-
公开(公告)号:US08675866B2
公开(公告)日:2014-03-18
申请号:US13178410
申请日:2011-07-07
IPC分类号: H04L9/06
CPC分类号: H04L9/002 , H04L9/0631 , H04L2209/04 , H04L2209/16
摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by a protection process which obscures the round keys using the properties of group field automorphisms and applying masks to the states of the cipher, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by eliminating S-box operations, together with improved masking techniques and increasing the cipher's complexity against reverse engineering and key storage attacks.
摘要翻译: 在计算机启用的密码学领域,例如具有多个回合的密钥分组密码,密码被抵御使用群组域自动生成的属性遮蔽轮密钥的保护过程而被强化,并将掩码应用于 密码,用于加密或解密。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置对于通过消除S盒操作以及改进的掩蔽技术并增加密码复杂性以逆向工程和密钥存储攻击来防止对“白盒”密码的已知攻击是有用的。
-
2.发明申请PROTECTING STATES OF A CRYPTOGRAPHIC PROCESS USING GROUP AUTOMORPHISMS 有权使用组自动化保护CRIPTOGRAPHIC过程的状态公开(公告)号:US20120254625A1
公开(公告)日:2012-10-04
申请号:US13076362
申请日:2011-03-30
申请人: Augustin J. FARRUGIA , Mathieu Ciet , Thomas Icart
发明人: Augustin J. FARRUGIA , Mathieu Ciet , Thomas Icart
IPC分类号: G06F21/24
CPC分类号: G06F21/602 , G06F21/52
摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of rounds, the cipher is hardened against an attack by a protection process which obscures the cipher states and/or the round keys using the properties of group field automorphisms and applying multiplicative masks (instead of conventional XOR masks) to the states of the cipher, for encryption or decryption. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful for protection against known attacks on “White Box” ciphers, by eliminating XOR operations with improved masking techniques and increasing complexity of reverse engineering and of attacks.
摘要翻译: 在诸如具有多个回合的密钥分组密码的计算机启用密码学领域中,使用组域自动生成的属性,使密码状态和/或循环密钥隐藏的保护过程针对攻击进行加密, 将乘法掩码(而不是常规XOR掩码)应用于密码的状态,以进行加密或解密。 这在白盒环境中特别有利,在这种情况下,攻击者可以完全访问密码算法,包括算法执行过程中的内部状态。 该方法和相关联的计算设备对于通过利用改进的掩蔽技术消除XOR操作并增加逆向工程和攻击的复杂性来防止已知的对白盒密码的攻击是有用的。
-
公开(公告)号:US20120082307A1
公开(公告)日:2012-04-05
申请号:US13377404
申请日:2010-06-15
申请人: Thomas Icart , Jean-Sebastien Coron
发明人: Thomas Icart , Jean-Sebastien Coron
IPC分类号: H04L9/28
CPC分类号: G06F7/725 , G06F2207/7261 , H04L9/3066
摘要: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t)).f(X2(t)).f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.
摘要翻译: 密码计算包括从椭圆曲线Y2 = f(X)上的参数t获得点P(X,Y); 和(x(t))f(X3(t))= U(t(x) t)2,其中q = 3 mod 4.首先获得参数t的值。 接下来,通过以下方式确定点P:(i)计算X1 = X1(t),X2 = X2(t),X3 = X3(t)和U = U(t); (ii)如果术语f(X1)·f(X2)是一个平方,则测试f(X3)是否是Fq中的平方,如果是,则计算f(X3)的平方根,以获得 点P(X3); (iii)否则,测试术语f(X1)是否为平方,如果是,则计算f(X1)的平方根以获得点P(X1); (iv)否则,计算f(X2)的平方根,以获得点P(X2)。 这一点P在加密应用程序中很有用。
-
4.发明申请公开(公告)号:US20120045050A1
公开(公告)日:2012-02-23
申请号:US12806768
申请日:2010-08-20
申请人: Augustin J. Farrugia , Thomas Icart , Mathieu Ciet
发明人: Augustin J. Farrugia , Thomas Icart , Mathieu Ciet
IPC分类号: H04L9/28
CPC分类号: H04L9/0631 , H04L2209/043 , H04L2209/16
摘要: Method and apparatus for increasing security of a cryptographic algorithm such as deciphering, enciphering, or a digital signature using a block type cipher such as AES implemented for instance in a “whitebox” model with the cipher key either known or unknown at the compilation time. This method is secure for use in entrusted environments, particularly for securing cryptographic keys. The look up tables characteristic of such algorithms are protected against attack here by making all such tables of the same size and indistinguishable, and further by masking the output values of such tables, typically where the tables carry out a permutation function or a logical exclusive OR operation.
摘要翻译: 使用例如在“白盒”模式中实现的诸如AES之类的块类型密码的加密算法的安全性的加密算法的安全性的方法和装置,所述密码算法在编译时具有已知或未知的密码密钥。 这种方法是安全的,用于委托环境,特别是用于保护加密密钥。 这种算法特征的查找表可以通过使所有这些相同尺寸和不可区分的表格进行保护,防止这种攻击,并进一步通过掩蔽这些表的输出值,通常在表执行置换功能或逻辑异或 操作。
-
公开(公告)号:US08832450B2
公开(公告)日:2014-09-09
申请号:US13485454
申请日:2012-05-31
申请人: Mathieu Ciet , Thomas Icart , Augustin J. Farrugia
发明人: Mathieu Ciet , Thomas Icart , Augustin J. Farrugia
IPC分类号: H04L9/32
CPC分类号: H04L9/0643
摘要: A method and an apparatus that provides a hard problem based hashing mechanism to improve security of hash functions are described. The hashing mechanism can include a custom padding and/or a post processing to a hashed value strengthened via operations specifying a hard problem. In one embodiment, a new hash function may be provided or defined directly without introducing or relying on existing hash functions to embed security features based on this hard problem. The new hash functions can be used in usual constructions implying hash functions. For example, the standard HMAC construction could be applied on these hash functions, standard signature algorithms or authentication protocol, etc.
摘要翻译: 描述了提供基于硬问题的散列机制以提高散列函数的安全性的方法和装置。 散列机制可以包括通过指定硬问题的操作来加强散列值的定制填充和/或后处理。 在一个实施例中,可以直接提供或定义新的散列函数,而不引入或依赖现有的散列函数来基于这个难题来嵌入安全特征。 新的哈希函数可以在通常的结构中使用,这意味着散列函数。 例如,标准HMAC结构可以应用于这些散列函数,标准签名算法或认证协议等。
-
公开(公告)号:US08718280B2
公开(公告)日:2014-05-06
申请号:US12972145
申请日:2010-12-17
CPC分类号: H04L9/0631 , H04L2209/04 , H04L2209/16
摘要: In the field of computer enabled cryptography, such as a block cipher, the cipher is hardened against an attack by protecting the cipher key, by applying to it a predetermined linear permutation before using one key to encrypt or decrypt a message. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm, including the algorithm's internal state during its execution. This method and the associated computing apparatus are useful where the key is derived through a process and so is unknown when the software code embodying the cipher is compiled. This is typically the case where there are many users of the cipher and each has his own key, or where each user session has its own key.
摘要翻译: 在诸如分组密码的计算机启用的密码学领域中,通过在使用一个密钥加密或解密消息之前,通过保护加密密钥对其进行预定的线性置换,来抵御攻击而加密密码。 这在“白盒”环境中特别有利,攻击者可以完全访问密码算法,包括算法的执行过程中的内部状态。 该方法和相关联的计算装置在通过过程导出密钥是有用的,并且当体现密码的软件代码被编译时是未知的。 这通常是密码的用户很多,每个都有自己的密钥,或者每个用户会话都有自己的密钥的情况。
-
公开(公告)号:US08718276B2
公开(公告)日:2014-05-06
申请号:US13377404
申请日:2010-06-15
申请人: Thomas Icart , Jean-Sebastien Coron
发明人: Thomas Icart , Jean-Sebastien Coron
CPC分类号: G06F7/725 , G06F2207/7261 , H04L9/3066
摘要: A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y2=f(X); and from polynomials X1(t), X2(t), X3(t) and U(t) satisfying: f(X1(t))·f(X2(t))·f(X3(t))=U(t)2 in Fq, with q=3 mod 4. Firstly a value of the parameter t is obtained. Next, the point P is determined by: (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t); (ii) if the term f(X1)·f(X2) is a square, then testing whether the term f(X3) is a square in Fq and if so calculating the square root of f(X3) in order to obtain the point P(X3); (iii) otherwise, testing whether the term f(X1) is a square and, if so, calculating the square root of f(X1) in order to obtain the point P(X1); (iv) otherwise, calculating the square root of f(X2) in order to obtain the point P(X2). This point P is useful in a cryptographic application.
摘要翻译: 密码计算包括从椭圆曲线Y2 = f(X)上的参数t获得点P(X,Y); (x(t))·f(X3(t))= U(x(t))·f t)2,其中q = 3 mod 4.首先获得参数t的值。 接下来,通过以下方式确定点P:(i)计算X1 = X1(t),X2 = X2(t),X3 = X3(t)和U = U(t); (ii)如果术语f(X1)·f(X2)是一个平方,则测试f(X3)是否是Fq中的平方,如果是,则计算f(X3)的平方根,以获得 点P(X3); (iii)否则,测试术语f(X1)是否为平方,如果是,则计算f(X1)的平方根以获得点P(X1); (iv)否则,计算f(X2)的平方根,以获得点P(X2)。 这一点P在加密应用程序中很有用。
-
公开(公告)号:US08687803B2
公开(公告)日:2014-04-01
申请号:US13232769
申请日:2011-09-14
申请人: Augustin J. Farrugia , Benoit Chevallier-Mames , Melanie Riendeau , Mathieu Ciet , Thomas Icart
发明人: Augustin J. Farrugia , Benoit Chevallier-Mames , Melanie Riendeau , Mathieu Ciet , Thomas Icart
IPC分类号: H04L29/06
CPC分类号: H04L9/0637
摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of sequenced rounds, the cipher is hardened against attack by a protection process. The protection process uses block lengths that are larger or smaller than and not an integer multiple of those of an associated standard cipher, and without using message padding. This is operative in conjunction with standard block ciphers such as the AES, DES or triple DES ciphers, and also with various block cipher cryptographic modes such as CBC or EBC.
摘要翻译: 在计算机启用密码学领域,例如具有多个顺序循环的密钥分组密码,密码被加强以抵御由保护过程的攻击。 保护过程使用大于或小于相关标准密码的块长度而不是整数倍的块长度,并且不使用消息填充。 这与标准块密码(如AES,DES或三重DES密码)以及各种块密码加密模式(如CBC或EBC)相结合。
-
公开(公告)号:US08638940B2
公开(公告)日:2014-01-28
申请号:US12747768
申请日:2008-12-10
申请人: Hervé Chabanne , Julien Bringer , Thomas Icart
发明人: Hervé Chabanne , Julien Bringer , Thomas Icart
IPC分类号: H04L9/00
CPC分类号: H04L9/3271 , H04L9/302 , H04L9/3249 , H04L2209/805
摘要: A control entity communicates with an entity to be controlled so as to effect a control, a secret key being associated with the control entity. These entities share public parameters, a second public parameter being a combination of a first public parameter of the said plurality with the secret key. At the level of the entity to be controlled, a random value is generated, a first message is transmitted to the control entity, this first message comprising at least one value obtained by combining the first public parameter with the random value; and a second message is transmitted to the control entity, this second message comprising at least one value obtained by combining the first random value, a secret key of the entity to be controlled and a value received from the control entity. One of the values included in the first or the second message is based on the second public parameter.
摘要翻译: 控制实体与要被控制的实体进行通信,以便实现控制,秘密密钥与控制实体相关联。 这些实体共享公共参数,第二公共参数是所述多个的第一公共参数与秘密密钥的组合。 在要被控制的实体的级别,生成随机值,将第一消息发送到控制实体,该第一消息包括通过将第一公共参数与随机值组合而获得的至少一个值; 并且第二消息被发送到控制实体,该第二消息包括通过组合第一随机值,要被控制的实体的秘密密钥和从控制实体接收的值获得的至少一个值。 包含在第一或第二个消息中的值之一是基于第二个公共参数。
-
公开(公告)号:US20130326230A1
公开(公告)日:2013-12-05
申请号:US13485454
申请日:2012-05-31
申请人: Mathieu Ciet , Thomas Icart , Augustin J. Farrugia
发明人: Mathieu Ciet , Thomas Icart , Augustin J. Farrugia
IPC分类号: G06F21/00
CPC分类号: H04L9/0643
摘要: A method and an apparatus that provides a hard problem based hashing mechanism to improve security of hash functions are described. The hashing mechanism can include a custom padding and/or a post processing to a hashed value strengthened via operations specifying a hard problem. In one embodiment, a new hash function may be provided or defined directly without introducing or relying on existing hash functions to embed security features based on this hard problem. The new hash functions can be used in usual constructions implying hash functions. For example, the standard HMAC construction could be applied on these hash functions, standard signature algorithms or authentication protocol, etc.
摘要翻译: 描述了提供基于硬问题的散列机制以提高散列函数的安全性的方法和装置。 散列机制可以包括通过指定硬问题的操作来加强散列值的定制填充和/或后处理。 在一个实施例中,可以直接提供或定义新的散列函数,而不引入或依赖现有的散列函数来基于这个难题来嵌入安全特征。 新的哈希函数可以在通常的结构中使用,这意味着散列函数。 例如,标准HMAC结构可以应用于这些散列函数,标准签名算法或认证协议等。
-
-
-
-
-
-
-
-
-
搜索结果
38 条记录 (耗时 0.017 秒)
