-
公开(公告)号:US20090222672A1
公开(公告)日:2009-09-03
申请号:US12361811
申请日:2009-01-29
CPC分类号: G06F21/31 , G06F21/72 , G06F21/73 , G06F21/77 , G06F21/79 , G06F21/86 , G06F2221/2103 , G06F2221/2121 , G06F2221/2129 , G06F2221/2153 , G06Q20/3674 , G09C1/00 , H01L23/544 , H01L23/576 , H01L2223/54433 , H01L2223/5444 , H01L2223/54473 , H01L2924/0002 , H04L9/0897 , H04L9/3278 , H04L2209/34 , H04L2209/42 , H01L2924/00
摘要: An integrated circuit has a first component that has a dynamic characteristic that varies among like integrated circuits, for example, among integrated circuits fabricated using the same lithography mask. Operating the first component produces an output that is dependent on the dynamic characteristic of the first component. A digital value associated with the integrated circuit is generated using the output of the first component, and then the generated digital value is used in operation of the integrated circuit.
摘要翻译: 集成电路具有第一部件,其具有在类似的集成电路之间变化的动态特性,例如在使用相同的光刻掩模制造的集成电路中。 操作第一组件产生取决于第一组件的动态特性的输出。 使用第一分量的输出产生与集成电路相关联的数字值,然后在集成电路的操作中使用所生成的数字值。
-
公开(公告)号:US20070183194A1
公开(公告)日:2007-08-09
申请号:US11421609
申请日:2006-06-01
IPC分类号: G11C16/04
CPC分类号: G06F21/31 , G06F21/72 , G06F21/73 , G06F21/77 , G06F21/79 , G06F21/86 , G06F2221/2103 , G06F2221/2121 , G06F2221/2129 , G06F2221/2153 , G06Q20/3674 , G09C1/00 , H01L23/544 , H01L23/576 , H01L2223/54433 , H01L2223/5444 , H01L2223/54473 , H01L2924/0002 , H04L9/0897 , H04L9/3278 , H04L2209/34 , H04L2209/42 , H01L2924/00
摘要: A method for providing access to device-specific information includes providing a first value to the device, and then, in the device, using a second value that is a first one-way function of the provided first value to determine a third value such that the third value is a device-specific function of the second value. The third value is then accepted from the device and stored outside the device. Subsequent to accepting the third value from the device, the second value is provided to the device. In the device, the provided second value is used to determine the third value once again and a fourth value is determined that is a second one-way function of the third value. This determining of the fourth value is performed without disclosing the third value outside the device. The fourth value is accepted from the device.
摘要翻译: 用于提供对设备特定信息的访问的方法包括向设备提供第一值,然后在设备中使用作为所提供的第一值的第一单向函数的第二值来确定第三值,使得 第三个值是第二个值的特定于设备的功能。 然后第三个值从设备接受并存储在设备外部。 在从设备接受第三值之后,将第二值提供给设备。 在设备中,所提供的第二值被再次用于确定第三值,并且确定第四值是第三值的第二单向函数。 执行第四值的确定而不在设备外部公开第三值。 从设备接受第四个值。
-
公开(公告)号:US07840803B2
公开(公告)日:2010-11-23
申请号:US10407603
申请日:2003-04-04
CPC分类号: G06F21/31 , G06F21/72 , G06F21/73 , G06F21/77 , G06F21/79 , G06F21/86 , G06F2221/2103 , G06F2221/2121 , G06F2221/2129 , G06F2221/2153 , G06Q20/3674 , G09C1/00 , H01L23/544 , H01L23/576 , H01L2223/54433 , H01L2223/5444 , H01L2223/54473 , H01L2924/0002 , H04L9/0897 , H04L9/3278 , H04L2209/34 , H04L2209/42 , H01L2924/00
摘要: A group of devices are fabricated based on a common design, each device having a corresponding plurality of measurable characteristics that is unique in the group to that device, each device having a measurement module for measuring the measurable characteristics. Authentication of one of the group of devices is enabled by selective measurement of one or more of the plurality of measurable characteristics of the device.
摘要翻译: 基于共同设计制造一组设备,每个设备具有对于该设备的组中唯一的相应多个可测量特性,每个设备具有用于测量可测量特性的测量模块。 通过选择性地测量设备的多个可测量特性中的一个或多个来启用该组设备之一的认证。
-
公开(公告)号:US20090158054A1
公开(公告)日:2009-06-18
申请号:US12335083
申请日:2008-12-15
申请人: Marten Van Dijk , Jing Chen , Srinivas Devadas
发明人: Marten Van Dijk , Jing Chen , Srinivas Devadas
CPC分类号: G06F7/72 , H04L63/0442
摘要: A method for processing one or more terms includes, at a first computation facility, computing an obfuscated numerical representation for each of the terms. The computed obfuscated representations are provided from the first facility to a second computation facility. A result of an arithmetic computation based on the provided obfuscated values is received at the first facility. This received result represents an obfuscation of a result of application of a first function to the terms. The received result is processed to determine the result of application of the first function to the terms.
摘要翻译: 一种用于处理一个或多个术语的方法包括在第一计算设施处计算每个术语的混淆数字表示。 所计算的混淆表示从第一设施提供给第二计算设施。 在第一设施处接收基于所提供的混淆值的算术运算的结果。 这个收到的结果表示对这个术语应用第一个功能的结果的混淆。 处理接收到的结果以确定第一个功能对该术语的应用结果。
-
公开(公告)号:US20080059809A1
公开(公告)日:2008-03-06
申请号:US11575313
申请日:2005-09-16
申请人: Marten Van Dijk
发明人: Marten Van Dijk
IPC分类号: H04L9/08
CPC分类号: H04L9/3278 , H04L9/0838 , H04L9/0866 , H04L9/3263 , H04L2209/56 , H04L2209/60
摘要: A physical random function (PUF) is a function that is easy to evaluate but hard to characterize. Controlled physical random functions (CPUFs) are PUFs that can only be accessed via a security program controlled by a security algorithm that is physically bound to the PUF in an inseparable way. CPUFs enable certified execution, where a certificate is produced that proves that a specific computation was carried out on a specific processor In particular, an integrated circuit containing a CPUF can be authenticated using Challenge-Response Pairs (CRPs). The invention provides a mechanism to generate a shared secret between different security programs running on a CPUF.
摘要翻译: 物理随机函数(PUF)是易于评估但难以表征的函数。 受控的物理随机函数(CPUF)是只能通过以不可分割的方式物理地绑定到PUF的安全算法控制的安全程序来访问的PUF。 CPUFs启用认证执行,其中产生证明在特定处理器上执行特定计算的证书。特别地,可以使用挑战响应对(CRP)认证包含CPUF的集成电路。 本发明提供了一种在CPUF上运行的不同安全程序之间生成共享秘密的机制。
-
公开(公告)号:US08621649B1
公开(公告)日:2013-12-31
申请号:US13077153
申请日:2011-03-31
IPC分类号: H04L29/06
CPC分类号: H04L29/06 , G06F21/60 , G06F2221/2149 , H04L63/102
摘要: A technique provides a security-sensitive environment. The technique involves establishing a first secure channel from a trusted server to a first data source DA. The technique further involves establishing a second secure channel from the trusted server to a second data source DB. The technique further involves, while the trusted server performs a set of collaborative operations in which the trusted server (i) accesses the first data source through the first secure channel (ii) accesses the second data source through the second secure channel, and (iii) generates a set of collaborative results based on information from the first and second data sources (i.e., the output of f(DA,DB)), running a set of security policy compliance operations in the trusted server to inhibit unauthorized leakage of data in the set of collaborative results.
摘要翻译: 技术提供了一个安全敏感的环境。 该技术涉及从可信服务器建立到第一数据源DA的第一安全通道。 该技术还涉及建立从可信服务器到第二数据源DB的第二安全通道。 该技术还涉及当可信服务器执行一组协作操作时,可信服务器(i)通过第一安全信道访问第一数据源(ii)通过第二安全信道访问第二数据源,并且(iii )基于来自第一和第二数据源(即,f(DA,DB)的输出)的信息生成一组协作结果,在可信服务器中运行一组安全策略合规性操作,以防止未经授权的数据泄漏 一套合作成果。
-
7.发明申请Polynomial-based multi-user key generation and authentication method and system 审中-公开基于多项式的多用户密钥生成和认证方法及系统公开(公告)号:US20050265550A1
公开(公告)日:2005-12-01
申请号:US10507190
申请日:2003-02-14
申请人: Pim Tuyls , Thomas Kevenaar , Geert Schrijen , Marten Van Dijk
发明人: Pim Tuyls , Thomas Kevenaar , Geert Schrijen , Marten Van Dijk
CPC分类号: H04L9/3273 , H04L9/085 , H04L9/321 , H04L9/3218 , H04L12/2805 , H04L2209/603
摘要: A method of generating a common secret between a first party and a second party, preferably devices (101-105) in a home network (100) that operate in accordance with a Digital Rights Management (DRM) framework. The devices calculate the common secret by evaluating the product of two polynomials P(x, y) and Q(x, z) using parameters previously distributed by a Trusted Third Party (TTP) and parameters obtained from the other party. Preferably the parties subsequently verify that the other party has generated the same secret using a zero-knowledge protocol or a commitment-based protocol. The method is particularly suitable for very low power devices such as Chip-In-Disc type devices.
摘要翻译: 优选地,在第一方和第二方之间生成公共秘密的方法,优选地根据数字版权管理(DRM)框架操作的归属网络(100)中的设备(101-105)。 这些设备通过使用先前由可信第三方(TTP)分发的参数和从对方获得的参数来评估两个多项式P(x,y)和Q(x,z)的乘积来计算公共秘密。 优选地,各方随后使用零知识协议或基于承诺的协议来验证对方已经生成了相同的秘密。 该方法特别适用于非常低功率的器件,例如片内盘式器件。
-
公开(公告)号:US09122878B1
公开(公告)日:2015-09-01
申请号:US13535834
申请日:2012-06-28
申请人: Samuel J. Curry , Marten Van Dijk
发明人: Samuel J. Curry , Marten Van Dijk
CPC分类号: G06F21/577 , G06F21/121
摘要: An improved technique for verifying a license of a software product includes performing license checks with a server and passing to the server, as part of the license checks, a drifting digital code. The drifting code forms a particular drift pattern, which the server detects over the course of multiple license checks. The drift pattern is typically unique, or relatively unique, to the machine on which the software product is run, and changes in a manner that is difficult for malicious users to replicate on other machines. If a second copy of the software is installed, e.g., if the software is pirated, the second copy will produce a drifting code that has its own drift pattern, which differs from that of the initial copy. The server detects the duplicate copy by observing a divergence in the codes it receives during license checks.
摘要翻译: 用于验证软件产品的许可证的改进技术包括:与服务器执行许可证检查,并作为许可证检查的一部分传递给服务器漂移的数字代码。 漂移代码形成特定的漂移模式,服务器在多个许可证检查过程中检测到。 漂移模式对于运行软件产品的机器通常是独特的或相对独特的,并且以恶意用户难以在其他机器上复制的方式进行更改。 如果安装了软件的第二副本,例如,如果软件被盗版,则第二副本将产生具有其自己的漂移模式的漂移代码,其与初始副本不同。 服务器通过观察许可证检查期间收到的代码的差异来检测副本。
-
公开(公告)号:US20060104449A1
公开(公告)日:2006-05-18
申请号:US10519068
申请日:2003-06-26
IPC分类号: H04L9/00
CPC分类号: G11B20/0021 , G11B20/00086 , G11B20/00275 , G11B20/00492 , G11B20/00876
摘要: The invention relates to a system for improved copy protection comprising a record carrier like a CD-RW+ or a DVD storing copy-protected information and a device for reading from and/or writing to the record carrier. For that the record carrier (1) has a first area (3) storing information (data), which is at least partly stored in encrypted form (EAK(data)), this part being called an asset (EAK(data)), and which includes a first part of decryption information (HCK, EDNK(HCK)), and the record carrier (1) further has a second area (4) storing a second part of decryption information (UCID), wherein both the first (HCK) and second (UCID) parts of decryption information serve in decrypting an asset (EAK(data)). Such distribution of decryption information over at least two areas of the record carrier may further be combined with additional safety mechanisms as e.g. hidden channels, encrypted keys, counter mechanisms, and revocation lists.
摘要翻译: 本发明涉及一种用于改进的复制保护的系统,其包括诸如CD-RW +的记录载体或存储复制保护的信息的DVD以及用于从记录载体读取和/或向记录载体进行写入的装置。 为此,记录载体(1)具有存储信息(数据)的第一区域(3),该区域至少部分地以加密形式存储(EAK(数据)),该部分被称为资产(EAK(data)), 并且其包括解密信息的第一部分(HCK,EDNK(HCK)),并且所述记录载体(1)还具有存储第二部分解密信息(UCID)的第二区域(4),其中,所述第一(HCK) )和解密信息的第二(UCID)部分用于解密资产(EAK(数据))。 在记录载体的至少两个区域上的解密信息的这种分配可以进一步与附加的安全机制组合,例如。 隐藏通道,加密密钥,计数器机制和撤销列表。
-
公开(公告)号:US20060050886A1
公开(公告)日:2006-03-09
申请号:US10528487
申请日:2003-08-11
申请人: Pim Tuyls , Marten Van Dijk , Berry Shoemakers
发明人: Pim Tuyls , Marten Van Dijk , Berry Shoemakers
IPC分类号: H04L9/00
CPC分类号: H04L9/0841 , H04L9/3073
摘要: A method for generating a common secret data item between a first user facility and a second user facility does so through by each facility executing mutually symmetric operations on respective complementary data items that are based on respectively unique quantities and that are at least in part secret. An outcome of the operations is used in both said user facilities as said common secret data item. In particular, the method is based on defining the complementary data belonging to a GAP Diffie-Hellmann Problem that is defined in an Abelian Variety. More in particular, the Abelian Variety has a dimension one through being an elliptic curve.
摘要翻译: 用于在第一用户设备和第二用户设备之间生成公共秘密数据项的方法通过每个设备对相应的补充数据项执行相互对称的操作,这些互补数据项基于分别唯一的量并且至少部分是秘密的。 所述操作的结果在所述用户设施中用作所述公共秘密数据项。 特别地,该方法基于定义属于Abelian Variety中定义的GAP Diffie-Hellmann问题的补充数据。 更具体地说,阿贝利品种通过椭圆曲线具有一维度。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.024 秒)
