-
公开(公告)号:US09158901B2
公开(公告)日:2015-10-13
申请号:US14082842
申请日:2013-11-18
Applicant: Cisco Technology Inc.
Inventor: David Wachtfogel , Yaron Sella
CPC classification number: G06F21/10 , G06F2221/0797
Abstract: A system and method for device security is described, the system and method including at least one integrated circuit including a CPU, a key register storing a hardware enabling key, the key including a large number of bits, such that each bit of the large number of bits has a correct value, and if any one bit of the large number of bits is set to an incorrect value the key will not function correctly a combination circuit for performing a function, ƒ, the function ƒ being essential for correct functionality of the CPU, such that the combination circuit is activated by the key, the combination circuit only performing function ƒ if each of the large number of bits of the key is set to the correct value, and there exists no set of intermediate or output bits derived from the large number of bits of the key, which determine if the combination circuit performs function ƒ, the set intermediate or output bits including fewer bits than are included in the key. Related apparatus, methods, and systems are also described.
Abstract translation: 描述了一种用于设备安全性的系统和方法,所述系统和方法包括至少一个集成电路,包括CPU,存储硬件使能密钥的密钥寄存器,包括大量位的密钥,使得大数量的每个位 的位具有正确的值,并且如果大量位的任何一位被设置为不正确的值,则该键将不能正常地用于执行功能的组合电路ƒ,功能ƒ对于正确的功能是必不可少的 CPU,使得组合电路由键激活,组合电路仅执行功能,如果键的大量位中的每一个被设置为正确的值,并且不存在从 键的大量位,其确定组合电路是否执行功能ƒ,所设置的中间或输出位包括比包括在键中的位数少。 还描述了相关装置,方法和系统。
-
公开(公告)号:US09148411B2
公开(公告)日:2015-09-29
申请号:US14111659
申请日:2012-12-18
Applicant: Cisco Technology Inc.
Inventor: Martin Gold , Keith Millar , Harel Cain , David Wachtfogel , Michal Devir , Max Berman , Brett Walzer
CPC classification number: H04L63/0428 , H04L9/002
Abstract: A Headend system including a encoder to encode input data yielding a plurality of data packets, each of the packets having a header and a payload, a post encoding processor to identify ones of the data packets having a payload with a suspected known plaintext, and modify at least some of the identified packets, and an encryption processor to encrypt at least some of the data packets yielding encrypted data packets. Related apparatus and methods are also described.
Abstract translation: 一种头端系统,包括编码器,用于编码产生多个数据分组的输入数据,每个分组具有报头和有效载荷;后编码处理器,用于识别具有可疑已知明文的有效载荷的数据分组中的一个,并修改 至少一些所识别的分组,以及加密处理器,用于加密产生加密数据分组的至少一些数据分组。 还描述了相关装置和方法。
-
公开(公告)号:US10698988B2
公开(公告)日:2020-06-30
申请号:US15473648
申请日:2017-03-30
Applicant: Cisco Technology, Inc.
Inventor: David Wachtfogel , Michal Devir , Harel Cain
IPC: G06F21/16 , H04N21/83 , H04N21/4405 , H04N5/913 , H04N19/44 , G06T1/00 , H04N21/8358 , H04N21/233 , H04N19/14 , H04N21/44 , H04N9/64
Abstract: In one embodiment, a method for preventing a difference attack on watermarked video content is implemented on at least one computing device and includes: manipulating values of a set of pixels to embed a forensic watermark in at least one video frame in a video content item, where the manipulating is in accordance with a given magnitude of change in the values, and introducing random noise to the at least one video frame, where the random noise is random noise of the given magnitude.
-
公开(公告)号:US10045040B2
公开(公告)日:2018-08-07
申请号:US15242535
申请日:2016-08-21
Applicant: Cisco Technology, Inc.
Inventor: David Wachtfogel , Michal Devir , Harel Cain
IPC: H04N19/467 , H04N21/235 , H04N21/2365
Abstract: In one embodiment, a system includes a Headend apparatus including a watermark processor to generate secondary video streams from sections of a primary video stream, group the secondary video streams in groups of at least two secondary video streams, the secondary video streams including units of data for use in watermarking across cryptoperiods in an end-user device which selects one secondary video stream in each group for rendering as part of a composited video stream in order to embed units of data of an identification in the composited video stream, wherein in each cryptoperiod, the watermark processor is operative to generate different groups of the secondary video streams from different non-overlapping portions of the primary video stream, and an encryption processor to generate control words, encrypt each secondary video stream with a different control word, and change the control word of each secondary video stream every cryptoperiod.
-
公开(公告)号:US20140143552A1
公开(公告)日:2014-05-22
申请号:US14082842
申请日:2013-11-18
Applicant: Cisco Technology Inc.
Inventor: David Wachtfogel , Yaron Sella
IPC: G06F21/60
CPC classification number: G06F21/10 , G06F2221/0797
Abstract: A system and method for device security is described, the system and method including at least one integrated circuit including a CPU, a key register storing a hardware enabling key, the key including a large number of bits, such that each bit of the large number of bits has a correct value, and if any one bit of the large number of bits is set to an incorrect value the key will not function correctly a combination circuit for performing a function, f, the function f being essential for correct functionality of the CPU, such that the combination circuit is activated by the key, the combination circuit only performing function f if each of the large number of bits of the key is set to the correct value, and there exists no set of intermediate or output bits derived from the large number of bits of the key, which determine if the combination circuit performs function f, the set intermediate or output bits including fewer bits than are included in the key. Related apparatus, methods, and systems are also described.
Abstract translation: 描述了一种用于设备安全性的系统和方法,所述系统和方法包括至少一个集成电路,包括CPU,存储硬件使能密钥的密钥寄存器,包括大量位的密钥,使得大数量的每个位 的位具有正确的值,并且如果大量位的任何一位被设置为不正确的值,则该键将不能正常地用于执行功能的组合电路f,功能f对于正确的功能是必要的 CPU,使得组合电路由键激活,组合电路仅在键的大量位中的每一个被设置为正确的值时才执行功能f,并且不存在来自 键的大量位,其确定组合电路是否执行功能f,所设置的中间或输出位包括比包括在键中的位数少。 还描述了相关装置,方法和系统。
-
公开(公告)号:US20180241759A1
公开(公告)日:2018-08-23
申请号:US15439965
申请日:2017-02-23
Applicant: Cisco Technology, Inc.
Inventor: Hillel Solow , Vered Anikster , David Wachtfogel
CPC classification number: H04L63/108 , G06F21/10 , H04L63/083 , H04L63/107 , H04L67/22 , H04N21/25816 , H04N21/25841 , H04W12/00502 , H04W12/00503 , H04W12/00505 , H04W12/00508
Abstract: In one embodiment, a method includes receiving an access request for a video service from a client device, authorizing the client device to access the video service when the client device is initiating connection to the video service via a home Internet access point in a home associated with an authorized account for the video service, determining a time restriction for access to at least part of the video service when the client device is initiating connection to the video service via a non-home Internet access point located outside the home, a duration of the time restriction being dependent upon a usage behavior of the client device, and authorizing the client device to access the at least part of the video service subject to the time restriction when the client device is initiating connection to the video service via the non-home Internet access point.
-
公开(公告)号:US20140052983A1
公开(公告)日:2014-02-20
申请号:US14111659
申请日:2012-12-18
Applicant: Cisco Technology Inc.
Inventor: Martin Gold , Keith Millar , Harel Cain , David Wachtfogel , Michal Devir , Max Berman , Brett Walzer
IPC: H04L29/06
CPC classification number: H04L63/0428 , H04L9/002
Abstract: A Headend system including a encoder to encode input data yielding a plurality of data packets, each of the packets having a header and a payload, a post encoding processor to identify ones of the data packets having a payload with a suspected known plaintext, and modify at least some of the identified packets, and an encryption processor to encrypt at least some of the data packets yielding encrypted data packets. Related apparatus and methods are also described.
Abstract translation: 一种头端系统,包括编码器,用于编码产生多个数据分组的输入数据,每个分组具有报头和有效载荷;后编码处理器,用于识别具有可疑已知明文的有效载荷的数据分组中的一个,并修改 至少一些所识别的分组,以及加密处理器,用于加密产生加密数据分组的至少一些数据分组。 还描述了相关装置和方法。
-
-
-
-
-
-