-
公开(公告)号:US10650147B2
公开(公告)日:2020-05-12
申请号:US15190724
申请日:2016-06-23
Applicant: NXP B.V.
Inventor: Peter Maria Franciscus Rombouts , Eric Vos
Abstract: A control flow enforcement solution for ensuring that a program or portion thereof behaves as expected during execution upon a processor. A reference control flow is pre-determined for the program using, for example, a control flow graph (CFG). The CFG is then analysed to provide a set of rules which describe how the program should behave under normal execution. As the program executes it is monitored and the rules are evaluated to enable detection of any unexpected control flow. An embodiment of this disclosure is configured to respond upon detection that a rule has been violated. The response can take the form of any appropriate intervention such as a processor interrupt, memory fault, processor reset or generation of an alert. In this way, an embodiment of this disclosure may provide a particularly effective mechanism for detecting and defending against malicious activities such as return oriented programming attacks. The invention can be utilised to effect with any program but may be particularly suited for use with programs executing upon embedded processors.
-
公开(公告)号:US20150181422A1
公开(公告)日:2015-06-25
申请号:US14134905
申请日:2013-12-19
Applicant: NXP B.V.
Inventor: Peter Maria Franciscus Rombouts , Philippe Teuwen , Frank Michaud
CPC classification number: H04L63/0876 , H04L9/3271 , H04L63/045 , H04L63/0853 , H04L2209/16 , H04L2209/80 , H04L2463/101 , H04W12/04 , H04W12/06 , H04W12/08
Abstract: A mobile device, including: a wireless communication interface; a memory storing a secure software application; and a processor in communication with the memory, the processor being configured to: transmit an authentication challenge to the SIM card; receive an authentication response from the SIM card; verify the authentication response from the SIM card; and enable the secure software application when the authentication response from the SIM card is verified.
Abstract translation: 一种移动设备,包括:无线通信接口; 存储安全软件应用的存储器; 以及与所述存储器通信的处理器,所述处理器被配置为:向SIM卡传送认证挑战; 从SIM卡接收认证响应; 验证SIM卡的认证响应; 并在验证来自SIM卡的认证响应时启用安全软件应用程序。
-
公开(公告)号:US10135621B2
公开(公告)日:2018-11-20
申请号:US14145671
申请日:2013-12-31
Applicant: NXP B.V.
Abstract: In order to reduce latency of elliptical curve digital signature generation a portion of the digital signature is pre-calculated before receipt of the message hash using an unmodified ECDSA computing engine. After the message hash is received, the digital signature is completed without using the ECDSA computing engine. Applications include generating digital signatures for the safety messages in Intelligent Transport Systems.
-
公开(公告)号:US09584514B2
公开(公告)日:2017-02-28
申请号:US14995924
申请日:2016-01-14
Applicant: NXP B.V.
Inventor: Peter Maria Franciscus Rombouts , Philippe Teuwen , Frank Michaud
CPC classification number: H04L63/0876 , H04L9/3271 , H04L63/045 , H04L63/0853 , H04L2209/16 , H04L2209/80 , H04L2463/101 , H04W12/04 , H04W12/06 , H04W12/08
Abstract: Various embodiments include a method for binding a secure software application to a mobile device wherein the mobile device includes a processor and a subscriber identity module (SIM) card, including transmitting, by the processor, an authentication challenge to the SIM card; receiving an authentication response from the SIM card; verifying the authentication response from the SIM card; and enabling the secure software application when the authentication response from the SIM card is verified.
Abstract translation: 各种实施例包括用于将安全软件应用程序绑定到移动设备的方法,其中移动设备包括处理器和订户身份模块(SIM)卡,包括由处理器向SIM卡发送认证挑战; 从SIM卡接收认证响应; 验证来自SIM卡的认证响应; 并且当验证来自SIM卡的认证响应时,启用安全软件应用。
-
公开(公告)号:US20150143533A1
公开(公告)日:2015-05-21
申请号:US14549502
申请日:2014-11-20
Applicant: NXP B.V.
IPC: H04L29/06
CPC classification number: G06F21/14 , G06F8/51 , G06F8/76 , G06F9/46 , G06F21/53 , G06F21/71 , G06F2221/2107 , G06Q20/3227 , H04L63/0853 , H04L2463/102
Abstract: Disclosed is a method of generating a structure comprising at least one virtual machine, the method comprising: obfuscating a first virtual machine source code, thereby yielding a first obfuscated virtual machine (OVM) source code; associating a processor identifier with the first OVM source code, thereby yielding a processor-specific first OVM source code; compiling the processor-specific first OVM source code, thereby yielding a processor-specific first OVM. Furthermore, a structure generated by said method is disclosed.
Abstract translation: 公开了一种生成包括至少一个虚拟机的结构的方法,所述方法包括:模糊第一虚拟机源代码,从而产生第一混淆虚拟机(OVM)源代码; 将处理器标识符与第一OVM源代码相关联,从而产生特定于处理器的第一OVM源代码; 编译处理器特定的第一个OVM源代码,从而产生特定于处理器的第一个OVM。 此外,公开了通过所述方法生成的结构。
-
Patent Agency Ranking
公开(公告)号:US09563754B2
公开(公告)日:2017-02-07
申请号:US14549502
申请日:2014-11-20
Applicant: NXP B.V.
CPC classification number: G06F21/14 , G06F8/51 , G06F8/76 , G06F9/46 , G06F21/53 , G06F21/71 , G06F2221/2107 , G06Q20/3227 , H04L63/0853 , H04L2463/102
Abstract: Disclosed is a method of generating a structure comprising at least one virtual machine, the method comprising: obfuscating a first virtual machine source code, thereby yielding a first obfuscated virtual machine (OVM) source code; associating a processor identifier with the first OVM source code, thereby yielding a processor-specific first OVM source code; compiling the processor-specific first OVM source code, thereby yielding a processor-specific first OVM. Furthermore, a structure generated by said method is disclosed.
Abstract translation: 公开了一种生成包括至少一个虚拟机的结构的方法,所述方法包括:模糊第一虚拟机源代码,从而产生第一混淆虚拟机(OVM)源代码; 将处理器标识符与第一OVM源代码相关联,从而产生特定于处理器的第一OVM源代码; 编译处理器特定的第一个OVM源代码,从而产生特定于处理器的第一个OVM。 此外,公开了通过所述方法生成的结构。
-
7.发明申请RANDOM DATA FROM GNSS SIGNALS AND SECURE RANDOM VALUE PROVISIONING FOR SECURE SOFTWARE COMPONENT IMPLEMENTATIONS 审中-公开来自GNSS信号的随机数据和安全软件组件实现的安全随机值提供公开(公告)号:US20150172050A1
公开(公告)日:2015-06-18
申请号:US14104772
申请日:2013-12-12
Applicant: NXP B.V.
Inventor: Philippe Teuwen , Peter Maria Franciscus Rombouts , Frank Michaud
IPC: H04L9/14
CPC classification number: H04L9/0872 , G06F7/588 , H04L2209/16
Abstract: A method for verifying the integrity of navigation data used to produce random values for a white-box cryptography system including: receiving information from a navigation system; verifying the integrity of the received navigation information; extracting random information from the received navigation information; and performing a white-box cryptography operation using the extracted random information. Also, a method for determining that the random information samples used to produce random values for a white-box cryptography system have sufficient entropy, including: determining a number of random samples to initially collect; collecting the number of random samples from an external random number generator; calculating the entropy of the collected random samples; encrypting or hashing the collected random samples using the white-box cryptography system and a secret key; and performing a white-box cryptography operation using the encrypted collected random samples.
Abstract translation: 一种用于验证用于产生白盒加密系统的随机值的导航数据的完整性的方法,包括:从导航系统接收信息; 验证所接收的导航信息的完整性; 从接收到的导航信息中提取随机信息; 以及使用所提取的随机信息执行白盒加密操作。 另外,用于确定用于产生白盒加密系统的随机值的随机信息样本具有足够的熵的方法,包括:确定要初始收集的随机样本数; 从外部随机数发生器收集随机样本的数量; 计算收集的随机样本的熵; 使用白盒加密系统和秘密密钥加密或散列收集的随机样本; 以及使用加密的收集的随机样本执行白盒加密操作。
-
公开(公告)号:US20180330073A1
公开(公告)日:2018-11-15
申请号:US16045645
申请日:2018-07-25
Applicant: NXP B.V.
Inventor: Peter Maria Franciscus Rombouts
CPC classification number: G06F21/44 , G06F21/33 , H04L9/007 , H04L9/3247 , H04L9/3265 , H04L63/0823 , H04L2209/38
Abstract: A public key architecture (160) includes a dual certificate hierarchy which facilitates two independent authentication functions. One of the authentication functions authenticates an authentication device (164) to a verification device (166). The other authentication function authenticates a configuration device (162) to the authentication device (164). In some embodiments, the authentication process uses a lightweight certificate formed in conjunction with a lightweight signature scheme (370).
-
公开(公告)号:US09953144B2
公开(公告)日:2018-04-24
申请号:US14227681
申请日:2014-03-27
Applicant: NXP B.V.
Inventor: Peter Maria Franciscus Rombouts , Frank Michaud , Philippe Teuwen
CPC classification number: G06F21/105 , G06F8/61 , G06F9/44505 , G06F21/121 , G06F21/602 , G06F21/73 , G06F2221/0704 , G06F2221/0744 , G06F2221/2129 , H04L63/0876
Abstract: A method of binding a software to a device is disclosed. Accordingly, during a setup of the software in the device, a unique identifier is derived from contents stored in the device and the derived unique identifier is encrypted. The derived unique identifier is then stored in a configuration of the software. During a next invocation of the software in the device, a new unique identifier is derived from the contents stored in the device. The newly derived unique identifier is then matched with the stored unique identifier. The execution of the software is terminated if the matching fails.
-
10.发明申请METHOD TO REDUCE THE LATENCY OF ECDSA SIGNATURE GENERATION USING PRECOMPUTATION 审中-公开减少ECDSA签名生成使用预处理的方法公开(公告)号:US20150188713A1
公开(公告)日:2015-07-02
申请号:US14145671
申请日:2013-12-31
Applicant: NXP B.V.
CPC classification number: H04L9/3252 , H04L9/3066 , H04L2209/046 , H04L2209/122 , H04L2209/72 , H04L2209/76
Abstract: In order to reduce latency of elliptical curve digital signature generation a portion of the digital signature is pre-calculated before receipt of the message hash using an unmodified ECDSA computing engine. After the message hash is received, the digital signature is completed without using the ECDSA computing engine. Applications include generating digital signatures for the safety messages in Intelligent Transport Systems.
Abstract translation: 为了减少椭圆曲线数字签名生成的延迟,在使用未修改的ECDSA计算引擎接收消息散列之前,预先计算出数字签名的一部分。 在接收到消息散列之后,数字签名在不使用ECDSA计算引擎的情况下完成。 应用包括为智能交通系统中的安全信息生成数字签名。
-
-
-
-
-
-
-
-
-
Search Results
16
records
(took 0.013 seconds)
