公开(公告)号：US09319752B2

公开(公告)日：2016-04-19

申请号：US14324751

申请日：2014-07-07

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Aviad Kipnis

IPC: G06K9/00 ,  H04N21/647 ,  G06T1/00 ,  H04N7/167 ,  H04N21/2389 ,  H04N21/8355 ,  H04N21/8358

CPC classification number: H04N21/64715 ,  G06T1/0021 ,  G06T1/005 ,  G06T2201/0061 ,  H04N7/1675 ,  H04N21/23892 ,  H04N21/8355 ,  H04N21/8358

Abstract: A method and system for embedding a watermark in block encrypted content, including encoding a bit string, the bit string including n bits, denoted b0-bn−1, the encoding including translating each bit, b0-bn−1, into a block of data, according to the following rule if bi=1, then translate bi into a block of data of a first type, and if bi=0, then translate bi into a block of data of a second type, thereby translating the n bits into n blocks of data corresponding to each bit b0-bn−1, arranging a composite block of data including the n blocks of data, and at least one additional block indicating the presence of the n blocks of data, and inserting the composite block of data into a content item as a watermark, wherein the watermarked content item is encrypted using an ECB mode of encryption. Related methods and apparatus are also described.

Abstract translation: 一种用于在块加密内容中嵌入水印的方法和系统，包括编码比特串，包括表示为b0-bn-1的n比特的比特串，包括将每个比特b0-bn-1转换成块 数据，如果bi = 1，则将bi转换成第一类型的数据块，并且如果bi = 0，则将bi转换成第二类型的数据块，从而将n位转换成 对应于每个位b0-bn-1的n个数据块，排列包括n个数据块的数据的合成块，以及指示存在n个数据块的至少一个附加块，以及插入复合数据块 作为水印进入内容项目，其中使用ECB加密模式来加密加水印的内容项目。 还描述了相关方法和装置。

公开(公告)号：US20150040248A1

公开(公告)日：2015-02-05

申请号：US14384160

申请日：2013-03-07

Applicant: Cisco Technology, Inc.

Inventor： Itsik Mantin ,  Shahar Somin

IPC: H04N21/8358 ,  H04N21/236 ,  G06F21/16 ,  H04N21/435 ,  H04N21/85 ,  H04N21/235 ,  H04N21/434

CPC classification number: H04N21/8358 ,  G06F21/16 ,  G06F2221/0748 ,  H04N21/2351 ,  H04N21/23614 ,  H04N21/4348 ,  H04N21/4353 ,  H04N21/835 ,  H04N21/85

Abstract: A method and system for processing data is described, the method and system including encoding a string of symbols, each having a respective symbol value, as a sequence of vectors, each vector including a respective number of repetitions of a sub-vector of a predefined length, such that the respective number of the repetitions in each vector in the sequence is indicative of the respective symbol value of a corresponding symbol in the string, and applying a watermark to an item of content including digital data by inserting the sequence of the vectors into the data. Related methods, systems and apparatus are also described.

Abstract translation: 描述了用于处理数据的方法和系统，所述方法和系统包括将每个具有相应符号值的符号串编码为向量序列，每个向量包括预定义的子载体的相应次数的重复次数 使得序列中每个向量中的相应重复次数表示字符串中对应符号的相应符号值，并且通过插入向量序列将水印应用于包括数字数据的内容项目 进入数据。 还描述了相关方法，系统和装置。

公开(公告)号：US20140355759A1

公开(公告)日：2014-12-04

申请号：US14324751

申请日：2014-07-07

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Aviad Kipnis

IPC: H04N21/647 ,  G06T1/00

CPC classification number: H04N21/64715 ,  G06T1/0021 ,  G06T1/005 ,  G06T2201/0061 ,  H04N7/1675 ,  H04N21/23892 ,  H04N21/8355 ,  H04N21/8358

Abstract: A method and system for embedding a watermark in block encrypted content, including encoding a bit string, the bit string including n bits, denoted b0-bn−1, the encoding including translating each bit, b0-bn−1, into a block of data, according to the following rule if bi=1, then translate bi into a block of data of a first type, and if bi=0, then translate bi into a block of data of a second type, thereby translating the n bits into n blocks of data corresponding to each bit b0-bn−1, arranging a composite block of data including the n blocks of data, and at least one additional block indicating the presence of the n blocks of data, and inserting the composite block of data into a content item as a watermark, wherein the watermarked content item is encrypted using an ECB mode of encryption. Related methods and apparatus are also described.

Abstract translation: 一种用于在块加密内容中嵌入水印的方法和系统，包括编码比特串，包括表示为b0-bn-1的n比特的比特串，包括将每个比特b0-bn-1转换成块 数据，如果bi = 1，则将bi转换成第一类型的数据块，并且如果bi = 0，则将bi转换成第二类型的数据块，从而将n位转换成 对应于每个位b0-bn-1的n个数据块，排列包括n个数据块的数据的合成块，以及指示存在n个数据块的至少一个附加块，以及插入复合数据块 作为水印进入内容项目，其中使用ECB加密模式来加密加水印的内容项目。 还描述了相关方法和装置。

公开(公告)号：US08751821B2

公开(公告)日：2014-06-10

申请号：US13774578

申请日：2013-02-22

Applicant: Cisco Technology, Inc.

Inventor： Itsik Mantin ,  Perry Smith ,  Yaron Sella ,  Erez Waisbard

IPC: H04L29/06 ,  G06F21/55 ,  G06F21/62 ,  G06F21/57 ,  G06F21/78 ,  H04L9/08 ,  H04L9/30

CPC classification number: G06F21/6218 ,  G06F21/55 ,  G06F21/554 ,  G06F21/575 ,  G06F21/62 ,  G06F21/78 ,  G06F2221/2143 ,  G11B20/00086 ,  G11B20/00666 ,  G11B20/00826 ,  H04L9/0886 ,  H04L9/0894 ,  H04L9/30 ,  H04N9/8205

Abstract: A method and system for securing a read write storage (RWS) device, the method comprising, providing the RWS device, the RWS device comprising a controller comprising a processor and a bit bucket storing data, and employing the controller to corrupt at least a portion of the data.

Abstract translation: 一种用于保护读写存储（RWS）设备的方法和系统，所述方法包括：提供所述RWS设备，所述RWS设备包括控制器，所述RWS设备包括控制器，所述控制器包括处理器和存储数据的位桶，并且使用所述控制器将至少一部分 的数据。

公开(公告)号：US08913745B2

公开(公告)日：2014-12-16

申请号：US13958986

申请日：2013-08-05

Applicant: Cisco Technology Inc.

Inventor： Chaim Shen-Orr ,  Zvi Shkedy ,  Reuven Elbaum ,  Yonatan Shlomovich ,  Yigal Shapiro ,  Yaacov Belenky ,  Yaakov (Jordan) Levy ,  Reuben Sumner ,  Itsik Mantin

IPC: H04L9/34 ,  G06F21/79 ,  G06F21/60 ,  H04L9/18

CPC classification number: G06F21/60 ,  G06F21/79 ,  H04L9/003

Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time. Related apparatus and methods are also described.

Abstract translation: 描述了阻止从存储单元中保存的秘密泄漏的信息的检测的方法，所述方法包括在接收到触发事件之后接收等待至少第一时间量的触发事件以通过，所述存储单元为 在所述至少第一时间量之后的至少第一时间量内处于非操作状态，改变所述存储器单元在其下操作的至少一个第一状态，从而使所述存储器单元进入操作状态 在改变至少一个第一条件之后等待第二时间量过去，并且在所述第二时间量之后改变所述存储器单元操作的至少一个第二状态，从而使所述存储器单元进入非 其中对秘密信息的访问仅在第二时间段期间被启用，并且在f期间有意无意地泄漏的秘密信息的检测受到限制 第一次的时间 还描述了相关装置和方法。

公开(公告)号：US20140195816A1

公开(公告)日：2014-07-10

申请号：US13929008

申请日：2013-06-27

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Eliphaz Hibshoosh

IPC: G06F21/60

CPC classification number: G06F21/602 ,  G09C1/00 ,  H04L9/002 ,  H04L2209/04 ,  H04L2209/603

Abstract: A system including a memory having regions including a first and second region, the first region being different from the second region, and a digital rights management engine to receive a plurality of ciphertext cipher blocks, decrypt the ciphertext cipher blocks yielding plaintext cipher blocks, output the plaintext cipher blocks to the first region of the memory over a period of time, provide a plurality of decoy cipher blocks in addition to the plaintext cipher blocks, the decoy cipher blocks having a pattern in which: a first one of the decoy cipher blocks consists of data, and a second one of the decoy cipher blocks consists of data which is the same as the data of the first one of the decoy cipher blocks, and output the decoy cipher blocks to the second region of the memory during the period of time. Related apparatus and methods are also included.

Abstract translation: 一种包括存储器的系统，所述存储器具有包括第一和第二区域的区域，所述第一区域不同于所述第二区域;以及数字版权管理引擎，用于接收多个密文密码块，对产生明文密码块的密文密码块进行解密，输出 明文密码块在一段时间内到存储器的第一区域，除了明文密码块之外还提供多个诱饵密码块，所述诱饵密码块具有以下模式：诱饵密码块中的第一个 由数据组成，并且第二个诱饵密码块由与诱饵密码块中的第一个的数据相同的数据组成，并且在该期间内将诱饵密码块输出到存储器的第二区域 时间。 还包括相关的装置和方法。

公开(公告)号：US09262639B2

公开(公告)日：2016-02-16

申请号：US13929008

申请日：2013-06-27

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Eliphaz Hibshoosh

IPC: G06F21/00 ,  G06F21/60 ,  G09C1/00 ,  H04L9/00

CPC classification number: G06F21/602 ,  G09C1/00 ,  H04L9/002 ,  H04L2209/04 ,  H04L2209/603

Abstract: A system including a memory having regions including a first and second region, the first region being different from the second region, and a digital rights management engine to receive a plurality of ciphertext cipher blocks, decrypt the ciphertext cipher blocks yielding plaintext cipher blocks, output the plaintext cipher blocks to the first region of the memory over a period of time, provide a plurality of decoy cipher blocks in addition to the plaintext cipher blocks, the decoy cipher blocks having a pattern in which: a first one of the decoy cipher blocks consists of data, and a second one of the decoy cipher blocks consists of data which is the same as the data of the first one of the decoy cipher blocks, and output the decoy cipher blocks to the second region of the memory during the period of time. Related apparatus and methods are also included.

Abstract translation: 一种包括存储器的系统，所述存储器具有包括第一和第二区域的区域，所述第一区域不同于所述第二区域;以及数字版权管理引擎，用于接收多个密文密码块，对产生明文密码块的密文密码块进行解密，输出 明文密码块在一段时间内到存储器的第一区域，除了明文密码块之外还提供多个诱饵密码块，所述诱饵密码块具有以下模式：诱饵密码块中的第一个 由数据组成，并且第二个诱饵密码块由与诱饵密码块中的第一个的数据相同的数据组成，并且在该期间内将诱饵密码块输出到存储器的第二区域 时间。 还包括相关的装置和方法。

公开(公告)号：US20130326632A1

公开(公告)日：2013-12-05

申请号：US13958986

申请日：2013-08-05

Applicant: Cisco Technology Inc.

Inventor： Chaim Shen-Orr ,  Zvi Shkedy ,  Reuven Elbaum ,  Yonatan Shlomovich ,  Yigal Shapiro ,  Yaacov Belenky ,  Yaakov (Jordan) Levy ,  Reuben Sumner ,  Itsik Mantin

IPC: G06F21/60

CPC classification number: G06F21/60 ,  G06F21/79 ,  H04L9/003

Abstract: A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time. Related apparatus and methods are also described.

Abstract translation: 描述了阻止从存储单元中保存的秘密泄漏的信息的检测的方法，所述方法包括在接收到触发事件之后接收等待至少第一时间量的触发事件以通过，所述存储单元为 在所述至少第一时间量之后的至少第一时间量内处于非操作状态，改变所述存储器单元在其下操作的至少一个第一状态，从而使所述存储器单元进入操作状态 在改变至少一个第一条件之后等待第二时间量过去，并且在所述第二时间量之后改变所述存储器单元操作的至少一个第二状态，从而使所述存储器单元进入非 其中对秘密信息的访问仅在第二时间段期间被启用，并且在f期间有意无意地泄漏的秘密信息的检测受到限制 第一次的时间 还描述了相关装置和方法。

公开(公告)号：US20130174279A1

公开(公告)日：2013-07-04

申请号：US13774578

申请日：2013-02-22

Applicant: Cisco Technology, Inc.

Inventor： Itsik Mantin ,  Perry SMITH ,  Yaron SELLA ,  Erez WAISBARD

IPC: G06F21/62

CPC classification number: G06F21/6218 ,  G06F21/55 ,  G06F21/554 ,  G06F21/575 ,  G06F21/62 ,  G06F21/78 ,  G06F2221/2143 ,  G11B20/00086 ,  G11B20/00666 ,  G11B20/00826 ,  H04L9/0886 ,  H04L9/0894 ,  H04L9/30 ,  H04N9/8205

Abstract: A method and system for securing a read write storage (RWS) device, the method comprising, providing the RWS device, the RWS device comprising a controller comprising a processor and a bit bucket storing data, and employing the controller to corrupt at least a portion of the data.

Abstract translation: 一种用于保护读写存储（RWS）设备的方法和系统，所述方法包括：提供所述RWS设备，所述RWS设备包括控制器，所述RWS设备包括控制器，所述控制器包括处理器和存储数据的位桶，并且使用所述控制器将至少一部分 的数据。