Masking addition operation device for prevention of side channel attack
    1.
    发明授权
    Masking addition operation device for prevention of side channel attack 失效
    用于防止侧面信道攻击的掩蔽加法运算装置

    公开(公告)号:US08774406B2

    公开(公告)日:2014-07-08

    申请号:US13333324

    申请日:2011-12-21

    摘要: A masking addition operation apparatus for prevention of a side channel attack, includes a random value generation unit generating a first random value for a first input, second random value for a second input, and a summation random value. The masking addition operation apparatus includes an operation part performing an operation on the first and second random values, a previous carry input, and first and second masked random values generated based on the first and second random values. The masking addition operation apparatus includes a carry generator generating a carry input using a result of the operation part; and a summation bit generator generating a summation bit using the summation random value, the first and second random values, the previous carry input and the first and second masked random values.

    摘要翻译: 一种用于防止侧信道攻击的掩蔽加法运算装置,包括产生用于第一输入的第一随机值,第二输入的第二随机值和求和随机值的随机值生成单元。 掩蔽附加运算装置包括对第一和第二随机值执行操作的操作部分,先前进位输入以及基于第一和第二随机值生成的第一和第二屏蔽随机值。 掩蔽加法运算装置包括使用运算部的结果生成进位输入的进位发生器; 以及求和位发生器,其使用求和随机值,第一和第二随机值,先前进位输入和第一和第二屏蔽随机值产生求和位。

    MASKING ADDITION OPERATION DEVICE FOR PREVENTION OF SIDE CHANNEL ATTACK
    2.
    发明申请
    MASKING ADDITION OPERATION DEVICE FOR PREVENTION OF SIDE CHANNEL ATTACK 失效
    用于防止侧面通道攻击的掩码操作装置

    公开(公告)号:US20120163585A1

    公开(公告)日:2012-06-28

    申请号:US13333324

    申请日:2011-12-21

    IPC分类号: H04L9/28

    摘要: A masking addition operation apparatus for prevention of a side channel attack, includes a random value generation unit generating a first random value for a first input, second random value for a second input, and a summation random value. The masking addition operation apparatus includes an operation part performing an operation on the first and second random values, a previous carry input, and first and second masked random values generated based on the first and second random values. The masking addition operation apparatus includes a carry generator generating a carry input using a result of the operation part; and a summation bit generator generating a summation bit using the summation random value, the first and second random values, the previous carry input and the first and second masked random values.

    摘要翻译: 一种用于防止侧信道攻击的掩蔽加法运算装置,包括产生用于第一输入的第一随机值,第二输入的第二随机值和求和随机值的随机值生成单元。 掩蔽附加运算装置包括对第一和第二随机值执行操作的操作部分,先前进位输入以及基于第一和第二随机值生成的第一和第二屏蔽随机值。 掩蔽加法运算装置包括使用运算部的结果生成进位输入的进位发生器; 以及求和位发生器,其使用求和随机值,第一和第二随机值,先前进位输入和第一和第二屏蔽随机值产生求和位。

    SYSTEM AND METHOD FOR MANAGING DIGITAL CONTENTS
    3.
    发明申请
    SYSTEM AND METHOD FOR MANAGING DIGITAL CONTENTS 审中-公开
    用于管理数字内容的系统和方法

    公开(公告)号:US20120117090A1

    公开(公告)日:2012-05-10

    申请号:US13286682

    申请日:2011-11-01

    IPC分类号: G06F17/30

    CPC分类号: G06F16/353 G06F16/3347

    摘要: Disclosed are a system and method for managing digital contents. An exemplary embodiment according to the present invention provides to a system for managing digital contents, including a learning module extracting feature vectors of input digital contents and performing column subspace mapping on the feature vectors to calculate a column subspace projection matrix; an index module using the matrix to perform an index work on the digital contents and then, storing the matrix and the digital contents; and a search module performing the column subspace mapping on the feature vectors of query data when the query data for searching the digital contents are input and searching the digital contents indexed by the matrix having high similarity to the mapped feature vectors of the query data.

    摘要翻译: 公开了一种用于管理数字内容的系统和方法。 根据本发明的示例性实施例提供一种用于管理数字内容的系统,包括学习模块,提取输入数字内容的特征向量,并对特征向量执行列子空间映射以计算列子空间投影矩阵; 使用所述矩阵对所述数字内容执行索引工作,然后存储所述矩阵和所述数字内容的索引模块; 以及搜索模块,当输入用于搜索数字内容的查询数据时,对查询数据的特征向量执行列子空间映射,并且搜索由与查询数据的映射特征向量具有高相似性的矩阵索引的数字内容。

    PACKET SOURCE AUTHENTICATION METHOD USING SINGLE-BUFFERED HASH IN MULTICAST ENVIRONMENT AND APPARATUS FOR THE SAME
    4.
    发明申请
    PACKET SOURCE AUTHENTICATION METHOD USING SINGLE-BUFFERED HASH IN MULTICAST ENVIRONMENT AND APPARATUS FOR THE SAME 有权
    在多播环境中使用单缓冲的分组源认证方法及其设备

    公开(公告)号:US20130054974A1

    公开(公告)日:2013-02-28

    申请号:US13593469

    申请日:2012-08-23

    IPC分类号: H04L9/32

    摘要: A source authentication method and apparatus according to the present invention are disclosed. The source authentication method is performed with respect to a transmission packet on a message transmission side, and includes generating a first hash value to which a first hash function is applied using a message to be included in a next packet and a key value, and generating the transmission packet including the first hash value, wherein the key value is one of at least one key value generated in advance by applying a second hash function. Meanwhile, according to the present invention, effective low-cost multicast authentication may be performed by reducing a variety of loads such as buffer management, key calculation costs, and the like.

    摘要翻译: 公开了根据本发明的源认证方法和装置。 针对消息发送侧的发送分组执行源认证方法,并且包括使用要包括在下一个分组中的消息和密钥值来生成应用了第一散列函数的第一散列值,并且生成 所述发送分组包括所述第一哈希值,其中所述键值是通过应用第二哈希函数预先生成的至少一个键值之一。 同时,根据本发明,可以通过减少诸如缓冲器管理,密钥计算成本等的各种负载来执行有效的低成本多播认证。

    Packet intrusion detection rule simplification apparatus and method, and packet intrusion detection apparatus and method using simplified intrusion detection rule
    6.
    发明授权
    Packet intrusion detection rule simplification apparatus and method, and packet intrusion detection apparatus and method using simplified intrusion detection rule 失效
    分组入侵检测规则简化装置和方法,以及使用简化入侵检测规则的分组入侵检测装置和方法

    公开(公告)号:US07158024B2

    公开(公告)日:2007-01-02

    申请号:US11004322

    申请日:2004-12-03

    IPC分类号: G08B29/00

    CPC分类号: H04L63/1408 G06F21/55

    摘要: A packet intrusion detection rule simplification apparatus and method and an intrusion detection apparatus and method are provided. Test conditions of at least one intrusion detection rules are rearranged based on test items, and the same test conditions for the same test items are grouped. Group rules having a connection structure of the test conditions are generated so that the test items and orders of the intrusion detection rules are satisfied. A common rule consisting of test conditions existing at the test start positions in the connection structure of the group rules is generated. Next, packet intrusion detection is performed by using the common rule, and the packet intrusion detection is performed by using the group rules. According, it is possible to reduce a load involved in the intrusion detection process by using the grouped and simplified intrusion detection rules.

    摘要翻译: 提供了一种分组入侵检测规则简化装置和方法以及入侵检测装置和方法。 至少一个入侵检测规则的测试条件基于测试项目进行重新排列,同一测试项目的相同测试条件进行分组。 生成具有测试条件的连接结构的组规则,使得入侵检测规则的测试项目和顺序得到满足。 产生由组规则的连接结构中的测试开始位置存在的测试条件组成的通用规则。 接下来,通过使用公共规则来执行分组入侵检测,并且通过使用组规则来执行分组入侵检测。 据介绍,通过使用分组和简化的入侵检测规则,可以减少入侵检测过程中涉及的负载。

    METHOD FOR PROVIDING ANONYMOUS PUBLIC KEY INFRASTRUCTURE AND METHOD FOR PROVIDING SERVICE USING THE SAME
    7.
    发明申请
    METHOD FOR PROVIDING ANONYMOUS PUBLIC KEY INFRASTRUCTURE AND METHOD FOR PROVIDING SERVICE USING THE SAME 审中-公开
    用于提供无形公钥密钥基础设施的方法和使用该方法提供服务的方法

    公开(公告)号:US20110055556A1

    公开(公告)日:2011-03-03

    申请号:US12674903

    申请日:2008-07-11

    IPC分类号: H04L9/30

    摘要: Provided is a method for providing an anonymous public key infrastructure (PKI) in a user terminal. The method includes receiving a real-name certificate from a real-name PKI service domain, requesting an anonymous certificate to an anonymous PKI service domain, and receiving the anonymous certificate from the anonymous PKI service domain. Accordingly, the method can ensure anonymity when a user uses a service by providing the anonymous certificate in association with the PKI-based real-name certificate.

    摘要翻译: 提供了一种在用户终端中提供匿名公钥基础设施(PKI)的方法。 该方法包括从实名PKI服务域接收实名证书,向匿名PKI服务域请求匿名证书,从匿名PKI服务域接收匿名证书。 因此,当用户通过提供与基于PKI的实名证书相关联的匿名证书来使用服务时,该方法可以确保匿名。

    Access control method using token having security attributes in computer system
    8.
    发明授权
    Access control method using token having security attributes in computer system 有权
    使用计算机系统中具有安全属性的令牌的访问控制方法

    公开(公告)号:US07290279B2

    公开(公告)日:2007-10-30

    申请号:US10280907

    申请日:2002-10-25

    IPC分类号: H04L9/32

    CPC分类号: G06F21/6209 G06F21/6218

    摘要: Disclosed is an access control method using a token having security attributes in a computer system when a user gains access to a specific file. The computer system adopts a token having encryption, modification, execution, and provision attributes to determine access permission or access denial between a user and a file in such a way that a file access request is controlled. The access control method enciphers a file and stores the enciphered file in a storage unit, so that it can maintain security of the file even though the storage unit is stolen. The access control method enables a system manager to read only enciphered contents of the file when the system manager performs a data backup operation, thereby eliminating limitations in commonly operating a system simultaneously with maintaining file security. The access control method enables programs for executing operations on behalf of a user to automatically obtain a corresponding token, confirms authority to execute the file, and prevents that the authority is stolen or drained due to a program error.

    摘要翻译: 公开了当用户获得对特定文件的访问时,使用在计算机系统中具有安全属性的令牌的访问控制方法。 计算机系统采用具有加密,修改,执行和配置属性的令牌来确定用户和文件之间的访问许可或访问拒绝,使得文件访问请求被控制。 访问控制方法加密文件并将加密文件存储在存储单元中,使得即使存储单元被盗,它也可以保持文件的安全性。 当系统管理者进行数据备份操作时,访问控制方法使得系统管理者仅读取文件的加密内容,从而消除了在保持文件安全的同时同时操作系统的限制。 访问控制方法允许代表用户执行操作的程序自动获得相应的令牌,确认执行该文件的权限,并且防止由于程序错误而导致该机构被盗或者被排除。

    Packet source authentication method using single-buffered hash in multicast environment and apparatus for the same
    10.
    发明授权
    Packet source authentication method using single-buffered hash in multicast environment and apparatus for the same 有权
    分组源认证方法在组播环境中使用单缓冲散列和相同的设备

    公开(公告)号:US08832451B2

    公开(公告)日:2014-09-09

    申请号:US13593469

    申请日:2012-08-23

    IPC分类号: H04L9/32 H04L9/08

    摘要: A source authentication method and apparatus according to the present invention are disclosed. The source authentication method is performed with respect to a transmission packet on a message transmission side, and includes generating a first hash value to which a first hash function is applied using a message to be included in a next packet and a key value, and generating the transmission packet including the first hash value, wherein the key value is one of at least one key value generated in advance by applying a second hash function. Meanwhile, according to the present invention, effective low-cost multicast authentication may be performed by reducing a variety of loads such as buffer management, key calculation costs, and the like.

    摘要翻译: 公开了根据本发明的源认证方法和装置。 针对消息发送侧的发送分组执行源认证方法,并且包括使用要包括在下一个分组中的消息和密钥值来生成应用了第一散列函数的第一散列值,并且生成 所述发送分组包括所述第一哈希值,其中所述键值是通过应用第二哈希函数预先生成的至少一个键值之一。 同时,根据本发明,可以通过减少诸如缓冲器管理,密钥计算成本等的各种负载来执行有效的低成本多播认证。