-
71.发明授权公开(公告)号:US09509510B2
公开(公告)日:2016-11-29
申请号:US14645910
申请日:2015-03-12
发明人: Yoshimichi Tanizawa
CPC分类号: H04L9/16 , H04L9/0852 , H04L63/061 , H04L67/10 , H04L67/125 , H04L2209/24
摘要: According to an embodiment, a communication device includes a first manager, and a second manager, a first communication unit, a determination unit, a controller, and a second communication unit. The first manager shares a first cryptographic key with a first external device connected via a link. The second manager shares a second cryptographic key to be provided to an application, with the first external device and with a second external device connected via links. The first communication unit transmits the second cryptographic key to the first external device. The determination unit determines whether a device with which the second cryptographic key is to be shared is the first external device. If it is affirmative, the controller controls the second manager to share, as the second cryptographic key, a cryptographic key obtained by converting the first cryptographic key. The second communication unit provides the application with the second cryptographic key.
摘要翻译: 根据实施例,通信设备包括第一管理器和第二管理器,第一通信单元,确定单元,控制器和第二通信单元。 第一个管理员与第一个通过链接连接的外部设备共享第一密码密钥。 第二管理器与第一外部设备共享第二加密密钥以提供给应用,并且通过链路连接第二外部设备。 第一通信单元将第二密码密钥发送到第一外部设备。 确定单元确定要与其共享第二加密密钥的设备是否是第一外部设备。 如果是肯定的,则控制器控制第二管理器作为第二加密密钥共享通过转换第一加密密钥获得的加密密钥。 第二通信单元向应用提供第二加密密钥。
-
公开(公告)号:US20160330035A1
公开(公告)日:2016-11-10
申请号:US15147838
申请日:2016-05-05
申请人: ShoCard, Inc.
发明人: Armin Ebrahimi , Jeff Weitzman
CPC分类号: H04L9/3297 , H04L9/3234 , H04L9/3236 , H04L9/3263 , H04L2209/38 , H04L2209/56
摘要: Systems and methods for managing the identity of a user, for managing the identity of the user in a public storage facility, and for certifying pending transactions for a user are disclosed. One example method includes receiving, at an input device, personal data that identifies the user. The personal data is represented as input data. The input device is configured to process a hashing function to provide a hash value and user accessible interface for transmitting the hash value and a public key of the user to the public storage facility, e.g., block chain, and for receiving back from the public storage facility a transaction number corresponding to the hash value and the public key. In one example, the input device is configured to encrypt the hash value, a time stamp and the transaction number with a public key of a certification entity to provide user certifiable data to the certification entity. The certification entity is configured to access the public storage facility to verify the user. Also provided are systems and methods for certifying pending financial transactions, pending debit and/or credit card transactions, and other pending transactions are also disclosed. Systems and methods signing and certifying documents are also disclosed.
摘要翻译: 公开了用于管理用户身份的系统和方法,用于在公共存储设施中管理用户的身份以及用于认证用户的未决交易。 一个示例性方法包括在输入设备处接收识别用户的个人数据。 个人数据表示为输入数据。 输入设备被配置为处理散列函数以提供散列值和用户可访问的接口,用于将公共密钥和用户的公钥发送到公共存储设施,例如块链,并且用于从公共存储器 设置与哈希值和公钥对应的交易号码。 在一个示例中,输入设备被配置为使用认证实体的公开密钥对散列值,时间戳和交易号进行加密,以向认证实体提供用户可认证的数据。 认证实体被配置为访问公共存储设施以验证用户。 还提供了用于证明待处理金融交易,待借记和/或信用卡交易的系统和方法,以及其他未决交易。 还披露了签署和认证文件的系统和方法。
-
73.发明授权Methods, apparatuses, and computer-readable storage media for securely accessing social networking data 有权用于安全地访问社交网络数据的方法,装置和计算机可读存储介质公开(公告)号:US09465950B2
公开(公告)日:2016-10-11
申请号:US14373592
申请日:2012-03-06
申请人: Zheng Yan
发明人: Zheng Yan
CPC分类号: G06F21/6218 , H04L9/08 , H04L63/062 , H04L63/065 , H04L63/068 , H04L63/102 , H04L2209/60 , H04W12/08
摘要: An approach is provided for controlling access to social networking data for each of a plurality of members by issuing one or more first keys for at least one of data encryption or data decryption, based on a respective current trust level associated with a corresponding member and one or more context attributes corresponding to the social networking data. The one or more first keys expire at an expiration time determined with reference to a time clock. Based on a signal accepted from the time clock, one or more second keys for at least one of data encryption or data decryption are issued to one or more members of the plurality of members who are associated with a trust level above a predetermined threshold and/or who satisfy specified context attributes, prior to the expiration time of the first keys.
摘要翻译: 提供了一种方法,用于基于与对应的成员相关联的相应的当前信任级别,通过为数据加密或数据解密中的至少一个发布一个或多个第一密钥来控制对多个成员中的每一个的社交网络数据的访问 或更多对应于社交网络数据的上下文属性。 一个或多个第一密钥在参考时钟确定的到期时间期满。 基于从时钟接收到的信号,向数据加密或数据解密中的至少一个的一个或多个第二密钥发出到与预定阈值以上的信任级别相关联的多个成员中的一个或多个成员,和/ 或者在第一个键的到期时间之前满足指定的上下文属性。
-
公开(公告)号:US09407438B2
公开(公告)日:2016-08-02
申请号:US14376147
申请日:2013-03-01
CPC分类号: H04L9/16 , H04L9/3073
摘要: The present invention aims to allow for addition of an attribute category without reissuing a public parameter. A cryptographic system 10 uses an indexing technique in dual system encryption in dual pairing vector spaces. Specifically, for a transmission-side vector tj for index j, the cryptographic system 10 sets information J assigned to the index j in advance as a coefficient of a predetermined basis vector. For a reception-side vector for index j′ corresponding to the index j, the cryptographic system 10 sets information J′ having an inner-product of 0 with the information J as a coefficient of a basis vector corresponding to the predetermined basis vector.
摘要翻译: 本发明旨在允许添加属性类别而不重新发布公共参数。 加密系统10在双重配对向量空间中使用双系统加密中的索引技术。 具体地说,对于索引j的发送侧向量tj,密码系统10预先分配给索引j的信息J作为预定基本向量的系数。 对于与索引j相对应的索引j'的接收侧向量,密码系统10将信息J的内积为0的信息J'设置为与预定基本矢量相对应的基矢量的系数。
-
公开(公告)号:US09407437B1
公开(公告)日:2016-08-02
申请号:US14225243
申请日:2014-03-25
CPC分类号: H04L9/16 , G06F21/602 , H04L9/0618 , H04L9/0637 , H04L9/0643 , H04L9/0816 , H04L9/14 , H04L9/30 , H04L9/3239 , H04L9/3242 , H04L63/0428 , H04L63/06 , H04L63/123
摘要: A plaintext and cryptographic key are used to generate an initialization vector to be used in a cryptographic algorithm, such as an encryption algorithm. In some examples, the plaintext and cryptographic key are input into an effectively one-way function, such as a cryptographic hash function, the output of which is usable as an initialization vector. Cryptographic keys may be rotated probabilistically based at least in part on probabilities of output collisions of the effectively one-way function to ensure a low probability of two different plaintexts resulting in calculation of the same initialization vector for use with the same cryptographic key.
摘要翻译: 使用明文和密码密钥来产生要用于密码算法(例如加密算法)中的初始化向量。 在一些示例中,明文和密码密钥被输入到有效的单向函数中,例如密码散列函数,其输出可用作初始化向量。 密码密钥可以至少部分地基于有效单向函数的输出冲突的概率来概率地旋转,以确保两个不同明文的低概率,导致计算与相同加密密钥一起使用的相同的初始化向量。
-
公开(公告)号:US09405912B2
公开(公告)日:2016-08-02
申请号:US14080284
申请日:2013-11-14
发明人: Mark Novak , Paul England , Stefan Thom
IPC分类号: G06F9/24 , G06F15/177 , G06F21/57 , G06F21/31 , G06F21/72 , H04L29/06 , H04L9/08 , H04L9/32 , H04L9/16
CPC分类号: G06F21/575 , G06F21/31 , G06F21/72 , H04L9/0822 , H04L9/0869 , H04L9/0877 , H04L9/16 , H04L9/3234 , H04L63/0876 , H04L2463/062
摘要: Computing devices that perform hardware rooted attestation are described, as are methods for use therewith, wherein such devices include a system integrated TPM (e.g., a firmware-based TPM), with m boot chain components loaded and executed prior to the system integrated TPM. Between powering-up of a device and the system integrated TPM being loaded and executed, seed morphing is performed for n=0 to m. This involves an nth encryption seed (ESn) being morphed into an n+1th encryption seed (ESn+1), under control of an nth boot chain component, by extending the nth encryption seed (ESn) with a measurement of the n+1th boot chain component to thereby generate the n+1th encryption seed (ESn+1). In a similar manner, an nth identity seed (ISn) is morphed into an n+1th identity seed (ISn+1). Such techniques establish trust in the system integrated TPM despite it not being the first component loaded and executed after powering-up.
摘要翻译: 描述执行硬件有根据认证的计算设备,以及与其一起使用的方法也被描述,其中这样的设备包括系统集成TPM(例如,基于固件的TPM),其中m个引导链组件在系统集成TPM之前被加载和执行。 在设备上电和加载和执行的集成TPM系统之间,n = 0到m执行种子变形。 这包括在第n个引导链组件的控制下,通过用第n + 1个测量扩展第n个加密种子(ESn),将第n个加密种子(ESn)变形为第n + 1个加密种子(ESn + 1) 引导链组件,从而生成第n + 1个加密种子(ESn + 1)。 以类似的方式,将第n个身份种子(ISn)变形为第n + 1个身份种子(ISn + 1)。 这种技术在系统集成TPM中建立信任,尽管它不是上电后加载和执行的第一个组件。
-
公开(公告)号:US09367693B2
公开(公告)日:2016-06-14
申请号:US14752677
申请日:2015-06-26
发明人: Paul C. Kocher , Pankaj Rohatgi , Joshua M. Jaffe
IPC分类号: H04L9/32 , G06F21/57 , G06F21/60 , H04L9/00 , H04L9/08 , G06F12/14 , H04L9/06 , H04L9/16 , G06F9/445 , G06F21/76 , G06F9/44 , H04L29/06
CPC分类号: G06F21/575 , G06F8/71 , G06F9/44505 , G06F12/1408 , G06F21/556 , G06F21/602 , G06F21/755 , G06F21/76 , G06F2212/402 , G06F2221/034 , G06F2221/2107 , G06F2221/2125 , G06F2221/2145 , H04L9/003 , H04L9/0631 , H04L9/085 , H04L9/0861 , H04L9/088 , H04L9/0894 , H04L9/16 , H04L9/3236 , H04L9/3247 , H04L63/0428 , H04L63/0869 , H04L2209/24 , H04L2209/38 , H04L2209/56 , H04L2463/061
摘要: A bitstream for configuration of a programmable logic device is received, the bitstream comprising a data segment and authentication data associated with the data segment. The programmable logic device computes a hash of the data segment. The programmable logic device compares the computed hash of the data segment with the authentication data. Configuration of the programmable logic device halts responsive to a determination that the computed hash of the data segment does not match the authentication data. Configuration of the programmable logic device using the data segment continues responsive to a determination that the computed hash of the data segment matches the authentication data.
摘要翻译: 接收用于配置可编程逻辑设备的比特流,所述比特流包括与所述数据段相关联的数据段和认证数据。 可编程逻辑器件计算数据段的散列。 可编程逻辑设备将计算出的数据段的散列与认证数据进行比较。 可编程逻辑设备的配置响应于所计算的数据段的散列与认证数据不匹配的确定停止。 使用数据段的可编程逻辑设备的配置继续响应于所计算的数据段的散列与认证数据匹配的确定。
-
78.发明申请Homomorphic Evaluation Including Key Switching, Modulus Switching, And Dynamic Noise Management 有权同型评估包括钥匙切换,模数转换和动态噪声管理公开(公告)号:US20160164676A1
公开(公告)日:2016-06-09
申请号:US15008718
申请日:2016-01-28
发明人: Craig B. Gentry , Shai Halevi , Nigel P. Smart
CPC分类号: H04L9/0838 , H04L9/008 , H04L9/0618 , H04L9/08 , H04L9/16 , H04L9/30 , H04L9/38 , H04L63/0442 , H04L2209/24 , H04L2209/34
摘要: Homomorphic evaluation of a function is performed on input ciphertext(s), which were encrypted using a public key of an encryption scheme that also includes multiple secret keys and multiple integer moduli. The homomorphic evaluation of the function includes performing operations(s) on the input ciphertexts. The function includes operation(s) including one or more of addition, multiplication, and automorphism. A key-switching transformation is performed on selected input ciphertext(s), and includes converting a first version of a selected ciphertext with respect to a first of the multiple secret keys and a first modulus to a second version of the selected ciphertext with respect to a second of the multiple secret keys and a second modulus, where the second modulus is an integer factor p times the first modulus, p>1. Each of the key switching transformations is performed prior to or after the operation(s) are evaluated. Results of the operation(s) are output.
摘要翻译: 对使用加密方案的公开密钥加密的输入密文执行功能的同态评估,加密方案还包括多个密钥和多个整数模数。 该功能的同态评估包括对输入密文执行操作。 该功能包括包括一个或多个加法,乘法和自动同步的操作。 对所选择的输入密文执行密钥切换变换,并且包括相对于多个秘密密钥中的第一密钥将所选择的密文的第一版本转换为所选密文的第二版本,相对于 多个秘密密钥中的第二个和第二个模数,其中第二个模量是第一个模数p的整数因子p,p> 1。 关键切换转换中的每一个在评估操作之前或之后执行。 输出操作结果。
-
公开(公告)号:US20160044008A1
公开(公告)日:2016-02-11
申请号:US14886241
申请日:2015-10-19
申请人: Intel Corporation
发明人: Jasmeet Chhabra
CPC分类号: H04L63/0464 , G06F21/36 , G06K9/183 , H04L9/16 , H04L63/0428 , H04L63/0492 , H04L63/08 , H04L63/083 , H04W12/00522 , H04W12/02
摘要: Systems and methods may provide for implementing a secure communication using physical proximity. In one example, the method may include transmitting an encrypted first communication including a sensitive information file, decrypting the encrypted first communication to generate a decrypted first communication including the sensitive information file, displaying the decrypted first communication, capturing a version of the decrypted first communication displayed on the intermediary device, and extracting the sensitive information file at a user device.
摘要翻译: 系统和方法可以提供使用物理接近来实现安全通信。 在一个示例中,该方法可以包括发送包括敏感信息文件的加密的第一通信,解密加密的第一通信以生成包括敏感信息文件的解密的第一通信,显示解密的第一通信,捕获解密的第一通信的版本 显示在中间设备上,并且在用户设备处提取敏感信息文件。
-
公开(公告)号:US20150381363A1
公开(公告)日:2015-12-31
申请号:US14767273
申请日:2015-01-27
申请人: TEIXEM CORP.
CPC分类号: H04L9/3228 , H04L9/0822 , H04L9/0825 , H04L9/0866 , H04L9/0869 , H04L9/0891 , H04L9/14 , H04L9/16 , H04L9/30 , H04L2209/24
摘要: A method of providing a new enhanced public key by a secure communications terminal for securing system communications, the secure communications terminal having a processor operably connected to a memory and a communications interface, the method comprising: generating, by the processor, a first portion for verifying a client account; generating, by the processor, a second portion for authenticating a public key server; generating, by the processor, an asymmetric public key and a corresponding asymmetric private key; combining, by the processor, the first portion, the second portion and the asymmetric public key to form the new enhanced public key; normalizing, by the processor, the enhanced public key based on a size of the asymmetric public key.
摘要翻译: 一种由安全通信终端提供新的增强型公钥以保护系统通信的方法,所述安全通信终端具有可操作地连接到存储器和通信接口的处理器,该方法包括:由处理器产生第一部分,用于 验证客户帐户; 由处理器生成用于认证公钥服务器的第二部分; 由所述处理器生成非对称公钥和对应的非对称私钥; 由处理器组合第一部分,第二部分和非对称公钥,以形成新的增强型公共密钥; 基于非对称公钥的大小,通过处理器对增强型公钥进行归一化。
-
-
-
-
-
-
-
-
-
搜索结果
741 条记录 (耗时 0.037 秒)
