公开(公告)号：WO2014160194A2

公开(公告)日：2014-10-02

申请号：PCT/US2014/026015

申请日：2014-03-13

Applicant: MASSACHUSETTS INSTITUTE OF TECHNOLOGY ,  NATIONAL UNIVERSITY OF IRELAND, MAYNOOTH

Inventor： CALMON, Flavio, du Pin ,  MEDARD, Muriel ,  ZEGER, Linda, M. ,  CHRISTIANSEN, Mark, M. ,  DUFFY, Kenneth, R.

IPC: H04L9/30

CPC classification number: G06F21/6209 ,  H03M13/1102 ,  H03M13/1515 ,  H04L9/065 ,  H04L63/0435 ,  H04L2209/30 ,  H04L2209/34

Abstract: Secrecy scheme systems and associated methods using list source codes for enabling secure communications in communications networks are provided herein. Additionally, improved information-theoretic metrics for characterizing and optimizing said secrecy scheme systems and associated methods are provided herein. One method of secure communication comprises receiving a data file at a first location, encoding the data file using a list source code to generate an encoded file, encrypting a select portion of the data file using a key to generate an encrypted file, and transmitting the encoded file and the encrypted file to an end user at a destination location, wherein the encoded file cannot be decoded at the destination location until the encrypted file has been received and decrypted by the end user, wherein the end user possesses the key.

Abstract translation: 本文提供了使用列表源代码实现通信网络中的安全通信的保密方案系统和相关方法。 此外，本文提供了用于表征和优化所述保密方案系统和相关方法的改进的信息理论度量。 一种安全通信方法包括：在第一位置接收数据文件，使用列表源代码对数据文件进行编码以生成编码文件，使用密钥加密数据文件的选择部分以生成加密文件，以及发送 编码文件和加密文件到达目的地位置的最终用户，其中编码文件不能在目的地位置被解码，直到最终用户已经接收和解密加密文件，其中最终用户拥有密钥。

公开(公告)号：WO2014074633A1

公开(公告)日：2014-05-15

申请号：PCT/US2013/068798

申请日：2013-11-06

Applicant: CENTRI TECHNOLOGY, INC.

Inventor： PARIS, Luis, Gerardo ,  MACKEY, Michael, Patrick

IPC: G06F21/60

CPC classification number: H04L63/0457 ,  H04L9/0637 ,  H04L63/061 ,  H04L2209/30

Abstract: Embodiments compress and encrypt data in a single pass to reduce inefficiencies that occur from compression and encrypting data separately. Typically, compression and encryption are implemented in separate functional units. This has a few disadvantages: 1 ) encryption cannot make use of compression state to further secure the message, 2) processed data is read and written twice, 3) additional space, time, and resources are consumed, and 4) it is more prone to potential cipher-attacks since the encryption stage is independent from compression. Embodiments overcome these disadvantages by structuring these operations so that both compression and encryption is executed within the same processing loop. Thus: 1 ) encryption is stronger due to the dependence on the compression state, 2) I/O buffers are accessed only once reducing overhead, 3) system footprint is reduced, and 4) cipher analysis is more complex since the decryption process cannot be separated from the decompression process.

Abstract translation: 实施例在单次传递中压缩和加密数据，以降低压缩和分开加密数据所产生的低效率。 通常，压缩和加密在单独的功能单元中实现。 这有一些缺点：1）加密不能利用压缩状态来进一步保护消息，2）处理的数据被读取和写入两次，3）消耗额外的空间，时间和资源，4）更容易 由于加密阶段与压缩无关，因此可能发生密码攻击。 实施例通过构造这些操作来克服这些缺点，以便在相同的处理循环内执行压缩和加密。 因此：1）由于依赖于压缩状态，加密更强大，2）I / O缓冲区仅在一次减少开销时被访问，3）减少了系统占用空间，4）密码分析更复杂，因为解密过程不能 与减压过程分开。

公开(公告)号：WO2012144095A1

公开(公告)日：2012-10-26

申请号：PCT/JP2011/072698

申请日：2011-09-26

Applicant: KABUSHIKI KAISHA TOSHIBA ,  NAGAI, Yuji ,  KATO, Taku ,  SAKAMOTO, Hiroyuki

Inventor： NAGAI, Yuji ,  KATO, Taku ,  SAKAMOTO, Hiroyuki

IPC: H04L9/32

CPC classification number: H04L9/32 ,  H04L9/3273 ,  H04L2209/30 ,  H04L2209/34 ,  H04L2209/60 ,  H04L2209/805

Abstract: According to one embodiment, an authenticatee includes, a memory configured to store secret information XY, secret information XY which is created by multiply duplicating, at least twice, the secret information XY, and secret information XY E , a generation module configured to generate a random number A, a generation module configured to generate a random number D which is composed of at least a part of the generated random number A and a random number B which is received, a calculating module configured to generate data C by executing a compression calculated operation with respect to at least a part of the random number D and the secret information XY loaded from the memory, a generation module configured to generate data ν, and a bit-by-bit addition module configured to calculate an calculated result Z from the data ν and the data C.

Abstract translation: 根据一个实施例，认证者包括：被配置为存储秘密信息XY的存储器，通过将秘密信息XY和秘密信息XYE至少两次复制复制创建的秘密信息XY，生成模块，被配置为生成随机 数字A，生成模块，被配置为生成由生成的随机数A的至少一部分和接收到的随机数B组成的随机数D;计算模块，被配置为通过执行压缩计算的操作来生成数据C 关于随机数D的至少一部分和从存储器加载的秘密信息XY，生成模块被配置为生成数据α，以及逐位加法模块，被配置为从数据中计算计算结果Z ？ 和数据C.

公开(公告)号：WO2011068731A2

公开(公告)日：2011-06-09

申请号：PCT/US2010/057965

申请日：2010-11-24

Applicant: GARMIN SWITZERLAND GMBH ,  GRIMSLEY, Nicholas, S. ,  HILL, Kyle, J. ,  MARSHALL, Robert, L. ,  PFEIFER, Sean, A.

Inventor： GRIMSLEY, Nicholas, S. ,  HILL, Kyle, J. ,  MARSHALL, Robert, L. ,  PFEIFER, Sean, A.

IPC: G06F17/21 ,  G06F15/16

CPC classification number: H04L69/04 ,  H04L9/0891 ,  H04L63/10 ,  H04L63/107 ,  H04L67/02 ,  H04L69/22 ,  H04L2209/30 ,  H04L2209/80

Abstract: Techniques for HTTP header compression are described herein. In an implementation, an electronic device may be configured to enable compression/decompression of HTTP messages, including compression/decompression of information in the headers of the messages. A HTTP message is generated that contains at least a header and a body. The HTTP message is reformatted to place at least some of the header information into the body. Then, the body of the reformatted message having the header information is compressed to form a compressed HTTP message. Decompression may be applied by a recipient of the compressed HTTP message to reconstruct the original HTTP message.

Abstract translation: 本文描述了用于HTTP报头压缩的技术。 在实现中，电子设备可以被配置为启用HTTP消息的压缩/解压缩，包括在消息的报头中的信息的压缩/解压缩。 生成至少包含头文件和正文的HTTP消息。 重新格式化HTTP消息以将至少一些头信息放入正文。 然后，具有标题信息的重新格式化消息的主体被压缩以形成压缩的HTTP消息。 解压缩可以由压缩的HTTP消息的接收者应用来重建原始的HTTP消息。

公开(公告)号：WO2011066531A2

公开(公告)日：2011-06-03

申请号：PCT/US2010/058318

申请日：2010-11-30

Applicant: GENERAL INSTRUMENT CORPORATION ,  ZHANG, Jiang ,  MANGALORE, Geetha ,  PETERKA, Petr

Inventor： ZHANG, Jiang ,  MANGALORE, Geetha ,  PETERKA, Petr

IPC: G06F21/00

CPC classification number: H04N21/2541 ,  G06F21/10 ,  H04L9/0869 ,  H04L63/062 ,  H04L2209/30 ,  H04L2209/603 ,  H04L2463/061 ,  H04L2463/101 ,  H04N7/1675 ,  H04N21/2347 ,  H04N21/2353 ,  H04N21/4405 ,  H04N21/835 ,  H04N21/85406

Abstract: A method is provided for creating an encrypted data file (700) from a data file having a sample entry box and a media data box. The sample entry box has description information therein. The media data box includes media data therein. The method includes: receiving the data file; encrypting the media data within the media data box with an encryption key; replacing the sample entry box with an encoded box (302); creating a sinf box (702) within the encoded box (302); creating a frma box (306) within the sinf box (702); and creating an schm box (704) within the sinf box (702). The schm box (704) indicates the type of formatting of the encrypted media data. The encoded box (302) does not include an initial counter that may be used to decrypt the encrypted media data.

Abstract translation: 提供了一种用于从具有样本输入框和媒体数据框的数据文件创建加密数据文件（700）的方法。 样本输入框中包含描述信息。 媒体数据盒包括其中的媒体数据。 该方法包括：接收数据文件; 用加密密钥加密媒体数据盒内的媒体数据; 用编码框替换样本输入框（302）; 在编码框（302）内创建sinf框（702）; 创建sinf盒（702）内的frma盒（306）; 并在sinf框（702）内创建一个schm框（704）。 schm框（704）指示加密媒体数据的格式化类型。 编码框（302）不包括可用于解密加密的媒体数据的初始计数器。

公开(公告)号：WO2010145983A1

公开(公告)日：2010-12-23

申请号：PCT/EP2010/058131

申请日：2010-06-10

Applicant: THOMSON LICENSING ,  JOYE, Marc

Inventor： JOYE, Marc

IPC: H04L9/30 ,  H04L9/32

CPC classification number: H04L9/3013 ,  H04L9/302 ,  H04L9/3255 ,  H04L2209/12 ,  H04L2209/30

Abstract: At CRYPTO 2003, Rubin and Silverberg introduced the concept of torus-based cryptography over a finite field. The present invention extends their setting to the ring of integers modulo N , thus obtaining compact representations for cryptographic systems that base their security on the discrete logarithm problem and the factoring problem. This can result in small key sizes and substantial savings in memory and bandwidth. However, unlike the case of finite field, analogous trace-based compression methods cannot be adapted to accommodate the extended setting of the invention when the underlying systems require more than a mere exponentiation. The invention finds particular application in a torus-based implementation of the ACJT group signature scheme. Also provided is a processor (10).

Abstract translation: 在CRYPTO 2003年，Rubin和Silverberg在有限的领域上介绍了基于环面的加密技术的概念。 本发明将它们的设置扩展到模N的整数环，从而获得基于离散对数问题和保理问题的安全性的密码系统的紧凑表示。 这可能导致小的密钥大小，并显着节省内存和带宽。 然而，与有限域的情况不同，当底层系统需要的不仅仅是求幂时，类似的基于跟踪的压缩方法不能适应于适应本发明的扩展设置。 本发明在ACJT组签名方案的基于环面的实现中发现具体应用。 还提供了处理器（10）。

公开(公告)号：WO2010075626A1

公开(公告)日：2010-07-08

申请号：PCT/CA2009/001763

申请日：2009-12-03

Applicant: NORTEL NETWORKS LIMITED ,  LEECH, Marcus D.

Inventor： LEECH, Marcus D.

IPC: H04L9/28

CPC classification number: H04L63/0428 ,  G09C1/00 ,  H04L9/00 ,  H04L2209/30

Abstract: A system, method, and network interface obscures the existence of data encryption in a communication network is provided. A set of characters is generated by using a set of encryption keys as an input to a pseudo-random function. Each character corresponds to an index value. The encrypted data is divided into a plurality of parts. Each part is sectioned into a plurality of groups. Each group of the plurality of groups is encoded by mapping the group to a character in the set of characters according to its corresponding index value. The mapped characters are transmitted through the communication network.

Abstract translation: 系统，方法和网络接口掩盖了通信网络中数据加密的存在。 通过使用一组加密密钥作为伪随机函数的输入来生成一组字符。 每个字符对应一个索引值。 加密数据被分成多个部分。 每个部分被分成多个组。 通过根据其对应的索引值将组映射到字符集中的字符来编码多个组中的每个组。 映射字符通过通信网络传输。

公开(公告)号：WO2010024247A1

公开(公告)日：2010-03-04

申请号：PCT/JP2009/064782

申请日：2009-08-25

Applicant: ソニー株式会社 ,  岩田 哲 ,  白井 太三 ,  渋谷 香士 ,  盛合 志帆 ,  秋下 徹

Inventor： 岩田　哲 ,  白井　太三 ,  渋谷　香士 ,  盛合　志帆 ,  秋下　徹

IPC: G09C1/00

CPC classification number: H04L9/0643 ,  H04L2209/12 ,  H04L2209/20 ,  H04L2209/30 ,  H04L2209/38

Abstract: 　解析困難性を高めた安全性の高いハッシュ値生成を行うデータ変換装置を実現する。入力データに対するデータ攪拌処理を実行する攪拌処理部と、データ変換処理対象データであるメッセージデータを分割した分割データを含む入力データに対するデータ圧縮処理を実行する圧縮処理部を有する。複数段の圧縮処理部の一部は、攪拌処理部の出力と、メッセージデータの分割データの双方を入力してデータ圧縮処理を実行する。複数ラウンドの圧縮処理ラウンドの少なくとも一定タイミング毎に攪拌処理を実行させる構成としたので、解析困難性を高めた安全性の高いハッシュ値生成を行うデータ変換装置が実現される。

Abstract translation: 实现了用于生成具有增强的分析难度的高度安全的散列值的数据转换装置。 数据转换装置包括搅拌部分，用于搅拌输入数据和压缩部分，用于压缩包括分割数据集的输入数据，分割数据组被划分成要转换的消息数据组。 多级连接的压缩部的一部分接收搅拌部的输出和消息数据组的分割数据组，并执行数据压缩。 至少在多个压缩回合期间的每个特定时刻搅拌数据。 因此，实现了具有增强的分析难度的用于生成高度安全的散列值的数据转换装置。

公开(公告)号：WO2007044964A3

公开(公告)日：2009-05-28

申请号：PCT/US2006040389

申请日：2006-10-12

Applicant: DATACASTLE CORP

Inventor： SUMNER GARY STEVEN ,  AMMONS JAYBE MARK ,  LIDDELL MIKE

IPC: G06F12/00 ,  G06F9/44 ,  G06F17/30 ,  H04L9/00

CPC classification number: G06F17/3089 ,  G06F11/1453 ,  G06F11/1464 ,  G06F21/6218 ,  G06F21/6227 ,  G06F21/6245 ,  G06F2201/83 ,  H04L9/0894 ,  H04L2209/30

Abstract: Embodiments of the present invention are directed to Web-Services- based data backup and data-archiving applications that provide remote data backup and data archiving to private individuals, small businesses, and other organizations that need reliable, secure, geographically remote, and cost-effective data backup, data archiving, and backed-up and archived-data retrieval. In one embodiment of the present invention, a private or small-business client contracts with a service provider for data-backup and data-archiving services. The service provider, in turn, contracts with a remote data-storage facility to provide secure, reliable data backup and data archiving to the personal or small-business client. A client-side application is downloaded to the client computer and configured to allow the client to store locally encrypted data at the remote, data-storage facilities. Neither the service provider nor the data-storage facility can decrypt or otherwise access the information stored by the client. In addition, the encryption key or encryption keys used by the client to encrypt the data for remote storage are securely stored at the remote, data-storage facility for subsequent recovery by the client, should the client suffer damage or loss to a local computer system. However, the client encryption key is stored in a doubly encrypted fashion, preventing access to the client's encryption key by either the service provider or the data-storage facility. Certain embodiments of the present invention also provide local indexing for remotely stored, encrypted data and efficient storage of updates to already remotely stored data.

Abstract translation: 本发明的实施例涉及基于Web服务的数据备份和数据归档应用，其向私人个人，小企业和其他需要可靠，安全，地理上远程和成本效益的组织提供远程数据备份和数据归档， 有效的数据备份，数据归档，备份和归档数据检索。 在本发明的一个实施例中，私人或小型企业客户与服务提供商签约用于数据备份和数据归档服务。 服务提供商又与远程数据存储设备签约，为个人或小企业客户端提供安全，可靠的数据备份和数据归档。 将客户端应用程序下载到客户端计算机，并配置为允许客户端将本地加密的数据存储在远程数据存储设施中。 服务提供商和数据存储设施都不能解密或以其他方式访问客户端存储的信息。 此外，如果客户端遭受本地计算机系统的损坏或丢失，客户端用于加密远程存储数据的加密密钥或加密密钥被安全地存储在远程数据存储设备中，以供客户随后恢复 。 然而，客户端加密密钥以双重加密的方式存储，从而阻止服务提供商或数据存储设施访问客户端的加密密钥。 本发明的某些实施例还提供用于远程存储的加密数据的本地索引，以及对已经远程存储的数据的更新的有效存储。

公开(公告)号：WO2007058907A3

公开(公告)日：2009-05-22

申请号：PCT/US2006043674

申请日：2006-11-10

Applicant: PKWARE INC ,  CHERRINGTON JEFF ,  STURONAS JOE

Inventor： CHERRINGTON JEFF ,  STURONAS JOE

IPC: H04L9/00

CPC classification number: G06F21/602 ,  H04L9/083 ,  H04L9/321 ,  H04L9/3247 ,  H04L9/3268 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0823 ,  H04L63/126 ,  H04L2209/30

Abstract: Systems and methods are provided which allow for the secure exchange of information between a sender and a receiver. The systems and methods utilize a mutually trusted credential creator (figure 9, 940) to authenticate the identities of at least the sender and optionally the receiver. The systems and methods also provide for the use of host applications capable of encrypting and digitally signing a secure file format. The secure file format is preferably only alterable with the consent of the sender.

Abstract translation: 提供了允许发送者和接收者之间的信息的安全交换的系统和方法。 系统和方法利用相互信任的证书创建者（图9,940）来认证至少发送者和可选地接收者的身份。 这些系统和方法还提供了能够加密和数字签名安全文件格式的主机应用程序的使用。 安全文件格式最好只能在发件人同意的情况下才可以更改。