公开(公告)号：US10068070B2

公开(公告)日：2018-09-04

申请号：US14815474

申请日：2015-07-31

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wil Michiels ,  Pim Vullers

IPC: G06F21/00 ,  G06F21/14 ,  G06F21/60 ,  H04L9/30 ,  G06F21/50

Abstract: A method of obscuring software code implementing an elliptic curve cryptography (ECC) point multiplication function, including: receiving ECC parameters including a multiplier d having N bits; transforming multiplier d into an array d(i) with −1, 0, and +1 values while maintaining the same value for d; and generating ECC point multiplication function operations using the transformed multiplier array d(i) and N, wherein the generated ECC point multiplication function operations are split variable operations.

公开(公告)号：US09602273B2

公开(公告)日：2017-03-21

申请号：US14705635

申请日：2015-05-06

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04K1/00 ,  H04L9/06 ,  H04L9/14

CPC classification number: H04L9/0631 ,  H04L9/14 ,  H04L2209/16 ,  H04L2209/24

Abstract: A device and method for performing a keyed cryptographic operation mapping an input message to an output message including a first and a second round, wherein the cryptographic operation includes a key scheduling method that produces round keys based upon the encryption key, including: instructions for receiving a first input by the first round; instructions for receiving a second input by the first round; instructions for outputting the second input as a third input to the second round; instructions for performing a first cryptographic operation on the second input using a first static round key to produce a first cryptographic output; and instructions for combining first input, the first cryptographic output, and a second encoded dynamic round key to produce a fourth input to the second round, wherein the second encoded dynamic round key is produced by inputting an encoded dynamic encryption key into the key scheduling method.

公开(公告)号：US09569639B2

公开(公告)日：2017-02-14

申请号：US14484925

申请日：2014-09-12

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: G06F11/30 ,  G06F21/72 ,  H04L9/06 ,  G06F21/53

CPC classification number: G06F21/72 ,  G06F21/53 ,  G06F2221/034 ,  H04L9/0631 ,  H04L2209/16

Abstract: A non-transitory machine-readable storage medium encoded with instructions for execution by a keyed cryptographic operation by a cryptographic system mapping an input message to an output message, wherein the cryptographic operation includes at least one round including a non-linear mapping function configured to map input data to output data, including: instructions for determining that the input data has a diversification number less than a diversification level threshold number; instructions for remapping the input data to a remapped input data, wherein the remapped input data corresponds to an input data having a diversification number greater than or equal to the diversification threshold value, and instructions for inputting the remapped input data into the non-linear mapping function to obtain output data.

Abstract translation: 一种非暂时的机器可读存储介质，其编码有用于通过将输入消息映射到输出消息的加密系统通过密钥加密操作执行的指令，其中所述密码操作包括至少一个循环，所述至少一个循环包括非线性映射函数， 将输入数据映射到输出数据，包括：用于确定输入数据具有小于多样化级别阈值数目的多样化数量的指令; 用于将输入数据重新映射到重新映射的输入数据的指令，其中重新映射的输入数据对应于具有大于或等于多样化阈值的多样化数量的输入数据，以及用于将重映射的输入数据输入到非线性映射中的指令 功能来获取输出数据。

公开(公告)号：US20160330019A1

公开(公告)日：2016-11-10

申请号：US14705635

申请日：2015-05-06

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L9/06 ,  H04L9/14

CPC classification number: H04L9/0631 ,  H04L9/14 ,  H04L2209/16 ,  H04L2209/24

Abstract: A device and method for performing a keyed cryptographic operation mapping an input message to an output message including a first and a second round, wherein the cryptographic operation includes a key scheduling method that produces round keys based upon the encryption key, including: instructions for receiving a first input by the first round; instructions for receiving a second input by the first round; instructions for outputting the second input as a third input to the second round; instructions for performing a first cryptographic operation on the second input using a first static round key to produce a first cryptographic output; and instructions for combining first input, the first cryptographic output, and a second encoded dynamic round key to produce a fourth input to the second round, wherein the second encoded dynamic round key is produced by inputting an encoded dynamic encryption key into the key scheduling method.

Abstract translation: 一种用于执行将输入消息映射到包括第一和第二轮的输出消息的密钥加密操作的装置和方法，其中所述密码操作包括基于所述加密密钥产生轮密钥的密钥调度方法，包括：用于接收的指令 第一轮的第一个输入; 用于接收第一轮的第二输入的指令; 用于将第二输入作为第三输入输出到第二轮的指令; 用于使用第一静态循环密钥对所述第二输入执行第一密码操作以产生第一密码输出的指令; 以及用于组合第一输入，第一加密输出和第二编码动态循环密钥以产生到第二轮的第四输入的指令，其中通过将编码的动态加密密钥输入到密钥调度方法中来产生第二编码动态循环密钥 。

公开(公告)号：US09363244B2

公开(公告)日：2016-06-07

申请号：US14263191

申请日：2014-04-28

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: G06F21/51 ,  H04L29/06 ,  H04L9/00

CPC classification number: H04L63/0428 ,  G06F21/51 ,  H04L9/002 ,  H04L9/0631 ,  H04L2209/043 ,  H04L2209/16

Abstract: A method of authorization in a cryptographic system that provides separate authorization for a plurality of different input message groups using a single cryptographic key, including: receiving, by the cryptographic system, a first input message from a first input message group; performing, by the cryptographic system, a keyed cryptographic operation mapping the first input message into a first output message, wherein the keyed cryptographic operation produces a correct output message when the cryptographic system is authorized for the first input message group, wherein the keyed cryptographic operation does not produce a correct output when the cryptographic system is not authorized for the first input message group, and wherein each of the plurality of input message groups has an associated set of input messages wherein the sets of input messages do not overlap.

Abstract translation: 一种加密系统中的授权方法，其使用单个加密密钥为多个不同的输入消息组提供单独的授权，包括：密码系统从第一输入消息组接收第一输入消息; 通过加密系统执行将第一输入消息映射到第一输出消息中的密钥加密操作，其中当密码系统被授权用于第一输入消息组时，密钥密码操作产生正确的输出消息，其中密钥密码操作 当加密系统未被授权用于第一输入消息组时，它不产生正确的输出，并且其中多个输入消息组中的每一个具有相关联的一组输入消息，其中输入消息组不重叠。

公开(公告)号：US20150324585A1

公开(公告)日：2015-11-12

申请号：US14270558

申请日：2014-05-06

Applicant: NXP B.V.

Inventor： Philippe Teuwen ,  Peter Rombouts ,  Jan Rene Brands ,  Jan Hoogerbrugge

IPC: G06F21/56 ,  G06F9/44

CPC classification number: G06F9/38 ,  G06F8/70 ,  G06F21/14 ,  G06F21/54 ,  G06F21/56 ,  G06F2221/033

Abstract: A method for obfuscating functionality of computer software is disclosed. In an embodiment, the method involves determining a first set of instructions needed to perform a target operation and a second set of instructions for at least one or more additional operations. The second set of instructions is tuned to contain instructions such that, by executing the second set of instructions, the function of the first set of instructions can be performed. Once the first and second sets of instruction are determined and tuned, a code library is created and code fragments in the library correspond to code needed to perform the function of the first set of instructions when executed. Instructions are then added to the second set of instructions such that, when executed, will cause the functionality of the first set of instructions to be achieved.

Abstract translation: 公开了一种用于模糊计算机软件功能的方法。 在一个实施例中，该方法包括确定执行目标操作所需的第一组指令和用于至少一个或多个附加操作的第二组指令。 调整第二组指令以包含指令，使得通过执行第二组指令，可以执行第一组指令的功能。 一旦确定和调整了第一组和第二组指令，就会创建一个代码库，并且库中的代码片段与执行第一组指令的功能所需的代码相对应。 然后将指令添加到第二组指令中，使得当被执行时，将导致实现第一组指令的功能。

公开(公告)号：US20150312226A1

公开(公告)日：2015-10-29

申请号：US14263429

申请日：2014-04-28

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  G06F21/51 ,  H04L63/123

Abstract: A method of performing a cryptographic operation using a cryptographic implementation in a cryptographic system, including: receiving, by the cryptographic system, an identifying string value; receiving, by the cryptographic system, an input message; performing, by the cryptographic system, a keyed cryptographic operation mapping the input message into an output message wherein the output message is the correct result when the indentifying string value equals a binding string value

Abstract translation: 一种使用加密系统中的密码实现进行加密操作的方法，包括：密码系统接收识别字符串值; 通过加密系统接收输入消息; 通过加密系统执行将输入消息映射到输出消息中的密钥加密操作，其中当识别字符串值等于绑定字符串值时，输出消息是正确的结果

公开(公告)号：US20150310193A1

公开(公告)日：2015-10-29

申请号：US14259395

申请日：2014-04-23

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Phillippe Teuwen ,  Wil Michiels

IPC: G06F21/12 ,  G06F21/14

CPC classification number: G06F21/14 ,  G06F2221/0748

Abstract: A method of obscuring software code including a plurality of basic blocks wherein the basic blocks have an associated identifier (ID), including: determining, by a processor, for a first basic block first predecessor basic blocks, wherein first predecessor basic blocks jump to the first basic block and the first basic block jumps to a next basic block based upon a next basic block ID; producing, by the processor, a mask value based upon the IDs of first predecessor basic blocks, wherein the mask value identifies common bits of the IDs of the first predecessor basic blocks; and inserting, by the processor, an instruction in the first basic block to determine a next basic block ID based upon the mask value and an ID of one of the first predecessor basic blocks.

Abstract translation: 一种模糊软件代码的方法，包括多个基本块，其中基本块具有相关联的标识符（ID），包括：由处理器确定第一基本块第一前驱基本块，其中第一前导基本块跳转到 第一基本块，并且第一基本块基于下一个基本块ID跳转到下一个基本块; 由所述处理器基于所述第一先前基本块的ID产生掩码值，其中所述掩码值识别所述第一前导基本块的ID的公共位; 以及由所述处理器插入所述第一基本块中的指令，以基于所述掩码值和所述第一前置基本块之一的ID来确定下一个基本块ID。

公开(公告)号：US20150270951A1

公开(公告)日：2015-09-24

申请号：US14220321

申请日：2014-03-20

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L9/00 ,  H04L29/06

CPC classification number: H04L9/002 ,  H04L63/1466 ,  H04L2209/16 ,  H04L2209/24

Abstract: A method of performing a secure function on data inputs by a security module, including: receiving an encrypted data value by the security module; decrypting the encrypted data value using a white-box decryption block cipher and encoding the decrypted data value, wherein the data value is invisible to an attacker; performing a function on the encoded data value and producing an encoded result of the function, wherein the data value and the result are invisible to the attacker; decoding the encoded result of the programmed function and then encrypting the result using a white-box encryption block cipher, wherein the result is invisible to the attacker.

Abstract translation: 一种在安全模块对数据输入执行安全功能的方法，包括：由安全模块接收加密的数据值; 使用白盒解密块密码解密加密数据值并对解密的数据值进行编码，其中数据值对于攻击者是不可见的; 对所述编码数据值执行功能并产生所述功能的编码结果，其中所述数据值和所述结果对于所述攻击者是不可见的; 解码编程功能的编码结果，然后使用白盒加密块密码加密结果，其中结果对于攻击者是不可见的。

公开(公告)号：US08836379B2

公开(公告)日：2014-09-16

申请号：US14175822

申请日：2014-02-07

Applicant: NXP B.V.

Inventor： Surendra Guntur ,  Ghiath Al-kadi ,  Rinze Ida Mechtildis Peter Meijer ,  Jan Hoogerbrugge ,  Hamed Fatemi

IPC: H03K17/00 ,  G06F1/08

CPC classification number: G06F1/08 ,  G06F1/04 ,  G06F1/12

Abstract: The invention provides a clock select circuit and method which uses feedback arrangements between latches in different branches, with each branch for coupling an associated clock signal to the circuit output. An override circuit is provided in one of the feedback arrangements for preventing a latching delay in that feedback arrangement. This enables rapid switching between clocks in both directions.

Abstract translation: 本发明提供一种时钟选择电路和方法，其使用不同分支中的锁存器之间的反馈装置，每个分支用于将相关联的时钟信号耦合到电路输出。 在用于防止该反馈装置中的锁定延迟的反馈装置中的一个中提供了超控电路。 这使得能够在两个方向上的时钟之间快速切换。