公开(公告)号：US20150156019A1

公开(公告)日：2015-06-04

申请号：US14575844

申请日：2014-12-18

Applicant: Certicom Corp.

Inventor： Daniel Richard L. Brown ,  Scott Alexander Vanstone

IPC: H04L9/08

CPC classification number: H04L9/0869 ,  G06F7/582 ,  G06F7/588 ,  G06F7/725 ,  H04L9/0662 ,  H04L9/0816 ,  H04L9/0894 ,  H04L9/3066 ,  H04L2209/20 ,  H04L2209/24 ,  H04L2209/26

Abstract: An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.

Abstract translation: 椭圆曲线随机数发生器通过选择椭圆曲线上的点Q可以无限次地避免代管钥匙。 选择一个任意的字符串，并计算该字符串的散列。 然后将散列转换为所需场的场元素，将该场元素视为椭圆曲线上的点Q的x坐标，并且在期望的椭圆曲线上测试x坐标的有效性。 如果有效，则将x坐标解压缩到点Q，其中，从哈希值得出两个点的选择。 有意使用代管密钥可以提供备份功能。 P和Q之间的关系用作托管密钥，并由安全域存储。 管理员记录生成器的输出，用代管密钥重构随机数。

公开(公告)号：US09043876B2

公开(公告)日：2015-05-26

申请号：US14199421

申请日：2014-03-06

Applicant: Certicom Corp.

Inventor： Marinus Struik

IPC: G06F21/00 ,  H04L29/06 ,  H04L9/00

CPC classification number: H04L9/0618 ,  H04L9/00 ,  H04L63/0428 ,  H04L63/08 ,  H04L2209/24

Abstract: A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used.

Abstract translation: 一种用于将数据格式化以传输给另一方的方法，包括在数据中包含指示不存在用于发送者的认证的数据的标志的步骤。 还包括认证标签长度以允许使用可变长度标签。

公开(公告)号：US08970405B2

公开(公告)日：2015-03-03

申请号：US13859508

申请日：2013-04-09

Applicant: Certicom Corp.

Inventor： Weicheng Joseph Ku ,  Paul Daniel Imthurn

IPC: H04N19/91 ,  H03M7/40 ,  H04N19/61 ,  H04N19/436

CPC classification number: H03M7/40 ,  H04N19/436 ,  H04N19/61 ,  H04N19/91

Abstract: An entropy decoder and method for decoding code words with an indication of associated probability for each code word. The decoder can be operable to receive code words and the indication of associated probability. A branch node block can be in communication with a leaf node block. The branch node block comprising one or more branch node lookup tables and branch node control logic. The branch node control logic operable to process a code word in the input buffer using a selected table from the one or more branch node lookup tables to obtain leaf node information and a bit count of a code word size, the branch control logic further operable to refresh the input buffer to replace the bit count of the code word size and to make the leaf node information and the table selection available to the leaf node block.

Abstract translation: 一种熵解码器和方法，用于对每个代码字具有相关联概率的指示来对码字进行解码。 解码器可以用于接收码字和相关概率的指示。 分支节点块可以与叶节点块通信。 分支节点块包括一个或多个分支节点查找表和分支节点控制逻辑。 所述分支节点控制逻辑可操作以使用来自所述一个或多个分支节点查找表的所选择的表来处理所述输入缓冲器中的码字，以获得叶节点信息和码字大小的位计数，所述分支控制逻辑还可操作为 刷新输入缓冲区以替换代码字大小的位计数，并使叶节点信息和表选择可用于叶节点块。

公开(公告)号：US20150002260A1

公开(公告)日：2015-01-01

申请号：US14319545

申请日：2014-06-30

Applicant: Certicom Corp.

Inventor： Daniel Richard L. BROWN

IPC: G06F21/44 ,  G06K7/10

CPC classification number: G06F21/44 ,  G06K7/10366 ,  H04L9/3066 ,  H04L9/3213 ,  H04L9/3252 ,  H04L9/3271 ,  H04L2209/805

Abstract: A system and method of providing authenticity to a radio frequency identification (RFID) tag are provided. The method comprises generating a plurality of digital signatures, wherein each digital signature is generated using an index value unique to that digital signature and using information associated with the RFID tag; and storing the plurality of digital signatures on the RFID tag in association with respective index values to enable a desired digital signature to be selected according to a provided index value. Also provided are a system and method of enabling an RFID reader to authenticate an RFID tag, which utilize a challenge comprising an index value to request one of the stored signature and authenticating same. Also provided is an RFID tag that is configured to participate in the challenge-response protocol.

Abstract translation: 提供了一种向射频识别（RFID）标签提供真实性的系统和方法。 该方法包括生成多个数字签名，其中使用该数字签名唯一的索引值并使用与RFID标签相关联的信息来生成每个数字签名; 并将所述多个数字签名与相应的索引值相关联地存储在所述RFID标签上，以使得能够根据所提供的索引值来选择期望的数字签名。 还提供了使得RFID读取器能够认证RFID标签的系统和方法，RFID标签利用包括索引值的挑战来请求存储的签名之一并进行认证。 还提供了被配置为参与询问 - 响应协议的RFID标签。

公开(公告)号：US20140354409A1

公开(公告)日：2014-12-04

申请号：US14459101

申请日：2014-08-13

Applicant: Certicom Corp.

Inventor： Daniel Richard L. Brown

IPC: G08B21/24

CPC classification number: H04W64/006 ,  G08B5/36 ,  G08B13/1436 ,  G08B21/24 ,  H04W4/027 ,  H04W4/029 ,  H04W4/20 ,  H04W8/22 ,  H04W12/12 ,  H04W88/02

Abstract: A method for a device to determine that it has been lost is provided. The method comprises the device determining its current location, the device comparing its current location to a plurality of stored locations, and the device determining that it has been lost when its current location is a stored location that has been designated as a location where the device is unlikely to be located or is not a stored location that has been designated as a location where the device is likely to be located.

Abstract translation: 提供了一种用于确定其已经丢失的装置的方法。 该方法包括确定其当前位置的设备，该设备将其当前位置与多个存储位置进行比较，并且该设备确定当其当前位置是被指定为该设备的位置时的存储位置已丢失的设备 不太可能被定位或不被指定为设备可能位于的位置的存储位置。

公开(公告)号：US20140351580A1

公开(公告)日：2014-11-27

申请号：US14458971

申请日：2014-08-13

Applicant: CERTICOM CORP.

Inventor： Paul Neil FAHN ,  James SEMPLE

IPC: H04L9/32

CPC classification number: H04L9/3268 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/04 ,  H04L63/0823 ,  H04L63/18 ,  H04L2463/102

Abstract: A method of requesting and issuing a certificate from certification authority for use by an initiating correspondent with a registration authority is provided. The initiating correspondent makes a request for a certificate to the registration authority, and the registration authority sends the request to a certificate authority, which issues the certificate to the registration authority. The certificate is stored at a location in a directory and this location is associated with a pointer such as uniform resource locator (URL) that is derived from information contained in the certificate request. The initiating correspondent computes the location using the same information and forwards it to other corespondents. The other correspondents can then locate the certificate to authenticate the public key of the initiating correspondent.

Abstract translation: 提供了一种从认证机构请求和颁发证书以供初始记者与注册机构使用的方法。 起诉记者向登记机关发出证书请求，登记机关向认证机关发送请求，认证机构向认证机构发放证书。 证书存储在目录中的位置，并且该位置与诸如从证书请求中包含的信息派生的统一资源定位符（URL）的指针相关联。 启动通讯员使用相同的信息计算位置，并将其转发给其他通讯员。 其他通讯员然后可以定位证书来验证初始通讯员的公钥。

公开(公告)号：US20140304517A1

公开(公告)日：2014-10-09

申请号：US14304057

申请日：2014-06-13

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Avinash CHIDAMBARAM ,  Matthew John CAMPAGNA

IPC: H04L9/08 ,  H04L9/32

CPC classification number: H04L9/0863 ,  H04L9/0841 ,  H04L9/32 ,  H04L9/3252 ,  H04L9/3297 ,  H04L2209/42

Abstract: A method of securing user credentials in a remote repository is provided. In accordance with one embodiment, there is provided a method comprising generating a first private key and a first public key pair from a registered password; generating a second private key and a second public key pair; generating a storage key from the second private key and the first public key; encrypting a set of credentials using the storage key; creating a encrypted credential signature from the encrypted set of credentials and the first private key; and storing the encrypted set of credentials, the encrypted credential signature, and the second public key in the remote repository.

Abstract translation: 提供了一种在远程存储库中保护用户凭据的方法。 根据一个实施例，提供了一种方法，包括从注册密码生成第一私钥和第一公开密钥对; 生成第二私钥和第二公钥对; 从所述第二私钥和所述第一公钥生成存储密钥; 使用存储密钥加密一组凭证; 从加密的凭证集合和第一私钥中创建加密的凭证签名; 以及将加密的一组凭证，加密凭证签名和第二公钥存储在远程存储库中。

公开(公告)号：US20140281538A1

公开(公告)日：2014-09-18

申请号：US14288148

申请日：2014-05-27

Applicant: CERTICOM CORP.

Inventor： Scott A. VANSTONE ,  Donald B. JOHNSON

IPC: H04L9/32 ,  H04L9/08

CPC classification number: H04L9/32 ,  G06F7/725 ,  H04L9/0838 ,  H04L9/3066 ,  H04L9/3247

Abstract: A public key encryption system exchanges information between a pair of correspondents. The recipient performs computations on the received data to recover the transmitted data or verify the identity of the sender. The data transferred includes supplementary information that relates to intermediate steps in the computations performed by the recipient.

Abstract translation: 公开密钥加密系统在一对记者之间交换信息。 收件人对接收到的数据执行计算，以恢复发送的数据或验证发送者的身份。 传送的数据包括与由接收者执行的计算中的中间步骤有关的补充信息。

公开(公告)号：US20140211938A1

公开(公告)日：2014-07-31

申请号：US13753126

申请日：2013-01-29

Applicant: CERTICOM CORP.

Inventor： Matthew John CAMPAGNA

IPC: H04L9/08

CPC classification number: H04L9/3252

Abstract: A modified Chinese State Encryption Management Bureau's SM2 Elliptic Curve Signature Algorithm that offers partial message recovery and lowers the signature size for a given cryptographic strength. The modified SM2 Elliptic Curve Signature Algorithm includes a signature and verification algorithm that modifies a signature generation primitive to compute a key derived from the ephemeral signing key, and a multiple of the signer's public key.

Abstract translation: 经修改的中国国家加密管理局的SM2椭圆曲线签名算法，提供部分消息恢复，降低给定加密强度的签名大小。 经修改的SM2椭圆曲线签名算法包括签名和验证算法，其修改签名生成原语以计算从短暂签名密钥导出的密钥，以及签名者的公钥的倍数。

公开(公告)号：US20140201521A1

公开(公告)日：2014-07-17

申请号：US14170213

申请日：2014-01-31

Applicant: Certicom Corp.

Inventor： Marinus Struik

IPC: H04L29/06

CPC classification number: H04L63/105 ,  H04L63/0227 ,  H04L63/12 ,  H04L63/1441 ,  H04L63/20

Abstract: A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check.

Abstract translation: 一种在安全通信系统中进行通信的方法，包括以下步骤：在发送器处组装消息，然后确定帧类型，并且包括消息头部中的帧类型的指示。 然后，该消息被发送到接收方，并且用于执行策略检查的帧类型。