-
31.发明授权Using dark bits to reduce physical unclonable function (PUF) error rate without storing dark bits location 有权使用暗位来减少物理不可克隆功能(PUF)错误率,而不存储暗位置公开(公告)号:US09262256B2
公开(公告)日:2016-02-16
申请号:US14140243
申请日:2013-12-24
申请人: Sanu K. Mathew , Sudhir K. Satpathy , Patrick Koeberl , Jiangtao Li , Ram K. Krishnamurthy , Anand Rajan
发明人: Sanu K. Mathew , Sudhir K. Satpathy , Patrick Koeberl , Jiangtao Li , Ram K. Krishnamurthy , Anand Rajan
CPC分类号: G06F11/0793 , G06F7/00 , G06F7/588 , G06F11/0745 , G11C7/24 , H04L9/3278 , H04L9/34
摘要: Dark-bit masking technologies for physically unclonable function (PUF) components are described. A computing system includes a processor core and a secure key manager component coupled to the processor core. The secure key manager includes the PUF component, and a dark-bit masking circuit coupled to the PUF component. The dark-bit masking circuit is to measure a PUF value of the PUF component multiple times during a dark-bit window to detect whether the PUF value of the PUF component is a dark bit. The dark bit indicates that the PUF value of the PUF component is unstable during the dark-bit window. The dark-bit masking circuit is to output the PUF value as an output PUF bit of the PUF component when the PUF value is not the dark bit and set the output PUF bit to be a specified value when the PUF value of the PUF component is the dark bit.
摘要翻译: 描述了用于物理不可克隆功能(PUF)组件的暗位掩蔽技术。 计算系统包括处理器核心和耦合到处理器核心的安全密钥管理器组件。 安全密钥管理器包括PUF组件和耦合到PUF组件的暗位屏蔽电路。 暗位掩蔽电路是在暗位窗口期间多次测量PUF分量的PUF值,以检测PUF分量的PUF值是否为暗位。 暗位表示PUF组件的PUF值在暗位窗口期间不稳定。 当PUF值不是暗位时,暗位屏蔽电路将输出PUF值作为PUF分量的输出PUF位,并且当PUF分量的PUF值为 黑暗的一点
-
公开(公告)号:US20150095654A1
公开(公告)日:2015-04-02
申请号:US14126469
申请日:2013-09-30
申请人: Jiangtao Li , Jesse Walker
发明人: Jiangtao Li , Jesse Walker
IPC分类号: H04L9/32
CPC分类号: H04L9/0866 , G06F21/60
摘要: In an embodiment, an apparatus includes a processor including a first core. The first core includes multi-biometric logic to output first biometric data wi (i=1 to n, n≧2), each wi determined based on a corresponding one of first biometric input Mi (i=1 to n, n≧2) received during a first time period. The apparatus also includes setup logic to transform a cryptographic key k via a transformation that uses the first biometric data wi, where transformation of the cryptographic key k results in output of helper data hi (i=1 to n). Other embodiments are described and claimed.
摘要翻译: 在一个实施例中,一种装置包括包括第一核的处理器。 第一核心包括用于输出第一生物特征数据wi(i = 1至n,n≥2)的多生物统计学逻辑,每个wi基于第一生物特征输入Mi(i = 1至n,n≥2)中相应的一个确定, 在第一时期收到。 该装置还包括通过使用第一生物特征数据wi的变换来加密密钥k的设置逻辑,其中密码密钥k的变换导致帮助数据hi(i = 1至n)的输出。 描述和要求保护其他实施例。
-
33.发明授权Method of anonymous entity authentication using group-based anonymous signatures 有权使用基于组的匿名签名的匿名实体身份验证方法公开(公告)号:US08707046B2
公开(公告)日:2014-04-22
申请号:US13100017
申请日:2011-05-03
申请人: Jesse Walker , Jiangtao Li
发明人: Jesse Walker , Jiangtao Li
IPC分类号: H04L29/06
CPC分类号: H04L9/3273 , H04L9/0838 , H04L9/0844 , H04L9/3247 , H04L9/3255 , H04L9/3268 , H04L2209/42
摘要: Methods for anonymous authentication and key exchange are presented. In one embodiment, a method includes initiating a two-way mutual authentication between a first entity and a second entity. The first entity remains anonymous to the second entity after performing the authentication. The method also includes establishing a mutually shared session key for use in secure communication between the entities, wherein the initiating and the establishing are in conjunction with direct anonymous attestation (DAA).
摘要翻译: 提出匿名认证和密钥交换的方法。 在一个实施例中,一种方法包括在第一实体和第二实体之间发起双向相互认证。 执行验证后,第一个实体对第二个实体保持匿名。 该方法还包括建立相互共享的会话密钥,用于实体之间的安全通信,其中启动和建立结合直接匿名认证(DAA)。
-
34.发明授权Apparatus and method for a direct anonymous attestation scheme from short-group signatures 有权来自短组签名的直接匿名认证方案的装置和方法公开(公告)号:US08356181B2
公开(公告)日:2013-01-15
申请号:US12208989
申请日:2008-09-11
申请人: Ernie F. Brickell , Jiangtao Li
发明人: Ernie F. Brickell , Jiangtao Li
IPC分类号: H04L9/32
CPC分类号: H04L9/3234 , H04L9/3073 , H04L9/3218 , H04L9/3255 , H04L2209/42
摘要: An apparatus and method is provided for a direct anonymous attestation scheme from short-group signatures. The method may include the creation of a group public/private key pair for a trusted membership group defined by an issuer; and assigning a cryptographic pair that is combined with a unique private member value to form a private membership key. A trusted member device generates the unique private member value during a join procedure of a trusted membership group. In one embodiment, the private member value of the private membership key is unknown to the issuer. A member may sign a message with the private membership key to form a short-group digital signature that is verified using a public key of the trusted membership group to maintain anonymity of trusted member devices. A size of the private membership key may be reduced to enable storage within a trusted platform module. Other embodiments are described and claimed.
摘要翻译: 为短组签名提供直接匿名认证方案的设备和方法。 该方法可以包括为由发行者定义的可信会员组创建组公/私钥对; 以及分配与唯一私有成员值组合的密码对以形成私有成员密钥。 受信任的成员设备在受信任的成员资格组的连接过程中生成唯一的私有成员值。 在一个实施例中,私人会员密钥的私人会员值对于发行者来说是未知的。 成员可以使用私有成员密钥签名消息,形成一个短组数字签名,该数字签名使用受信任的成员资格组的公钥进行验证,以维护受信任的成员设备的匿名性。 可以减小私有成员密钥的大小以使得能够在可信平台模块内存储。 描述和要求保护其他实施例。
-
公开(公告)号:US20120137137A1
公开(公告)日:2012-05-31
申请号:US12956793
申请日:2010-11-30
申请人: Ernest F. Brickell , Shay Gueron , Jiangtao Li , Carlos V. Rozas , Daniel Nemiroff , Vincent R. Scarlata , Uday R. Savagaonkar , Simon P. Johnson
发明人: Ernest F. Brickell , Shay Gueron , Jiangtao Li , Carlos V. Rozas , Daniel Nemiroff , Vincent R. Scarlata , Uday R. Savagaonkar , Simon P. Johnson
IPC分类号: G06F21/00
CPC分类号: H04L9/0816 , G06F21/572 , G06F21/73
摘要: Keying materials used for providing security in a platform are securely provisioned both online and offline to devices in a remote platform. The secure provisioning of the keying materials is based on a revision of firmware installed in the platform.
摘要翻译: 用于在平台中提供安全性的键控材料可以安全地在线和离线地配置到远程平台中的设备。 密钥材料的安全配置基于安装在平台中的固件的修订版本。
-
公开(公告)号:US20120023334A1
公开(公告)日:2012-01-26
申请号:US12913708
申请日:2010-10-27
申请人: Ernest F. Brickell , Jiangtao Li , Jesse Walker
发明人: Ernest F. Brickell , Jiangtao Li , Jesse Walker
IPC分类号: H04L9/32
CPC分类号: H04L9/0844 , H04L9/0891 , H04L9/3255 , H04L9/3273 , H04L2209/42
摘要: Methods for anonymous authentication and key exchange are presented. In one embodiment, a method includes initiating a two-way mutual authentication between a device and a remote entity. The device remains anonymous to the remote entity after performing the authentication. The method also includes establishing a mutually shared session key for use in secure communication, wherein the initiating and the establishing are in conjunction with direct anonymous attestation (DAA).
摘要翻译: 提出匿名认证和密钥交换的方法。 在一个实施例中,一种方法包括启动设备和远程实体之间的双向相互认证。 执行身份验证后,设备对远程实体保持匿名。 该方法还包括建立用于安全通信的相互共享的会话密钥,其中启动和建立与直接匿名认证(DAA)结合。
-
37.发明授权公开(公告)号:US08078876B2
公开(公告)日:2011-12-13
申请号:US11778804
申请日:2007-07-17
申请人: Ernest F. Brickell , Jiangtao Li
发明人: Ernest F. Brickell , Jiangtao Li
CPC分类号: H04L9/3073 , H04L9/3255 , H04L2209/42
摘要: A method and apparatus for direct anonymous attestation from bilinear maps. In one embodiment, the method includes the creation of a public/private key pair for a trusted membership group defined by an issuer; and assigning a unique secret signature key to at least one member device of the trusted membership group defined by the issuer. In one embodiment, using the assigned signature key, a member may assign a message received as an authentication request to prove membership within a trusted membership group. In one embodiment, a group digital signature of the member is verified using a public key of the trusted membership group. Accordingly, a verifier of the digital signature is able to authenticate that the member is an actual member of the trusted membership group without requiring of the disclosure of a unique identification information of the member or a private member key to maintain anonymity of trusted member devices. Other embodiments are described and claimed.
摘要翻译: 一种从双线性地图直接匿名认证的方法和装置。 在一个实施例中,该方法包括为由发行者定义的可信会员组创建公钥/私钥对; 以及将唯一的秘密签名密钥分配给由所述发行者定义的所述可信会员组的至少一个成员设备。 在一个实施例中,使用分配的签名密钥,成员可以分配作为认证请求接收的消息以证明可信任的成员资格组内的会员资格。 在一个实施例中,使用可信会员组的公钥来验证会员的组数字签名。 因此,数字签名的验证者能够认证成员是受信任的成员资格组的实际成员,而不需要披露成员或私人成员密钥的唯一标识信息来维护可信任成员设备的匿名性。 描述和要求保护其他实施例。
-
38.发明申请APPARATUS AND METHOD FOR ISSUER BASED REVOCATION OF DIRECT PROOF AND DIRECT ANONYMOUS ATTESTATION 审中-公开直接证明和直接匿名登记的基于发布者的装置和方法公开(公告)号:US20080307223A1
公开(公告)日:2008-12-11
申请号:US11948862
申请日:2007-11-30
申请人: Ernest F. Brickell , Jiangtao Li
发明人: Ernest F. Brickell , Jiangtao Li
IPC分类号: H04L9/32
CPC分类号: H04L9/3221 , H04L9/3234 , H04L9/3268 , H04L63/06 , H04L63/0823 , H04L63/126 , H04L2209/42
摘要: In some embodiments, a method and apparatus for issuer based revocation of direct proof and direct anonymous attestation are described. In one embodiment, a trusted hardware device convinces a verifier that the trusted hardware device possesses cryptographic information without revealing unique, device identification information of the trusted hardware device or the cryptographic information. Once the verifier is convinced that the hardware device possesses the cryptographic information, the verifier may issue a denial of revocation request to the trusted hardware device, including a base value BI and a plurality of revoked pseudonyms (K1, . . . , Kn) used for a plurality of suspect member keys during join procedures with an issuer. In response, the trusted hardware device issues a group denial revocation to prove that a private member key F does not match any one of a plurality of unknown, suspect keys F1 . . . Fn formed from the revoked pseudonyms, where n is an integer greater than 1 and i is and integer from 1 to n. Other embodiments are described and claimed.
摘要翻译: 在一些实施例中,描述了用于基于颁发者的撤销直接证明和直接匿名认证的方法和装置。 在一个实施例中,可信硬件设备说服验证者信任的硬件设备拥有加密信息,而不会泄露可信硬件设备或加密信息的唯一的设备识别信息。 一旦验证者确信硬件设备具有加密信息,验证者可以向可信硬件设备发出拒绝撤销请求,包括使用基本值BI和多个撤销的假名(K1,...,Kn) 对于与发行者的连接过程中的多个可疑成员密钥。 作为响应,可信硬件设备发出组拒绝撤销,以证明私有成员密钥F不匹配多个未知的可疑密钥F1中的任何一个。 。 。 Fn由撤销的假名形成,其中n是大于1的整数,i和从1到n的整数。 描述和要求保护其他实施例。
-
39.发明申请APPARATUS AND METHOD FOR ENHANCED REVOCATION OF DIRECT PROOF AND DIRECT ANONYMOUS ATTESTATION 有权用于直接证明和直接匿名登录的增强的撤销的装置和方法公开(公告)号:US20080270790A1
公开(公告)日:2008-10-30
申请号:US11948861
申请日:2007-11-30
申请人: Ernest F. Brickell , Jiangtao Li
发明人: Ernest F. Brickell , Jiangtao Li
CPC分类号: H04L9/3234 , G06F21/57 , H04L9/3013 , H04L9/3221 , H04L9/3247 , H04L2209/42 , H04L2209/56
摘要: In some embodiments, a method and apparatus for enhanced revocation of direct proof and direct anonymous attestation are described. In one embodiment a trusted hardware device verifies that membership of the device within a trusted membership group is not revoked according to a revocation list received with a challenge request from a verifier. Once such verification is performed, the device convinces the verifier of possessing cryptographic information without revealing unique, device identification information of the trusted hardware device or the cryptographic information. In one embodiment, the trusted hardware device computes a digital signature on a message received with the challenge request to the verifier if membership of the anonymous hardware device within a trusted membership group is verified. In one embodiment, the verifier authenticates the digital signature according to a public key of the trusted membership group to enable a trusted member device to remain anonymous to the verifier. Other embodiments are described and claimed.
摘要翻译: 在一些实施例中,描述了用于增强直接证明和直接匿名证明的撤销的方法和装置。 在一个实施例中,可信硬件设备根据从验证者接收到的询问请求的撤销列表来验证受信任的成员资格组内的设备的成员资格是否被撤销。 一旦执行了此类验证,该设备就可以说服验证者拥有加密信息,而不会泄露可信硬件设备或加密信息的唯一设备识别信息。 在一个实施例中,如果验证了可信任的成员资格组内的匿名硬件设备的成员资格,那么可信硬件设备将向接收到的询问请求的消息中的数字签名计算给验证者。 在一个实施例中,验证者根据受信任的成员资格群组的公开密钥对数字签名进行认证,以使受信任的成员设备对验证者保持匿名。 描述和要求保护其他实施例。
-
-
-
-
-
-
-
-
搜索结果
39 条记录 (耗时 0.033 秒)
