-
51.发明申请Method and Apparatus for Protecting SIMLock Information in an Electronic Device 失效用于保护电子设备中SIMLOCK信息的方法和装置公开(公告)号:US20090007275A1
公开(公告)日:2009-01-01
申请号:US11962356
申请日:2007-12-21
申请人: Christian Gehrmann
发明人: Christian Gehrmann
CPC分类号: G06F21/6209 , G06F21/445 , G06F21/64 , G06F21/71 , G06F21/72 , G06F2221/2141 , H04L63/0853 , H04W12/06
摘要: The teachings herein present a method and apparatus for protecting usage restriction data that governs usage of an electronic device. A cryptographic circuit supports secure and non-secure accesses. When non-securely accessed, it is operable only to verify the stored usage restriction data, and, when securely accessed, it is operable to generate a new message authentication code for changed usage restriction data, for subsequent authentication of that data. The usage restriction data may be stored in non-secure memory and may include static and dynamic parts. One or more embodiments include a secure circuit indicating whether the device has been initialized. The cryptographic circuit outputs a message authentication code for the static part using a permanent device key from the secure circuit, only if the device has not been initialized, and outputs a message authentication code for the dynamic part as needed to support authorized changes to the dynamic part.
摘要翻译: 本文的教导提出了一种用于保护管理电子设备的使用的使用限制数据的方法和装置。 密码电路支持安全和非安全访问。 当非安全访问时,其仅可用于验证所存储的使用限制数据,并且在安全访问时,可操作地生成用于改变的使用限制数据的新消息认证码,用于该数据的后续认证。 使用限制数据可以存储在非安全存储器中,并且可以包括静态和动态部分。 一个或多个实施例包括指示设备是否已被初始化的安全电路。 加密电路仅在设备尚未初始化时才使用永久设备密钥从安全电路输出静态部分的消息认证码,并根据需要输出动态部分的消息验证码,以支持动态的授权更改 部分。
-
公开(公告)号:US20080261561A1
公开(公告)日:2008-10-23
申请号:US11944818
申请日:2007-11-26
申请人: Christian Gehrmann
发明人: Christian Gehrmann
IPC分类号: H04M3/16
摘要: The method and apparatus described herein transfers soft SIM credentials from a transferring mobile device to a target mobile device while ensuring that only one mobile device contains active soft SIM credentials at a time. Broadly, a transferring mobile device securely transfers the soft SIM credentials to a target mobile device either directly or via a network server. Before the target mobile device receives or activates the soft SIM credentials, the transferring mobile device deactivates the soft SIM credentials to ensure that only one mobile device contains the active soft SIM credentials.
摘要翻译: 本文所述的方法和装置将软SIM凭证从传输移动设备传送到目标移动设备,同时确保一次只有一个移动设备包含活动的软SIM卡凭证。 广泛地说,转移移动设备可以直接或经由网络服务器将软SIM卡凭证安全地传送到目标移动设备。 在目标移动设备接收或激活软SIM卡凭证之前,转移移动设备停用软SIM卡凭据,以确保只有一个移动设备包含活动的软SIM凭证。
-
公开(公告)号:US20080144819A1
公开(公告)日:2008-06-19
申请号:US11611128
申请日:2006-12-14
申请人: Christian Gehrmann , Bernard Smeets
发明人: Christian Gehrmann , Bernard Smeets
IPC分类号: H04L9/22
CPC分类号: H04L9/3271 , H04L9/0625 , H04L9/0643 , H04L2209/043 , H04L2209/12
摘要: A message authentication code, MAC, is generated in an electronic circuit, wherein the MAC integrity protects a data value, PD. A random challenge word, RND, is received from a source that is external to the electronic circuit. A first function G(RND,K) is evaluated that generates a first encrypted value, K′, from RND and K, wherein K is a secret key value that is stored on the electronic circuit. A second function F(RND,K) is evaluated that generates a second encrypted value, K″, from RND and K. The MAC is then generated in accordance with MAC=K″+m1K′+m2K′2+ . . . +MlK′l, wherein m1, m2, . . . , ml are derived by representing the data value, PD, as an l-tuple of elements in a field, GF(2n), wherein n is an integer greater than zero. A hardware-efficient arrangement is also disclosed for generating this and other MACs.
摘要翻译: 在电子电路中生成消息认证码MAC,其中MAC完整性保护数据值PD。 从电子电路外部的源接收随机询问字RND。 评估从RND和K生成第一加密值K'的第一函数G(RND,K),其中K是存储在电子电路上的秘密密钥值。 评估从RND和K生成第二加密值K“的第二函数F(RND,K)。然后根据<?in-line-formula description =”In-Line Formulas“生成MAC end =“lead”?> MAC = K“+ m <1> K'+ m 2 K'2 +。 。 。 其中m <1> 在线公式描述=“在线公式”end =“tail” / SUB>,m 2 2。 。 。 通过将数据值PD表示为字段中的元素的1元组GF(2≤n≤0)来导出,其中n是更大的整数 比零。 还公开了一种用于生成该MAC和其他MAC的硬件高效布置。
-
公开(公告)号:US20080095361A1
公开(公告)日:2008-04-24
申请号:US11862834
申请日:2007-09-27
IPC分类号: H04L9/28
CPC分类号: H04L9/0841 , H04L2209/80 , H04W12/04031
摘要: A unique identifier of a remote device is not sent in clear text on a local interlace between the remote device and a device that can communicate with a wireless network, but a procedure for establishing an encryption key in both devices is still based on the unique identifier. Thus, secure binding between the established key and the identifier is achieved. Moreover, the identifier of the remote device is not exposed even to the device that can communicate with a wireless network.
摘要翻译: 远程设备的唯一标识符不会在远程设备与可与无线网络通信的设备之间的本地交错上以明文形式发送,但是在两个设备中建立加密密钥的过程仍然基于唯一标识符 。 因此,实现了建立的密钥和标识符之间的安全绑定。 此外,远程设备的标识符甚至不暴露于可以与无线网络通信的设备。
-
公开(公告)号:US20070130470A1
公开(公告)日:2007-06-07
申请号:US11275015
申请日:2005-12-01
申请人: Rolf Blom , Christian Gehrmann
发明人: Rolf Blom , Christian Gehrmann
IPC分类号: H04L9/00
CPC分类号: G06F21/64 , G06F21/79 , G06F21/86 , H04L9/0891 , H04L2209/603 , H04L2209/80
摘要: A device (e.g., mobile device) and method are described herein that can protect data stored in a rewritable openly accessible memory from replay attacks by using an integrity key and an encryption key to en/decrypt the data, integrity protect the data via a MAC calculation, and verify the data.
摘要翻译: 本文描述了可以通过使用完整性密钥和加密密钥来对数据进行/解密来保护存储在可重写可开放可访问存储器中的数据的重放攻击的设备(例如,移动设备)和方法,通过MAC完整性保护数据 计算和验证数据。
-
公开(公告)号:US20060206710A1
公开(公告)日:2006-09-14
申请号:US11250113
申请日:2005-10-13
申请人: Christian Gehrmann
发明人: Christian Gehrmann
IPC分类号: H04L9/00
CPC分类号: H04L63/061 , H04L9/0841 , H04L9/3271 , H04L2209/80 , H04W12/04031 , H04W88/02
摘要: A method is described herein which enables a mobile device and a smart card (SIM, UICC) to establish a shared secret KE which can then be used to secure an interface between themselves. A mobile operator helps in the establishment of the shared secret (KE) by taking part in a key exchange between the mobile device and smart card. The mobile operator's involvement is desirable since they can keep track of mobile device-smart card pairs and if necessary they can block the security establishment between the mobile device and the smart card in order to prevent fraudulent behavior.
摘要翻译: 这里描述了使得移动设备和智能卡(SIM,UICC)能够建立共享秘密KE的方法,然后可以使用它来保护它们之间的接口。 移动运营商通过参与移动设备和智能卡之间的密钥交换来帮助建立共享密钥(KE)。 移动运营商的参与是可取的,因为它们可以跟踪移动设备智能卡对,并且如果需要,它们可以阻止移动设备和智能卡之间的安全建立,以防止欺诈行为。
-
公开(公告)号:US06779111B1
公开(公告)日:2004-08-17
申请号:US09309151
申请日:1999-05-10
申请人: Christian Gehrmann , Luis Barriga
发明人: Christian Gehrmann , Luis Barriga
IPC分类号: G06F1300
CPC分类号: H04L9/302 , H04L2209/04 , H04L2209/08 , H04L2209/76
摘要: A system and method for encrypting data communications between a client and server utilizes an untrusted proxy server to perform computationally expensive encryption calculations which would otherwise be performed by the client. Prior to transmitting the data message to the proxy server, the client masks the data message such that the data message is indecipherable to the untrusted proxy. The untrusted proxy performs the computationally expensive encryption calculations prior to transmitting the data message to the intended receiver.
摘要翻译: 用于加密客户机和服务器之间的数据通信的系统和方法利用不可信代理服务器来执行计算上昂贵的加密计算,否则这将由客户端执行。 在将数据消息发送到代理服务器之前,客户端屏蔽数据消息,使得数据消息对于不可信代理是不可分解的。 在将数据消息发送到预期的接收机之前,不可信代理执行计算上昂贵的加密计算。
-
公开(公告)号:US06661806B1
公开(公告)日:2003-12-09
申请号:US09195941
申请日:1998-11-19
IPC分类号: H04J324
CPC分类号: H04L47/822 , H04L29/06 , H04L45/22 , H04L45/26 , H04L45/28 , H04L47/70 , H04L47/724 , H04L47/781 , H04L47/785 , H04L47/805 , H04L47/826 , H04L69/24
摘要: A method is provided for achieving admission control to a public connectionless packet network. This provides a method of access control which allows service differentiation in a form which permits a user to receive a quality of service guarantee which is better than a “best effort” service. Each transmission by a user across the network includes a ticket message sent to the user from the network. The ticket message includes information about the priority level of the transmission, and can be used in a connectionless network to determine the resources available for future transmission requests.
摘要翻译: 提供了一种用于实现对公共无连接分组网络的准入控制的方法。 这提供了一种访问控制的方法,其允许以允许用户接收比“尽力而为”服务更好的服务质量保证的形式的服务差异化。 用户通过网络进行的每次传输包括从网络发送给用户的票据消息。 票据消息包括关于传输的优先级的信息,并且可以在无连接网络中使用以确定可用于将来的传输请求的资源。
-
-
-
-
-
-
-
搜索结果
58 条记录 (耗时 0.022 秒)
