-
公开(公告)号:US08200986B2
公开(公告)日:2012-06-12
申请号:US12109283
申请日:2008-04-24
IPC分类号: G06F11/30
CPC分类号: H04L9/0618 , H04L9/0656
摘要: Computer related method and apparatus to transmit a logical value (e.g., 1 or 0) between two entities, such as an operating system and application program, in a secure way in an insecure environment. The logical status is sent by in effect encrypting it using two random numbers, one from each entity, before sending it to the other entity. However the encrypting is much “lighter” (requiring much less computer or circuit resources) than any conventional secure cipher and has a built-in verification feature.
摘要翻译: 计算机相关方法和装置,以安全的方式在不安全的环境中传送诸如操作系统和应用程序的两个实体之间的逻辑值(例如,1或0)。 逻辑状态在发送给另一个实体之前通过实际加密来发送,使用两个随机数,一个来自每个实体。 然而,与任何传统的安全密码相比,加密比“更轻”(需要更少的计算机或电路资源),并具有内置的验证功能。
-
公开(公告)号:US08014520B2
公开(公告)日:2011-09-06
申请号:US12054249
申请日:2008-03-24
CPC分类号: G06F7/723 , G06F7/556 , G06F2207/5561 , H04L9/3013 , H04L9/302
摘要: Method and apparatus for data security using exponentiation. This is suitable for public key cryptography authentication and other data security applications using a one-way function. A type of exponentiation is disclosed here where the bits of an exponent value expressed in binary form correspond to a course (path) in a given graph defining the one-way function. This uses an approach called here F sequences. Each value is in a ladder of a sequence of values, as defined from its predecessor values. This ladder satisfies certain algebraic identities and is readily calculated by a computer program or logic circuitry.
摘要翻译: 使用取幂的数据安全的方法和装置。 这适用于使用单向功能的公钥加密认证和其他数据安全应用。 这里公开了一种取幂类型,其中以二进制形式表示的指数值的位对应于定义单向函数的给定图中的路线(路径)。 这使用一种称为F序列的方法。 每个值都位于一系列值的梯形图中,如其前导值所定义。 该梯子满足某些代数标识,并且可以由计算机程序或逻辑电路容易地计算出来。
-
3.发明授权Method and apparatus for securing content using encryption with embedded key in content 有权使用内嵌密钥加密保护内容的方法和装置公开(公告)号:US08196214B2
公开(公告)日:2012-06-05
申请号:US12002098
申请日:2007-12-14
IPC分类号: G06F21/00
CPC分类号: H04L63/062 , G06F21/10 , H04L9/0827 , H04L9/0891 , H04L63/123 , H04L2209/605
摘要: Method and apparatus enabled by computer (or equivalent) hardware and software for protection of content such as audio and video to be downloaded or streamed over a computer network such as the Internet. The content is provided to the user via streaming or downloads in encrypted form. The encryption is such that the content key decryption information is transmitted so that it itself is encrypted to be both device and session unique. That is, the key information can be used only to extract the content decryption key for a particular session and for a particular client device such as an audio or video consumer playing device. This prevents any further use or copying of the content other than in that session and for that particular client. The specificity is accomplished by using a device unique identifier and antireplay information which is session specific for encrypting the content key. A typical application is Internet streaming of audio or video to consumers.
摘要翻译: 用于保护诸如音频和视频的内容的计算机(或等效的)硬件和软件能够通过诸如因特网的计算机网络下载或流式传输的方法和装置。 内容通过加密形式的流式传输或下载提供给用户。 加密是使得内容密钥解密信息被发送,使得其本身被加密成为设备和会话唯一的。 也就是说,密钥信息可以仅用于提取特定会话的内容解密密钥以及用于诸如音频或视频消费者播放设备的特定客户端设备。 这可以防止在该会话和该特定客户端之外的内容的任何进一步的使用或复制。 特异性通过使用设备唯一标识符和反重播信息来实现,该信息是会话专用于加密内容密钥。 典型的应用是将音频或视频的互联网流传输给消费者。
-
公开(公告)号:US20110051931A1
公开(公告)日:2011-03-03
申请号:US12551360
申请日:2009-08-31
IPC分类号: H04L9/00
CPC分类号: H04L9/083 , H04L9/0822 , H04L9/0827 , H04L2209/603
摘要: A method and associated apparatus for use in a data distribution process to allow an untrusted intermediary to re-encrypt data for transmission from an originator to a message receiver without revealing the data (message) or the cipher to the intermediary. This method uses a composition of two ciphers for re-encrypting the message at the intermediary, without revealing the plain text message or either cipher to the intermediary.
摘要翻译: 一种在数据分发过程中使用的方法和相关联的装置,以允许不信任的中间人重新加密用于从发起者到消息接收者的传输的数据,而不向中介者显示数据(消息)或密码。 该方法使用两个密码的组合来在中间人处重新加密消息,而不向中间人透露明文消息或密码。
-
公开(公告)号:US20090238360A1
公开(公告)日:2009-09-24
申请号:US12054249
申请日:2008-03-24
CPC分类号: G06F7/723 , G06F7/556 , G06F2207/5561 , H04L9/3013 , H04L9/302
摘要: Method and apparatus for data security using exponentiation. This is suitable for public key cryptography authentication and other data security applications using a one-way function. A type of exponentiation is disclosed here where the bits of an exponent value expressed in binary form correspond to a course (path) in a given graph defining the one-way function. This uses an approach called here F sequences. Each value is in a ladder of a sequence of values, as defined from its predecessor values. This ladder satisfies certain algebraic identities and is readily calculated by a computer program or logic circuitry.
摘要翻译: 使用取幂的数据安全的方法和装置。 这适用于使用单向功能的公钥加密认证和其他数据安全应用。 这里公开了一种取幂类型,其中以二进制形式表示的指数值的位对应于定义单向函数的给定图中的路线(路径)。 这使用一种称为F序列的方法。 每个值都位于一系列值的梯形图中,如其前导值所定义。 该梯子满足某些代数标识,并且可以由计算机程序或逻辑电路容易地计算出来。
-
6.发明申请Media Storage Structures for Storing Content, Devices for Using Such Structures, Systems for Distributing Such Structures 审中-公开用于存储内容的媒体存储结构,使用此类结构的设备,用于分发此类结构的系统公开(公告)号:US20140075180A1
公开(公告)日:2014-03-13
申请号:US13615492
申请日:2012-09-13
IPC分类号: G06F21/60
CPC分类号: H04L9/32 , G06F21/10 , G06F21/602
摘要: Some embodiments of the invention provide a content-distribution system. In some embodiments, the content-distribution system distributes device-restricted content and device-unrestricted content. Device-restricted content is content that can only be played on devices that the system associates with the particular user. Device-unrestricted content is content that can be played on any device without any restrictions. However, for at least one operation or service other than playback, device-unrestricted content has to be authenticated before this operation or service can be performed on the content. In some embodiments, the system facilitates this authentication by specifying a verification parameter for a piece of device-unrestricted content. The content-distribution system of some embodiments has a set of servers that supply (1) media storage structures that store content, (2) cryptographic keys that are needed to decrypt device-restricted content, and (3) verification parameters that are needed to verify device-unrestricted content.
摘要翻译: 本发明的一些实施例提供内容分发系统。 在一些实施例中,内容分发系统分发设备限制的内容和设备无限制的内容。 设备限制内容是只能在系统与特定用户关联的设备上播放的内容。 设备无限制的内容是可以在任何设备上播放的内容,没有任何限制。 然而,对于除播放之外的至少一个操作或服务,在可以对内容执行该操作或服务之前必须认证设备无限制的内容。 在一些实施例中,系统通过为一片设备无限制内容指定验证参数来促进该认证。 一些实施例的内容分发系统具有一组服务器,其提供(1)存储内容的媒体存储结构,(2)解密设备限制的内容所需的密码密钥,以及(3)需要的验证参数 验证设备无限制的内容。
-
公开(公告)号:US20090245510A1
公开(公告)日:2009-10-01
申请号:US12055244
申请日:2008-03-25
IPC分类号: H04L9/06
CPC分类号: H04L9/0625 , H04L2209/24
摘要: A block cipher or other cryptographic process intended to be efficiently implemented in hardware (circuitry) includes an s-box (substitution operation) which does not require a look up table, but may be implemented solely with Boolean logic operations (logic gates). Also provided is an associated key scheduling process.
摘要翻译: 意图在硬件(电路)中有效实现的块密码或其他加密过程包括不需要查找表的S盒(替代操作),但是可以仅用布尔逻辑运算(逻辑门)实现。 还提供了相关联的密钥调度过程。
-
公开(公告)号:US20090208014A1
公开(公告)日:2009-08-20
申请号:US12031552
申请日:2008-02-14
CPC分类号: G06F7/58 , H04L9/0662 , H04L9/3236 , H04L2209/26 , H04L2209/603
摘要: Method and apparatus for ensuring randomness of pseudo-random numbers generated by a conventional computer operating system or electronic device. Typically pseudo-random number generators used in computer operating systems or electronic devices may be penetrated by a hacker (pirate), who penetrates a cryptographic or other supposedly secure process using the random numbers by tampering with the input random numbers, thus making them nonrandom. The present method and apparatus are intended to verify such random numbers to make sure that they are indeed random enough, by applying suitable random tests. Only if the values pass the test are they passed on for use in the cryptographic or other process. If they fail the test, a new set of random numbers is requested from the pseudo-random number generator. These are again tested. Further a diversity function may be applied to the random numbers even if they have passed the random number test in order to improve their randomness. This diversity function is for instance double encryption. An anti-replay feature is also included by which the pool of random numbers is subject to a check on each cycle to make sure that there has been no duplication of the input random numbers.
摘要翻译: 用于确保由常规计算机操作系统或电子设备产生的伪随机数的随机性的方法和装置。 在计算机操作系统或电子设备中使用的通常的伪随机数生成器可以被黑客(盗版者)穿透,黑客(盗版者)通过篡改输入的随机数来使用随机数进行加密或其他所谓的安全处理,从而使其不随机。 本方法和装置旨在验证这样的随机数,以确保它们确实是随机的,通过应用适当的随机测试。 只有当值通过测试时,它们才被传递以用于加密或其他过程。 如果测试失败,则会从伪随机数发生器请求一组新的随机数。 这些再次测试。 此外,即使已经通过随机数测试来提高其随机性,也可以将分集函数应用于随机数。 这种分集功能是例如双重加密。 还包括反重播功能,通过该功能,随机数池将在每个周期进行检查,以确保输入随机数没有重复。
-
9.发明申请Media Storage Structures for Storing Content, Devices for Using Such Structures, Systems for Distributing Such Structures 有权用于存储内容的媒体存储结构,使用此类结构的设备,用于分发此类结构的系统公开(公告)号:US20080294901A1
公开(公告)日:2008-11-27
申请号:US11752276
申请日:2007-05-22
IPC分类号: H04L9/00
CPC分类号: G06F21/10
摘要: Some embodiments of the invention provide a content-distribution system for distributing content under a variety of different basis. For instance, in some embodiments, the content-distribution system distributes device-restricted content and device-unrestricted content. Device-restricted content is content that can only be played on devices that the system associates with the particular user. Device-unrestricted content is content that can be played on any device without any restrictions. However, for at least one operation or service other than playback, device-unrestricted content has to be authenticated before this operation or service can be performed on the content. In some embodiments, the system facilitates this authentication by specifying a verification parameter for a piece of device-unrestricted content. The content-distribution system of some embodiments has a set of servers that supply (1) media storage structures that store content, (2) cryptographic keys that are needed to decrypt device-restricted content, and (3) verification parameters that are needed to verify device-unrestricted content. In some embodiments, the device that receives the media storage structure inserts the received cryptographic key or verification parameter in the received media storage structure. In some embodiments, the set of servers also supply cryptographic content keys for the device-unrestricted content. These keys are used to decrypt the content upon arrival, upon first playback, or at some other time. However, some embodiments do not store these cryptographic keys in the media storage structures for the device-unrestricted content.
摘要翻译: 本发明的一些实施例提供了一种用于在各种不同基础下分发内容的内容分发系统。 例如,在一些实施例中,内容分发系统分发受设备限制的内容和设备无限制的内容。 设备限制内容是只能在系统与特定用户关联的设备上播放的内容。 设备无限制的内容是可以在任何设备上播放的内容,没有任何限制。 然而,对于除播放之外的至少一个操作或服务,在可以对内容执行该操作或服务之前必须认证设备无限制的内容。 在一些实施例中,系统通过为一片设备无限制内容指定验证参数来促进该认证。 一些实施例的内容分发系统具有一组服务器,其提供(1)存储内容的媒体存储结构,(2)解密设备限制的内容所需的密码密钥,以及(3)需要的验证参数 验证设备无限制内容。 在一些实施例中,接收媒体存储结构的设备将接收到的加密密钥或验证参数插入接收到的媒体存储结构中。 在一些实施例中,该组服务器还提供用于设备无限制内容的加密内容密钥。 这些密钥用于在到达时,首次播放时或在其他时间对内容进行解密。 然而,一些实施例不将这些加密密钥存储在用于设备无限制内容的媒体存储结构中。
-
10.发明授权Media storage structures for storing content, devices for using such structures, systems for distributing such structures 有权用于存储内容的媒体存储结构,用于使用这种结构的装置,用于分发这种结构的系统公开(公告)号:US08347098B2
公开(公告)日:2013-01-01
申请号:US11752276
申请日:2007-05-22
IPC分类号: H04L29/06
CPC分类号: G06F21/10
摘要: Some embodiments of the invention provide a content-distribution system for distributing content under a variety of different basis. For instance, in some embodiments, the content-distribution system distributes device-restricted content and device-unrestricted content. Device-restricted content is content that can only be played on devices that the system associates with the particular user. Device-unrestricted content is content that can be played on any device without any restrictions. However, for at least one operation or service other than playback, device-unrestricted content has to be authenticated before this operation or service can be performed on the content. In some embodiments, the system facilitates this authentication by specifying a verification parameter for a piece of device-unrestricted content. The content-distribution system of some embodiments has a set of servers that supply (1) media storage structures that store content, (2) cryptographic keys that are needed to decrypt device-restricted content, and (3) verification parameters that are needed to verify device-unrestricted content. In some embodiments, the device that receives the media storage structure inserts the received cryptographic key or verification parameter in the received media storage structure. In some embodiments, the set of servers also supply cryptographic content keys for the device-unrestricted content. These keys are used to decrypt the content upon arrival, upon first playback, or at some other time. However, some embodiments do not store these cryptographic keys in the media storage structures for the device-unrestricted content.
摘要翻译: 本发明的一些实施例提供了一种用于在各种不同基础下分发内容的内容分发系统。 例如,在一些实施例中,内容分发系统分发受设备限制的内容和设备无限制的内容。 设备限制内容是只能在系统与特定用户关联的设备上播放的内容。 设备无限制的内容是可以在任何设备上播放的内容,没有任何限制。 然而,对于除播放之外的至少一个操作或服务,在可以对内容执行该操作或服务之前必须认证设备无限制的内容。 在一些实施例中,系统通过为一片设备无限制内容指定验证参数来促进该认证。 一些实施例的内容分发系统具有一组服务器,其提供(1)存储内容的媒体存储结构,(2)解密设备限制的内容所需的密码密钥,以及(3)需要的验证参数 验证设备无限制的内容。 在一些实施例中,接收媒体存储结构的设备将接收到的加密密钥或验证参数插入接收到的媒体存储结构中。 在一些实施例中,该组服务器还提供用于设备无限制内容的加密内容密钥。 这些密钥用于在到达时,首次播放时或在其他时间对内容进行解密。 然而,一些实施例不将这些加密密钥存储在用于设备无限制内容的媒体存储结构中。
-
-
-
-
-
-
-
-
-
搜索结果
61 条记录 (耗时 0.026 秒)
