公开(公告)号：WO2013104072A1

公开(公告)日：2013-07-18

申请号：PCT/CA2013/050015

申请日：2013-01-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： BUCKLEY, Michael Eoin ,  ZAVERUCHA, Gregory Marc ,  CAMPAGNA, Matthew John

IPC: H04L9/00 ,  H04W12/04

CPC classification number: H04L9/0861 ,  H04L9/083 ,  H04L9/0869 ,  H04L63/061 ,  H04L63/306 ,  H04L2209/80

Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, an initiator KMS receives, from an initiator UE, one or more values used in generation of an encryption key, which includes obtaining at least one value associated with a RANDRi. The initiator KMS sends the at least one value associated with the RANDRi to a responder KMS. The responder KMS generates the encryption key using the one or more values.

Abstract translation: 本公开涉及用于安全通信的系统和方法。 在一些方面，发起方KMS从发起方UE接收用于生成加密密钥的一个或多个值，其包括获得与RANDRi相关联的至少一个值。 启动器KMS将与RANDRi相关联的至少一个值发送到响应者KMS。 响应者KMS使用一个或多个值生成加密密钥。

公开(公告)号：WO2013104070A1

公开(公告)日：2013-07-18

申请号：PCT/CA2013/050013

申请日：2013-01-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： BUCKLEY, Michael Eoin ,  ZAVERUCHA, Gregory Marc ,  CAMPAGNA, Matthew John

IPC: H04L9/12 ,  H04L9/00 ,  H04L9/08

CPC classification number: H04L9/08 ,  H04L9/083 ,  H04L9/0869 ,  H04L9/12 ,  H04L63/0428 ,  H04L63/061 ,  H04L63/306 ,  H04L2209/80

Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, one or more values used to generate an encryption key used to encrypt a packet are stored in a header of the packet. The packet is transmitted with the encrypted data portion in a communication. In some aspects, one or more values used to generate an encryption key are received. The encryption key is regenerated using the one or more values.

Abstract translation: 本公开涉及用于安全通信的系统和方法。 在一些方面，用于生成用于加密分组的加密密钥的一个或多个值被存储在分组的报头中。 在通信中与加密数据部分一起发送分组。 在一些方面，接收用于生成加密密钥的一个或多个值。 使用一个或多个值重新生成加密密钥。

公开(公告)号：WO2013104071A1

公开(公告)日：2013-07-18

申请号：PCT/CA2013/050014

申请日：2013-01-11

Applicant: RESEARCH IN MOTION LIMITED ,  CERTICOM CORP.

Inventor： BUCKLEY, Michael Eoin ,  ZAVERUCHA, Gregory Marc ,  CAMPAGNA, Matthew John

IPC: H04L9/08 ,  H04L12/26 ,  H04L29/06 ,  H04L9/18

CPC classification number: H04L63/306 ,  H04L9/0861 ,  H04L2209/80

Abstract: The present disclosure relates to systems and methods for secure communications. In some aspects, a method of signalling an interception time period is described. At least one keying information used by a KMF to regenerate a key is stored. A start_interception message is signaled from an ADMF to a CSCF. A halt_message is signaled from the ADMF to the CSCF.

Abstract translation: 本公开涉及用于安全通信的系统和方法。 在一些方面，描述了用于发信号通知截取时间段的方法。 KMF用于重新生成密钥的至少一个密钥信息被存储。 从ADMF向CSCF发送start_interception消息。 从ADMF向CSCF发出halt_message信号。

公开(公告)号：WO2013127014A1

公开(公告)日：2013-09-06

申请号：PCT/CA2013/050150

申请日：2013-02-28

Applicant: CERTICOM CORP.

Inventor： CAMPAGNA, Matthew John ,  BROWN, Daniel Richard L. ,  ZAVERUCHA, Gregory Marc

IPC: H04L12/12 ,  H04L9/30 ,  H04L9/32

CPC classification number: H04L63/0823 ,  H04L9/0847 ,  H04L9/0869 ,  H04L9/3066 ,  H04L63/08 ,  H04L63/126 ,  H04L63/166 ,  H04L63/18 ,  H04L67/14

Abstract: A system and method are provided for enabling a client device to connect to a network. The method comprises: obtaining an authorization code via a communication channel different from the network, the authorization code corresponding to the client device; and after detecting initiation of a security negotiation protocol by the client device, using the authorization code in at least one security negotiation operation.

Abstract translation: 提供了一种用于使客户端设备能够连接到网络的系统和方法。 该方法包括：经由与网络不同的通信信道获得授权码，与客户端设备对应的授权码; 并且在检测到客户端设备发起安全协商协议之后，在至少一个安全协商操作中使用授权码。

公开(公告)号：WO2014084886A1

公开(公告)日：2014-06-05

申请号：PCT/US2013/030158

申请日：2013-03-11

Applicant: BLACKBERRY LIMITED ,  CERTICOM CORP. ,  YAMADA, Atsushi ,  ZAVERUCHA, Gregory Marc

Inventor： YAMADA, Atsushi ,  ZAVERUCHA, Gregory Marc

IPC: H04L9/06

CPC classification number: H04L9/30 ,  H04L9/0637 ,  H04L9/0643 ,  H04L2209/125

Abstract: A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block. The method further includes computing a global message authentication tag as a function of the message authentication tag computed for each working block and a global message authentication key. The ciphertext message comprises the working block ciphertext computed for each working block and the global message authentication tag.

Abstract translation: 一种用于将明文消息转换为密文消息的计算机实现的认证加密方法。 该方法包括将明文消息划分为至少两个工作块，每个工作块与明文消息具有数学关系。 对于每个工作块，根据这种工作块，确定性工作块初始化向量和确定性工作块加密密钥来计算工作块密文。 对于每个工作块，消息认证标签被计算为确定性工作块消息认证密钥的函数，并且（a）为这种工作块计算的工作块密文和对应于这种工作块的数学关系的指示中的至少一个 封闭明文信息，（b）这样的工作块。 该方法还包括根据为每个工作块计算的消息认证标签和全局消息认证密钥来计算全局消息认证标签。 密文消息包括为每个工作块和全局消息认证标签计算的工作块密文。

公开(公告)号：WO2014084886A9

公开(公告)日：2014-06-05

申请号：PCT/US2013/030158

申请日：2013-03-11

Applicant: BLACKBERRY LIMITED ,  CERTICOM CORP. ,  YAMADA, Atsushi ,  ZAVERUCHA, Gregory Marc

Inventor： YAMADA, Atsushi ,  ZAVERUCHA, Gregory Marc

IPC: H04L9/06

Abstract: A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block. The method further includes computing a global message authentication tag as a function of the message authentication tag computed for each working block and a global message authentication key. The ciphertext message comprises the working block ciphertext computed for each working block and the global message authentication tag.

公开(公告)号：WO2012170131A1

公开(公告)日：2012-12-13

申请号：PCT/US2012/036541

申请日：2012-05-04

Applicant: CERTICOM (U.S.) LIMITED ,  CERTICOM CORP. ,  KRAVITZ, David William ,  ZAVERUCHA, Gregory Marc ,  BROWN, Daniel Richard L.

Inventor： KRAVITZ, David William ,  ZAVERUCHA, Gregory Marc ,  BROWN, Daniel Richard L.

IPC: H04L9/32

CPC classification number: H04L9/3252 ,  H04L9/3265

Abstract: Methods, systems, and computer programs for using an implicit certificate are disclosed. In some aspects, a message and an implicit certificate are accessed. The implicit certificate is associated with an entity. A modified message is generated by combining the message with a value based on the implicit certificate. A digital signature can be generated based on the modified message and transmitted to a recipient. In some aspects, a digital signature from an entity and a message to be verified based on the digital signature are accessed. An implicit certificate associated with the entity is accessed. A modified message is generated by combining the message with a value based on the implicit certificate. The message is verified based on the digital signature and the modified message.

Abstract translation: 公开了使用隐式证书的方法，系统和计算机程序。 在某些方面，访问消息和隐式证书。 隐式证书与实体相关联。 通过将消息与基于隐式证书的值组合来生成修改的消息。 可以基于修改的消息生成数字签名并发送给接收者。 在一些方面，访问来自实体的数字签名和基于数字签名的要被验证的消息。 访问与该实体相关联的隐式证书。 通过将消息与基于隐式证书的值组合来生成修改的消息。 消息基于数字签名和修改的消息进行验证。

公开(公告)号：WO2012049630A1

公开(公告)日：2012-04-19

申请号：PCT/IB2011/054490

申请日：2011-10-11

Applicant: CERTICOM CORP. ,  CERTICOM (U.S.) LIMITED ,  CAMPAGNA, Matthew John ,  BROWN, Daniel Richard L. ,  ZAVERUCHA, Gregory Marc

Inventor： CAMPAGNA, Matthew John ,  BROWN, Daniel Richard L. ,  ZAVERUCHA, Gregory Marc

IPC: H04L9/32 ,  H04L12/58 ,  H04L9/00

CPC classification number: H04L9/3066 ,  H04L9/3242 ,  H04L9/3247

Abstract: A framework is proposed for authenticated encryption for digital signatures with message recovery whereby authentication is achieved without a redundancy requirement. The finite cyclic group signature scheme is modified through the use of authenticated encryption, thereby enabling authentication using a message authentication code (1028). The authenticated encryption may be performed within a single function or as two separate functions. The authenticated encryption may also be applied to associated data in the message (104) to be signed.

Abstract translation: 提出了一种用于具有消息恢复的数字签名的认证加密的框架，从而在没有冗余要求的情况下实现认证。 通过使用认证加密来修改有限循环组签名方案，从而使得能够使用消息认证码（1028）进行认证。 认证加密可以在单个功能中或作为两个单独的功能执行。 认证加密也可以应用于要签名的消息（104）中的相关联的数据。

公开(公告)号：WO2014000103A1

公开(公告)日：2014-01-03

申请号：PCT/CA2013/050494

申请日：2013-06-25

Applicant: CERTICOM CORP.

Inventor： ROSATI, Anthony ,  CAMPAGNA, Matthew John ,  ZAVERUCHA, Gregory Marc

IPC: H04L9/32 ,  H04W12/04

CPC classification number: H04W12/04 ,  H04L63/0435 ,  H04L63/0492 ,  H04L63/061 ,  H04L63/101 ,  H04W4/80 ,  H04W12/08

Abstract: Methods and devices for establishing trust on first use for close proximity communications are disclosed. An example method includes receiving a public key from a device via a close proximity communications connection, obtaining, via a user interface, an indication that the device is trusted, and storing at least one of the public key or an identifier for the device.

Abstract translation: 公开了用于建立近距离通信首次使用信任的方法和设备。 示例性方法包括经由近距离通信连接从设备接收公共密钥，经由用户接口获得设备被信任的指示，以及存储该设备的公开密钥或标识符中的至少一个。

公开(公告)号：WO2012170130A1

公开(公告)日：2012-12-13

申请号：PCT/US2012/036535

申请日：2012-05-04

Applicant: CERTICOM (U.S.) LIMITED ,  CERTICOM CORP. ,  KRAVITZ, David William ,  ZAVERUCHA, Gregory Marc ,  BROWN, Daniel Richard L.

Inventor： KRAVITZ, David William ,  ZAVERUCHA, Gregory Marc ,  BROWN, Daniel Richard L.

IPC: H04L9/00

CPC classification number: H04L9/007 ,  H04L9/3066 ,  H04L9/321 ,  H04L9/3247

Abstract: Methods, systems, and computer programs for using an implicit certificate are described. In some aspects, an implicit certificate is accessed. The implicit certificate is associated with an entity and generated by a certificate authority. The implicit certificate includes a public key reconstruction value of the entity. Certificate authority public key information is accessed. The certificate authority public key information is associated with the certificate authority that issued the implicit certificate. A first value is generated based on evaluating a hash function. The hash function is evaluated based on the certificate authority public key information and the public key reconstruction value of the entity. A public key value of the entity can be generated or otherwise used based on the first value.

Abstract translation: 描述了使用隐式证书的方法，系统和计算机程序。 在某些方面，访问隐式证书。 隐式证书与实体相关联，并由证书颁发机构生成。 隐式证书包括实体的公钥重构值。 证书授权公钥信息被访问。 证书颁发机构的公钥信息与颁发隐式证书的证书颁发机构相关联。 基于评估散列函数生成第一值。 基于证书颁发机构公开密钥信息和实体的公钥重构值来评估散列函数。 可以基于第一个值生成或以其他方式使用该实体的公钥值。