-
111.发明授权公开(公告)号:US09544304B2
公开(公告)日:2017-01-10
申请号:US14535202
申请日:2014-11-06
Applicant: CRYPTOGRAPHY RESEARCH, INC.
Inventor: Michael Hamburg , Benjamin Che-Ming Jun , Paul C. Kocher , Daniel O'Loughlin , Denis Alexandrovich Pochuev , Ambuj Kumar
IPC: H04L9/32 , H04L29/06 , H04L29/08 , H04W12/06 , G06F21/60 , G06F21/62 , G06F21/72 , G06F21/73 , G06F21/33
Abstract: The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.
-
公开(公告)号:US20160140274A1
公开(公告)日:2016-05-19
申请号:US14896877
申请日:2014-06-20
Applicant: CRYPTOGRAPHY RESEARCH, INC.
Inventor: Megan Anneke WACHS , Hai LAN , Andrew John LEISERSON , Joseph William INKENBRANDT , Ralf Michael SCHMITT
CPC classification number: G06F17/5036 , G01R27/02 , G06F17/50 , G06F17/5022 , G11C29/50 , H04L9/003
Abstract: A first and second set of simulation information of a circuit design may be received. Energy consumption values associated with signals may be calculated for each of the first and second sets of simulation information of the circuit design. The energy consumption values associated with the transitions of the plurality of signals for each time point of a plurality of time points may be aggregated based on when each of the transitions of the signals occurs for each of the first and second sets of simulation information. Furthermore, a possible Differential Power Analysis (DPA) leak may be identified at one of the time points based on a difference in aggregated energy consumption values between the first and second sets of simulation information.
Abstract translation: 可以接收电路设计的第一和第二组仿真信息。 可以针对电路设计的第一组和第二组模拟信息中的每一个来计算与信号相关联的能量消耗值。 可以基于对于第一和第二组模拟信息中的每一个发生信号的每个转换何时聚合与多个时间点中的每个时间点的多个信号的转变相关联的能量消耗值。 此外,可以基于第一组和第二组模拟信息之间的聚合能量消耗值的差异在一个时间点上识别可能的差分功率分析(DPA)泄漏。
-
公开(公告)号:US20160133341A1
公开(公告)日:2016-05-12
申请号:US14896901
申请日:2014-06-20
Applicant: CRYPTOGRAPHY RESEARCH, INC.
Inventor: Andrew John LEISERSON , Megan Anneke WACHS
CPC classification number: G06F17/5036 , G01R27/02 , G06F17/50 , G06F17/5022 , G11C29/50 , H04L9/003
Abstract: A first signal and a second signal associated with a circuit may be identified. A first count of a number of times that the second signal is associated with a transition when the first signal is at a first value may be determined. Furthermore, a second count of a number of times that the second signal is associated with a transition when the first signal is at a second value may be determined. A value corresponding to the dependence between the second signal and the first signal may be calculated based on the first count and the second count.
Abstract translation: 可以识别与电路相关联的第一信号和第二信号。 可以确定当第一信号处于第一值时第二信号与转变相关联的次数的第一计数。 此外,可以确定第二信号与第一信号处于第二值时的转变相关联的次数的第二计数。 可以基于第一计数和第二计数来计算与第二信号和第一信号之间的依赖关系相对应的值。
-
公开(公告)号:US20150326567A1
公开(公告)日:2015-11-12
申请号:US14535194
申请日:2014-11-06
Applicant: CRYPTOGRAPHY RESEARCH, INC.
Inventor: Michael Hamburg , Benjamin Che-Ming Jun , Paul C. Kocher , Daniel O'Loughlin , Denis Alexandrovich Pochuev
CPC classification number: H04L63/0853 , G06F21/335 , G06F21/602 , G06F21/6209 , G06F21/72 , G06F21/73 , G06F2221/2107 , G06F2221/2135 , G06F2221/2145 , G06F2221/2149 , G06F2221/2153 , H04L63/0428 , H04L63/062 , H04L63/123 , H04L67/32 , H04W12/06
Abstract: The embodiments described herein describe technologies for Module management, including Module creation and Module deployment to a target device in an operation phase of a manufacturing lifecycle of the target device in a cryptographic manager (CM) environment. One implementation includes a Root Authority (RA) device that receives a command to create a Module and executes a Module Template to generate the Module in response to the command. The Module is deployed to an Appliance device. A set of instructions of the Module, when executed by the Appliance device, results in a secure construction of a sequence of operations to securely provision a data asset to the target device. The Appliance device is configured to distribute the data asset to a cryptographic manager (CM) core of the target device.
Abstract translation: 本文描述的实施例描述了用于模块管理的技术,包括在加密管理器(CM)环境中的目标设备的制造生命周期的操作阶段中的模块创建和模块部署到目标设备。 一个实现包括根授权(RA)设备,其接收创建模块的命令并执行模块模板以响应于该命令生成模块。 模块部署到设备设备。 当由设备设备执行时,该模块的一组指令导致一系列操作的安全构造,以将数据资产安全地提供给目标设备。 设备设备被配置为将数据资产分发到目标设备的加密管理器(CM)核心。
-
115.发明授权公开(公告)号:US08977864B2
公开(公告)日:2015-03-10
申请号:US14201539
申请日:2014-03-07
Applicant: Cryptography Research, Inc.
Inventor: Paul C. Kocher , Pankaj Rohatgi , Joshua M. Jaffe
CPC classification number: G06F21/575 , G06F8/71 , G06F9/44505 , G06F12/1408 , G06F21/556 , G06F21/602 , G06F21/755 , G06F21/76 , G06F2212/402 , G06F2221/034 , G06F2221/2107 , G06F2221/2125 , G06F2221/2145 , H04L9/003 , H04L9/0631 , H04L9/085 , H04L9/0861 , H04L9/088 , H04L9/0894 , H04L9/16 , H04L9/3236 , H04L9/3247 , H04L63/0428 , H04L63/0869 , H04L2209/24 , H04L2209/38 , H04L2209/56 , H04L2463/061
Abstract: Techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments.
Abstract translation: 技术可以由设备加密和解密敏感数据,以提供安全性从外部监视攻击。 加密设备可以访问解密设备也是已知的基本密钥加密值(密钥)。 敏感数据被分解为段,并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密,以创建一组加密的段。 加密设备使用基本秘密加密值来创建验证器,证明该消息标识符的加密段由具有访问基本密钥的设备创建。 解密装置在接收到加密的段和验证器时,使用验证器来验证消息标识符,并且加密段未被修改,然后使用从基本密钥和消息标识符导出的加密密钥来解密段。
-
Patent Agency Ranking
公开(公告)号:US20030028771A1
公开(公告)日:2003-02-06
申请号:US10136012
申请日:2002-04-29
Applicant: Cryptography Research, Inc.
Inventor: Paul C. Kocher , Joshua M. Jaffe
IPC: H04L009/00 , G06F017/60
CPC classification number: H04L9/3247 , G06F7/723 , G06F21/556 , G06F21/602 , G06F21/755 , G06F2207/7219 , G06F2207/7257 , G06Q20/367 , G06Q20/401 , H04L9/002 , H04L9/0841 , H04L9/0891 , H04L9/3013 , H04L9/302 , H04L63/1441 , H04L2209/56
Abstract: We disclose methods and apparatuses for securing cryptographic devices against attacks involving external monitoring and analysis. A nullself-healingnull property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption.
-
公开(公告)号:US20010002486A1
公开(公告)日:2001-05-31
申请号:US09737182
申请日:2000-12-13
Applicant: Cryptography Research, Inc.
Inventor: Paul C. Kocher , Joshua M. Jaffe
IPC: H04L009/00
CPC classification number: H04L9/3247 , G06F7/723 , G06F21/556 , G06F21/602 , G06F21/755 , G06F2207/7219 , G06F2207/7257 , G06Q20/367 , G06Q20/401 , H04L9/002 , H04L9/0841 , H04L9/0891 , H04L9/3013 , H04L9/302 , H04L63/1441 , H04L2209/56
Abstract: The present invention provides a method and apparatus for securing cryptographic devices against attacks involving external monitoring and analysis. A nullself-healingnull property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations of the invention are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption, ElGamal digital signing, and the Digital Signature Algorithm.
-
公开(公告)号:US20250165408A1
公开(公告)日:2025-05-22
申请号:US18839408
申请日:2023-02-24
Applicant: Cryptography Research, Inc.
Inventor: Ajay Kapoor , Marcel Van Loon
Abstract: Disclosed systems and techniques involve flexible encryption, decryption, retrieval, and authentication of data. The systems may include a cryptographic processor that, in a first selectable mode of operation is configured to identify plaintext blocks, generate encrypted ciphertext blocks, process sequentially the ciphertext blocks to obtain an authentication value, encrypt the authentication value, and store the ciphertext blocks and an authentication tag, obtained based on the encrypted authentication value. In a second selectable mode, the cryptographic processor may perform ciphertext block encryption but forgo obtaining the authentication value.
-
公开(公告)号:US12287874B2
公开(公告)日:2025-04-29
申请号:US17992221
申请日:2022-11-22
Applicant: Cryptography Research, Inc.
Inventor: Michael Alexander Hamburg , Winthrop John Wu
IPC: G06F21/55
Abstract: Disclosed systems and techniques are directed to efficient integrity monitoring of computational operations using multiple memory arrays collectively representative of known events associated with the computational operations. Disclosed techniques include obtaining event identification value representative of a state of the computing device associated with execution of an operation on the computing device, obtaining memory pointers and selecting, based on the memory pointers, mapping values from multiple memory arrays, computing an event response value, and classifying the operation among a plurality of classes, based on the event response value.
-
公开(公告)号:US12261935B2
公开(公告)日:2025-03-25
申请号:US17105247
申请日:2020-11-25
Applicant: Cryptography Research, Inc.
Inventor: Elena Trichina , Guilherme Ozari de Almeida , Elke De Mulder
Abstract: Systems and methods for protecting from external monitoring attacks cryptographic data processing operations involving computation of a universal polynomial hash function, such as GHASH function. An example method may comprise: receiving an input data block, an iteration result value, and a mask value; performing a non-linear operation to produce a masked result value, wherein a first operand of the non-linear operation is represented by a combination of the iteration result value and the input data block, and the second operand of the non-linear operation is represented by a secret hash value, and wherein one of the first operand or the second operand is masked using a mask value; determining, based on the mask value, a mask correction value; and producing a new iteration result value by applying the mask correction value to the masked result value.
-
-
-
-
-
-
-
-
-
Search Results
357
records
(took 0.028 seconds)
