-
公开(公告)号:US09716585B2
公开(公告)日:2017-07-25
申请号:US15096372
申请日:2016-04-12
CPC分类号: H04L9/0618 , G06F21/6209 , H04L9/088
摘要: An aspect of cipher text translation includes a memory configured to store predetermined conditions for performing an encryption operation, and a processor communicatively coupled to the memory. The processor is configured to execute computer readable instructions. The computer readable instructions include determining through analysis of an inbound key and an outbound key of the encryption operation that the encryption operation includes a translation from a first class of encryption to a second class of encryption. The second class of encryption is determined to be weaker than the first class of encryption. The instructions also include applying the predetermined conditions to the input key and the output key and authorizing the translation via the processor, based on the applying, when aspects of the predetermined conditions are satisfied.
-
公开(公告)号:US20160373259A1
公开(公告)日:2016-12-22
申请号:US15260915
申请日:2016-09-09
CPC分类号: H04L9/3234 , G06F21/606 , H04L9/0819 , H04L63/0435 , H04L63/045 , H04L63/06 , H04L63/061 , H04L63/068 , H04L63/0853 , H04L63/0876 , H04L63/168 , H04L63/205 , H04L2463/062 , H04W12/04
摘要: A session key is negotiated to secure a user session executed in a host computer. An electronic hardware security module (HSM) located in the host computer generates a first session key. A smart card generates a second session key that matches the first session key. An encrypted copy of the second session key is communicated to an electronic host application module installed in the host computer. The electronic host application module decrypts the encrypted session key to obtain a copy of the session key such that the first and second session keys possessed by the smart card, the host application module and the HSM match one another.
摘要翻译: 会话密钥被协商以保护在主计算机中执行的用户会话。 位于主计算机中的电子硬件安全模块(HSM)生成第一个会话密钥。 智能卡生成与第一个会话密钥相匹配的第二个会话密钥。 将第二会话密钥的加密副本传送到安装在主计算机中的电子主机应用模块。 电子主机应用模块解密加密的会话密钥以获得会话密钥的副本,使得由智能卡,主机应用模块和HSM拥有的第一和第二会话密钥彼此匹配。
-
公开(公告)号:US20160321662A1
公开(公告)日:2016-11-03
申请号:US14698117
申请日:2015-04-28
CPC分类号: G06F21/62 , G06F21/6209 , G06F21/76 , G06Q20/341 , G06Q20/3552 , G06Q2220/00 , G09C1/00 , H04L9/0822 , H04L9/0877 , H04L9/14 , H04L2209/24
摘要: Customer content is securely loaded on a field programmable gate array (FPGA) located on a secure cryptography card. The customer content is loaded such that it may not be extracted. A customer obtains a secure cryptography card that includes a field programmable gate array and a master key generated by the secure cryptography card. The customer loads customer specific content on the field programmable gate array, wherein, based on the loading, the customer specific content is secure from extraction via the master key by at least entities other than the customer.
摘要翻译: 客户内容安全地加载在位于安全加密卡上的现场可编程门阵列(FPGA)上。 加载客户内容使其不会被提取。 客户获得包括现场可编程门阵列和由安全加密卡产生的主密钥的安全加密卡。 客户在现场可编程门阵列上加载客户特定的内容,其中,基于加载,客户特定的内容通过至少除客户之外的实体的主密钥从主密钥提取是安全的。
-
公开(公告)号:US20160171251A1
公开(公告)日:2016-06-16
申请号:US15062431
申请日:2016-03-07
发明人: Todd W. Arnold , Elizabeth A. Dames , Charles D. Helfenberger , Richard V. Kisley , Jimmie R. Mayfield, JR.
CPC分类号: G06F21/602 , G06F21/46 , G06F21/72 , G06F2221/2107 , H04L9/0861 , H04L9/14 , H04L2209/24
摘要: A method, computer program product, and system for selecting and generating a key to perform a cryptographic operation are described. The method includes receiving one or more inputs representing criteria for the key, the one or more inputs excluding an explicit identification of the key and one of the one or more inputs specifying the cryptographic operation; retrieving, from a memory device, information corresponding with the one or more inputs; selecting and generating the key based on the one or more inputs and the information; and performing the cryptographic operation using the key.
摘要翻译: 描述了用于选择和产生密钥以执行密码操作的方法,计算机程序产品和系统。 所述方法包括接收表示所述密钥的标准的一个或多个输入,所述一个或多个输入不包括所述密钥的显式标识以及指定所述密码操作的所述一个或多个输入之一; 从存储器设备检索与所述一个或多个输入相对应的信息; 基于所述一个或多个输入和所述信息来选择和生成所述密钥; 以及使用该密钥执行密码操作。
-
公开(公告)号:US09081971B2
公开(公告)日:2015-07-14
申请号:US13655041
申请日:2012-10-18
CPC分类号: G06F21/602 , G06F17/30011 , G06F2221/2107
摘要: A computer program product is provided and includes a tangible storage medium readable by a processing circuit and on which instructions are stored for execution by the processing circuit for performing a method. The method includes initially verifying a presence of parameters passed to a parameter database and that a selected group of the parameters are greater than or equal to zero, parsing optional block data to validate the optional block data, determine a length thereof and a number of optional blocks contained therein and proceeding with one of a secondary info-parsing and a secondary data-parsing operation with respect to the optional block data in accordance with content of the parameters passed to the parameter database.
摘要翻译: 提供了一种计算机程序产品,并且包括可由处理电路读取的有形存储介质,并且其上存储有用于执行方法的处理电路执行的指令。 该方法包括:初始验证传递给参数数据库的参数的存在,并且所选择的参数组大于或等于零,解析可选的块数据以验证可选的块数据,确定其长度和可选择的数量 其中包含其中并且根据传递给参数数据库的参数的内容进行关于可选块数据的辅助信息解析和辅助数据解析操作之一。
-
公开(公告)号:US08856520B2
公开(公告)日:2014-10-07
申请号:US13652032
申请日:2012-10-15
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
CPC分类号: H04L9/088 , H04L9/0897 , H04L2209/56
摘要: Secure key management includes populating a section of information associated with a key, the section of information being populated with information relating to a level of protection of the key accumulated over time. Secure key management further includes securely binding the section of information to the key, wherein the key is encrypted.
摘要翻译: 安全密钥管理包括填充与密钥相关联的一部分信息,该部分的信息被填充有与随时间累积的密钥的保护级别相关的信息。 安全密钥管理还包括将该部分信息安全地绑定到密钥,其中密钥被加密。
-
公开(公告)号:US08619992B2
公开(公告)日:2013-12-31
申请号:US13649768
申请日:2012-10-11
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
CPC分类号: H04L9/08 , H04L9/083 , H04L9/0877 , H04L9/30
摘要: Creating a secure key includes creating a token and populating a key control information section of the token with a value to indicate a minimum number of key parts used to form a key. Creating the secure key also includes populating a payload section of the token with a first key part, binding the key control information section to the payload section, adding a second key part to the first key part and iterating the value and binding the key control information section to the payload section after the second key part has been added. Creating the secure key further includes indicating the key is complete, wherein the key comprises a combination of the first and second key parts.
摘要翻译: 创建安全密钥包括创建一个令牌,并用一个值填充令牌的密钥控制信息部分,以指示用于形成密钥的关键部件的最小数量。 创建安全密钥还包括用第一密钥部分填充令牌的有效载荷部分,将密钥控制信息部分绑定到有效负载部分,向第一密钥部分添加第二密钥部分,并迭代该值并绑定密钥控制信息 在添加第二个关键部分之后的部分到有效载荷部分。 创建安全密钥还包括指示密钥是完整的,其中密钥包括第一和第二密钥部分的组合。
-
公开(公告)号:US20130073863A1
公开(公告)日:2013-03-21
申请号:US13676585
申请日:2012-11-14
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Clifford L. Hansen , Shelia M. Sittinger
IPC分类号: G06F21/00
CPC分类号: G06F21/46 , G06F21/31 , G06Q20/382 , G06Q20/4012 , G07F7/1016 , G07F7/1075 , G07F7/1091 , G07F19/211
摘要: A method that includes receiving, from a first entity having an input permission, a first data structure into a HSM, wherein the first data structure maps a first many-to-one mapping between a first and a second PIN numeral system. The method also includes determining whether the content of the first data structure is valid, storing the first data structure in the HSM if the first data structure is valid and marking the stored first data structure as inactive. The method further includes activating the first data structure if a second data structure is input into the HSM by a second entity having an activation permission, wherein the first entity is different from the second entity, the first data structure is identical to the second data structure. The method additionally includes converting from the first to the second PIN numeral system responsive to the activated first data structure.
摘要翻译: 一种方法,包括从具有输入许可的第一实体接收第一数据结构到HSM中的方法,其中所述第一数据结构映射第一和第二PIN数字系统之间的第一多对一映射。 该方法还包括确定第一数据结构的内容是否有效,如果第一数据结构有效并将所存储的第一数据结构标记为不活动,则将第一数据结构存储在HSM中。 该方法还包括:如果第二数据结构由具有激活许可的第二实体输入到HSM中,则激活第一数据结构,其中第一实体与第二实体不同,第一数据结构与第二数据结构相同 。 该方法还包括响应于激活的第一数据结构从第一PIN数字系统转换为第二PIN数字系统。
-
公开(公告)号:US20130039495A1
公开(公告)日:2013-02-14
申请号:US13652027
申请日:2012-10-15
发明人: Todd W. Arnold , Elizabeth A. Dames , Thomas J. Dewkett , Carsten D. Frehr , Michael J. Kelly , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rossman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: H04L9/0897
摘要: According to one embodiment, a method for implementing computer security is provided. The method includes creating a token and populating a payload section of the token with key material and selecting a wrapping method that specifies how the key material is securely bound to key control information, wherein a structure of the key control information in the token is independent of the wrapping method. The method also includes wrapping the key material and binding key control information to the key material in the token, wherein the key control information includes information relating to usage and management of the key material.
摘要翻译: 根据一个实施例,提供了一种用于实现计算机安全性的方法。 该方法包括使用密钥材料创建令牌并填充令牌的有效载荷部分,并且选择指定密钥材料如何安全地绑定到密钥控制信息的包装方法,其中令牌中的密钥控制信息的结构独立于 包装方法。 该方法还包括将密钥材料和密钥控制信息绑定到令牌中的密钥材料,其中密钥控制信息包括与密钥材料的使用和管理有关的信息。
-
公开(公告)号:US20130034228A1
公开(公告)日:2013-02-07
申请号:US13649768
申请日:2012-10-11
发明人: Todd W. Arnold , Elizabeth A. Dames , Carsten D. Frehr , Kenneth B. Kerr , Richard V. Kisley , Eric D. Rosman , Eric B. Smith
IPC分类号: H04L9/00
CPC分类号: H04L9/08 , H04L9/083 , H04L9/0877 , H04L9/30
摘要: Creating a secure key includes creating a token and populating a key control information section of the token with a value to indicate a minimum number of key parts used to form a key. Creating the secure key also includes populating a payload section of the token with a first key part, binding the key control information section to the payload section, adding a second key part to the first key part and iterating the value and binding the key control information section to the payload section after the second key part has been added. Creating the secure key further includes indicating the key is complete, wherein the key comprises a combination of the first and second key parts.
摘要翻译: 创建安全密钥包括创建一个令牌,并用一个值填充令牌的密钥控制信息部分,以指示用于形成密钥的关键部件的最小数量。 创建安全密钥还包括用第一密钥部分填充令牌的有效载荷部分,将密钥控制信息部分绑定到有效负载部分,向第一密钥部分添加第二密钥部分,并迭代该值并绑定密钥控制信息 在添加第二个关键部分之后的部分到有效载荷部分。 创建安全密钥还包括指示密钥是完整的,其中密钥包括第一和第二密钥部分的组合。
-
-
-
-
-
-
-
-
-
搜索结果
48 条记录 (耗时 0.025 秒)
