公开(公告)号：US08762439B2

公开(公告)日：2014-06-24

申请号：US13086996

申请日：2011-04-14

申请人： Joshua Phillips de Cesare ,  Michael John Smith

发明人： Joshua Phillips de Cesare ,  Michael John Smith

IPC分类号： G06F7/58

CPC分类号： G06F7/588

摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for generating random data at an early stage in a boot process. A system practicing the method performs, by a processor based on a first clock, a group of reads of a counter running on a second clock to yield entropy words. In order to produce words with entropy, the system introduces a progressively increasing delay between each of the group of reads of the counter. The system generates entropy words by filling the buffer with successive reads of the least significant bit of the counter and then generates random data by applying a hash algorithm to the entropy words stored in the buffer.

摘要翻译： 本文公开了用于在引导过程中的早期阶段生成随机数据的系统，方法和非暂时的计算机可读存储介质。 实施该方法的系统通过基于第一时钟的处理器执行在第二时钟上运行的计数器的读取组以产生熵词。 为了产生具有熵的词，系统在计数器的读取组中的每一组之间引入逐渐增加的延迟。 该系统通过用计数器的最低有效位的连续读取填充缓冲器来产生熵字，然后通过将哈希算法应用于存储在缓冲器中的熵字来产生随机数据。

公开(公告)号：US20120288089A1

公开(公告)日：2012-11-15

申请号：US13106268

申请日：2011-05-12

申请人： Conrad Sauerwald ,  Joseph P. Bratt ,  Joshua Phillips de Cesare ,  Timothy John Millet ,  Weihua Mao

发明人： Conrad Sauerwald ,  Joseph P. Bratt ,  Joshua Phillips de Cesare ,  Timothy John Millet ,  Weihua Mao

IPC分类号： H04L9/06

CPC分类号： H04L9/0863 ,  H04L9/0866

摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for generating a device dependent cryptographic key in a rate-limited way. A system configured to practice the method first receives data associated with a user. The data associated with the user can be a password, a personal identification number (PIN), or a hash of the password. Then the system performs a first encryption operation on the user data based on a device-specific value to yield first intermediate data and performs a second encryption operation on the first intermediate data based on the device-specific value to yield second intermediate data. Then the system iteratively repeats the second encryption operation until a threshold is met, wherein each second encryption operation is performed on the second intermediate data from a previous second encryption operation. The iterations produce a final cryptographic key which the system can then output or use for a cryptographic operation.

摘要翻译： 本文公开了用于以速率限制的方式生成依赖于设备的加密密钥的系统，方法和非暂时的计算机可读存储介质。 被配置为练习该方法的系统首先接收与用户相关联的数据。 与用户相关联的数据可以是密码，个人识别码（PIN）或密码的散列。 然后，系统基于设备特定值对用户数据执行第一加密操作，以产生第一中间数据，并且基于设备特定值对第一中间数据执行第二加密操作以产生第二中间数据。 然后，系统迭代地重复第二加密操作，直到满足阈值，其中从先前的第二加密操作对第二中间数据执行每个第二加密操作。 迭代产生最终的加密密钥，系统然后可以输出或用于加密操作。

公开(公告)号：US08681976B2

公开(公告)日：2014-03-25

申请号：US13106268

申请日：2011-05-12

申请人： Conrad Sauerwald ,  Joseph P. Bratt ,  Joshua Phillips de Cesare ,  Timothy John Millet ,  Weihua Mao

发明人： Conrad Sauerwald ,  Joseph P. Bratt ,  Joshua Phillips de Cesare ,  Timothy John Millet ,  Weihua Mao

IPC分类号： H04L29/06

CPC分类号： H04L9/0863 ,  H04L9/0866

摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for generating a device dependent cryptographic key in a rate-limited way. A system configured to practice the method first receives data associated with a user. The data associated with the user can be a password, a personal identification number (PIN), or a hash of the password. Then the system performs a first encryption operation on the user data based on a device-specific value to yield first intermediate data and performs a second encryption operation on the first intermediate data based on the device-specific value to yield second intermediate data. Then the system iteratively repeats the second encryption operation until a threshold is met, wherein each second encryption operation is performed on the second intermediate data from a previous second encryption operation. The iterations produce a final cryptographic key which the system can then output or use for a cryptographic operation.

摘要翻译： 本文公开了用于以速率限制的方式生成依赖于设备的加密密钥的系统，方法和非暂时的计算机可读存储介质。 被配置为练习该方法的系统首先接收与用户相关联的数据。 与用户相关联的数据可以是密码，个人识别码（PIN）或密码的散列。 然后，系统基于设备特定值对用户数据执行第一加密操作，以产生第一中间数据，并且基于设备特定值对第一中间数据执行第二加密操作以产生第二中间数据。 然后，系统迭代地重复第二加密操作，直到满足阈值，其中从先前的第二加密操作对第二中间数据执行每个第二加密操作。 迭代产生最终的加密密钥，系统然后可以输出或用于加密操作。

公开(公告)号：US20120265795A1

公开(公告)日：2012-10-18

申请号：US13086996

申请日：2011-04-14

申请人： Joshua Phillips de Cesare ,  Michael John Smith

发明人： Joshua Phillips de Cesare ,  Michael John Smith

IPC分类号： G06F7/58

CPC分类号： G06F7/588

摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for generating random data at an early stage in a boot process. A system practicing the method performs, by a processor based on a first clock, a group of reads of a counter running on a second clock to yield entropy words. In order to produce words with entropy, the system introduces a progressively increasing delay between each of the group of reads of the counter. The system generates entropy words by filling the buffer with successive reads of the least significant bit of the counter and then generates random data by applying a hash algorithm to the entropy words stored in the buffer.

摘要翻译： 本文公开了用于在引导过程中的早期阶段生成随机数据的系统，方法和非暂时的计算机可读存储介质。 实施该方法的系统通过基于第一时钟的处理器执行在第二时钟上运行的计数器的读取组以产生熵词。 为了产生具有熵的词，系统在计数器的读取组中的每一组之间引入逐渐增加的延迟。 该系统通过用计数器的最低有效位的连续读取填充缓冲器来产生熵字，然后通过将哈希算法应用于存储在缓冲器中的熵字来产生随机数据。