公开(公告)号：US09864851B2

公开(公告)日：2018-01-09

申请号：US14235384

申请日：2011-07-28

申请人： Neil Patrick Adams ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown ,  Dinah Lea Marie Davis ,  Christopher Labrador ,  Alfred John Menezes

发明人： Neil Patrick Adams ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown ,  Dinah Lea Marie Davis ,  Christopher Labrador ,  Alfred John Menezes

IPC分类号： G06F17/30 ,  G06F21/31 ,  H04L9/08 ,  H04L9/32 ,  G06F21/33 ,  H04L29/06

CPC分类号： G06F21/31 ,  G06F21/33 ,  H04L9/0869 ,  H04L9/3226 ,  H04L63/06 ,  H04L63/083

摘要： A system, device and method for authenticating a user. The system, device and method may employ a computing device for providing credentials required for access to an on-line resource available over a network. The computing device may connect to the on-line resource to register a user. The computing device may receive from the on-line resource at least one request for a credential to identify the user. In response to the request, the computing device may generate a random credential, store the random credential in association with an on-line resource identifier and the request in a data store accessible to the computing device and, submit the random credential to the on-line resource to register the user.

公开(公告)号：US20140173704A1

公开(公告)日：2014-06-19

申请号：US14235384

申请日：2011-07-28

申请人： Neil Patrick Adams ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown ,  Dinah Lea Marie Davis ,  Christopher Labrador ,  Alfred John Menezes

发明人： Neil Patrick Adams ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown ,  Dinah Lea Marie Davis ,  Christopher Labrador ,  Alfred John Menezes

IPC分类号： G06F21/31

CPC分类号： G06F21/31 ,  G06F21/33 ,  H04L9/0869 ,  H04L9/3226 ,  H04L63/06 ,  H04L63/083

摘要： A system, device and method for authenticating a user. The system, device and method may employ a computing device for providing credentials required for access to an on-line resource available over a network. The computing device may connect to the on-line resource to register a user. The computing device may receive from the on-line resource at least one request for a credential to identify the user. In response to the request, the computing device may generate a random credential, store the random credential in association with an on-line resource identifier and the request in a data store accessible to the computing device and, submit the random credential to the on-line resource to register the user.

摘要翻译： 用于认证用户的系统，设备和方法。 系统，设备和方法可以使用计算设备来提供访问通过网络可用的在线资源所需的证书。 计算设备可以连接到在线资源以注册用户。 计算设备可以从在线资源接收至少一个用于凭证的请求以识别该用户。 响应于该请求，计算设备可以生成随机凭证，将在线资源标识符和请求存储在计算设备可访问的数据存储器中的随机凭证，并将随机凭证提交给在线资源标识符， 线资源注册用户。

公开(公告)号：US08462944B2

公开(公告)日：2013-06-11

申请号：US13181184

申请日：2011-07-12

申请人： Scott Alexander Vanstone ,  Ashok Vadekar ,  Robert John Lambert ,  Robert Philip Gallant ,  Daniel Richard L. Brown ,  Alfred John Menezes

发明人： Scott Alexander Vanstone ,  Ashok Vadekar ,  Robert John Lambert ,  Robert Philip Gallant ,  Daniel Richard L. Brown ,  Alfred John Menezes

IPC分类号： H04L9/30

CPC分类号： H04L9/0869 ,  H04L2209/26 ,  H04L2209/46

摘要： A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.

摘要翻译： 通过选择密钥并将其与系统参数进行比较来避免私钥生成中的潜在偏差。 如果达到预定条件，则被接受。 如果不是，则被拒绝并生成新的密钥。

公开(公告)号：US08000470B2

公开(公告)日：2011-08-16

申请号：US12119248

申请日：2008-05-12

申请人： Scott Alexander Vanstone ,  Ashok Vadekar ,  Robert John Lambert ,  Robert Philip Gallant ,  Daniel Richard L. Brown ,  Alfred John Menezes

发明人： Scott Alexander Vanstone ,  Ashok Vadekar ,  Robert John Lambert ,  Robert Philip Gallant ,  Daniel Richard L. Brown ,  Alfred John Menezes

IPC分类号： H04L9/30 ,  G06F7/58

CPC分类号： H04L9/0869 ,  H04L2209/26 ,  H04L2209/46

摘要： A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.

摘要翻译： 通过选择密钥并将其与系统参数进行比较来避免私钥生成中的潜在偏差。 如果达到预定条件，则被接受。 如果不是，则被拒绝并生成新的密钥。

公开(公告)号：US08090947B2

公开(公告)日：2012-01-03

申请号：US12837104

申请日：2010-07-15

申请人： Scott Alexander Vanstone ,  Alfred John Menezes ,  Minghua Qu

发明人： Scott Alexander Vanstone ,  Alfred John Menezes ,  Minghua Qu

IPC分类号： H04L9/30

CPC分类号： H04L9/0841 ,  G06F7/725 ,  H04L9/3247

摘要： A key establishment protocol between a pair of correspondents includes the generation by each correspondent of respective signatures. The signatures are derived from information that is private to the correspondent and information that is public. After exchange of signatures, the integrity of exchange messages can be verified by extracting the public information contained in the signature and comparing it with information used to generate the signature. A common session key may then be generated from the public and private information of respective ones of the correspondents.

摘要翻译： 一对记者之间的密钥建立协议包括每个记者生成各个签名。 签名来自对记者的私人信息和公开的信息。 在签名交换之后，可以通过提取签名中包含的公开信息并将其与用于生成签名的信息进行比较来验证交换消息的完整性。 然后可以从相应记者的公共和私人信息生成公共会话密钥。

公开(公告)号：US08397294B2

公开(公告)日：2013-03-12

申请号：US12956296

申请日：2010-11-30

申请人： Scott Alexander Vanstone ,  Neil Patrick Adams

发明人： Scott Alexander Vanstone ,  Neil Patrick Adams

IPC分类号： H04L29/06

CPC分类号： G06F21/60 ,  G06F21/31 ,  G06F21/6245 ,  G06F2221/2119

摘要： A device and method are provided for a device that communicates security information to a user entering content into the device. In an aspect, the device may access content from a server over a connection through the network. The device displays the content on a user interface of the device. The device detects information entered into a field of the displayed content and evaluates a security state of the device. If the security state is below a security threshold and, if the entered information is identified as protected information based on stored criteria, the device displaying a visual indication on the user interface.

摘要翻译： 提供了一种用于将安全信息传送到将内容输入到设备中的用户的设备和方法。 在一方面，设备可以通过网络通过连接访问来自服务器的内容。 设备在设备的用户界面上显示内容。 设备检测输入到显示的内容的字段中的信息，并评估设备的安全状态。 如果安全状态低于安全阈值，并且如果输入的信息基于存储的标准被识别为受保护信息，则该设备在用户界面上显示可视指示。

公开(公告)号：US09003181B2

公开(公告)日：2015-04-07

申请号：US13070178

申请日：2011-03-23

申请人： Herbert Anthony Little ,  Matthew John Campagna ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown

发明人： Herbert Anthony Little ,  Matthew John Campagna ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown

IPC分类号： H04L29/00 ,  H04L9/08 ,  H04L9/30 ,  H04L9/32

CPC分类号： H04L9/0844 ,  H04L9/3066 ,  H04L9/3263

摘要： During generation of an implicit certificate for a requestor, a certificate authority incorporates information in the public-key reconstruction data, where the public-key reconstruction data is to be used to compute the public key of the requestor. The information may be related to one or more of the requestor, the certificate authority, and the implicit certificate. The certificate authority reversibly encodes the public-key reconstruction data in the implicit certificate and sends it to the requestor. After receiving the implicit certificate from the certificate authority, the requestor can extract the incorporated information from the public-key reconstruction data. The implicit certificate can be made available to a recipient, and the recipient can also extract the incorporated information.

摘要翻译： 在为请求者生成隐式证书期间，证书颁发机构将公钥重构数据中的信息合并在一起，其中公钥重构数据将用于计算请求者的公开密钥。 信息可能与请求者，证书颁发机构和隐含证书中的一个或多个有关。 证书颁发机构对隐含证书中的公钥重构数据进行可逆编码，并将其发送给请求者。 从认证机构收到隐含证书后，请求者可以从公钥重构数据中提取合并信息。 隐式证书可以提供给收件人，收件人还可以提取合并的信息。

公开(公告)号：US08675869B2

公开(公告)日：2014-03-18

申请号：US13070226

申请日：2011-03-23

申请人： Herbert Anthony Little ,  Matthew John Campagna ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown

发明人： Herbert Anthony Little ,  Matthew John Campagna ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown

IPC分类号： H04K1/00

CPC分类号： H04L9/3066 ,  H04L9/3252 ,  H04L2209/38 ,  H04L2209/80

摘要： During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported to be signed by the signer, a verifier can extract the particular information from the signature component.

摘要翻译： 在生成消息的签名以产生签名消息时，签名者确定签名组件中的一个，从而可以从签名组件提取特定信息。 特定信息可以与签名者和要签名的消息中的一个或多个有关。 在收到签名者签名的签名信息后，验证者可以从签名组件中提取特定信息。

公开(公告)号：US20120137368A1

公开(公告)日：2012-05-31

申请号：US12956296

申请日：2010-11-30

申请人： Scott Alexander Vanstone ,  Neil Patrick Adams

发明人： Scott Alexander Vanstone ,  Neil Patrick Adams

IPC分类号： G06F21/24

CPC分类号： G06F21/60 ,  G06F21/31 ,  G06F21/6245 ,  G06F2221/2119

摘要： A device and method are provided for a device that communicates security information to a user entering content into the device. In an aspect, the device may access content from a server over a connection through the network. The device displays the content on a user interface of the device. The device detects information entered into a field of the displayed content and evaluates a security state of the device. If the security state is below a security threshold and, if the entered information is identified as protected information based on stored criteria, the device displaying a visual indication on the user interface.

摘要翻译： 提供了一种用于将安全信息传送到将内容输入到设备中的用户的设备和方法。 在一方面，设备可以通过网络通过连接访问来自服务器的内容。 设备在设备的用户界面上显示内容。 设备检测输入到显示的内容的字段中的信息，并评估设备的安全状态。 如果安全状态低于安全阈值，并且如果输入的信息基于存储的标准被识别为受保护信息，则该设备在用户界面上显示可视指示。

公开(公告)号：US20120246465A1

公开(公告)日：2012-09-27

申请号：US13070178

申请日：2011-03-23

申请人： Herbert Anthony Little ,  Matthew John Campagna ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown

发明人： Herbert Anthony Little ,  Matthew John Campagna ,  Scott Alexander Vanstone ,  Daniel Richard L. Brown

IPC分类号： H04L9/30

CPC分类号： H04L9/0844 ,  H04L9/3066 ,  H04L9/3263

摘要： During generation of an implicit certificate for a requestor, a certificate authority incorporates information in the public-key reconstruction data, where the public-key reconstruction data is to be used to compute the public key of the requestor. The information may be related to one or more of the requestor, the certificate authority, and the implicit certificate. The certificate authority reversibly encodes the public-key reconstruction data in the implicit certificate and sends it to the requestor. After receiving the implicit certificate from the certificate authority, the requestor can extract the incorporated information from the public-key reconstruction data. The implicit certificate can be made available to a recipient, and the recipient can also extract the incorporated information.

摘要翻译： 在为请求者生成隐式证书期间，证书颁发机构将公钥重构数据中的信息合并在一起，其中公钥重构数据将用于计算请求者的公开密钥。 信息可能与请求者，证书颁发机构和隐含证书中的一个或多个有关。 证书颁发机构对隐含证书中的公钥重构数据进行可逆编码，并将其发送给请求者。 从认证机构收到隐含证书后，请求者可以从公钥重构数据中提取合并信息。 隐式证书可以提供给收件人，收件人还可以提取合并的信息。