-
公开(公告)号:US20120027214A1
公开(公告)日:2012-02-02
申请号:US13253591
申请日:2011-10-05
IPC分类号: H04L9/00
CPC分类号: H04L9/0866 , G06F21/10 , G06F21/556 , G06F21/72 , G06F2221/0797 , H04L9/0822 , H04L9/0897 , H04L9/321 , H04L63/0428 , H04L63/06 , H04L63/10 , H04L2209/605 , H04L2463/101
摘要: An LSI includes a first decryptor which receives first encrypted key data, and decrypts the first encrypted key data using a first cryptographic key, thereby generating first decrypted key data, a second cryptographic key generator which generates a second cryptographic key based on a second ID, a second encryptor which encrypts the first decrypted key data using the second cryptographic key, thereby generating second encrypted key data, and a second decryptor which decrypts the second encrypted key data using the second cryptographic key, thereby generating second decrypted key data. At a time of key setting, the second encryptor stores the second encrypted key data in a storage unit. At a time of key usage, the second decryptor reads the second encrypted key data from the storage unit.
摘要翻译: LSI包括:第一解密器,其接收第一加密密钥数据,并使用第一加密密钥对第一加密密钥数据进行解密,从而生成第一解密密钥数据;第二加密密钥生成器,其基于第二ID生成第二加密密钥; 第二加密器,其使用所述第二加密密钥对所述第一解密密钥数据进行加密,从而生成第二加密密钥数据;以及第二解密器,其使用所述第二加密密钥对所述第二加密密钥数据进行解密,从而生成第二解密密钥数据。 在密钥设置时,第二加密器将第二加密密钥数据存储在存储单元中。 在密钥使用时,第二解密器从存储单元读取第二加密密钥数据。
-
公开(公告)号:US08787582B2
公开(公告)日:2014-07-22
申请号:US13253591
申请日:2011-10-05
IPC分类号: H04L9/08
CPC分类号: H04L9/0866 , G06F21/10 , G06F21/556 , G06F21/72 , G06F2221/0797 , H04L9/0822 , H04L9/0897 , H04L9/321 , H04L63/0428 , H04L63/06 , H04L63/10 , H04L2209/605 , H04L2463/101
摘要: An LSI includes a first decryptor which receives first encrypted key data, and decrypts the first encrypted key data using a first cryptographic key, thereby generating first decrypted key data, a second cryptographic key generator which generates a second cryptographic key based on a second ID, a second encryptor which encrypts the first decrypted key data using the second cryptographic key, thereby generating second encrypted key data, and a second decryptor which decrypts the second encrypted key data using the second cryptographic key, thereby generating second decrypted key data. At a time of key setting, the second encryptor stores the second encrypted key data in a storage unit. At a time of key usage, the second decryptor reads the second encrypted key data from the storage unit.
摘要翻译: LSI包括:第一解密器,其接收第一加密密钥数据,并使用第一加密密钥对第一加密密钥数据进行解密,从而生成第一解密密钥数据;第二加密密钥生成器,其基于第二ID生成第二加密密钥; 第二加密器,其使用所述第二加密密钥对所述第一解密密钥数据进行加密,从而生成第二加密密钥数据;以及第二解密器,其使用所述第二加密密钥对所述第二加密密钥数据进行解密,从而生成第二解密密钥数据。 在密钥设置时,第二加密器将第二加密密钥数据存储在存储单元中。 在密钥使用时,第二解密器从存储单元读取第二加密密钥数据。
-
3.发明申请COMMUNICATION CARD, CONFIDENTIAL INFORMATION PROCESSING SYSTEM, AND CONFIDENTIAL INFORMATION TRANSFER METHOD AND PROGRAM 审中-公开通信卡,保密信息处理系统和机密信息传输方法和程序公开(公告)号:US20070015589A1
公开(公告)日:2007-01-18
申请号:US11456665
申请日:2006-07-11
申请人: Kazuya Shimizu , Tomoya Sato , Kentaro Shiomi , Yusuke Nemoto , Yuishi Torisaki , Makoto Fujiwara
发明人: Kazuya Shimizu , Tomoya Sato , Kentaro Shiomi , Yusuke Nemoto , Yuishi Torisaki , Makoto Fujiwara
IPC分类号: A63F13/00
CPC分类号: G06F21/6245 , G06F21/10
摘要: A communication card comprised of: an interface unit which communicates with the host; a first communication unit which communicates with an external device other than the host; an encryption unit which performs encryption processing onto data transferred between the host device and the external device via the interface unit and the first communication unit; a storage unit which stores: list information indicating a list of identifiers of unauthorized communication cards; and communication key information used for encryption; and a control unit which performs authentication processing, and only when the authentication processing has been completed normally, allows the host to control the first communication unit, causes said encryption unit to encrypt the data by using the communication key information after the authentication processing, and transfers the encrypted data to the host via the interface unit, in which the authentication processing includes processing of revoking an unauthorized communication card by using the list information.
摘要翻译: 一种通信卡,包括:与主机通信的接口单元; 与主机以外的外部设备通信的第一通信单元; 加密单元,其经由所述接口单元和所述第一通信单元对在所述主机设备和所述外部设备之间传送的数据执行加密处理; 存储单元,其存储指示未经授权的通信卡的标识符的列表的列表信息; 以及用于加密的通信密钥信息; 以及执行认证处理的控制单元,并且只有当认证处理已经正常完成时,允许主机控制第一通信单元,使得加密单元通过使用认证处理之后的通信密钥信息来加密数据,以及 经由接口单元将加密数据传送到主机,其中认证处理包括通过使用列表信息来撤销未经授权的通信卡的处理。
-
4.发明授权Method for generating data for detection of tampering, and method and apparatus for detection of tampering 有权用于产生用于检测篡改的数据的方法,以及用于检测篡改的方法和装置公开(公告)号:US08185746B2
公开(公告)日:2012-05-22
申请号:US12762845
申请日:2010-04-19
申请人: Tomoya Satou , Makoto Fujiwara , Kentarou Shiomi , Yusuke Nemoto , Yuishi Torisaki , Kazuya Shimzu , Shinji Inoue , Kazuya Fujimura , Makoto Ochi
发明人: Tomoya Satou , Makoto Fujiwara , Kentarou Shiomi , Yusuke Nemoto , Yuishi Torisaki , Kazuya Shimzu , Shinji Inoue , Kazuya Fujimura , Makoto Ochi
IPC分类号: H04L9/32
CPC分类号: G11B20/00086 , H04L9/0822 , H04L9/0833 , H04L9/0894 , H04L9/3236 , H04L2209/38 , H04L2209/60
摘要: In a target apparatus which stores at least one piece of domain key information in a first area and a plurality of pieces of content key information each associated with any one of the domain key information in a second area, a method for generating data for detecting tampering of the content key information. The method comprises the steps of encrypting the content key information associated with one of the domain key information using a chain encryption technique, extracting data at predetermined positions in the encrypted content key information, concatenating the pieces of data extracted at the predetermined positions in the encrypted content key information to obtain concatenated data, performing a hash calculation with respect to the concatenated data to obtain a hash value, storing check values corresponding to the data at the predetermined positions in plain text, in the target apparatus, and storing the hash value in the target apparatus.
摘要翻译: 在将第一区域中存储至少一段领域密钥信息和与第二区域中的任何一个域密钥信息相关联的多条内容密钥信息的目标设备中,存储用于检测篡改的数据的方法 的内容密钥信息。 该方法包括以下步骤:使用链式加密技术加密与一个领域密钥信息相关联的内容密钥信息,在加密的内容密钥信息中的预定位置提取数据,连接在加密的内容密钥信息中的预定位置提取的数据段 内容密钥信息以获得连接的数据,对所述连接的数据执行哈希计算以获得哈希值,将与所述预定位置上的数据相对应的校验值存储在目标设备中,并将哈希值存储在 目标设备。
-
5.发明授权Semiconductor integrated circuit and method for testing semiconductor integrated circuit 有权半导体集成电路和半导体集成电路测试方法公开(公告)号:US07913316B2
公开(公告)日:2011-03-22
申请号:US11703719
申请日:2007-02-08
申请人: Yuishi Torisaki , Makoto Fujiwara , Yusuke Nemoto
发明人: Yuishi Torisaki , Makoto Fujiwara , Yusuke Nemoto
IPC分类号: G06F11/00
CPC分类号: G11C7/24 , G06F11/1004 , G11C16/22 , G11C29/38 , G11C2029/0411
摘要: A check computation circuit executes a computation corresponding to a computation for generating confidential CRC data, with respect to confidential data read from a non-volatile device. A comparison circuit compares the result of the computation in the check computation circuit with confidential CRC data read from the non-volatile device. When the result of the comparison indicates a mismatch, i.e., an error is detected, an encryption circuit encrypts the confidential data and the confidential CRC data using a secret key registered in a secret key register, and outputs the encrypted confidential data and confidential CRC data to the outside of a semiconductor integrated circuit.
摘要翻译: 相对于从非易失性设备读取的机密数据,检查计算电路执行与用于生成机密CRC数据的计算相对应的计算。 比较电路将检查计算电路中的计算结果与从非易失性装置读取的机密CRC数据进行比较。 当比较结果指示不匹配时,即检测到错误时,加密电路使用登记在秘密密钥寄存器中的密钥对机密数据和机密CRC数据进行加密,并输出加密的机密数据和机密CRC数据 到半导体集成电路的外部。
-
公开(公告)号:US20050120245A1
公开(公告)日:2005-06-02
申请号:US10996452
申请日:2004-11-26
申请人: Yuishi Torisaki , Makoto Fujiwara , Yusuke Nemoto
发明人: Yuishi Torisaki , Makoto Fujiwara , Yusuke Nemoto
CPC分类号: G06F21/72 , G06F21/64 , G06F2221/2143 , H04L9/0662 , H04L9/0891 , H04L9/3228
摘要: In a system which processes confidential information, use of a confidential information processing LSI due to unauthorized tampering of software, spoofing or the like is prevented and data on a bus are protected against analysis using a probe, etc. Within the confidential information processing LSI, software which controls the LSI 1002 is subjected to tampering detection which is executed by a comparator 1008 and authentication processing which is executed by a comparator 1020,thereby confirming the validity of the software and preventing use of the confidential information processing LSI by unauthorized software. The LSI and the software share session keys 1035 and 1038 which are based on a random number used for authentication processing and encrypted communications are attained using the session keys, which protects data on the bus.
摘要翻译: 在处理机密信息的系统中,防止了由于未授权篡改软件,欺骗等而使用机密信息处理LSI,并且使用探测器等来保护总线上的数据免于分析。在机密信息处理LSI中, 控制LSI 1002的软件经受由比较器1008执行的篡改检测和由比较器1020执行的认证处理,从而确认软件的有效性,并防止未经授权的软件使用机密信息处理LSI。 基于用于认证处理和加密通信的随机数的LSI和软件共享会话密钥1035和1038使用保护总线上的数据的会话密钥来实现。
-
公开(公告)号:US20050271201A1
公开(公告)日:2005-12-08
申请号:US11133289
申请日:2005-05-20
申请人: Kazuya Shimizu , Tomoya Sato , Kentaro Shiomi , Yusuke Nemoto , Yuishi Torisaki , Makoto Fujiwara
发明人: Kazuya Shimizu , Tomoya Sato , Kentaro Shiomi , Yusuke Nemoto , Yuishi Torisaki , Makoto Fujiwara
IPC分类号: H04L9/10 , G06K19/073 , H04K1/00 , H04L9/06
CPC分类号: H04L9/0625 , H04L9/004 , H04L2209/12
摘要: An encryption circuit of a secret key cryptosystem which inputs a plain text and a secret key 4A, inputs R partial keys Kn obtained from the secret key 4A and applies repeatedly R times of round operations to the plain text so that the plain text is encrypted including: registers 4G and 4H which store the values after the round operations of the plain text; a fault detection circuit 1A which decides whether a degenerate fault exists or not by the values of the registers 4G and 4H; and a circuit 1B which invalidates the secret key 4A when the degenerate fault exists in the detection result. The invention provides an encryption circuit which can appropriately respond to a new element of causing occurrence of the degenerate fault, suppress the cost of the hardware, and has a measure against the fault analysis while suppressing an increase in an encryption processing time.
摘要翻译: 输入明文和秘密密钥4A的秘密密钥密码系统的加密电路输入从秘密密钥4A获得的R个部分密钥Kn,并且对明文重复地应用R次循环操作,使得明文是 加密包括:寄存器4G和4H,其在明文的循环操作之后存储值; 故障检测电路1A,其通过寄存器4G和4H的值判定退化故障是否存在; 以及当检测结果中存在退化故障时使秘密密钥4A无效的电路1B。 本发明提供了一种加密电路,其可以适当地响应引起退化故障的发生的新元件,抑制硬件的成本,并且在抑制加密处理时间的增加的同时具有针对故障分析的措施。
-
8.发明授权Method for generating data for detection of tampering, and method and apparatus for detection of tampering 有权用于产生用于检测篡改的数据的方法,以及用于检测篡改的方法和装置公开(公告)号:US07730320B2
公开(公告)日:2010-06-01
申请号:US11223939
申请日:2005-09-13
申请人: Tomoya Satou , Makoto Fujiwara , Kentarou Shiomi , Yusuke Nemoto , Yuishi Torisaki , Kazuya Shimizu , Shinji Inoue , Kazuya Fujimura , Makoto Ochi
发明人: Tomoya Satou , Makoto Fujiwara , Kentarou Shiomi , Yusuke Nemoto , Yuishi Torisaki , Kazuya Shimizu , Shinji Inoue , Kazuya Fujimura , Makoto Ochi
IPC分类号: H04L9/00
CPC分类号: G11B20/00086 , H04L9/0822 , H04L9/0833 , H04L9/0894 , H04L9/3236 , H04L2209/38 , H04L2209/60
摘要: In a target apparatus which stores at least one piece of domain key information in a first area and a plurality of pieces of content key information each associated with any one of the domain key information in a second area, a method for generating data for detecting tampering of the content key information. The method comprises the steps of encrypting the content key information associated with one of the domain key information using a chain encryption technique, extracting data at predetermined positions in the encrypted content key information, concatenating the pieces of data extracted at the predetermined positions in the encrypted content key information to obtain concatenated data, performing a hash calculation with respect to the concatenated data to obtain a hash value, storing check values corresponding to the data at the predetermined positions in plain text, in the target apparatus, and storing the hash value in the target apparatus.
摘要翻译: 在将第一区域中存储至少一段领域密钥信息和与第二区域中的任何一个域密钥信息相关联的多条内容密钥信息的目标设备中,存储用于检测篡改的数据的方法 的内容密钥信息。 该方法包括以下步骤:使用链式加密技术加密与一个领域密钥信息相关联的内容密钥信息,在加密的内容密钥信息中的预定位置提取数据,连接在加密的内容密钥信息中的预定位置提取的数据段 内容密钥信息以获得连接的数据,对所述连接的数据执行哈希计算以获得哈希值,将与所述预定位置上的数据相对应的校验值存储在目标设备中,并将哈希值存储在 目标设备。
-
公开(公告)号:US20060206634A1
公开(公告)日:2006-09-14
申请号:US11359866
申请日:2006-02-23
申请人: Yuishi Torisaki , Makoto Fujiwara , Yusuke Nemoto
发明人: Yuishi Torisaki , Makoto Fujiwara , Yusuke Nemoto
IPC分类号: G06F13/28
CPC分类号: G06F13/28
摘要: A DMA controller is connected by a bus to a plurality of master devices and a plurality of slave devices, and performs a data transfer between slave devices which are specified as a source and a destination of the data transfer by a transfer condition received from any of the plurality of master devices. Each of the plurality of master devices and the plurality of slave devices has a rank used for judging data transfer permissibility. The DMA controller enables the data transfer if the data transfer is judged to be permitted as a result of a comparison between a rank of the master device and a rank of any of the specified slave devices, and disables the data transfer if the data transfer is judged to be prohibited.
摘要翻译: DMA控制器通过总线连接到多个主设备和多个从设备,并且通过从以下任何一个接收到的传送条件来指定为数据传输的源和目的地的从设备之间的数据传输 多个主设备。 多个主设备和多个从设备中的每一个具有用于判断数据传输允许性的等级。 如果通过主设备的等级和任何指定的从设备的等级之间的比较来判断允许数据传输,则DMA控制器启用数据传输,如果数据传输是 判断被禁止。
-
10.发明授权公开(公告)号:US08077867B2
公开(公告)日:2011-12-13
申请号:US11970796
申请日:2008-01-08
IPC分类号: H04L9/00
CPC分类号: H04L9/0643 , G11B20/0021 , H04L9/0637 , H04L63/0428 , H04N21/41407 , H04N21/44008 , H04N21/4408
摘要: The present invention relates to a confidential information processing device, a confidential information processing apparatus, and a confidential information processing method, and particularly to a confidential information processing device which performs multiple cryptographic computation for different target data included in a data stream. With this configuration, the context control unit outputs the stream on which the cryptographic computation is performed to an external device or other stream analysis unit. Thus, by setting the number of cryptographic computation on a correspondence table, the number of computation can be set to any number. Thus, the confidential information processing device according to the present invention can perform any number of cryptographic computations on one stream. Furthermore, without outputting the stream whenever a cryptographic computation is completed, multiple cryptographic computations can be performed with one stream input. In addition, by setting the number of cryptographic computation on the correspondence table, the number of computation can be easily changed.
摘要翻译: 机密信息处理装置,机密信息处理装置以及机密信息处理方法技术领域本发明涉及机密信息处理装置,机密信息处理装置以及机密信息处理方法,特别涉及对包含在数据流中的不同目标数据进行多次密码计算的机密信息处理装置。 利用该配置,上下文控制单元将执行了加密计算的流输出到外部设备或其他流分析单元。 因此,通过在对应表上设定密码计算的次数,可以将计算次数设定为任意个数。 因此,根据本发明的机密信息处理装置可以在一个流上执行任何数量的密码计算。 此外,每当加密计算完成时,不输出流,可以用一个流输入来执行多个密码计算。 另外,通过在对应表上设定密码计算的次数,可以容易地改变计算次数。
-
-
-
-
-
-
-
-
-
搜索结果
50 条记录 (耗时 0.023 秒)