公开(公告)号：US09405936B2

公开(公告)日：2016-08-02

申请号：US14572356

申请日：2014-12-16

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wil Michiels

IPC: G06F21/00 ,  G06F21/64 ,  G06F9/44

CPC classification number: G06F21/64 ,  G06F8/70 ,  G06F21/14 ,  G06F21/54 ,  G06F2221/2123

Abstract: A method of obscuring software code including a plurality of basic blocks, including: calculating, by a processor, a checksum value of the current basic block and a pointer to the end of the current basic block; determining a preceding basic block for the current basic block; inserting the checksum value for the current basic block into the preceding basic block; and inserting instructions into the preceding basic block to determine a pointer to the beginning of the current basic block based upon the checksum value of the current basic block.

Abstract translation: 一种模糊包括多个基本块的软件代码的方法，包括：由处理器计算当前基本块的校验和值和指向当前基本块的结束的指针; 确定当前基本块的前一个基本块; 将当前基本块的校验和值插入到前一个基本块中; 以及基于当前基本块的校验和值，将指令插入到前述基本块中以确定指向当前基本块的开头的指针。

公开(公告)号：US09380033B2

公开(公告)日：2016-06-28

申请号：US14263247

申请日：2014-04-28

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L29/06 ,  H04L9/00

CPC classification number: H04L63/0428 ,  H04L9/002 ,  H04L9/0631 ,  H04L2209/043 ,  H04L2209/16

Abstract: A method of enforcing security settings in a cryptographic system, including: receiving, by the cryptographic system, a first input message associated with a first security setting of a plurality of security settings; performing, by the cryptographic system, a keyed cryptographic operation mapping the first input message into a first output message, wherein the keyed cryptographic operation produces a correct output message when the cryptographic system is authorized for the first security setting, wherein each of the plurality of security settings has an associated set of input messages wherein the sets of input messages do not overlap.

Abstract translation: 一种在加密系统中实施安全设置的方​​法，包括：由加密系统接收与多个安全设置的第一安全设置相关联的第一输入消息; 通过加密系统执行将第一输入消息映射到第一输出消息中的密钥加密操作，其中当密码系统被授权用于第一安全设置时，密钥密码操作产生正确的输出消息，其中， 安全设置具有相关联的一组输入消息，其中输入消息组不重叠。

公开(公告)号：US20160182472A1

公开(公告)日：2016-06-23

申请号：US14577148

申请日：2014-12-19

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L29/06

CPC classification number: H04L63/061 ,  H04L9/002 ,  H04L63/0876 ,  H04L2209/16

Abstract: A non-transitory machine-readable storage medium encoded with instructions for a keyed cryptographic operation having a first and second portion for execution by a cryptographic system mapping an input message to an output message, including: instructions for outputting first cryptographic data from a first portion the cryptographic operation to a secure hardware device implementing a secure function on the data; instructions for receiving output data from the secure hardware device; instructions for implementing an inverse of the secure function on the output data; and instructions for performing a second portion of the cryptographic operation on the inverted output data, wherein the instructions for implementing an inverse of the secure function on the output data are securely merged with the instructions for performing the second portion of the cryptographic operation on the inverted output data so that the inverted output is not accessible to an attacker.

Abstract translation: 一种编码具有用于密钥密码操作的指令的非暂时机读存储介质，具有用于由映射输入消息到输出消息的加密系统执行的第一和第二部分，包括：用于从第一部分输出第一加密数据的指令 对在数据上实现安全功能的安全硬件设备的加密操作; 用于从安全硬件设备接收输出数据的指令; 用于实现对输出数据的安全功能的反向的指令; 以及用于对所述反相输出数据执行所述密码操作的第二部分的指令，其中用于对所述输出数据执行所述安全功能的逆的所述指令与所述用于执行所述反转的所述加密操作的所述第二部分的指令安全地合并 输出数据，使得反向输出不能被攻击者访问。

公开(公告)号：US20150312224A1

公开(公告)日：2015-10-29

申请号：US14263247

申请日：2014-04-28

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/002 ,  H04L9/0631 ,  H04L2209/043 ,  H04L2209/16

Abstract: A method of enforcing security settings in a cryptographic system, including: receiving, by the cryptographic system, a first input message associated with a first security setting of a plurality of security settings; performing, by the cryptographic system, a keyed cryptographic operation mapping the first input message into a first output message, wherein the keyed cryptographic operation produces a correct output message when the cryptographic system is authorized for the first security setting, wherein each of the plurality of security settings has an associated set of input messages wherein the sets of input messages do not overlap.

Abstract translation: 一种在加密系统中实施安全设置的方​​法，包括：由加密系统接收与多个安全设置的第一安全设置相关联的第一输入消息; 通过加密系统执行将第一输入消息映射到第一输出消息中的密钥加密操作，其中当密码系统被授权用于第一安全设置时，密钥密码操作产生正确的输出消息，其中， 安全设置具有相关联的一组输入消息，其中输入消息组不重叠。

公开(公告)号：US20150312039A1

公开(公告)日：2015-10-29

申请号：US14263372

申请日：2014-04-28

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L9/32 ,  H04L9/06 ,  H04L29/06

CPC classification number: H04L9/3231 ,  G06F21/14 ,  H04L9/0625 ,  H04L9/0631 ,  H04L2209/043 ,  H04L2209/16

Abstract: A method of determining a fingerprint identification of a cryptographic implementation in a cryptographic system, including: receiving, by the cryptographic system, an input message that is a fingerprint identification message; performing, by the cryptographic system, a keyed cryptographic operation mapping the fingerprint identification message into an output message that includes a fingerprint identification; and outputting the output message.

Abstract translation: 一种在密码系统中确定密码实现的指纹识别的方法，包括：密码系统接收作为指纹识别消息的输入消息; 通过加密系统执行将指纹识别消息映射到包括指纹识别的输出消息中的密钥加密操作; 并输出输出消息。

公开(公告)号：US20150270949A1

公开(公告)日：2015-09-24

申请号：US14219606

申请日：2014-03-19

Applicant: NXP B.V.

Inventor： Wil Michiels

IPC: H04L9/00 ,  H04L29/06 ,  H04L9/14

CPC classification number: H04L9/0625 ,  G09C1/00 ,  H04L9/002 ,  H04L9/0618 ,  H04L9/14 ,  H04L63/1466 ,  H04L2209/046 ,  H04L2209/16 ,  H04L2209/24

Abstract: A method of performing a keyed cryptographic operation mapping an input message to an output message, wherein the cryptographic operation includes at least one round including a non-linear mapping function configured to map input data to output data, including: splitting the input data into n split input data, wherein the splitting of the input data varies based upon the value of the input message; inputting each split input data into the non-linear mapping function to obtain n split output data, wherein a combination the n split output data indicates an output data, wherein the output data results when the input data is input to the non-linear mapping function.

Abstract translation: 一种执行将输入消息映射到输出消息的密钥加密操作的方法，其中所述密码操作包括至少一个包括配置成将输入数据映射到输出数据的非线性映射函数的回合，包括：将输入数据分解为n 分割输入数据，其中所述输入数据的分割基于所述输入消息的值而变化; 将每个分割输入数据输入到非线性映射函数中以获得n个分割输出数据，其中n个分割输出数据的组合指示输出数据，其中当输入数据被输入到非线性映射函数时，输出数据结果 。

公开(公告)号：US10599820B2

公开(公告)日：2020-03-24

申请号：US14259395

申请日：2014-04-23

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Phillippe Teuwen ,  Wil Michiels

IPC: G06F21/00 ,  G06F21/14

Abstract: A method of obscuring software code including a plurality of basic blocks wherein the basic blocks have an associated identifier (ID), including: determining, by a processor, for a first basic block first predecessor basic blocks, wherein first predecessor basic blocks jump to the first basic block and the first basic block jumps to a next basic block based upon a next basic block ID; producing, by the processor, a mask value based upon the IDs of first predecessor basic blocks, wherein the mask value identifies common bits of the IDs of the first predecessor basic blocks; and inserting, by the processor, an instruction in the first basic block to determine a next basic block ID based upon the mask value and an ID of one of the first predecessor basic blocks.

公开(公告)号：US10412054B2

公开(公告)日：2019-09-10

申请号：US14313402

申请日：2014-06-24

Applicant: NXP B.V.

Inventor： Wil Michiels ,  Jan Hoogerbrugge

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/06

Abstract: A method of performing a cryptographic operation using a cryptographic implementation in a cryptographic system, including: receiving, by the cryptographic system, an identifying string value; receiving, by the cryptographic system, an input message; performing, by the cryptographic system, a keyed cryptographic operation mapping the input message into an output message wherein the output message is the correct result when the identifying string value is one of a set of binding string values, wherein the set includes a plurality of binding string values.

公开(公告)号：US10372886B2

公开(公告)日：2019-08-06

申请号：US14815540

申请日：2015-07-31

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wil Michiels

IPC: G06F21/14 ,  G06F21/62 ,  H04L9/30

Abstract: A method of obscuring the input and output of a modular exponentiation function, including: receiving modular exponentiation parameters including an exponent e having N bits and a modulus m; generating randomly a pre-multiplier; calculating a post-multiplier based upon the pre-multiplier, exponent e, and modulus m; multiplying an input to the modular exponentiation function by the pre-multiplier; performing the modular exponentiation function; and multiplying the output of the modular exponentiation function by the post-multiplier, wherein multiplying an input to the modular exponentiation function by the pre-multiplier, performing the modular exponentiation function, and multiplying the output of the modular exponentiation function by the post-multiplier are split variable operations.

公开(公告)号：US10235506B2

公开(公告)日：2019-03-19

申请号：US14815381

申请日：2015-07-31

Applicant: NXP B.V.

Inventor： Jan Hoogerbrugge ,  Wil Michiels

IPC: G06F21/14 ,  G06F7/72 ,  H04L9/00

Abstract: A method of obscuring software code implementing a modular exponentiation function, including: receiving modular exponentiation parameters including an exponent e having N bits; generating a bitwise exponent array and inverse bitwise exponent array; and generating modular exponentiation function operations using the bitwise exponent array, inverse bitwise exponent array, and N, wherein the generated modular exponentiation function operations are split variable operations.