公开(公告)号：WO9967919A3

公开(公告)日：2000-03-23

申请号：PCT/US9912734

申请日：1999-06-03

Applicant: CRYPTOGRAPHY RES INC

Inventor： KOCHER PAUL C ,  JAFFE JOSHUA M ,  JUN BENJAMIN C

IPC: G09C1/00 ,  H04L9/06 ,  H04L9/32

CPC classification number: H04L9/0625 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  H04L9/003 ,  H04L2209/046 ,  H04L2209/08 ,  H04L2209/127

Abstract: Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) (100) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P {K1} XOR K2P {K2} equals the "standard" DES key K (110), and M1P {M1} XOR M2P {M2} equals the "standard" message. During operation (145) of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.

Abstract translation: 公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来改善DES和其他加密协议以抵抗外部监视攻击的方法和装置。 本发明改进的DES实现代替使用两个56位密钥（K1和K2）（100）和两个64位明文消息（M1和M2），每个与置换相关联（即，K1P，K2P和M1P，M2P ），使得K1P {K1} XOR K2P {K2}等于“标准”DES密钥K（110），并且M1P {M1} XOR M2P {M2}等于“标准”消息。 在设备的操作（145）期间，优选地通过将新鲜熵引入表中来快速地将信息泄漏出来，周期性地更新表，使得攻击者将不能通过分析测量获得表内容。 该技术可以在加密智能卡，防篡改芯片和各种安全处理系统中实现。

公开(公告)号：WO0002342A2

公开(公告)日：2000-01-13

申请号：PCT/US9915146

申请日：1999-07-02

Applicant: CRYPTOGRAPHY RES INC

Inventor： KOCHER PAUL C

IPC: G06Q20/34 ,  G06Q20/40 ,  G07F7/10 ,  H04L9/08 ,  H04L9/00

CPC classification number: G07F7/1008 ,  G06F2207/7219 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L9/003 ,  H04L9/0625 ,  H04L9/0891

Abstract: Methods and apparatus for increasing the leak-resistance of cryptographic system using an indexed key update technique are disclosed. By repeatedly applying the update process, information leaking during cryptographic operations that is collected by attackers rapidly becomes obsolete. Thus, such a system can remain secure against attacks involving analysis of measurements of the device's power consumption, electromagnetic characteristics, or other information leaked during transactions. The server then performs a series of operations to determine the sequence of transformation needed to re-derive the correction session key from the client's secret value (190).

Abstract translation: 公开了使用索引密钥更新技术增加密码系统的防漏性的方法和装置。 通过重复应用更新过程，攻击者收集的密码操作过程中信息泄露迅速变得过时。 因此，这种系统可以保持安全性，防止涉及分析设备的功耗，电磁特性或事务中泄露的其他信息的测量的攻击。 然后，服务器执行一系列操作以确定从客户端的秘密值重新导出校正会话密钥所需的变换序列（190）。

公开(公告)号：WO9967909A3

公开(公告)日：2000-05-04

申请号：PCT/US9912740

申请日：1999-06-03

Applicant: CRYPTOGRAPHY RES INC

Inventor： KOCHER PAUL C ,  JAFFE JOSHUA M

IPC: G06F7/72 ,  H04L9/28 ,  G06F12/14

CPC classification number: H04L9/3066 ,  G06F7/723 ,  G06F7/725 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7261 ,  H04L9/003 ,  H04L9/0841 ,  H04L2209/127 ,  H04L2209/56

Abstract: Methods and apparatuses are disclosed for securing cryptosystems against external monitoring attacks by reducing the amount (and signal to noise ratio) of useful information leaked during processing. In general, this is accomplished by implementing critical operations using "branchless" or fixed execution path routines (115, 125) whereby the execution path does not vary in any manner that can reveal new information about the secret key during subsequent operations. More particularly, various embodiments of the invention include: implementing modular exponentiation without key-dependent conditional jumps (125); implementing modular exponentiation with fixed memory access patterns (120); implementing modular multiplication without using leak-prone multiplication-by-one operations (115); and implementing leak-minimization multiplication (and other operations) for elliptic curve cryptosystems (130).

Abstract translation: 公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来保护密码系统免受外部监视攻击的方法和装置。 通常，这是通过使用“无分支”或固定执行路径例程（115,125）实现关键操作来实现的，由此执行路径不以可以在随后的操作期间揭示有关秘密密钥的新信息的任何方式变化。 更具体地，本发明的各种实施例包括：实现没有密钥依赖条件跳转（125）的模幂运算; 用固定存储器访问模式（120）实现模幂运算; 实现模乘，而不使用易泄漏的乘法运算（115）; 并为椭圆曲线密码系统（130）实施泄漏最小化乘法（和其他操作）。

公开(公告)号：WO2016094195A2

公开(公告)日：2016-06-16

申请号：PCT/US2015063812

申请日：2015-12-03

Applicant: CRYPTOGRAPHY RES INC

Inventor： TUNSTALL MICHAEL ,  DURVAUX FRANCOIS

IPC: H04L9/18

CPC classification number: H04L9/003 ,  H04L2209/046

Abstract: A value corresponding to an input for a cryptographic operation may be received. The value may be masked by multiplying the value with a first number modulo a prime number. The cryptographic operation may subsequently be performed on the masked value.

Abstract translation: 可以接收对应于用于密码操作的输入的值。 该值可以通过将该值乘以以素数为模的第一个数字而被掩盖。 随后可以对掩码值执行密码操作。

公开(公告)号：WO2014026095A3

公开(公告)日：2014-05-01

申请号：PCT/US2013054306

申请日：2013-08-09

Applicant: CRYPTOGRAPHY RES INC

Inventor： KOCHER PAUL CARL ,  JUN BENJAMIN CHE-MING ,  LEISERSON ANDREW JOHN

IPC: H04L9/14

CPC classification number: H04L63/0823 ,  G06F21/54 ,  G06F21/71 ,  G06F2221/2101 ,  H04L9/083 ,  H04L9/0897 ,  H04L9/14 ,  H04L9/3247 ,  H04L63/061 ,  H04L63/083

Abstract: A mechanism for providing secure feature and key management in integrated circuits is described. An example integrated circuit includes a secure memory to store a secret key, and a security manager core, coupled to the secure memory, to receive a digitally signed command, verify a signature associated with the command using the secret key, and configure operation of the integrated circuit using the command.

Abstract translation: 描述了在集成电路中提供安全特征和密钥管理的机制。 示例性集成电路包括用于存储秘密密钥的安全存储器和耦合到安全存储器的安全管理器核，以接收数字签名的命令，使用秘密密钥验证与该命令相关联的签名，以及配置 集成电路使用该命令。

公开(公告)号：WO9967766A2

公开(公告)日：1999-12-29

申请号：PCT/US9912739

申请日：1999-06-03

Applicant: CRYPTOGRAPHY RES INC ,  JAFFE JOSHUA M ,  KOCHER PAUL C ,  JUN BENJAMIN C

Inventor： JAFFE JOSHUA M ,  KOCHER PAUL C ,  JUN BENJAMIN C

IPC: H04L9/06 ,  G09C1/12

CPC classification number: H04L9/0618 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  H04L9/003 ,  H04L63/1441 ,  H04L2209/122

Abstract: Cryptographic devices that leak information about their secrets through externally monitorable characteristics (such as electromagnetic radiation and power consumption) may be vulnerable to attack, and previously-known methods that could address such leaking are inappropriate for smartcards and many other cryptographic applications. Methods and apparatuses are disclosed for performing computations in which the representation of data, the number of system state transitions at each computational step, and the Hamming weights of all operands are independent of computation inputs, intermediate values, or results. Exemplary embodiments implemented using conventional (leaky) hardware elements (such as electronic components, logic gates, etc.) as well as software executing on conventional (leaky) microprocessors are described. Smartcards and other tamper-resistant devices of the invention provide greatly improved resistance to cryptographic attacks involving external monitoring.

Abstract translation: 通过外部可监控特性（如电磁辐射和功耗）泄露其秘密信息的密码设备可能容易受到攻击，而可能解决此类漏洞的先前已知的方法不适用于智能卡和许多其他密码应用。 公开了用于执行计算的方法和装置，其中数据的表示，每个计算步骤的系统状态转换的数量以及所有操作数的汉明权重与计算输入，中间值或结果无关。 描述了使用常规（泄漏）硬件元件（例如电子元件，逻辑门等）实现的示例性实施例以及在常规（泄漏）微处理器上执行的软件。 本发明的智能卡和其他防篡改装置提供了大大提高的抵抗涉及外部监视的密码攻击的能力。

公开(公告)号：WO9967766A8

公开(公告)日：2000-07-27

申请号：PCT/US9912739

申请日：1999-06-03

Applicant: CRYPTOGRAPHY RES INC

Inventor： JAFFE JOSHUA M ,  KOCHER PAUL C ,  JUN BENJAMIN C

IPC: H04L9/06 ,  G09C1/12

CPC classification number: H04L9/0618 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  H04L9/003 ,  H04L63/1441 ,  H04L2209/122

Abstract: Cryptographic devices that leak information about their secrets through externally monitorable characteristics (such as electromagnetic radiation and power consumption) may be vulnerable to attack, and previously-known methods that could address such leaking are inappropriate for smartcard and many other cryptographic applications. Methods and apparatuses are disclosed for performing computations in which the representation of data, the number of system state transitions at each computational step, and the Hamming weights of all operands are independent of computation inputs, intermediate values, or results. Exemplary embodiments (figure 6) implemented using conventional hardware elements such as electronic components (611, 613) and logic gates (610, 620, 630, 640) as well as software executing on conventional microprocessors are described.

Abstract translation: 通过外部可监视特性（如电磁辐射和功耗）泄露其秘密信息的密码设备可能容易受到攻击，并且可能解决此类漏洞的先前已知的方法不适用于智能卡和许多其他密码应用。 公开了用于执行计算的方法和装置，其中数据的表示，每个计算步骤的系统状态转换的数量以及所有操作数的汉明权重与计算输入，中间值或结果无关。 描述了使用诸如电子部件（611,613）和逻辑门（610,620,630,640）的常规硬件元件实现的示例性实施例（图6）以及在常规微处理器上执行的软件。

公开(公告)号：WO2018106509A1

公开(公告)日：2018-06-14

申请号：PCT/US2017063949

申请日：2017-11-30

Applicant: CRYPTOGRAPHY RES INC ,  BEST SCOTT C

Inventor： BEST SCOTT C

IPC: H04L9/12 ,  G06F21/73 ,  G06K19/07

Abstract: A physically unclonable function circuit (PUF) is used to generate a fingerprint value based on the uniqueness of the physical characteristics (e.g., resistance, capacitance, connectivity, etc.) of a tamper prevention (i.e., shielding) structure that includes through-silicon vias and metallization on the backside of the integrated circuit. The physical characteristics depend on random physical factors introduced during manufacturing. This causes the chip-to-chip variations in these physical characteristics to be unpredictable and uncontrollable which makes more difficult to duplicate, clone, or modify the structure without changing the fingerprint value. By including the through-silicon vias and metallization on the backside of the integrated circuit as part of the PUF, the backside of the chip can be protected from modifications that can be used to help learn the secure cryptographic keys and/or circumvent the secure cryptographic (or other) circuitry.

公开(公告)号：WO2005008385A3

公开(公告)日：2005-05-19

申请号：PCT/US2004021621

申请日：2004-07-07

Applicant: CRYPTOGRAPHY RES INC ,  KOCHER PAUL C ,  JAFFE JOSHUA M ,  JUN BENJAMIN C ,  LAREN CARTER C ,  PEARSON PETER K

Inventor： KOCHER PAUL C ,  JAFFE JOSHUA M ,  JUN BENJAMIN C ,  LAREN CARTER C ,  PEARSON PETER K

IPC: G06Q50/00 ,  G06F20060101 ,  G06F1/00 ,  G06F12/14 ,  G06Q30/00 ,  G09C1/00 ,  G11B20/00 ,  G11B20/10 ,  G11B20/12 ,  G11B27/00 ,  H04L9/08 ,  H04L9/30 ,  H04N5/91 ,  H04N5/913

CPC classification number: G06F21/10 ,  G06F9/445 ,  G06F21/64 ,  G06Q50/188 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/0021 ,  G11B20/00231 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00449 ,  G11B20/00818 ,  G11B20/00884 ,  H04L9/0844 ,  H04L9/302 ,  H04L9/3236 ,  H04L9/3249 ,  H04L9/3271 ,  H04L2209/56 ,  H04L2209/60 ,  H04N5/913 ,  H04N21/4181 ,  H04N21/42646 ,  H04N21/4325 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8193 ,  H04N21/8358 ,  H04N2005/91342 ,  H04N2005/91364

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disk (200) carries an encrypted digital video title combined with data processing operations (225) that implement the titles security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations (225), access secure non-volatile storage, submit data to CODECs for output (250), and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.

Abstract translation: 通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。 示例性光盘（200）携带加密的数字视频标题，其与实现标题安全策略和解密处理的数据处理操作（225）组合。 播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。 播放器还提供程序调用，使得内容代码能够从媒体加载数据，执行网络通信，确定播放环境配置（225），访问安全的非易失性存储，向CODEC提交数据以输出（250）和/或执行加密操作 。 内容可以在解码输出中插入取证水印，以追踪盗版副本。 如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。