-
公开(公告)号:US5995625A
公开(公告)日:1999-11-30
申请号:US822732
申请日:1997-03-24
申请人: Frank W. Sudia , Alan Asay , Ernest F. Brickell , Richard Ankney , Peter C. Freund , Marcel M. Yung , David W. Kravitz
发明人: Frank W. Sudia , Alan Asay , Ernest F. Brickell , Richard Ankney , Peter C. Freund , Marcel M. Yung , David W. Kravitz
CPC分类号: G06F21/6209 , G06F2211/007 , G06F2211/008 , G06F2221/2115
摘要: A method of unwrapping wrapped digital data that is unusable while wrapped, includes obtaining an acceptance phrase from a user; deriving a cryptographic key from the acceptance phrase; and unwrapping the package of digital data using the derived cryptographic key. The acceptance phrase is a phrase entered by a user in response to information provided to the user. The information and the acceptance phrase can be in any appropriate language. The digital data includes, alone or in combination, any of: software, a cryptographic key, an identifying certificate, an authorizing certificate, a data element or field of an identifying or authorizing certificate, a data file representing an images, data representing text, numbers, audio, and video.
摘要翻译: 一种在包装时不能使用的打包数字数据的方法,包括从用户获取接受短语; 从接受短语导出加密密钥; 并使用导出的加密密钥解包数字数据包。 接受短语是用户响应于提供给用户的信息输入的短语。 信息和接受词可以是任何适当的语言。 数字数据单独或组合包括以下任何一种:软件,加密密钥,识别证书,授权证书,识别或授权证书的数据元素或字段,表示图像的数据文件,表示文本的数据, 数字,音频和视频。
-
2.发明授权
公开(公告)号:US5867578A
公开(公告)日:1999-02-02
申请号:US699579
申请日:1996-08-19
申请人: Ernest F. Brickell , Frank W. Sudia , David William Kravitz , Peter C. Freund , Patrick J. Angeles
发明人: Ernest F. Brickell , Frank W. Sudia , David William Kravitz , Peter C. Freund , Patrick J. Angeles
CPC分类号: G06F21/64 , G06F21/40 , G06Q20/02 , G06Q20/3829 , H04L9/085 , H04L9/3255 , H04L9/3265 , G06F7/725 , H04L2209/56
摘要: A multi-step digital signature system and method is provided having a distributed root certifying authority 20. Messages received at the root certifying authority 20 are distributed to root certifying authority members 22-30 who attach partial signatures to the message using root key fragments. In the system and method provided, the system adapts to system events such as the addition or removal of key fragment holders, the need to modify key fragments, etc., by changing key fragments.
摘要翻译: 提供了具有分布式根认证机构20的多步数字签名系统和方法。在根认证机构20处接收的消息被分发给使用根密钥片段将部分签名附加到消息的根认证机构成员22-30。 在提供的系统和方法中,系统通过改变密钥片段来适应系统事件,例如添加或删除关键片段所有者,需要修改密钥片段等。
-
公开(公告)号:US5832089A
公开(公告)日:1998-11-03
申请号:US474035
申请日:1995-06-07
CPC分类号: G06Q20/02 , G06Q20/06 , G06Q20/10 , G06Q20/3678 , G06Q20/383
摘要: An off-line electronic cash system having an electronic coin, a bank B, a payee S, and a user U with an account at the bank B as well as a user password z.sub.u,i, has a method for performing an electronic cash transfer. An electronic coin is withdrawn from the bank B by the user U and an electronic record of the electronic coin is stored by the bank B. The coin is paid to the payee S by the user U. The payee S deposits the coin with the bank B. A determination is made that the coin is spent and the record of the coin is deleted by the bank B. A further deposit of the same coin after the record is deleted is determined. Additionally, a determination is made which user U originally withdrew the coin after deleting the record. To perform these operations a key pair is generated by the user, including public and secret signature keys. The public signature key along with a user password z.sub.u,i and a withdrawal amount are sent to the bank B by the user U. In response, the bank B sends a coin to the user U signed by the secret key of the bankindicating the value of the coin and the public key of the user U. The payee S transmits a challenge counter to the user U prior to receiving the coin.
摘要翻译: 具有电子硬币的离线电子现金系统,银行B,收款人S以及在银行B具有帐户的用户U以及用户密码zu,i具有执行电子现金转移的方法 。 电子硬币由用户U从银行B中取出,电子硬币的电子记录由银行B存储。硬币由用户U支付给收款人S.收款人S向银行存放硬币 B.确定硬币已经用完,硬币的记录被银行B删除。确定删除记录之后的相同硬币的进一步存入。 此外,在删除记录之后,确定哪个用户U最初撤回硬币。 为了执行这些操作,用户生成密钥对,包括公钥和秘密签名密钥。 用户U将公共签名密钥以及用户密码zu,i和提款量发送到银行B.作为响应,银行B向由银行秘密密钥签名的用户U发送硬币,表示该值 硬币和用户U的公开密钥。收款人S在收到硬币之前向用户U发送询价计数器。
-
公开(公告)号:US20090323941A1
公开(公告)日:2009-12-31
申请号:US12165260
申请日:2008-06-30
IPC分类号: H04L9/00
CPC分类号: G06F21/53 , H04L9/0841 , H04L9/3263 , H04L2209/605
摘要: Methods and apparatus to provide a tamper-resistant environment for software are described. In some embodiments, procedures for verifying whether a software container is utilizing protected memory and is associated with a specific platform are described. Other embodiments are also described.
摘要翻译: 描述了为软件提供防篡改环境的方法和设备。 在一些实施例中,描述了用于验证软件容器是否正在利用受保护的存储器并且与特定平台相关联的过程。 还描述了其它实施例。
-
5.发明授权公开(公告)号:US07490070B2
公开(公告)日:2009-02-10
申请号:US10866252
申请日:2004-06-10
申请人: Ernest F. Brickell
发明人: Ernest F. Brickell
IPC分类号: G06F17/60
CPC分类号: H04L9/3221 , G06Q20/3674 , G06Q20/401 , H04L9/3013 , H04L9/3234 , H04L2209/42 , H04L2209/56
摘要: In some embodiments, a method and apparatus for proving the denial of a direct proof signature are described. In one embodiment, a trusted hardware device convinces a verifier that the trusted hardware device possesses cryptographic information without revealing unique, device identification information of the trusted hardware device or the cryptographic information. Once the verifier is convinced that the hardware device possesses the cryptographic information, the verifier may issue a denial of signature request to the trusted hardware device, including at least one compromised direct proof signature. In response, the trusted hardware device issues a denial of the compromised direct proof signature by proving to the verifier that a cryptographic key held by the trusted hardware device was not used to form the at least one compromised direct proof signature. Other embodiments are described and claims.
摘要翻译: 在一些实施例中,描述了用于证明拒绝直接证明签名的方法和装置。 在一个实施例中,可信硬件设备说服验证者信任的硬件设备拥有加密信息,而不会泄露可信硬件设备或加密信息的唯一的设备识别信息。 一旦验证者确信硬件设备具有加密信息,则验证者可以向可信硬件设备发出拒绝签名请求,包括至少一个受损的直接证明签名。 作为响应,可信硬件设备通过向验证者证明由可信硬件设备保存的加密密钥未被用于形成至少一个受损的直接证明签名,来发出对被破坏的直接证明签名的拒绝。 其他实施例被描述和权利要求。
-
6.发明授权公开(公告)号:US06411716B1
公开(公告)日:2002-06-25
申请号:US09219835
申请日:1998-12-23
申请人: Ernest F. Brickell
发明人: Ernest F. Brickell
IPC分类号: H04L930
CPC分类号: G06F21/64 , G06F7/725 , G06F21/40 , G06Q20/02 , G06Q20/3829 , H04L9/085 , H04L9/3255 , H04L9/3265 , H04L2209/56
摘要: A multi-step digital signature system and method is provided having a distributed root certifying authority 20. Messages received at the root certifying authority 20 are distributed to root certifying authority members 22-30 who attach partial signatures to the message using root key fragments. In the system and method provided, the system adapts to system events such as the addition or removal of key fragment holders, the need to modify key fragments, etc., by changing key fragments.
摘要翻译: 提供了具有分布式根认证机构20的多步数字签名系统和方法。在根认证机构20处接收的消息被分发给使用根密钥片段将部分签名附加到消息的根认证机构成员22-30。 在提供的系统和方法中,系统通过改变密钥片段来适应系统事件,例如添加或删除关键片段所有者,需要修改密钥片段等。
-
公开(公告)号:US08799656B2
公开(公告)日:2014-08-05
申请号:US12913708
申请日:2010-10-27
申请人: Ernest F. Brickell , Jiangtao Li , Jesse Walker
发明人: Ernest F. Brickell , Jiangtao Li , Jesse Walker
CPC分类号: H04L9/0844 , H04L9/0891 , H04L9/3255 , H04L9/3273 , H04L2209/42
摘要: Methods for anonymous authentication and key exchange are presented. In one embodiment, a method includes initiating a two-way mutual authentication between a device and a remote entity. The device remains anonymous to the remote entity after performing the authentication. The method also includes establishing a mutually shared session key for use in secure communication, wherein the initiating and the establishing are in conjunction with direct anonymous attestation (DAA).
摘要翻译: 提出匿名认证和密钥交换的方法。 在一个实施例中,一种方法包括启动设备和远程实体之间的双向相互认证。 执行身份验证后,设备对远程实体保持匿名。 该方法还包括建立用于安全通信的相互共享的会话密钥,其中启动和建立与直接匿名认证(DAA)结合。
-
8.发明授权Apparatus and method for enhanced revocation of direct proof and direct anonymous attestation 有权增强直接证明和直接匿名认证撤销的设备和方法公开(公告)号:US07844614B2
公开(公告)日:2010-11-30
申请号:US11948861
申请日:2007-11-30
申请人: Ernest F. Brickell , Jiangtao Li
发明人: Ernest F. Brickell , Jiangtao Li
IPC分类号: G06F17/30
CPC分类号: H04L9/3234 , G06F21/57 , H04L9/3013 , H04L9/3221 , H04L9/3247 , H04L2209/42 , H04L2209/56
摘要: In some embodiments, a method and apparatus for enhanced revocation of direct proof and direct anonymous attestation are described. In one embodiment a trusted hardware device verifies that membership of the device within a trusted membership group is not revoked according to a revocation list received with a challenge request from a verifier. Once such verification is performed, the device convinces the verifier of possessing cryptographic information without revealing unique, device identification information of the trusted hardware device or the cryptographic information. In one embodiment, the trusted hardware device computes a digital signature on a message received with the challenge request to the verifier if membership of the anonymous hardware device within a trusted membership group is verified. In one embodiment, the verifier authenticates the digital signature according to a public key of the trusted membership group to enable a trusted member device to remain anonymous to the verifier. Other embodiments are described and claimed.
摘要翻译: 在一些实施例中,描述了用于增强直接证明和直接匿名证明的撤销的方法和装置。 在一个实施例中,可信硬件设备根据从验证者接收到的询问请求的撤销列表来验证受信任的成员资格组内的设备的成员资格是否被撤销。 一旦执行了这种验证,该设备就说服验证者拥有加密信息,而不会泄露可信硬件设备或加密信息的唯一设备识别信息。 在一个实施例中,如果验证了可信任的成员资格组内的匿名硬件设备的成员资格,那么可信硬件设备将向接收到的询问请求的消息中的数字签名计算给验证者。 在一个实施例中,验证者根据受信任的成员资格群组的公开密钥对数字签名进行认证,以使受信任的成员设备对验证者保持匿名。 描述和要求保护其他实施例。
-
公开(公告)号:US20100169650A1
公开(公告)日:2010-07-01
申请号:US12347581
申请日:2008-12-31
申请人: Ernest F. Brickell , Jiangtao Li
发明人: Ernest F. Brickell , Jiangtao Li
CPC分类号: H04L9/0894 , H04L9/3066 , H04L2209/42
摘要: A storage minimization technique for direct anonymous attestation (DAA) keys is presented. In one embodiment, the method includes deriving a random portion of a (DAA) private key from a device's fuse key, computing a point on an elliptical curve from the derived random portion and a master private key, and storing only one coordinate of the point in fuses within the device. Other embodiments are described and claimed.
摘要翻译: 提出了一种用于直接匿名认证(DAA)密钥的存储最小化技术。 在一个实施例中,该方法包括从设备的熔丝键导出(DAA)私钥的随机部分,从导出的随机部分计算椭圆曲线上的点和主私钥,并且仅存储该点的一个坐标 在设备内的保险丝。 描述和要求保护其他实施例。
-
10.发明申请APPARATUS AND METHOD FOR DIRECT ANONYMOUS ATTESTATION FROM BILINEAR MAPS 有权从BILINEAR MAPS进行直接非正式测试的装置和方法公开(公告)号:US20080270786A1
公开(公告)日:2008-10-30
申请号:US11778804
申请日:2007-07-17
申请人: Ernest F. Brickell , Jiangtao Li
发明人: Ernest F. Brickell , Jiangtao Li
IPC分类号: H04L9/00
CPC分类号: H04L9/3073 , H04L9/3255 , H04L2209/42
摘要: A method and apparatus for direct anonymous attestation from bilinear maps. In one embodiment, the method includes the creation of a public/private key pair for a trusted membership group defined by an issuer; and assigning a unique secret signature key to at least one member device of the trusted membership group defined by the issuer. In one embodiment, using the assigned signature key, a member may assign a message received as an authentication request to prove membership within a trusted membership group. In one embodiment, a group digital signature of the member is verified using a public key of the trusted membership group. Accordingly, a verifier of the digital signature is able to authenticate that the member is an actual member of the trusted membership group without requiring of the disclosure of a unique identification information of the member or a private member key to maintain anonymity of trusted member devices. Other embodiments are described and claimed.
摘要翻译: 一种从双线性地图直接匿名认证的方法和装置。 在一个实施例中,该方法包括为由发行者定义的可信会员组创建公钥/私钥对; 以及将唯一的秘密签名密钥分配给由所述发行者定义的所述可信会员组的至少一个成员设备。 在一个实施例中,使用分配的签名密钥,成员可以分配作为认证请求接收的消息以证明可信任的成员资格组内的会员资格。 在一个实施例中,使用可信会员组的公钥来验证会员的组数字签名。 因此,数字签名的验证者能够认证成员是受信任的成员资格组的实际成员,而不需要披露成员或私人成员密钥的唯一标识信息来维护可信任成员设备的匿名性。 描述和要求保护其他实施例。
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.04 秒)
