公开(公告)号：US09929858B2

公开(公告)日：2018-03-27

申请号：US14860619

申请日：2015-09-21

申请人： NXP B.V.

发明人： Sebastien Riou

IPC分类号： H04L9/00 ,  H04L9/32 ,  G06F11/10 ,  G09C1/00

CPC分类号： H04L9/004 ,  G06F11/1004 ,  G09C1/00 ,  H04L9/3239 ,  H04L2209/24

摘要： In an embodiment, an integrated circuit (IC) device for detecting fault attacks is disclosed. In the embodiment, the IC device includes a main CPU core, memory coupled to the main CPU core, and a co-processor core including a checksum generation module, the co-processor core coupled to the main CPU core, wherein the main CPU core is configured to direct the co-processor core to process data from the memory and the co-processor core is configured to process the data, in part, by feeding internal signals to the checksum generation module and wherein the co-processor core is further configured to return a checksum value generated by the checksum generation module to the main CPU core.

公开(公告)号：US20180081636A1

公开(公告)日：2018-03-22

申请号：US15823992

申请日：2017-11-28

申请人： International Business Machines Corporation

发明人： Volker Boenisch ,  Reinhard Buendgen ,  Franziska Geisert ,  Jakob Lang ,  Mareike Lattermann ,  Budy D. Notohardjono ,  Angel Nunez-Mencias

IPC分类号： G06F7/58 ,  H04L9/08 ,  G09C1/00

CPC分类号： G06F7/588 ,  G09C1/00 ,  H04L9/0869 ,  H04L2209/24

摘要： Generating a pool of random numbers for use by computer applications. Vibration sensors are placed throughout a machine and collects information theoretic entropy data from the measurement of the vibration sensors. The data is then filtered and added to an entropy pool. Applications needing a random number may acquire a number from the pool. A method, computer program product and system to generate the pool are provided.

公开(公告)号：US20180069695A1

公开(公告)日：2018-03-08

申请号：US15255921

申请日：2016-09-02

申请人： BlackBerry Limited ,  2236008 Ontario Inc.

发明人： Roger Paul BOWMAN ,  Dmitri PECHKIN ,  David Hughston Rodrigue SARRAZIN ,  Timothy Lee SEGATO

IPC分类号： H04L9/06 ,  H04L9/08 ,  H04L9/16

CPC分类号： H04L9/0631 ,  H04L9/0841 ,  H04L9/0861 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/16 ,  H04L2209/24

摘要： Systems, methods, and software can be used to encrypt and decrypt data. In some aspects, a first primary secret key based on a primary ephemeral key pair and a primary master public key is generated by a primary data service application on an electronic device. A first primary ciphertext is generated by encrypting a first portion of the data using the first primary secret key. A second primary secret key is generated based on the first primary secret key. The first primary secret key is deleted. The first primary ciphertext is sent from the primary data service application to a secondary data service application. A first encrypted text is received from the secondary data service application. The first encrypted text is generated by encrypting the first primary ciphertext.

公开(公告)号：US09912473B2

公开(公告)日：2018-03-06

申请号：US14850108

申请日：2015-09-10

申请人： Zettaset, Inc.

发明人： Eric A. Murray

IPC分类号： H04L29/06 ,  H04L9/08 ,  G06F21/60 ,  G06F21/62 ,  G06F11/20 ,  H04L9/14

CPC分类号： H04L9/0822 ,  G06F11/2028 ,  G06F11/2041 ,  G06F11/2046 ,  G06F21/602 ,  G06F21/6218 ,  H04L9/14 ,  H04L2209/24

摘要： Shared file systems and methods ensuring high availability of cryptographic keys. The keys are encrypted with at least one shareable master key to generate corresponding encrypted cryptographic keys, which are stored in a key database in the shared file system. A master key manager with access to the key database is elected from among master key manager candidates and is assigned a common virtual address. All master key manager candidates have the shareable master key such that during a failover event the availability of the encrypted cryptographic keys is not interrupted as a new master key manager takes over the common virtual address from the previous master key manager. Additionally, a message authentication code (MAC) is deployed for testing the integrity of keys during their retrieval.

公开(公告)号：US09910478B2

公开(公告)日：2018-03-06

申请号：US14787848

申请日：2014-05-14

申请人： NEC Corporation

发明人： Toshiyuki Isshiki

IPC分类号： H04L29/06 ,  G06F1/32 ,  G06F3/00 ,  H01L23/538 ,  H04L9/30 ,  G06F13/40 ,  H05K1/02 ,  H05K1/14

CPC分类号： G06F1/3212 ,  G06F3/00 ,  G06F13/40 ,  H01L23/5382 ,  H01L2924/0002 ,  H04L9/3093 ,  H04L63/0442 ,  H04L2209/24 ,  H05K1/029 ,  H05K1/142 ,  H05K2201/10037 ,  H05K2201/10212 ,  Y02D10/174 ,  H01L2924/00

摘要： A collation system includes a first node, a second node and a third node. The first node includes: an encryption unit; a distance calculation unit t; and a collation data generation unit. The second node includes: a key generation unit; and a collation unit. The third node includes: a storage unit; and a collation information generation unit.

公开(公告)号：US20180063086A1

公开(公告)日：2018-03-01

申请号：US15253832

申请日：2016-08-31

申请人： Nicira, Inc.

发明人： Mukesh Hira ,  Saurabh Shah ,  Su Wang

IPC分类号： H04L29/06 ,  H04L12/24 ,  H04L12/721 ,  H04L29/08 ,  H04L12/933 ,  H04L12/823 ,  G06F9/455

CPC分类号： H04L41/0803 ,  G06F9/45558 ,  G06F2009/4557 ,  G06F2009/45595 ,  H04L9/0819 ,  H04L9/3213 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/66 ,  H04L41/046 ,  H04L41/12 ,  H04L41/20 ,  H04L45/38 ,  H04L45/72 ,  H04L45/74 ,  H04L47/32 ,  H04L49/15 ,  H04L49/25 ,  H04L49/70 ,  H04L61/2015 ,  H04L61/2514 ,  H04L61/2521 ,  H04L61/2539 ,  H04L61/256 ,  H04L61/2592 ,  H04L63/0209 ,  H04L63/0236 ,  H04L63/0263 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/20 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2212/00

摘要： Some embodiments provide a method for a network controller that manages a logical network implemented in a datacenter having forwarding elements to which the network controller does not have access. The method identifies a data compute node (DCN), that operates on a host machine in the datacenter, to attach to the logical network. The DCN has a network interface with a network address provided by a management system of the datacenter. The DCN executes (i) a workload application and (ii) a managed forwarding element (MFE). The method distributes configuration data for configuring the MFE to receive data packets sent from the workload application on the DCN and perform network security processing on the data packets without performing logical forwarding operations. The data packets sent by the workload application have the provided network address as a source address when received by the MFE and are not encapsulated by the MFE.

公开(公告)号：US20180063036A1

公开(公告)日：2018-03-01

申请号：US15279409

申请日：2016-09-28

申请人： Ganesan Chandrashekhar ,  Mukesh Hira ,  Jayant Jain ,  Ronghua Zhang

发明人： Ganesan Chandrashekhar ,  Mukesh Hira ,  Jayant Jain ,  Ronghua Zhang

IPC分类号： H04L12/931 ,  H04L29/12 ,  H04L12/741

CPC分类号： H04L49/15 ,  G06F9/45533 ,  G06F9/45558 ,  G06F9/5072 ,  G06F11/008 ,  G06F11/07 ,  G06F11/0709 ,  G06F11/0793 ,  G06F11/1438 ,  G06F11/1482 ,  G06F11/2035 ,  G06F11/3433 ,  G06F15/177 ,  G06F2009/4557 ,  G06F2009/45595 ,  H04L9/0819 ,  H04L9/3213 ,  H04L12/4633 ,  H04L12/4641 ,  H04L12/66 ,  H04L41/044 ,  H04L41/0806 ,  H04L41/12 ,  H04L41/20 ,  H04L45/38 ,  H04L45/72 ,  H04L45/74 ,  H04L47/125 ,  H04L47/32 ,  H04L49/25 ,  H04L49/70 ,  H04L61/2015 ,  H04L61/2514 ,  H04L61/2521 ,  H04L61/2539 ,  H04L61/256 ,  H04L61/2592 ,  H04L63/0209 ,  H04L63/0236 ,  H04L63/0263 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/20 ,  H04L67/10 ,  H04L67/1097 ,  H04L2209/24 ,  H04L2212/00

摘要： Some embodiments provide a method for a managed first forwarding element executing on a first data compute node (DCN) that operates on a first host machine within a public datacenter. The managed first forwarding element is configured to implement a logical network. The method receives a data packet from an application, executing on the first data compute node, that sends and receives data packets through the logical network. When the data packet has a destination address that is not associated with the logical network, the method sends the packet directly to a second forwarding element configured by an administrator of the datacenter. When the data packet has a destination address associated with the logical network, the method sends the packet to a managed third forwarding element configured to implement the logical network. The managed third forwarding element executes on a second DCN on a second host machine within the datacenter.

公开(公告)号：US20180062829A1

公开(公告)日：2018-03-01

申请号：US15252741

申请日：2016-08-31

申请人： Intel Corporation

发明人： Vikram SURESH ,  Sudhir SATPATHY ,  Sanu MATHEW

IPC分类号： H04L9/06

CPC分类号： H04L9/0631 ,  G06F9/30007 ,  G09C1/00 ,  H04L9/0637 ,  H04L2209/12 ,  H04L2209/24

摘要： A hybrid AES-SMS4 hardware accelerator is described. A System on Chip implementing a hybrid AES-SMS4 hardware accelerator may include a processor core and a single hardware accelerator coupled to the processor core, the single hardware accelerator to encrypt or decrypt data. The single hardware accelerator may include a first block cipher to encrypt or decrypt the data according to a first encryption algorithm and a second block cipher to encrypt or decrypt the data according to a second encryption algorithm. The accelerator may further include a combined substitution box (Sbox) coupled to the first block cipher and the second block cipher, the combined Sbox comprising logic to perform Galois Field (GF) multiplications and inverse computations, wherein the inverse computations are common to the first block cipher and the second block cipher.

公开(公告)号：US09898909B2

公开(公告)日：2018-02-20

申请号：US15031066

申请日：2015-01-30

申请人： NOKIA SOLUTIONS AND NETWORKS OY

发明人： Afm Rezaul Hasan ,  Russell Rezaian

IPC分类号： G08B13/24 ,  G08B13/06 ,  G08B29/04 ,  H04L9/14

CPC分类号： G08B13/2434 ,  G06F21/86 ,  G06K19/07372 ,  G06K19/07798 ,  G08B13/06 ,  G08B29/04 ,  G09F3/03 ,  G09F3/08 ,  H04L9/14 ,  H04L9/3247 ,  H04L2209/24

摘要： An apparatus secured to a device includes a fastener, an adhesive secured to the fastener, an electric circuit configured to measure a property, a memory configured to store the property, and at least one Key to access the stored property, wherein the apparatus is configured to detect an unauthorized opening of the device.

公开(公告)号：US09893897B2

公开(公告)日：2018-02-13

申请号：US14929476

申请日：2015-11-02

申请人： Intel Corporation

发明人： Xiaoning Li ,  Karanvir S. Grewal ,  Geoffrey H. Cooper ,  John R. Guzik

IPC分类号： H04L9/32 ,  G06F11/30 ,  G06F21/00 ,  H04L29/06

CPC分类号： H04L9/3273 ,  G06F11/30 ,  G06F21/00 ,  H04L63/0227 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/0464 ,  H04L63/166 ,  H04L2209/24

摘要： Technologies are provided in example embodiments for analyzing an encrypted network flow. The technologies include monitoring the encrypted network flow between a first node and a second node, the network flow initiated from the first node; duplicating the encrypted network flow to form a copy of the encrypted network flow; decrypting the copy of the encrypted network flow using a shared secret, the shared secret associated with the first node and the second node; and scanning the network flow copy for targeted data.