公开(公告)号：WO2005008385A3

公开(公告)日：2005-05-19

申请号：PCT/US2004021621

申请日：2004-07-07

Applicant: CRYPTOGRAPHY RES INC ,  KOCHER PAUL C ,  JAFFE JOSHUA M ,  JUN BENJAMIN C ,  LAREN CARTER C ,  PEARSON PETER K

Inventor： KOCHER PAUL C ,  JAFFE JOSHUA M ,  JUN BENJAMIN C ,  LAREN CARTER C ,  PEARSON PETER K

IPC: G06Q50/00 ,  G06F20060101 ,  G06F1/00 ,  G06F12/14 ,  G06Q30/00 ,  G09C1/00 ,  G11B20/00 ,  G11B20/10 ,  G11B20/12 ,  G11B27/00 ,  H04L9/08 ,  H04L9/30 ,  H04N5/91 ,  H04N5/913

CPC classification number: G06F21/10 ,  G06F9/445 ,  G06F21/64 ,  G06Q50/188 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/0021 ,  G11B20/00231 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00449 ,  G11B20/00818 ,  G11B20/00884 ,  H04L9/0844 ,  H04L9/302 ,  H04L9/3236 ,  H04L9/3249 ,  H04L9/3271 ,  H04L2209/56 ,  H04L2209/60 ,  H04N5/913 ,  H04N21/4181 ,  H04N21/42646 ,  H04N21/4325 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8193 ,  H04N21/8358 ,  H04N2005/91342 ,  H04N2005/91364

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disk (200) carries an encrypted digital video title combined with data processing operations (225) that implement the titles security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations (225), access secure non-volatile storage, submit data to CODECs for output (250), and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.

Abstract translation: 通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。 示例性光盘（200）携带加密的数字视频标题，其与实现标题安全策略和解密处理的数据处理操作（225）组合。 播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。 播放器还提供程序调用，使得内容代码能够从媒体加载数据，执行网络通信，确定播放环境配置（225），访问安全的非易失性存储，向CODEC提交数据以输出（250）和/或执行加密操作 。 内容可以在解码输出中插入取证水印，以追踪盗版副本。 如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。

公开(公告)号：WO9967766A2

公开(公告)日：1999-12-29

申请号：PCT/US9912739

申请日：1999-06-03

Applicant: CRYPTOGRAPHY RES INC ,  JAFFE JOSHUA M ,  KOCHER PAUL C ,  JUN BENJAMIN C

Inventor： JAFFE JOSHUA M ,  KOCHER PAUL C ,  JUN BENJAMIN C

IPC: H04L9/06 ,  G09C1/12

CPC classification number: H04L9/0618 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  H04L9/003 ,  H04L63/1441 ,  H04L2209/122

Abstract: Cryptographic devices that leak information about their secrets through externally monitorable characteristics (such as electromagnetic radiation and power consumption) may be vulnerable to attack, and previously-known methods that could address such leaking are inappropriate for smartcards and many other cryptographic applications. Methods and apparatuses are disclosed for performing computations in which the representation of data, the number of system state transitions at each computational step, and the Hamming weights of all operands are independent of computation inputs, intermediate values, or results. Exemplary embodiments implemented using conventional (leaky) hardware elements (such as electronic components, logic gates, etc.) as well as software executing on conventional (leaky) microprocessors are described. Smartcards and other tamper-resistant devices of the invention provide greatly improved resistance to cryptographic attacks involving external monitoring.

Abstract translation: 通过外部可监控特性（如电磁辐射和功耗）泄露其秘密信息的密码设备可能容易受到攻击，而可能解决此类漏洞的先前已知的方法不适用于智能卡和许多其他密码应用。 公开了用于执行计算的方法和装置，其中数据的表示，每个计算步骤的系统状态转换的数量以及所有操作数的汉明权重与计算输入，中间值或结果无关。 描述了使用常规（泄漏）硬件元件（例如电子元件，逻辑门等）实现的示例性实施例以及在常规（泄漏）微处理器上执行的软件。 本发明的智能卡和其他防篡改装置提供了大大提高的抵抗涉及外部监视的密码攻击的能力。

公开(公告)号：WO2011068996A1

公开(公告)日：2011-06-09

申请号：PCT/US2010/058768

申请日：2010-12-02

Applicant: CRYPTOGRAPHY RESEARCH, INC. ,  KOCHER, Paul, C. ,  ROHATGI, Pankaj ,  JAFFE, Joshua, M.

Inventor： KOCHER, Paul, C. ,  ROHATGI, Pankaj ,  JAFFE, Joshua, M.

IPC: G06F11/00

CPC classification number: G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

Abstract: Methods and devices to encrypt and decrypt sensitive data to in a manner that provides secunty from external monitoring attacks is disclosed The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key denved from the base key and a message identifier to create a set of encrypted segments The encrypting device uses the base cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key The decrypting device, upon receiving an encrypted segments uses validators to verify the message identifier and that the encrypted segment are unmodified

Abstract translation: 公开了以提供远离外部监视攻击的方式加密和解密敏感数据的方法和设备。加密设备具有访问解密设备也是已知的基本秘密密码值（密钥）。敏感数据被分解为 段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密段。加密设备使用基本加密值来创建验证器，证明该消息标识符的加密段是 由具有访问基本密钥的设备创建的解密设备在接收到加密段时使用验证器来验证消息标识符，并且加密段是未修改的

公开(公告)号：WO2005008385A2

公开(公告)日：2005-01-27

申请号：PCT/US2004/021621

申请日：2004-07-07

Applicant: CRYPTOGRAPHY RESEARCH, INC. ,  KOCHER, Paul, C. ,  JAFFE, Joshua, M. ,  JUN, Benjamin, C. ,  LAREN, Carter, C. ,  PEARSON, Peter, K.

Inventor： KOCHER, Paul, C. ,  JAFFE, Joshua, M. ,  JUN, Benjamin, C. ,  LAREN, Carter, C. ,  PEARSON, Peter, K.

IPC: G06F

CPC classification number: G06F21/10 ,  G06F9/445 ,  G06F21/64 ,  G06Q50/188 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/0021 ,  G11B20/00231 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00449 ,  G11B20/00818 ,  G11B20/00884 ,  H04L9/0844 ,  H04L9/302 ,  H04L9/3236 ,  H04L9/3249 ,  H04L9/3271 ,  H04L2209/56 ,  H04L2209/60 ,  H04N5/913 ,  H04N21/4181 ,  H04N21/42646 ,  H04N21/4325 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8193 ,  H04N21/8358 ,  H04N2005/91342 ,  H04N2005/91364

Abstract: Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.

Abstract translation: 通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。 示例性的光盘携带加密的数字视频标题，与实现标题的安全策略和解密过程的数据处理操作相结合。 播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。 播放器还提供程序调用，使内容代码从媒体加载数据，执行网络通信，确定播放环境配置，访问安全的非易失性存储，提交数据到CODEC进行输出和/或执行加密操作。 内容可以在解码输出中插入取证水印，以追踪盗版副本。 如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。