公开(公告)号：US09674165B2

公开(公告)日：2017-06-06

申请号：US14724315

申请日：2015-05-28

Applicant: NXP B.V.

Inventor： Michael Michel Patrick Peeters ,  Rudi Verslegers ,  Dimitri Warnez

IPC: H04L29/06 ,  H04L9/08

CPC classification number: H04L63/061 ,  H04L9/0861 ,  H04L63/062

Abstract: Various embodiments relate to a method, device, and non-transitory medium including: determining a master key value for use in secure communications with a different device, wherein the master key value is used as a master key; deriving at least one session key using the master key; generating a new master key value based on the master key; deleting the current master key value; and using the new master key value as the master key.

公开(公告)号：US20210133362A1

公开(公告)日：2021-05-06

申请号：US17081589

申请日：2020-10-27

Applicant: NXP B.V.

Inventor： Marcel Medwed ,  Tobias Schneider ,  Ventzislav Nikov ,  Jorge Miguel Ventuzelos Pereira ,  Rudi Verslegers ,  Nikita Veshchikov ,  Joppe Willem Bos ,  Jan Hoogerbrugge

IPC: G06F21/74 ,  G06F21/60

Abstract: A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.

公开(公告)号：US11687678B2

公开(公告)日：2023-06-27

申请号：US17081589

申请日：2020-10-27

Applicant: NXP B.V.

Inventor： Marcel Medwed ,  Tobias Schneider ,  Ventzislav Nikov ,  Jorge Miguel Ventuzelos Pereira ,  Rudi Verslegers ,  Nikita Veshchikov ,  Joppe Willem Bos ,  Jan Hoogerbrugge

IPC: G06F21/74 ,  G06F21/60

CPC classification number: G06F21/74 ,  G06F21/606

Abstract: A device and methods are described that comprise at least one host application and a rich execution environment. At least one interface is operably coupled to the REE for communicating with a remote server. A security sub-system comprises a security monitoring and control circuit coupled to the REE and connectable to the remote server via the REE and the at least one interface. The security monitoring and control circuit comprises an analytics circuit configured to detect an anomaly following a compromisation of the device. The security monitoring and control circuit is arranged to treat the REE as an untrusted component and in response to a detection of a compromisation of the REE or a component in the device that is accessible by the REE by the analytics circuit, the security monitoring and control circuit is configured to re-establish a secure connection to the remote server that tunnels through the REE and at least partially removes the compromisation from the device.

公开(公告)号：US20210272016A1

公开(公告)日：2021-09-02

申请号：US16805953

申请日：2020-03-02

Applicant: NXP B.V.

Inventor： Nikita Veshchikov ,  Rudi Verslegers

IPC: G06N20/00 ,  G06F11/07

Abstract: A data processing system and a method are provided for acquiring data for training a machine learning (ML) model for use in self-monitoring the data processing system. The data processing system operates in a data acquisition mode to acquire training data for training the ML model. The training data is acquired from an anomaly detector of the data processing system while operating in the data acquisition mode. At least a portion of the training data is determined to be biased, and a portion of the training data is unbiased. The unbiased portion of the training data is transferred to a training environment external to the data processing system. The unbiased portion of the training data is acquired for training the ML model to function with the anomaly detector during a normal operating mode to determine when an anomaly is present in the data processing system.

公开(公告)号：US11586983B2

公开(公告)日：2023-02-21

申请号：US16805953

申请日：2020-03-02

Applicant: NXP B.V.

Inventor： Nikita Veshchikov ,  Rudi Verslegers

IPC: G06F11/00 ,  G06N20/00 ,  G06F11/07 ,  G06F11/34 ,  G06F11/22

Abstract: A data processing system and a method are provided for acquiring data for training a machine learning (ML) model for use in self-monitoring the data processing system. The data processing system operates in a data acquisition mode to acquire training data for training the ML model. The training data is acquired from an anomaly detector of the data processing system while operating in the data acquisition mode. At least a portion of the training data is determined to be biased, and a portion of the training data is unbiased. The unbiased portion of the training data is transferred to a training environment external to the data processing system. The unbiased portion of the training data is acquired for training the ML model to function with the anomaly detector during a normal operating mode to determine when an anomaly is present in the data processing system.

公开(公告)号：US11206130B2

公开(公告)日：2021-12-21

申请号：US16050350

申请日：2018-07-31

Applicant: NXP B.V.

Inventor： Joppe Willem Bos ,  Rudi Verslegers ,  Wilhelmus Petrus Adrianus Johannus Michiels

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/06 ,  H04L9/14 ,  H04L9/32

Abstract: Various embodiments relate to a method of generating a shared secret for use in a symmetric cipher, including: receiving, by a processor, an encoded key Enc(K) and a white-box implementation of the symmetric cipher, where the encoded key Enc(K) is used in the white-box implementation; selecting, by the processor, homomorphic functions ⊙ and ⊗ and the values c1 and c3 such that Enc(K)⊙c1=Enc(K⊗c3); and transmitting, by the processor, ⊗ and c3 to another device.

公开(公告)号：US10516541B2

公开(公告)日：2019-12-24

申请号：US15703597

申请日：2017-09-13

Applicant: NXP B.V.

Inventor： Joppe Willem Bos ,  Jan Hoogerbrugge ,  Wilhelmus Petrus Adrianus Johannus Michiels ,  Rudi Verslegers

IPC: H04L29/00 ,  H04L9/32 ,  H04L9/00 ,  H04L9/06 ,  H04L29/06 ,  H04L9/30

Abstract: Various embodiments relate to a method for producing a digital signature using a white-box implementation of a cryptographic digital signature function, including: receiving a input message; hashing the input message; generating a nonce based upon the input message and the white-box implementation of the cryptographic digital signature function; and computing a digital signature of the input using the nonce.