利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

9 条记录 (耗时 0.022 秒)

    Data encryption key management system
    1.
    发明授权
    Data encryption key management system 失效
    数据加密密钥管理系统

    公开(公告)号:US06577734B1

    公开(公告)日:2003-06-10

    申请号:US08550909

    申请日:1995-10-31

    申请人: Mark H. Etzel David W. Faucher Daniel Nelson Heer David P. Maher Robert John Rance

    发明人: Mark H. Etzel David W. Faucher Daniel Nelson Heer David P. Maher Robert John Rance

    IPC分类号: H04L900

    CPC分类号: H04L9/0822 H04L9/0838 H04L9/0894

    摘要: The secure management of encryption keys is obtained by preventing external access thereto and ensuring that the keys do not leave an encryption unit in their original form. This result is obtained via a facility which (a) generates a unique device encryption key and at least one program encryption key, (b) encrypts the program encryption key using the device encryption key, and (c) stores the result in local memory. Thereafter, responsive to receipt of an indication to encrypt data, the program encryption key is retrieved from memory and is decrypted using the unique device encryption key. The data is then encrypted using the decrypted program encryption key and the encrypted data is stored in a server for distribution to a user who enters a request for the data. When there is a need to transport the latter key to another element, then the program key is encrypted using a symmetrical encryption key that the facility shares with the other element and the result is supplied to that element. The element then decrypts the encrypted program key using its own version of the symmetrical key.

    摘要翻译: 通过防止外部访问并确保密钥不以其原始形式离开加密单元来获得加密密钥的安全管理。 该结果通过(a)生成唯一的设备加密密钥和至少一个程序加密密钥的设施获得,(b)使用设备加密密钥对程序加密密钥进行加密,以及(c)将结果存储在本地存储器中。 此后,响应于接收到加密数据的指示,从存储器检索程序加密密钥,并使用唯一的设备加密密钥进行解密。 然后使用解密的程序加密密钥对数据进行加密,并且将加密的数据存储在服务器中以分发给输入对数据的请求的用户。 当需要将后一个密钥传输到另一个元素时,程序密钥使用设备与其他元素共享的对称加密密钥进行加密,并将结果提供给该元素。 该元素然后使用其自己的版本的对称密钥解密加密的程序密钥。

    Electronic identifiers for network terminal devices
    2.
    发明授权
    Electronic identifiers for network terminal devices 失效
    网络终端设备的电子标识符

    公开(公告)号:US6005943A

    公开(公告)日:1999-12-21

    申请号:US739371

    申请日:1996-10-29

    申请人: Joshua L. Cohen Cecil A. Dean Thomas L. du Breuil Daniel Nelson Heer David P. Maher Vance Eugene Poteat Robert John Rance

    发明人: Joshua L. Cohen Cecil A. Dean Thomas L. du Breuil Daniel Nelson Heer David P. Maher Vance Eugene Poteat Robert John Rance

    IPC分类号: H04L9/08 H04L9/30 H04L9/00

    CPC分类号: H04L9/0877

    摘要: The generation of electronic identifiers for network interface units connected to a data network for use in detecting unauthorized decryption of encrypted data transmitted over the data network. A random number is generated for use as a private key decryption code and is stored in memory in each network interface unit. A public key is calculated from the stored private key using a non-invertible mathematical formula. If the calculated public key is unique, then a portion of the public key (e.g. a subset of its bits) is stored in a data provider database as an electronic identifier for use in detecting unauthorized decryption of data by the interface unit.

    摘要翻译: 生成连接到数据网络的网络接口单元的电子标识符,以用于检测通过数据网络发送的加密数据的未经授权的解密。 生成随机数用作私钥解密码,并存储在每个网络接口单元的存储器中。 使用非可逆数学公式从存储的私钥计算公钥。 如果所计算的公开密钥是唯一的,那么公共密钥的一部分(例如其比特的一个子集)作为电子标识符存储在数据提供者数据库中,用于检测由接口单元对未经授权的数据解密。

    Data encryption security module
    3.
    发明授权
    Data encryption security module 失效
    数据加密安全模块

    公开(公告)号:US5999629A

    公开(公告)日:1999-12-07

    申请号:US550910

    申请日:1995-10-31

    申请人: Daniel Nelson Heer David P. Maher

    发明人: Daniel Nelson Heer David P. Maher

    IPC分类号: H04L9/08 H04L9/30 H04L9/00 H04K1/00

    CPC分类号: G06Q20/3829 H04L9/0847 H04L2209/60

    摘要: We have recognized that there is a strong need to control and maintain the secrecy of the intelligence that may be used by computers to communicate with another, for example, by encrypting the messages that they exchange with one another. Thus, the encryption keys used to encrypt such messages need to be managed in a highly secure manner. Accordingly, we provide an encryption module, which, in accord with an aspect of the invention, generates a unique device encryption key (S.sub.local), a cryptographic key formed from a unique identification key (S.sub.id) and an associated public key (KP.sub.id), and at least one program encryption key, in which the public key is generated as a function of the unique identification key. The module then encrypts the unique identification key and program encryption key using said device encryption key and stores the encrypted result in memory internal to security module, thereby securing the keys against misappropriation. In addition, the module provides a mechanism for using the program encryption key to encrypt information that it receives from an external source and store the encrypted information in memory external to the security module, and responsive to receiving from a requester a request for the program encryption key, encrypting the program encryption key, in accord with an aspect of the invention, using a symmetrical encryption key generated as a function of a public key generated by a security module associated with the requester. The former security module then supplies the encrypted program encryption key to the requester.

    摘要翻译: 我们已经认识到,强烈需要控制和维护计算机可能用于与另一个通信的智能的秘密,例如通过加密彼此交换的消息。 因此,用于加密这些消息的加密密钥需要以高度安全的方式进行管理。 因此,我们提供一种加密模块,其根据本发明的一个方面,生成独特的设备加密密钥(Slocal),由独特的识别密钥(Sid)和相关的公钥(KPid)形成的加密密钥, 以及至少一个程序加密密钥,其中根据唯一标识密钥生成公钥。 然后,该模块使用所述设备加密密钥加密唯一识别密钥和程序加密密钥,并将加密结果存储在安全模块内部的存储器中,从而保护密钥免于盗用。 另外,该模块提供了一种使用程序加密密钥加密其从外部源接收的信息并将加密信息存储在安全模块外部的存储器中的机制,并且响应于从请求者接收对程序加密的请求 密钥,加密程序加密密钥,根据本发明的一个方面,使用根据与请求者相关联的安全模块生成的公共密钥生成的对称加密密钥。 之前的安全模块然后将加密的程序加密密钥提供给请求者。

    Method and apparatus for using multiple co-dependent DMA controllers to provide a single set of read and write commands
    4.
    发明授权
    Method and apparatus for using multiple co-dependent DMA controllers to provide a single set of read and write commands 有权
    使用多个相关DMA控制器提供单组读写命令的方法和装置

    公开(公告)号:US06341328B1

    公开(公告)日:2002-01-22

    申请号:US09295010

    申请日:1999-04-20

    申请人: Daniel Nelson Heer

    发明人: Daniel Nelson Heer

    IPC分类号: G06F1200

    CPC分类号: G06F13/28

    摘要: A microcomputer incorporates a pair of DMA controllers that are co-dependently operated to read and write common data blocks to two peripheral devices. In an exemplary embodiment of the invention, one of the DMA controllers is designated to read a data block from memory, store the data, and then write the data in a single write cycle to each of the two peripheral devices. This DMA controller provides the address and control signals necessary for writing the data to a first of the two peripheral devices, while the other DMA controller provides the address and control signals necessary for writing the data block to a second of the two peripheral devices. As a result, only one read and one write command are required for the data to be written to the two peripheral devices.

    摘要翻译: 微型计算机结合了一对DMA控制器,它们共同操作以将通用数据块读取和写入两个外围设备。 在本发明的示例性实施例中,DMA控制器中的一个被指定为从存储器读取数据块,存储数据,然后将数据以单个写周期写入到两个外围设备中的每一个。 该DMA控制器提供将数据写入两个外围设备中的第一个所需的地址和控制信号,而另一个DMA控制器提供将数据块写入两个外围设备中的第二个的必要的地址和控制信号。 因此,要写入两个外围设备的数据只需要一个读取和一个写入命令。

    Method and apparatus for multiple-iteration CMEA encryption and decryption for improved security for wireless telephone messages
    6.
    发明授权
    Method and apparatus for multiple-iteration CMEA encryption and decryption for improved security for wireless telephone messages 失效
    用于多重迭代的方法和装置CMEA加密和解密用于改善无线电话消息的安全性

    公开(公告)号:US06266411B1

    公开(公告)日:2001-07-24

    申请号:US09059107

    申请日:1998-04-13

    申请人: Mark H. Etzel Robert John Frank Daniel Nelson Heer Robert Joseph McNelis Semyon B. Mizikovsky Robert John Rance R. Dale Shipp

    发明人: Mark H. Etzel Robert John Frank Daniel Nelson Heer Robert Joseph McNelis Semyon B. Mizikovsky Robert John Rance R. Dale Shipp

    IPC分类号: H04K100

    CPC分类号: H04L9/06 H04L2209/80

    摘要: An enhanced CMEA encryption system suitable for use in wireless telephony. A plaintext message is introduced into the system and subjected to a first iteration of a CMEA process, using a first CMEA key to produce an intermediate ciphertext. The intermediate ciphertext is then subjected to a second iteration of the CMEA process using a second CMEA key to produce a final ciphertext. Additional security is achieved by subjecting the plaintext and intermediate ciphertext to input and output transformations before and after each iteration of the CMEA process. The CMEA iterations may be performed using an improved use of a tbox function which adds permutations to a message or intermediate crypto-processed data. Decryption is achieved by subjecting a ciphertext message to the reverse order of the steps used for encryption, replacing the input and output transformations by inverse output and inverse input transformations, respectively, as appropriate.

    摘要翻译: 适用于无线电话的增强型CMEA加密系统。 将明文消息引入到系统中,并使用第一CMEA密钥来产生中间密文,进行CMEA过程的第一次迭代。 然后使用第二CMEA密钥对中间密文进行CMEA过程的第二次迭代以产生最终密文。 通过对明文和中间密文进行输入和输出CMEA进程每次迭代之前和之后的转换来实现额外的安全性。 CMEA迭代可以使用对消息或中间加密处理的数据添加置换的tbox函数的改进的使用来执行。 解密是通过对加密步骤的相反顺序进行密文消息来实现的,分别通过反向输出和反向输入变换分别代替输入和输出变换。

    Methods and apparatus for self-inverting multiple-iteration CMEA crypto-processing for improved security for wireless telephone messages
    7.
    发明授权
    Methods and apparatus for self-inverting multiple-iteration CMEA crypto-processing for improved security for wireless telephone messages 失效
    用于自反相多重迭代CMEA加密处理的方法和装置,用于改善无线电话消息的安全性

    公开(公告)号:US06418224B1

    公开(公告)日:2002-07-09

    申请号:US09073131

    申请日:1998-05-05

    申请人: Mark H. Etzel Robert John Frank Daniel Nelson Heer Robert Joseph McNelis Semyon B. Mizikovsky Robert John Rance R. Dale Shipp

    发明人: Mark H. Etzel Robert John Frank Daniel Nelson Heer Robert Joseph McNelis Semyon B. Mizikovsky Robert John Rance R. Dale Shipp

    IPC分类号: H04M166

    CPC分类号: H04L9/0618 H04L2209/80

    摘要: A self-inverting enhanced CMEA encryption system suitable for use in wireless telephony. An unprocessed text message is introduced into the system and subjected to a first iteration of a CMEA process, using a first CMEA key to produce a first intermediate message, a first intermediate processed text message, a first intermediate ciphertext message or the like. The first intermediate processed text message is subjected to a further iteration of the CMEA process, using a second CMEA key, to produce a second intermediate processed text message. The second intermediate processed text message is subjected to a final iteration of the CMEA process, using the first CMEA key, to produce the final processed text message. Security may be additionally enhanced by subjecting each message to an input/output transformation before and after each iteration of the CMEA process. In a three-iteration process, a total of four input/output transformations are used with the first and fourth input/output transformations being identical, and with the second and third input/output transformations being identical.

    摘要翻译: 适用于无线电话的自反相增强型CMEA加密系统。 未处理的文本消息被引入到系统中,并且使用第一CMEA密钥来产生第一中间消息,第一中间处理文本消息,第一中间密文消息等进行CMEA处理的第一次迭代。 使用第二CMEA密钥对第一中间处理文本消息进行CMEA处理的进一步迭代,以产生第二中间处理文本消息。 使用第一个CMEA密钥对第二个中间处理文本消息进行CMEA进程的最终迭代,以产生最终处理的文本消息。 可以通过在CMEA进程的每次迭代之前和之后对每个消息进行输入/输出变换来额外增强安全性。 在三次迭代过程中,总共使用四个输入/输出变换,其中第一和第四输入/输出变换是相同的,并且第二和第三输入/输出变换是相同的。

    Methods and apparatus for enhanced CMEA employing enhanced transformations
    8.
    发明授权
    Methods and apparatus for enhanced CMEA employing enhanced transformations 失效
    使用增强转化的增强CMEA的方法和装置

    公开(公告)号:US06377687B1

    公开(公告)日:2002-04-23

    申请号:US09124300

    申请日:1998-07-29

    申请人: Mark H. Etzel Robert John Frank Daniel Nelson Heer Robert Joseph McNelis Semyon B. Mizikovsky Robert John Rance R. Dale Shipp

    发明人: Mark H. Etzel Robert John Frank Daniel Nelson Heer Robert Joseph McNelis Semyon B. Mizikovsky Robert John Rance R. Dale Shipp

    IPC分类号: H04L928

    CPC分类号: H04W12/02 H04L9/06 H04L63/0428 H04L2209/08 H04L2209/80

    摘要: Methods and apparatus for enhanced CMEA, or ECMEA, processing. A forward ECMEA and a reverse ECMEA process are provided. The forward ECMEA process decrypts text encrypted by the reverse ECMEA process and the reverse ECMEA process decrypts text encrypted by the forward ECMEA process. The forward ECMEA process employs a transformation, an iteration of the CMEA process, and an inverse transformation. The reverse ECMEA process employs a reverse transformation, an iteration of the CMEA process, and a reverse inverse transformation. The transformations and inverse transformations, and the iteration of the CMEA process, employ secret offsets to improve security. The transformations and the iteration of the CMEA process also employ an enhanced tbox function using an involutary lookup table.

    摘要翻译: 增强CMEA或ECMEA的方法和设备,加工。 提供了前向ECMEA和反向ECMEA流程。 正向ECMEA过程解密由反向ECMEA过程加密的文本,而反向ECMEA过程会解密通过正向ECMEA过程加密的文本。 前向ECMEA过程采用CMEA过程的转换,迭代和逆变换。 反向ECMEA过程采用反向变换,CMEA过程的迭代和逆向逆变换。 转换和逆变换以及CMEA过程的迭代采用秘密补偿来提高安全性。 CMEA过程的转换和迭代也采用增强型tbox函数,使用渐近查找表。