-
公开(公告)号:US20120317344A1
公开(公告)日:2012-12-13
申请号:US13516466
申请日:2010-12-17
申请人: Herve Sibert
发明人: Herve Sibert
IPC分类号: G06F12/02
CPC分类号: G06F21/64 , G06F21/572 , G06F21/79 , G06F2221/2101 , G06F2221/2107
摘要: An electronic device for storing data content by storing at least a portion of the data content in a rewritable memory device by storing an n bit count value associated with the status of the data content in a one time programmable memory. The n bit count value is written to the secure memory device along with the corresponding data content. Then the n bit count value is incremented and stored in the one time programmable memory each time there is a modification of the data content in the rewritable memory device. The number of bits of the one time programmable memory may correspond to the number of potential modifications of the stored data content.
摘要翻译: 一种电子设备,用于通过将与数据内容的状态相关联的n位计数值存储在一次可编程存储器中来将数据内容的至少一部分存储在可重写存储器设备中来存储数据内容。 将n位计数值与对应的数据内容一起写入安全存储器件。 然后,每当可重写存储器件中的数据内容被修改时,n位计数值被递增并存储在一次可编程存储器中。 一次性可编程存储器的位数可以对应于存储的数据内容的潜在修改的数量。
-
2.发明授权Method of storing data in a memory device and a processing device for processing such data 有权将数据存储在存储装置中的方法和用于处理这些数据的处理装置公开(公告)号:US08607068B2
公开(公告)日:2013-12-10
申请号:US13124785
申请日:2009-10-22
申请人: Herve Sibert , Valere Delong
发明人: Herve Sibert , Valere Delong
IPC分类号: G06F12/14
CPC分类号: G11B20/0021 , G06F21/10 , G06F2221/0704 , G11B20/00086 , G11B20/00492 , G11B2220/2516 , G11B2220/61
摘要: In a method of storing data in a memory device, which data comprise content to be processed in a processing device in which the memory device is installed, the method comprises the steps of writing encrypted content (Enc_Krand(flash_content) into the memory device before installing the memory device in the processing device, wherein the content was encrypted by use of a first key (Krand), and accessing the first key (Krand) and encrypting the first key (Krand) by the aid of a second key (KIC; Ke) that is dependent on the processing device after installation of the memory device in the processing device, and writing the encrypted first key (EncSym_KIC(Krand); EncAsym_Ke(Krand)) into the memory device.
摘要翻译: 在将数据存储在存储装置中的方法中,哪些数据包括要在其中安装存储装置的处理装置中要处理的内容,该方法包括在安装之前将加密内容(Enc_Krand(flash_content))写入存储装置的步骤 处理设备中的存储设备,其中通过使用第一密钥(Krand)对内容进行加密,并且借助于第二密钥(KIC; Ke)访问第一密钥(Krand)并加密第一密钥(Krand) ),并且将加密的第一密钥(EncSym_KIC(Krand); EncAsym_Ke(Krand))写入到存储设备中,该处理设备在安装处理设备之后依赖于处理设备。
-
公开(公告)号:US20130036312A1
公开(公告)日:2013-02-07
申请号:US13639551
申请日:2011-04-06
申请人: Nicolas Anquet , Herve Sibert
发明人: Nicolas Anquet , Herve Sibert
IPC分类号: H04L9/14
CPC分类号: G06F12/1408 , G06F21/602 , G06F21/78
摘要: A method of protecting digital data stored in a storage medium. The method comprises providing a first and a second addressable storage region in the storage medium, and selector means for selectively indicating one of the first and the second addressable storage regions as active; storing the digital data in the first addressable storage region of the storage medium, wherein the digital data stored in the first addressable storage region is stored encrypted with a first encryption key; and causing the selector means to indicate the first addressable storage region as being active; and, responsive to a trigger event, copying the digital data from the first to the second addressable storage region, wherein the digital data stored in the second addressable storage region is stored encrypted with a second encryption key; and causing the selector means to indicate the second addressable storage region as being active.
摘要翻译: 一种保护存储在存储介质中的数字数据的方法。 该方法包括在存储介质中提供第一和第二可寻址存储区域,以及选择器装置,用于选择性地将第一和第二可寻址存储区域中的一个指示为活动的; 将数字数据存储在存储介质的第一可寻址存储区域中,其中存储在第一可寻址存储区域中的数字数据用第一加密密钥加密存储; 并使所述选择装置将所述第一可寻址存储区域指示为有效; 并且响应于触发事件,将数字数据从第一可寻址存储区域复制到第二可寻址存储区域,其中存储在第二可寻址存储区域中的数字数据用第二加密密钥加密存储; 并使所述选择装置将所述第二可寻址存储区域指示为活动的。
-
公开(公告)号:US20110225409A1
公开(公告)日:2011-09-15
申请号:US12722046
申请日:2010-03-11
申请人: Herve Sibert , Per Stahl
发明人: Herve Sibert , Per Stahl
CPC分类号: G06F21/575
摘要: A composite customer ID (CCID) is stored in the OTP memory of integrated circuit chipsets used by a number of different customers. The CCID includes individual customer IDs (CIDs) at defined index positions, each corresponding to a different customer. Each chipset allows or disallows software booting, based reading a certificate index value from a given customer's certificate, reading an OTP CID from OTP, as pointed to the by certificate index value, and evaluating the OTP CID with a certificate CID read from the certificate. Thus, while CCID carries information for a plurality of customers, each customer's certificate points only to that customer's OTP CID, which can be changed to revoke that customer's certificate without revoking the other customers' certificates. The CCID also may include a version number, where the chipsets allow or disallow software booting based on evaluating the certificate version number in view of the CCID version number.
摘要翻译: 复合客户ID(CCID)存储在许多不同客户使用的集成电路芯片组的OTP存储器中。 CCID包括在定义的索引位置处的每个客户ID(CID),每个客户ID对应于不同的客户。 每个芯片组允许或不允许软件引导,基于从给定客户的证书读取证书索引值,从OTP读取OTP CID,按证书索引值指示,并使用从证书读取的证书CID来评估OTP CID。 因此,当CCID携带多个客户的信息时,每个客户的证书仅指示该客户的OTP CID,其可以被改变以撤消该客户的证书而不撤销其他客户的证书。 CCID还可以包括版本号,其中基于CCID版本号,基于评估证书版本号,芯片组允许或不允许软件启动。
-
公开(公告)号:US20090138707A1
公开(公告)日:2009-05-28
申请号:US11883975
申请日:2006-02-01
申请人: Herve Sibert , Marc Girault
发明人: Herve Sibert , Marc Girault
CPC分类号: H04L9/3271 , G06Q20/388 , G07F7/1008 , H04L2209/805 , H04W12/06
摘要: A method of pre-authentication of a first entity (10) by a second entity (1) communicating with each other via a wireless connection. The second entity (1) sends (23′) a challenge value (c). If the first entity (10) receives (23) a challenge value (c′), it applies to the received challenge value a predefined transformation (g) known to the second entity to obtain a first transformed value (r) and then sends (24) the first transformed value (r) obtained. If the second entity receives (24′) a transformed value (r′), it compares (25′) the received transformed value to a second transformed value (r″) obtained by applying the predefined transformation (g) to the challenge value sent and considers the pre-authentication to have succeeded if the result of comparing the second transformed value obtained and the transformed value received is below a predefined threshold (m).
摘要翻译: 一种通过无线连接相互通信的第二实体(1)对第一实体(10)进行预认证的方法。 第二实体(1)发送(23')挑战值(c)。 如果第一实体(10)接收到(23)询问值(c'),则其对接收到的质询值应用第二实体已知的获得第一变换值(r)的预定变换(g),然后发送( 24)获得的第一变换值(r)。 如果第二实体接收(24')变换值(r'),则将接收到的变换值与(25)'通过将预定变换(g)应用于询问值而获得的第二变换值(r“)进行比较 如果所获得的第二变换值与所接收的变换值的比较低于预先设定的阈值(m),则认为预认证成功。
-
6.发明申请Method of Storing Data in a Memory Device and a Processing Device for Processing Such Data 有权将数据存储在存储器装置中的方法和用于处理这种数据的处理装置公开(公告)号:US20110276809A1
公开(公告)日:2011-11-10
申请号:US13124785
申请日:2009-10-22
申请人: Herve Sibert , Valere Delong
发明人: Herve Sibert , Valere Delong
IPC分类号: G06F12/14
CPC分类号: G11B20/0021 , G06F21/10 , G06F2221/0704 , G11B20/00086 , G11B20/00492 , G11B2220/2516 , G11B2220/61
摘要: In a method of storing data in a memory device, which data comprise content to be processed in a processing device in which the memory device is installed, the method comprises the steps of writing encrypted content (Enc_Krand(flash_content) into the memory device before installing the memory device in the processing device, wherein the content was encrypted by use of a first key (Krand), and accessing the first key (Krand) and encrypting the first key (Krand) by the aid of a second key (KIC; Ke) that is dependent on the processing device after installation of the memory device in the processing device, and writing the encrypted first key (EncSym_KIC(Krand); EncAsym_Ke(Krand)) into the memory device.
摘要翻译: 在将数据存储在存储装置中的方法中,哪些数据包括要在其中安装存储装置的处理装置中要处理的内容,该方法包括在安装之前将加密内容(Enc_Krand(flash_content))写入存储装置的步骤 处理设备中的存储设备,其中通过使用第一密钥(Krand)对内容进行加密,并且借助于第二密钥(KIC; Ke)访问第一密钥(Krand)并加密第一密钥(Krand) ),并且将加密的第一密钥(EncSym_KIC(Krand); EncAsym_Ke(Krand))写入到存储设备中,该处理设备在安装处理设备之后依赖于处理设备。
-
7.发明申请METHOD FOR CONTROLLING SECURED TRANSACTIONS USING A SINGLE PHYSICAL DEVICE, CORRESPONDING PHYSICAL DEVICE, SYSTEM AND COMPUTER PROGRAM 审中-公开使用单个物理设备控制安全交易的方法,相应的物理设备,系统和计算机程序公开(公告)号:US20090106548A1
公开(公告)日:2009-04-23
申请号:US11996181
申请日:2006-07-18
申请人: David Arditti , Laurent Frisch , Herve Sibert
发明人: David Arditti , Laurent Frisch , Herve Sibert
IPC分类号: H04L9/32
CPC分类号: H04L9/3263 , H04L2209/56
摘要: A method is provided for controlling secure transactions using a physical device held by a user and bearing at least one pair of asymmetric keys, including a device public key and a corresponding device private key. The method includes, prior to implementing the physical device, certifying the device public key with a first certification key of a particular certifying authority, delivering a device certificate after verifying that the device private key is housed in a tamper-proof zone of the physical device; verifying the device certificate by a second certification key corresponding to the first certification key; and in case of a positive verification, registering the user with a provider delivering a provider certificate corresponding to the signature by the provider of the device public key and an identifier of the user.
摘要翻译: 提供了一种用于使用由用户持有的物理设备来控制安全交易并且承载至少一对非对称密钥(包括设备公钥和对应的设备私钥)的方法。 该方法包括:在实现物理设备之前,用特定认证机构的第一认证密钥证明设备公钥,在验证设备专用密钥被容纳在物理设备的防篡改区域之后传递设备证书 ; 通过对应于第一认证密钥的第二认证密钥验证设备证书; 并且在正确验证的情况下,向用户注册提供者提供与设备公钥的提供者签名相对应的提供者证书的提供者和用户的标识符。
-
公开(公告)号:US09158936B2
公开(公告)日:2015-10-13
申请号:US13516466
申请日:2010-12-17
申请人: Herve Sibert
发明人: Herve Sibert
CPC分类号: G06F21/64 , G06F21/572 , G06F21/79 , G06F2221/2101 , G06F2221/2107
摘要: An electronic device for storing data content by storing at least a portion of the data content in a rewritable memory device by storing an n bit count value associated with the status of the data content in a one time programmable memory. The n bit count value is written to the secure memory device along with the corresponding data content. Then the n bit count value is incremented and stored in the one time programmable memory each time there is a modification of the data content in the rewritable memory device. The number of bits of the one time programmable memory may correspond to the number of potential modifications of the stored data content.
摘要翻译: 一种电子设备,用于通过将与数据内容的状态相关联的n位计数值存储在一次可编程存储器中来将数据内容的至少一部分存储在可重写存储器设备中来存储数据内容。 将n位计数值与对应的数据内容一起写入安全存储器件。 然后,每当可重写存储器件中的数据内容被修改时,n位计数值被递增并存储在一次可编程存储器中。 一次性可编程存储器的位数可以对应于存储的数据内容的潜在修改的数量。
-
公开(公告)号:US08812840B2
公开(公告)日:2014-08-19
申请号:US11883975
申请日:2006-02-01
申请人: Herve Sibert , Marc Girault
发明人: Herve Sibert , Marc Girault
IPC分类号: H04L29/00
CPC分类号: H04L9/3271 , G06Q20/388 , G07F7/1008 , H04L2209/805 , H04W12/06
摘要: A method of pre-authentication of a first entity (10) by a second entity (1) communicating with each other via a wireless connection. The second entity (1) sends (23′) a challenge value (c). If the first entity (10) receives (23) a challenge value (c′), it applies to the received challenge value a predefined transformation (g) known to the second entity to obtain a first transformed value (r) and then sends (24) the first transformed value (r) obtained. If the second entity receives (24′) a transformed value (r′), it compares (25′) the received transformed value to a second transformed value (r″) obtained by applying the predefined transformation (g) to the challenge value sent and considers the pre-authentication to have succeeded if the result of comparing the second transformed value obtained and the transformed value received is below a predefined threshold (m).
摘要翻译: 一种通过无线连接相互通信的第二实体(1)对第一实体(10)进行预认证的方法。 第二实体(1)发送(23')挑战值(c)。 如果第一实体(10)接收到(23)询问值(c'),则其对接收到的质询值应用第二实体已知的获得第一变换值(r)的预定变换(g),然后发送( 24)获得的第一变换值(r)。 如果第二实体接收(24')变换值(r'),则将接收到的变换值与通过将预定变换(g)应用于所发送的询问值而获得的第二变换值(r“)进行比较(25') 并且如果所获得的第二变换值与所接收的变换值的比较低于预定阈值(m),则认为预认证成功。
-
公开(公告)号:US08126140B2
公开(公告)日:2012-02-28
申请号:US11659052
申请日:2004-08-02
申请人: Herve Sibert , Aline Gouget
发明人: Herve Sibert , Aline Gouget
IPC分类号: H04L9/00
CPC分类号: G06F7/58
摘要: A method of generating a pseudorandom data sequence, wherein said pseudorandom data sequence is generated by a procedure for searching for a search pattern in an initial data sequence of N bits, said search procedure comprising the following steps: (a) detecting in said initial data sequence a particular search pattern of r bits that is one of a set of search patterns; (b) determining an output pattern of k bits by an operation that depends on the progress of the preceding step; and repeating the preceding steps (a) and (b) successively to form the pseudorandom data sequence from a succession of output patterns.
摘要翻译: 一种生成伪随机数据序列的方法,其中所述伪随机数据序列由用于搜索N比特的初始数据序列中的搜索模式的过程产生,所述搜索过程包括以下步骤:(a)在所述初始数据中检测 对作为一组搜索模式之一的r位的特定搜索模式进行排序; (b)通过取决于前一步骤的进展的操作来确定k比特的输出模式; 并重复上述步骤(a)和(b),以从一系列输出模式形成伪随机数据序列。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.034 秒)
