公开(公告)号：US20140181990A1

公开(公告)日：2014-06-26

申请号：US14152055

申请日：2014-01-10

Applicant: Certicom Corp.

Inventor： Marinus Struik

IPC: H04L29/06

CPC classification number: H04L63/123 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/162

Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.

Abstract translation: 一种在安全通信系统中进行通信的方法包括以下步骤：在发送方处组装为消息，然后确定安全级别，并且包括消息头部中的安全级别的指示。 然后将该消息发送给收件人。

公开(公告)号：US20140181955A1

公开(公告)日：2014-06-26

申请号：US13723429

申请日：2012-12-21

Applicant: CERTICOM CORP.

Inventor： Anthony ROSATI

IPC: G06F21/44

CPC classification number: G06F21/44 ,  G06F21/35 ,  G07C9/00174 ,  G07C9/00309 ,  G07C2009/0042 ,  G07C2209/14 ,  H04L63/0492 ,  H04L2463/082 ,  H04W4/80 ,  H04W12/06

Abstract: There is provided a method and apparatus for communications using short range communications such as Near Field Communications (NFC). A mobile device comprising an NFC subsystem provides a dynamic credential for use to login to a network requiring two factor authentication. A terminal used for logging in to the network is associated with an NFC reader, and bringing the NFC device in proximity to the NFC reader provides the terminal with the dynamic credential required for two factor authentication.

Abstract translation: 提供了一种使用短距离通信的通信方法和装置，例如近场通信（NFC）。 包括NFC子系统的移动设备提供用于登录到需要双因素认证的网络的动态凭证。 用于登录网络的终端与NFC读取器相关联，并且使NFC设备接近NFC读取器为终端提供双因素认证所需的动态凭证。

公开(公告)号：US20140154975A1

公开(公告)日：2014-06-05

申请号：US13690001

申请日：2012-11-30

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： Robert John Lambert ,  Neil Patrick Adams ,  Ravi Singh ,  Salvatore Federico Barbieri

IPC: H04B5/00

CPC classification number: H04W4/008 ,  H04L63/0492 ,  H04L63/126 ,  H04W4/80 ,  H04W12/10

Abstract: In some aspects of what is described here, a first wireless device detects proximity of a second wireless device (e.g., by a Near Field Communication (NFC) interface or another type of interface). Based on detecting proximity of the second wireless device, the first wireless device generates a recommendation request from information received from the second wireless device. The first wireless device sends the recommendation request to a trusted authority and receives a response. The response includes the trusted authority's recommendation whether to trust the second wireless device. The first wireless device can determine whether to trust the second wireless device based on the recommendation.

Abstract translation: 在这里描述的一些方面，第一无线设备检测第二无线设备的接近（例如，通过近场通信（NFC）接口或另一类型的接口）。 基于检测到第二无线设备的接近度，第一无线设备从从第二无线设备接收的信息生成推荐请求。 第一无线设备将推荐请求发送到可信管理机构并接收响应。 响应包括可信管理机构的建议是否信任第二个无线设备。 第一无线设备可以基于推荐来确定是否信任第二无线设备。

公开(公告)号：US20140146964A1

公开(公告)日：2014-05-29

申请号：US13793810

申请日：2013-03-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： Atsushi Yamada ,  Gregory Marc Zaverucha

IPC: H04L9/28

CPC classification number: H04L9/30 ,  H04L9/0637 ,  H04L9/0643 ,  H04L2209/125

Abstract: A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block. The method further includes computing a global message authentication tag as a function of the message authentication tag computed for each working block and a global message authentication key. The ciphertext message comprises the working block ciphertext computed for each working block and the global message authentication tag.

Abstract translation: 一种用于将明文消息转换成密文消息的计算机实现的认证加密方法。 该方法包括将明文消息划分成至少两个工作块，每个工作块与明文消息具有数学关系。 对于每个工作块，计算工作块密文作为这种工作块，确定性工作块初始化向量和确定性工作块加密密钥的函数。 对于每个工作块，消息认证标签被计算为确定性工作块消息认证密钥的函数，并且（a）为这种工作块计算的工作块密文和对应于这种工作块的数学关系的指示中的至少一个 阻止明文消息，（b）这样的工作块。 该方法还包括根据为每个工作块计算的消息认证标签和全局消息认证密钥来计算全局消息认证标签。 密文消息包括为每个工作块和全局消息认证标签计算的工作块密文。

公开(公告)号：US20010016908A1

公开(公告)日：2001-08-23

申请号：US09070794

申请日：1998-05-01

Applicant: CERTICOM CORP.

Inventor： SIMON BLAKE-WILSON ,  DONALD JOHNSON ,  ALFRED MENEZES

IPC: H04L009/30

CPC classification number: H04L9/0841

Abstract: A key agreement method between a pair of entities i and j in a digital data communication system, wherein each the entity has a private and corresponding public key pair Si,Pi and Sj,Pj respectively and the system, having global parameters for generating elements of a group, the method comprising the steps of: (a) entity i selecting a random private session value Ri; (b) forwarding a public session value corresponding to the private session value Ri to the entity j; (c) entity j computing a long term shared secret key knull derived from entity i's public key and j's private key utilizing a first function H1; (d) the entity j utilizing entity j utilizing the key knull and computing an authenticated message on entity identities i, j and entities public session keys and forwarding the authenticated message to entity i; (e) the entity i verifying the received authenticated message; (f) the entity i computing the long term shared secret key knull derived from the entity j's public key and i's private key in accordance with the first function H1; (g) the entity i utilizing the long term shared secret key knull and computing an authenticated message on the entities i and j identity information and the entities public session keys and forwarding the authenticated message to the entity j: (h) entity j verifying the received authenticated message; and (i) upon both the entities i and j verifying the authenticated message, computing a short term shared secret key utilizing a respective entity's session public and private keys.

Abstract translation: 在数字数据通信系统中的一对实体i和j之间的密钥协商方法，其中每个实体分别具有私有和对应的公共密钥对Si，Pi和Sj，Pj，并且该系统具有用于生成元素的全局参数 一种组，所述方法包括以下步骤：（a）实体i选择随机私人会话值Ri; （b）将与私有会话值Ri相对应的公共会话值转发给实体j; （c）实体j使用第一函数H1计算从实体i的公钥和j的私钥导出的长期共享秘密密钥k'; （d）实体j利用密钥k'并且在实体身份i，j和实体公共会话密钥上计算经认证的消息，并将认证消息转发到实体i; （e）验证接收到的认证消息的实体; （f）实体i根据第一函数H1计算从实体j的公开密钥导出的长期共享密钥k'和i的私钥; （g）使用长期共享秘密密钥k'的实体i并且在实体i和j身份信息和实体公共会话密钥上计算经认证的消息，并将认证消息转发到实体j：（h）实体j验证 收到的认证消息; 以及（i）在证实验证的消息的实体i和j两者之间，利用相应实体的会话公钥和私钥计算短期共享密钥。

公开(公告)号：US20010008013A1

公开(公告)日：2001-07-12

申请号：US09773665

申请日：2001-02-02

Applicant: Certicom Corp.

Inventor： Donald B. Johnson ,  Scott A. Vanstone ,  Minghua Ou

IPC: H04L009/30

CPC classification number: H04L9/3247 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/3066 ,  H04L9/3252 ,  H04L2209/04

Abstract: The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as nullsmart cardsnull. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s' by combining a third signature component with the second signature component to derive signature components (snull, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification.

公开(公告)号：US11263630B2

公开(公告)日：2022-03-01

申请号：US16158971

申请日：2018-10-12

Applicant: Certicom Corp.

Inventor： Daniel Richard L. Brown

IPC: G06Q20/40 ,  G06Q20/06 ,  G06Q20/38 ,  H04L9/08 ,  H04L9/00 ,  H04L9/32

Abstract: A method at a computing device in a public ledger cryptography system, the method including creating a purpose string, the purpose string defining transaction parameters for an account within the public ledger cryptography system; using the purpose string to create a private key and associated public key for an account within the public ledger cryptography system; and providing the purpose string for use in verification of a transaction from the account within the public ledger cryptography system.

公开(公告)号：US20200244669A1

公开(公告)日：2020-07-30

申请号：US16852179

申请日：2020-04-17

Applicant: Certicom Corp.

Inventor： Marinus STRUIK

IPC: H04L29/06

Abstract: A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check.

公开(公告)号：US20200186345A1

公开(公告)日：2020-06-11

申请号：US16164965

申请日：2018-10-19

Applicant: Certicom Corp.

Inventor： Daniel Richard L. BROWN

IPC: H04L9/30 ,  H04L9/08 ,  H04L9/00

Abstract: A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q−1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd≤48.

公开(公告)号：US10355859B2

公开(公告)日：2019-07-16

申请号：US15470259

申请日：2017-03-27

Applicant: Certicom Corp.

Inventor： Daniel Richard Brown

IPC: G06F7/00 ,  H04L9/08 ,  H04L9/30

Abstract: A method for a Diffie Hellman key exchange, the method including selecting a field size p in the form p=hq+1, where q is a prime number that is one plus a factorial number b, such that q=(b!+1), and h is a cofactor, such that p=hq+1 is prime; selecting a generator integer g whose order modulo p is the prime q or is divisible by q; choosing a private key x; computing a public key gx mod p by raising said generator g to the power of said private key x, using arithmetic modulo said prime field size p; sending said public key gx mod p to a correspondent; receiving, from the correspondent, a second public key B comprising g raised to a second private key y selected by the correspondent, in the form gy; and creating a key Bx from the received second public key B, by raising said second public key B to the power of said private key x, using arithmetic modulo said prime field size p.