-
公开(公告)号:US06947563B2
公开(公告)日:2005-09-20
申请号:US09789451
申请日:2001-02-20
IPC分类号: H04H20/00 , H04L9/00 , H04L9/08 , H04N7/16 , H04N7/167 , H04N21/258 , H04N21/266
CPC分类号: H04N7/163 , G11B20/00362 , H04L9/0861 , H04L9/14 , H04L2209/34 , H04L2209/606 , H04N7/1675 , H04N21/2585 , H04N21/26613
摘要: An encryption key matrix has rows grouped into segments, with a set of one segment per column establishing a slot. Slots are assigned to device manufacturers, with the keys of the slots then being assigned to decryption devices made by the respective manufacturer. In generating the slots, the number “q” of segments in a column is first defined such that a predetermined maximum number of devices can be revoked devices (in that all the keys held by the device are revoked) while ensuring that a good device remains a functional device with a probability of at least (1−Q), wherein Q is a predefined device confidence. Once the number “q” of segments has been defined, the slots themselves are defined in a provably non-discriminatory fashion using an error-correcting code such as a Reed-Solomon code. With this invention, overlap between slots can be minimized to minimize the possibility that the key set of an innocent device might be inadvertently revoked when the keys in the slots of a “bad” manufacturer are revoked.
摘要翻译: 加密密钥矩阵将行分组成段,每列建立一个段的一组。 插槽被分配给设备制造商,然后插槽的密钥被分配给由相应制造商制造的解密设备。 在产生时隙中,首先定义列中的段数“q”,使得可以撤销预定的最大数量的设备(因为设备保持的所有密钥被撤销),同时确保良好设备保持 具有至少(1-Q)的概率的功能设备,其中Q是预定义的设备置信度。 一旦已经定义了段数“q”,则使用纠错码(例如里德 - 所罗门码)以可证明的非歧视方式来定义时隙本身。 利用本发明,可以最小化时隙之间的重叠,以最小化当“坏”制造商的时隙中的密钥被撤销时,无辜设备的密钥组可能被无意中撤销的可能性。
-
2.发明授权公开(公告)号:US07925025B2
公开(公告)日:2011-04-12
申请号:US12061084
申请日:2008-04-02
申请人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
发明人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
CPC分类号: H04L63/0428 , G11B20/0021 , H04L9/0836 , H04L9/0891 , H04L12/18 , H04L2209/605 , H04L2209/606
摘要: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.
摘要翻译: 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时,撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥,会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥,因此可以解密内容。
-
3.发明申请公开(公告)号:US20080192939A1
公开(公告)日:2008-08-14
申请号:US12061084
申请日:2008-04-02
申请人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
发明人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
CPC分类号: H04L63/0428 , G11B20/0021 , H04L9/0836 , H04L9/0891 , H04L12/18 , H04L2209/605 , H04L2209/606
摘要: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.
摘要翻译: 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时,撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥,会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥,因此可以解密内容。
-
公开(公告)号:US07039803B2
公开(公告)日:2006-05-02
申请号:US09770877
申请日:2001-01-26
申请人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
发明人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , G11B20/0021 , H04L9/0836 , H04L9/0891 , H04L12/18 , H04L2209/605 , H04L2209/606
摘要: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.
-
5.发明授权公开(公告)号:US07698551B2
公开(公告)日:2010-04-13
申请号:US11117677
申请日:2005-04-28
申请人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
发明人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , G11B20/0021 , H04L9/0836 , H04L9/0891 , H04L12/18 , H04L2209/605 , H04L2209/606
摘要: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.
摘要翻译: 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时,撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥,会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥,因此可以解密内容。
-
公开(公告)号:US07010125B2
公开(公告)日:2006-03-07
申请号:US09771239
申请日:2001-01-26
申请人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
发明人: Jeffrey Bruce Lotspiech , Dalit Naor , Simeon Naor
CPC分类号: G11B20/00086 , G11B20/0021 , G11B20/00224 , G11B20/00246 , G11B20/00253 , G11B20/00492 , G11B2220/2537 , H04L9/0836 , H04L9/0891 , H04L2209/601 , H04L2209/606 , H04N7/1675 , H04N21/26606 , H04N21/4181 , H04N21/4331 , H04N21/4623
摘要: A method for tracing traitor receivers in a broadcast encryption system. The method includes using a false key to encode plural subsets representing receivers in the system. The subsets are derived from a tree using a Subset-Cover system, and the traitor receiver is associated with one or more compromised keys that have been obtained by a potentially cloned pirate receiver. Using a clone of the pirate receiver, the identity of the traitor receiver is determined, or the pirate receiver clones are rendered useless for decrypting data using the compromised key by generating an appropriate set of subsets.
-
7.发明申请公开(公告)号:US20050195980A1
公开(公告)日:2005-09-08
申请号:US11117677
申请日:2005-04-28
申请人: Jeffrey Lotspiech , Dalit Naor , Simeon Naor
发明人: Jeffrey Lotspiech , Dalit Naor , Simeon Naor
CPC分类号: H04L63/0428 , G11B20/0021 , H04L9/0836 , H04L9/0891 , H04L12/18 , H04L2209/605 , H04L2209/606
摘要: A tree is used to partition stateless receivers in a broadcast content encryption system into subsets. Two different methods of partitioning are disclosed. When a set of revoked receivers is identified, the revoked receivers define a relatively small cover of the non-revoked receivers by disjoint subsets. Subset keys associated with the subsets are then used to encrypt a session key that in turn is used to encrypt the broadcast content. Only non-revoked receivers can decrypt the session key and, hence, the content.
摘要翻译: 一棵树用于将广播内容加密系统中的无状态接收器分成子集。 公开了两种不同的分割方法。 当识别出一组撤销的接收者时,撤销的接收者通过不相交的子集定义非撤销的接收者的相对较小的覆盖。 与子集相关联的子集密钥然后用于加密会话密钥,会话密钥又用于加密广播内容。 只有非撤销的接收者可以解密会话密钥,因此可以解密内容。
-
公开(公告)号:US07240198B1
公开(公告)日:2007-07-03
申请号:US09807099
申请日:2000-08-08
申请人: Binyamin Pinkas , Simeon Naor
发明人: Binyamin Pinkas , Simeon Naor
CPC分类号: H04L9/321 , H04L9/3218 , H04L2209/12 , H04L2209/56
摘要: A method and system for preserving the integrity of a negotiation that includes providing an architecture which includes a center A, and a plurality of users B.sub.1, B.sub.2, . . . , B.sub.n. each user B.sub.i generates an input X.sub.i, which is input to the center A. The center A computes and publishes a function F(X.sub.1, X.sub.2, . . . , X.sub.n) based on the input messages it receives. Each user B.sub.i (1
摘要翻译: 一种用于保持协商的完整性的方法和系统,包括提供包括中心A和多个用户B.sub.1,B.sub.2的架构。 。 。 ,B.sub.n. 每个用户B.sub.i生成输入X.sub.i,其输入到中心A.中心A计算并发布函数F(X,1,X 2,..., X.sub.n)基于其接收的输入消息。 每个用户B.sub.i(1 <= i <= n)专门与中心A通信。 Center A发布附加信息,让每个用户验证F是否正确计算,并且防止任何一个用户子集的联盟学习任何不能仅仅从函数的输出计算出来的F(X.sub。 1,...,X.sub.n),以及他们自己的输入,或关于其他用户的输入的信息。
-
公开(公告)号:US06834272B1
公开(公告)日:2004-12-21
申请号:US09428695
申请日:1999-10-28
申请人: Simeon Naor , Binyamin Pinkas
发明人: Simeon Naor , Binyamin Pinkas
IPC分类号: G06F1760
CPC分类号: G06Q20/0855 , G06Q20/383 , G06Q30/08 , G06Q40/04 , G06Q50/188 , H04L9/3013 , H04L2209/122 , H04L2209/466 , H04L2209/50 , H04L2209/76
摘要: A method for secure multi-party function evaluation with a non-limiting application to the holding of auctions. The outcome of an auction can be determined by an auctioneer without learning any information about the bids, except for the bid which determines the clearing price, and without learning any information about the bidders, except for the winning bidder. The security of this information is maintained even after the conclusion of the auction. Moreover, the bidders can individually and privately verify that the auction was conducted correctly, thereby establishing a mechanism for trust. The method is well-suited to the holding of privacy-protected auctions over computer networks because of its high efficiency, requiring only a single round of interactive communication without any communication among the bidders. Furthermore, the bulk of the computation and data communication or the protocol can be done in advance of the auction itself, and is adaptable to distribution via stored media. The function evaluated by the method can be generalized to any function which can be evaluated by a circuit of gates. The method can be applied in general as a secure multi-party function evaluation protocol, which, in addition to auctions, can also be applied to a number of other special cases, such as Generalized Vickrey Auctions, Groves-Clarke mechanisms, opinion polling, and stable matching.
摘要翻译: 一种用于安全多方功能评估的方法,其中非限制性应用于举办拍卖。 拍卖结果可以由拍卖人确定,不需要学习任何关于投标的信息,除了决定结算价格的投标,除了中标者之外,还没有学习任何有关投标人的信息。 即使在拍卖结束后,这种信息的安全性仍然保持。 此外,投标人可以单独和私下验证拍卖是否正确进行,从而建立信任机制。 该方法非常适合于通过计算机网络进行隐私保护的拍卖,因为其高效率,仅需要一轮交互式通信,而不需要投标人之间的任何沟通。 此外,计算和数据通信或协议的大部分可以在拍卖本身之前完成,并且适应于经由存储的媒体的分发。 通过该方法评估的函数可以推广到可由门电路评估的任何函数。 该方法一般可应用于安全的多方功能评估协议,除了拍卖之外,还可以应用于其他一些特殊情况,例如广义维克里拍卖,格罗夫斯 - 克拉克机制,意见投票, 稳定匹配。
-
公开(公告)号:US5539826A
公开(公告)日:1996-07-23
申请号:US175024
申请日:1993-12-29
申请人: Cynthia Dwork , Simeon Naor
发明人: Cynthia Dwork , Simeon Naor
CPC分类号: G06F21/33 , G06F21/305 , H04L9/321 , H04L9/3271 , G06F2221/2103
摘要: A method is provided for authentication of encrypted messages. A non-malleable public-key encryption technique is employed, so that an eavesdropper cannot employ an encrypted message, previously overheard, to generate a message which, when sent to a recipient, which would pass as a message originating from a valid sender. In a preferred embodiment, a protocol is provided in which, in response to a message authentication request from a sender, a recipient sends the sender a string, encrypted according to the sender's non-malleable public key. The sender decrypts the string using its private key, and sends the recipient a message which is a function of the string and the message to be authenticated. Because of the non-malleability of the public keys, an eavesdropper cannot impersonate the sender or the recipient and produce a disinformation message which would nevertheless contain the correct authorization string.
摘要翻译: 提供了一种用于验证加密消息的方法。 使用不可延展的公钥加密技术,使得窃听者不能使用先前被窃听的加密消息来生成当发送到接收者时将作为来自有效发送者的消息传递的消息。 在优选实施例中,提供了一种协议,其中响应于来自发送者的消息认证请求,接收者向发送者发送根据发送者的不可延展公钥加密的字符串。 发件人使用其私钥对字符串进行解密,并向收件人发送一个消息,该消息是字符串和要认证的消息的函数。 由于公开密钥的不可扩展性,窃听者不能模仿发件人或收件人,并且产生一个包含正确的授权字符串的虚构信息。
-
-
-
-
-
-
-
-
-
搜索结果
11 条记录 (耗时 0.021 秒)
