-
公开(公告)号:US5943426A
公开(公告)日:1999-08-24
申请号:US934691
申请日:1997-09-22
CPC分类号: H04L63/12 , H04L29/06 , H04L69/04 , H04L9/3247 , H04L2209/30 , H04L2209/60
摘要: A communication network (10) includes any number of interconnected nodes (20), including a sending node (22), a sending gateway (24), a receiving gateway (26), and a destination node (28). A low capacity or expensive communication channel (30) resides between the sending and receiving gateways (24, 26). An original digitally signed message is sent from the sending node (22) toward the destination node (28). When the original message arrives at the sending gateway (24), the original signature is verified. If verified, the sending gateway (24) shrinks the original message into a reduced message and re-signs the message with a gateway digital signature before sending the message onward through the communication channel (30) toward the destination node (28). The destination node (28) verifies the gateway digital signature against the reduced message and is not required to de-compress the reduced message into a precise duplicate of the original message.
摘要翻译: 通信网络(10)包括任何数量的互连节点(20),包括发送节点(22),发送网关(24),接收网关(26)和目的地节点(28)。 低容量或昂贵的通信信道(30)驻留在发送和接收网关(24,26)之间。 从发送节点(22)向目的地节点(28)发送原始的数字签名消息。 当原始消息到达发送网关(24)时,验证原始签名。 如果验证,则发送网关(24)将原始消息缩小为缩减消息,并且在通过通信信道(30)向主目的地节点(28)向前发送消息之前用网关数字签名重新签署消息。 目的地节点(28)针对减少的消息验证网关数字签名,并且不需要将缩减的消息解压缩为原始消息的精确副本。
-
公开(公告)号:US5917911A
公开(公告)日:1999-06-29
申请号:US788068
申请日:1997-01-23
CPC分类号: H04L9/3247 , H04L9/0836 , H04L9/0894
摘要: A key management system includes a hierarchy (10) of independent key arbitration centers (KAC) for providing access to a user's session keys through key management centers (KMC). When a court order is issued for a user's session keys, a message requesting the keys is transferred down through hierarchy until a terminal KAC (16,36) is reached. Each KAC in the hierarchy adds its ID and signs (116) the message, verifying prior signatures (114). The user's ID is encrypted with the terminal KAC's public key. The terminal KAC engages in a blind key access procedure (129) with the KMC (18,38) to receive the user's session key. The key is provided encrypted with the requesting party's or agency's public key. Accordingly, privacy is assured because only the KMC and the requesting agency have access to the actual key value, and only the terminal KAC and requesting agency have access to the user's ID. No other KACs in the hierarchy have access to the user ID or key value, and the KMC does not know which user's key has been provided.
摘要翻译: 密钥管理系统包括用于通过密钥管理中心(KMC)提供对用户会话密钥的访问的独立密钥仲裁中心(KAC)的层次结构(10)。 当为用户的会话密钥发出法庭命令时,请求密钥的消息通过层次结构传送,直到到达终端KAC(16,36)。 层级中的每个KAC将其ID和符号(116)添加到消息中,验证先前的签名(114)。 使用终端KAC的公钥加密用户的ID。 终端KAC与KMC(18,38)进行盲密钥访问过程(129),以接收用户的会话密钥。 密钥是用请求方或代理公钥加密的。 因此,只有KMC和请求机构能够访问实际的密钥值,并且只有终端KAC和请求机构可以访问用户的ID,才能保证隐私。 层次结构中没有其他KAC可以访问用户ID或密钥值,并且KMC不知道已经提供了哪个用户的密钥。
-
公开(公告)号:US07131005B2
公开(公告)日:2006-10-31
申请号:US10184760
申请日:2002-06-28
申请人: Samuel M. Levenson , John D. Bruner , Ezzat A. Dabbish , Walton L. Fehr , Larry C. Puhl , Jurgen Reinold
发明人: Samuel M. Levenson , John D. Bruner , Ezzat A. Dabbish , Walton L. Fehr , Larry C. Puhl , Jurgen Reinold
CPC分类号: B60R16/0234 , G06F21/44 , H04L9/3247 , H04L9/3263 , H04L9/3271 , H04L63/0428 , H04L63/062 , H04L63/126 , H04L67/12 , H04L2209/84
摘要: A component for use in a prospective vehicle obtains from a certification authority a certification that an authentic vehicle is associated with a cryptographic key. The certification certifies that the cryptographic key is bound to information identifying the authentic vehicle. The component utilizes the cryptographic key obtained from the certification authority in cryptographic communication with the prospective vehicle, and determines whether the prospective vehicle is the authentic vehicle based on whether the cryptographic key is successfully utilized in the cryptographic communication. Upon determining the prospective vehicle is the authentic vehicle, the component may allow the prospective vehicle to operate the component.
摘要翻译: 用于预期车辆的组件从认证机构获得认证车辆与密码密钥相关联的认证。 认证证明加密密钥与识别真实车辆的信息有关。 该组件利用从认证机构获得的加密密钥与预期车辆进行加密通信,并且基于加密密钥是否在密码通信中成功利用来确定预期车辆是否是真实车辆。 在确定预期车辆是可靠车辆时,部件可以允许预期车辆操作该部件。
-
公开(公告)号:US06839710B2
公开(公告)日:2005-01-04
申请号:US10185130
申请日:2002-06-28
CPC分类号: B60R16/0231
摘要: A vehicle maintains a record of configuration elements, such as components for use in the vehicle, of the configuration of the vehicle. The vehicle also maintains a history of configuration functions for each of the configuration elements. The history may include a type of each configuration function, such as installation of a configuration element into the vehicle, and may also include a record of corresponding times at which the configuration functions have occurred, which can be utilized to determine a configuration of the vehicle at a time of an event. Additionally or alternatively, the vehicle may maintain a service history of at least one service technician performing a service operation with respect to a corresponding one of the configuration elements. The service history may include a type of each service operation, and may also include a record of a corresponding time at which the service technician performed the service operation, which may be utilized to determine a service technician having most recently performed a service operation at a time of an event.
-
公开(公告)号:US4972478A
公开(公告)日:1990-11-20
申请号:US375175
申请日:1989-07-03
申请人: Ezzat A. Dabbish
发明人: Ezzat A. Dabbish
IPC分类号: H04L9/00
CPC分类号: H04L9/06 , H04L2209/12 , H04L2209/26
摘要: A soft logic cryptographic circuit that can be reprogrammed with various cipher algorithms. The cryptographic circuit can be manufactured in a non-secure environment because a security sensitive cipher algorithm can be programmed after the manufacturing process.
摘要翻译: 可以用各种加密算法重新编程的软逻辑密码电路。 密码电路可以在非安全环境中制造,因为在制造过程之后可以对安全敏感的密码算法进行编程。
-
公开(公告)号:US20100146601A1
公开(公告)日:2010-06-10
申请号:US12330867
申请日:2008-12-09
IPC分类号: G06F21/00
CPC分类号: G06F21/10 , H04L63/0281 , H04L63/10 , H04L2463/101
摘要: A system and method for accessing digital content purchased by a rights owner for a first computing device. The method receives a proxy from the rights owner that includes rights to the digital content granted to the rights owner, stores the proxy on a second computing device, and determines whether the rights owner is present at the second computing device. When the rights owner is present at the second computing device, the method enables the proxy, and accesses the digital content on the second computing device through the proxy.
摘要翻译: 一种用于访问由权利所有者为第一计算设备购买的数字内容的系统和方法。 该方法从权利所有者接收包括授予权利所有者的数字内容的权利的代理,将代理存储在第二计算设备上,并且确定权利所有者是否存在于第二计算设备。 当权利所有者存在于第二计算设备时,该方法启用代理,并且通过代理访问第二计算设备上的数字内容。
-
7.发明授权公开(公告)号:US07734549B2
公开(公告)日:2010-06-08
申请号:US10334849
申请日:2002-12-31
申请人: Ezzat A. Dabbish , Thomas Messerges
发明人: Ezzat A. Dabbish , Thomas Messerges
IPC分类号: G06F17/60
CPC分类号: G06F21/10 , G06F2221/0704 , H04M1/72525
摘要: A system and method to securely create, distribute, install and execute selected features of software on wireless devices combines three different types of licenses, a validation license, a digital rights management (DRM) license, and a feature license with a software application. Each of these three licenses work independent of each other, where the validation license helps prevent malicious code from executing on wireless devices, the DRM license prevents unauthorized copying of the software application and the feature license securely enables or disables specific features of the software application. The system also allows a wireless device to unwrap a DRM protected software application, to validate the software application, to enforce DRM usage rules and to execute selected features of the software application.
摘要翻译: 在无线设备上安全地创建,分发,安装和执行软件的特征的系统和方法结合了三种不同类型的许可证,验证许可证,数字版权管理(DRM)许可证和具有软件应用程序的功能许可证。 这三个许可证中的每一个都彼此独立工作,其中验证许可证有助于防止恶意代码在无线设备上执行,DRM许可证可防止未经授权的软件应用程序复制,并且功能许可证可安全地启用或禁用软件应用程序的特定功能。 该系统还允许无线设备解开受DRM保护的软件应用程序,验证软件应用程序,强制执行DRM使用规则并执行软件应用程序的所选特征。
-
公开(公告)号:US07549046B2
公开(公告)日:2009-06-16
申请号:US10185107
申请日:2002-06-28
CPC分类号: B60R25/25 , B60R25/04 , B60R25/307 , G06Q20/40
摘要: A vehicle authenticates a service technician and accesses a technician database to determine whether the service technician is indicated as authorized to perform the service operation. If the service technician is indicated as authorized to perform the service operation, the vehicle allows the service technician to perform the service operation.
摘要翻译: 车辆认证服务技术人员并访问技术人员数据库以确定服务技术人员是否被指示为授权执行服务操作。 如果维修技术人员被指定为授权执行服务操作,则车辆允许维修技术人员执行服务操作。
-
公开(公告)号:US07325135B2
公开(公告)日:2008-01-29
申请号:US10185126
申请日:2002-06-28
CPC分类号: B62D65/00
摘要: A vehicle accesses a configuration database to determine whether a reconfiguration function is authorized. The reconfiguration function may involve, for example, installing the component in the vehicle, removing the component from the vehicle, replacing the component with another component in the vehicle, replacing another component in the vehicle with the component, modifying the component, upgrading the component and rendering the component operable. Upon determining that the reconfiguration function is authorized, the vehicle allows the reconfiguration function to be performed. The reconfiguration function may be authorized based on a type of the vehicle, a type of the component or a combination of configuration elements in a current configuration of the vehicle.
摘要翻译: 车辆访问配置数据库以确定重新配置功能是否被授权。 重新配置功能可以包括例如将部件安装在车辆中,从车辆移除部件,用车辆中的另一部件替换部件,用部件替换车辆中的另一部件,修改部件,升级部件 并使该组件可操作。 在确定重新配置功能被授权之后,车辆允许执行重新配置功能。 可以基于车辆的类型,组件的类型或车辆的当前配置中的配置元件的组合来授权重新配置功能。
-
10.发明授权公开(公告)号:US06298135B1
公开(公告)日:2001-10-02
申请号:US09302096
申请日:1999-04-29
IPC分类号: H04L900
CPC分类号: G06F7/723 , G06F7/725 , G06F2207/7252 , H04L9/003 , H04L9/3066 , H04L9/3252
摘要: Apparatus in form of a microelectronic assembly including an integrated circuit (IC) for execution of an embedded modular exponentiation program utilizing a square-and-multiply algorithm, wherein in the modular exponentiation program a secret exponent having a plurality of bits characterizes a private key, a method of providing a digital signature to prevent the detection of the secret exponent when monitoring power variations during the IC execution, the method comprising the steps of for a first operation in the modular exponentiation, selecting at least one predetermined bit, wherein the at least one predetermined bit is a bit other than a least significant bit (LSB) and the most significant bit (MSB); using the square-and-multiply algorithm, sequentially selecting bits to the left of the at least one predetermined bit for exponentiation until the MSB is selected; subsequent to selecting the MSB, sequentially selecting bits to the right of the at least one predetermined bit for exponentiation until the LSB is selected.
摘要翻译: 一种微电子组件的形式的装置,包括用于执行嵌入式模幂运算方法和乘法算法的集成电路(IC),其中在模幂运算程序中,具有多个位的秘密指数表征私钥, 一种在IC执行期间监视功率变化时提供数字签名以防止秘密指数的检测的方法,所述方法包括以下步骤:在模幂运算中进行第一操作,选择至少一个预定位,其中至少 一个预定位是除最低有效位(LSB)和最高有效位(MSB)以外的位; 使用所述平方和乘法算法,顺序地选择所述至少一个预定位的左侧的比特以进行求幂,直到选择所述MSB; 在选择MSB之后,顺序选择至少一个预定位的右侧的位进行求幂,直到选择LSB为止。
-
-
-
-
-
-
-
-
-
搜索结果
31 条记录 (耗时 0.021 秒)
