专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明申请

US20090249108A1 SILENT TIME TAMPERING DETECTION 有权
标题翻译：静音时间检测
公开(公告)号：US20090249108A1
公开(公告)日：2009-10-01
申请号：US12058432
申请日：2008-03-28
申请人： Pierre Betouin , Mathieu Ciet , Augustin J. Farrugia
发明人： Pierre Betouin , Mathieu Ciet , Augustin J. Farrugia
IPC分类号： G06F1/14
CPC分类号： G06F1/14 , G06F21/57 , G06F21/71 , G06F2221/2151
摘要： Computers and other electronic devices typically include a timing operation such as a clock in an operating system. It is anticipated that hackers may tamper with this clock. This tampering might be especially advantage in the context of systems which provide for rental of audio and video content, such as movies. Tampering with the system clock on the playing device would allow an extension of the rental period to the detriment of the provider of the rental content. Hence the present method is directed to detecting clock modifications both in terms of time shifting and clock rate tampering. This detection is done using digital signal processing.
摘要翻译：计算机和其他电子设备通常包括定时操作，诸如操作系统中的时钟。黑客可能会篡改这个时钟。这种篡改在提供音频和视频内容的租赁（例如电影）的系统的上下文中可能是特别有利的。篡改播放设备上的系统时钟将允许延长租赁期限，从而损害租赁内容的提供商。因此，本方法旨在在时移和时钟速率篡改方面检测时钟修改。该检测使用数字信号处理完成。

52. 发明授权

US09274976B2 Code tampering protection for insecure environments 有权
标题翻译：为不安全环境提供代码篡改保护
公开(公告)号：US09274976B2
公开(公告)日：2016-03-01
申请号：US12940971
申请日：2010-11-05
申请人： Augustin J. Farrugia , Mathieu Ciet , Pierre Betouin
发明人： Augustin J. Farrugia , Mathieu Ciet , Pierre Betouin
IPC分类号： G06F12/14 , G06F21/12 , G06F21/14 , G06F21/64 , H04L9/00 , H04L9/32
CPC分类号： G06F12/1408 , G06F21/125 , G06F21/14 , G06F21/64 , H04L9/002 , H04L9/3239 , H04L2209/043 , H04L2209/16
摘要： In the field of computer software (code) security, it is known to include verification data such as hash values in or associated with the code to allow subsequent detection of tampering by a attacker with the code. This verification technique is used here in a “White Box” cryptographic process by tying the verification data to the content of functional table lookups present in the object (compiled) code, where values in the table lookups are selectively masked (prior to the source code being compiled into the subject code) by being subject to permutation operations.
摘要翻译：在计算机软件（代码）安全性方面，已知包括诸如散列值的验证数据或者与代码相关联，以允许随后用代码检测攻击者的篡改。这种验证技术在这里通过将验证数据与存在于对象（编译）代码中的功能表查找的内容相结合，在“白盒”密码过程中使用，其中表查找中的值被选择性地屏蔽（在源代码之前被编入主题代码）通过进行置换操作。

53. 发明授权

US09264234B2 Secure authentication of identification for computing devices 有权
标题翻译：安全认证计算设备的识别
公开(公告)号：US09264234B2
公开(公告)日：2016-02-16
申请号：US13357454
申请日：2012-01-24
申请人： Augustin J. Farrugia , David M'Raihi , Mathieu Ciet , Thomas Icart
发明人： Augustin J. Farrugia , David M'Raihi , Mathieu Ciet , Thomas Icart
IPC分类号： H04L29/06 , H04L9/32 , H04L9/06
CPC分类号： H04L9/3247 , H04L9/06 , H04L2209/16
摘要： In the field of computer and data security, the identifier (ID) of a computing device is protected by providing a secure signature used to verify the ID. The signature is computed from the ID using a “White Box” cryptographic process and a hash function. This provides a signature that is computationally easy to verify but difficult or impossible to generate by a hacker (unauthorized user). This method of first creating the signature and later verifying the identifier using the signature and the associated computing apparatus are thereby useful for protection against hacking of such identifiers of computing devices.
摘要翻译：在计算机和数据安全领域，通过提供用于验证ID的安全签名来保护计算设备的标识符（ID）。使用“白盒”加密过程和散列函数从ID计算签名。这提供了计算上容易验证但由黑客（未经授权的用户）产生困难或不可能的签名。因此，首先创建签名并随后使用签名和相关联的计算装置验证标识符的这种方法因此有助于防止这些计算设备的这种标识符的黑客入侵。

54. 发明授权

US08976960B2 Methods and apparatus for correlation protected processing of cryptographic operations 有权
标题翻译：用于相关保护加密操作的方法和装置
公开(公告)号：US08976960B2
公开(公告)日：2015-03-10
申请号：US13437687
申请日：2012-04-02
申请人： Mathieu Ciet , Benoit Chevallier-Mames , Thomas Icart , Bruno Kindarji , Augustin J. Farrugia
发明人： Mathieu Ciet , Benoit Chevallier-Mames , Thomas Icart , Bruno Kindarji , Augustin J. Farrugia
IPC分类号： H04L9/00 , H04L9/08 , H04L9/30
CPC分类号： H04L9/08 , G06F21/14 , H04L9/002 , H04L9/0631 , H04L9/30 , H04L2209/16
摘要： A method and an apparatus that generate a plurality of elements randomly as a split representation of an input used to provide an output data cryptographically representing an input data are described. The input may correspond to a result of a combination operation on the elements. Cryptographic operations may be performed on the input data and the elements to generate a plurality of data elements without providing data correlated with the key. The combination operation may be performed on the data elements for the output data.
摘要翻译：描述了随机地生成多个元素作为用于提供密码地表示输入数据的输出数据的输入的分割表示的方法和装置。输入可以对应于元素上的组合操作的结果。可以对输入数据和元素执行密码操作以生成多个数据元素，而不提供与密钥相关的数据。可以对输出数据的数据元素执行组合操作。

55. 发明授权

US08644500B2 Apparatus and method for block cipher process for insecure environments 有权
标题翻译：用于不安全环境的块密码处理的装置和方法
公开(公告)号：US08644500B2
公开(公告)日：2014-02-04
申请号：US12806768
申请日：2010-08-20
申请人： Augustin J. Farrugia , Thomas Icart , Mathieu Ciet
发明人： Augustin J. Farrugia , Thomas Icart , Mathieu Ciet
IPC分类号： H04L29/06
CPC分类号： H04L9/0631 , H04L2209/043 , H04L2209/16
摘要： Method and apparatus for increasing security of a cryptographic algorithm such as deciphering, enciphering, or a digital signature using a block type cipher such as AES implemented for instance in a “whitebox” model with the cipher key either known or unknown at the compilation time. This method is secure for use in entrusted environments, particularly for securing cryptographic keys. The look up tables characteristic of such algorithms are protected against attack here by making all such tables of the same size and indistinguishable, and further by masking the output values of such tables, typically where the tables carry out a permutation function or a logical exclusive OR operation.
摘要翻译：使用例如在“白盒”模式中实现的诸如AES之类的块类型密码的加密算法的安全性的加密算法的安全性的方法和装置，所述密码算法在编译时具有已知或未知的密码密钥。这种方法是安全的，用于委托环境，特别是用于保护加密密钥。这种算法特征的查找表可以通过使所有这些相同尺寸和不可区分的表格进行保护，防止这种攻击，并进一步通过掩蔽这些表的输出值，通常在表执行置换功能或逻辑异或操作。

56. 发明申请

US20130108038A1 SYSTEM AND METHOD FOR A COLLATZ BASED HASH FUNCTION 审中-公开
标题翻译：基于COLLATZ的哈希函数的系统和方法
公开(公告)号：US20130108038A1
公开(公告)日：2013-05-02
申请号：US13308452
申请日：2011-11-30
申请人： Mathieu Ciet , Augustin J. Farrugia , Thomas Icart
发明人： Mathieu Ciet , Augustin J. Farrugia , Thomas Icart
IPC分类号： H04L9/28
CPC分类号： H04L9/0643
摘要： Disclosed herein are systems, methods, and non-transitory computer-readable storage media for generating a hash based on the Collatz conjecture. The Collatz conjecture is based on a set of operations for a given number n that are performed iteratively on n, with one operation performed if n is even, and another operation performed if n is odd. Operating on an input value according to the Collatz conjecture for a specified number of iterations produces an output value that can then be used as a hash in a cryptographic function. The hash function performs steps according to the Collatz conjecture, or a modification thereof, on the value n for r iterations, and outputs a resulting hash value. The hash function can apply more complex variations, such as adding multiplication, addition, modulo or other operation(s) in the even and/or odd operations. The hash value can be used to pad blocks of a message.
摘要翻译：本文公开了用于基于Collatz推测来生成散列的系统，方法和非暂时的计算机可读存储介质。 Collatz猜想基于对n进行迭代执行的给定数量n的一组操作，如果n是偶数，则执行一个操作，并且如果n是奇数则执行另一个操作。对于指定数量的迭代，根据Collatz推测对输入值进行操作会产生一个输出值，然后可以将其用作加密函数中的散列。散列函数根据Collatz推测或其修改对r值的n值执行步骤，并输出所得到的散列值。散列函数可以应用更复杂的变化，例如在偶数和/或奇数运算中添加乘法，加法，模或其他操作。哈希值可以用于填充消息块。

57. 发明授权

US08347098B2 Media storage structures for storing content, devices for using such structures, systems for distributing such structures 有权
标题翻译：用于存储内容的媒体存储结构，用于使用这种结构的装置，用于分发这种结构的系统
公开(公告)号：US08347098B2
公开(公告)日：2013-01-01
申请号：US11752276
申请日：2007-05-22
申请人： Augustin J. Farrugia , Gianpaolo Fasoli , Bertrand Mollinier Toublet , Mathieu Ciet
发明人： Augustin J. Farrugia , Gianpaolo Fasoli , Bertrand Mollinier Toublet , Mathieu Ciet
IPC分类号： H04L29/06
CPC分类号： G06F21/10
摘要： Some embodiments of the invention provide a content-distribution system for distributing content under a variety of different basis. For instance, in some embodiments, the content-distribution system distributes device-restricted content and device-unrestricted content. Device-restricted content is content that can only be played on devices that the system associates with the particular user. Device-unrestricted content is content that can be played on any device without any restrictions. However, for at least one operation or service other than playback, device-unrestricted content has to be authenticated before this operation or service can be performed on the content. In some embodiments, the system facilitates this authentication by specifying a verification parameter for a piece of device-unrestricted content. The content-distribution system of some embodiments has a set of servers that supply (1) media storage structures that store content, (2) cryptographic keys that are needed to decrypt device-restricted content, and (3) verification parameters that are needed to verify device-unrestricted content. In some embodiments, the device that receives the media storage structure inserts the received cryptographic key or verification parameter in the received media storage structure. In some embodiments, the set of servers also supply cryptographic content keys for the device-unrestricted content. These keys are used to decrypt the content upon arrival, upon first playback, or at some other time. However, some embodiments do not store these cryptographic keys in the media storage structures for the device-unrestricted content.
摘要翻译：本发明的一些实施例提供了一种用于在各种不同基础下分发内容的内容分发系统。例如，在一些实施例中，内容分发系统分发受设备限制的内容和设备无限制的内容。设备限制内容是只能在系统与特定用户关联的设备上播放的内容。设备无限制的内容是可以在任何设备上播放的内容，没有任何限制。然而，对于除播放之外的至少一个操作或服务，在可以对内容执行该操作或服务之前必须认证设备无限制的内容。在一些实施例中，系统通过为一片设备无限制内容指定验证参数来促进该认证。一些实施例的内容分发系统具有一组服务器，其提供（1）存储内容的媒体存储结构，（2）解密设备限制的内容所需的密码密钥，以及（3）需要的验证参数验证设备无限制的内容。在一些实施例中，接收媒体存储结构的设备将接收到的加密密钥或验证参数插入接收到的媒体存储结构中。在一些实施例中，该组服务器还提供用于设备无限制内容的加密内容密钥。这些密钥用于在到达时，首次播放时或在其他时间对内容进行解密。然而，一些实施例不将这些加密密钥存储在用于设备无限制内容的媒体存储结构中。

58. 发明授权

US08200727B2 Method and apparatus for verifying and diversifying randomness 有权
标题翻译：验证随机性多样化的方法和装置
公开(公告)号：US08200727B2
公开(公告)日：2012-06-12
申请号：US12031552
申请日：2008-02-14
申请人： Pierre Betouin , Mathieu Ciet , Augustin J. Farrugia , Gianpaolo Fasoli
发明人： Pierre Betouin , Mathieu Ciet , Augustin J. Farrugia , Gianpaolo Fasoli
IPC分类号： G06F1/02 , G06F11/30
CPC分类号： G06F7/58 , H04L9/0662 , H04L9/3236 , H04L2209/26 , H04L2209/603
摘要： Method and apparatus for ensuring randomness of pseudo-random numbers generated by a conventional computer operating system or electronic device. Typically pseudo-random number generators used in computer operating systems or electronic devices may be penetrated by a hacker (pirate), who penetrates a cryptographic or other supposedly secure process using the random numbers by tampering with the input random numbers, thus making them nonrandom. The present method and apparatus are intended to verify such random numbers to make sure that they are indeed random enough, by applying suitable random tests. Only if the values pass the test are they passed on for use in the cryptographic or other process. If they fail the test, a new set of random numbers is requested from the pseudo-random number generator. These are again tested. Further a diversity function may be applied to the random numbers even if they have passed the random number test in order to improve their randomness. This diversity function is for instance double encryption. An anti-replay feature is also included by which the pool of random numbers is subject to a check on each cycle to make sure that there has been no duplication of the input random numbers.
摘要翻译：用于确保由常规计算机操作系统或电子设备产生的伪随机数的随机性的方法和装置。在计算机操作系统或电子设备中使用的通常的伪随机数生成器可以被黑客（盗版者）穿透，黑客（盗版者）通过篡改输入的随机数来使用随机数进行加密或其他所谓的安全处理，从而使其不随机。本方法和装置旨在验证这样的随机数，以确保它们确实是随机的，通过应用适当的随机测试。只有当值通过测试时，它们才被传递以用于加密或其他过程。如果测试失败，则会从伪随机数发生器请求一组新的随机数。这些再次测试。此外，即使已经通过随机数测试来提高其随机性，也可以将分集函数应用于随机数。这种分集功能是例如双重加密。还包括反重播功能，通过该功能，随机数池将在每个周期进行检查，以确保输入随机数没有重复。

59. 发明申请

US20100306497A1 Computer implemented masked representation of data tables 有权
标题翻译：计算机实现数据表的屏蔽表示
公开(公告)号：US20100306497A1
公开(公告)日：2010-12-02
申请号：US12475377
申请日：2009-05-29
申请人： Augustin J. Farrugia , Mathieu Ciet , Pierre Betouin
发明人： Augustin J. Farrugia , Mathieu Ciet , Pierre Betouin
IPC分类号： G06F12/02
CPC分类号： G06F21/14
摘要： In the computer software field, method and apparatus to obfuscate (mask or hide) computer data which is part of or accessed by a computer program. The method protects (hides) accesses to tables of data in terms of the place or position of each element in the table. It does this by providing an intermediate table which describes the positions of the elements of the first table or tables, but in a transformed (modified) fashion.
摘要翻译：在计算机软件领域中，对计算机程序的一部分或访问的计算机数据进行混淆（掩蔽或隐藏）的方法和装置。该方法根据表中每个元素的位置或位置来保护（隐藏）对数据表的访问。它通过提供描述第一表或表的元素的位置但以变换（修改）的方式来提供中间表。

60. 发明申请

US20100054459A1 SYSTEM AND METHOD FOR MODULUS OBFUSCATION 有权
标题翻译：用于模块化的系统和方法
公开(公告)号：US20100054459A1
公开(公告)日：2010-03-04
申请号：US12203101
申请日：2008-09-02
申请人： Mathieu Ciet , Augustin J. Farrugia , Nicholas T. Sullivan
发明人： Mathieu Ciet , Augustin J. Farrugia , Nicholas T. Sullivan
IPC分类号： H04L9/28
CPC分类号： H04L9/00 , H04L2209/16
摘要： Disclosed herein are methods for obfuscating data on a client, on a server, and on a client and a server. The method on a client device includes receiving input data, storing an operation value in a secure location, performing a modulus obfuscation on the operation value, performing a modulus operation on the operation value and the input data, performing a modulus transformation on the operation value and the input data to obtain client output data, and checking if the client output data matches corresponding server output data. The method on a server device includes receiving input data, performing a modulus transformation on the input data to obtain a result, performing a plain operation on the result and an operation value to obtain server output data, and checking if the server output data matches corresponding client output data from a client device that (1) receives input data, (2) stores an operation value in a secure location, (3) performs a modulus obfuscation on the operation value, (4) performs a modulus operation on the operation value and the input data, and (5) performs a modulus transformation on the operation value and the input data to obtain client output data. In an optional step applicable to both clients and servers, the method further includes authenticating the client input data and the server input data if the server output data matches the client output data. In one aspect, server input data and client input data pertain to a cryptographic key.
摘要翻译：这里公开了用于在客户端，服务器上以及在客户端和服务器上模糊数据的方法。客户端装置的方法包括接收输入数据，将操作值存储在安全位置，对运算值进行模糊混淆，对运算值和输入数据进行模运算，对运算值进行模变换和输入数据，以获取客户端输出数据，并检查客户端输出数据是否匹配相应的服务器输出数据。服务器装置上的方法包括：接收输入数据，对输入数据进行模数变换，得到结果，对结果执行简单操作，得到操作值，得到服务器输出数据，并检查服务器输出数据是否匹配对应（1）接收输入数据的客户端输出数据，（2）将操作值存储在安全位置，（3）对运算值进行模糊混淆，（4）对运算值进行模运算和输入数据，（5）对运算值和输入数据进行模变换，得到客户输出数据。在适用于客户端和服务器的可选步骤中，如果服务器输出数据与客户端输出数据匹配，则该方法还包括验证客户端输入数据和服务器输入数据。在一个方面，服务器输入数据和客户端输入数据属于加密密钥。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式