公开(公告)号：US20200028693A1

公开(公告)日：2020-01-23

申请号：US16037789

申请日：2018-07-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan

IPC: H04L9/32 ,  G06F21/57 ,  H04L9/08 ,  H04L9/30 ,  G09C5/00

Abstract: A method for verifying a property of plaintext using ciphertext is disclosed. In an embodiment, a computing device may receive the ciphertext at a trusted execution environment (TEE) of the computing device. The TEE may decrypt the ciphertext to generate the plaintext using a private encryption key of an encryption key pair. The encryption key pair comprises a public encryption key and the private encryption key. The TEE may generate a digitally signed validation result by encrypting the validation result using a private signing key of a signing key pair. The signed key pair comprises a public signing key and the private signing key. The private key is retrieved from secure memory of the computing device, and the secure memory may only be accessible by the TEE. The computing device may then transmit the digitally signed validation result.

公开(公告)号：US11303777B2

公开(公告)日：2022-04-12

申请号：US16986948

申请日：2020-08-06

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Teng Wu ,  Alan Pak-Lun Ho ,  Thomas Daniel Wallace ,  Mustafa Mohamad

IPC: H04N1/32 ,  G06T1/00

Abstract: The disclosed systems, structures, and methods are directed to a digital watermarking system comprising: a data separator configured to receive a digital data file and segregate the digital data file into a message component and a data component, in which the message component includes a message, and the data component includes a data file; a message pipeline configured to process the message; a data pipeline configured to process the data file; a watermark pipeline configured to embed the processed message file onto the processed data file; and an inverse process pipeline configured to inverse the process applied by the data pipeline while processing the data file and generate a watermarked data file.

公开(公告)号：US10567165B2

公开(公告)日：2020-02-18

申请号：US15711797

申请日：2017-09-21

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan ,  Lionel Lianhong Zhang

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/14 ,  H04L9/30

Abstract: A method for securely receiving a cipher key from a key provider to a key requester is provided. The method includes generating a session key shared between the key requester and the key provider, determining at least one key in accordance with the session key. The method also includes transmitting a request from the key requester to the key provider, and receiving a response from the key provider, where the response comprises an encrypted payload and an authentication tag. The method also includes authenticating the response and decrypting the encrypted payload using the at least one key to obtain the cipher key.

公开(公告)号：US11546146B2

公开(公告)日：2023-01-03

申请号：US17063232

申请日：2020-10-05

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Kassem Hassan Kalach ,  Ali Abbassi ,  Teng Wu

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/06

Abstract: An encoder encrypts a message by generating a nonce, using a first encryption key to encode the nonce, splitting the message into a first part and a second part, using the first encryption key and the encoded nonce to encrypt the first part of the message into a first ciphered part, using a second encryption key, the encoded nonce and the first ciphered part to generate an initialization vector, using the first encryption key and the initialization vector to encrypt the second part of the message into a second ciphered part, and generating a ciphertext comprising the first ciphered part, the second ciphered part, the initialization vector and the nonce. A decoder uses a reverse process to decrypt the message. The decryption comprises generating a copy of the initialization vector, which is compared to the initialization vector in order to verify that the message is properly decrypted.

公开(公告)号：US11336641B2

公开(公告)日：2022-05-17

申请号：US16830857

申请日：2020-03-26

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan ,  Stephen Sui Luen Li ,  Wei Xiong ,  Zhongyuan Zheng ,  Tao Hu

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/08 ,  H04L9/32

Abstract: The present disclosure is drawn to systems and methods for implementing authentication protocols based on trusted execution environments. Each of a principal device, an identity provider server and a service provider server are associated with a respective trusted execution environment. Authentication protocols are provided for registering the principal device to the identity provider server; authenticating the principal device to the identity provider server; and authenticating the principal device to a service provider server.

公开(公告)号：US12160505B2

公开(公告)日：2024-12-03

申请号：US17558299

申请日：2021-12-21

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Mohamed Tolba ,  Ahmed Abdelkhalek ,  Teng Wu

IPC: H04L9/08 ,  H04L12/18

Abstract: A method of organizing an end-to-end encrypted online meeting for a group of members including a creator. The method includes: maintaining, by each member in the online meeting including the creator, a group tree from which is derivable a group key required for communication between members in the online meeting; accessing, by the creator, a key package associated with a member of the group; adding to the online meeting, by the creator and based on the key package, the member associated with the key package; updating, by the creator, the group tree maintained by the creator; generating, by the creator and based on the updated group tree, one or more encrypted secret keys required for deriving the group key; and transmitting, by the creator and via a server, the updated group tree and the one or more encrypted secret keys to each other member in the online meeting.

公开(公告)号：US11888824B2

公开(公告)日：2024-01-30

申请号：US17566841

申请日：2021-12-31

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Mohamed Tolba ,  Ahmed Abdelkhalek ,  Teng Wu

IPC: H04L9/40

CPC classification number: H04L63/04

Abstract: An end-to-end group messaging method or apparatus organizes a plurality of local groups of members into local-group (LG) trees and a public-group (PG) tree. Each tree has a plurality of nodes including a root node connecting to a plurality of leaf nodes. Each LG tree corresponds to a local group. Each member of a local group is associated with a leaf node of the corresponding LG tree. Each LG tree is associated with a leaf node of the PG tree. Members of a same local group may establish communication therebetween by using a group key associated with the root node of the LG tree of the local group. Members of all local groups may establish communication therebetween by using a group key associated with the root node of the PG tree.

公开(公告)号：US20190089530A1

公开(公告)日：2019-03-21

申请号：US15711797

申请日：2017-09-21

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan ,  Lionel Lianhong Zhang

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/30 ,  H04L9/32

Abstract: A method for securely receiving a cipher key from a key provider to a key requester is provided. The method includes generating a session key shared between the key requester and the key provider, determining at least one key in accordance with the session key. The method also includes transmitting a request from the key requester to the key provider, and receiving a response from the key provider, where the response comprises an encrypted payload and an authentication tag. The method also includes authenticating the response and decrypting the encrypted payload using the at least one key to obtain the cipher key.

公开(公告)号：US11838424B2

公开(公告)日：2023-12-05

申请号：US17319732

申请日：2021-05-13

Applicant: HUAWEI TECHNOLOGIES CO., LTD.

Inventor： Kassem Kalach ,  Ali Abbassi ,  Teng Wu

IPC: H04L29/06 ,  G06F21/00 ,  H04L9/32 ,  H04L9/06 ,  H04L9/08

CPC classification number: H04L9/3242 ,  H04L9/0631 ,  H04L9/0637 ,  H04L9/0643 ,  H04L9/0656 ,  H04L9/0861

Abstract: A module has a processor for executing an encryption process to encrypt a message to a cipher-text with authentication. The encryption process includes generating a tag from a secret message authentication code (MAC) key, a nonce, a message, and optionally an additional data using a Poly1305 function, generating a pseudorandom initialization vector (IV) from a secret encryption key and the tag using a first encryption function, and generating a cipher-text from the secret encryption key, the generated IV, and the message using a second encryption function. The module or a similar module may execute a corresponding decryption process to decrypt the cipher-text to a decrypted message and verify the authenticity of the cipher-text. At least one of the first and second encryption functions may be an Advanced Encryption Standard (AES) encryption function such as an AES-CTR encryption function, an AES-like encryption function, and/or other suitable encryption functions.

公开(公告)号：US11223485B2

公开(公告)日：2022-01-11

申请号：US16037789

申请日：2018-07-17

Applicant: Huawei Technologies Co., Ltd.

Inventor： Teng Wu ,  Yin Tan

IPC: H04L9/32 ,  G06F21/57 ,  H04L9/08 ,  H04L9/30 ,  G09C5/00 ,  H04L9/14 ,  H04L9/00

Abstract: A method for verifying a property of plaintext using ciphertext is disclosed. In an embodiment, a computing device may receive the ciphertext at a trusted execution environment (TEE) of the computing device. The TEE may decrypt the ciphertext to generate the plaintext using a private encryption key of an encryption key pair. The encryption key pair comprises a public encryption key and the private encryption key. The TEE may generate a digitally signed validation result by encrypting the validation result using a private signing key of a signing key pair. The signing key pair comprises a public signing key and the private signing key. The private key is retrieved from secure memory of the computing device, and the secure memory may only be accessible by the TEE. The computing device may then transmit the digitally signed validation result.