-
公开(公告)号:US20140173276A1
公开(公告)日:2014-06-19
申请号:US14176803
申请日:2014-02-10
Applicant: Certicom Corp.
Inventor: Scott Alexander Vanstone , Marinus Struik
CPC classification number: H04L63/065 , H04L9/00 , H04L9/006 , H04L9/08 , H04L9/0833 , H04L9/0838 , H04L63/0428 , H04L63/0471 , H04L63/061 , H04L63/08 , H04L63/0876 , H04L63/104 , H04W12/04 , H04W12/06 , H04W84/18
Abstract: A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices arc allowed access to the communication network and the trusted network.
Abstract translation: 一种用于通信网络中的多个设备的分布式安全性的方法和系统,每个设备负责生成,分发和控制其自己的密钥以访问通信网络并使用密钥建立可信网络,每个设备的 通过使用挑战响应协议来确定哪些设备允许访问通信网络和可信网络,由其他设备周期性地检查通信网络的成员资格。
-
公开(公告)号:US20140153714A1
公开(公告)日:2014-06-05
申请号:US13691101
申请日:2012-11-30
Applicant: CERTICOM CORP.
Inventor: Robert John Lambert
IPC: H04L9/28
CPC classification number: H04L9/3271 , H04L9/28 , H04L9/3236 , H04L2209/04 , H04W12/06
Abstract: Challenge-response authentication protocols are disclosed herein, including systems and methods for a first device to authenticate a second device. In one embodiment, the following operations are performed by the first device: (a) sending to the second device: (i) a challenge value corresponding to an expected response value known by the first device, and (ii) a hiding value; (b) receiving from the second device a masked response value; (c) obtaining an expected masked response value from the expected response value and the hiding value; and (d) determining whether the expected masked response value matches the masked response value received from the second device. The operations from the perspective of the second device are also disclosed, which in some embodiments include computing the masked response value using the challenge value, the hiding value, and secret information known to the second device.
Abstract translation: 本文公开了挑战响应认证协议,包括用于第一设备认证第二设备的系统和方法。 在一个实施例中,以下操作由第一设备执行:(a)向第二设备发送:(i)对应于由第一设备已知的预期响应值的挑战值,以及(ii)隐藏值; (b)从第二设备接收被屏蔽的响应值; (c)从预期响应值和隐藏值获得预期屏蔽响应值; 以及(d)确定预期的屏蔽响应值是否与从第二设备接收到的屏蔽的响应值相匹配。 还公开了从第二设备的角度的操作,在一些实施例中,这些操作包括使用挑战值,隐藏值和第二设备已知的秘密信息来计算被屏蔽的响应值。
-
公开(公告)号:US20140082367A1
公开(公告)日:2014-03-20
申请号:US14083852
申请日:2013-11-19
Applicant: BLACKBERRY LIMITED , BLACKBERRY LIMITED , CERTICOM CORP.
Inventor: Robert J. LAMBERT , Robert H. WOOD , Brian LAMB
CPC classification number: G06F21/31 , G06F21/6209 , H04L9/3226 , H04L9/3239 , H04L2209/38 , H04W12/06
Abstract: Methods, systems, and computer programs for verifying a password are disclosed. For example, the password can be verified on a mobile device to control user access to the mobile device. In some implementations, a mobile device includes a user interface, a main processor, and a co-processor. The user interface receives a submitted password value from a user. The main processor calls the co-processor to provide a hash chain input value based on the submitted password value. The main processor evaluates a hash chain based on the hash chain input value provided by the co-processor. Evaluating the hash chain generates a submitted password verification value. The submitted password verification value is compared to a stored password verification value stored on the mobile device. Access to mobile device functionality may be permitted or denied based on a result of the comparison.
Abstract translation: 公开了用于验证密码的方法,系统和计算机程序。 例如,可以在移动设备上验证密码以控制用户对移动设备的访问。 在一些实现中,移动设备包括用户接口,主处理器和协处理器。 用户界面从用户接收提交的密码值。 主处理器根据提交的密码值调用协处理器提供散列链输入值。 主处理器基于由协处理器提供的散列链输入值来评估散列链。 评估散列链生成提交的密码验证值。 将提交的密码验证值与存储在移动设备上的存储密码验证值进行比较。 可以基于比较的结果来允许或拒绝对移动设备功能的访问。
-
公开(公告)号:US20130170642A1
公开(公告)日:2013-07-04
申请号:US13770533
申请日:2013-02-19
Applicant: CERTICOM CORP.
Inventor: Daniel Richard L. Brown , Scott Alexander Vanstone
IPC: H04L9/08
CPC classification number: H04L9/0869 , G06F7/582 , G06F7/588 , G06F7/725 , H04L9/0662 , H04L9/0816 , H04L9/0894 , H04L9/3066 , H04L2209/20 , H04L2209/24 , H04L2209/26
Abstract: An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.
Abstract translation: 椭圆曲线随机数发生器通过选择椭圆曲线上的点Q可以无限次地避免代管钥匙。 选择一个任意的字符串,并计算该字符串的散列。 然后将散列转换为所需场的场元素,将该场元素视为椭圆曲线上的点Q的x坐标,并且在期望的椭圆曲线上测试x坐标的有效性。 如果有效,则将x坐标解压缩到点Q,其中,从哈希值导出哪个是两点的选择。 意向使用代管键可以提供备份功能。 P和Q之间的关系用作托管密钥,并由安全域存储。 管理员记录生成器的输出,用代管密钥重构随机数。
-
公开(公告)号:US20020044649A1
公开(公告)日:2002-04-18
申请号:US09885959
申请日:2001-06-22
Applicant: CERTICOM CORP.
Inventor: Robert Gallant , Robert Lambert , Scott A. Vanstone
IPC: H04L009/30 , G06F007/49
CPC classification number: G06F7/725
Abstract: This invention provides a method for accelerating multiplication of an elliptic curve point Q(x,y) by a scalar k, the method comprising the steps of selecting an elliptic curve over a finite field Fq where q is a prime power such that there exists an endomorphism null, where null(Q)nullnull.Q for all points Q(x,y) on the elliptic curve: and using smaller representations ki of the scalar k in combination with the mapping null to compute the scalar multiple of the elliptic curve point Q.
Abstract translation: 本发明提供了一种用于加速椭圆曲线点Q(x,y)乘以标量k的方法,所述方法包括以下步骤:在有限域Fq上选择椭圆曲线,其中q是素数,使得存在 对于椭圆曲线上的所有点Q(x,y),其中&PSgr;(Q)= lambd.Q;并且使用标量k的较小表示ki与映射&PSgr的组合; 以计算椭圆曲线点Q的标量倍数。
-
Patent Agency Ranking
公开(公告)号:US20010054053A1
公开(公告)日:2001-12-20
申请号:US09477678
申请日:2000-01-05
Applicant: Certicom Corp.
Inventor: ROBERT J LAMBERT , ASHOK VADEKAR
IPC: G06F007/00
CPC classification number: F01N13/14 , F01N3/28 , F01N3/2803 , F01N2240/20 , F01N2330/14 , F01N2330/22 , Y02A50/2322
Abstract: A method of computing the product D of two finite field elements B and C modulo an irreducible polynomial f1(x), wherein the finite field elements B and C are represented in terms of an optimal normal basis (ONB) of Type 1 over a field F2n and the irreducible polynomial f1(x) being of degree n, which comprises the steps of representing the element B as a vector of binary digits bi, where bi is a co-efficient of an ith basis element of the ONB representation of element B, in polynomial order, representing the element C as a vector of binary digits ci, where ci is a co-efficient of an ith basis element of the ONB representation of element C, arranged in polynomial order, initializing a register A, selecting a digit ci of vector C, computing a partial product vector A of the ith digit ci of the element C and the vector B, adding the partial product to the register A, shifting the register A, reducing the partial product A by a multiple f2(x) of the irreducible polynomial f1(x) if bits in a position above n are set, storing the reduced partial product in the register A, repeating for each successive bit of the vector C and upon completion the register A containing a final product vector; and reducing the final product vector A by the irreducible polynomial f1(x) if an nth bit of the register is set. The reduction step by the multiple of the irreducible polynomial simply involves a shift operation performed on the partial products.
Abstract translation: 计算两个有限域元素B和C的不可约多项式f 1(x)的乘积D的方法,其中有限域元素B和C以字段1的最佳正态基(ONB)表示 F2n和不可约多项式f1(x)为度数n,其包括将元素B表示为二进制数字bi的向量的步骤,其中bi是元素B的ONB表示的第i个基元的有效性 以多项式顺序,将元素C表示为二进制数字ci的向量,其中ci是以多项式顺序排列的元素C的ONB表示的第i个基元的有效值,初始化寄存器A,选择数字 ci,计算元素C的第i位ci和向量B的部分乘积向量A,将部分积加到寄存器A,移位寄存器A,将部分乘积A减少多个f2(x )的不可约多项式f1(x) 设置n以上的位置,将减少的部分乘积存储在寄存器A中,对向量C的每个连续位重复,并且在完成包含最终乘积向量的寄存器A时; 并且如果设置了寄存器的第n位,则通过不可约多项式f1(x)来减少最终乘积向量A. 通过不可约多项式的倍数的减少步骤仅仅涉及对部分乘积执行的移位操作。
-
公开(公告)号:US11310033B2
公开(公告)日:2022-04-19
申请号:US16431845
申请日:2019-06-05
Applicant: Certicom Corp.
Inventor: Robert John Lambert , Nevine Maurice Nassif Ebeid , Daniel Richard L. Brown , Atsushi Yamada
Abstract: A method for operating a pseudorandom generator is disclosed. The method may be implemented by a processor of a mobile computing device. The method includes: collecting raw sensor data from at least one sensor associated with the mobile computing device; selecting a subset of the raw sensor data; retrieving first representation representing accumulated entropy associated with one or more previously acquired raw sensor data sets for the at least one sensor; and generating a seed for a pseudorandom generator based on combining the first representation and the selected subset of raw sensor data.
-
公开(公告)号:US10812273B2
公开(公告)日:2020-10-20
申请号:US16369669
申请日:2019-03-29
Applicant: BlackBerry Limited , Certicom Corp.
IPC: H04L9/32 , H04L29/06 , H04W12/10 , H04W12/12 , H04L9/14 , H04L9/30 , H04W4/12 , H04W12/04 , H04W12/06
Abstract: A method of processing a notification that is broadcast by a source server is disclosed. The method includes: receiving, at the computing device, the notification, the notification containing a first message; storing the first message in a message store; determining that the first message is a repeated message of a previous message that was received at the computing device prior to receiving the notification; and associating a message counter value of the first message with the previous message and a message counter value associated with the previous message in the message store.
-
109.发明申请公开(公告)号:US20190319783A1
公开(公告)日:2019-10-17
申请号:US16449288
申请日:2019-06-21
Applicant: Certicom Corp.
Inventor: Daniel Richard L. Brown
Abstract: Methods, systems, and computer programs for generating cryptographic function parameters are described. In some examples, astronomical data from an observed astronomical event is obtained. A pseudorandom generator is seeded based on the astronomical data. After seeding the pseudorandom generator, an output from the pseudorandom generator is obtained. A parameter for a cryptographic function is generated by operation of one or more data processors. The parameter is generated from the output from the pseudorandom generator.
-
公开(公告)号:US10419407B2
公开(公告)日:2019-09-17
申请号:US15987978
申请日:2018-05-24
Applicant: Certicom Corp.
Inventor: Michael Daskalopoulos , Ashok Vadekar , David Wong , William Lattin , Daniel O'Loughlin , David R. Sequino
Abstract: Trust between entities participating in an upgrade or enablement/disablement process is established and, to facilitate this remotely and securely, a highly tamper resistant point of trust in the system that is being produced is used. This point of trust enables a more efficient distribution system to be used. Through either a provisioning process or at later stages, i.e. subsequent to installation, manufacture, assembly, sale, etc.; the point of trust embodied as a feature controller on the device or system being modified is given a feature set (or updated feature set) that, when validated, is used to enable or disable entire features or to activate portions of the feature.
-
-
-
-
-
-
-
-
-
Search Results
187
records
(took 0.017 seconds)
