利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

40 条记录 (耗时 0.027 秒)

    Non-interactive hierarchical identity-based key-agreement
    1.
    发明授权
    Non-interactive hierarchical identity-based key-agreement 失效
    基于非交互式层次化身份的密钥协商

    公开(公告)号:US08422681B2

    公开(公告)日:2013-04-16

    申请号:US12043755

    申请日:2008-03-06

    申请人: Rosario Gennaro Shai Halevi Hugo M Krawczyk Tal Rabin

    发明人: Rosario Gennaro Shai Halevi Hugo M Krawczyk Tal Rabin

    IPC分类号: H04L29/06

    CPC分类号: H04L9/0847 H04L9/0836 H04L2209/80

    摘要: A pairwise key-agreement scheme is provided for creating key agreements non-interactively between pairs of nodes disposed in a hierarchy of nodes. The scheme is non-interactive so that any two nodes can agree on a shared secret key without interaction. In addition, the scheme is identity-based so that any given node only needs to know the identity of peer nodes to compute the shared secret key. All of the nodes are arranged in a hierarchy where an intermediate node in the hierarchy can derive the secret keys for each of its children from its own secret key and the identity of the child. Accordingly, the scheme is fully resilient against compromise of any number of leaves in the hierarchy and of a threshold number of nodes in the upper levels of the hierarchy. The scheme is well-suited for environments such as mobile ad-hoc networks (MANETs), which are very dynamic, have acute bandwidth-constraints and have many nodes are vulnerable to compromise.

    摘要翻译: 提供了成对密钥协商方案,用于在节点层次结构中的成对节点之间非交互地创建密钥协议。 该方案是非交互式的,因此任何两个节点都可以在没有交互的情况下对共享秘密密钥达成一致。 此外,该方案是基于身份的,使得任何给定节点仅需要知道对等节点的身份来计算共享密钥。 所有的节点被排列在层次结构中,其中层次结构中的中间节点可以从其自己的秘密密钥和孩子的身份导出其每个子项的秘密密钥。 因此,该方案完全可抵御层次结构中任何数量的叶片和层次结构的较高层中的阈值数量的节点的折中。 该方案非常适合诸如移动自组织网络(MANET)这样非常动态的环境,具有严格的带宽限制,并且许多节点容易受到折中。

    Efficient Implementation Of Fully Homomorphic Encryption
    2.
    发明申请
    Efficient Implementation Of Fully Homomorphic Encryption 有权
    有效实现完全同态加密

    公开(公告)号:US20120039473A1

    公开(公告)日:2012-02-16

    申请号:US13205813

    申请日:2011-08-09

    申请人: Craig B. Gentry Shai Halevi

    发明人: Craig B. Gentry Shai Halevi

    IPC分类号: H04L9/00

    CPC分类号: H04L9/008 H04L9/0816 H04L9/3026 H04L2209/24 H04L2209/26

    摘要: In one exemplary embodiment of the invention, a method for homomorphic decryption, including: providing a ciphertext with element c, there exists a big set B having N elements zi so B={z1,z2, . . . , zN}, there exists a small set S having n elements sj so S={s1, s2, . . . , sn}, the small set is a subset of the big set, summing up the elements of the small set yields the private key, there exists a bit vector {right arrow over (σ)} having N bits σi so {right arrow over (σ)}=σ1, σ2, . . . , σN, σi=1 if zi ∈ S else σi=0, there exists an encrypted vector {right arrow over (d)} having N ciphertexts di so d=d1, d2, . . . , dN, di is an encryption of σi; post-processing c by multiplying it by all zi to obtain an intermediate vector {right arrow over (y)}=y1, y2, . . . , yN with yi computed yi=c×zi; homomorphically multiplying yi by di obtaining a ciphertext vector {right arrow over (x)} having N ciphertexts xi so z=x1, x2, . . . , xN, where xi is an encryption of the product yi·σi; and homomorphically summing all xi to obtain a resulting ciphertext that is an encryption of the at least one bit, where the big set is partitioned into n parts with each part having a plurality of different elements from the big set, where the elements of the small set are one element from each part.

    摘要翻译: 在本发明的一个示例性实施例中,一种用于同态解密的方法,包括:提供具有元素c的密文,存在具有N个元素zi的大集合B,因此B = {z1,z2,..., 。 。 ,zN},存在具有n个元素sj的小集合S,因此S = {s1,s2,...。 。 。 ,sn},小集是大集合的一个子集,对小集合的元素求和得到私钥,存在一个位向量{right arrow over(&sgr;)},具有N位&sgr; i so { 右箭头(&sgr;)} =&sgr; 1,&sgr; 2,。 。 。 ,&sgr; N,&sgr; i = 1如果zi∈S else&sgr; i = 0,则存在加密向量{(d)}的右箭头,其具有N个密文,所以d = d1,d2。 。 。 ,dN,di是&sgr的加密; i; 通过将所有zi乘以后处理c以获得中间向量{(y)}的右箭头} = y1,y2,...。 。 。 ,yi与yi计算yi = c×zi; 通过di获得一个密文向量{(x)}的右箭头(x(x)}),以n个密文xi为单位乘以yi,所以z = x1,x2,...。 。 。 ,xN,其中xi是产品的加密yi·&sgr; i; 并且对所有xi进行同态求和以获得作为至少一个比特的加密的结果密文,其中大集合被分割成n个部分,每个部分具有来自大集合的多个不同的元素,其中小的元素 set是每个部分的一个元素。

    System and method for processing user data in an encryption pipeline
    3.
    发明授权
    System and method for processing user data in an encryption pipeline 有权
    用于在加密管道中处理用户数据的系统和方法

    公开(公告)号:US07965844B2

    公开(公告)日:2011-06-21

    申请号:US11688445

    申请日:2007-03-20

    申请人: Paul Merrill Greco Shai Halevi Glen Alan Jaquette

    发明人: Paul Merrill Greco Shai Halevi Glen Alan Jaquette

    IPC分类号: H04L9/06 H04L9/14

    CPC分类号: G11B20/00086

    摘要: A method, system and program are disclosed for efficiently processing host data which comprises encrypted and non-encrypted data and is to be written to a storage medium. The encrypted data is written to the storage medium in encrypted form. The non-encrypted data is encrypted by a storage device using a well known encryption key and written to the storage medium. In this way, the data that is processed by the storage device to and from the storage medium can always be processed through a single encryption engine.

    摘要翻译: 公开了一种方法,系统和程序,用于有效地处理包括加密和非加密数据的主机数据,并将其写入存储介质。 加密数据以加密形式写入存储介质。 未经加密的数据由存储装置使用公知的加密密钥进行加密并写入存储介质。 以这种方式,存储设备处理和从存储介质处理的数据可以总是通过单个加密引擎来处理。

    Use of Indirect Data Keys for Encrypted Tape Cartridges
    4.
    发明申请
    Use of Indirect Data Keys for Encrypted Tape Cartridges 有权

    公开(公告)号:US20080273697A1

    公开(公告)日:2008-11-06

    申请号:US11742837

    申请日:2007-05-01

    申请人: Paul M. Greco Shai Halevi Glen A. Jaquette

    发明人: Paul M. Greco Shai Halevi Glen A. Jaquette

    IPC分类号: H04L9/14 H04L9/10

    CPC分类号: G11B20/1201 G11B20/00086 G11B20/0021 G11B2220/90 H04L9/083 H04L9/14

    摘要: A method, system and program are provided for enabling selective access to multiple users' encrypted data in a single storage cartridge. A unique, derived key is generated for each user's data by performing cryptographic operations on a combination of a common base key and metadata related to the data to be encrypted (e.g. its total block count). The base data key is wrapped with one or more encryption keys to form one or more encryption encapsulated data keys (EEDKs). The base key and the derived key are wrapped to create a session encrypted data key (SEDK), which along with the EEDKs, are conveyed to the tape drive, where the SEDK is decrypted. The EEDKs are then stored in one or more places on the storage cartridge. The base key and the derived key are used to encrypt a predetermined user's data, with the derived key stored on the cartridge with the encrypted data. The encrypted data may be subsequently decrypted by retrieving the EEDK and decrypting it with a decryption key to extract the base data key. The extracted base data key can then be used with other information to calculate the derived key. Once calculated, the derived key is used to decrypt its associated encrypted data.

    Efficient stream cipher system and method
    5.
    发明授权
    Efficient stream cipher system and method 有权
    高效的流密码系统和方法

    公开(公告)号:US07236592B2

    公开(公告)日:2007-06-26

    申请号:US10066041

    申请日:2002-02-01

    申请人: Don Coppersmith Shai Halevi Charanjit Jutla

    发明人: Don Coppersmith Shai Halevi Charanjit Jutla

    IPC分类号: H04K1/00 H04K1/04 H04L9/00

    CPC分类号: H04L9/0668 H04L2209/043

    摘要: A computer system and method generates a random output stream of bits. The system comprises an initial evolving state produced from one or more initial keys, one or more round functions, and one or more mask tables. Each round function is part of a step in a sequence of steps. Each step applies the respective round function to a current evolving state to produce a respective new evolving state for processing by the next step in the sequence. The first step in the sequence starts b processing the initial evolving state. The mask tables are produced from one or more of the initial keys. Each of the mask tables has one or more masks. The masks are combined, in each respective step, with the respective new evolving state in a combination operation to create a respective step output. The random output stream bits is a concatenation of each of the respective step outputs. In one preferred embodiment, one or more of the masks in the mask tables are replaced by one or more replacement masks after a number of combination operations. The replacement masks not being linear combinations of prior masks. In an alternative embodiment, there are two or more mask tables produced from one or more of the initial keys. One or more of the masks from each table is combined, in each respective step, with the respective new evolving state in a combination operation to create a respective step output. There may or may not be replacement of the masks in this embodiment.

    摘要翻译: 计算机系统和方法产生随机输出的比特流。 该系统包括从一个或多个初始密钥,一个或多个循环函数和一个或多个掩码表产生的初始演进状态。 每个循环函数是步骤序列的一部分。 每个步骤将相应的回合函数应用于当前演进状态以产生用于通过该序列中的下一步进行处理的相应的新演进状态。 序列的第一步开始b处理初始进化状态。 掩模台由一个或多个初始密钥产生。 每个掩码表都有一个或多个掩码。 在每个相应步骤中,将掩模与组合操作中的相应新演进状态相结合,以创建相应的步进输出。 随机输出流比特是各个步进输出中的每一个的级联。 在一个优选实施例中,在多个组合操作之后,掩模表中的一个或多个掩模被一个或多个替换掩模替换。 替换掩码不是先前掩码的线性组合。 在替代实施例中,存在从一个或多个初始密钥产生的两个或更多个掩码表。 来自每个表的一个或多个掩模在每个相应的步骤中与组合操作中的相应的新的演进状态相结合以产生相应的步骤输出。 在本实施例中可以或可以不更换面罩。

    Fast evaluation of many polynomials with small coefficients on the same point
    7.
    发明授权
    Fast evaluation of many polynomials with small coefficients on the same point 有权
    对同一点上具有小系数的许多多项式进行快速评估

    公开(公告)号:US08903083B2

    公开(公告)日:2014-12-02

    申请号:US13205755

    申请日:2011-08-09

    申请人: Craig B. Gentry Shai Halevi

    发明人: Craig B. Gentry Shai Halevi

    IPC分类号: H04L9/28 H04L9/08 H04L9/30 H04L9/00

    CPC分类号: H04L9/008 H04L9/0816 H04L9/3026 H04L2209/24 H04L2209/26

    摘要: In one exemplary embodiment of the invention, a method for evaluating at point r one or more polynomials p1(x), . . . , pl(x) of maximum degree up to n−1, where the polynomial pi(x) has a degree of ti−1, the method including: partitioning each polynomial pi(x) into a bottom half pibot(x) with bottom terms of lowest si coefficients and a top half pitop(x) with top terms of remaining ti−si coefficients; recursively partitioning the bottom half pibot(x) and the top half pitop(x) of each polynomial pi(x) obtaining further terms having a lower degree than previous terms, performed until at least one condition is met yielding a plurality of partitioned terms; evaluating the bottom half pibot(x) and the top half pitop(x) at the point r for each polynomial pi(x) by evaluating the partitioned terms at the point r and iteratively combining the evaluated partitioned terms; and evaluating each polynomial pi(x) at the point r by setting pi(r)=rsipitop(r)+pibot(r).

    摘要翻译: 在本发明的一个示例性实施例中,一种用于在点r处评估一个或多个多项式p1(x),...的方法。 。 。 ,其中多项式pi(x)具有度ti-1,该方法包括:将每个多项式pi(x)分成具有底部的底部半带(x) 最低si系数的项和具有剩余ti-si系数的顶级项的上半部pitop(x); 递归地划分每个多项式pi(x)的下半部分匹配(x)和上半部pitop(x),获得具有比先前项更低的程度的其他项,直到满足至少一个条件产生多个分割项; 通过在点r处评估分割项并迭代地组合评估的分割项来评估每个多项式pi(x)的点r处的下半部分(P)(x)和上半部分pitop(x) 并通过设置pi(r)= rsipitop(r)+ pibot(r)来评估点r处的每个多项式pi(x)。

    Efficient homomorphic encryption scheme for bilinear forms
    8.
    发明授权
    Efficient homomorphic encryption scheme for bilinear forms 有权
    双线性形式的高效同态加密方案

    公开(公告)号:US08861716B2

    公开(公告)日:2014-10-14

    申请号:US12749944

    申请日:2010-03-30

    申请人: Shai Halevi Craig B. Gentry Vinod Vaikuntanathan

    发明人: Shai Halevi Craig B. Gentry Vinod Vaikuntanathan

    IPC分类号: H04K1/00

    CPC分类号: H04L9/30 H04L9/008 H04L9/0861 H04L9/3093 H04L2209/08 H04L2209/24

    摘要: In one exemplary embodiment, a computer readable storage medium tangibly embodying a program of instructions executable by a machine for performing operations including: receiving information B to be encrypted as a ciphertext C in accordance with an encryption scheme having an encrypt function; and encrypting B in accordance with the encrypt function to obtain C, the scheme utilizes at least one public key A, where B, C, and A are matrices, the encrypt function receives as inputs A and B and outputs C as C→AS+pX+B (mod q), S is a random matrix, X is an error matrix, p is in integer, q is an odd prime number. In other exemplary embodiments, the encryption scheme includes a decrypt function that receives as inputs at least one private key T (a matrix) and C and outputs B as B=T−1·(TCTt mod q)·(Tt)−1 mod p.

    摘要翻译: 在一个示例性实施例中,一种有形地体现由机器执行的用于执行操作的指令程序的计算机可读存储介质,包括:根据具有加密功能的加密方案,接收要加密的信息B作为密文C; 并按照加密函数对B进行加密以获得C,该方案利用至少一个公钥A,其中B,C和A是矩阵,加密函数接收作为输入A和B,并将C作为C→AS + pX + B(mod q),S是随机矩阵,X是误差矩阵,p是整数,q是奇素数。 在其他示例性实施例中,加密方案包括解密功能,其接收至少一个私钥T(矩阵)和C的输入,并将B输出为B = T-1·(TCTt mod q)·(Tt)-1 mod p。