公开(公告)号：US08879724B2

公开(公告)日：2014-11-04

申请号：US12637565

申请日：2009-12-14

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC分类号： H04L9/00 ,  G06F21/00 ,  G07F7/08 ,  G06Q20/34 ,  G06F21/75 ,  G06F21/55 ,  G06F7/00 ,  G07F7/10 ,  G06F21/77 ,  G06K19/073

CPC分类号： H04L9/0618 ,  G06F1/06 ,  G06F1/266 ,  G06F1/3225 ,  G06F7/00 ,  G06F21/75 ,  G06F21/755 ,  G06F21/77 ,  G06F2207/7223 ,  G06F2207/7266 ,  G06K19/073 ,  G06K19/07363 ,  G06Q20/341 ,  G06Q20/382 ,  G06Q20/409 ,  G07F7/08 ,  G07F7/082 ,  G07F7/1008 ,  G09C1/00 ,  H04L9/003 ,  H04L2209/04 ,  H04L2209/08 ,  H04L2209/56 ,  H04L2209/805

摘要： Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.

摘要翻译： 从智能卡和其他防篡改加密设备泄露的信息可以进行统计分析，以确定密钥或其他秘密数据。 数据采集​​和分析系统配置有连接的模拟 - 数字转换器，用于测量设备在设备处理期间变化的设备的电力消耗或目标设备的某些其他属性。 当目标设备执行加密操作时，对于每个密码操作记录来自A / D转换器的数据。 然后使用统计分析处理存储的数据，产生整个密钥，或者可以用于加速强力搜索或其他攻击的密钥的部分信息。

公开(公告)号：US07039816B2

公开(公告)日：2006-05-02

申请号：US10695256

申请日：2003-10-27

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC分类号： H04N7/167 ,  H04L9/30

CPC分类号： G06F21/602 ,  G06F21/10 ,  G06F21/72 ,  G06F2211/007 ,  G06F2221/0753 ,  G06F2221/2101 ,  G06Q20/367 ,  H04L9/0833 ,  H04L2209/127 ,  H04L2209/603

摘要： To prevent piracy, audiovisual content is encrypted prior to transmission to consumers. A low-cost, high-security cryptographic rights module (such as a smartcard) enables devices such as players/displays to decode such content. Security-critical functions may be performed by the cryptographic module in a manner that allows security compromises to be addressed by upgrading or replacing cryptographic modules, thereby avoiding the need to replace or modify other (typically much higher-cost) components. The security module contains cryptographic keys, which it uses to process rights enablement messages (REMs) and key derivation messages (KDMs). From a REM and KDM, the security module derives key data corresponding to content, uses public key and/or symmetric cryptography to re-encrypt the derived key data for another device, and provides the re-encrypted key data to the decoding device. The decoding device then uses cryptographic values derived from the re-encrypted key data to decrypt the content.

摘要翻译： 为了防止盗版，视听内容在传输给消费者之前被加密。 低成本，高安全性的加密权限模块（如智能卡）可使诸如播放器/显示器等设备解码此类内容。 安全关键功能可以由加密模块以允许通过升级或替换加密模块来解决安全危害的方式来执行，从而避免需要替换或修改其他（通常成本更高的成本）组件。 安全模块包含加密密钥，用于处理权限启用消息（REM）和密钥导出消息（KDM）。 从REM和KDM，安全模块导出与内容对应的密钥数据，使用公开密钥和/或对称密码来对另一设备的导出密钥数据进行重新加密，并将重新加密的密钥数据提供给解码设备。 解码装置然后使用从重新加密的密钥数据导出的加密值来解密内容。

公开(公告)号：US06289455B1

公开(公告)日：2001-09-11

申请号：US09389268

申请日：1999-09-02

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC分类号： G06F1214

CPC分类号： G06F21/602 ,  G06F21/10 ,  G06F21/72 ,  G06F2211/007 ,  G06F2221/0753 ,  G06F2221/2101 ,  G06Q20/367 ,  H04L9/0833 ,  H04L2209/127 ,  H04L2209/603

摘要： A secure cryptographic rights unit for cryptographically regulating access to digital content includes an interface control processor and a specialized cryptographic unit that protects access to a memory. Rights keys, which allow access to content, are added by the cryptographic unit by transforming data received from the control processor and storing the result in the protected memory. The cryptographic unit then produces content decryption keys by using stored rights keys to transform other data received from the control processor. Because the control processor does not have the ability to directly access the protected memory, the security can remain effective even if the control processor is compromised. To prevent reverse engineering of the cryptographic transformations, the invention provides for an algorithm generator that uses random sources to produce algorithm definitions in machine-readable form. Because the generator itself does not contain any secrets, it can be submitted for open review.

摘要翻译： 用于密码地调节对数字内容的访问的安全加密权限单元包括接口控制处理器和保护对存储器的访问的专用加密单元。 允许访问内容的权限由加密单元通过转换从控制处理器接收的数据并将结果存储在受保护的存储器中来添加。 密码单元然后通过使用存储的权限密钥来转换从控制处理器接收的其他数据来产生内容解密密钥。 由于控制处理器不具备直接访问受保护的存储器的能力，因此即使控制处理器受到威胁，安全性也可以保持有效。 为了防止加密变换的逆向工程，本发明提供了一种使用随机源产生机器可读形式的算法定义的算法生成器。 因为发电机本身不包含任何秘密，所以可以提交公开审查。

公开(公告)号：US06298442B1

公开(公告)日：2001-10-02

申请号：US09325528

申请日：1999-06-03

申请人： Paul C. Kocher ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Joshua M. Jaffe

IPC分类号： G06F1214

CPC分类号： H04L9/3066 ,  G06F7/723 ,  G06F7/725 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7261 ,  H04L9/003 ,  H04L9/0841 ,  H04L2209/127 ,  H04L2209/56

摘要： Methods and apparatuses are disclosed for securing cryptosystems against external monitoring attacks by reducing the amount (and signal to noise ratio) of useful information leaked during processing. In general, this is accomplished by implementing critical operations using “branchless” or fixed execution path routines whereby the execution path does not vary in any manner that can reveal new information about the secret key during subsequent operations. More particularly, various embodiments of the invention include: implementing modular exponentiation without key-dependent conditional jumps; implementing modular exponentiation with fixed memory access patterns; implementing modular multiplication without using leak-prone multiplication-by-one operations; and implementing leak-minimizing multiplication (and other operations) for elliptic curve cryptosystems.

摘要翻译： 公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来保护密码系统免受外部监视攻击的方法和装置。 一般来说，这是通过使用“无分支”或固定执行路径例程实现关键操作来实现的，由此执行路径在随后的操作期间可以以任何可以揭示关于秘密密钥的新信息的方式变化。 更具体地，本发明的各种实施例包括：实现没有密钥依赖条件跳转的模幂运算; 实现具有固定存储器访问模式的模幂运算; 实现模数乘法而不使用易泄漏的乘法运算; 并为椭圆曲线密码系统实施泄漏最小化乘法（和其他操作）。

公开(公告)号：US20130173928A1

公开(公告)日：2013-07-04

申请号：US13762703

申请日：2013-02-08

申请人： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC分类号： G06F12/14

CPC分类号： G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

摘要： Techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments.

摘要翻译： 技术可以由设备加密和解密敏感数据，以提供安全性从外部监视攻击。 加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。 敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。 加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。 解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。

公开(公告)号：US08386800B2

公开(公告)日：2013-02-26

申请号：US12958570

申请日：2010-12-02

申请人： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC分类号： H04L9/32 ,  H04L9/00

CPC分类号： G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

摘要： This patent describes techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments. Derived keys and validators are produced using methods designed to preserve security even if cipher and hashing operations leak information. Embodiments for systems including SoCs, firmware loading, FPGAs and network communications are described.

摘要翻译： 本专利描述了可以通过设备加密和解密敏感数据的技术，以提供来自外部监视攻击的安全性的方式。 加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。 敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。 加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。 解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。 派生密钥和验证器使用旨在保护安全性的方法生成，即使加密和散列操作泄漏信息。 描述了包括SoC，固件加载，FPGA和网络通信的系统的实施例。

公开(公告)号：US06381699B2

公开(公告)日：2002-04-30

申请号：US09737182

申请日：2000-12-13

申请人： Paul C. Kocher ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Joshua M. Jaffe

IPC分类号： H04L910

CPC分类号： H04L9/3247 ,  G06F7/723 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  G06F2207/7257 ,  G06Q20/367 ,  G06Q20/401 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/0891 ,  H04L9/3013 ,  H04L9/302 ,  H04L63/1441 ,  H04L2209/56

摘要： The present invention provides a method and apparatus for securing cryptographic devices against attacks involving external monitoring and analysis. A “self-healing” property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations of the invention are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption, ElGamal digital signing, and the Digital Signature Algorithm.

摘要翻译： 本发明提供一种用于保护加密装置免受涉及外部监视和分析的攻击的方法和装置。 引入了“自愈”财产，使部分妥协之后不断重新建立安全性。 除了产生有用的加密结果之外，典型的防漏密码操作以设计成使得无用的任何关于可能先前从系统泄露的秘密的信息的方式修改或更新秘密密钥材料。 示出了用于对称认证，经认证的Diffie-Hellman（当一个或两个用户具有证书​​时），RSA，ElGamal公钥解密，ElGamal数字签名和数字签名算法的示例性的防漏和防漏实现。

公开(公告)号：US07792287B2

公开(公告)日：2010-09-07

申请号：US11981495

申请日：2007-10-30

申请人： Paul C. Kocher ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Joshua M. Jaffe

IPC分类号： H04L9/30 ,  G06F21/00

CPC分类号： H04L9/3247 ,  G06F7/723 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  G06F2207/7257 ,  G06Q20/367 ,  G06Q20/401 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/0891 ,  H04L9/3013 ,  H04L9/302 ,  H04L63/1441 ,  H04L2209/56

摘要： We disclose methods and apparatuses for securing cryptographic devices against attacks involving external monitoring and analysis. A “self-healing” property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption.

摘要翻译： 我们公开了保护加密设备免受外部监控和分析攻击的方法和设备。 引入了“自愈”财产，使部分妥协之后不断重新建立安全性。 除了产生有用的加密结果之外，典型的防漏密码操作以设计成使得无用的任何关于可能先前从系统泄露的秘密的信息的方式修改或更新秘密密钥材料。 示出了用于对称认证，经认证的Diffie-Hellman（当一个或两个用户具有证书​​时），RSA，ElGamal公钥解密的示例性的防漏和防漏实施。

公开(公告)号：US07506165B2

公开(公告)日：2009-03-17

申请号：US10136012

申请日：2002-04-29

申请人： Paul C. Kocher ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Joshua M. Jaffe

IPC分类号： G06F21/00

CPC分类号： H04L9/3247 ,  G06F7/723 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  G06F2207/7257 ,  G06Q20/367 ,  G06Q20/401 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/0891 ,  H04L9/3013 ,  H04L9/302 ,  H04L63/1441 ,  H04L2209/56

摘要： We disclose methods and apparatuses for securing cryptographic devices against attacks involving external monitoring and analysis. A “self-healing” property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption.

摘要翻译： 我们公开了保护加密设备免受外部监控和分析攻击的方法和设备。 引入了“自愈”财产，使部分妥协之后不断重新建立安全性。 除了产生有用的加密结果之外，典型的防漏密码操作以设计成使得无用的任何关于可能先前从系统泄露的秘密的信息的方式修改或更新秘密密钥材料。 示出了用于对称认证，经认证的Diffie-Hellman（当一个或两个用户具有证书​​时），RSA，ElGamal公钥解密的示例性的防漏和防漏实施。

公开(公告)号：US06304658B1

公开(公告)日：2001-10-16

申请号：US09224682

申请日：1998-12-31

申请人： Paul C. Kocher ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Joshua M. Jaffe

IPC分类号： H04L930

CPC分类号： H04L9/3247 ,  G06F7/723 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  G06F2207/7257 ,  G06Q20/367 ,  G06Q20/401 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/0891 ,  H04L9/3013 ,  H04L9/302 ,  H04L63/1441 ,  H04L2209/56

摘要： The present invention provides a method and apparatus for securing cryptographic devices against attacks involving external monitoring and analysis. A “self-healing” property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations of the invention are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption, ElGamal digital signing, and the Digital Signature Algorithm.

摘要翻译： 本发明提供一种用于保护加密装置免受涉及外部监视和分析的攻击的方法和装置。 引入了“自愈”财产，使部分妥协之后不断重新建立安全性。 除了产生有用的加密结果之外，典型的防漏密码操作以设计成使得无用的任何关于可能先前从系统泄露的秘密的信息的方式修改或更新秘密密钥材料。 示出了用于对称认证，经认证的Diffie-Hellman（当一个或两个用户具有证书​​时），RSA，ElGamal公钥解密，ElGamal数字签名和数字签名算法的示例性的防漏和防漏实现。