公开(公告)号：US09444623B2

公开(公告)日：2016-09-13

申请号：US14567954

申请日：2014-12-11

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Paul C. Kocher ,  Michael A. Hamburg ,  Ambuj Kumar

IPC: H04L9/30

CPC classification number: H04L9/302 ,  H04L2209/12

Abstract: A processing device, such as logic on an integrated circuit may identify a cryptographic message stored in a first register. The processing device may determine a plurality of components for a second power of the cryptographic message using a plurality of components of the cryptographic message. The processing device may determine the plurality of components for the second power of the cryptographic message without storing the entire second power of the cryptographic message. Further, the processing device may determine a third power of the cryptographic message using modular arithmetic. The processing device may determine the third power by transforming the plurality of components for the second power of the cryptographic message and the plurality of components of the cryptographic message.

Abstract translation: 诸如集成电路上的逻辑的处理设备可以标识存储在第一寄存器中的密码消息。 处理设备可以使用密码消息的多个组件来确定密码消息的第二功率的多个组件。 处理设备可以确定用于加密消息的第二功率的多个组件，而不存储密码消息的整个第二功率。 此外，处理装置可以使用模数运算来确定密码消息的第三功率。 处理设备可以通过对密码消息的第二功率的多个组件和密码消息的多个组件进行变换来确定第三功率。

公开(公告)号：US20160013939A1

公开(公告)日：2016-01-14

申请号：US14792445

申请日：2015-07-06

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Benjamin Che-Ming Jun ,  Ambuj Kumar

IPC: H04L9/08

CPC classification number: H04L9/0866 ,  H04L9/003 ,  H04L2209/24

Abstract: A first key associated with a plurality of devices may be received. Furthermore, a second key associated with a single device may be received. The first key associated with the plurality of devices may be modified based on a device identification of the single device. Additionally, a primary key may be generated based on the modified first key and the second key.

Abstract translation: 可以接收与多个设备相关联的第一密钥。 此外，可以接收与单个设备相关联的第二密钥。 可以基于单个设备的设备标识来修改与多个设备相关联的第一密钥。 另外，可以基于修改的第一密钥和第二密钥来生成主密钥。

公开(公告)号：US20150180652A1

公开(公告)日：2015-06-25

申请号：US14567954

申请日：2014-12-11

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Paul C. Kocher ,  Michael A. Hamburg ,  Ambuj Kumar

IPC: H04L9/06 ,  H04L9/14

CPC classification number: H04L9/302 ,  H04L2209/12

Abstract: A processing device, such as logic on an integrated circuit may identify a cryptographic message stored in a first register. The processing device may determine a plurality of components for a second power of the cryptographic message using a plurality of components of the cryptographic message. The processing device may determine the plurality of components for the second power of the cryptographic message without storing the entire second power of the cryptographic message. Further, the processing device may determine a third power of the cryptographic message using modular arithmetic. The processing device may determine the third power by transforming the plurality of components for the second power of the cryptographic message and the plurality of components of the cryptographic message.

Abstract translation: 诸如集成电路上的逻辑的处理设备可以标识存储在第一寄存器中的密码消息。 处理设备可以使用密码消息的多个组件来确定密码消息的第二功率的多个组件。 处理设备可以确定用于加密消息的第二功率的多个组件，而不存储密码消息的整个第二功率。 此外，处理装置可以使用模数运算来确定密码消息的第三功率。 处理设备可以通过对密码消息的第二功率的多个组件和密码消息的多个组件进行变换来确定第三功率。

公开(公告)号：US20140359755A1

公开(公告)日：2014-12-04

申请号：US14289274

申请日：2014-05-28

Applicant: Cryptography Research, Inc.

Inventor： Daniel Beitel ,  Lauren Gao ,  Christopher Gori ,  Paul Carl Kocher ,  Ambuj Kumar ,  Andrew John Leiserson

IPC: G06F21/45

CPC classification number: G06F21/76 ,  G06F21/572

Abstract: A computing device receives a feature name or key name for an integrated circuit comprising a security manager core and an additional component. At least one of a) the additional component is associated with the key name or b) a feature provided by the additional component is associated with the feature name. The computing device receives a specified number of bits associated with the feature name or the key name, and maps the feature name to a feature address space or the key name to a key interface of the security manager core based at on the specified number of bits. The computing device generates at least one hardware description logic (HDL) module based on the mapping, wherein the at least one HDL module is usable to configure the security manager core for delivery of payloads associated with the feature name or the key name to the additional component.

Abstract translation: 计算设备接收包括安全管理器核心和附加组件的集成电路的功能名称或密钥名称。 a）附加组件中的至少一个与密钥名称相关联，或者b）由附加组件提供的特征与特征名称相关联。 计算设备接收与特征名称或密钥名称相关联的指定数量的位，并且基于指定的位数将特征名称映射到特征地址空间或密钥名称到安全管理器核心的密钥接口 。 所述计算设备基于所述映射生成至少一个硬件描述逻辑（HDL）模块，其中所述至少一个HDL模块可用于配置所述安全管理器核心，用于将与所述特征名称或所述密钥名称相关联的有效载荷传递到所述附加 零件。

公开(公告)号：US11521203B2

公开(公告)日：2022-12-06

申请号：US15203722

申请日：2016-07-06

Applicant: Cryptography Research, Inc.

Inventor： Ambuj Kumar ,  Philippe Martineau ,  William Craig Rawlings ,  Helena Handschuh

IPC: G06Q20/38 ,  G06Q20/32 ,  G06Q20/40

Abstract: A base key that is stored at a mobile device may be received. A first dynamic key that is based on the base key may be generated. First transaction data corresponding to a first transaction associated with the mobile device may be received. Furthermore, the first dynamic key may be updated to generate a second dynamic key based on a combination of the first dynamic key and the first transaction data corresponding to the first transaction. Authentication of a second transaction associated with the mobile device may be requested based on the second dynamic key.

公开(公告)号：US20220012186A1

公开(公告)日：2022-01-13

申请号：US17353374

申请日：2021-06-21

Applicant: Cryptography Research, Inc.

Inventor： Ambuj Kumar

IPC: G06F12/14 ,  H04L9/32 ,  H04L9/08 ,  H04L29/06

Abstract: A symmetric key that is stored at a device may be received. A public key from a remote entity may also be received at the device. Furthermore, a derived key may be generated based on a one way function between the symmetric key that is stored at the device and the public key that is received from the remote entity. The derived key may be encrypted with the public key and transmitted to the remote entity. The encryption of the derived key with the public key may provide secure transmission of the derived key to an authorized remote entity with a private key that may be used to decrypt the encrypted derived key.

公开(公告)号：US20200304287A1

公开(公告)日：2020-09-24

申请号：US16786796

申请日：2020-02-10

Applicant: Cryptography Research, Inc.

Inventor： Megan Anneke Wachs ,  Ambuj Kumar ,  Benjamin Che-Ming Jun

IPC: H04L9/06 ,  H04L9/08 ,  H04L29/06 ,  H04L9/32

Abstract: Values and a sequence of operations associated with generating a key may be received. A determination may be made as to whether the sequence of operations associated with the key matches an authorized sequence of operations. The key may be outputted when the received sequence of operations matches the authorized sequence of operations and the key may not be outputted when the received sequence of operations does not match the authorized sequence of operations.

公开(公告)号：US10417453B2

公开(公告)日：2019-09-17

申请号：US15372307

申请日：2016-12-07

Applicant: Cryptography Research, Inc.

Inventor： Ambuj Kumar ,  William Craig Rawlings ,  Ronald Perez ,  Denis Alexandrovich Pochuev ,  Michael Alexander Hamburg ,  Paul Kocher

IPC: G06F9/4401 ,  G06F21/62 ,  G06F21/45 ,  G06F21/60 ,  G06F21/52

Abstract: A container corresponding to executable code may be received. The container may be executed in a secure computation environment by performing one or more operations specified by the executable code of the container. An instruction to terminate the executing of the container may be received from a high level operating system (HLOS) that is external to the secure computation environment. A determination may be made as to whether the container is associated with a preemption privilege and the executing of the container may be terminated after receiving the instruction from the HLOS based on the determination of whether the container is associated with the preemption privilege.

公开(公告)号：US09729331B2

公开(公告)日：2017-08-08

申请号：US14687840

申请日：2015-04-15

Applicant: CRYPTOGRAPHY RESEARCH, INC.

Inventor： Ambuj Kumar ,  Benjamin Che-Ming Jun

IPC: H04L29/06 ,  H04L9/32 ,  G06F3/06 ,  H04L9/08

CPC classification number: H04L9/3268 ,  G06F3/0619 ,  G06F3/0655 ,  G06F3/0679 ,  H04L9/0891 ,  H04L63/0823

Abstract: A request associated with a revocation of a key may be received. A hash value corresponding to the key that is stored in a memory may be identified. Furthermore, the hash value that is stored in the memory may be corrupted in response to the request associated with the revocation of the key.

公开(公告)号：US20170070485A1

公开(公告)日：2017-03-09

申请号：US14949254

申请日：2015-11-23

Applicant: Cryptography Research, Inc.

Inventor： Ambuj Kumar ,  Mark Evan Marson ,  Daniel Robert Beitel

IPC: H04L29/06 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L9/3066 ,  G06F21/606 ,  G06F2221/2107 ,  G06F2221/2111 ,  H04L9/0872 ,  H04L9/3263 ,  H04L63/0442 ,  H04L63/107 ,  H04W4/046 ,  H04W4/40 ,  H04W12/02

Abstract: Encrypted data transmitted from a second entity to a first entity may be received. The encrypted data may be encrypted by a location based public key based on a public key and a location associated with the second entity. A location associated with the first entity may be identified. A location based private key may be generated based on a private key that corresponds to the public key and the location associated with the first entity. Furthermore, the encrypted data may be decrypted with the location based private key when the location associated with the first entity matches the location associated with the second entity.

Abstract translation: 可以接收从第二实体发送到第一实体的加密数据。 可以基于公钥和与第二实体相关联的位置的基于位置的公钥来加密加密数据。 可以识别与第一实体相关联的位置。 基于位置的私钥可以基于对应于公钥的私钥和与第一实体相关联的位置来生成。 此外，当与第一实体相关联的位置与与第二实体相关联的位置匹配时，加密数据可以用基于位置的私钥进行解密。