-
公开(公告)号:US08874900B2
公开(公告)日:2014-10-28
申请号:US13398626
申请日:2012-02-16
申请人: Ernie Brickell , Jiangtao Li
发明人: Ernie Brickell , Jiangtao Li
CPC分类号: H04L9/3234 , H04L9/3073 , H04L9/3218 , H04L9/3255 , H04L2209/42
摘要: A Direct Anonymous Attestation (DAA) scheme using elliptic curve cryptography (ECC) and bilinear maps. A trusted platform module (TPM) may maintain privacy of a portion of a private membership key from an issuer while joining a group. Moreover, the TPM can outsource most of the computation involved in generating a signature to a host computer.
摘要翻译: 使用椭圆曲线加密(ECC)和双线性映射的直接匿名证明(DAA)方案。 可信平台模块(TPM)可以在加入组时从发行商维护私有成员密钥的一部分的隐私。 此外,TPM可以将生成签名所涉及的大部分计算外包给主机。
-
公开(公告)号:US20130159726A1
公开(公告)日:2013-06-20
申请号:US13527547
申请日:2012-06-19
申请人: Francis X. MCKEEN , Carlos V. Rozas , Uday R. Savagaonkar , Simon P. Johnson , Vincent Scarlata , Michael A. Goldsmith , Ernie Brickell , Jiang Tao Li , Howard C. Herbert , Prashant Dewan , Stephen J. Tolopka , Gilbert Neiger , David Durham , Gary Graunke , Bernard Lint , Don A. Van Dyke , Joseph Cihula , Stalinselvaraj Jeyasingh , Stephen R. Van Doren , Dion Rodgers , John Garney , Asher Altman
发明人: Francis X. MCKEEN , Carlos V. Rozas , Uday R. Savagaonkar , Simon P. Johnson , Vincent Scarlata , Michael A. Goldsmith , Ernie Brickell , Jiang Tao Li , Howard C. Herbert , Prashant Dewan , Stephen J. Tolopka , Gilbert Neiger , David Durham , Gary Graunke , Bernard Lint , Don A. Van Dyke , Joseph Cihula , Stalinselvaraj Jeyasingh , Stephen R. Van Doren , Dion Rodgers , John Garney , Asher Altman
IPC分类号: G06F21/72
摘要: A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed.
摘要翻译: 一种在计算机系统内实现安全应用和数据完整性的技术。 在一个实施例中,建立一个或多个安全空间,其中可以存储和执行应用和数据。
-
公开(公告)号:US07610448B2
公开(公告)日:2009-10-27
申请号:US11646642
申请日:2006-12-27
申请人: Mark Buxton , Ernie Brickell , Quinn A. Jacobson , Hong Wang , Baiju Patel
发明人: Mark Buxton , Ernie Brickell , Quinn A. Jacobson , Hong Wang , Baiju Patel
IPC分类号: G06F12/00 , G06F13/00 , G06F13/28 , G06F12/14 , G06F11/00 , G06F12/16 , G06F15/18 , G08B23/00
CPC分类号: G06F12/0842 , G06F9/30047 , G06F12/1458 , G06F21/52 , G06F21/78
摘要: For each memory location in a set of memory locations associated with a thread, setting an indication associated with the memory location to request a signal if data from the memory location is evicted from a cache; and in response to the signal, reloading the set of memory locations into the cache.
摘要翻译: 对于与线程相关联的一组存储器位置中的每个存储器位置,设置与存储器位置相关联的指示,以便如果来自存储器位置的数据被从高速缓存中移出,则请求信号; 并且响应于该信号,将该组存储器位置重新加载到高速缓存中。
-
34.发明申请公开(公告)号:US20060126843A1
公开(公告)日:2006-06-15
申请号:US11008904
申请日:2004-12-09
申请人: Ernie Brickell , Gary Graunke
发明人: Ernie Brickell , Gary Graunke
IPC分类号: H04L9/00
CPC分类号: H04L9/0637 , H04L9/0668
摘要: Encrypting data in as cascaded block cipher system may be accomplished by applying a first encryption algorithm using a secret shared between first and second parties as a key to generate a secret inner key; applying a second encryption algorithm for a predetermined number of rounds using the secret inner key to generate a plurality of blocks of ciphertext data from a plurality of blocks of plaintext data; and repeating the applying the first encryption algorithm and the applying the second encryption algorithm steps.
摘要翻译: 将数据加密为级联块密码系统可以通过应用使用第一方和第二方共享的秘密的第一加密算法作为生成秘密内密钥的密钥来实现; 使用所述秘密内键对预定次数的循环应用第二加密算法,以从多个明文数据块生成多个密文块数据; 并重复应用第一加密算法和应用第二加密算法步骤。
-
公开(公告)号:US20060015751A1
公开(公告)日:2006-01-19
申请号:US10891699
申请日:2004-07-14
IPC分类号: G06F12/14
CPC分类号: G06F21/73
摘要: Secure storage and retrieval of a unique value associated with a device to/from a memory of a processing system. In at least one embodiment, the device needs to be able to access the unique value across processing system resets, and the device does not have sufficient non-volatile storage to store the unique value itself. Instead, the unique value is stored in the processing system memory in such a way that the stored unique value does not create a unique identifier for the processing system or the device. A pseudo-randomly or randomly generated initialization vector may be used to vary an encrypted data structure used to store the unique value in the memory.
-
36.发明申请Method of delivering Direct Proof private keys to devices using an on-line service 失效使用在线服务将Direct Proof私钥交付给设备的方法公开(公告)号:US20060013402A1
公开(公告)日:2006-01-19
申请号:US10892256
申请日:2004-07-14
申请人: James Sutton , Ernie Brickell , Clifford Hall , David Grawrock
发明人: James Sutton , Ernie Brickell , Clifford Hall , David Grawrock
IPC分类号: H04L9/00
CPC分类号: H04L9/0844 , H04L2209/127
摘要: Delivering a Direct Proof private key to a device installed in a client computer system in the field may be accomplished in a secure manner without requiring significant non-volatile storage in the device. A unique pseudo-random value is generated and stored in the device at manufacturing time. The pseudo-random value is used to generate a symmetric key for encrypting a data structure holding a Direct Proof private key and a private key digest associated with the device. The resulting encrypted data structure is stored on a protected on-liner server accessible by the client computer system. When the device is initialized on the client computer system, the system checks if a localized encrypted data structure is present in the system. If not, the system obtains the associated encrypted data structure from the protected on-line server using a secure protocol. The device decrypts the encrypted data structure using a symmetric key regenerated from its stored pseudo-random value to obtain the Direct Proof private key. If the private key is valid, it may be used for subsequent authentication processing by the device in the client computer system.
摘要翻译: 将直接证明私钥提供给安装在该领域中的客户端计算机系统中的设备可以以安全的方式来实现,而不需要设备中的显着的非易失性存储。 在制造时产生并存储在设备中的唯一伪随机值。 伪随机值用于生成用于加密持有Direct Proof私钥和与该设备相关联的私钥摘要的数据结构的对称密钥。 所得到的加密数据结构存储在由客户端计算机系统可访问的受保护的在线服务器上。 当在客户端计算机系统上初始化设备时,系统会检查系统中是否存在本地化的加密数据结构。 如果没有,系统将使用安全协议从受保护的在线服务器获取相关联的加密数据结构。 设备使用从其存储的伪随机值重新生成的对称密钥来解密加密数据结构,以获得直接证明私钥。 如果私钥有效,则其可以用于客户端计算机系统中的设备的后续认证处理。
-
公开(公告)号:US20050275661A1
公开(公告)日:2005-12-15
申请号:US10866004
申请日:2004-06-10
申请人: Joseph Cihula , Ernie Brickell , Chiung-Chen Yu
发明人: Joseph Cihula , Ernie Brickell , Chiung-Chen Yu
摘要: In one implementation, a method for ensuring the trustworthiness of graphical user interfaces is described wherein a computing system user selects and/or modifies an image to be used as at least a portion of the background of one or more visual elements of a graphical user interface of a trusted computing environment. The user selected background image facilitates recognition by the user of the trustworthiness of the environment's graphical user interface when it is displayed to the user. The computing system seals the selected image or a modified version of the selected image within the trusted computing environment to prevent access to that image by computing environments other than the trusted computing environment. Additional embodiments are described and claimed.
摘要翻译: 在一个实现中,描述了用于确保图形用户界面的可信赖性的方法,其中计算系统用户选择和/或修改要用作图形用户界面的一个或多个视觉元素的背景的至少一部分的图像 的可信计算环境。 用户选择的背景图像便于用户在向用户显示时识别环境的图形用户界面的可信赖性。 计算系统将所选择的图像或受信任的计算环境内的所选图像的修改版本密封,以防止通过除了可信计算环境之外的计算环境来访问该图像。 描述和要求保护附加的实施例。
-
公开(公告)号:US06959394B1
公开(公告)日:2005-10-25
申请号:US09672495
申请日:2000-09-29
申请人: Ernie Brickell , Keen Chan
发明人: Ernie Brickell , Keen Chan
CPC分类号: H04L63/0435 , G06Q20/206 , G06Q20/3829 , H04L63/083
摘要: A password is split into a plurality of pieces. The pieces are stored at different remote servers. The different remote servers have the property that together they can determine that the user has knowledge of the correct password. If any subset of the servers are compromised, the compromised subset cannot convince any remaining servers that they know the password.
摘要翻译: 密码被分成多个片段。 这些部分存储在不同的远程服务器上。 不同的远程服务器具有一起它们可以确定用户知道正确密码的属性。 如果服务器的任何子集受到威胁,则受影响的子集不能说服任何剩余的服务器他们知道密码。
-
公开(公告)号:US20050149722A1
公开(公告)日:2005-07-07
申请号:US10748773
申请日:2003-12-30
申请人: Willard Wiseman , David Grawrock , Ernie Brickell , Matthew Wood , Joseph Cihula
发明人: Willard Wiseman , David Grawrock , Ernie Brickell , Matthew Wood , Joseph Cihula
CPC分类号: H04L63/061 , H04L9/321 , H04L9/3263 , H04L63/067 , H04L63/0823 , H04L2209/127 , H04L2209/56
摘要: According to an embodiment of the invention, a method and apparatus for session key exchange are described. An embodiment of a method comprises requesting a service for a platform; certifying the use of the service for one or more acceptable configurations of the platform; and receiving a session key for a session of the service, the service being limited to the one or more acceptable configurations of the platform.
摘要翻译: 根据本发明的实施例,描述了用于会话密钥交换的方法和装置。 一种方法的实施例包括请求一个平台的服务; 证明使用该服务的平台的一个或多个可接受的配置; 以及接收所述服务的会话的会话密钥,所述服务被限制为所述平台的所述一个或多个可接受的配置。
-
公开(公告)号:US20050138384A1
公开(公告)日:2005-06-23
申请号:US10744429
申请日:2003-12-22
申请人: Ernie Brickell , Matthew Wood
发明人: Ernie Brickell , Matthew Wood
CPC分类号: G06F21/57
摘要: Receiving a request for an attestation of platform configuration from an attestation requestor, receiving an acceptable configuration, and if the platform matches the acceptable configuration, sending an attestation of platform configuration including a signed response indicating that the platform configuration matches an acceptable configuration to the attestation requester.
摘要翻译: 从认证请求者接收到认证平台配置的请求,接收可接受的配置,如果平台匹配可接受的配置,则发送平台配置的认证,包括指示平台配置与可接受的配置匹配的认证的签名响应 请求者
-
-
-
-
-
-
-
-
-
搜索结果
56 条记录 (耗时 0.027 秒)
