公开(公告)号：US5796830A

公开(公告)日：1998-08-18

申请号：US681679

申请日：1996-07-29

申请人： Donald Byron Johnson ,  Paul Ashley Karger ,  Charles William Kaufman, Jr. ,  Stephen Michael Matyas, Jr. ,  David Robert Safford ,  Marcel Mordechay Yung ,  Nevenko Zunic

发明人： Donald Byron Johnson ,  Paul Ashley Karger ,  Charles William Kaufman, Jr. ,  Stephen Michael Matyas, Jr. ,  David Robert Safford ,  Marcel Mordechay Yung ,  Nevenko Zunic

IPC分类号： G09C1/00 ,  H04K1/00 ,  H04L9/08 ,  H04L9/14 ,  H04L9/28 ,  H04L9/32

CPC分类号： H04L9/0894

摘要： A cryptographic key recovery system that is interoperable with existing systems for establishing keys between communicating parties. The sender uses a reversible key inversion function to generate key recovery values P, Q and (optionally) R as a function of a session key and public information, so that the session key may be regenerated from the key recovery values P, Q and (if generated) R. Key recovery values P and Q are encrypted using the respective public recovery keys of a pair of key recovery agents. The encrypted P and Q values are included along with other recovery information in a session header accompanying an encrypted message sent from the sender to the receiver. The key recovery agents may recover the P and Q values for a law enforcement agent by decrypting the encrypted P and Q values in the session header, using their respective private recovery keys corresponding to the public keys. The R value, if generated, is not made available to the key recovery agents, but is ascertained using standard cryptanalytic techniques in order to provide a nontrivial work factor for law enforcement agents. The receiver checks the session header of a received message to ensure that the sender has included valid recovery information. Only when the receiver has verified that the sender has included valid recovery information does the receiver decrypt the received message.

摘要翻译： 可与现有系统互通的加密密钥恢复系统，用于在通信方之间建立密钥。 发送方使用可逆密钥反转功能来产生密钥恢复值P，Q和（可选地）R作为会话密钥和公共信息的函数，使得会话密钥可以从密钥恢复值P，Q和（ 如果生成）R.密钥恢复值P和Q使用一对密钥恢复代理的相应的公共恢复密钥进行加密。 加密的P和Q值与伴随从发送方发送到接收方的加密消息的会话报头中的其他恢复信息一起被包括。 密钥恢复代理可以通过使用它们对应于公钥的各自的私有恢复密钥来解密会话报头中的加密的P和Q值来恢复执法代理的P和Q值。 R值（如果生成的话）不提供给密钥恢复代理，而是使用标准密码分析技术来确定，以便为执法人员提供一个非常重要的工作因素。 接收机检查接收到的消息的会话报头，以确保发送方已经包括有效的恢复信息。 只有当接收方已经验证发送方已经包括有效的恢复信息时，接收方才能解密接收的消息。

公开(公告)号：US6052469A

公开(公告)日：2000-04-18

申请号：US133877

申请日：1998-08-14

申请人： Donald Byron Johnson ,  Paul Ashley Karger ,  Charles William Kaufman, Jr. ,  Stephen Michael Matyas, Jr. ,  David Robert Safford ,  Marcel Mordechay Yung ,  Nevenko Zunic

发明人： Donald Byron Johnson ,  Paul Ashley Karger ,  Charles William Kaufman, Jr. ,  Stephen Michael Matyas, Jr. ,  David Robert Safford ,  Marcel Mordechay Yung ,  Nevenko Zunic

IPC分类号： G09C1/00 ,  H04K1/00 ,  H04L9/08 ,  H04L9/14 ,  H04L9/28 ,  H04L9/32

CPC分类号： H04L9/0894

摘要： A cryptographic key recovery system that is interoperable with existing systems for establishing keys between communicating parties. The sender uses a reversible key inversion function to generate key recovery values P, Q and (optionally) R as a function of a session key and public information, so that the session key may be regenerated from the key recovery values P, Q and (if generated) R. Key recovery values P and Q are encrypted using the respective public recovery keys of a pair of key recovery agents. The encrypted P and Q values are included along with other recovery information in a session header accompanying an encrypted message sent from the sender to the receiver. The key recovery agents may recover the P and Q values for a law enforcement agent by decrypting the encrypted P and Q values in the session header, using their respective private recovery keys corresponding to the public keys. The R value, if generated, is not made available to the key recovery agents, but is ascertained using standard cryptanalytic techniques in order to provide a nontrivial work factor for law enforcement agents. The receiver checks the session header of a received message to ensure that the sender has included valid recovery information. Only when the receiver has verified that the sender has included valid recovery information does the receiver decrypt the received message.

摘要翻译： 可与现有系统互通的加密密钥恢复系统，用于在通信方之间建立密钥。 发送方使用可逆密钥反转功能来产生密钥恢复值P，Q和（可选地）R作为会话密钥和公共信息的函数，使得会话密钥可以从密钥恢复值P，Q和（ 如果生成）R.密钥恢复值P和Q使用一对密钥恢复代理的相应的公共恢复密钥进行加密。 加密的P和Q值与伴随从发送方发送到接收方的加密消息的会话报头中的其他恢复信息一起被包括。 密钥恢复代理可以通过使用它们对应于公钥的各自的私有恢复密钥来解密会话报头中的加密的P和Q值来恢复执法代理的P和Q值。 R值（如果生成的话）不提供给密钥恢复代理，而是使用标准密码分析技术来确定，以便为执法人员提供一个非常重要的工作因素。 接收机检查接收到的消息的会话报头，以确保发送方已经包括有效的恢复信息。 只有当接收方已经验证发送方已经包括有效的恢复信息时，接收方才能解密接收的消息。

公开(公告)号：US5815573A

公开(公告)日：1998-09-29

申请号：US629815

申请日：1996-04-10

申请人： Donald Byron Johnson ,  Paul Ashley Karger ,  Charles William Kaufman, Jr. ,  Stephen Michael Matyas, Jr. ,  Marcel Mordechay Yung ,  Nevenko Zunic

发明人： Donald Byron Johnson ,  Paul Ashley Karger ,  Charles William Kaufman, Jr. ,  Stephen Michael Matyas, Jr. ,  Marcel Mordechay Yung ,  Nevenko Zunic

IPC分类号： H04L9/08 ,  H04L9/10 ,  H04K1/00

CPC分类号： H04L9/0894

摘要： A cryptographic key recovery system for generating a cryptographic key for use by a pair of communicating parties while simultaneously providing for its recovery using one or more key recover agents. A plurality of m-bit shared key parts (P, Q) are generated which are shared with respective key recovery agents, while an n-bit nonshared key part (R) is generated that is not shared with any key recovery agent. The shared key parts (P, Q) are combined to generate an m-bit value which is concatenated with the nonshared key part (R) to generate an (m+n)-bit value from which an encryption key is generated. The cryptographic system has the effective work factor of an n-bit key to all of the key recovery agents acting in concert, but has the effective work factor of an (m+n)-bit to any other combination of third parties. The quantity n is selected to make authorized key recovery feasible, but not so trivial as to permit routine decryption of intercepted communications, while the quantity m is selected to make decryption by unauthorized third parties infeasible. Means are provided for verifying that the shared key parts have been shared with the key recovery agents before permitting encrypted communications using the thus generated key.

摘要翻译： 一种加密密钥恢复系统，用于生成密钥，供一对通信方使用，同时使用一个或多个密钥恢复代理提供其恢复。 生成与各个密钥恢复代理共享的多个m位共享密钥部分（P，Q），而生成不与任何密钥恢复代理共享的n位非共享密钥部分（R）。 共享密钥部分（P，Q）被组合以产生与非共享密钥部分（R）连接的m比特值，以生成从其生成加密密钥的（m + n）比特值。 加密系统对所有主要恢复代理人具有一致的n位密钥的有效工作因子，但具有（m + n）位到任何其他第三方组合的有效工作因子。 选择数量n使授权密钥恢复成为可行，但不允许允许例行解密截取的通信，同时选择数量m以使得未经授权的第三方解密不可行。 提供了用于在使用由此产生的密钥进行加密通信之前验证共享密钥部分已经与密钥恢复代理共享的手段。

公开(公告)号：US5937066A

公开(公告)日：1999-08-10

申请号：US725102

申请日：1996-10-02

申请人： Rosario Gennaro ,  Donald Byron Johnson ,  Paul Ashley Karger ,  Stephen Michael Matyas, Jr. ,  Mohammad Peyravian ,  David Robert Safford ,  Marcel Mordechay Yung ,  Nevenko Zunic

发明人： Rosario Gennaro ,  Donald Byron Johnson ,  Paul Ashley Karger ,  Stephen Michael Matyas, Jr. ,  Mohammad Peyravian ,  David Robert Safford ,  Marcel Mordechay Yung ,  Nevenko Zunic

IPC分类号： G09C1/00 ,  H04L9/08 ,  H04L9/00

CPC分类号： H04L9/0841 ,  H04L9/085 ,  H04L9/0897

摘要： A cryptographic key recovery system that operates in two phases. In the first phase, the sender establishes a secret value with the receiver. For each key recovery agent, the sender generates a key-generating value as a one-way function of the secret value and encrypts the key-generating value with a public key of the key recovery agent. In the second phase, performed for a particular cryptographic session, the sender generates for each key recovery agent a key-encrypting key as a one-way function of the corresponding key-generating value and multiply encrypts the session key with the key-encrypting keys of the key recovery agents. The encrypted key-generating values and the multiply encrypted session key are transmitted together with other recovery information in a manner permitting their interception by a party seeking to recover the secret value. To recover the secret value, the party seeking recovery presents the encrypted key-generating values and public recovery information to the key recovery agents, who decrypt the key-generating values, regenerate the key-encrypting keys from the corresponding key-generating values, and provide the regenerated key-encrypting keys to the recovering party. The recovering party uses the key-encrypting keys to recover the secret value. Since the key-generating values cannot be derived from the key-encrypting keys, they may be used over a period spanning multiple cryptographic sessions without requiring new values or new public key encryptions.

摘要翻译： 一个加密密钥恢复系统，分两个阶段运行。 在第一阶段，发送者与接收者建立秘密值。 对于每个密钥恢复代理，发送者生成密钥生成值作为秘密值的单向函数，并用密钥恢复代理的公钥加密密钥生成值。 在针对特定加密会话执行的第二阶段中，发送者针对每个密钥恢复代理生成密钥加密密钥作为对应的密钥生成值的单向函数，并且将密钥加密密钥乘以加密密钥 的关键回收剂。 加密的密钥生成值和乘法加密的会话密钥与其他恢复信息一起被发送，以允许由寻求恢复秘密值的一方拦截的方式。 为了恢复秘密值，寻求恢复方向密钥恢复代理提供加密的密钥生成值和公共恢复信息，密钥恢复代理解密密钥生成值，从相应的密钥生成值重新生成密钥加密密钥， 向恢复方提供重新生成的密钥加密密钥。 恢复方使用密钥加密密钥来恢复秘密值。 由于密钥生成值不能从密钥加密密钥导出，所以它们可以在跨越多个加密会话的时间段内使用，而不需要新的值或新的公钥加密。

公开(公告)号：US08800032B2

公开(公告)日：2014-08-05

申请号：US13030009

申请日：2011-02-17

申请人： Marcel Mordechay Yung ,  Yoram Ofek

发明人： Marcel Mordechay Yung ,  Yoram Ofek

IPC分类号： G06F11/00

CPC分类号： H04L69/16 ,  G06F21/14 ,  H04L47/10 ,  H04L47/193 ,  H04L47/27 ,  H04L47/283 ,  H04L63/0227 ,  H04L63/10 ,  H04L69/161 ,  H04L69/163 ,  Y10S707/99939

摘要： This invention discloses a method and system for processing logic modules, each having a separate functionality, into a unique functionality that is to be executed in an interlocked mode as a unique functionality. The method is based on taking logic modules (programs and data) with known functionality and transforming them into a hidden program by integrating modules to execute together into a logic which is partially obfuscated and/or encrypted and/or physically hidden. The hidden program is being updated dynamically to strengthen it against reverse engineering efforts. The program includes the functionality for generating security signals, which are unpredictable by observers, such as a pseudo random sequence of security signals. Only elements that share the means for producing the security signals can check their validity. The modules include operational tasks and performance parameters for this operation. The operation can be transmission of data packets with given parameters of performance that the hidden program contains. The generated security signals thus assure that the correct operation was taken place and can be used to signal various cryptographic parameters as well.

摘要翻译： 本发明公开了一种用于将逻辑模块（每个具有单独功能）处理成独特功能的方法和系统，其将以互锁模式作为唯一功能执行。 该方法基于采用具有已知功能的逻辑模块（程序和数据），并通过将模块集成到部分模糊化和/或加密和/或物理隐藏的逻辑中来将其转换为隐藏程序。 隐藏的程序正在动态更新，以加强对抗逆向工程的工作。 该程序包括用于生成安全信号的功能，这些观察者不可预知，例如安全信号的伪随机序列。 只有分享安全信号产生手段的元素才能检查其有效性。 这些模块包括此操作的操作任务和性能参数。 该操作可以传输具有隐藏程序包含的性能的给定参数的数据包。 所产生的安全信号因此确保正确的操作发生，并且也可用于发送各种加密参数。

公开(公告)号：US07305704B2

公开(公告)日：2007-12-04

申请号：US10219380

申请日：2002-08-14

申请人： Yoram Ofek ,  Marcel Mordechay Yung

发明人： Yoram Ofek ,  Marcel Mordechay Yung

IPC分类号： H04L9/32 ,  H04L9/00

CPC分类号： H04L69/16 ,  G06F21/14 ,  H04L47/10 ,  H04L47/193 ,  H04L47/27 ,  H04L47/283 ,  H04L63/0227 ,  H04L63/10 ,  H04L69/161 ,  H04L69/163 ,  Y10S707/99939

摘要： This invention discloses a method and system for detecting and reacting to unexpected communications patterns. The system consists of a plurality of end stations and a plurality of network interfaces, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The system further consists of a plurality of secure management servers, which continuously exchange management messages with the network interfaces. Consequently, the secure management servers have the information for detecting unexpected communications patterns. The method allows the control of end stations, and when an unexpected communication pattern is detected, selectively only packets from authenticated programs can be allowed to be transmitted.

摘要翻译： 本发明公开了一种用于检测和反应意外通信模式的方法和系统。 该系统由多个终端站和多个网络接口组成，使得网络接口能够确定终端站使用的程序的真实性来生成和发送数据分组。 该系统还包括多个安全管理服务器，其连续地与网络接口交换管理消息。 因此，安全管理服务器具有用于检测意外通信模式的信息。 该方法允许端站的控制，并且当检测到意外的通信模式时，仅选择性地仅允许发送来自经认证的程序的分组。

公开(公告)号：US6122742A

公开(公告)日：2000-09-19

申请号：US878189

申请日：1997-06-18

申请人： Adam Lucas Young ,  Marcel Mordechay Yung

发明人： Adam Lucas Young ,  Marcel Mordechay Yung

IPC分类号： H04L9/08 ,  H04L9/00

CPC分类号： H04L9/3247 ,  H04L9/0894

摘要： A method is provided for an escrow cryptosystem combined with an unescrowed digital signature scheme that uses a single public key per user. This system is overhead-free, does not require a cryptographic tamper-proof hardware implementation (i.e., can be done in software), and is publicly verifiable. The system cannot be used subliminally to enable a shadow public key system. Namely, an unescrowed public key system that is publicly displayed in a covert fashion. The cryptosystem contains a key generation mechanism that outputs a key triplet, and a certificate of proof that the keys were generated according to the algorithm. The key triplet consists of a public key, a private decryption key, and a private signing key. Using the public key and the certificate, the triplet can be verified efficiently by anyone to have the following properties: (1) the private signing key is known to the user, and (2) the private decryption key is recoverable by the escrow authorities. The system assures that the escrow authorities are not able to forge signatures or get the private signing key. The system is designed so that its internals can be made publicly scrutinizable (e.g., it can be distributed in source code form).

摘要翻译： 提供了一种用于与使用每个用户单个公共密钥的未被描述的数字签名方案组合的托管密码系统的方法。 该系统是无间断的，不需要加密防篡改硬件实现（即可以在软件中完成），并且是可公开验证的。 系统不能潜意识地使用影子公钥系统。 即，以隐蔽的方式公开显示的未被描述的公钥系统。 密码系统包含输出密钥三元组的密钥生成机制，以及根据算法产生密钥的证明证书。 密钥三重组由公钥，私钥解密密钥和私有签名密钥组成。 使用公钥和证书，任何人都可以有效地验证三元组具有以下属性：（1）用户已知私人签名密钥，（2）私钥解密密钥可由托管机构恢复。 该系统确保代管当局无法伪造签名或获得私人签名密钥。 该系统的设计使其内部可以公开审查（例如，它可以以源代码形式分发）。

公开(公告)号：US20080221914A1

公开(公告)日：2008-09-11

申请号：US12073764

申请日：2008-03-10

申请人： Yair Frankel ,  David William Kravitz ,  Charles Thomas Montgomery ,  Marcel Mordechay Yung

发明人： Yair Frankel ,  David William Kravitz ,  Charles Thomas Montgomery ,  Marcel Mordechay Yung

IPC分类号： G06Q30/00

CPC分类号： G06Q20/40 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/401 ,  G06Q20/4037 ,  G06Q30/04 ,  G06Q30/0613 ,  G06Q40/00 ,  G07F7/08

摘要： A method for providing a warranty relating to a transaction between two parties, each party having a data communications device, in a system which includes an infrastructure composed of a plurality of locations each associated with a respective institution which provides services to clients, each location having a computer system, a database coupled to the computer system and storing information about each client of the institution and a data communications device coupled to the computer system for communication with the data communications device of any one party, each party being a client of at least one of the institutions, the method containing the steps of:transmitting a request for a warranty from one party to the transaction which is a client of the respective institution to a respective location associated with the respective institution, which request includes information identifying the other party to the transaction and information about the nature of the transaction;conducting an exchange of information between the respective location and a location associated with a institution of which the other party is a client; andtransmitting a response to the request from the respective location to the one party.

摘要翻译： 一种在包括由多个位置组成的基础设施的系统中提供与具有数据通信设备的双方之间的交易有关的保证的方法，每个位置与相应的机构相关联，所述各个机构向客户端提供服务，每个位置具有 计算机系统，耦合到计算机系统的数据库，并且存储关于机构的每个客户端的信息以及耦合到计算机系统的数据通信设备，用于与任何一方的数据通信设备进行通信，每个方面至少为客户端 其中一个机构，该方法包括以下步骤：从一方向作为相应机构的客户的交易发送保证请求到与相应机构相关联的相应位置，该请求包括标识对方的信息 交易和交易性质的信息; 在相应位置和与另一方是客户的机构相关联的位置之间进行信息交换; 以及从所述相应位置向所述一方发送对所述请求的响应。

公开(公告)号：US07343619B2

公开(公告)日：2008-03-11

申请号：US10219379

申请日：2002-08-14

申请人： Yoram Ofek ,  Marcel Mordechay Yung ,  Mario Baldi ,  David Howard Sitrick

发明人： Yoram Ofek ,  Marcel Mordechay Yung ,  Mario Baldi ,  David Howard Sitrick

IPC分类号： H04L9/32

CPC分类号： H04L69/16 ,  G06F21/14 ,  H04L47/10 ,  H04L47/193 ,  H04L47/27 ,  H04L47/283 ,  H04L63/0227 ,  H04L63/10 ,  H04L69/161 ,  H04L69/163 ,  Y10S707/99939

摘要： The objective of this invention is to ensure that programs that generate and send data packets are well behaved. This invention discloses a method and system that consist of an end station and a network interface, such that, the network interface is capable of determining the authenticity of the program used by the end station to generate and send data packets. The method is based on using a hidden program that was obfuscated within the program that is used to generate and send data packets from the end station. The hidden program is being updated dynamically and it includes the functionality for generating a pseudo random sequence of security signals. Only the network interface knows how the pseudo random sequence of security signals were generated, and therefore, the network interface is able to check the validity of the pseudo random sequence of security signals, and thereby, verify the authenticity of the programs used to generate and send data packets.

摘要翻译： 本发明的目的是确保生成和发送数据分组的程序表现良好。 本发明公开了一种由终端站和网络接口组成的方法和系统，使得网络接口能够确定终端站使用的程序的真实性来生成和发送数据分组。 该方法基于使用在程序内被模糊化的隐藏程序，该程序用于从终端站生成和发送数据包。 隐藏的程序正在动态更新，它包括用于生成安全信号的伪随机序列的功能。 只有网络接口知道如何产生安全信号的伪随机序列，因此，网络接口能够检查安全信号的伪随机序列的有效性，从而验证用于生成和 发送数据包。

公开(公告)号：USRE38375E1

公开(公告)日：2003-12-30

申请号：US09560334

申请日：2000-04-27

申请人： Amir Herzberg ,  Hugo Mario Krawczyk ,  Shay Kutten ,  An Van Le ,  Stephen Michael Matyas ,  Marcel Mordechay Yung

发明人： Amir Herzberg ,  Hugo Mario Krawczyk ,  Shay Kutten ,  An Van Le ,  Stephen Michael Matyas ,  Marcel Mordechay Yung

IPC分类号： H04L900

CPC分类号： G06F21/10 ,  G06F2211/007 ,  G06F2211/008

摘要： A method and system for detecting authorized programs within a data processing system. The present invention creates a validation structure for validating a program. The validation structure is embedded in the program and in response to an initiation of the program, a determination is made as to whether the program is an authorized program. The determination is made using the validation structure.