-
公开(公告)号:US11418321B2
公开(公告)日:2022-08-16
申请号:US15532932
申请日:2015-12-01
申请人: NAGRAVISION S.A.
发明人: Brecht Wyseur
摘要: A block cipher method and apparatus using round repetition for providing, from a plaintext message, a ciphertext message and a global tag is disclosed; the plaintext message is converted into a plurality of ordered plaintext blocks which are successively processed during a round for computing: a cryptogram by encrypting input data using a single cryptographic key, said cryptogram comprising a first segment and a second segment; a ciphertext block by performing a first operation using, as operands: said first segment said current plaintext block and said second segment; at each next round said input data is newly determined based on the current ciphertext block and an updated reproducible data; the ciphertext message is determined by concatenating the ciphertext blocks and the global tag by a second operation using computed authentication local tags as operands.
-
公开(公告)号:US10742394B2
公开(公告)日:2020-08-11
申请号:US15772933
申请日:2016-11-02
申请人: NAGRAVISION S.A.
发明人: Karine Villegas , Brecht Wyseur
摘要: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack. At the same time, by using the main key only once (rather than using the main key each time a sub-key is generated), the vulnerability of the main key to a side-channel attack is reduced, because the opportunities for recovering physical information that could lead to the discovery of the main key are reduced. Specific embodiments use parallel or chained execution of sub-functions to generate respective sub-keys. Other specific embodiments generate all sub-keys from a single one-way function in one go.
-
公开(公告)号:US11336448B2
公开(公告)日:2022-05-17
申请号:US16313273
申请日:2017-06-29
申请人: NAGRAVISION S.A.
发明人: Laurent Dore , Eric Piret , Yasser Belaidi , Brecht Wyseur
摘要: A system and a method for protecting code are provided. Extraction of code to be protected takes place during an object-to-object transformation and that code is replaced with fake binary code. The extracted code to be protected may then be encrypted or otherwise obscured and stored in a separate region of an object file. A prior source-to-source file transformation can be provided to isolate and mark the code to be protected, and to inject additional source code to handle later decryption.
-
公开(公告)号:US09946855B2
公开(公告)日:2018-04-17
申请号:US15438381
申请日:2017-02-21
申请人: NAGRAVISION S.A.
IPC分类号: G06F7/04 , G06F21/16 , H04N21/258 , H04N21/426 , H04N21/442 , H04N21/6334 , H04N21/6377 , G06F21/64 , G06F21/12 , G06F17/30
CPC分类号: G06F21/16 , G06F17/30345 , G06F21/121 , G06F21/64 , G06F2221/0711 , H04N21/25816 , H04N21/42684 , H04N21/44236 , H04N21/6334 , H04N21/6377
摘要: Method to detect cloned software being used on a client user unit. An initialization phase comprises: defining a tag value as being equal to an initial random value, opening a new record storing the tag value and introducing the tag value into the client user unit. An operating phase comprises: preparing a client message comprising the request and a value depending on the tag value; sending the client message to the server; and checking if the tag value of the client message is correct with respect to the stored tag value. If they do not match, the requested service is denied. If they do match, the method sends a server message to the user unit; updates the tag value with a new tag value; and stores the new tag value on the server and user unit.
-
公开(公告)号:US09641331B2
公开(公告)日:2017-05-02
申请号:US14572438
申请日:2014-12-16
申请人: Nagravision S.A.
发明人: Christian Schwarz , Brecht Wyseur
CPC分类号: H04L9/14 , H04L9/0637 , H04L2209/16 , H04L2209/76
摘要: A method is disclosed for converting a conditional access content. This method includes receiving, by a cryptographic module of a first receiver, the content encrypted according to the first encryption mode; choosing a first entry data of the combination of the first encryption mode choosing a second entry data of the combination of the second encryption mode inverting the first and second input data in order to process the content received by the cryptographic module of the first receiver, this processing including a decryption operation according to the first encryption mode, by using the entry data corresponding to the second encryption mode, and to process the content obtained during the previous processing step, this processing including an encryption operation according to the second encryption mode, by using the entry data corresponding to the first encryption mode.
-
公开(公告)号:US10939163B2
公开(公告)日:2021-03-02
申请号:US15774671
申请日:2016-11-10
申请人: NAGRAVISION S.A.
IPC分类号: G06F21/16 , H04N21/4405 , H04N21/8355 , H04N21/6334 , H04N21/8358 , H04N19/467 , H04N5/913
摘要: A method for watermarking an encrypted digital content stored in a content distribution network (CDN) method comprises the steps of receiving in the CDN, a non-watermarked encrypted content and marking metadata, said non-watermarked encrypted content being the result of an encryption of a non-watermarked clear content by a stream cipher process, said marking metadata indicating locations in the content suitable for a modification of said content; using a watermark formed of watermark values and corresponding to a unique identifier; and producing a watermarked encrypted content by combining in the CDN, with a combination function, the values forming the watermark with the non-watermarked encrypted content in locations indicated by the marking metadata.
-
公开(公告)号:US11658954B2
公开(公告)日:2023-05-23
申请号:US16446820
申请日:2019-06-20
申请人: NAGRAVISION S.A.
IPC分类号: H04L29/06 , H04L9/40 , H04L9/14 , H04N21/2347 , H04N21/426 , H04N21/254 , H04N21/4627 , H04N21/6334 , H04L9/08
CPC分类号: H04L63/061 , H04L9/0844 , H04L9/0847 , H04L9/14 , H04N21/2347 , H04N21/2541 , H04N21/42623 , H04N21/4627 , H04N21/6334 , H04L2209/24
摘要: The present invention relates in particular to a pairing method between a multimedia unit and one operator having an operator identifier, the multimedia unit having a multimedia unit identifier and receiving conditional access data from said operator, the method being characterized in that:
receiving by the multimedia unit a multimedia unit key formed by applying a first cryptographically function to a personalization key and to the multimedia unit identifier;
receiving by the operator an operator key formed by applying a second cryptographically function to said personalization key and to the operator identifier;
said multimedia unit further having a function of the multimedia unit and said operator further having a function of the operator, these functions being such that the result of the application of the function of the operator to said operator key and to said multimedia unit identifier is equal to the result of the application of the function of the multimedia unit to said multimedia unit key and to said operator identifier, this result forming a pairing key between said multimedia unit and said operator.-
公开(公告)号:US11526616B1
公开(公告)日:2022-12-13
申请号:US17099814
申请日:2020-11-17
申请人: NAGRAVISION S.A.
发明人: Brecht Wyseur
摘要: The present invention concerns the field of software verification, in particular to check whether the run-time integrity of a software application can be demonstrated. It is therefore proposed a method to verify, by a verification server, the execution integrity of an application in a target device wherein the verification server receives an application signature generated from run time application information on the target device, said signature being used to verify the execution integrity of the application in the target device, said application comprising an array of blocks, each block producing a digest, thus producing an array of digests related to the array of blocks, comprising the steps of: —sending to the target device a message comprising a challenge and a first function, said first function defining an aggregation method, said challenge defining an aggregation instruction, —receiving an attestation from the target device, this attestation being generated by the target device by determining for each block, the corresponding digest for said block, aggregating the digests of the blocks according to the aggregation method of the first function and the challenge to produce the attestation related to the application, —applying a second function to the attestation by the verification server, said second function undoing the effect of the challenge thus producing an application signature independent of the challenge, —verifying the execution integrity of the application by comparing the produced application signature with a reference signature.
-
公开(公告)号:US11546135B2
公开(公告)日:2023-01-03
申请号:US16918426
申请日:2020-07-01
申请人: NAGRAVISION S.A.
发明人: Karine Villegas , Brecht Wyseur
IPC分类号: H04L9/06
摘要: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack. At the same time, by using the main key only once (rather than using the main key each time a sub-key is generated), the vulnerability of the main key to a side-channel attack is reduced, because the opportunities for recovering physical information that could lead to the discovery of the main key are reduced. Specific embodiments use parallel or chained execution of sub-functions to generate respective sub-keys. Other specific embodiments generate all sub-keys from a single one-way function in one go.
-
公开(公告)号:US11297170B2
公开(公告)日:2022-04-05
申请号:US16958081
申请日:2018-12-26
申请人: NAGRAVISION S.A.
发明人: Brecht Wyseur , Klaus Kursawe
摘要: A method of transmitting data to a receiver via a network includes transmitting a sequence of first data packets to the receiver via the network, each first data packet including payload data and identification data, the identification data identifying the respective first data packet, the identification data being different for each first data packet. The method also includes transmitting a corresponding second data packet for each first data packet to the receiver via the network, each second data packet including the data enabling identification of the corresponding first data packet and additional data related to the corresponding first data packet, the data enabling identification of the corresponding first data packet enabling the receiver to associate each second data packet with the corresponding first data packet.
-
-
-
-
-
-
-
-
-
搜索结果
12 条记录 (耗时 0.012 秒)
