-
公开(公告)号:US09276739B2
公开(公告)日:2016-03-01
申请号:US12305063
申请日:2007-06-29
申请人: Mehmet Utku Celik , Boris Skoric , Pim Theo Tuyls
发明人: Mehmet Utku Celik , Boris Skoric , Pim Theo Tuyls
CPC分类号: H04L9/085 , H04L9/0861 , H04L63/0478 , H04L2209/60
摘要: A method of encrypting data using a first key and multiple encryption keys at least in part based on the first key. The method includes encoding the data into a redundant representation by distributing the information content of the data among a number of groups, each group being associated with a respective encryption key of the multiple encryption keys, each encryption key being associated with at least one group, the redundant representation allowing recovery of the data in the absence of the groups associated with the at least one of the multiple encryption keys, and encrypting each group by the respective associated encryption key.
摘要翻译: 至少部分地基于第一密钥使用第一密钥和多个加密密钥加密数据的方法。 该方法包括通过在多个组中分配数据的信息内容来将数据编码为冗余表示,每个组与多个加密密钥的相应加密密钥相关联,每个加密密钥与至少一个组相关联, 所述冗余表示允许在不存在与所述多个加密密钥中的所述至少一个加密密钥相关联的组的情况下恢复数据,以及通过各自相关联的加密密钥加密每个组。
-
公开(公告)号:US20090208019A1
公开(公告)日:2009-08-20
申请号:US12305063
申请日:2007-06-29
申请人: Mehmet Utku Celik , Boris Skoric , Pim Theo Tuyls
发明人: Mehmet Utku Celik , Boris Skoric , Pim Theo Tuyls
CPC分类号: H04L9/085 , H04L9/0861 , H04L63/0478 , H04L2209/60
摘要: The present invention relates to a method and apparatus for encrypting data (105) by means of a first key (115), and a method and apparatus for decrypting encrypted data by means of a second key (185). The present invention alleviates the need for exact key information by allowing encryption of data (105) by means of a first key (115) and subsequent decryption of the encrypted data by means of a second key (185) without the need for the first key (115), provided that the first key (115) and the second key (185) form a sufficient estimate of an encryption/decryption key pair. During encryption, multiple encryption keys (135), at least in part based on the first key (115), are used to encrypt a redundant representation (122) of the data (105). The encrypted data (124) may subsequently be decrypted by using multiple decryption keys (165) based on the second key (185), without the need for the first key (115), provided that the second key (185) forms a sufficient estimate of the first key (115).
摘要翻译: 本发明涉及一种通过第一密钥(115)加密数据(105)的方法和装置,以及用于通过第二密钥(185)解密加密数据的方法和装置。 本发明通过允许借助于第一密钥(115)对数据(105)进行加密以及通过第二密钥(185)对加密数据的后续解密来减轻对精确密钥信息的需要,而不需要第一密钥 (115),条件是第一密钥(115)和第二密钥(185)形成加密/解密密钥对的充分估计。 在加密期间,至少部分地基于第一密钥(115)的多个加密密钥(135)被用于加密数据(105)的冗余表示(122)。 随后可以基于第二密钥(185)使用多个解密密钥(165)来解密加密数据(124),而不需要第一密钥(115),条件是第二密钥(185)形成足够的估计 的第一个键(115)。
-
公开(公告)号:US07898648B2
公开(公告)日:2011-03-01
申请号:US11721389
申请日:2005-12-12
CPC分类号: H04L9/3278 , G07D7/0032
摘要: The invention relates to an optical identifier (30) for generating an identification signal in response to an incident radiation beam (12), and to a corresponding method. In order to provide an optical identifier (30) which can be produced by a simplified process and which has nevertheless a sufficient or even improved stability against environmental interferences it is proposed that said identifier comprises a carrier layer (32), at least partially transparent to said radiation beam (12), having a first scattering face (34) comprising a plurality of randomly oriented partial faces for scattering at least a part of said radiation beam (12), wherein said identification signal is formed by a scattered part of said radiation beam (12). Further, a device comprising said identifier, and a reading apparatus for identifying the identifier are proposed.
摘要翻译: 本发明涉及一种用于响应于入射辐射束(12)产生识别信号的光学标识符(30)以及相应的方法。 为了提供可以通过简化的过程产生并且仍然具有足够或甚至改善的对环境干扰的稳定性的光学标识符(30),建议所述标识符包括载体层(32),至少部分地透明到 所述辐射束(12)具有包括多个随机取向的部分面的第一散射面(34),用于散射所述辐射束(12)的至少一部分,其中所述识别信号由所述辐射的散射部分形成 梁(12)。 此外,提出了包括所述标识符的装置和用于识别标识符的读取装置。
-
公开(公告)号:US20090282259A1
公开(公告)日:2009-11-12
申请号:US12296682
申请日:2007-04-10
CPC分类号: G06Q20/388 , G06F21/35 , G06F2221/2103 , G06Q20/341 , G06Q20/40975 , G07F7/1008 , H04L9/3234 , H04L9/3278 , H04L2209/08 , H04L2209/12 , H04L2209/805
摘要: The present invention relates to a method of authenticating, at a verifier (210), a device (101, 201) comprising a physical token (102), a system for performing authentication and a device comprising a physical token which provides measurable parameters. A basic idea of the present invention is to provide a secure authentication protocol in which a low-power device (101, 201), for example an RFID tag, comprising a physical token (102) in the form of a physical uncloneable function (PUF) is relieved from performing cryptographic operations or other demanding operations in terms of processing power. To this end, a PUF device (101, 201) to be authenticated verifies if it in fact is being queried by an authorized verifier. For instance, an RFID tag comprising a PUF (102) may be arranged in a banknote which a bank wishes to authenticate. This verification is based on the bank's unique ability to reveal concealed data, such as data having been created in an enrolment phase at which the RFID tag (or actually the PUF) was registered with the bank. Now, the RFID tag again challenges its PUF to create response data sent to the verifier. The verifier checks whether the response data is correct and, if so, authenticates the device comprising the physical token, since the device is able to produce response data that corresponds to response data concealed and stored in the enrolment phase.
摘要翻译: 本发明涉及一种在验证器(210)处认证包括物理令牌(102)的设备(101,201),用于执行认证的系统和包括提供可测量参数的物理令牌的设备的方法。 本发明的基本思想是提供一种安全认证协议,其中低功率设备(101,201),例如RFID标签,其包括物理不可克隆功能(PUF)形式的物理令牌(102) )在处理能力方面没有进行密码操作或其他苛刻的操作。 为此,将被认证的PUF设备(101,201)验证其实际上是否被授权验证者查询。 例如,包括PUF(102)的RFID标签可以布置在银行希望认证的钞票中。 这种验证是基于银行揭露隐藏数据的独特能力,例如在RFID标签(或实际上是PUF)在银行注册的注册阶段创建的数据。 现在,RFID标签再次挑战其PUF来创建发送给验证者的响应数据。 验证者检查响应数据是否正确,如果是,则认证包括物理令牌的设备,因为该设备能够产生对应于隐藏并存储在注册阶段中的响应数据的响应数据。
-
公开(公告)号:US20080229119A1
公开(公告)日:2008-09-18
申请号:US12064089
申请日:2006-08-16
IPC分类号: G06F21/00
CPC分类号: G11B20/00086 , G11B20/00123 , G11B20/00173 , G11B20/00268 , G11B20/00876 , H04L9/3234 , H04L9/3236 , H04L9/3278 , H04L2209/60
摘要: The present invention relates to a method of enabling authentication of an information carrier (105), the information carrier (105) comprising a writeable part (155) and a physical token (125) arranged to supply a response upon receiving a challenge, the method comprising the following steps; applying a first challenge (165) to the physical token (125) resulting in a first response (170), and detecting the first response (170) of the physical token (125) resulting in a detected first response data (175), the method being characterized in that it further comprises the following steps; forming a first authentication data (180) based on information derived from the detected first response data (175), signing the first authentication data (180), and writing the signed authentication data (185) in the writeable part (155) of the information carrier (105). The invention further relates to a method of authentication of an information carrier (105), as well as to devices for both enabling authentication as well as authentication of an information carrier (105).
摘要翻译: 本发明涉及一种能够认证信息载体(105)的方法,所述信息载体(105)包括布置成在接收到挑战时提供响应的可写入部分(155)和物理令牌(125),所述方法 包括以下步骤: 将第一挑战(165)应用于所述物理令牌(125),从而产生第一响应(170),并且检测所述物理令牌(125)的第一响应(170),从而产生检测到的第一响应数据(175) 其特征在于还包括以下步骤: 基于从检测到的第一响应数据(175)导出的信息,形成第一认证数据(180),对第一认证数据(180)进行签名,并将签名认证数据(185)写入信息的可写入部分(155) 载体(105)。 本发明还涉及信息载体(105)的认证方法,以及用于启用认证以及信息载体(105)的认证的设备。
-
6.发明申请Transponder System for Transmitting Key-Encrypted Information and Associated Keys 有权用于发送密钥加密信息和关联密钥的转发器系统公开(公告)号:US20080199011A1
公开(公告)日:2008-08-21
申请号:US11917041
申请日:2006-06-14
申请人: Pim Theo Tuyls , Geert Jan Schrijen , Stefan Maubach , Boris Skoric , Antoon Marie Henrie Tombeur
发明人: Pim Theo Tuyls , Geert Jan Schrijen , Stefan Maubach , Boris Skoric , Antoon Marie Henrie Tombeur
CPC分类号: G06K7/0008 , G06K19/0723 , G06K19/14
摘要: A transponder (1) comprises at least one memory (MEM1, MEM2) for storing encrypted information (E_k(EPC, PI)) that has been encrypted by use of a key (k) and for storing the key (k) associated with the encrypted information (E_k(EPC, PI)). The transponder (1) is adapted to send the key (k) slower response than the encrypted information (E_k(EPC, PI)) in response to queries of a reading device (2), which is preferably done by delaying the transmission of the key (k) or by limiting the response rate at which the key (k) is transmitted. In particular the invention is related to RFID systems.
摘要翻译: 应答器(1)包括至少一个存储器(MEM1,MEM2),用于存储已经通过使用密钥(k)加密并用于存储关联的密钥(k)的加密信息(E_k(EPC,PI)) 加密信息(E_k(EPC,PI))。 响应于读取装置(2)的查询,应答器(1)适于发送比加密信息(E_k(EPC,PI))更慢的响应的响应(k),其优选地通过延迟 密钥(k)或限制发送密钥(k)的响应速率。 特别地,本发明涉及RFID系统。
-
公开(公告)号:US20080141364A1
公开(公告)日:2008-06-12
申请号:US11815019
申请日:2006-01-24
申请人: Boris Skoric , Pim Theo Tuyls , Antonius Hermanus Maria Akkermans , Willem Gerard Ophey , Sjoerd Stallinga
发明人: Boris Skoric , Pim Theo Tuyls , Antonius Hermanus Maria Akkermans , Willem Gerard Ophey , Sjoerd Stallinga
IPC分类号: G06F21/00
CPC分类号: G06F21/34 , G06F21/31 , G06F2221/2103 , G09C1/00 , H04L9/3234 , H04L9/3278 , H04L2209/34
摘要: This invention relates to the use 100 of a challenge-response pair 104, 108 for calibrating a device 101 for authenticating 200 a physical token (102) 102.
摘要翻译: 本发明涉及用于校准用于认证物理令牌(102)102的设备101的质询 - 响应对104,108的使用。
-
公开(公告)号:US20090153841A1
公开(公告)日:2009-06-18
申请号:US11573947
申请日:2005-08-15
申请人: Wil Ophey , Sjoerd Stallinga , Pim Theo Tuyls , Antonius Hermanus Maria Akkermans , Boris Skoric
发明人: Wil Ophey , Sjoerd Stallinga , Pim Theo Tuyls , Antonius Hermanus Maria Akkermans , Boris Skoric
IPC分类号: G06K9/74
CPC分类号: H04L9/3278 , G07D7/003 , G07D7/121
摘要: An optical identifier (1) can be used as a Physical Unclonable Function for producing a speckle pattern, as a response, upon being challenged with a light beam, as a challenge. This property can be used for identification of the optical identifier or of an object attached thereto, for the authentication of an information carrier or for generation of transaction keys. Since the response obtained in response to given challenge is highly sensitive to the relative position of the optical identifier, light beam source and detector for the speckle pattern, this relative position has to be accurately adjusted to reliably obtain the same response to a given challenge. To this aim, an optical identifier is proposed having an alignment area (3) for splitting an incident beam into distinct beams (6, 7) which can be detected as alignment signals (10a, 10b, 10c, 10d) on a detector (8) and used for the monitoring and for the adjustment of said relative position.
摘要翻译: 作为挑战,光学标识符(1)可以用作用于产生斑点图案作为响应的物理不可克隆功能,作为响应。 该属性可以用于识别光学标识符或附加到其上的对象,用于信息载体的认证或用于生成交易密钥。 由于响应于给定挑战而获得的响应对于光学标识符,用于散斑图案的光束源和检测器的相对位置高度敏感,所以必须精确地调整该相对位置以可靠地获得对给定挑战的相同响应。 为此目的,提出一种具有用于将入射光束分成不同光束(6,7)的对准区域(3)的光学识别器,其可以被检测为检测器(8)上的对准信号(10a,10b,10c,10d) )并用于监视和调整所述相对位置。
-
公开(公告)号:US20080260152A1
公开(公告)日:2008-10-23
申请号:US12094999
申请日:2006-11-27
申请人: Boris Skoric , Alphons Antonius Maria Lambertus Bruekers , Pim Theo Tuyls , Willem Gerard Ophey
发明人: Boris Skoric , Alphons Antonius Maria Lambertus Bruekers , Pim Theo Tuyls , Willem Gerard Ophey
IPC分类号: H04L9/32
CPC分类号: H04L9/3234 , H04L9/3278
摘要: The present invention relates to a method and a device (104) for authenticating a plurality of physical tokens (101, 102, 103). A basic idea of the invention is to supply a sequence of interconnected devices (108, 109, 110), each device comprising a physical token (101, 102, 103), with a challenge of the respective physical token created during enrollment of said respective physical token, wherein the sequence of interconnected devices is arranged such that a data set supplied to the sequence is cryptographically processed with a response of a token comprised in a device and passed on to a token comprised in a subsequent device which further cryptographically processes the processed data set with its response until a response of a final physical token has been used to further cryptographically process the data set. Then, the data set which has been cryptographically processed with the responses of the tokens in the sequence is received and used together with the data set itself and data associated with the response of the respective token to authenticate the sequence of physical tokens.
摘要翻译: 本发明涉及一种用于认证多个物理令牌(101,102,103)的方法和装置(104)。 本发明的基本思想是提供一系列互连的设备(108,109,110),每个设备包括物理令牌(101,102,103),在所述相应的设备注册期间产生相应物理令牌的挑战 物理令牌,其中所述互连设备的序列被布置为使得提供给所述序列的数据集通过包含在设备中的令牌的响应进行密码处理,并传递到包含在后续设备中的令牌,所述令牌进一步加密处理 数据集具有其响应,直到最终物理令牌的响应已被用于进一步加密处理数据集。 然后,已经用序列中的令牌的响应进行了密码处理的数据集被接收并与数据集本身一起使用,并且与相应令牌的响应相关联的数据被使用以验证物理令牌的顺序。
-
公开(公告)号:US20080237506A1
公开(公告)日:2008-10-02
申请号:US12090364
申请日:2006-10-11
IPC分类号: G01N23/00
CPC分类号: H04L9/3278 , H04L2209/805
摘要: In a device for providing challenge-response pairs a radiation detection element, a challenge-modifying element and preferably also a light source are arranged on the same side of an imaginary plane, which separates said radiation-detecting element from a radiation scattering element. Hence, generation of a speckle pattern having a desired minimum speckle size is facilitated and a more easily assembled device is provided.
摘要翻译: 在用于提供挑战 - 响应对的装置中,辐射检测元件,挑战修改元件以及优选地还有光源被布置在虚拟平面的同一侧上,该假平面将辐射检测元件与辐射散射元件分离。 因此,有助于产生具有期望的最小散斑尺寸的散斑图案,并且提供更容易组装的装置。
-
-
-
-
-
-
-
-
-
搜索结果
70 条记录 (耗时 0.022 秒)
