公开(公告)号：US20080086781A1

公开(公告)日：2008-04-10

申请号：US11741990

申请日：2007-04-30

Applicant: Stephane Rodgers

Inventor： Stephane Rodgers

IPC: G08B29/12 ,  G01R31/3193

CPC classification number: G06F21/552

Abstract: Aspects of a method and system for glitch protection in a secure system are provided. In this regard, the output of an on-chip security operation may be combinatorially compared with an expected output of the security operation. Based on the results of the comparison, one or more signals which may control access to one or more on-chip secure functions may be generated. The security operation may, for example, comprise generating a message digest utilizing a SHA and/or modifying a stored value based on an amount of code being executed. The expected output may comprise a single value or range of values. In this regard, a system may, for example, be protected from glitch attacks causing lines-of code to be skipped and or causing enable signals to be forced to an illegitimate value.

Abstract translation: 提供了一种安全系统中毛刺保护方法和系统的方面。 在这方面，片上安全操作的输出可以与安全操作的预期输出进行组合比较。 基于比较的结果，可以产生可以控制对一个或多个片上安全功能的访问的一个或多个信号。 安全操作可以例如包括利用SHA生成消息摘要和/或基于正在执行的代码量来修改存储的值。 期望的输出可以包括单个值或值的范围。 在这方面，例如，可以保护系统免受毛刺攻击，从而导致要跳过的代码行，或者使得使能信号被强制为非法值。

公开(公告)号：US20080086647A1

公开(公告)日：2008-04-10

申请号：US11743545

申请日：2007-05-02

Applicant: Stephane Rodgers ,  Andrew Dellow ,  Iue-Shuenn Chen ,  Xuemin Chen ,  Carolyn Walker

Inventor： Stephane Rodgers ,  Andrew Dellow ,  Iue-Shuenn Chen ,  Xuemin Chen ,  Carolyn Walker

IPC: G06F12/14

CPC classification number: G06F21/572 ,  G06F21/10 ,  G06F21/12 ,  G06F21/121 ,  G06F21/60 ,  G06F21/64 ,  G06F2221/033 ,  H04L9/0643 ,  H04L63/12 ,  H04L63/123 ,  H04N7/162 ,  H04N21/42623 ,  H04N21/4586 ,  H04N21/4623 ,  H04N21/8193

Abstract: Methods and systems for allowing customer or third party testing of secure programmable code are disclosed and may include verifying code loaded in a set-top box utilizing a test hash or a production hash prior to execution of the code, where the test hash and production hash may be stored in a memory, such as an OTP, within the set-top box, and may allow migration from corresponding test code to production code, which may be verified utilizing the test hash and production hash, respectively. The test and production hashes may be customer specific. The migration from test code to production code may be authenticated using at least a set-top box specific password. The test hash may be stored in a first portion of a one-time programmable memory and the production hash in a remaining portion, with the first portion being less than or equal to the remaining portion.

Abstract translation: 公开了用于允许客户或第三方测试安全可编程代码的方法和系统，并且可以包括在执行代码之前利用测试散列或生产散列验证加载在机顶盒中的代码，其中测试散列和生产散列 可以存储在机顶盒内的诸如OTP的存储器中，并且可以允许从相应的测试代码迁移到生产代码，这可以分别使用测试散列和生产散列进行验证。 测试和生产散列可能是客户特定的。 从测试代码到生产代码的迁移可以至少使用机顶盒专用密码进行认证。 测试散列可以存储在一次性可编程存储器的第一部分中，并且剩余部分中的生成散列，其中第一部分小于或等于其余部分。

公开(公告)号：US20080086628A1

公开(公告)日：2008-04-10

申请号：US11746769

申请日：2007-05-10

Applicant: Stephane Rodgers ,  Andrew Dellow ,  Xuemin Chen ,  Iue-Shuenn Chen

Inventor： Stephane Rodgers ,  Andrew Dellow ,  Xuemin Chen ,  Iue-Shuenn Chen

IPC: G06F9/00

CPC classification number: H04N21/818 ,  G06F21/572 ,  H04N21/4432 ,  H04N21/4586

Abstract: A stored predefined unmodifiable bootable code set may be verified during code reprogramming of a device, and executed as a first stage of code reprogramming of the device. The predefined unmodifiable bootable code set may be stored in a locked memory such as a locked flash memory and may comprise code that enables minimal communication functionality of the device. The predefined unmodifiable bootable code set may be verified using a security algorithm, for example, a SHA-based algorithm. Information necessary for the security algorithm may be stored in a memory, for example, a one-time programmable read-only memory (OTP ROM). The stored information necessary for the security algorithm may comprise a SHA digest, a signature, and/or a key. A second stage code set may be verified and executed during the code reprogramming of the device subsequent to the verification of the stored predefined unmodifiable bootable code set.

Abstract translation: 可以在设备的代码重新编程期间验证存储的预定义的不可修改的可引导代码集，并且作为设备的代码重新编程的第一级被执行。 预定义的不可修改的可引导代码集可以存储在诸如锁定的闪存的锁定存储器中，并且可以包括能够实现设备的最小通信功能的代码。 可以使用安全算法（例如，基于SHA的算法）来验证预定义的不可修改的可引导代码集。 安全算法所需的信息可以存储在存储器中，例如，一次性可编程只读存储器（OTP ROM）。 安全算法所需的存储信息可以包括SHA摘要，签名和/或密钥。 可以在验证存储的预定义的不可修改的可引导代码集之后的设备的代码重新编程期间验证和执行第二阶段代码集。

公开(公告)号：US20070266232A1

公开(公告)日：2007-11-15

申请号：US11558650

申请日：2006-11-10

Applicant: Stephane Rodgers ,  Xuemin Chen

Inventor： Stephane Rodgers ,  Xuemin Chen

IPC: H04L9/00 ,  G06F12/14 ,  H04L9/32 ,  G06F11/30

CPC classification number: G06F21/10 ,  G06F21/445 ,  G06F21/51 ,  G06F21/606 ,  H04L9/0656 ,  H04L9/0844 ,  H04L2209/12

Abstract: Aspects of a method and system for command interface protection to achieve a secure interface are provided. A host device may encrypt a command based on a key index generated within the host device, a host device key, a command count, a random number from a slave device, at least one host control word, and a host variable value. The encrypted command may be communicated to the slave device where it may be decrypted based on the key index, the host device key decrypted from a slave device key generated by the slave device, the command count, the random number, at least one slave control word, and a slave variable value. The key index may be utilized in the host and slave devices to select a master key from a key table from which generational derivatives may be generated for command encryption and decryption respectively.

Abstract translation: 提供了一种用于命令接口保护以实现安全接口的方法和系统。 主机设备可以基于在主设备内生成的密钥索引，主机设备密钥，命令计数，来自从设备的随机数，至少一个主机控制字和主机变量值来加密命令。 加密命令可以被传送到从设备，其中它可以基于密钥索引被解密，从从设备生成的从设备密钥解密的主机设备密钥，命令计数，随机数，至少一个从控制 字和从​​变量值。 密钥索引可以用在主设备和从设备中，从分别为命令加密和解密生成代数导数的密钥表中选择主密钥。

公开(公告)号：US20070237143A1

公开(公告)日：2007-10-11

申请号：US11393121

申请日：2006-03-30

Applicant: Stephane Rodgers ,  Ut Nguyen ,  Rajesh Mamidwar

Inventor： Stephane Rodgers ,  Ut Nguyen ,  Rajesh Mamidwar

IPC: H04L12/56

CPC classification number: H04N21/4344 ,  H04L45/00 ,  H04N21/23608 ,  H04N21/4334 ,  H04N21/4341

Abstract: In one embodiment, there is presented a method for processing data. The method comprises receiving a plurality of packets, wherein each packet comprises a payload, and wherein the plurality of packets carry video data encoded in accordance with an encoding standard from a plurality of encoding standards; identifying encoding standards encoding the video data carried in the payloads of the plurality of packets; and inserting identifiers that identify the encoding standard encoding the video data carried in the payloads of the plurality of packets into the plurality of packets.

Abstract translation: 在一个实施例中，提供了一种用于处理数据的方法。 该方法包括接收多个分组，其中每个分组包括有效载荷，并且其中所述多个分组携带根据来自多个编码标准的编码标准编码的视频数据; 识别对所述多个分组的有效载荷中承载的视频数据进行编码的编码标准; 以及将识别将所述多个分组的有效载荷中携带的视频数据编码为所述多个分组的编码标准的标识符。

公开(公告)号：US20060268864A1

公开(公告)日：2006-11-30

申请号：US11328877

申请日：2006-01-10

Applicant: Stephane Rodgers

Inventor： Stephane Rodgers

IPC: H04L12/56 ,  H04L12/28

CPC classification number: H04N21/434 ,  H04N21/42615

Abstract: A method and system are provided for providing data commonality in a programmable transport demultiplexer engine. The method may involve utilizing a hardware assist block to process a portion of an incoming data packet, which may result in a partially processed data packet. The data packet may comprise data in any one of video formats and/or audio formats. A firmware block may then execute a plurality of instructions to process the partially processed data packet. The plurality of instructions may be independent of video and/or audio formats associated with the data packet.

Abstract translation: 提供了一种在可编程传输解复用器引擎中提供数据通用性的方法和系统。 该方法可以涉及利用硬件辅助块来处理输入数据分组的一部分，这可能导致部分处理的数据分组。 数据分组可以包括视频格式和/或音频格式中的任一种的数据。 然后，固件块可以执行多个指令来处理部分处理的数据分组。 多个指令可以独立于与数据分组相关联的视频和/或音频格式。