-
公开(公告)号:US07185362B2
公开(公告)日:2007-02-27
申请号:US10233188
申请日:2002-08-28
申请人: Philip Michael Hawkes , Raymond T. Hsu , Ramin Rezaiifar , Gregory G. Rose , Paul E. Bender , Jun Wang , Roy Franklin Quick, Jr. , Arungundram C. Mahendran , Parag A. Agashe
发明人: Philip Michael Hawkes , Raymond T. Hsu , Ramin Rezaiifar , Gregory G. Rose , Paul E. Bender , Jun Wang , Roy Franklin Quick, Jr. , Arungundram C. Mahendran , Parag A. Agashe
CPC分类号: H04L9/083 , G06F21/10 , H04L9/0822 , H04L9/0891 , H04L9/30 , H04L9/321 , H04L12/189 , H04L63/0428 , H04L63/045 , H04L63/062 , H04L63/065 , H04L63/08 , H04L63/104 , H04L63/164 , H04L2209/601 , H04L2209/80 , H04N7/1675 , H04N21/2347 , H04N21/26606 , H04N21/4405 , H04N21/4623 , H04N21/835 , H04W4/06 , H04W12/02 , H04W12/04 , H04W12/06
摘要: Method and apparatus for secure transmissions. Each user is provided a registration key. A long-time updated broadcast key is encrypted using the registration key and provided periodically to a user. A short-time updated key is encrypted using the broadcast key and provided periodically to a user. Broadcasts are then encrypted using the short-time key, wherein the user decrypts the broadcast message using the short-time key. One embodiment provides link layer content encryption. Another embodiment provides end-to-end encryption.
摘要翻译: 用于安全传输的方法和装置。 每个用户都被提供一个注册密钥。 使用注册密钥对长时间更新的广播密钥进行加密并且向用户周期性地提供。 使用广播密钥对短时更新密钥进行加密,并向用户定期提供。 然后使用短时间密钥对广播进行加密,其中用户使用短时间密钥解密广播消息。 一个实施例提供链路层内容加密。 另一个实施例提供端到端加密。
-
2.发明授权公开(公告)号:US06560338B1
公开(公告)日:2003-05-06
申请号:US09246366
申请日:1999-02-08
IPC分类号: H04L922
CPC分类号: H04L9/0668 , H04L2209/12 , H04L2209/20
摘要: A method and an apparatus for generating encryption stream ciphers are based on a recurrence relation designed to operate over finite fields larger than GF(2). A non-linear output can be obtained by using one or a combination of non-linear processes to form an output function. The recurrence relation and the output function can be selected to have distinct pair distances such that, as the shift register is shifted, no identical pair of elements of the shift register are used twice in either the recurrence relation or the output function. Under these conditions, the recurrence relation and the output function also can be chosen to optimize cryptographic security or computational efficiency. Moreover, it is another object of the present invention to provide a method of assuring that the delay that results for the encryption process does not exceed predetermined bounds. To this end the ciphering delay is measured and if the estimated delay exceeds a predetermined threshold a second ciphering method is employed to limit the accumulated delay of the ciphering operation.
摘要翻译: 用于产生加密流密码的方法和装置基于设计成在大于GF(2)的有限域上操作的递归关系。 可以通过使用非线性处理中的一个或组合来形成非线性输出来形成输出函数。 递归关系和输出函数可以被选择为具有不同的对距离,使得当移位寄存器被移位时,移位寄存器的相同元素对在递归关系或输出函数中不被使用两次。 在这些条件下,可以选择递归关系和输出函数来优化加密安全性或计算效率。 此外,本发明的另一个目的是提供一种确保加密过程导致的延迟不超过预定范围的方法。 为此,测量加密延迟,并且如果估计延迟超过预定阈值,则采用第二加密方法来限制加密操作的累积延迟。
-
3.发明授权公开(公告)号:US07428305B1
公开(公告)日:2008-09-23
申请号:US09563648
申请日:2000-05-02
CPC分类号: H04L9/3033 , H04L9/0625 , H04L9/0643 , H04L9/3073 , H04L9/3242 , H04L2209/24 , H04L2209/80
摘要: A method for constructing keyed integer permutations over the set ZN. where N can be factored into p and q, or N can be prime. N bits are permuted by deriving a keyed permutation of representative indices. When N is factorable into p and q, the set of indices are divided into two portions. The portions undergo iterative processing called “rounds,” and in each round, a first half-round function operates on the first portion to form a first half-round value; the first half-round value and the second portion are added together by a modulo-p adder to form a first output value; a second half-round function operates on the second portion to form a second half-round value; and the second half-round value and the first portion are added together by a modulo-q adder to form a second output value. In this manner, outputs of the rounds are reordered.If N is prime and not less than 13, then N is separated into composite values s and t, and two sets are formed with s and t elements, respectively. Each set is then permuted using the method for when N is not prime. At the end of each round, the two blocks are combined using a mixing operation.
摘要翻译: 一种用于在集合Z N N上构造键控整数排列的方法。 其中N可以被分解成p和q,或者N可以是素数。 通过导出代表性索引的密钥排列来排列N位。 当N因素分解为p和q时,该组索引被分成两部分。 这些部分进行称为“轮”的迭代处理,并且在每一轮中,第一半圆函数在第一部分上操作以形成第一半圆值; 第一半值和第二部分通过模p加法器相加在一起以形成第一输出值; 第二半圆函数在第二部分上操作以形成第二半圆值; 并且第二半值和第一部分由模q加法器相加在一起以形成第二输出值。 以这种方式,循环的输出被重新排序。 如果N是素数并且不小于13,则N被分离成复合值s和t,并且两个组分别由s和t个元素形成。 然后使用N不为素数时的方法将每个集合置换。 在每轮结束时,使用混合操作组合两个块。
-
公开(公告)号:US07515713B2
公开(公告)日:2009-04-07
申请号:US10021874
申请日:2001-12-17
摘要: In a disclosed embodiment, a visitor location register first initializes an assignment table to store N entries. Next, the visitor location register waits until a TMSI assignment is needed. Then, a counter is maintained in memory and is incremented. The value of the counter is then hashed to produce an assignment table index. Beginning at the assignment table index, the assignment table is searched for an available entry. The counter is then encrypted to produce a TMSI. The IMSI corresponding to the TMSI assignment is then stored in the assignment table.
摘要翻译: 在公开的实施例中,访问者位置寄存器首先初始化分配表以存储N个条目。 接下来,访问者位置寄存器等待,直到需要TMSI分配。 然后,计数器保持在存储器中并递增。 然后将计数器的值进行哈希处理,以生成赋值表索引。 从分配表索引开始,将分配表搜索可用条目。 然后将计数器加密以产生TMSI。 然后将对应于TMSI分配的IMSI存储在分配表中。
-
公开(公告)号:US07251730B2
公开(公告)日:2007-07-31
申请号:US10077365
申请日:2002-02-15
IPC分类号: H04L9/00
CPC分类号: G07F7/1008 , G06Q20/341 , G06Q20/346 , G06Q20/3823 , G06Q20/3825 , G06Q20/4014 , G06Q20/40975 , G07F7/1016 , G07F7/1025 , H04L9/32 , H04L9/3226 , H04L9/3247 , H04L2209/80 , H04W12/06 , H04W12/10
摘要: An apparatus and method for authentication having a processor and at least one activator coupled to the processor is claimed. A signature generator is coupled to the processor and capable of generating a secure identifier. An emitter coupled to the signal generator capable of emitting the secure identifier. A receiver receives the emitted secure identifier and verifies that the secure identifier was appropriately transmitted. The public key corresponding to the key identifier transmitted is accessed to determine the validity of the secure identifier using the accessed key and that the time indicated in the received secure identifier is verified to be within acceptable time tolerances.
摘要翻译: 要求具有处理器和耦合到处理器的至少一个激活器的认证装置和方法。 签名生成器耦合到处理器并且能够生成安全标识符。 耦合到能够发出安全标识符的信号发生器的发射器。 接收器接收发射的安全标识符,并验证安全标识符是否被适当地发送。 访问与发送的密钥标识符相对应的公共密钥,以使用所访问的密钥来确定安全标识符的有效性,并且验证所接收到的安全标识符中指示的时间在可接受的时间公差内。
-
公开(公告)号:USRE39177E1
公开(公告)日:2006-07-11
申请号:US10302541
申请日:2002-11-21
IPC分类号: H04Q7/20
摘要: A method and apparatus for providing soft handoff in a mobile communication system. In current systems is that the members of active set are determined in accordance with comparisons of measured pilot energy with fixed thresholds. However, the value of providing a redundant communication link to a mobile station depends strongly on the energy of other signals being provided to the mobile station. In the present invention, the signal strengths of other base stations in communication with a mobile station are considered when determining whether adding a base to that set of base stations in communication with the remote station is of sufficient value to justify the impact on system capacity.
-
公开(公告)号:US06260147B1
公开(公告)日:2001-07-10
申请号:US09666735
申请日:2000-09-20
IPC分类号: H06F124
CPC分类号: H04W8/265 , H04L9/0844 , H04L63/0478 , H04L2209/80 , H04W12/02 , H04W12/04
摘要: A short Personal Identification Number (PIN) is used to transfer a subscription for wireless service to a new wireless terminal 104, thereby providing enhanced personal mobility to the subscriber. The transfer is rendered secure by the exchange of Diffie-Hellnan Encrypted Key Exchange (DH-EKE) messages 110, 114.
摘要翻译: 短的个人识别码(PIN)用于将无线服务的订阅转移到新的无线终端104,从而为用户提供增强的个人移动性。 通过交换Diffie-Hellnan加密密钥交换(DH-EKE)消息110,114来使传输变得安全。
-
8.发明授权Method and system for managing authentication and payment for use of broadcast material 有权用于管理广播资料使用认证和付款的方法和系统公开(公告)号:US07966662B2
公开(公告)日:2011-06-21
申请号:US11031507
申请日:2005-01-06
IPC分类号: H04L9/32
CPC分类号: G06F21/10 , H04L9/0822 , H04L9/083 , H04L9/321 , H04L12/189 , H04L63/0823 , H04L63/126 , H04L2209/60 , H04L2463/101
摘要: An authentication system is disclosed. The authentication system includes a content provider configured to distribute encrypted content, wherein the encrypted content is generated using a content key, and a client having a symmetric key and configured to store the encrypted content received from the content provider and issue a request to the content provider, wherein the request includes a cryptographic function configured to have the symmetric key and the encrypted content as input, wherein the content provider is further configured to verify the client via the request to ensure that the client has received the encrypted content.
摘要翻译: 公开了一种认证系统。 该认证系统包括内容提供器,其被配置为分发加密的内容,其中使用内容密钥生成加密的内容,以及具有对称密钥的客户端,并且被配置为存储从内容提供者接收的加密内容并向内容发出请求 提供者,其中所述请求包括被配置为具有所述对称密钥和所述加密内容作为输入的加密功能,其中所述内容提供商还被配置为经由所述请求来验证所述客户端以确保所述客户端已经接收到所述加密的内容。
-
9.发明授权公开(公告)号:US06665530B1
公开(公告)日:2003-12-16
申请号:US09238126
申请日:1999-01-27
IPC分类号: H04M166
CPC分类号: H04W12/12 , H04L63/0823 , H04W12/06 , H04W74/00
摘要: A method and apparatus for confirming the identity of a mobile station in a communication network. A mobile station transmits a security value to obtain access to the network. The system authenticates the mobile station prior to granting it access to the network. The system performs an additional procedure before granting access to the system if the security value sent by the mobile station matches a previously transmitted security value. Using this invention, the system prevents attempts of replay attacks by intruders.
摘要翻译: 一种在通信网络中确认移动站的身份的方法和装置。 移动台发送安全值以获得对网络的访问。 系统在授予移动台访问网络之前对其进行认证。 如果移动台发送的安全值与先前传输的安全值相匹配,系统将授予对系统的访问权限。 使用本发明,系统防止入侵者重播攻击的尝试。
-
公开(公告)号:US08195940B2
公开(公告)日:2012-06-05
申请号:US10406670
申请日:2003-04-02
IPC分类号: H04L9/32
CPC分类号: H04W12/04 , H04L9/0891 , H04L63/068 , H04L63/0892 , H04L2209/80 , H04W60/00 , H04W74/00 , H04W80/00 , H04W80/04
摘要: This disclosure describes a key update scheme for use in a mobile IP network. The update scheme may be implemented to facilitate key updates between a mobile device and a server computer that authenticates the mobile device. The techniques described herein can facilitate key updates in a manner that accounts for potential message loss during the update routine, mobile device failure during the update routine, or other problems typically encountered in a mobile network settings. In this manner, the techniques can provide a robust scheme for key updates and may improve network security.
摘要翻译: 本公开描述了在移动IP网络中使用的密钥更新方案。 可以实现更新方案以促进移动设备和认证移动设备的服务器计算机之间的密钥更新。 本文描述的技术可以以考虑更新例程中的潜在消息丢失,更新例程期间的移动设备故障或移动网络设置中通常遇到的其他问题的方式来促进密钥更新。 以这种方式,这些技术可以提供用于密钥更新的鲁棒方案并且可以提高网络安全性。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.017 秒)
