摘要:
This invention relates to a method and system for providing digital security by means of a reconfigurable physical uncloneable function, RPUF. The RPUF comprises a physical system constituted by distributed components arranged to generate a first response when receiving a first challenge at a point of the physical system. The physical reconfiguring of the RPUF comprises redistributing the components such that they generate a second response, which differs from said first response, when again applying the first challenge at the point. The reconfiguration step is further utilized in providing secure storage for digital items. The digital item is data of any kind, including data that needs to be accessed and updated, i.e. which is dynamic in nature. The method is exemplified by implementations such as secure storage of a key, a secure counter and a seed generator.
摘要:
This invention relates to a method and system for providing digital security by means of a reconfigurable physical uncloneable function, RPUF. The RPUF comprises a physical system constituted by distributed components arranged to generate a first response when receiving a first challenge at a point of the physical system. The physical reconfiguring of the RPUF comprises redistributing the components such that they generate a second response, which differs from said first response, when again applying the first challenge at the point. The reconfiguration step is further utilized in providing secure storage for digital items. The digital item is data of any kind, including data that needs to be accessed and updated, i.e. which is dynamic in nature. The method is exemplified by implementations such as secure storage of a key, a secure counter and a seed generator.
摘要:
The resource metering system comprises: an end-point device (25) consuming a resource, in particular for usage in a building (2) or in an outdoor lighting system, said device comprising a detection unit that produces status information and an indicator of usefulness; a smart meter (20) comprising: a communication circuitry provided with an interface adapted for receiving from said device status information and said indicator of usefulness; a metrology device connected to a medium (17) that provides the resource to said device; and a control circuitry connected to the metrology device for collecting resource consumption data, the control circuitry being connected to the communication circuitry and adapted to produce monitoring data to be securely transmitted to a server (10) after processing the status information and said indicator. Monitoring data are used when determining consumption tariffs, so as to encourage energy efficient usage of the device.
摘要:
The present invention relates to a method for securing communications between a resource-restricted device (1) and a receiving device (2) according to a wireless protocol, the method comprising the following steps: -storing, in a first part (11) of a non-volatile memory of the resource-restricted device (1), at least one encrypted payload, -storing, in a second part (12) of the non-volatile memory of the resource-restricted device (1), a pointer pointing towards an encrypted payload stored in the memory, -when a transmission is to be performed by the resource-restricted device (1), sending the encrypted payload indicated by the pointer, and storing, in the second part (12) of the non-volatile memory an updated pointer indicating a next-to-be-used encrypted payload stored in the memory.
摘要:
The invention provides a method of generating arbitrary numbers given a seed, characterized by providing a challenge derived from the seed to a physical token, receiving an initial response from the physical token, combining the initial response with helper data associated with the challenge to produce a stable response, and generating the arbitrary numbers using a pseudo-random number generator using the stable response as a seed for the generator. Preferably one or more of these pseudo-random permutations are used as one or more round function(s) in a Feistel block cipher. The generated arbitrary numbers may also be used to create a cryptographic key.
摘要:
The present invention relates to a method for operating a first node in a network, the network including a plurality of nodes, the method comprising (a) the first node having a first identifier joining the network by transmitting the first identifier to a second node having a second identifier, (b) the first node generating a first key on the basis of the second identifier (c) the first node authenticating the second node by means of the first key, (d) the first node communicating with a third node if the first and second keys are equal.
摘要:
In accordance with the present invention, there is provided a method for sharing a secret value x among n participating network devices via an asynchronous network. The n participating network devices comprises t faulty devices and k sub-devices capable of reconstructing the secret value x, wherein t
摘要:
The resource metering system comprises: an end-point device (25) consuming a resource, in particular for usage in a building (2) or in an outdoor lighting system, said device comprising a detection unit that produces status information and an indicator of usefulness; a smart meter (20) comprising: a communication circuitry provided with an interface adapted for receiving from said device status information and said indicator of usefulness; a metrology device connected to a medium (17) that provides the resource to said device; and a control circuitry connected to the metrology device for collecting resource consumption data, the control circuitry being connected to the communication circuitry and adapted to produce monitoring data to be securely transmitted to a server (10) after processing the status information and said indicator. Monitoring data are used when determining consumption tariffs, so as to encourage energy efficient usage of the device.
摘要:
It is described a method for encrypting and a method for decrypting at least a portion (155) of a dataset being stored in a memory (150), wherein the dataset has at least two dimensions. The described multi-dimensional cryptographic methods comprise forming a first keystream (165) being assigned to a first dimension of the dataset and forming a second keystream (175) being assigned to a second dimension of the dataset. The encrypting method further comprises encrypting each data packet of the portion (155) of the dataset by using a combination of the first keystream (165) and the second keystream (175). The decrypting method further comprises decrypting each data packet of the portion (155) of the dataset by using a combination of the first keystream (165) and the second keystream (175). It is further described a method for temporarily storing at least a portion (155) of a dataset into a memory (150) and a device for handling a dataset, which method and which device take advantage of the above-described encrypting method and/or the above-described decrypting method.
摘要:
A method for securing communications between a first node (N1) and a second node (N2) in a network (1) further comprising a management device (2) provided with root keying materials, the method comprising the following steps: the management device generating, based on root keying materials, a first node keying material shares comprising a number of sub-elements and the first node keying material shares being arranged for generating a first complete key, the management device selecting a subset of sub-elements of the first keying material shares, the number of sub-elements selected being less or equal than the total number of sub-elements of the first keying material shares, and the selected sub-elements forming a first node partial keying material shares or symmetric-key generation engine, the first node generating, based on the first node symmetric-key generation engine and on an identifier of the second node, a first key, used for securing communications with the second node.