公开(公告)号：US11546295B2

公开(公告)日：2023-01-03

申请号：US17042736

申请日：2019-03-28

Applicant: Agency for Science, Technology and Research

Inventor： Dong Li ,  Huaqun Guo ,  Jianying Zhou ,  Luying Zhou ,  Jun Wen Wong

IPC: H04L9/40

Abstract: An industrial control system and a method of inspecting one or more communication packets in an industrial control system may be provided, the industrial control system firewall module comprising a packet accessing component configured to access a communication packet of an industrial control system; a firewall rules database, the firewall rules database configured to store one or more firewall rules; an inspection module configured to access the one or more firewall rules based on an industrial protocol associated with the communication packet; and the inspection module is further configured to perform a comprehensive inspection of all header fields and data fields of the communication packet based on the one or more firewall rules accessed based on the industrial protocol associated with the communication packet.

公开(公告)号：US20210036864A1

公开(公告)日：2021-02-04

申请号：US17042548

申请日：2019-03-29

Applicant: Agency for Science, Technology and Research

Inventor： Jiqiang Lu ,  Huaqun Guo

IPC: H04L9/32 ,  H04L9/06 ,  H04L9/00

Abstract: There is provided a method of generating a Keccak message authentication code (KMAC) based on white-box implementation, using at least one processor. The method includes: obtaining a white-box implementation of a round function of a KMAC algorithm; receiving an input message; obtaining a plurality of message blocks based on the input message; and for each of the plurality of message blocks at a plurality of iterations, respectively: modifying a current state of the KMAC algorithm based on the message block to produce a modified current state of the KMAC algorithm; inputting the modified current state to a state transformation function including the white-box implementation of the round function; and executing the white-box implementation of the round function based on the modified current state to obtain an updated state of the KMAC algorithm as an output of the state transformation function. In particular, the modified current state inputted to the state transformation function and the updated state outputted from the state transformation function are each white-box protected based on a same set of white-box operations. There is also provided a corresponding system for generating a KMAC based on white-box implementation.