公开(公告)号：WO2006076803A1

公开(公告)日：2006-07-27

申请号：PCT/CA2006/000064

申请日：2006-01-20

Applicant: CERTICOM CORP. ,  ROSATI, Tony ,  VANSTONE, Scott A. ,  BROWN, Daniel

Inventor： ROSATI, Tony ,  VANSTONE, Scott A. ,  BROWN, Daniel

IPC: H04L9/00 ,  H04L12/54 ,  H04L9/30 ,  H04L9/28

CPC classification number: H04L63/0442 ,  H04L9/3242 ,  H04L9/3247 ,  H04L51/12 ,  H04L63/126 ,  H04L2209/60

Abstract: Undesirable electronic messages, such as the unsolicited broadcast e-mail known as spam, is not only a nuisance, but wastes both computer and user resources. Conversely, desirable electronic messages with sensitive content is important to secure, so that it is not forged, tampered or revealed. Accordingly, the present invention provides cryptographic methods that simultaneously secures electronic communication and helps fight spam.

Abstract translation: 不理想的电子信息，例如被称为垃圾邮件的未经请求的广播电子邮件，不仅是一个麻烦，而且会浪费计算机和用户资源。 相反，具有敏感内容的理想的电子消息对于确保是重要的，因此它不被伪造，篡改或显露。 因此，本发明提供了同时保护电子通信并有助于防止垃圾邮件的密码方法。

公开(公告)号：WO2006066397A1

公开(公告)日：2006-06-29

申请号：PCT/CA2005/001903

申请日：2005-12-16

Applicant: CERTICOM CORP. ,  NEILL, Brian ,  VADEKAR, Ashok

Inventor： NEILL, Brian ,  VADEKAR, Ashok

IPC: G06Q10/00 ,  G06F21/00

CPC classification number: D04H13/003 ,  G06F21/6209 ,  G06F21/64 ,  G06F21/70 ,  G06F21/84 ,  G06F2221/2101 ,  G06F2221/2129 ,  G11B20/0021

Abstract: A partial revocation list and a system and method for using the partial revocation list for tracking the authenticity of replacement cartridges in a manufactured device to inhibit cloning of the cartridges is provided. A revocation pool is maintained by a manufacturer who chooses a partial revocation list from the revocation pool to store in the memory of the cartridge. The device stores its own revocation list, informs the manufacturer of cartridges which have been used and checks when a new device is installed to ensure a cloned replacement is not being used. The partial revocation list distributes enough revocation information to devices to statistically impair the cartridge yield of a cloning operation.

Abstract translation: 提供了部分撤销列表以及用于使用部分撤销列表跟踪制造的装置中替换盒的真实性以禁止克隆盒的系统和方法。 撤销池由制造商维护，制造商从撤销池中选择部分撤销列表以存储在存储器的存储器中。 设备存储其自己的撤销列表，通知制造商已经使用的盒式磁带，并在安装新设备时检查，以确保克隆的更换不被使用。 部分撤销列表向设备分配足够的撤销信息以统计地损害克隆操作的盒产量。

公开(公告)号：WO2006051404A3

公开(公告)日：2006-05-18

申请号：PCT/IB2005/003385

申请日：2005-11-11

Applicant: CERTICOM CORP. ,  BROWN, Daniel, R.L. ,  GALLANT, Robert, P. ,  VANSTONE, Scott, A.

Inventor： BROWN, Daniel, R.L. ,  GALLANT, Robert, P. ,  VANSTONE, Scott, A.

IPC: H04L9/00 ,  H04L9/28

Abstract: Improper re-use of a static Difhe-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most DFs.Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented.

公开(公告)号：WO2006051402A1

公开(公告)日：2006-05-18

申请号：PCT/IB2005/003380

申请日：2005-11-11

Applicant: CERTICOM CORP. ,  BROWN, Daniel, R., L. ,  GALLANT, Robert, P. ,  VANSTONE, Scott, A.

Inventor： BROWN, Daniel, R., L. ,  GALLANT, Robert, P. ,  VANSTONE, Scott, A.

IPC: H04L9/28 ,  H04L9/30

CPC classification number: G06F7/72 ,  G06F7/724 ,  G06F7/725 ,  G06F2207/7204 ,  H04L9/002 ,  H04L9/0841 ,  H04L9/3066 ,  H04L2209/26

Abstract: Methods for choosing groups for a static Diffie-Hellman key agreement protocol to inhibit active attacks by an adversary are provided. In mod p groups, an even h is chosen of value approximately (9/16)(log 2 n) 2 , values r and n are determined using sieving and primality testing on r and n, and a value t is found to compute p = tn + 1 wherein p is prime. In elliptic curve groups defined over a binary filed, a random curve is chosen, the number of points on the curve is counted and this number is checked for value of 2n wherein n is prime and n-1 meets preferred criteria. In elliptic curve groups defined over a prime field of order q, a value n = hr + 1 is computed, wherein n is prime and n-1 meets preferred criteria, and a complex multiplication method is applied on n to produce a value q and an elliptic curve E defined over q and having an order n.

Abstract translation: 提供了用于选择静态Diffie-Hellman密钥协商协议以抑制对手的主动攻击的组的方法。 在mod p组中，偶数h被选择为大约（9/16）（log 2）n 2），值r和n是使用筛选和原始测试来确定的 在r和n上，找到值t来计算p = tn + 1，其中p是素数。 在二进制字段中定义的椭圆曲线组中，选择随机曲线，对曲线上的点数进行计数，并检查2n的值，其中n是素数，n-1符合优选标准。 在序列q的质场上定义的椭圆曲线组中，计算值n = hr + 1，其中n是素数，n-1满足优选标准，并且在n上应用复数乘法以产生值q和 在q上定义并具有n阶的椭圆曲线E.

公开(公告)号：WO2004051956A3

公开(公告)日：2004-08-19

申请号：PCT/CA0301879

申请日：2003-12-04

Applicant: CERTICOM CORP ,  STRUIK MARINUS

Inventor： STRUIK MARINUS

IPC: H04L1/18 ,  H04L29/06 ,  H04L29/08 ,  H04L12/28

CPC classification number: H04L63/0428 ,  H04L1/1803 ,  H04L1/1812 ,  H04L1/1867 ,  H04L29/06 ,  H04L47/34 ,  H04L63/0435 ,  H04L63/06 ,  H04L67/04 ,  H04L67/12 ,  H04L69/329 ,  H04L2209/80 ,  H04W4/12 ,  H04W12/02 ,  H04W12/04 ,  H04W24/00 ,  H04W28/04 ,  H04W28/06 ,  H04W56/0015

Abstract: A method of transmitting messages from a sender to a recipient over a wireless channel, the messages including a sequence counter and a frame counter. The method comprises establishing initial values of the sequence counter and the frame counter at the sender. Initial values of the frame counter and the sequence counter are provided to the recipient. The sender sends compressed messages including the value of the sequence counter and not the frame counter and monitors for an acknowledgement of receipt by the recipient. When no acknowledgment is received, the sender sends uncompressed messages until an acknowledgement of receipt is received from the recipient. The sequence counter is incremented and the next value of the frame counter is established as the integer next larger than previous value of the frame counter which is congruent to the sequence counter modulo 256.

Abstract translation: 一种通过无线信道从发送方向接收者发送消息的方法，所述消息包括序列计数器和帧计数器。 该方法包括在发送方建立序列计数器和帧计数器的初始值。 帧计数器和序列计数器的初始值被提供给接收者。 发送方发送压缩消息，包括序列计数器的值，而不是帧计数器，并监视收件人的收到确认。 当没有接收到确认时，发送方发送未压缩的消息，直到从收件人收到收到确认。 序列计数器递增，并且帧计数器的下一个值被建立为接下来大于帧计数器的先前值的整数，其与序列计数器模256一致。

公开(公告)号：WO2003077469A1

公开(公告)日：2003-09-18

申请号：PCT/CA2003/000317

申请日：2003-03-07

Applicant: CERTICOM CORP. ,  STRUIK, Marinus

Inventor： STRUIK, Marinus

IPC: H04L9/08

CPC classification number: H04L9/0844

Abstract: A key establishment protocol based on exponential key exchange techniques included the generation of a value of cryptographic function, typically a hash, of a session key and public information. This value is transferred between correspondents together with the information necessary to generate the session key. Provided the session key has not been compromised, the value of the cryptographic function will be the same at each of the correspondents. The value of the cryptographic function cannot be compromised or modified without access to the session key.

Abstract translation: 基于指数密钥交换技术的密钥建立协议包括生成会话密钥和公共信息的加密函数的值，通常是散列值。 该值在通讯者之间传送，以及生成会话密钥所需的信息。 如果会话密钥尚未被泄露，则密码功能的值在每个记者端都是相同的。 密码功能的值不能在不访问会话密钥的情况下被破坏或修改。

公开(公告)号：WO9851032A2

公开(公告)日：1998-11-12

申请号：PCT/CA9800418

申请日：1998-05-04

Applicant: CERTICOM CORP ,  VANSTONE SCOTT A ,  JOHNSON DONALD ,  LAMBERT ROBERT J ,  VADEKAR ASHOK V

Inventor： VANSTONE SCOTT A ,  JOHNSON DONALD ,  LAMBERT ROBERT J ,  VADEKAR ASHOK V

IPC: G07F7/10 ,  H04L3/00

CPC classification number: G07F7/1008 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L9/0841 ,  H04L9/3066 ,  H04L9/3273

Abstract: A method of authenticating a pair of correspondents C, S to permit the exchange of information therebetween, each of the correspondents having a respective private key, e, d and a public key, Q?u? and Q?s? derived from a generator element of a group and a respective ones of the private keys, e, d, the method comprising the steps of: a first of the correspondents C generating a session value x; the first correspondent generating a private value t, a public value derived from the private value t and the generator and a shared secret value derived from the private value t and the public key Q?s? of the second correspondent; the second correspondent generating a challenge value y and transmitting the challenge value y to the first correspondent; the first correspondent in response thereto computing a value h by applying a function H to the challenge value y, the session value x, the public value an of the first correspondent; the first correspondent signing the value h utilizing the private key e; the first correspondent transmitting to the second correspondent the signature including the session value x, and the private value t; and the second correspondent verifying the signature utilizing the public key Q?u? of the first correspondent and whereby verification of the signature authenticates the first correspondent to the second correspondent.

Abstract translation: 一种认证一对记者C，S以允许其之间的信息交换的方法，每个记者具有相应的私钥e，d和公钥Q？u？ 和Q？ 从组的发生器元件和相应的私钥e，d中导出的方法，该方法包括以下步骤：产生会话值x的通信对象C中的第一个; 生成私有值t的第一通信对象，从私有值t和生成器导出的公有值以及从私有值t和公钥Qss导出的共享秘密值， 的第二记者; 第二记者产生质询值y并将询问值y发送给第一通讯员; 响应于第一记者通过将函数H应用于质询值y，会话值x，第一记者的公开值a来计算值h; 第一个记者利用私钥e签名值h; 第一记者向第二记者发送包括会话值x和私有值t的签名; 以及使用公钥Q≠u验证签名的第二记者 的第一通讯员，从而对签名的验证对第二记者的第一通讯者进行认证。

公开(公告)号：WO1996030828A1

公开(公告)日：1996-10-03

申请号：PCT/CA1996000187

申请日：1996-04-01

Applicant: CERTICOM CORP.

Inventor： CERTICOM CORP. ,  MULLIN, Ronald, C.

IPC: G06F07/72

CPC classification number: G06F7/724 ,  G06F2207/7209

Abstract: A finite field multiplier in GF2 is formed from a pair of m-celled shift registers and an m-celled accumulating cell. Logical connections are established to generate grouped terms in respective cells of the accumulating cell upon retention of the vector of the subfield elements in each shift register. Each cell contains a subfield element in the form of an n-tuple and the logical connections perform arithmetic operations in accordance with the inherent subfield arithmetic to provide an n-tuple in each cell of the accumulating register. A product of two vectors can be obtained in m clock cycles. By mapping between registers, squaring of a vector can be obtained in one clock cycle.

Abstract translation: GF2 中的有限域乘法器由一对m个单元的移位寄存器和m个单元的累加单元形成。 建立逻辑连接以在保留每个移位寄存器中的子场元素的向量时，在累积单元的相应单元中生成分组的项。 每个单元包含n元组形式的子场元素，并且逻辑连接根据固有子场算法执行算术运算，以在累加寄存器的每个单元中提供n元组。 可以在m个时钟周期内获得两个向量的乘积。 通过在寄存器之间映射，可以在一个时钟周期内获得向量的平方。

公开(公告)号：WO2017190223A1

公开(公告)日：2017-11-09

申请号：PCT/CA2017/050175

申请日：2017-02-14

Applicant: CERTICOM CORP.

Inventor： BROWN, Daniel Richard L.

IPC: G09C5/00 ,  G06F7/72

Abstract: A method for providing Cheon-resistance security for a static elliptic curve Diffie- Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q , wherein q is prime, such that q-1 = cr and q +1 = ds , where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd ≤ 48.

Abstract translation: 一种用于为静态椭圆曲线迪菲 - 赫尔曼密码系统（ECDH）提供耐干扰安全性的方法，所述方法包括提供用于一对通信者之间的消息通信的系统，消息按照 其中ECDH指令可在相应通信者的计算机处理器上执行，所述ECDH指令使用从多条曲线中选择的曲线，所述选择包括选择曲线范围; 从曲线范围中选择匹配阈值效率的曲线; 在所选曲线内不包括可能包含故意漏洞的曲线; 并且从未排除的选定曲线中选择具有奇恩斯阻力的曲线，所述选择包括来自q阶附加组的曲线，其中q是质数，使得 q-1 = cr和q + 1 = ds，其中r和s是素数，而＆lt; i＆gt; c 和是该组的整数Cheon辅因子，使得 cd ≤48。