-
公开(公告)号:US20110258435A1
公开(公告)日:2011-10-20
申请号:US12762428
申请日:2010-04-19
IPC分类号: H04L9/32
CPC分类号: H04L9/3273 , H04L9/3268 , H04L63/0823 , H04L63/0869 , H04L2209/80 , H04L2209/84
摘要: A method is provided for obtaining a certificate revocation list (CRL) for a vehicle in a vehicle-to-vehicle communication system. A portable security unit is provided to access secured operations for the vehicle. The portable security unit is linked to a device having access to a communication network. The communication network is in communication with a certificate authority for issuing an updated CRL. The updated CRL is downloaded from the certificate authority to the portable security unit. At a later time, when a user enters the vehicle, a communication link is established between the portable security unit and a vehicle processor unit. Mutual authentication is exchanged between the portable security unit and the vehicle processing unit. The updated CRL stored in the portable security unit is downloaded to a memory of the vehicle communication system in response to a successful mutual authentication.
摘要翻译: 提供一种用于获得车辆到车辆通信系统中的车辆的证书撤销列表(CRL)的方法。 提供便携式安全单元以访问车辆的安全操作。 便携式安全单元链接到具有访问通信网络的设备。 通信网络与用于发布更新的CRL的证书颁发机构通信。 更新的CRL从认证机构下载到便携式安全机构。 稍后,当用户进入车辆时,在便携式安全单元和车辆处理器单元之间建立通信链路。 在便携式安全单元和车辆处理单元之间交换相互认证。 响应于成功的相互认证,存储在便携式安全单元中的更新的CRL被下载到车辆通信系统的存储器。
-
2.发明申请公开(公告)号:US20110238997A1
公开(公告)日:2011-09-29
申请号:US12731833
申请日:2010-03-25
CPC分类号: H04L63/1458 , G08G1/161 , H04L9/16 , H04L9/3236 , H04L9/3242 , H04L9/3244 , H04L9/3247 , H04L63/08 , H04L63/0823 , H04L63/12 , H04L63/123 , H04L2209/805 , H04L2209/84 , H04W4/046 , H04W12/06 , H04W12/10
摘要: A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.
摘要翻译: 结合使用数字签名和TESLA MAC的组合认证消息的广播认证协议,实现对计算拒绝服务攻击的不可否认性和弹性的计算有效的消息验证策略。 当在接收器处接收到消息时,验证策略将消息分成具有相同发送者标识的消息。 然后,策略确定TESLA MAC认证器是否对每个消息有效,并丢弃那些没有有效TESLA MAC的消息。 该策略针对每个发送者标识收集具有有效TESLA MAC的消息,并对消息组执行批处理验证过程,以确定组中的消息是否具有有效的数字签名。 如果批次验证过程显示消息组具有有效的数字签名,则该策略将验证消息组中的每个消息。
-
3.发明授权Efficient technique to achieve non-repudiation and resilience to DoS attacks in wireless networks 有权实现无线网络中DoS攻击的不可否认性和弹性的高效技术公开(公告)号:US08904183B2
公开(公告)日:2014-12-02
申请号:US12731833
申请日:2010-03-25
CPC分类号: H04L63/1458 , G08G1/161 , H04L9/16 , H04L9/3236 , H04L9/3242 , H04L9/3244 , H04L9/3247 , H04L63/08 , H04L63/0823 , H04L63/12 , H04L63/123 , H04L2209/805 , H04L2209/84 , H04W4/046 , H04W12/06 , H04W12/10
摘要: A computationally efficient message verification strategy that achieves non-repudiation and resilience to computational denial of service attacks in conjunction with a broadcast authentication protocol that authenticates messages using a combination of a digital signature and a TESLA MAC. When messages are received at a receiver, the verification strategy separates the messages into messages with the same sender identification. The strategy then determines whether the TESLA MAC authenticator is valid for each message and discards those messages that do not have a valid TESLA MAC. The strategy collects the messages that have a valid TESLA MAC for each sender identification and performs a batch verification process on the group of messages to determine if the messages in the group have a valid digital signature. This strategy verifies each message in the group of messages if the batch verification process shows that the group of messages has a valid digital signature.
摘要翻译: 结合使用数字签名和TESLA MAC的组合认证消息的广播认证协议,实现对计算拒绝服务攻击的不可否认性和弹性的计算有效的消息验证策略。 当在接收器处接收到消息时,验证策略将消息分成具有相同发送者标识的消息。 然后,策略确定TESLA MAC认证器是否对每个消息有效,并丢弃那些没有有效TESLA MAC的消息。 该策略针对每个发送者标识收集具有有效TESLA MAC的消息,并对消息组执行批处理验证过程,以确定组中的消息是否具有有效的数字签名。 如果批次验证过程显示消息组具有有效的数字签名,则该策略将验证消息组中的每个消息。
-
公开(公告)号:US08819414B2
公开(公告)日:2014-08-26
申请号:US12762428
申请日:2010-04-19
CPC分类号: H04L9/3273 , H04L9/3268 , H04L63/0823 , H04L63/0869 , H04L2209/80 , H04L2209/84
摘要: A method is provided for obtaining a certificate revocation list (CRL) for a vehicle in a vehicle-to-vehicle communication system. A portable security unit is provided to access secured operations for the vehicle. The portable security unit is linked to a device having access to a communication network. The communication network is in communication with a certificate authority for issuing an updated CRL. The updated CRL is downloaded from the certificate authority to the portable security unit. At a later time, when a user enters the vehicle, a communication link is established between the portable security unit and a vehicle processor unit. Mutual authentication is exchanged between the portable security unit and the vehicle processing unit. The updated CRL stored in the portable security unit is downloaded to a memory of the vehicle communication system in response to a successful mutual authentication.
摘要翻译: 提供一种用于获得车辆到车辆通信系统中的车辆的证书撤销列表(CRL)的方法。 提供便携式安全单元以访问车辆的安全操作。 便携式安全单元链接到具有访问通信网络的设备。 通信网络与用于发布更新的CRL的证书颁发机构通信。 更新的CRL从认证机构下载到便携式安全机构。 稍后,当用户进入车辆时,在便携式安全单元和车辆处理器单元之间建立通信链路。 在便携式安全单元和车辆处理单元之间交换相互认证。 响应于成功的相互认证,存储在便携式安全单元中的更新的CRL被下载到车辆通信系统的存储器。
-
5.发明申请METHOD AND SYSTEM OF RECONSTRUCTING A SECRET CODE IN A VEHICLE FOR PERFORMING SECURE OPERATIONS 有权重新安装车辆中的秘密代码的方法和系统,用于执行安全操作公开(公告)号:US20140037092A1
公开(公告)日:2014-02-06
申请号:US13564943
申请日:2012-08-02
IPC分类号: H04L9/32
CPC分类号: H04L9/3273 , G07C9/00174 , G07C9/00309 , G07C2009/00769 , H04L9/0891 , H04L9/3242 , H04L2209/84
摘要: A method is provided for constructing a secret code in a processing unit when in communication with a portable security unit. Mutual authentication messages are exchanged between a linked portable security unit and processing unit. A first portion of the secret code is communicated to the processing unit. The processing unit combines the first portion and a second portion of the secret code stored in the non-volatile memory of the processing unit. The secret code is stored in a volatile memory of the processing unit. A secure operation is performed using the secret code. The portable security unit is de-linked from the processing unit. At least a portion of the secret code is deleted from the volatile memory of the processing unit.
摘要翻译: 提供了一种在与便携式安全单元进行通信时在处理单元中构造密码的方法。 相互认证消息在链接的便携式安全单元和处理单元之间交换。 密码的第一部分被传送到处理单元。 处理单元组合存储在处理单元的非易失性存储器中的密码的第一部分和第二部分。 密码存储在处理单元的易失性存储器中。 使用密码执行安全操作。 便携式安全单元从处理单元取消链接。 从处理单元的易失性存储器中删除密码的至少一部分。
-
6.发明授权公开(公告)号:US08452969B2
公开(公告)日:2013-05-28
申请号:US12561013
申请日:2009-09-16
IPC分类号: H04L9/32
CPC分类号: H04L9/3236 , H04L9/14 , H04L9/3247 , H04L2209/80 , H04W12/10
摘要: A method for authenticating a message that is transmitted wirelessly. The method includes providing a set of private key values that define a private key and performing a key pair generation process that provides a key pair including the private key and a public key, where performing the key pair generation process includes applying one or more hash functions to the private key values, where a succeeding hash function provides a hash of a previous hash function. The scheme uses a signature generation process that generates a message digest by applying a hash function on the message to be signed and then separates the message digest into two parts including signing bits and selection bits and using the private key to sign the message. A receiver verifies the authenticity of the received message using the public key and a signature verification algorithm.
摘要翻译: 一种用于认证无线传输的消息的方法。 该方法包括提供定义私钥的一组私钥值,并执行提供包括私钥和公钥的密钥对的密钥对生成过程,其中执行密钥对生成处理包括应用一个或多个哈希函数 到私钥值,其中后续散列函数提供先前哈希函数的散列。 该方案使用签名生成过程,其通过对待签名的消息应用散列函数来生成消息摘要,然后将消息摘要分为两部分,包括签名位和选择位,并使用私钥对消息进行签名。 接收机使用公钥和签名验证算法验证接收到的消息的真实性。
-
7.发明申请公开(公告)号:US20110066859A1
公开(公告)日:2011-03-17
申请号:US12561013
申请日:2009-09-16
CPC分类号: H04L9/3236 , H04L9/14 , H04L9/3247 , H04L2209/80 , H04W12/10
摘要: A method for authenticating a message that is transmitted wirelessly. The method includes providing a set of private key values that define a private key and performing a key pair generation process that provides a key pair including the private key and a public key, where performing the key pair generation process includes applying one or more hash functions to the private key values, where a succeeding hash function provides a hash of a previous hash function. The scheme uses a signature generation process that generates a message digest by applying a hash function on the message to be signed and then separates the message digest into two parts including signing bits and selection bits and using the private key to sign the message. A receiver verifies the authenticity of the received message using the public key and a signature verification algorithm.
摘要翻译: 一种用于认证无线传输的消息的方法。 该方法包括提供定义私钥的一组私钥值,并执行提供包括私钥和公钥的密钥对的密钥对生成过程,其中执行密钥对生成处理包括应用一个或多个哈希函数 到私钥值,其中后续散列函数提供先前哈希函数的散列。 该方案使用签名生成过程,其通过对待签名的消息应用散列函数来生成消息摘要,然后将消息摘要分为两部分,包括签名位和选择位,并使用私钥对消息进行签名。 接收机使用公钥和签名验证算法验证接收到的消息的真实性。
-
8.发明申请ADAPTIVE CERTIFICATE DISTRIBUTION MECHANISM IN VEHICULAR NETWORKS USING VARIABLE INTER-CERTIFICATE REFRESH PERIOD 有权使用可变证书证书周期的车辆网络中的自适应证书分发机制公开(公告)号:US20110238986A1
公开(公告)日:2011-09-29
申请号:US12731063
申请日:2010-03-24
IPC分类号: H04L9/32
CPC分类号: H04L1/0041 , H04L1/0057 , H04L9/3268 , H04L43/0829 , H04L43/0882 , H04L63/0823 , H04L67/12 , H04L2209/84 , H04W12/06
摘要: A method for improving the reliability and performance of Vehicle-to-Vehicle (V2V) networks where digital certificates are necessary for message authentication and some messages may be lost in transmission. The method uses a variable inter-certificate refresh period to optimize communications throughput based on network conditions such as node density and bandwidth saturation. In some network conditions, the inter-certificate refresh period may be increased, such that more certificate digests are sent between full digital certificates, to decrease average message size. In other network conditions, the inter-certificate refresh period may be decreased, to allow for more frequent message authentication by receiving nodes. Empirical data and an adaptive controller are used to select the refresh period which will provide the best performance based on network conditions.
摘要翻译: 一种用于提高车载到车辆(V2V)网络的可靠性和性能的方法,其中数字证书对于消息认证是必要的,并且一些消息可能在传输中丢失。 该方法使用可变的证书间刷新周期来根据网络条件(如节点密度和带宽饱和度)优化通信吞吐量。 在一些网络条件下,可以增加证书间刷新周期,使得在全数字证书之间发送更多的证书摘要,以减少平均消息大小。 在其他网络条件下,可以减少证书间刷新周期,以允许接收节点进行更频繁的消息认证。 经验数据和自适应控制器用于选择基于网络条件提供最佳性能的刷新周期。
-
公开(公告)号:US08386790B2
公开(公告)日:2013-02-26
申请号:US12712349
申请日:2010-02-25
CPC分类号: H04L9/3252 , H04L9/3066 , H04L51/00 , H04L63/12 , H04L63/1441 , H04L2209/38 , H04L2209/80 , H04L2209/84 , H04W12/10
摘要: A method is provided of authenticating a digitally signed message. A chain of messages is generated. A Winternitz pair of keys is generated for each respective message. A sequence number is assigned to each of the messages. Each of the sequence numbers cooperatively identify an order of Winternitz verifiers assigned to each of the messages. A signature to a first message in the chain of messages is signed using a digital signature algorithm private key. Signatures to each of the following messages in the chain of messages are signed using both Winternitz private keys and digital signature algorithm private keys. The signed messages are broadcast from a sender to a receiver. The first signed broadcast message is authenticated at the receiver by verifying the digital signature algorithm signature. At least some of the following signed broadcast messages are authenticated at the receiver by verifying only the Winternitz signature.
摘要翻译: 提供了一种验证数字签名消息的方法。 生成消息链。 为每个相应的消息生成一个Winternitz对密钥。 序列号被分配给每个消息。 每个序列号协同地标识分配给每个消息的Winternitz验证器的顺序。 使用数字签名算法私钥对消息链中的第一个消息进行签名。 使用Winternitz私钥和数字签名算法私钥对签名链中的每个以下消息进行签名。 签名的消息从发送方广播到接收方。 通过验证数字签名算法签名,在接收方对第一个签署的广播消息进行认证。 通过仅验证Winternitz签名,在接收器处认证至少一些以下签名的广播消息。
-
10.发明申请公开(公告)号:US20120265995A1
公开(公告)日:2012-10-18
申请号:US13086864
申请日:2011-04-14
IPC分类号: H04L9/00
CPC分类号: H04L63/08 , H04L9/3247 , H04L63/12 , H04L67/12 , H04L2209/805 , H04L2209/84 , H04W4/046 , H04W4/70 , H04W12/06 , H04W12/10 , H04W84/005
摘要: A method for securing communications in a vehicle-to-vehicle (V2V) system including an on-board computer of a broadcasting vehicle predicting a value for a vehicle parameter, generating a heavyweight signature corresponding to the predicted value, and obtaining an actual value for the vehicle parameter. The method also includes the computer comparing the predicted value to the actual value to determine if the predicted value bears a first relationship to the actual value. If the computer determines that the predicted value bears the relationship to the actual value, the on-board computer generates a lightweight authenticating signature to correspond to the predicted value and broadcasts a data message having the predicted value with the corresponding heavyweight authenticating signature and the corresponding lightweight authenticating signature.
摘要翻译: 一种用于确保车辆到车辆(V2V)系统中的通信的方法,该系统包括预测车辆参数值的广播车辆的车载计算机,生成与预测值相对应的重量级签名,并获得实际值 车辆参数。 该方法还包括计算机将预测值与实际值进行比较以确定预测值是否与实际值具有第一关系。 如果计算机确定预测值与实际值具有关系,则车载计算机生成轻量级认证签名以对应于预测值,并且广播具有相应重量级认证签名的预测值的数据消息和对应的 轻量级认证签名。
-
-
-
-
-
-
-
-
-
搜索结果
16 条记录 (耗时 0.018 秒)
