-
公开(公告)号:WO2018206344A1
公开(公告)日:2018-11-15
申请号:PCT/EP2018/061089
申请日:2018-05-02
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: BHATTACHARYA, Sauvik , GARCIA MORCHON, Oscar , TOLHUIZEN, Ludovicus Marinus Gerardus Maria , RIETMAN, Ronald
Abstract: A first electronic network node (110) is provided configured for a key exchange (KEX) protocol, the first network node is configured to obtain a shared polynomial ( a ) shared with a second network node, coefficients of the shared polynomial a being selected modulo a first modulus q , generate a private key polynomial ( sk I ), coefficients of the private key polynomial being bounded in absolute value by a bound ( s ) generate a public key polynomial ( pk I ) by computing a polynomial product between the shared polynomial ( a ) and the private key polynomial ( sk I ) modulo the first modulus ( q ) and scaling the coefficients of the polynomial product down to a second modulus ( p ).
-
2.发明申请
公开(公告)号:WO2015028339A1
公开(公告)日:2015-03-05
申请号:PCT/EP2014/067595
申请日:2014-08-18
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: BRUEKERS, Alphons Antonius Maria Lambertus , DENG, Mina , GORISSEN, Paulus Mathias Hubertus Mechtildis Antonius , TOLHUIZEN, Ludovicus Marinus Gerardus Maria , SCHEPERS, Hendrik Jan Jozef Hubertus
CPC classification number: G06Q20/3276 , G06Q20/10 , G06Q20/3825
Abstract: A mobile transaction data verification device is provided that can be used by a user to ensure authenticity of information displayed by a terminal during image-based transactions. The mobile transaction data verification device contains a camera for obtaining a captured image of the terminal during a transaction. Furthermore, the mobile transaction data verification device has a visual object recognition module such as an optical character reader, coupled to the camera and a code reader module such as a QR code decoder. An authentication module computes authentication data from a recognition result obtained from the visual object recognition module and a code value obtained from the code reader module, and optionally transaction time distinguishing data. The mobile transaction data verification device signals an authentication result based on the authentication data. Optionally, the mobile transaction data verification may apply its own signature to the captured image and keep it stored to provide evidence that the user verified the transaction data.
Abstract translation: 提供一种移动交易数据验证装置,其可由用户使用以确保在基于图像的交易期间由终端显示的信息的真实性。 移动交易数据验证装置包含用于在交易期间获取终端的拍摄图像的相机。 此外,移动交易数据验证装置具有耦合到相机的视觉对象识别模块,诸如光学字符读取器,以及诸如QR码解码器的代码阅读器模块。 验证模块根据从可视对象识别模块获得的识别结果和从代码阅读器模块获得的代码值,以及可选的交易时间区分数据来计算认证数据。 移动交易数据验证装置基于认证数据来发信号通知认证结果。 可选地,移动交易数据验证可以将其自己的签名应用于所捕获的图像并将其保存以提供用户验证交易数据的证据。
-
3.发明申请METHOD FOR MANAGING A PROXY TABLE IN A WIRELESS NETWORK USING PROXY DEVICES 审中-公开使用代理设备管理无线网络中的代理表的方法
公开(公告)号:WO2013121325A2
公开(公告)日:2013-08-22
申请号:PCT/IB2013/051001
申请日:2013-02-07
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: ERDMANN, Bozena , HOLTMAN, Koen Johanna Guillaume , LELKENS, Armand Michel Marie , DIJK, Esko Olavi , TOLHUIZEN, Ludovicus Marinus Gerardus Maria , DE WIT, Bas Willibrord
IPC: H04W40/24
CPC classification number: H04W40/242 , H04L45/54 , H04W84/18 , H04W88/182
Abstract: The invention relates to a proxy node comprising means for managing a proxy table, a receiver for receiving a message from a first resource restricted device, said message being intended to at least one corresponding destination device, control means for checking whether an entry for the first resource restricted device is included in the set of entries of the proxy table, the set of entries of the proxy table indicating the set of resource-restricted devices the proxy node is in charge of, a transmitter for forwarding the message depending on the result of the proxy table checking, the means for managing the proxy table being arranged for cleaning the proxy table of the entry relative to the resource-restricted device by monitoring the relative usage of the proxy node for forwarding messages for the resource restricted device with the usage of competitor proxy nodes for forwarding messages for the resource restricted device.
Abstract translation: 本发明涉及代理节点,其包括用于管理代理表的装置,用于从第一资源受限设备接收消息的接收器,所述消息旨在至少一个对应的目的地设备,控制装置 用于检查代理表的条目集合中是否包括用于第一资源受限设备的条目,代理表的条目集合指示代理节点负责的资源受限设备集合, 根据代理表检查的结果转发消息,用于管理代理表的装置被安排用于通过监视代理节点用于转发消息的相对使用来清理相对于资源受限设备的条目的代理表 该资源受限设备使用竞争对手代理节点来转发资源受限设备的消息。
-
公开(公告)号:WO2019025046A1
公开(公告)日:2019-02-07
申请号:PCT/EP2018/062830
申请日:2018-05-17
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: DE HOOGH, Sebastiaan Jacobus Antonius , RIETMAN, Ronald , TOLHUIZEN, Ludovicus Marinus Gerardus Maria
IPC: H04L9/00
Abstract: Some embodiments are directed to an electronic cryptographic device arranged to perform a cryptographic operation on input data obtaining output data. The cryptographic device stores an internal state as sets of shares. Fourier coefficients corresponding to the sets of shares satisfy a predetermined relationship among them. The cryptographic operation is performed by repeatedly updating the internal state.
-
公开(公告)号:WO2016091790A1
公开(公告)日:2016-06-16
申请号:PCT/EP2015/078792
申请日:2015-12-07
Applicant: KONINKLIJKE PHILIPS N.V.
IPC: H04L9/08
CPC classification number: H04L9/0869 , H04L9/0838 , H04L9/14 , H04L9/3093
Abstract: A key generation device (100) configured to generate a public key (126) for use in a public key encryption device and a corresponding private key (114) for use in a private key decryption device, the key generation device comprising a private key generator (110) configured for obtaining in electronic form a private random value (112, s), and generating the private key (114), the private key comprising the private random value (112), and a public key generator (120) configured for obtaining in electronic form a public set of bivariate polynomials (122, ƒ i (, )), computing a public univariate polynomial (124) by summing over univariate polynomials obtained by substituting the private random value (112, s) into the polynomials of the public set (122, ƒ i (s, )), and generating the public key (126), the public key comprising the public univariate polynomial (124) and the public set (122).
Abstract translation: 一种密钥生成装置(100),被配置为生成用于公开密钥加密装置的公开密钥(126)和用于私钥解密装置的对应私钥(114),所述密钥生成装置包括私钥生成器 (110),被配置为以电子形式获得私有随机值(112,s),以及生成所述私钥(114),所述私钥包括所述私有随机值(112),以及公钥生成器(120) 以电子形式获得公共的双变量多项式集合(122,ƒi()),通过将通过将私有随机值(112,s)替换为所述私有随机值(112,s)获得的单变量多项式求和来计算公共单变量多项式(124) 公共集合(122,ƒi(s,)),以及生成公共密钥(126),所述公共密钥包括公共单变量多项式(124)和公共集合(122)。
-
Patent Agency Ranking
公开(公告)号:WO2014072209A1
公开(公告)日:2014-05-15
申请号:PCT/EP2013/072668
申请日:2013-10-30
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: GORISSEN, Paulus Mathias Hubertus Mechtildis Antonius , TOLHUIZEN, Ludovicus Marinus Gerardus Maria , DENG, Mina , MICHIELS, Wilhelmus Petrus Adrianus Johannus , GISPEN, Wicher I , BAGGEN, Constant Paul Marie Jozef
Abstract: A compiler 134 for compiling a first computer program 110 written in a first computer programming language into a second computer program written in a machine language, the compiler comprises a code generator to generate the second computer program by generating tables 142 and machine language code 144, the generated tables and the generated machine language code together forming the second computer program, wherein the generated machine language code references the tables and the generated machine language code does not contain arithmetic or logic machine instructions, the tables comprising pre-computed results of arithmetic and/or logic machine instructions.
Abstract translation: 一种用于将以第一计算机编程语言编写的第一计算机程序110编译成以机器语言编写的第二计算机程序的编译器134,编译器包括代码生成器,用于通过生成表142和机器语言代码144来生成第二计算机程序, 所生成的表和生成的机器语言代码一起形成第二计算机程序,其中所生成的机器语言代码引用表,并且所生成的机器语言代码不包含算术或逻辑机器指令,该表包括预先计算的算术结果和 /或逻辑机器指令。
-
7.发明申请
公开(公告)号:WO2014006605A2
公开(公告)日:2014-01-09
申请号:PCT/IB2013/055541
申请日:2013-07-06
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: DENG, Mina , GORISSEN, Paulus Mathias Hubertus Mechtildis Antonius , TOLHUIZEN, Ludovicus Marinus Gerardus Maria , NIESSEN, Arnoldus Jeroen
IPC: G06F15/78
CPC classification number: G06F9/30145 , G06F1/03 , G06F9/30 , G06F9/30007 , G06F9/3001 , G06F9/30029 , G06F9/30061 , G06F9/324 , G06F9/3867
Abstract: A computer system comprising a processor and a memory, the processor comprising an instruction cycle circuit configured to repeatedly obtain a next instruction of a computer program, an instruction decoder configured to decode and execute the instruction obtained by the instruction cycle circuit, the computer system supporting multiple arithmetic and/or logic operations under control of one or more of the instructions, wherein the memory stores multiple tables, each specific one of the multiple arithmetic and/or logic operations being supported by a specific table stored in the memory, each specific table comprising the result of the specific arithmetic operations for a range of inputs.
Abstract translation: 一种包括处理器和存储器的计算机系统,所述处理器包括指令周期电路,所述指令周期电路被配置为重复获得计算机程序的下一个指令,指令解码器被配置为解码并执行由所述指令周期电路获得的指令,所述计算机系统支持 在一个或多个指令的控制下的多个算术和/或逻辑操作,其中存储器存储多个表,多个算术和/或逻辑运算中的每个特定的一个由存储在存储器中的特定表支持,每个特定表 包括一系列输入的具体算术运算结果。
-
公开(公告)号:WO2014132155A1
公开(公告)日:2014-09-04
申请号:PCT/IB2014/058891
申请日:2014-02-11
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: GARCIA MORCHON, Oscar , KUMAR, Sandeep Shankaran , TOLHUIZEN, Ludovicus Marinus Gerardus Maria
CPC classification number: H04L9/3093 , H04L9/0816 , H04L9/0838 , H04L9/0847 , H04L2209/24
Abstract: A network device (110) is provided which is configured to determine a shared cryptographic key of key length (b) bits shared with a second network device (120) from a polynomial and an identity number of the second network device. A reduction algorithm is used to evaluate the polynomial in the identity number of the second network device and reduce module a public modulus and modulo a key modulus. The reduction algorithm comprises an iteration over the terms of the polynomial. In at least the iteration which iteration is associated with a particular term of the polynomial are comprised a first and second multiplication. The first multiplication is between the identity number and a least significant part of the coefficient of the particular term obtained from the representation of the polynomial, the least significant part of the coefficient being formed by the key length least significant bits of the coefficient of the particular term. The second multiplication is between a second multiplication between the identity number and a further part of the coefficient of the particular term obtained from the representation of the polynomial, the further part of the coefficient being formed by bits of the coefficient of the particular term different from the key length least significant bits, the further part and the least significant part together forming strictly fewer bits than in the coefficient of the particular term of the polynomial.
Abstract translation: 提供网络设备(110),其被配置为根据第二网络设备的多项式和身份号确定与第二网络设备(120)共享的密钥长度(b)位的共享密钥。 使用缩减算法来评估第二网络设备的身份号中的多项式,并减少模块的公共模量和模数密钥模数。 缩减算法包括在多项式的项上的迭代。 至少迭代与多项式的特定项相关联的迭代包括第一和第二乘法。 第一乘法之间是从多项式的表示获得的特定项的系数的身份号和最不重要的部分之间,系数的最低有效部分由特定的系数的密钥长度最低有效位形成 术语。 第二乘法之间是在多项式的表示之间的身份号和特定项的系数的另一部分之间的第二乘法之间,系数的另一部分由特定项的系数的比特不同 密钥长度最低有效位,另外部分和最低有效部分一起形成比在多项式的特定项的系数中更少的位。
-
公开(公告)号:WO2014096117A1
公开(公告)日:2014-06-26
申请号:PCT/EP2013/077267
申请日:2013-12-19
Applicant: KONINKLIJKE PHILIPS N.V.
Inventor: TOLHUIZEN, Ludovicus Marinus Gerardus Maria , GORISSEN, Paulus Mathias Hubertus Mechtildis Antonius , BRUEKERS, Alphons Antonius Maria Lambertus , DENG, Mina
CPC classification number: G06F17/302 , G09C1/00 , H04L9/003 , H04L9/004 , H04L67/1097 , H04L2209/043 , H04L2209/16
Abstract: A computing device configured to compute a data function (f) on a function-input value (w), the device comprising an electronic storage storing a first table network configured for the data function (f), - the computing device comprising an electronic processor coupled to the storage and configured to obtain multiple first table inputs for the first table network, the multiple first table inputs (x=E(w, s)) including the function- input value (w), and to compute the data function (f) by applying the first table network to the multiple first table inputs (x) to produce multiple first table outputs (u=E(f(w), g(w,s)), the multiple first table outputs (u) including a function-output value (f(w)), the function-output value (f(w)) corresponding to the result of applying the data function (f) to the function- input value (w), - the electronic storage is further storing a second table network configured to cooperate with the first table network for countering modifications made to the first table network, the electronic processor being configured to obtain multiple second table inputs for the second table network, the second table inputs including the multiple first table outputs (u) and at least one of the multiple first table inputs (w; s), and to apply the second table network to the multiple second table inputs, the second table network being configured to verify for at least a specific one (f(w) or g(w,s)) of the multiple first table outputs if an unmodified first table network could obtain the specific one of the multiple first table outputs (f(w); g(w,s)) from the given at least one of the multiple first table inputs (w; s), - the second table network produces second table outputs (v= E(w', s')) including a protected function output (w'), the protected function output being equal to the function output (f(w)) in case the verification is successful and the protected function output (w') being unequal to the function output in case the verification is unsuccessful.
Abstract translation: 一种计算设备,被配置为在功能输入值(w)上计算数据功能(f),所述设备包括存储为数据功能(f)配置的第一表格网络的电子存储器, - 所述计算设备包括电子处理器 耦合到存储并被配置为获得用于第一表格网络的多个第一表输入,包括功能输入值(w)的多个第一表输入(x = E(w,s)),并且计算数据函数 f)通过将第一表格网络应用于多个第一表格输入(x)以产生多个第一表格输出(u = E(f(w),g(w,s)),多个第一表格输出(u) 函数输出值(f(w)),与将数据函数(f)应用于函数输入值(w)的结果相对应的函数输出值(f(w)) - 电子存储器 还存储被配置为与第一表格网络协作以对抗对第一t进行的修改的第二表格网络 所述电子处理器被配置为获得所述第二表格网络的多个第二表输入,所述第二表输入包括所述多个第一表输出(u)和所述多个第一表输入(w; 并且将所述第二表网络应用于所述多个第二表输入,所述第二表网络被配置为针对所述多个第一表输出中的至少一个(f(w)或g(w,s))进行验证 如果未修改的第一表网络可以从给定的多个第一表输入(w; s)中的至少一个获得多个第一表输出(f(w); g(w,s))中的特定一个,则 第二表网络产生包括受保护功能输出(w')的第二表输出(v = E(w',s')),保护功能输出等于功能输出(f(w)), 成功和保护功能输出(w')在功能输出不相等的情况下,验证不成功。
-
公开(公告)号:WO2013175324A1
公开(公告)日:2013-11-28
申请号:PCT/IB2013/053224
申请日:2013-04-24
Applicant: KONINKLIJKE PHILIPS N.V.
IPC: H04L9/08
CPC classification number: H04L9/16 , H04L9/0819 , H04L9/0847 , H04L9/3093 , H04L2209/24
Abstract: A first communication unit (101) comprises: a processor (203) for obtaining local key material defining a first key generating function from a Trusted Third Party (TTP). An identity processor (205) obtaining an identity for a second communication unit (103and a key generator (207) determines a first cryptographic key from the first key generating function based on the identity. A generator (209) locally generates a perturbation value which is not uniquely determined by data originating from the TTP. A key modifier (211) determines a shared cryptographic key by applying the perturbation value to the first cryptographic key. The second communication unit (103) also obtains key modifying data and uses it to determine a cryptographic key for the first communication unit (101). It then generates possible values of the perturbation value, and subsequently possible shared cryptographic keys. It then selects one that matches cryptographic data from the first communication unit (101). The perturbation value may provide increased resistance against collusion attacks.
Abstract translation: 第一通信单元(101)包括:处理器(203),用于从可信第三方(TTP)获取定义第一密钥生成功能的本地密钥材料。 获得第二通信单元(103)的身份的身份处理器(205)和密钥生成器(207)基于身份从第一密钥生成函数确定第一加密密钥。生成器(209)本地生成扰动值 密钥修饰符(211)通过将扰动值应用于第一加密密钥来确定共享加密密钥,第二通信单元(103)还获得密钥修改数据,并使用它来确定 第一通信单元(101)的加密密钥,然后生成扰动值的可能值,随后生成可能的共享加密密钥,然后选择与第一通信单元(101)匹配的密码数据,扰动值可以提供 增加对串通攻击的抵抗力。
-
-
-
-
-
-
-
-
-
Search Results
23
records
(took 0.014 seconds)
