

Inventor： Hillel Solow ,  Harel Cain ,  Eliphaz Hibshoosh

IPC: H04L29/06

CPC classification number: H04L9/085 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0876

Abstract: A method for distributing information includes distributing an item of encrypted information to a plurality of clients and distributing respective key-shares to the clients, such that each client will require a key-share that has been distributed to at least one other client in order to reconstruct a key for decrypting the encrypted information. Upon receiving from a first client a report that a second client requested and received a respective one of the key-shares from the first client, a record of a delivery of the item to the second client is made responsively to the report.

Abstract translation: 一种用于分发信息的方法包括将加密信息的项目分发到多个客户端并将相应的密钥分发分配给客户端，使得每个客户端将需要已经分发给至少一个其他客户端的密钥共享，以便 重建用于解密加密信息的密钥。 在从第一客户端接收到第二客户端从第一客户端请求并接收到相应的一个密钥份的报告时，响应于该报告来做出该项目到第二客户端的传送记录。

公开(公告)号：US10715508B2

公开(公告)日：2020-07-14

申请号：US16004860

申请日：2018-06-11

Applicant: Cisco Technology, Inc.

Inventor： Eliphaz Hibshoosh ,  Aviad Kipnis

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/08

Abstract: In one embodiment, a method for secure computation, includes receiving in a server, over a communication channel from a device external to the server a request to perform a modular exponentiation operation in which an exponent of the operation comprises a secret value, wherein the secret value is not provided to the server, and at least two parameters that encode the secret value in accordance with a polynomial or matrix homomorphic encryption of the secret value computed by the device, and performing in the server, in response to the request, a homomorphic exponentiation using the at least two parameters received from the device without decrypting the secret value in the server, so as to generate an output that is indicative of a result of the modular exponentiation operation.

公开(公告)号：US20150163529A1

公开(公告)日：2015-06-11

申请号：US14412680

申请日：2013-07-01

Applicant: Cisco Technology, Inc.

Inventor： Eyal Faarkash ,  Kevin Murray ,  Eliphaz Hibshoosh ,  Aliza Itzkowitz

IPC: H04N21/2343 ,  H04N21/462 ,  H04N21/8547 ,  H04N21/845 ,  H04N21/236 ,  H04N21/434 ,  H04N21/44 ,  H04N21/61

CPC classification number: H04N21/234327 ,  H04N21/23608 ,  H04N21/4347 ,  H04N21/44016 ,  H04N21/4622 ,  H04N21/6125 ,  H04N21/8456 ,  H04N21/8547

Abstract: A method for facilitating multiple recordings via a single tuner includes isolating data packets associated with recording candidate media assets from at least two broadcast data streams, generating at least one broadcast recording data stream from a subset of the isolated data packets, broadcasting the at least one broadcast recording data stream in parallel with the at least two broadcast data streams, where the broadcast recording data stream is broadcast via at least one dedicated broadcast “recording” device, and the at least two broadcast data streams are broadcast via other broadcast devices, storing remaining data packets not included in the isolated data packets in broadband data segments, and transmitting the broadband data segments via an IP connection to facilitate reassembly of partially recorded the media assets, where the partially recorded media assets were recorded from the broadcast recording stream. Related methods and apparatus are also disclosed.

Abstract translation: 一种用于通过单个调谐器促进多次记录的方法包括将与至少两个广播数据流中记录候选媒体资产相关联的数据分组隔离，从孤立数据分组的子集生成至少一个广播记录数据流，将至少一个 广播记录数据流与至少两个广播数据流并行，其中广播记录数据流经由至少一个专用广播“记录”设备广播，并且至少两个广播数据流通过其他广播设备广播，存储 不包括在宽带数据段中的孤立数据分组中的剩余数据分组，以及经由IP连接发送宽带数据段，以便于部分记录的媒体资产的重新组合，其中从广播记录流记录部分记录的媒体资产。 还公开了相关方法和装置。

公开(公告)号：US09350543B2

公开(公告)日：2016-05-24

申请号：US14417184

申请日：2013-07-25

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Eliphaz Hibshoosh

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/30 ,  G06F7/58

CPC classification number: H04L9/008 ,  G06F7/58 ,  G06F7/582 ,  H04L9/00 ,  H04L9/002 ,  H04L9/0631 ,  H04L9/0643 ,  H04L9/065 ,  H04L9/08 ,  H04L9/0869 ,  H04L9/302 ,  H04L9/3093 ,  H04L2209/08 ,  H04L2209/24

Abstract: A fully homomorphic method and system for randomizing an input, wherein all computations are over a commutative ring is described. Equivalent methods for performing the randomization using matrices and polynomials are detailed, as well as ways to mix the matrix and polynomial functions. Addition, multiplication, and division of the matrix and polynomial functions is further described. By performing computations of the functions modulo N over a ring ZN, the functions are usable as encryption functions. The method and system can also be used for verifying that a returned result of a calculation performed by a third party is valid for any of the calculations described herein. Related methods, systems, and apparatus are also described.

Abstract translation: 描述了用于随机化输入的完全同态方法和系统，其中所有计算都在交换环上。 详细说明了使用矩阵和多项式执行随机化的等效方法，以及混合矩阵和多项式函数的方法。 进一步描述矩阵和多项式函数的加法，乘法和除法。 通过在环ZN上执行模N的函数的计算，这些函数可用作加密函数。 方法和系统还可以用于验证由第三方执行的计算的返回结果对于本文所描述的任何计算是有效的。 还描述了相关方法，系统和装置。

公开(公告)号：US20150215123A1

公开(公告)日：2015-07-30

申请号：US14417184

申请日：2013-07-25

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Eliphaz Hibshoosh

IPC: H04L9/08 ,  G06F7/58 ,  H04L9/00

CPC classification number: H04L9/008 ,  G06F7/58 ,  G06F7/582 ,  H04L9/00 ,  H04L9/002 ,  H04L9/0631 ,  H04L9/0643 ,  H04L9/065 ,  H04L9/08 ,  H04L9/0869 ,  H04L9/302 ,  H04L9/3093 ,  H04L2209/08 ,  H04L2209/24

Abstract: A fully homomorphic method and system for randomizing an input, wherein all computations are over a commutative ring is described. Equivalent methods for performing the randomization using matrices and polynomials are detailed, as well as ways to mix the matrix and polynomial functions. Addition, multiplication, and division of the matrix and polynomial functions is further described. By performing computations of the functions modulo N over a ring ZN, the functions are usable as encryption functions. The method and system can also be used for verifying that a returned result of a calculation performed by a third party is valid for any of the calculations described herein. Related methods, systems, and apparatus are also described.

Abstract translation: 描述了用于随机化输入的完全同态方法和系统，其中所有计算都在交换环上。 详细说明了使用矩阵和多项式执行随机化的等效方法，以及混合矩阵和多项式函数的方法。 进一步描述矩阵和多项式函数的加法，乘法和除法。 通过在环ZN上执行模N的函数的计算，这些函数可用作加密函数。 方法和系统还可以用于验证由第三方执行的计算的返回结果对于本文所描述的任何计算是有效的。 还描述了相关方法，系统和装置。

公开(公告)号：US20140195816A1

公开(公告)日：2014-07-10

申请号：US13929008

申请日：2013-06-27

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Eliphaz Hibshoosh

IPC: G06F21/60

CPC classification number: G06F21/602 ,  G09C1/00 ,  H04L9/002 ,  H04L2209/04 ,  H04L2209/603

Abstract: A system including a memory having regions including a first and second region, the first region being different from the second region, and a digital rights management engine to receive a plurality of ciphertext cipher blocks, decrypt the ciphertext cipher blocks yielding plaintext cipher blocks, output the plaintext cipher blocks to the first region of the memory over a period of time, provide a plurality of decoy cipher blocks in addition to the plaintext cipher blocks, the decoy cipher blocks having a pattern in which: a first one of the decoy cipher blocks consists of data, and a second one of the decoy cipher blocks consists of data which is the same as the data of the first one of the decoy cipher blocks, and output the decoy cipher blocks to the second region of the memory during the period of time. Related apparatus and methods are also included.

Abstract translation: 一种包括存储器的系统，所述存储器具有包括第一和第二区域的区域，所述第一区域不同于所述第二区域;以及数字版权管理引擎，用于接收多个密文密码块，对产生明文密码块的密文密码块进行解密，输出 明文密码块在一段时间内到存储器的第一区域，除了明文密码块之外还提供多个诱饵密码块，所述诱饵密码块具有以下模式：诱饵密码块中的第一个 由数据组成，并且第二个诱饵密码块由与诱饵密码块中的第一个的数据相同的数据组成，并且在该期间内将诱饵密码块输出到存储器的第二区域 时间。 还包括相关的装置和方法。

公开(公告)号：US10469266B2

公开(公告)日：2019-11-05

申请号：US15595980

申请日：2017-05-16

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Erez Waisbard ,  Eliphaz Hibshoosh

IPC: H04L9/32 ,  H04L9/08

Abstract: In one embodiment, a first signature template is received, the first signature template being one of a signature template of a first message or a null template, the first signature template comprising at least the following fields: an aggregation depth field, a message identifier, one of the first message or a result of applying a one way hash function to the first message, a bit vector, an aggregated square random integer mod N, a signature of the first message. A second signature template is created based on the first signature template, the second signature template created as follows: increment the aggregation depth of the first signature template, determine a unique message identifier for a second message, determine a second bit vector, determine an second aggregated square random integer mod N, and calculate a new signature for the second message. Related methods, apparatus, and systems are also disclosed.

公开(公告)号：US10361865B2

公开(公告)日：2019-07-23

申请号：US15688894

申请日：2017-08-29

Applicant: Cisco Technology, Inc.

Inventor： Eliphaz Hibshoosh ,  Aviad Kipnis ,  Nir Moshe ,  Alon Shaltiel ,  Yair Fodor

IPC: H04L9/32 ,  H04L9/00 ,  G06F21/00 ,  G06F21/64 ,  G06F21/53

Abstract: In one embodiment, a method, system, and apparatus are described, the method, system, and apparatus including generating metadata to be associated with each block of a series of blocks, the generating including, except for an initial block, receiving: a first block, including a signed block, and a second block to be signed, retrieving a first value including a square of a random number, R′2, multiplying R′2 by a nonce, r, and setting r·R′2 to be a square of a first random number, denoted R2, for the second block, retrieving a second value from the first block, the second value including K-bit vector, E′, determining a bit string value of the second block, M, computing E=hash(R2∥M∥E′), and determining a signature, Sig, for the second block by calculating Sig=r Sig′ SE-E′. Related methods, systems, and apparatuses are also described.

公开(公告)号：US09571268B2

公开(公告)日：2017-02-14

申请号：US15132271

申请日：2016-04-19

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Eliphaz Hibshoosh

IPC: H04L9/00 ,  H04L9/08 ,  H04L9/30 ,  H04L9/06 ,  G06F7/58

CPC classification number: H04L9/008 ,  G06F7/58 ,  G06F7/582 ,  H04L9/00 ,  H04L9/002 ,  H04L9/0631 ,  H04L9/0643 ,  H04L9/065 ,  H04L9/08 ,  H04L9/0869 ,  H04L9/302 ,  H04L9/3093 ,  H04L2209/08 ,  H04L2209/24

Abstract: In one embodiment, a method for reducing information leakage in order to counter side channel attacks against a secure execution environment is described, the method including receiving at the secure execution environment a first input comprising a key comprising a sequence of k input elements in a commutative ring, CR, receiving at the secure execution environment a second input comprising a text comprising a sequence of p input elements in the commutative ring, CR, defining an input INP comprising a sequence of j input elements, wherein INP comprises either one or both of the first input or the second input, performing one of a matrix randomization operation or a polynomial randomization operation on the inputs, and producing a randomized output.

Abstract translation: 在一个实施例中，描述了一种用于减少针对安全执行环境的侧向信道攻击的信息泄漏的方法，所述方法包括在安全执行环境下接收第一输入，该第一输入包括一个包含k个输入元素序列在一个可交换 环，CR，在安全执行环境处接收第二输入，第二输入包括包括交换环中的p个输入元素序列的文本CR，其定义包括j个输入元素序列的输入INP，其中INP包括以下两个中的一个或两个： 第一输入或第二输入，对输入执行矩阵随机化操作或多项式随机化操作之一，并产生随机输出。