公开(公告)号：US07475041B2

公开(公告)日：2009-01-06

申请号：US10719050

申请日：2003-11-21

申请人： Leon A. Pintsov ,  Matthew J. Campagna ,  Danny Lelli

发明人： Leon A. Pintsov ,  Matthew J. Campagna ,  Danny Lelli

IPC分类号： G06F17/60

CPC分类号： G07B17/00508 ,  G06Q20/3674 ,  G07B2017/00443 ,  G07B2017/0058 ,  G07B2017/00725 ,  G07B2017/00766

摘要： A method and system for generating and printing an indicium, such as a postal indicium, on an object such as a mail piece. Other printed material, such as an address block, on the object is scanned, and the scanned image is processed to abstract characterizing information descriptive of the other printed material. Alternatively, the image to be processed can be obtained by filtering the original image wit a print/scan filter which simulates printing and scanning processes. The characterizing information can be text-based or image-based. Image-based characterizing information can be measurements of word lengths, counts of outliers in images of characters, or descriptions of the shape of the other printed material. The characterizing information is combined with other information, such as postal information and the combined information is then cryptographically authenticated with a digital signature or the like. An indicium representative of the authenticated information is then printed on the object. The object's relationship to the indicium can be verified by regenerating the characterizing information from the other printed material and comparing the regenerated characterizing information with characterizing information recovered from the indicium. Thus, copies of the indicium cannot easily be used, without detection, on other objects which do not include the other printed material.

摘要翻译： 用于在诸如邮件的对象上生成和打印诸如邮戳的标记的方法和系统。 扫描对象上的其他打印材料（如地址块），并处理扫描图像以抽象描述其他打印材料的特征信息。 或者，可以通过模拟打印和扫描处理的打印/扫描过滤器对原始图像进行滤波来获得要处理的图像。 特征信息可以是基于文本或基于图像的。 基于图像的特征信息可以是字长度的测量，字符图像中的异常值的计数或其他印刷材料的形状的描述。 特征信息与诸如邮政信息的其他信息组合，然后利用数字签名等对组合的信息进行密码认证。 然后将经过认证的信息的标记印在对象上。 可以通过从其他印刷材料再生表征信息并将再生的特征信息与从标记中回收的特征信息进行比较来验证对象与标记的关系。 因此，标签的副本不能容易地被用于不包括其他印刷材料的其他物体上。

公开(公告)号：US07424458B2

公开(公告)日：2008-09-09

申请号：US10719051

申请日：2003-11-21

申请人： Leon A. Pintsov ,  Matthew J. Campagna ,  Danny Lelli

发明人： Leon A. Pintsov ,  Matthew J. Campagna ,  Danny Lelli

IPC分类号： G06F17/60

CPC分类号： G07B17/00733 ,  G07B2017/0058 ,  G07B2017/0083

摘要： A method and system for generating and printing an indicium, such as a postal indicium, on an object such as a mail piece. A digital image of other printed material, such as an address block, on the object is obtained, and the image is processed to abstract characterizing information descriptive aspects of the other printed material. The aspects can be measurements of word lengths, counts of outliers in images of characters, or descriptions of the shape of the other printed material. The characterizing information is combined with other information, such as postal information, and the combined information is then cryptographically authenticated with a digital signature or the like. An indicium representative of the authenticated information is then printed on the object. The object's relationship to the indicium can be verified by regenerating the characterizing information from the other printed material and comparing the regenerated characterizing information with characterizing information recovered from the indicium. Thus, copies of the indicium cannot easily be used, without detection, on other objects which do not include the other printed material.

摘要翻译： 用于在诸如邮件的对象上生成和打印诸如邮戳的标记的方法和系统。 获得对象上的诸如地址块的其他打印材料的数字图像，并处理图像以抽象其他印刷材料的特征描述性方面。 这些方面可以是字长的测量，字符图像中的异常值的计数或其他印刷材料的形状的描述。 特征信息与诸如邮政信息的其他信息组合，然后利用数字签名等对组合的信息进行密码认证。 然后将经过认证的信息的标记印在对象上。 可以通过从其他印刷材料再生表征信息并将再生的特征信息与从标记中回收的特征信息进行比较来验证对象与标记的关系。 因此，标签的副本不能容易地被用于不包括其他印刷材料的其他物体上。

公开(公告)号：US20080306885A1

公开(公告)日：2008-12-11

申请号：US11810488

申请日：2007-06-06

申请人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

发明人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

IPC分类号： G06F17/00

CPC分类号： G07B17/00733 ,  G07B2017/00443 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/0087 ,  G07B2017/00959

摘要： Methods and systems for verification of indicia that do not require key management systems, and in which revocation of key pairs is easily performed without adding costs to the verification process are provided. Indicia are generated and authenticated utilizing an identity-based encryption (IBE) scheme. A key generating authority generates a private key for a PSD, distributes the private key securely to the PSD, and provides public information for use by a verification service when verifying cryptographic digital signatures generated with the private key. The corresponding public key is a string consisting of PSD information that is provided as part of the indicium. The verification service can verify the signature of each indicium by obtaining the public key string from the indicium, and utilizing the key generating authority's public information.

摘要翻译： 提供了用于验证不需要密钥管理系统的标记的方法和系统，并且容易地执行密钥对的撤销而不增加验证过程的成本。 使用基于身份的加密（IBE）方案来生成和认证标识符。 密钥生成机构为PSD生成私钥，将私钥安全地分配给PSD，并且在验证使用私钥生成的加密数字签名时，提供公开信息供验证服务使用。 相应的公钥是由作为标记的一部分提供的PSD信息组成的字符串。 验证服务可以通过从标记获取公钥字符串，并利用密钥生成机构的公开信息来验证每个标记的签名。

公开(公告)号：US07434726B2

公开(公告)日：2008-10-14

申请号：US11434331

申请日：2006-05-15

申请人： Bradley R. Hammell ,  Matthew J. Campagna ,  Robert A. Cordery ,  Bertrand Haas ,  Leon A. Pintsov

发明人： Bradley R. Hammell ,  Matthew J. Campagna ,  Robert A. Cordery ,  Bertrand Haas ,  Leon A. Pintsov

IPC分类号： G06F19/00

CPC分类号： G06Q20/3823 ,  G06Q20/04 ,  G06Q20/10 ,  G06Q20/40

摘要： Methods and systems that prevent completion of postdated financial transactions until the specified future date is provided. A portion of the information necessary to complete a financial transaction is encrypted utilizing an identity-based encryption (IBE) scheme. The encryption key used to encrypt the information is associated with the date on which the transaction is authorized to be completed. The encrypted information is provided to the payee. The issuing bank provides a daily decryption key that allows decryption of information encrypted using the key associated with the corresponding date. Thus, only when the maturity date of the transaction has arrived will the payee or depositing bank be able to obtain the decryption key that will decrypt the encrypted information necessary to complete the transaction. Since the encrypted information can not be decrypted until the date associated with the encryption key, the financial transaction can not be completed until such date.

摘要翻译： 提供在指定的未来日期之前阻止完成后期金融交易的方法和系统。 使用基于身份的加密（IBE）方案来加密完成金融交易所需的一部分信息。 用于加密信息的加密密钥与交易被授权完成的日期相关联。 加密信息被提供给收款人。 开证行提供每日解密密钥，允许使用与相应日期相关联的密钥加密的信息进行解密。 因此，只有当交易的到期日到来时，收款人或存款银行才能获得将解密完成交易所必需的加密信息的解密密钥。 由于加密信息在与加密密钥相关的日期之前不能被解密，所以直到这样的日子才能完成金融交易。

公开(公告)号：US08676715B2

公开(公告)日：2014-03-18

申请号：US11810488

申请日：2007-06-06

申请人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Robert A. Cordery ,  Matthew J. Campagna ,  Bertrand Haas ,  Bradley R. Hammell ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： G06Q20/00

CPC分类号： G07B17/00733 ,  G07B2017/00443 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/0087 ,  G07B2017/00959

摘要： Methods and systems for verification of indicia that do not require key management systems, and in which revocation of key pairs is easily performed without adding costs to the verification process are provided. Indicia are generated and authenticated utilizing an identity-based encryption (IBE) scheme. A key generating authority generates a private key for a PSD, distributes the private key securely to the PSD, and provides public information for use by a verification service when verifying cryptographic digital signatures generated with the private key. The corresponding public key is a string consisting of PSD information that is provided as part of the indicium. The verification service can verify the signature of each indicium by obtaining the public key string from the indicium, and utilizing the key generating authority's public information.

摘要翻译： 提供了用于验证不需要密钥管理系统的标记的方法和系统，并且容易地执行密钥对的撤销而不增加验证过程的成本。 使用基于身份的加密（IBE）方案来生成和认证标识符。 密钥生成机构为PSD生成私钥，将私钥安全地分配给PSD，并且在验证使用私钥生成的加密数字签名时，提供公开信息供验证服务使用。 相应的公钥是由作为标记的一部分提供的PSD信息组成的字符串。 验证服务可以通过从标记获取公钥字符串，并利用密钥生成机构的公开信息来验证每个标记的签名。

公开(公告)号：US20090103734A1

公开(公告)日：2009-04-23

申请号：US11873673

申请日：2007-10-17

申请人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

发明人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, JR.

IPC分类号： H04L9/08

CPC分类号： H04L9/3073 ,  H04L9/3252 ,  H04L63/0464 ,  H04L63/062

摘要： Methods and systems for providing confidentiality of communications sent via a network that is efficient, easy to implement, and does not require significant key management. The identity of each node of the routing path of a communication is encrypted utilizing an identity-based encryption scheme. This allows each node of the routing path to decrypt only those portions of the routing path necessary to send the communication to the next node. Thus, each node will only know the immediate previous node from which the communication came, and the next node to which the communication is to be sent. The remainder of the routing path of the communication, along with the original sender and intended recipient, remain confidential from any intermediate nodes in the routing path. Use of the identity-based encryption scheme removes the need for significant key management to maintain the encryption/decryption keys.

摘要翻译： 提供通过网络发送的通信的机密性的方法和系统，其高效，易于实现，并且不需要重要的密钥管理。 使用基于身份的加密方案来加密通信的路由路径的每个节点的身份。 这允许路由路径的每个节点仅解密将通信发送到下一个节点所需的路由路径的那些部分。 因此，每个节点将仅知道来自该通信的即时先前节点以及要发送通信的下一个节点。 通信的路由路径的剩余部分以及原始发送者和预期接收者对路由路径中的任何中间节点保持机密。 使用基于身份的加密方案不需要进行重要的密钥管理来维护加密/解密密钥。

公开(公告)号：US08700894B2

公开(公告)日：2014-04-15

申请号：US11873673

申请日：2007-10-17

申请人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

发明人： Bradley R. Hammell ,  Matthew J. Campagna ,  Bertrand Haas ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr.

IPC分类号： H04L29/06 ,  H04L9/00 ,  H04L9/08

CPC分类号： H04L9/3073 ,  H04L9/3252 ,  H04L63/0464 ,  H04L63/062

摘要： Methods and systems for providing confidentiality of communications sent via a network that is efficient, easy to implement, and does not require significant key management. The identity of each node of the routing path of a communication is encrypted utilizing an identity-based encryption scheme. This allows each node of the routing path to decrypt only those portions of the routing path necessary to send the communication to the next node. Thus, each node will only know the immediate previous node from which the communication came, and the next node to which the communication is to be sent. The remainder of the routing path of the communication, along with the original sender and intended recipient, remain confidential from any intermediate nodes in the routing path. Use of the identity-based encryption scheme removes the need for significant key management to maintain the encryption/decryption keys.

摘要翻译： 提供通过网络发送的通信的机密性的方法和系统，其高效，易于实现，并且不需要重要的密钥管理。 使用基于身份的加密方案来加密通信的路由路径的每个节点的身份。 这允许路由路径的每个节点仅解密将通信发送到下一个节点所需的路由路径的那些部分。 因此，每个节点将仅知道来自该通信的即时先前节点以及要发送通信的下一个节点。 通信的路由路径的剩余部分以及原始发送者和预期接收者对路由路径中的任何中间节点保持机密。 使用基于身份的加密方案不需要进行重要的密钥管理来维护加密/解密密钥。

公开(公告)号：US07668786B2

公开(公告)日：2010-02-23

申请号：US10736268

申请日：2003-12-15

申请人： Matthew J. Campagna ,  Danny Lelli

发明人： Matthew J. Campagna ,  Danny Lelli

IPC分类号： G07B17/02

CPC分类号： G06T1/005

摘要： A method and system for selecting a characterizing algorithm to be used to characterize blocks of printed material. A digital image of printed material, such as an address block, on an object is obtained, and the image is processed to extract characterizing information descriptive of aspects of the printed material. An indicium representative of the information is then printed on the object. The object's relationship to the indicium can be verified by regenerating the characterizing information from the printed material and comparing the regenerated characterizing information with characterizing information recovered from the indicium. A particular algorithm is selected from a predetermined group of characterizing algorithms by determining an estimate for the robustness of each algorithm.

摘要翻译： 一种用于选择用于表征打印材料块的特征算法的方法和系统。 获得对象上的诸如地址块的打印材料的数字图像，并处理图像以提取描述打印材料的方面的特征信息。 然后将该信息的标记代表印在对象上。 可以通过从打印材料再生表征信息并将再生的特征信息与从标记中恢复的特征信息进行比较来验证对象与标记的关系。 通过确定每个算法的鲁棒性的估计，从预定的一组特征算法中选择特定的算法。

公开(公告)号：US08891756B2

公开(公告)日：2014-11-18

申请号：US12609891

申请日：2009-10-30

申请人： Daniel R. L. Brown ,  Matthew J. Campagna ,  Marinus Struik

发明人： Daniel R. L. Brown ,  Matthew J. Campagna ,  Marinus Struik

IPC分类号： H04L9/28 ,  H04L9/30 ,  H04L9/06

CPC分类号： H04L9/3066 ,  H04L9/0643 ,  H04L2209/20 ,  H04L2209/80

摘要： Elliptic curve hash functions are provided which do not require a pre-existing hash function, such as that required by the MuHash. The elliptic curve hash functions can be built from scratch and are collision free and can be incremental. In one embodiment, rather than a pre-existing hash function, the identity function with padding is used; and in another embodiment, rather than a pre-existing hash function, a block cipher with a fixed non-secret key is used.

摘要翻译： 提供了椭圆曲线散列函数，它不需要预先存在的哈希函数，如MuHash所要求的哈希函数。 椭圆曲线哈希函数可以从头开始构建，并且是无冲突的并且可以是增量的。 在一个实施例中，而不是预先存在的散列函数，使用具有填充的身份函数; 并且在另一个实施例中，使用具有固定非秘密密钥的块密码而不是预先存在的散列函数。

公开(公告)号：US08631247B2

公开(公告)日：2014-01-14

申请号：US13131019

申请日：2009-11-24

申请人： Daniel O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  Joseph Ku ,  William Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew J. Campagna ,  Thomas Stiemerling

发明人： Daniel O'Loughlin ,  Keelan Smith ,  Jay Scott Fuller ,  Joseph Ku ,  William Lattin ,  Marinus Struik ,  Yuri Poeluev ,  Matthew J. Campagna ,  Thomas Stiemerling

IPC分类号： H04L9/00 ,  G06F21/00

CPC分类号： G06F12/1408 ,  G06F21/123 ,  G06F21/57 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/76 ,  G06F21/80 ,  G06F2212/1052 ,  G06F2221/2101 ,  H04L9/0877 ,  H04L9/3066 ,  H04L9/3252 ,  H04L9/3263 ,  H04L9/3273 ,  H04L2209/24

摘要： An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session.

摘要翻译： 提供资产管理系统，其中包括作为资产控制核心运行的硬件模块。 资产控制核心通常包括嵌入在目标片上系统中的小型硬件核心，其在硅芯片上建立基于硬件的信任点。 资产控制核心可以作为消费者设备的信任根源，具有使其难以篡改的特征。 资产控制核心能够为一个设备生成唯一的标识符，并通过与设备的安全通信通道参与设备的跟踪和配置。 该设备通常包括一个安全模块，它将配置数据高速缓存并分配给连接到资产控制核心的许多代理之一，例如， 在生产线上或在售后市场的程序设计会议。