-
公开(公告)号:US20090279691A1
公开(公告)日:2009-11-12
申请号:US12118538
申请日:2008-05-09
IPC分类号: H04L9/28
CPC分类号: H04L9/3093 , H04L2209/08 , H04L2209/16 , H04L2209/603
摘要: A computer enabled method and apparatus for encrypting and decrypting data using a keyless transformation cryptographic technique. Data is protected using a keyless (unkeyed) complex mathematical transformation, in contrast to a traditional cryptographic algorithm using a secret key. This approach is resistant to both static analysis (hacking) performed on executable encryption/decryption code, as well as dynamic analysis performed during execution (runtime) of ciphering or deciphering. The method uses a family of asymmetric data transformations based on Galois field polynomials.
摘要翻译: 一种使用无钥匙转换加密技术加密和解密数据的计算机启用的方法和装置。 与使用秘密密钥的传统加密算法相比,使用无钥匙(无钥匙)复杂数学变换来保护数据。 这种方法对于在可执行加密/解密代码上执行的静态分析(黑客)以及在加密或解密的执行(运行时)期间执行的动态分析都是耐受的。 该方法使用基于伽罗瓦域多项式的非对称数据变换族。
-
公开(公告)号:US20090238360A1
公开(公告)日:2009-09-24
申请号:US12054249
申请日:2008-03-24
CPC分类号: G06F7/723 , G06F7/556 , G06F2207/5561 , H04L9/3013 , H04L9/302
摘要: Method and apparatus for data security using exponentiation. This is suitable for public key cryptography authentication and other data security applications using a one-way function. A type of exponentiation is disclosed here where the bits of an exponent value expressed in binary form correspond to a course (path) in a given graph defining the one-way function. This uses an approach called here F sequences. Each value is in a ladder of a sequence of values, as defined from its predecessor values. This ladder satisfies certain algebraic identities and is readily calculated by a computer program or logic circuitry.
摘要翻译: 使用取幂的数据安全的方法和装置。 这适用于使用单向功能的公钥加密认证和其他数据安全应用。 这里公开了一种取幂类型,其中以二进制形式表示的指数值的位对应于定义单向函数的给定图中的路线(路径)。 这使用一种称为F序列的方法。 每个值都位于一系列值的梯形图中,如其前导值所定义。 该梯子满足某些代数标识,并且可以由计算机程序或逻辑电路容易地计算出来。
-
公开(公告)号:US07191234B2
公开(公告)日:2007-03-13
申请号:US09975994
申请日:2001-10-15
IPC分类号: G06F15/16
CPC分类号: H04W88/02 , G06F21/313 , G06F21/34 , G06F21/6245 , G06F21/6272 , G06F2221/2115 , G06F2221/2137 , G06F2221/2153
摘要: The ability to utilize smart card based Internet applications is facilitated by enhancing the functionality of smart cards dedicated to other applications, to enable them to connect to and interoperate with Internet application servers. The functionality of subscriber identification module (SIM) card is enhanced to incorporate the information necessary to interact with an Internet-based application service provider. The user can also employ a conventional smart card to access an Internet application from a personal computer or other terminal equipped with a conventional smart card reader, and use the SIM card to interact with application when access to a conventional smart card reader is not available. The application server recognizes the distinction between access with the two different types of cards, and ensures that both cards are synchronized with one another.
摘要翻译: 通过增强专用于其他应用的智能卡的功能,使其能够连接到互联网应用服务器并与其互操作,便于利用基于智能卡的互联网应用的能力。 用户识别模块(SIM)卡的功能被增强以包含与基于因特网的应用服务提供商交互所需的信息。 用户还可以使用常规智能卡从配备有常规智能卡读取器的个人计算机或其他终端访问因特网应用,并且当访问常规智能卡读卡器不可用时,使用SIM卡与应用进行交互。 应用服务器识别与两种不同类型的卡的访问之间的区别,并确保两个卡彼此同步。
-
公开(公告)号:US09594605B2
公开(公告)日:2017-03-14
申请号:US13297225
申请日:2011-11-15
摘要: A software version control system manages versioned applications in a client-server computing system environment. Thereby this is a management system for computer application (software) distribution where a number of client devices coupled to a server may be executing different versions of a particular computing application. The system manages updates to the applications and enforces rules or policies to use the most recent version whenever possible.
摘要翻译: 软件版本控制系统管理客户端 - 服务器计算系统环境中的版本化应用程序。 因此,这是用于计算机应用(软件)分发的管理系统,其中耦合到服务器的多个客户端设备可以执行特定计算应用的不同版本。 系统管理应用程序的更新,并强制执行规则或策略以尽可能使用最新版本。
-
公开(公告)号:US09189425B2
公开(公告)日:2015-11-17
申请号:US13286117
申请日:2011-10-31
CPC分类号: G06F12/1408 , G09C1/00 , H04L9/0631 , H04L2209/16 , H04L2209/24
摘要: In the field of computer enabled cryptography, such as a cipher using lookup tables, the cipher is hardened against an attack by a protection process which obscures the lookup tables using the properties of bijective functions and applying masks to the tables' input and output values, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by obfuscating lookup table data, thereby increasing the cipher's complexity against reverse engineering and other attacks.
摘要翻译: 在计算机启用密码学领域,例如使用查找表的密码,密码被针对使用双射函数的属性遮蔽查找表并且将掩码应用于表的输入和输出值的保护过程的攻击加强, 用于加密或解密。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置对于通过模糊查找表数据来防止对“白盒”密码的已知攻击是有用的,从而增加了对逆向工程和其他攻击的密码复杂性。
-
66.发明授权Securing implementation of a cryptographic process having fixed or dynamic keys 有权确保具有固定或动态密钥的加密过程的实现公开(公告)号:US08966285B2
公开(公告)日:2015-02-24
申请号:US12987931
申请日:2011-01-10
CPC分类号: G06F21/602 , G06F21/72 , H04L9/0631 , H04L2209/046 , H04L2209/16 , H04L2209/24
摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against attack by protecting the round keys by (1) combining several cipher operations using a pair of sub-keys (round keys) into one table look-up, or (2) a key masking process which obscures the round keys by providing a masked version of the key operations for carrying out encryption or decryption using the cipher. This approach is especially advantageous in an insecure “White Box” environment where an attacker has full access to execution of the cipher algorithm, including the algorithm's internal state during its execution.
摘要翻译: 在诸如具有多个回合的密钥分组密码的计算机启用密码学领域中,通过(1)使用一对子密钥(循环密钥)组合若干密码操作来保护循环密钥来加密密码, 进入一个表查找,或者(2)通过提供用于使用密码进行加密或解密的密钥操作的掩蔽版本来掩盖轮密钥的密钥掩蔽处理。 这种方法在不安全的“白盒”环境中特别有利,攻击者可以完全访问密码算法的执行,包括算法的执行过程中的内部状态。
-
67.发明授权公开(公告)号:US08966279B2
公开(公告)日:2015-02-24
申请号:US12975123
申请日:2010-12-21
CPC分类号: H04L9/002 , H04L9/0631 , H04L2209/16 , H04L2209/24
摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by protecting the cipher key by means of a key expansion process which obscures the cipher and/or the round keys by increasing their lengths to provide an expanded version of the keys for carrying out encryption or decryption using the cipher. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key, or where each user session has its own key.
摘要翻译: 在诸如具有多个回合的密钥分组密码的计算机启用密码学领域中,通过利用通过密钥扩展处理来保护密码密码来抵御攻击来加密密码,该密钥扩展过程掩盖了密码和/或循环密钥, 增加其长度以提供用于使用密码进行加密或解密的密钥的扩展版本。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置在通过过程导出密钥是有用的,并且当体现密码的软件代码被编译时是未知的。 通常情况下,密码的用户很多,每个用户都有自己的密钥,或者每个用户会话都有自己的密钥。
-
公开(公告)号:US08886940B2
公开(公告)日:2014-11-11
申请号:US12475384
申请日:2009-05-29
CPC分类号: H04L9/3236 , A63F1/12 , H04L9/0662
摘要: In the computer data security field, a cryptographic hash function process embodied in a computer system and which is typically keyless, but is highly secure. The process is based on the type of chaos introduction exhibited by a game process such as the well known shuffling of a deck of playing cards. Computation of the hash value (digest) is the result of executing in a model (such as computer code or logic circuitry) a game algorithm that models the actual game such as a playing card shuffling algorithm using the message as an input to the algorithm, then executing the card shuffling algorithm on the input. A state (order) of the modeled deck of cards after a shuffle (or multiple shuffles) gives the hash digest value.
摘要翻译: 在计算机数据安全领域中,加密散列函数过程体现在计算机系统中,并且通常是无钥匙的,但是是高度安全的。 该过程基于游戏过程所展示的混乱介绍的类型,诸如众所周知的扑克牌。 哈希值(摘要)的计算是在模型(例如计算机代码或逻辑电路)中执行游戏算法的结果,该游戏算法对使用该消息作为该算法的输入的游戏卡混洗算法进行建模, 然后在输入上执行卡混洗算法。 混洗(或多次洗牌)后,建模卡牌的状态(顺序)给出散列摘要值。
-
公开(公告)号:US08874928B2
公开(公告)日:2014-10-28
申请号:US12263183
申请日:2008-10-31
摘要: Disclosed herein are systems, computer-implemented methods, and tangible computer-readable media for obfuscating constants in a binary. The method includes generating a table of constants, allocating an array in source code, compiling the source code to a binary, transforming the table of constants to match Pcode entries in an indirection table so that each constant in the table of constants can be fetched by an entry in the indirection table. A Pcode is a data representation of a set of instructions populating the indirection table with offsets toward the table of constants storing the indirection table in the allocated array in the compiled binary. The method further includes populating the indirection table with offsets equivalent to the table of constants, and storing the indirection table in the allocated array in the compiled binary. Constants can be of any data type. Constants can be one byte each or more than one byte each. In one aspect, the method further includes splitting constants into two or more segments, treating each segment as a separate constant when transforming the table of constants, and generating a function to retrieve and reconstruct the split constants.
摘要翻译: 这里公开的是系统,计算机实现的方法和用于在二进制文件中混淆常数的有形计算机可读介质。 该方法包括生成常量表,在源代码中分配数组,将源代码编译为二进制,将常数表变换为匹配间接表中的Pcode条目,以使常数表中的每个常数可以由 间接表中的条目。 Pcode是填充间接表的一组指令的数据表示,其具有偏向于在编译的二进制文件中分配的阵列中存储间接表的常数表的偏移。 该方法还包括使用与常数表相当的偏移量来填充间接表,并将该间接表存储在编译后的二进制数组中。 常量可以是任何数据类型。 常量可以是一个字节,也可以是一个以上的字节。 在一个方面,该方法还包括将常数分成两个或更多个段,当变换常数表时,将每个段作为单独的常数来处理,以及生成检索和重构分裂常数的函数。
-
公开(公告)号:US08667301B2
公开(公告)日:2014-03-04
申请号:US12753021
申请日:2010-04-01
IPC分类号: G06F12/14
CPC分类号: G06F21/60 , G06F21/14 , G06F2221/2107 , G09C1/00 , H04L2209/04
摘要: In a first computer (digital) data obfuscation process, data which is conventionally arranged in a data structure called an array (e.g., a table) and conventionally stored in computer or computer device memory is obfuscated (masked) by logically or mathematically combining the data, entry-by-entry, with a masking value which is computed as a logical or mathematical function of the entry itself or its index in the array, modulo a security value. The complementary unmasking value is a pointer to the entry's address in the table modulo the security value. In a second computer (digital) data obfuscation process, the addresses (location designations) in memory of a data array are themselves obfuscated (masked) by partitioning the array into blocks of entries and shuffling the order of the data entries in each block by a predetermined algorithm, resulting in a shuffled array also differing from the original array in terms of its size (the total number of entries).
摘要翻译: 在第一计算机(数字)数据混淆处理中,通过逻辑地或数学地组合数据来模拟(掩蔽)常规地被布置在被称为阵列(例如,一个表格)的数据结构中并且通常存储在计算机或计算机设备存储器中的数据 逐个输入,具有屏蔽值,其被计算为条目本身的逻辑或数学函数或其阵列中的索引,模数为安全值。 补充取消掩码值是指向该表中条目地址的指针,以模拟安全值。 在第二计算机(数字)数据混淆处理中,数据阵列的存储器中的地址(位置指定)本身通过将阵列划分成条目块并将每个块中的数据条目的顺序按顺序排列(A)来进行混淆(掩蔽) 预定的算法,导致在其大小(入口总数)方面与原始阵列不同的混洗阵列。
-
-
-
-
-
-
-
-
-
搜索结果
174 条记录 (耗时 0.028 秒)
