公开(公告)号：US09698993B2

公开(公告)日：2017-07-04

申请号：US14477073

申请日：2014-09-04

Applicant: Certicom Corp.

Inventor： Gregory Marc Zaverucha ,  David William Kravitz

IPC: H04L9/32

CPC classification number: H04L9/3252 ,  H04L9/3242 ,  H04L9/3268

Abstract: Methods, systems, and computer programs for producing hash values are disclosed. A prefix-free value is obtained based on input data. The prefix-free value can be based on an implicit certificate, a message to be signed, a message to be verified, or other suitable information. A hash value is obtained by applying a hash function to the prefix-free value. The hash value is used in a cryptographic scheme. In some instances, a public key or a private key is generated based on the hash value. In some instances, a digital signature is generated based on the hash value, or a digital signature is verified based on the hash value, as appropriate.

公开(公告)号：US20170063536A1

公开(公告)日：2017-03-02

申请号：US14691383

申请日：2015-04-20

Applicant: CERTICOM CORP.

Inventor： Daniel Richard L. Brown

IPC: H04L9/06 ,  H04L9/30

CPC classification number: H04L9/0662 ,  G06F7/582 ,  G09C5/00 ,  H04L9/3006 ,  H04L9/3066

Abstract: Methods, systems, and computer programs for generating cryptographic function parameters are described. In some examples, astronomical data from an observed astronomical event is obtained. A pseudorandom generator is seeded based on the astronomical data. After seeding the pseudorandom generator, an output from the pseudorandom generator is obtained. A parameter for a cryptographic function is generated by operation of one or more data processors. The parameter is generated from the output from the pseudorandom generator.

Abstract translation: 描述用于生成加密功能参数的方法，系统和计算机程序。 在一些实例中，获得了观测到的天文学事件的天文数据。 基于天文数据种植了伪随机发生器。 在伪随机发生器接种之后，获得来自伪随机发生器的输出。 通过一个或多个数据处理器的操作产生加密功能的参数。 该参数是从伪随机发生器的输出生成的。

公开(公告)号：US09572016B2

公开(公告)日：2017-02-14

申请号：US14921299

申请日：2015-10-23

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Jean-Philippe Paul Cormier ,  David Philip Hole ,  Nicholas James Russell ,  Daniel Francis O'Loughlin

IPC: H04B1/38 ,  H04W8/20 ,  H04W8/18 ,  H04L9/32 ,  H04L29/06 ,  H04W88/02 ,  H04W12/06

CPC classification number: H04W8/205 ,  H04L9/3268 ,  H04L63/0823 ,  H04L2209/80 ,  H04W8/183 ,  H04W12/06 ,  H04W88/02

Abstract: Techniques for use in transferring an assignment of a secure chip of a wireless device from a current subscription manager (SM) of a current mobile network operator (MNO) to a new SM of a new MNO are described. In one illustrative example, the current SM receives a request for transferring the assignment and produces transfer permission data in response. The transfer permission data includes an identifier of the secure chip, an identifier of the current SM, and a digital signature of the current SM. The current SM then sends to the secure chip a transfer permission message which includes the transfer permission data. The transfer permission data indicates a permission for the secure chip to transfer the assignment from the current SM to the new SM. Additional techniques are performed by the secure chip, and the new SM, as described.

Abstract translation: 描述了用于将无线设备的安全芯片的分配从当前移动网络运营商（MNO）的当前订阅管理器（SM）传送到新的MNO的新SM的技术。 在一个说明性示例中，当前SM接收到传送分配的请求，并作为响应产生传送许可数据。 传输许可数据包括安全芯片的标识符，当前SM的标识符和当前SM的数字签名。 当前的SM然后向安全芯片发送包括传输许可数据的传输许可消息。 传输许可数据指示安全芯片允许从当前SM传送分配到新的SM。 附加技术由安全芯片和新SM执行，如所述。

公开(公告)号：US20160366103A1

公开(公告)日：2016-12-15

申请号：US14470364

申请日：2014-08-27

Applicant: Certicom Corp.

Inventor： Marinus Struik

IPC: H04L29/06 ,  H04W56/00 ,  H04L12/801 ,  H04W12/04

CPC classification number: H04L63/0428 ,  H04L1/1803 ,  H04L1/1812 ,  H04L1/1867 ,  H04L29/06 ,  H04L47/34 ,  H04L63/0435 ,  H04L63/06 ,  H04L67/04 ,  H04L67/12 ,  H04L69/329 ,  H04L2209/80 ,  H04W4/12 ,  H04W12/02 ,  H04W12/04 ,  H04W24/00 ,  H04W28/04 ,  H04W28/06 ,  H04W56/0015

Abstract: A method of transmitting messages from a sender to a recipient over a wireless channel, the messages including a sequence counter and a frame counter. The method comprises establishing initial values of the sequence counter and the frame counter at the sender. Initial values of the frame counter and the sequence counter are provided to the recipient. The sender sends compressed messages including the value of the sequence counter and not the frame counter and monitors for an acknowledgement of receipt by the recipient. When no acknowledgment is received, the sender sends uncompressed messages until an acknowledgement of receipt is received from the recipient. The sequence counter is incremented and the next value of the frame counter is established as the integer next larger than previous value of the frame counter which is congruent to the sequence counter modulo 256.

公开(公告)号：US20160337130A1

公开(公告)日：2016-11-17

申请号：US15223920

申请日：2016-07-29

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Michael Eoin BUCKLEY ,  Robert John LAMBERT ,  Nevine Maurice Nassif EBEID

IPC: H04L9/32 ,  H04W12/12 ,  H04W4/12 ,  H04W12/04 ,  H04W12/06 ,  H04L9/30 ,  H04L9/14 ,  H04W12/10 ,  H04L29/06

CPC classification number: H04L9/3252 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3242 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/126 ,  H04L63/14 ,  H04W4/12 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W12/12

Abstract: There is provided a method for secure communications. The method includes a computing device receiving a notification comprising a message, a counter value, a signature signed by a signer and based on the message and the counter value, and an indication of the signer. The device obtains a current counter value based on an identity of the signer, checks the signature and compares the counter value with the current counter value; and, if the counter comparison and the signature checking is successful, accepting the message.

公开(公告)号：US20160248735A1

公开(公告)日：2016-08-25

申请号：US14992397

申请日：2016-01-11

Applicant: Certicom Corp.

Inventor： Daniel Richard L. Brown

IPC: H04L29/06 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/045 ,  H04L9/0861 ,  H04L9/3066 ,  H04L9/321 ,  H04L9/3236 ,  H04L9/3247 ,  H04L9/3252 ,  H04L9/3263 ,  H04L63/0823

Abstract: The invention provides a method of verifiable generation of public keys. According to the method, a self-signed signature is first generated and then used as input to the generation of a pair of private and public keys. Verification of the signature proves that the keys are generated from a key generation process utilizing the signature. A certification authority can validate and verify a public key generated from a verifiable key generation process.

Abstract translation: 本发明提供了可验证地生成公钥的方法。 根据该方法，首先生成自签名签名，然后将其用作生成一对私钥和公钥的输入。 签名的验证证明密钥是利用签名的密钥生成过程产生的。 认证机构可以验证和验证从可验证密钥生成过程产生的公钥。

公开(公告)号：US09407444B2

公开(公告)日：2016-08-02

申请号：US14220983

申请日：2014-03-20

Applicant: BlackBerry Limited ,  Certicom Corp.

Inventor： Michael Eoin Buckley ,  Robert John Lambert ,  Nevine Maurice Nassif Ebeid

IPC: H04L29/06 ,  H04L9/32 ,  H04W12/10 ,  H04W12/12

CPC classification number: H04L9/3252 ,  H04L9/14 ,  H04L9/30 ,  H04L9/3242 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/126 ,  H04L63/14 ,  H04W4/12 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W12/12

Abstract: There is provided a method for secure communications. The method includes a computing device receiving a notification comprising a message, a counter value, a signature signed by a signer and based on the message and the counter value, and an indication of the signer. The device obtains a current counter value based on an identity of the signer, checks the signature and compares the counter value with the current counter value; and, if the counter comparison and the signature checking is successful, accepting the message.

Abstract translation: 提供了一种用于安全通信的方法。 该方法包括接收包括消息，计数器值，由签名者签名并且基于消息和计数器值签名的签名以及签名者的指示的通知的计算设备。 设备基于签名人的身份获取当前计数器值，检查签名并将计数器值与当前计数器值进行比较; 并且如果计数器比较和签名检查成功，则接受该消息。

公开(公告)号：US20160127385A1

公开(公告)日：2016-05-05

申请号：US14991161

申请日：2016-01-08

Applicant: Certicom Corp.

Inventor： Marinus Struik

IPC: H04L29/06

CPC classification number: H04L63/123 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/162

Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.

Abstract translation: 一种在安全通信系统中进行通信的方法包括以下步骤：在发送方处组装为消息，然后确定安全级别，并且包括消息头部中的安全级别的指示。 然后将该消息发送给收件人。

公开(公告)号：US20160048462A1

公开(公告)日：2016-02-18

申请号：US14922962

申请日：2015-10-26

Applicant: CERTICOM CORP.

Inventor： Daniel Francis O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  William Lundy Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew John Campagna ,  Thomas Rudolf Stiemerling ,  Wei Cheng Joseph Ku

IPC: G06F12/14 ,  G06F21/60 ,  H04L9/30 ,  G06F21/72 ,  G06F21/80

CPC classification number: G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

Abstract: An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

Abstract translation: 提供资产管理系统，其中包括作为资产控制核心运行的硬件模块。 资产控制核心通常包括嵌入在目标片上系统中的小型硬件核心，其在硅芯片上建立基于硬件的信任点。 资产控制核心可以作为消费者设备的信任根源，具有使其难以篡改的特征。 资产控制核心能够为一个设备生成唯一的标识符，并通过与设备的安全通信通道参与设备的跟踪和配置。 该设备通常包括一个安全模块，它将配置数据高速缓存并分配给连接到资产控制核心的许多代理之一，例如， 在生产线上或在售后市场的程序设计会议。

公开(公告)号：US09253161B2

公开(公告)日：2016-02-02

申请号：US14152055

申请日：2014-01-10

Applicant: Certicom Corp.

Inventor： Marinus Struik

IPC: H04L29/06

CPC classification number: H04L63/123 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/0876 ,  H04L63/105 ,  H04L63/162

Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.

Abstract translation: 一种在安全通信系统中进行通信的方法包括以下步骤：在发送方处组装为消息，然后确定安全级别，并且包括消息头部中的安全级别的指示。 然后将该消息发送给收件人。