-
公开(公告)号:US20050232415A1
公开(公告)日:2005-10-20
申请号:US11051560
申请日:2005-02-04
CPC分类号: G06F21/64 , G06F12/1408 , G06F21/72 , G06F21/79 , G06F21/85 , H04L9/0863 , H04L9/0869 , H04L9/0891 , H04L9/0894 , Y02D10/13
摘要: A system and method of creating and managing encryption keys in a data processing device generates subsequent encryption keys by combining the existing encryption key with an existing password and seed value. In the preferred embodiment, the initial encryption key is embedded during manufacture and is unknown to the user and manufacturer, thus ensuring that all subsequent encryption keys are derived from an unknown value. When a subsequent encryption key is generated, all data encrypted using the existing encryption key is decrypted using the existing encryption key and re-encrypted using the subsequent encryption key before the existing encryption key is overwritten. In a further aspect, during encryption/decryption the encryption key is combined with the sector address of the data to be encrypted/decrypted in order to generate a unique key for each sector of data to be encrypted/decrypted.
摘要翻译: 在数据处理设备中创建和管理加密密钥的系统和方法通过将现有加密密钥与现有密码和种子值组合来生成后续加密密钥。 在优选实施例中,初始加密密钥在制造期间被嵌入,并且对于用户和制造商来说是未知的,因此确保所有后续加密密钥都是从未知值导出的。 当生成随后的加密密钥时,使用现有加密密钥加密的所有数据使用现有的加密密钥进行解密,并且在覆盖现有加密密钥之前使用随后的加密密钥重新加密。 在另一方面,在加密/解密期间,将加密密钥与要加密/解密的数据的扇区地址组合,以便为每个要加密/解密的数据扇区生成唯一的密钥。
-
公开(公告)号:US20050193220A1
公开(公告)日:2005-09-01
申请号:US11049987
申请日:2005-02-04
申请人: Herbert Little , Jerrold Randell , Richard Madter , Ryan Hickey
发明人: Herbert Little , Jerrold Randell , Richard Madter , Ryan Hickey
CPC分类号: G06F21/79 , G06F11/3656 , G06F2221/2105
摘要: The present invention provides a secure JTAG interface to an application-specific integrated circuit (ASIC). In the preferred embodiment the invention operates through the combined efforts of a Security Module (SM) comprising a state machine that controls the security modes for the ASIC, and a Test Control Module (TCM) which contains the JTAG interface. The TCM operates in either a restricted mode or an unrestricted mode, depending on the state of the SM state machine. In a restricted mode, only limited access to memory content is permitted. In an unrestricted mode, full access to memory content is permitted.
摘要翻译: 本发明提供了一种用于专用集成电路(ASIC)的安全JTAG接口。 在优选实施例中,本发明通过包括控制ASIC的安全模式的状态机和包含JTAG接口的测试控制模块(TCM)的安全模块(SM)的组合进行操作。 根据SM状态机的状态,TCM以受限制模式或非限制模式运行。 在限制模式下,只允许对存储器内容的访问有限。 在无限制模式下,允许完全访问内存内容。
-
公开(公告)号:US20060112266A1
公开(公告)日:2006-05-25
申请号:US11046943
申请日:2005-02-01
申请人: Herbert Little , Ryan Hickey
发明人: Herbert Little , Ryan Hickey
IPC分类号: H04L9/00
CPC分类号: G06F21/575 , G06F12/1416 , G06F21/51
摘要: A method and device for authenticating software stored in non-volatile memory in a data processing device. The processor comprises an internal immutable memory, preferably a read only memory (ROM), and during the boot up procedure the software in external memory is authenticated using code that is stored in the internal ROM. The on-chip ROM is physically integrated with the processor itself, so the code stored in ROM can neither be tampered with nor replaced, and can therefore be assumed at all times to be authentic. Thus, in the method and device of the invention known good code is used to authenticate the untrusted code in external memory, so the integrity of the system is significantly improved.
摘要翻译: 一种用于认证存储在数据处理设备中的非易失性存储器中的软件的方法和设备。 处理器包括内部不可变存储器,优选只读存储器(ROM),并且在引导过程期间,外部存储器中的软件使用存储在内部ROM中的代码进行认证。 片上ROM与处理器本身物理集成在一起,因此存储在ROM中的代码既不能被篡改也不能更换,因此可以随时假设为真实的。 因此,在本发明的方法和装置中,已知的良好代码用于认证外部存储器中的不可信代码,因此系统的完整性得到显着改善。
-
公开(公告)号:US20130064363A2
公开(公告)日:2013-03-14
申请号:US13070226
申请日:2011-03-23
申请人: Herbert Little , Scott Vanstone , Daniel Brown , Matthew Campagna
发明人: Herbert Little , Scott Vanstone , Daniel Brown , Matthew Campagna
CPC分类号: H04L9/3066 , H04L9/3252 , H04L2209/38 , H04L2209/80
摘要: During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported to be signed by the signer, a verifier can extract the particular information from the signature component.
摘要翻译: 在生成消息的签名以产生签名消息时,签名者确定签名组件中的一个,从而可以从签名组件提取特定信息。 特定信息可以与签名者和要签名的消息中的一个或多个有关。 在收到签名者签名的签名信息后,验证者可以从签名组件中提取特定信息。
-
公开(公告)号:US20120160909A1
公开(公告)日:2012-06-28
申请号:US13409053
申请日:2012-02-29
申请人: Neil Adams , Herbert Little
发明人: Neil Adams , Herbert Little
IPC分类号: G06F17/00
CPC分类号: G06K7/0008 , G06K7/10297 , G06K17/0022
摘要: A smart card reader receives an Answer to Reset (ATR) from a smart card and transmits the ATR over a communication link to a computing device without waiting for an ATR request from the computing device. The computing device may cache the ATR and use it for subsequent communication sessions with the smart card.
摘要翻译: 智能卡读卡器从智能卡接收应答复位(ATR),并通过通信链路将ATR发送到计算设备,而不必等待来自计算设备的ATR请求。 计算设备可以缓存ATR并将其用于与智能卡的后续通信会话。
-
公开(公告)号:US20110126262A1
公开(公告)日:2011-05-26
申请号:US13017314
申请日:2011-01-31
申请人: Herbert Little , Michael S. Brown
发明人: Herbert Little , Michael S. Brown
IPC分类号: G06F21/00
CPC分类号: G06F21/46
摘要: Various embodiments are described for providing password approval on a device. The password approval includes getting the user password, generating at least one symbolically equivalent password and then comparing the at least one symbolically equivalent password with at least one specified forbidden password. The user password is disapproved if one of the symbolically equivalent passwords corresponds to the at least one forbidden password.
摘要翻译: 描述了用于在设备上提供密码批准的各种实施例。 密码批准包括获得用户密码,生成至少一个符号等效的密码,然后将至少一个符号等效的密码与至少一个指定的禁止密码进行比较。 如果符号相当的密码之一对应于至少一个禁止的密码,则用户密码被拒绝。
-
公开(公告)号:US20080046739A1
公开(公告)日:2008-02-21
申请号:US11464900
申请日:2006-08-16
申请人: Neil Adams , Herbert Little , Michael K. Brown
发明人: Neil Adams , Herbert Little , Michael K. Brown
IPC分类号: H04L9/00
CPC分类号: G07F7/1016 , G06F21/335 , G06F21/34 , G06Q20/341 , G06Q20/3827 , G07F7/084 , G07F7/1008
摘要: A certificate from a smart card is imported into a computerized device via a smart card reader. The computerized device calculates a hash of the imported certificate and stores the hash in memory. The hash may be stored in a region of the memory that is unaffected by upgrades to the device.
摘要翻译: 来自智能卡的证书通过智能卡读卡器导入计算机化设备。 计算机化设备计算导入的证书的哈希值,并将哈希存储在内存中。 散列可以存储在不受设备升级影响的存储器的区域中。
-
8.发明申请公开(公告)号:US20070260874A1
公开(公告)日:2007-11-08
申请号:US11417108
申请日:2006-05-04
申请人: Neil Adams , Herbert Little , Michael Brown , Michael Brown , Michael Kirkup
发明人: Neil Adams , Herbert Little , Michael Brown , Michael Brown , Michael Kirkup
IPC分类号: H04L9/00
CPC分类号: H04L51/38 , H04L9/3263 , H04L63/0823 , H04L2209/80 , H04W4/02 , H04W4/12 , H04W12/06
摘要: A system and method for processing certificates located in a certificate search. Certificates located in a certificate search are processed at a data server (e.g. a mobile data server) coupled to a computing device (e.g. a mobile device) to determine status data that can be used to indicate the status of those certificates to a user of the computing device, without having to download those certificates to the computing device in their entirety. The data server is further adapted to transmit the status data to the computing device. In one embodiment, at least one status property of the certificates is verified at the data server in determining the status data. In another embodiment, additional certificate data is determined and transmitted to the computing device, which can be used by the computing device to verify, at the computing device, at least one other status property of the certificates.
摘要翻译: 用于处理位于证书搜索中的证书的系统和方法。 位于证书搜索中的证书在耦合到计算设备(例如,移动设备)的数据服务器(例如移动数据服务器)处理,以确定可用于向用户指示这些证书的状态的状态数据 计算设备,而无需将这些证书全部下载到计算设备。 数据服务器还适于将状态数据发送到计算设备。 在一个实施例中,在确定状态数据时,在数据服务器处验证证书的至少一个状态属性。 在另一个实施例中,确定附加证书数据并将其发送到计算设备,计算设备可以由计算设备在计算设备处验证证书的至少一个其他状态属性。
-
9.发明申请System and method for management of plaintext data in a mobile data processing device 有权用于在移动数据处理设备中管理明文数据的系统和方法公开(公告)号:US20070055890A1
公开(公告)日:2007-03-08
申请号:US11221196
申请日:2005-09-06
申请人: Herbert Little , Anthony Scian
发明人: Herbert Little , Anthony Scian
IPC分类号: G06F12/14
CPC分类号: G06F21/78 , G06F21/6218 , G06F2221/2105
摘要: A handheld data processing device includes stored data that is intended to be kept secure from unauthorized access. The handheld data processing device includes applications that store such secure data and which make use of plain text data corresponding to the secure data. An identifier is defined to be associated with defined plain text data. When the handheld data processing device is placed in a locked or secure state, code executable on the device is able to search for plain text identifiers. Code executable on the device is consequently able to display to the user whether plain text data is stored on the device or not.
摘要翻译: 手持式数据处理装置包括旨在保持安全以防未经授权的存储的存储数据。 手持式数据处理装置包括存储这种安全数据并利用与安全数据对应的明文数据的应用程序。 标识符被定义为与定义的纯文本数据相关联。 当手持式数据处理设备处于锁定或安全状态时,可在设备上执行的代码能够搜索纯文本标识符。 因此,设备上的代码可执行文件能够向用户显示是否将明文数据存储在设备上。
-
10.发明申请公开(公告)号:US20070038820A1
公开(公告)日:2007-02-15
申请号:US11202786
申请日:2005-08-11
申请人: Michael Brown , Herbert Little , Michael Brown
发明人: Michael Brown , Herbert Little , Michael Brown
IPC分类号: G06F13/28
CPC分类号: G06F21/79 , G06F12/0802 , G06F12/1408
摘要: Increasing security for a hand-held data processing device with communication functionality where such a device includes an access-ordered memory cache relating to communications carried out by the device. The hand-held data processing device has a locked state that is entered by the device receiving or initiating a trigger. On occurrence of the trigger to enter the locked state the memory cache is reordered so as to disrupt the access-ordering of the cache to obscure device traffic information and thus increase the security of the device in the locked state.
摘要翻译: 提高具有通信功能的手持式数据处理设备的安全性,其中这样的设备包括与由设备执行的通信相关的访问有序的存储器高速缓存。 手持式数据处理装置具有被接收或发起触发的装置输入的锁定状态。 在发生触发器进入锁定状态时,存储器高速缓存被重新排序,以便中断高速缓存的访问排序以模糊设备交通信息,从而增加处于锁定状态的设备的安全性。
-
-
-
-
-
-
-
-
-
搜索结果
154 条记录 (耗时 0.029 秒)