-
1.发明申请公开(公告)号:US20090235352A1
公开(公告)日:2009-09-17
申请号:US11721157
申请日:2005-12-02
申请人: Geert Jan Schrijen , Lutz Pape
发明人: Geert Jan Schrijen , Lutz Pape
CPC分类号: G07F7/1008 , G06Q20/3552
摘要: In order to provide a management system (100) as well as a method for managing at least one installation right (40a) to install at least one application (46, 42) on a smart card (300), in particular on a multi-application smart card, wherein it is possible that at least one first party or first unit (10) controlling the application(s), in particular on the smart card (300), in particular the smart card issuer, is able to transfer (44) this control to at least one second party or second unit (20), it is proposed that the management system (100) is designed to manage said installation right (40a), in particular on the smart card (300), insofar as the role of authorizing (22) at least one third party or third unit (30), in particular at least one third party application provider, to exert said installation right (40a), in particular to install its application (42) on the smart card (300), can be transferred (44) from at least one first party or first unit (10), in particular from the issuer of the smart card (300), to at least one second party or second unit (20).
摘要翻译: 为了提供管理系统(100)以及用于管理至少一个安装权限(40a)的方法,以在智能卡(300)上安装至少一个应用程序(46,42) 应用智能卡,其中可能的是,控制所述应用,特别是智能卡(300)上的至少一个第一方或第一单元(10)特别是智能卡发行者能够传送(44 )该控制到至少一个第二方或第二单元(20),建议管理系统(100)被设计成管理所述安装权(40a),特别是在智能卡(300)上,只要 授权(22)至少一个第三方或第三单位(30),特别是至少一个第三方应用提供商施加所述安装权(40a)的作用,特别是将其应用程序(42)安装在智能卡上 (300)可以从至少一个第一方或第一单元(10)转移(44),特别是从发行 (300)的至少一个第二方或第二单元(20)。
-
公开(公告)号:US09009308B2
公开(公告)日:2015-04-14
申请号:US10565663
申请日:2004-07-14
CPC分类号: H04L63/0823 , G06F21/10 , G06F21/31 , G06F2221/0706 , G06F2221/2129 , G11B20/00086 , G11B20/00731 , G11B20/00855 , H04L63/0428 , H04L63/10 , H04L63/101 , H04L2463/101
摘要: This invention relates to a system and a method of generating an Authorized Domain (AD) by selecting a domain identifier, and binding at least one person (P1, P, PN1), at least one device (D1, D2, . . . , DM), and at least one content item (C1, C2, . . . , CNZ) to the Authorized Domain (AD) given by the domain identifier (Domain ID). Hereby, a number of verified devices (D1, D2, . . . , DM) and a number of verified persons (P1, P2, . . . , PN1) that is authorized to access a content item of the Authorized Domain (100) is obtained. In this way, access to a content item of an authorized domain by a person operating a device is obtained either by verifying that the content item and the person are linked to the same domain or by verifying that the device and the content item are linked to the same domain. Thereby, enhanced flexibility for one or more persons when accessing content in an authorized domain is obtained while security of the content is still maintaining. This is further done in a simple, secure and reliable way.
摘要翻译: 本发明涉及通过选择域标识符并绑定至少一个人(P1,P,PN1)至少一个设备(D1,D2,...,...)来产生授权域(AD)的系统和方法, DM)以及由域标识符(Domain ID)给出的至少一个内容项(C1,C2,...,CNZ)到授权域(AD)。 因此,被授权访问授权域(100)的内容项目的多个经验证的设备(D1,D2,...,DM)和许多经验证的人(P1,P2,...,PN1) 获得。 以这种方式,通过验证内容项目和人被链接到相同的域,或者通过验证设备和内容项目被链接到,获得由操作设备的人访问授权域的内容项目 同一个域 因此,在内容的安全性仍然保持的同时获得访问授权域中的内容时一个或多个人的增强的灵活性。 这进一步以简单,安全和可靠的方式完成。
-
公开(公告)号:US08856533B2
公开(公告)日:2014-10-07
申请号:US12066674
申请日:2006-09-06
IPC分类号: H04L9/00 , H04L9/32 , G06F11/30 , G06F17/30 , G06F21/60 , G06F21/72 , G06F21/86 , H04L9/14 , H04L9/08
CPC分类号: G06F21/86 , G06F21/60 , G06F21/72 , G06F2221/2121 , G06F2221/2143 , G09C1/00 , H04L9/0861 , H04L9/14 , H04L9/3218 , H04L9/3278 , H04L2209/805
摘要: This invention relates to physical uncloneable function (PUF) devices for determining authenticity of an item, systems for determining authenticity of a physical item, and methods for determining authenticity of an item. A PUF pattern of the PUF device is damaged when using the item for the first time.
摘要翻译: 本发明涉及用于确定物品的真实性的物理不可克隆功能(PUF)装置,用于确定物理物品的真实性的系统以及用于确定物品的真实性的方法。 PUF设备的PUF图案首次使用时会损坏。
-
公开(公告)号:US20140040338A1
公开(公告)日:2014-02-06
申请号:US14110009
申请日:2012-04-05
IPC分类号: G06F7/58
CPC分类号: G06F7/588 , H04L9/0866
摘要: A random number generating system for generating a sequence of random numbers comprising a memory, the memory being writable, volatile and configured such that the memory contains an at least partially random memory content upon each powering-up of the memory, an instantiating unit configured for seeding the random number generating system with a seed dependent upon the at least partially random memory content, the sequence of random numbers being generated in dependence upon the seed, and an over-writing unit configured for over-writing at least part of the memory with random numbers generated by the random number generating system in dependence upon the seed.
摘要翻译: 一种用于产生随机数序列的随机数生成系统,包括存储器,所述存储器是可写入的,易失性的并且被配置为使得所述存储器在每次上电存储器时包含至少部分随机的存储器内容,所述实例单元被配置为 根据所述至少部分随机存储器内容种子具有种子的随机数生成系统,所述随机数序列依赖于所述种子生成;以及重写单元,被配置为用于将所述至少部分所述存储器重写, 由随机数生成系统根据种子生成的随机数。
-
公开(公告)号:US08645694B2
公开(公告)日:2014-02-04
申请号:US11575786
申请日:2005-09-27
IPC分类号: H04L29/06
CPC分类号: H04L9/3273 , H04L9/083 , H04L9/0866 , H04L9/321 , H04L9/3234 , H04L9/3242 , H04L2209/56 , H04L2209/805
摘要: There is provided an authentication method for a system (10) comprising several devices (30). The method involves: a) providing each device (30) with an identity value (pi: i=1, . . . , n) and a polynomial (P) for generating a polynomial key; (b) including a verifier device (p1) and a prover device (P2)amongst said devices (30); (c) arranging for the prover device (p2) to notify its existence to the verifier device (P1); (d) arranging for the verifier device (pi) to challenge the prover device (p2) to encrypt a nonce using the prover (P2)device's polynomial (P) key and communicate the encrypted nonce as a response to the verifier device (p1); (e) arranging for the verifier device (p1) to receive the encrypted nonce as a further challenge from the prover device (pZ) and: (i ) encrypt the challenge using the polynomial keys generated from a set of stored device identities; or (ii) decrypt the challenge received using the set of polynomial keys; until said verifier device (p1) identifies an authentication match.
摘要翻译: 提供了一种用于包括若干设备(30)的系统(10)的认证方法。 该方法包括:a)向每个设备(30)提供用于生成多项式密钥的身份值(pi:i = 1,...,n)和多项式(P) (b)在所述装置(30)中包括验证装置(p1)和证明装置(P2); (c)安排验证器装置(p2)将其存在通知验证装置(P1); (d)使用验证器(P2)设备的多项式(P)密钥安排验证器设备(pi)挑战证明器设备(p2)加密随机数,并将加密的随机数作为对验证器设备(p1)的响应进行通信, ; (e)安排验证器装置(p1)从证明器装置(pZ)接收加密的随机数作为另外的挑战,并且:(i)使用从一组存储的装置标识产生的多项式密钥来加密挑战; 或(ii)使用该组多项式密钥解密接收到的挑战; 直到所述验证者设备(p1)识别认证匹配。
-
公开(公告)号:US09383969B2
公开(公告)日:2016-07-05
申请号:US14110009
申请日:2012-04-05
CPC分类号: G06F7/588 , H04L9/0866
摘要: A random number generating system for generating a sequence of random numbers comprising a memory, the memory being writable, volatile and configured such that the memory contains an at least partially random memory content upon each powering-up of the memory, an instantiating unit configured for seeding the random number generating system with a seed dependent upon the at least partially random memory content, the sequence of random numbers being generated in dependence upon the seed, and an over-writing unit configured for over-writing at least part of the memory with random numbers generated by the random number generating system in dependence upon the seed.
摘要翻译: 一种用于产生随机数序列的随机数生成系统,包括存储器,所述存储器是可写入的,易失性的并且被配置为使得所述存储器在每次上电存储器时包含至少部分随机的存储器内容,所述实例单元被配置为 根据所述至少部分随机存储器内容种子具有种子的随机数生成系统,所述随机数序列依赖于所述种子生成;以及重写单元,被配置为用于将所述至少部分所述存储器重写, 由随机数生成系统根据种子生成的随机数。
-
公开(公告)号:US08848477B2
公开(公告)日:2014-09-30
申请号:US13877656
申请日:2011-09-28
IPC分类号: G11C5/14
CPC分类号: G11C5/148 , G06F7/588 , G11C5/14 , G11C7/20 , G11C7/24 , H04L9/0866 , H04L9/3278
摘要: An electric physical unclonable function (PUF) (100) is provided comprising a semiconductor memory element (110) connectable to a PUF control means for reading content from the memory element and for deriving at least in part from said content a digital identifier, such as a secret key. Upon powering the memory element it settles into one of at least two different stable states. The particular stable state into which the memory element settles is dependent at least in part upon random physical characteristics of the memory element introduced during manufacture of the memory element. Settling of the memory element is further dependent upon a control input (112) of the memory element. The electric physical unclonable function comprises shielding means (142, 144) for shielding, during a time period including the power-up of the memory element and lasting at least until the settling of the memory element, the control input from receiving control signals upon which the particular stable state into which the memory element settles is dependent. In this way, the dependency of the memory element on its physical characteristics is improved, and dependency on possibly irreproducible control signals is reduced.
摘要翻译: 提供电物理不可克隆功能(PUF)(100),其包括可连接到PUF控制装置的半导体存储元件(110),用于从存储元件读取内容,并且至少部分地从所述内容导出数字标识符,诸如 秘密钥匙 在为存储器元件供电时,它稳定在至少两个不同的稳定状态之一中。 存储元件稳定的特定稳定状态至少部分地取决于在存储元件的制造期间引入的存储元件的随机物理特性。 存储器元件的稳定还取决于存储元件的控制输入(112)。 电物理不可克隆功能包括屏蔽装置(142,144),用于在包括存储元件的上电的持续时间期间屏蔽屏蔽装置,并持续至少直到存储元件的稳定,控制输入从其上接收控制信号 存储元件稳定的特定稳定状态是依赖的。 以这种方式,存储元件对其物理特性的依赖性得到改善,并且减少了可能不可再生的控制信号的依赖性。
-
8.发明授权公开(公告)号:US08694856B2
公开(公告)日:2014-04-08
申请号:US13390255
申请日:2010-08-06
申请人: Pim Theo Tuyls , Geert Jan Schrijen
发明人: Pim Theo Tuyls , Geert Jan Schrijen
IPC分类号: G11C29/00
CPC分类号: G06F21/73 , H04L9/002 , H04L9/0866 , H04L2209/805
摘要: Systems for generating an identifying response pattern comprising a memory (120) used as a physically unclonable function configured for generating a response pattern dependent on physical, at least partially random characteristics of said memory may be vulnerable to freezing attacks and to aging. A memory-overwriting device (110) configured for overwriting at least a first portion of the plurality of memory locations to obscure the response pattern in the memory avoids freezing attacks. An anti-degradation device (160) configured to write to each respective location of a second portion of the plurality of memory locations an inverse of a response previously read from the memory reduces the effects of aging.
摘要翻译: 用于生成识别响应模式的系统包括用作被配置用于生成依赖于所述存储器的物理,至少部分随机特性的响应模式的物理不可克隆功能的存储器(120),其易于受到冻结攻击和老化。 被配置为重写多个存储器位置的至少第一部分以遮蔽存储器中的响应模式的存储器重写设备(110)避免了冻结攻击。 一种抗劣化装置(160),被配置为写入多个存储器位置的第二部分的每个相应位置,先前从存储器读取的响应的反相减少了老化的影响。
-
9.发明申请公开(公告)号:US20120179952A1
公开(公告)日:2012-07-12
申请号:US13390255
申请日:2010-08-06
申请人: Pim Theo Tuyls , Geert Jan Schrijen
发明人: Pim Theo Tuyls , Geert Jan Schrijen
CPC分类号: G06F21/73 , H04L9/002 , H04L9/0866 , H04L2209/805
摘要: Systems for generating an identifying response pattern comprising a memory (120) used as a physically unclonable function configured for generating a response pattern dependent on physical, at least partially random characteristics of said memory may be vulnerable to freezing attacks and to aging. A memory-overwriting device (110) configured for overwriting at least a first portion of the plurality of memory locations to obscure the response pattern in the memory avoids freezing attacks. An anti-degradation device (160) configured to write to each respective location of a second portion of the plurality of memory locations an inverse of a response previously read from the memory reduces the effects of aging.
摘要翻译: 用于生成识别响应模式的系统包括用作被配置用于生成依赖于所述存储器的物理,至少部分随机特性的响应模式的物理不可克隆功能的存储器(120),其易于受到冻结攻击和老化。 被配置为重写多个存储器位置的至少第一部分以遮蔽存储器中的响应模式的存储器重写设备(110)避免了冻结攻击。 一种抗劣化装置(160),被配置为写入多个存储器位置的第二部分的每个相应位置,先前从存储器读取的响应的反相减少了老化的影响。
-
公开(公告)号:US20080222426A1
公开(公告)日:2008-09-11
申请号:US11815660
申请日:2006-01-26
申请人: Geert Jan Schrijen , Pim Theo Tuyls
发明人: Geert Jan Schrijen , Pim Theo Tuyls
IPC分类号: H04L9/32
CPC分类号: G07C9/00087
摘要: A security device comprising means for authenticating an entity using biometric data, characterized by means for alternatively authenticating the entity using a security code such as a personal identification number. Also a system configured to grant an authorization upon a successful authorization by the security device, in which the authorization granted after the authentication using the security code is restricted in scope compared to the authorization granted after the authentication using the biometric data.
摘要翻译: 一种安全装置,其包括用于使用生物特征数据认证实体的装置,其特征在于用于使用诸如个人识别号码的安全码替代地认证所述实体的装置。 还有一种被配置为在安全设备的成功授权之后授予授权的系统,其中使用安全码的认证之后授权的授权在与使用生物特征数据的认证之后授予的授权相比较的范围上被限制。
-
-
-
-
-
-
-
-
-
搜索结果
32 条记录 (耗时 0.022 秒)
