-
公开(公告)号:WO2016074776A1
公开(公告)日:2016-05-19
申请号:PCT/EP2015/002223
申请日:2015-10-30
发明人: DREXLER, Hermann , BAUER, Sven , PULKUS, Jürgen
CPC分类号: G09C1/06 , G06F9/4403 , G06F21/12 , G09C1/00 , H04L9/002 , H04L9/0618 , H04L9/0625 , H04L9/0631 , H04L9/0822 , H04L2209/043 , H04L2209/08 , H04L2209/16
摘要: Die Erfindung schafft eine Prozessor-Einrichtung mit einer darauf implementierten ausführbaren White Box maskierten Implementierung eines kryptographischen Algorithmus. Die White Box Maskierung umfasst eine affine Abbildung A, die so gestaltet ist, dass jedes Bit in den Ausgabewerten w der affinen Abbildung A von mindestens einem Bit aus den Verschleierungswerten y abhängt, wodurch erreicht wird, dass die Ausgabewerte w der affinen Abbildung A statistisch ausgeglichen sind.
摘要翻译: 本发明提供一种处理器装置具有在其上实现的可执行白盒实施掩蔽密码算法的。 白盒掩蔽包括的仿射变换A,其被设计成使得在仿射变换A的输出值的瓦特每个比特取决于至少一个比特从灰雾值y,由此实现了输出值瓦特的仿射变换的统计学上的平衡的 是。
-
公开(公告)号:WO2016074775A1
公开(公告)日:2016-05-19
申请号:PCT/EP2015/002222
申请日:2015-10-30
发明人: DREXLER, Hermann , BAUER, Sven , PULKUS, Jürgen
CPC分类号: G09C1/06 , G06F9/4403 , G06F21/12 , G09C1/00 , H04L9/002 , H04L9/0618 , H04L9/0625 , H04L9/0631 , H04L9/0822 , H04L2209/043 , H04L2209/08 , H04L2209/16
摘要: Die Erfindung schafft eine Prozessor-Einrichtung mit einer darauf implementierten ausführbaren mit einer Funktion f White Box maskierten Implementierung eines kryptographischen Algorithmus. Die Implementierung umfasst einen implementierten Rechenschritt S, durch den Eingabewerte x auf Ausgabewerte s = S[x] abgebildet werden, und der mittels einer invertierbaren Funktion f zu einem White Box maskierten Rechenschritt T' maskiert ist. Als Abbildung f ist eine Kombination ( f = (c1, c2,... )*A) aus einer affinen Abbildung A mit einer Eingangsbreite BA und einer Anzahl von einer oder mehreren invertierbaren Abbildungen c1, c2,... mit je einer Eingangsbreite Bc1, Bc2,... vorgesehen, wobei BA = Bc1 + Bc2 +.... Durch die Abbildung f werden insgesamt Ausgabewerte w erzeugt. Aus Ausgabewerten a der affinen Abbildung A werden Mehrzahlen von Mengen Mxi, i = 1,2,... = Mx11, Mx12,... Mx21, Mx22,... gebildet. Aus Ausgabewerten W der invertierbaren Abbildungen c1, c2 werden Mengen Lxi, i = 1,2,... = Lx11, Lx12,... Lx21, Lx22,... gebildet. Weiter werden Mengen M1 = {Mx11, Mx21, Mx31...}, M2 = {Mx12, Mx22, Mx32...}... und L1 = {Lx11, Lx21, Lx31...}, L2 = {Lx12, Lx22, Lx32...}... gebildet. Die ein oder mehreren invertierbaren Abbildungen c1, c2,... werden derart ausgewählt oder gebildet, dass die Mengen M1, M2... auf die Mengen L1, L2... abgebildet werden.
摘要翻译: 本发明提供了在其上具有与可执行函数f白盒实现密码算法的实现掩蔽处理器的设备。 实施包括实现计算步骤S,由输入值x到输出值S =被成像S [X],和f由一个可逆函数计算步骤T“被掩蔽的装置掩蔽的白盒。 ˚F作为画面是组合(F =(C1,C2,...)* A)从仿射变换A到输入宽度BA和多个的一个或多个可逆图像C1,C2,...,每一个都具有输入的宽度 BC1,BC2提供...,其中BA = BC1 BC2 + + ....通过映射F是总输出值W的生成。 从仿射变换A的输出值A为套MXI,I = 1,2,... = MX11,MX12,... MX21,Mx22,...形成多个。 选自W可逆图像c1的输出值,C2,量XI,I = 1,2,... = Lx11,LX12,... LX21,LX22,...形成。 接着,量M1 = {MX11,MX21,MX31 ...},M2 = {MX12,Mx22,MX32 ...} ...和L1 = {Lx11,LX21,LX31 ...} L2 = {LX12, ......形成LX22,LX32 ...}。 所述一个或多个可逆图像C1,C2,...的选择或形成为使得量M1,M2,...,被映射到的量L1,L2 ....
-
公开(公告)号:WO2014096117A1
公开(公告)日:2014-06-26
申请号:PCT/EP2013/077267
申请日:2013-12-19
发明人: TOLHUIZEN, Ludovicus Marinus Gerardus Maria , GORISSEN, Paulus Mathias Hubertus Mechtildis Antonius , BRUEKERS, Alphons Antonius Maria Lambertus , DENG, Mina
CPC分类号: G06F17/302 , G09C1/00 , H04L9/003 , H04L9/004 , H04L67/1097 , H04L2209/043 , H04L2209/16
摘要: A computing device configured to compute a data function (f) on a function-input value (w), the device comprising an electronic storage storing a first table network configured for the data function (f), - the computing device comprising an electronic processor coupled to the storage and configured to obtain multiple first table inputs for the first table network, the multiple first table inputs (x=E(w, s)) including the function- input value (w), and to compute the data function (f) by applying the first table network to the multiple first table inputs (x) to produce multiple first table outputs (u=E(f(w), g(w,s)), the multiple first table outputs (u) including a function-output value (f(w)), the function-output value (f(w)) corresponding to the result of applying the data function (f) to the function- input value (w), - the electronic storage is further storing a second table network configured to cooperate with the first table network for countering modifications made to the first table network, the electronic processor being configured to obtain multiple second table inputs for the second table network, the second table inputs including the multiple first table outputs (u) and at least one of the multiple first table inputs (w; s), and to apply the second table network to the multiple second table inputs, the second table network being configured to verify for at least a specific one (f(w) or g(w,s)) of the multiple first table outputs if an unmodified first table network could obtain the specific one of the multiple first table outputs (f(w); g(w,s)) from the given at least one of the multiple first table inputs (w; s), - the second table network produces second table outputs (v= E(w', s')) including a protected function output (w'), the protected function output being equal to the function output (f(w)) in case the verification is successful and the protected function output (w') being unequal to the function output in case the verification is unsuccessful.
摘要翻译: 一种计算设备,被配置为在功能输入值(w)上计算数据功能(f),所述设备包括存储为数据功能(f)配置的第一表格网络的电子存储器, - 所述计算设备包括电子处理器 耦合到存储并被配置为获得用于第一表格网络的多个第一表输入,包括功能输入值(w)的多个第一表输入(x = E(w,s)),并且计算数据函数 f)通过将第一表格网络应用于多个第一表格输入(x)以产生多个第一表格输出(u = E(f(w),g(w,s)),多个第一表格输出(u) 函数输出值(f(w)),与将数据函数(f)应用于函数输入值(w)的结果相对应的函数输出值(f(w)) - 电子存储器 还存储被配置为与第一表格网络协作以对抗对第一t进行的修改的第二表格网络 所述电子处理器被配置为获得所述第二表格网络的多个第二表输入,所述第二表输入包括所述多个第一表输出(u)和所述多个第一表输入(w; 并且将所述第二表网络应用于所述多个第二表输入,所述第二表网络被配置为针对所述多个第一表输出中的至少一个(f(w)或g(w,s))进行验证 如果未修改的第一表网络可以从给定的多个第一表输入(w; s)中的至少一个获得多个第一表输出(f(w); g(w,s))中的特定一个,则 第二表网络产生包括受保护功能输出(w')的第二表输出(v = E(w',s')),保护功能输出等于功能输出(f(w)), 成功和保护功能输出(w')在功能输出不相等的情况下,验证不成功。
-
公开(公告)号:WO2007021291A3
公开(公告)日:2008-01-03
申请号:PCT/US2005036864
申请日:2005-10-12
发明人: WEISMAN DAWNE P , LEE BRIAN ELAN
IPC分类号: A41D1/00
CPC分类号: A41D27/08 , H04L9/3271 , H04L2209/043
摘要: An interpretive garment marking system and method allows for one or more garments to be used to convey messages or information, or otherwise provide forms of interaction with a first group of humans. Conveyance and interaction with the first group is done without conveyance and interaction with a second different group of humans even though the humans of both groups have substantially similar access to visually perceive the garments. Implementations include encryption, keying, camouflage, authentication, masking, selection, signing, manipulation, and/or combination.
摘要翻译: 解释性服装标记系统和方法允许使用一种或多种衣服来传达消息或信息,或者以其他方式提供与第一组人的交互形式。 即使两组的人类具有基本相似的视觉感知服装的访问权,也可以与第一组人员进行交流和互动,而不需要与第二组不同的人进行交流和互动。 实施包括加密,密钥,伪装,认证,掩蔽,选择,签名,操纵和/或组合。
-
5.发明申请
公开(公告)号:WO0169839A3
公开(公告)日:2002-03-07
申请号:PCT/IB0100358
申请日:2001-03-13
CPC分类号: H04L63/0407 , G06F2221/2115 , G06Q20/383 , H04L9/085 , H04L63/0414 , H04L63/0442 , H04L63/08 , H04L63/105 , H04L63/1425 , H04L2209/043 , H04L2209/42
摘要: This invention provides an automated system for the processing of data packets, composed of personal identifiers and personal data, such that the personally identifiable data sent by one party may be considered anonymous once received by a second party. The invention uses secret sharing techniques to facilitate distributed key management of the mapping functions and strong authentication to allow the system to be operated remotely.
摘要翻译: 本发明提供一种用于处理由个人标识符和个人数据组成的数据分组的自动化系统,使得由一方发送的个人身份数据可被第二方接收到的匿名认证。 本发明使用秘密共享技术来促进映射功能的分布式密钥管理和强认证,以允许系统远程操作。
-
公开(公告)号:WO01061917A1
公开(公告)日:2001-08-23
申请号:PCT/AU2001/000139
申请日:2001-02-15
CPC分类号: H04L9/3271 , H04L9/002 , H04L9/3247 , H04L2209/043 , H04L2209/26
摘要: This invention concerns a consumable authentication protocol for validating the existence of an untrusted authentication chip, as well as ensuring that the authentication chip lasts only as long as the consumable. In a further aspect it concerns a consumable authentication system for the protocol. A trusted authentication chip has a test function; and the untrusted authentication chip has a read function to test data from the trusted chip, including a random number and its signature, encrypted using a first key, by comparing the decrypted signature with a signature calculated from the decrypted random number. In the event that the two signatures match, it returns a data message and an encrypted version of the data message in combination with the random number, encrypted using the second key. The test function operates to encrypt the random number together with the data message using a second secret key, compare the two versions of the random number encrypted together with the data message using the second key. In the event that the two versions match, the untrusted authentication chip and the data message are considered to be valid; otherwise, they are considered to be invalid.
摘要翻译: 本发明涉及一种消费认证协议,用于验证不可信认证芯片的存在,以及确保认证芯片仅在消耗品时长。 另一方面,它涉及用于该协议的消费认证系统。 可靠的认证芯片具有测试功能; 并且不可信的认证芯片具有读取功能,通过将解密的签名与从解密的随机数计算出的签名进行比较,来测试来自可信芯片的数据,包括使用第一密钥加密的随机数及其签名。 在两个签名匹配的情况下,它返回与使用第二个密钥加密的随机数的数据消息和数据消息的加密版本。 测试功能用于使用第二秘密密钥与数据消息一起加密随机数,使用第二密钥将加密的随机数与数据消息的两个版本进行比较。 在两个版本匹配的情况下,不可信认证芯片和数据消息被认为是有效的; 否则,它们被认为是无效的。
-
7.发明申请CRYPTOGRAPHIC CIPHER WITH FINITE SUBFIELD LOOKUP TABLES FOR USE IN MASKED OPERATIONS 审中-公开带屏蔽操作中使用的有意义的SUBFIELD LOOKUP表的CRYPTOGRAPHIC CIPHER
公开(公告)号:WO2016144465A1
公开(公告)日:2016-09-15
申请号:PCT/US2016/017211
申请日:2016-02-09
CPC分类号: H04L9/0631 , G09C1/00 , H04L9/002 , H04L2209/043 , H04L2209/24 , H04L2209/34
摘要: Various features pertain to cryptographic ciphers such as Advanced Encryption Standard (AES) block ciphers. In some examples described herein, a modified masked AES SubBytes procedure uses a static lookup table that is its own inverse in GF (2 2 ). The static lookup table facilitates computation of the multiplicative inverse during nonlinear substitution operations in GF (2 2 ). In an AES encryption example, the AES device combines plaintext with a round key to obtain combined data, then routes the combined data through an AES SubBytes substitution stage that employs the static lookup table and a dynamic table to perform a masked multiplicative inverse in GF (2 2 ) to obtain substituted data. The substituted data is then routed through additional cryptographic AES stages to generate ciphertext. The additional stages may include further SubBytes stages that also exploit the static and dynamic tables. Other examples employ either a static lookup table or a dynamic lookup table but not both.
摘要翻译: 各种特征涉及加密密码,例如高级加密标准(AES)块密码。 在本文描述的一些示例中,经修改的掩蔽AES子字节过程使用在GF(22)中其自身的逆的静态查找表。 在GF(22)中的非线性替换操作期间,静态查找表有助于计算乘法逆。 在AES加密示例中,AES设备将明文与循环密钥相结合以获得组合数据,然后通过采用静态查找表的AES子字符替换阶段和动态表路由组合数据,以在GF中执行屏蔽乘法反向 22)获得替代数据。 然后,经替代数据通过附加密码AES阶段路由生成密文。 附加阶段可能还包括进一步利用静态和动态表的SubBytes阶段。 其他示例使用静态查找表或动态查找表,但不使用两者。
-
公开(公告)号:WO2011031760A1
公开(公告)日:2011-03-17
申请号:PCT/US2010/048130
申请日:2010-09-08
IPC分类号: G06F21/20
CPC分类号: G06F21/34 , G06F21/31 , G06F2221/2129 , H04L9/3263 , H04L2209/043 , H04L2209/56 , H04L2209/80 , H04W12/06 , H04W12/08
摘要: An authentication controller coupled to a first communication port of a portable computing device is allowed to provide authentication on behalf of an accessory device coupled to a second communication port of the portable computing device. In one embodiment, a dongle that includes an authentication controller can be coupled with the portable computing device. Accessory devices can also be coupled with the potable computing device through other ports, including wireless ports. The dongle can provide cross-transport authentication for accessories that do not include authentication controllers. Once the dongle had been properly authenticated, the permissions granted to the dongle port can be transferred to a communication port coupled with an accessory.
摘要翻译: 耦合到便携式计算设备的第一通信端口的认证控制器被允许代表耦合到便携式计算设备的第二通信端口的附件设备提供认证。 在一个实施例中,包括认证控制器的加密狗可以与便携式计算设备耦合。 附件设备还可以通过包括无线端口的其它端口与饮用计算设备耦合。 加密狗可以为不包括认证控制器的配件提供交叉传输身份验证。 一旦加密狗已经被正确认证,授予加密狗端口的许可权可以转移到与附件相连的通信端口。
-
公开(公告)号:WO2010105993A2
公开(公告)日:2010-09-23
申请号:PCT/EP2010053229
申请日:2010-03-12
申请人: UNIV MUENCHEN TECH , RUEHRMAIR ULRICH , STUTZMANN MARTIN , CSABA GYOERGY , LUGLI PAOLO , FINLEY JONATHAN , JIRAUSCHEK CHRISTIAN , JAEGER CHRISTIAN
发明人: RUEHRMAIR ULRICH , STUTZMANN MARTIN , CSABA GYOERGY , LUGLI PAOLO , FINLEY JONATHAN , JIRAUSCHEK CHRISTIAN , JAEGER CHRISTIAN
CPC分类号: H04L9/3218 , B82Y10/00 , G06F21/44 , G06F21/73 , G06N3/063 , G09C1/00 , H01L27/1021 , H01Q1/38 , H01Q5/40 , H01Q23/00 , H04L9/3213 , H04L9/3278 , H04L2209/043 , H04L2209/50 , H04L2209/60 , H04L2209/805
摘要: A system for security purposes comprising: - an inner structure that is accessible by a plurality of terminals, - wherein the system allows a measurement on the inner structure of the system by using a challenge signal comprising a plurality of input signals applied in parallel to the terminals and by receiving a response signal dependent on a setting of the challenge signal and dependent on the inner structure of the system, wherein - the system comprises at least two features of the group containing: > the ability to process non-binary input signals, > a bandwidth at the terminals and an information content ensuring a incomplete readout of the information content within a predefined access time period, > a spatial and/or logical disorder of the inner structure, > a non-linear relation between the input signals and output signals appearing at the terminals, and that - from the knowledge of a subset of the predefined settings and of associated response signals, the response signal associated with a particular setting outside the subset is not predictable with a probability higher than the probability for guessing the response signal.
摘要翻译: 一种用于安全目的的系统,包括: - 可由多个终端访问的内部结构,其中所述系统允许通过使用质询信号对所述系统的内部结构进行测量,所述挑战信号包括与 并且通过接收取决于挑战信号的设置并且取决于系统的内部结构的响应信号,其中 - 该系统包括该组的至少两个特征,其包含:处理非二进制输入信号的能力, >终端处的带宽和确保在预定义访问时间段内的信息内容的不完全读出的信息内容,>内部结构的空间和/或逻辑混乱,>输入信号与输出之间的非线性关系 出现在终端处的信号,并且 - 从预定义设置的子集和相关联的响应信号的知识中,响应信号也是 与子集外的特定设置相关联的概率不大于猜测响应信号的概率。
-
公开(公告)号:WO2007095240A3
公开(公告)日:2008-05-02
申请号:PCT/US2007003820
申请日:2007-02-12
申请人: TRICIPHER INC , SANDHU RAVI SINGH , GANESAN RAVI , COTTRELL ANDREW PAUL , RENSHAW TIMOTHY SCOTT , SCHOPPERT BRETT JASON , AUSTIN KYLE
发明人: SANDHU RAVI SINGH , GANESAN RAVI , COTTRELL ANDREW PAUL , RENSHAW TIMOTHY SCOTT , SCHOPPERT BRETT JASON , AUSTIN KYLE
IPC分类号: H04L9/32
CPC分类号: H04L9/0825 , G06F21/31 , G06F2221/2115 , H04L9/321 , H04L9/3228 , H04L9/3271 , H04L63/0823 , H04L63/0838 , H04L63/14 , H04L63/1466 , H04L2209/043 , H04L2209/80
摘要: To authenticate a user of a communications network, credentials from the user are centrally receiving. An authentication sequence is retrieved from a plurality of retrievable authentication sequences, and the retrieved authentication sequence is performed to authenticate the user based on the received credentials.
摘要翻译: 要认证通信网络的用户,来自用户的凭证将集中接收。 从多个可检索认证序列中检索认证序列,并且根据所接收到的证书,执行检索的认证序列以认证用户。
-
-
-
-
-
-
-
-
-
搜索结果
59 条记录 (耗时 0.025 秒)
