公开(公告)号：US09262639B2

公开(公告)日：2016-02-16

申请号：US13929008

申请日：2013-06-27

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Eliphaz Hibshoosh

IPC: G06F21/00 ,  G06F21/60 ,  G09C1/00 ,  H04L9/00

CPC classification number: G06F21/602 ,  G09C1/00 ,  H04L9/002 ,  H04L2209/04 ,  H04L2209/603

Abstract: A system including a memory having regions including a first and second region, the first region being different from the second region, and a digital rights management engine to receive a plurality of ciphertext cipher blocks, decrypt the ciphertext cipher blocks yielding plaintext cipher blocks, output the plaintext cipher blocks to the first region of the memory over a period of time, provide a plurality of decoy cipher blocks in addition to the plaintext cipher blocks, the decoy cipher blocks having a pattern in which: a first one of the decoy cipher blocks consists of data, and a second one of the decoy cipher blocks consists of data which is the same as the data of the first one of the decoy cipher blocks, and output the decoy cipher blocks to the second region of the memory during the period of time. Related apparatus and methods are also included.

Abstract translation: 一种包括存储器的系统，所述存储器具有包括第一和第二区域的区域，所述第一区域不同于所述第二区域;以及数字版权管理引擎，用于接收多个密文密码块，对产生明文密码块的密文密码块进行解密，输出 明文密码块在一段时间内到存储器的第一区域，除了明文密码块之外还提供多个诱饵密码块，所述诱饵密码块具有以下模式：诱饵密码块中的第一个 由数据组成，并且第二个诱饵密码块由与诱饵密码块中的第一个的数据相同的数据组成，并且在该期间内将诱饵密码块输出到存储器的第二区域 时间。 还包括相关的装置和方法。

公开(公告)号：US20180288023A1

公开(公告)日：2018-10-04

申请号：US16004860

申请日：2018-06-11

Applicant: Cisco Technology, Inc.

Inventor： Eliphaz Hibshoosh ,  Aviad Kipnis

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/00

CPC classification number: H04L63/061 ,  H04L9/008 ,  H04L9/0841

Abstract: In one embodiment, a method for secure computation, includes receiving in a server, over a communication channel from a device external to the server a request to perform a modular exponentiation operation in which an exponent of the operation comprises a secret value, wherein the secret value is not provided to the server, and at least two parameters that encode the secret value in accordance with a polynomial or matrix homomorphic encryption of the secret value computed by the device, and performing in the server, in response to the request, a homomorphic exponentiation using the at least two parameters received from the device without decrypting the secret value in the server, so as to generate an output that is indicative of a result of the modular exponentiation operation.

公开(公告)号：US09973334B2

公开(公告)日：2018-05-15

申请号：US15068591

申请日：2016-03-13

Applicant: Cisco Technology, Inc.

Inventor： Eliphaz Hibshoosh ,  Aviad Kipnis ,  Andrew Sinton

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/30 ,  H04L9/08

CPC classification number: H04L9/008 ,  H04L9/0838 ,  H04L9/3026

Abstract: One embodiment of the invention includes a method, including performing, a symmetric homomorphic encryption of a secret SA with a cryptographic key H as input yielding a homomorphic encryption result SA*, sending SA* for mathematical combination by at least one device with at least one secret SB yielding G*, the device A not having access to SB, the at least one device not having access to SA and not having access to H, receiving G*, performing a symmetric homomorphic decryption of data based on G* with H as input yielding a first decrypted output, determining a symmetric cryptographic key KA based on the first decrypted output for secure communication with a first device which is operationally connected to, or includes, a tamper resistant security system including SA and SB therein, securing data using KA yielding secured data, and sending the secured data to the first device.