Multiplicative splits to protect cipher keys
    1.
    发明授权
    Multiplicative splits to protect cipher keys 有权
    乘法分割以保护加密密钥

    公开(公告)号:US08675866B2

    公开(公告)日:2014-03-18

    申请号:US13178410

    申请日:2011-07-07

    IPC分类号: H04L9/06

    摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by a protection process which obscures the round keys using the properties of group field automorphisms and applying masks to the states of the cipher, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by eliminating S-box operations, together with improved masking techniques and increasing the cipher's complexity against reverse engineering and key storage attacks.

    摘要翻译: 在计算机启用的密码学领域,例如具有多个回合的密钥分组密码,密码被抵御使用群组域自动生成的属性遮蔽轮密钥的保护过程而被强化,并将掩码应用于 密码,用于加密或解密。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置对于通过消除S盒操作以及改进的掩蔽技术并增加密码复杂性以逆向工程和密钥存储攻击来防止对“白盒”密码的已知攻击是有用的。

    CRYPTOGRAPHIC PROCESS EXECUTION PROTECTING AN INPUT VALUE AGAINST ATTACKS
    3.
    发明申请
    CRYPTOGRAPHIC PROCESS EXECUTION PROTECTING AN INPUT VALUE AGAINST ATTACKS 有权
    保护入侵价值的打击进程执行

    公开(公告)号:US20130016836A1

    公开(公告)日:2013-01-17

    申请号:US13271841

    申请日:2011-10-12

    IPC分类号: H04L9/00

    摘要: A cryptographic process (such as the AES cipher) which uses table look up operations (TLUs) is hardened against reverse engineering attacks intended to recover the table contents and thereby the cipher key. This hardening involves removing any one-to-one correspondence between the TLU inputs and outputs, by altering the output of the TLU dynamically, e.g. at each execution (call) of the TLU. This is done by increasing the size of the tables, applying a dynamically determined mask value to the table input and/or output, or using an inverse of the table.

    摘要翻译: 使用表查找操作(TLU)的加密过程(例如AES密码)被硬化以防止旨在恢复表内容和密码密钥的反向工程攻击。 这种硬化包括通过动态地改变TLU的输出来例如TLU输入和输出之间的一对一的对应关系。 在TLU的每次执行(调用)时。 这是通过增加表的大小,将动态确定的掩码值应用于表输入和/或输出,或使用表的倒数完成的。

    MULTIPLICATIVE SPLITS TO PROTECT CIPHER KEYS
    7.
    发明申请
    MULTIPLICATIVE SPLITS TO PROTECT CIPHER KEYS 有权
    多用途保护皮夹克

    公开(公告)号:US20130010963A1

    公开(公告)日:2013-01-10

    申请号:US13178410

    申请日:2011-07-07

    IPC分类号: H04L9/28 H04L9/16

    摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by a protection process which obscures the round keys using the properties of group field automorphisms and applying masks to the states of the cipher, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by eliminating S-box operations, together with improved masking techniques and increasing the cipher's complexity against reverse engineering and key storage attacks.

    摘要翻译: 在计算机启用的密码学领域,例如具有多个回合的密钥分组密码,密码被抵御使用群组域自动生成的属性遮蔽轮密钥的保护过程而被强化,并将掩码应用于 密码,用于加密或解密。 这在白盒环境中特别有利,在这种情况下,攻击者可以完全访问密码算法,包括算法执行过程中的内部状态。 该方法和相关联的计算装置对于通过消除S盒操作以及改进的掩蔽技术并增加密码的复杂度来逆向工程和密钥存储攻击来防止对白盒密码的已知攻击是有用的。

    SECURING THE IMPLEMENTATION OF A CRYPTOGRAPHIC PROCESS USING KEY EXPANSION
    8.
    发明申请
    SECURING THE IMPLEMENTATION OF A CRYPTOGRAPHIC PROCESS USING KEY EXPANSION 有权
    使用主要扩展来保护实施流程的实施

    公开(公告)号:US20120159186A1

    公开(公告)日:2012-06-21

    申请号:US12975123

    申请日:2010-12-21

    IPC分类号: G06F12/14

    摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by protecting the cipher key by means of a key expansion process which obscures the cipher and/or the round keys by increasing their lengths to provide an expanded version of the keys for carrying out encryption or decryption using the cipher. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key, or where each user session has its own key.

    摘要翻译: 在诸如具有多个回合的密钥分组密码的计算机启用密码学领域中,通过利用通过密钥扩展处理来保护密码密码来抵御攻击来加密密码,该密钥扩展过程掩盖了密码和/或循环密钥, 增加其长度以提供用于使用密码进行加密或解密的密钥的扩展版本。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置在通过过程导出密钥是有用的,并且当体现密码的软件代码被编译时是未知的。 通常情况下,密码的用户很多,每个用户都有自己的密钥,或者每个用户会话都有自己的密钥。

    Protecting look up tables by mixing code and operations
    9.
    发明授权
    Protecting look up tables by mixing code and operations 有权
    通过混合代码和操作来保护查找表

    公开(公告)号:US09189425B2

    公开(公告)日:2015-11-17

    申请号:US13286117

    申请日:2011-10-31

    IPC分类号: G06F12/14 G09C1/00 H04L9/06

    摘要: In the field of computer enabled cryptography, such as a cipher using lookup tables, the cipher is hardened against an attack by a protection process which obscures the lookup tables using the properties of bijective functions and applying masks to the tables' input and output values, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by obfuscating lookup table data, thereby increasing the cipher's complexity against reverse engineering and other attacks.

    摘要翻译: 在计算机启用密码学领域,例如使用查找表的密码,密码被针对使用双射函数的属性遮蔽查找表并且将掩码应用于表的输入和输出值的保护过程的攻击加强, 用于加密或解密。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置对于通过模糊查找表数据来防止对“白盒”密码的已知攻击是有用的,从而增加了对逆向工程和其他攻击的密码复杂性。

    Securing the implementation of a cryptographic process using key expansion
    10.
    发明授权
    Securing the implementation of a cryptographic process using key expansion 有权
    使用密钥扩展保护加密过程的实现

    公开(公告)号:US08966279B2

    公开(公告)日:2015-02-24

    申请号:US12975123

    申请日:2010-12-21

    IPC分类号: G06F12/14 H04L9/00 H04L9/06

    摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by protecting the cipher key by means of a key expansion process which obscures the cipher and/or the round keys by increasing their lengths to provide an expanded version of the keys for carrying out encryption or decryption using the cipher. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key, or where each user session has its own key.

    摘要翻译: 在诸如具有多个回合的密钥分组密码的计算机启用密码学领域中,通过利用通过密钥扩展处理来保护密码密码来抵御攻击来加密密码,该密钥扩展过程掩盖了密码和/或循环密钥, 增加其长度以提供用于使用密码进行加密或解密的密钥的扩展版本。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置在通过过程导出密钥是有用的,并且当体现密码的软件代码被编译时是未知的。 通常情况下,密码的用户很多,每个用户都有自己的密钥,或者每个用户会话都有自己的密钥。