-
公开(公告)号:US20130103942A1
公开(公告)日:2013-04-25
申请号:US13276612
申请日:2011-10-19
CPC分类号: H04L9/0662 , H04L9/083 , H04L2209/16
摘要: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for obfuscating data via a pseudo-random polymorphic tree. A server, using a seed value shared with a client device, generates a tag stream according to a byte-string algorithm. The server passes the tag stream and the data to be transmitted to the client device through a pseudo-random polymorphic tree serializer to generate a pseudo-random polymorphic tree, which the server transmits to the client device. The client device, using the same seed and byte-string algorithm, generates the same tag stream as on the server. The client passes that tag stream and the received pseudo-random polymorphic tree through a pseudo-random polymorphic tree parser to extract the data. Data to be transmitted from the server to the client device is hidden in a block of seemingly random data, which changes for different seed values. This approach obfuscates data and has low processing overhead.
摘要翻译: 本文公开了用于通过伪随机多态树来模糊数据的系统,方法和非暂时的计算机可读存储介质。 使用与客户端设备共享的种子值的服务器根据字节串算法生成标签流。 服务器通过伪随机多态树序列化器将标签流和要发送到客户端设备的数据传递给服务器发送给客户端设备的伪随机多态树。 使用相同种子和字节串算法的客户端设备生成与服务器上相同的标签流。 客户端通过伪随机多态树解析器传递该标签流和接收的伪随机多态树,以提取数据。 要从服务器发送到客户端设备的数据被隐藏在看似随机数据的块中,其对于不同的种子值而变化。 这种方法模糊数据并具有较低的处理开销。
-
公开(公告)号:US08175266B2
公开(公告)日:2012-05-08
申请号:US12116819
申请日:2008-05-07
IPC分类号: H04L29/06
CPC分类号: H04L9/3242 , H04L2209/24 , H04L2209/38 , H04L2209/80
摘要: Disclosed herein are systems, method and computer readable medium for providing authentication of an entity B by an entity A. In the method, entity A selects a value p, a range [a, b] and a granularity epsilon. Entity A sends p, [a, b], and epsilon to entity B. Entity B initializes a value yB=0 and for each x in {a, a+epsilon, . . . , b−epsilon, b} and computes z=E(x)*x. The function E(x) is an encryption scheme and the multiplication is carried out mod p. Entity B updates yB=yB+z. After processing each x, entity B sends yB to entity A. Entity A performs the same calculation and generates a yA value and compares yA with yB. If yB=yA, Entity A authenticate entity B. In one aspect, a light HMAC scheme splits an input x into n blocks with key expansion.
摘要翻译: 本文公开了用于由实体A提供实体B的认证的系统,方法和计算机可读介质。在该方法中,实体A选择值p,范围[a,b]和粒度ε。 实体A向实体B发送p,[a,b]和epsilon。实体B初始化值yB = 0,对于{a,a +ε, 。 。 ,b-epsilon,b}并计算z = E(x)* x。 函数E(x)是一个加密方案,并且乘法执行mod p。 实体B更新yB = yB + z。 在处理每个x之后,实体B向实体A发送yB。实体A执行相同的计算并生成yA值并将yA与yB进行比较。 如果yB = yA,则实体A认证实体B.在一个方面,轻的HMAC方案将输入x分割成具有密钥扩展的n个块。
-
公开(公告)号:US20110320814A1
公开(公告)日:2011-12-29
申请号:US13223517
申请日:2011-09-01
IPC分类号: H04L9/32
CPC分类号: H04L9/3236 , H04L2209/60
摘要: Disclosed herein are systems, methods and computer readable media for performing authentication. The proposed scheme utilizes new algorithms that introduce randomness using a physical value for authentication. An exemplary method includes sharing an initial state value S(0) with a sender and a receiver, generating a sender S(t, v) based on a parameter t and an identifier v and based at least in part on the value S(0). The method includes generating a receiver S(t, v) from S(0) based on the parameter t and the identifier v wherein the parameter t is related to a physical value in authenticating the identifier v based on a comparison of the sender S(t, v) and the receiver S(t, v). The process of generating the sender S(t, v) and the receiver S(t, v) includes a random variable generated by a process such as by a random number generator, the Brownian Motion or Wiener Process. Other embodiments do not use the physical value for authentication.
摘要翻译: 本文公开了用于执行认证的系统,方法和计算机可读介质。 所提出的方案利用使用物理值引入随机性的新算法进行认证。 一种示例性方法包括与发送者和接收者共享初始状态值S(0),基于参数t和标识符v生成发送者S(t,v),并且至少部分地基于值S(0 )。 该方法包括基于参数t和标识符v从S(0)生成接收器S(t,v),其中参数t与鉴定符v的物理值有关,基于发送器S的比较( t,v)和接收机S(t,v)。 生成发送方S(t,v)和接收方S(t,v)的过程包括由诸如随机数生成器Brownian Motion或Wiener进程之类的处理生成的随机变量。 其他实施例不使用物理值进行认证。
-
公开(公告)号:US20110307873A1
公开(公告)日:2011-12-15
申请号:US12815298
申请日:2010-06-14
IPC分类号: G06F9/44
CPC分类号: G06F7/588 , G06F21/64 , G06F2221/2145 , H04L2209/16
摘要: Disclosed are systems, methods, and non-transitory computer-readable storage media for detecting changes in a source of entropy. A system configured to practice the method generates a cyclic graph based at least in part on the values in the entropy pool. Using the cyclic graph and one or more starting points, the system establishes one or more baseline properties for the cyclic graph. These properties can include the number of steps required to identify a cycle in the graph or the number of steps required to traverse the graph from one or more starting points to a selected end point. The computed properties are then stored for later use. As execution progresses, the system monitors the entropy pool to detect a change by regenerating the cyclic graph and using the stored properties.
摘要翻译: 公开了用于检测熵源中的变化的系统,方法和非暂时的计算机可读存储介质。 配置为实施该方法的系统至少部分地基于熵池中的值来生成循环图。 使用循环图和一个或多个起始点,系统建立循环图的一个或多个基线属性。 这些属性可以包括识别图中的周期所需的步骤数量,或者从一个或多个起始点到所选终点遍历图形所需的步骤数。 然后将计算的属性存储以供以后使用。 随着执行的进行,系统通过重新生成循环图并使用存储的属性来监视熵池来检测变化。
-
公开(公告)号:US20110179403A1
公开(公告)日:2011-07-21
申请号:US12688807
申请日:2010-01-15
IPC分类号: G06F9/45
CPC分类号: G06F21/14 , G06F8/4443 , G06F9/463 , G06F17/241
摘要: Disclosed herein are systems, methods, and computer-readable storage media for obfuscating using inlined functions. A system configured to practice the method receives a program listing including annotated functions for obfuscation, identifies an annotated function called more than once in the program listing, and creates an inline control flow structure in the program listing for the identified annotated function, the control flow structure being computationally equivalent to inlining the identified annotated function into the program listing for each occurrence of the identified annotated function. The program listing can include tiers of annotated functions. The system can identify annotated functions called more than once based on an optionally generated callgraph. The system can create inline control flow structures in the program listing in order of annotation importance. The system can identify how many times each annotated function is called in the program listing.
摘要翻译: 本文公开了用于使用内联函数进行混淆的系统,方法和计算机可读存储介质。 配置为实施该方法的系统接收包括用于模糊化的注释功能的程序列表,在程序列表中标识多于一次的注释函数,并且在所述程序列表中为所识别的注释功能创建一个内联控制流结构, 计算结构相当于将所识别的注释功能内联到所述识别的注释功能的每次出现的程序列表中。 程序列表可以包括注释功能的层次。 系统可以基于可选地生成的呼叫图来识别多次调用的注释功能。 该系统可以在注释重要性的顺序创建程序列表中的内联控制流结构。 系统可以识别每个注释功能在程序列表中调用的次数。
-
公开(公告)号:US20100054459A1
公开(公告)日:2010-03-04
申请号:US12203101
申请日:2008-09-02
IPC分类号: H04L9/28
CPC分类号: H04L9/00 , H04L2209/16
摘要: Disclosed herein are methods for obfuscating data on a client, on a server, and on a client and a server. The method on a client device includes receiving input data, storing an operation value in a secure location, performing a modulus obfuscation on the operation value, performing a modulus operation on the operation value and the input data, performing a modulus transformation on the operation value and the input data to obtain client output data, and checking if the client output data matches corresponding server output data. The method on a server device includes receiving input data, performing a modulus transformation on the input data to obtain a result, performing a plain operation on the result and an operation value to obtain server output data, and checking if the server output data matches corresponding client output data from a client device that (1) receives input data, (2) stores an operation value in a secure location, (3) performs a modulus obfuscation on the operation value, (4) performs a modulus operation on the operation value and the input data, and (5) performs a modulus transformation on the operation value and the input data to obtain client output data. In an optional step applicable to both clients and servers, the method further includes authenticating the client input data and the server input data if the server output data matches the client output data. In one aspect, server input data and client input data pertain to a cryptographic key.
摘要翻译: 这里公开了用于在客户端,服务器上以及在客户端和服务器上模糊数据的方法。 客户端装置的方法包括接收输入数据,将操作值存储在安全位置,对运算值进行模糊混淆,对运算值和输入数据进行模运算,对运算值进行模变换 和输入数据,以获取客户端输出数据,并检查客户端输出数据是否匹配相应的服务器输出数据。 服务器装置上的方法包括:接收输入数据,对输入数据进行模数变换,得到结果,对结果执行简单操作,得到操作值,得到服务器输出数据,并检查服务器输出数据是否匹配对应 (1)接收输入数据的客户端输出数据,(2)将操作值存储在安全位置,(3)对运算值进行模糊混淆,(4)对运算值进行模运算 和输入数据,(5)对运算值和输入数据进行模变换,得到客户输出数据。 在适用于客户端和服务器的可选步骤中,如果服务器输出数据与客户端输出数据匹配,则该方法还包括验证客户端输入数据和服务器输入数据。 在一个方面,服务器输入数据和客户端输入数据属于加密密钥。
-
公开(公告)号:US20090279696A1
公开(公告)日:2009-11-12
申请号:US12116819
申请日:2008-05-07
IPC分类号: H04L9/28
CPC分类号: H04L9/3242 , H04L2209/24 , H04L2209/38 , H04L2209/80
摘要: Disclosed herein are systems, method and computer readable medium for providing authentication of an entity B by an entity A. In the method, entity A selects a value p, a range [a, b] and a granularity epsilon. Entity A sends p, [a, b], and epsilon to entity B. Entity B initializes a value yB=0 and for each x in {a, a+epsilon, . . . , b−epsilon, b} and computes z=E(x)*x. The function E(x) is an encryption scheme and the multiplication is carried out mod p. Entity B updates yB=yB+z. After processing each x, entity B sends yB to entity A. Entity A performs the same calculation and generates a yA value and compares yA with yB. If yB=yA, Entity A authenticate entity B. In one aspect, a light HMAC scheme splits an input x into n blocks with key expansion.
摘要翻译: 本文公开了用于由实体A提供实体B的认证的系统,方法和计算机可读介质。在该方法中,实体A选择值p,范围[a,b]和粒度ε。 实体A向实体B发送p,[a,b]和epsilon。实体B初始化值yB = 0,对于{a,a +ε, 。 。 ,b-epsilon,b}并计算z = E(x)* x。 函数E(x)是一个加密方案,并且乘法执行mod p。 实体B更新yB = yB + z。 在处理每个x之后,实体B向实体A发送yB。实体A执行相同的计算并生成yA值并将yA与yB进行比较。 如果yB = yA,则实体A认证实体B.在一个方面,轻的HMAC方案将输入x分割成具有密钥扩展的n个块。
-
8.发明授权System and method for key space division and sub-key derivation for mixed media digital rights management content 有权混合媒体数字版权管理内容的关键空间划分和子密钥派生的系统和方法公开(公告)号:US08638935B2
公开(公告)日:2014-01-28
申请号:US13349451
申请日:2012-01-12
申请人: Gianpaolo Fasoli , Augustin J. Farrugia , Bertrand Mollinier Toublet , Gelareh Taban , Nicholas T. Sullivan , Srinivas Vedula
发明人: Gianpaolo Fasoli , Augustin J. Farrugia , Bertrand Mollinier Toublet , Gelareh Taban , Nicholas T. Sullivan , Srinivas Vedula
IPC分类号: H04L9/14
CPC分类号: H04L9/14 , H04L9/0861 , H04L2209/603 , H04N21/2347 , H04N21/26613 , H04N21/63345
摘要: Disclosed herein are systems, methods, and non-transitory computer-readable storage media for key space division and sub-key derivation for mixed media digital rights management content and secure digital asset distribution. A system practicing the exemplary method derives a set of family keys from a master key associated with an encrypted media asset using a one-way function, wherein each family key is uniquely associated with a respective client platform type, wherein the master key is received from a server account database, and identifies a client platform type for a client device and a corresponding family key from the set of family keys. The system encrypts an encrypted media asset with the corresponding family key to yield a platform-specific encrypted media asset, and transmits the platform-specific encrypted media asset to the client device. Thus, different client devices receive device-specific encrypted assets which can be all derived based on the same master key.
摘要翻译: 本文公开了用于混合媒体数字版权管理内容和安全数字资产分配的关键空间划分和子密钥导出的系统,方法和非暂时的计算机可读存储介质。 实施示例性方法的系统使用单向函数从与加密的媒体资产相关联的主密钥导出一组家庭密钥,其中每个家庭密钥与相应的客户端平台类型唯一地相关联,其中主密钥从 一个服务器帐户数据库,并从一组家庭密钥中识别客户端设备的客户端平台类型和相应的家庭密钥。 该系统使用相应的家庭密钥对加密的媒体资产进行加密,以产生特定于平台的加密媒体资产,并将平台特定的加密媒体资产发送到客户端设备。 因此,不同的客户端设备接收可以全部基于相同主密钥导出的特定于设备的加密资产。
-
公开(公告)号:US08225100B2
公开(公告)日:2012-07-17
申请号:US12263293
申请日:2008-10-31
IPC分类号: H04L29/06
CPC分类号: G06F7/723 , G06F2207/7257 , H04L9/0643
摘要: Aspects relate to systems and methods for implementing a hash function using a stochastic and recurrent process, and performing arithmetic operations during the recurrence on portions of a message being hashed. In an example method, the stochastic process is a Galton-Watson process, the message is decomposed into blocks, and the method involves looping for a number of blocks in the message. In each loop, a current hash value is determined based on arithmetic performed on a previous hash value and some aspect of a current block. The arithmetic performed can involve modular arithmetic, such as modular addition and exponentiation. The algorithm can be adjusted to achieve qualities including a variable length output, or to perform fewer or more computations for a given hash. Also, randomizing elements can be introduced into the arithmetic, avoiding a modular reduction until final hash output production.
摘要翻译: 方面涉及用于使用随机和复现过程来实现散列函数的系统和方法,以及在散列的消息的部分上的重复期间执行算术运算。 在一个示例方法中,随机过程是Galton-Watson过程,消息被分解成块,并且该方法涉及在消息中循环多个块。 在每个循环中,基于对先前哈希值和当前块的某个方面执行的算术来确定当前哈希值。 执行的算术可以涉及模数运算,例如模块加法和乘法运算。 可以调整算法以实现包括可变长度输出的质量,或者为给定散列执行更少或更多的计算。 此外,可以将随机化元素引入算术,避免模块化减少直到最终哈希输出生成。
-
公开(公告)号:US20090279689A1
公开(公告)日:2009-11-12
申请号:US12116770
申请日:2008-05-07
CPC分类号: H04L9/3236 , H04L2209/60
摘要: Disclosed herein are systems, methods and computer readable media for performing authentication. The proposed scheme utilizes new algorithms that introduce randomness using a physical value for authentication. An exemplary method includes sharing an initial state value S(0) with a sender and a receiver, generating a sender S(t, v) based on a parameter t and an identifier v and based at least in part on the value S(0). The method includes generating a receiver S(t, v) from S(0) based on the parameter t and the identifier v wherein the parameter t is related to a physical value in authenticating the identifier v based on a comparison of the sender S(t, v) and the receiver S(t, v). The process of generating the sender S(t, v) and the receiver S(t, v) includes a random variable generated by a process such as by a random number generator, the Brownian Motion or Wiener Process. Other embodiments do not use the physical value for authentication.
摘要翻译: 本文公开了用于执行认证的系统,方法和计算机可读介质。 所提出的方案利用使用物理值引入随机性的新算法进行认证。 一种示例性方法包括与发送者和接收者共享初始状态值S(0),基于参数t和标识符v生成发送者S(t,v),并且至少部分地基于值S(0 )。 该方法包括基于参数t和标识符v从S(0)生成接收器S(t,v),其中参数t与鉴定符v的物理值有关,基于发送器S的比较( t,v)和接收机S(t,v)。 生成发送方S(t,v)和接收方S(t,v)的过程包括由诸如随机数生成器Brownian Motion或Wiener进程之类的处理生成的随机变量。 其他实施例不使用物理值进行认证。
-
-
-
-
-
-
-
-
-
搜索结果
23 条记录 (耗时 0.023 秒)
