专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08645282B2 Method and apparatus to conduct a commercial transaction over wireless networks 有权
标题翻译：通过无线网络进行商业交易的方法和装置
公开(公告)号：US08645282B2
公开(公告)日：2014-02-04
申请号：US11434633
申请日：2006-05-16
申请人： Faramak Vakil , Vijay K. Varma , Raquel Morera Sempere , Giovanni Di Crescenzo
发明人： Faramak Vakil , Vijay K. Varma , Raquel Morera Sempere , Giovanni Di Crescenzo
IPC分类号： G06Q10/00 , G06Q20/00
CPC分类号： G06Q20/02 , G06Q20/12 , G06Q20/1235 , G06Q20/3821 , G06Q20/3823 , G06Q30/06 , H04L63/0428 , H04L63/0853 , H04L2463/102 , H04W12/02 , H04W12/06
摘要： A Secure Virtual Point of Service (SVPOS) that coordinates the authentication, authorization, and identity, settlement, arbitration and non-repudiation for an electronic commercial transaction. For each commercial transaction, both the buyer and merchant authenticate itself to the SVPOS and create two unique transaction encryption keys, one for the buyer and one for the merchant. The merchant uses both encryption keys to encrypt a package that include at least product identification. The merchant and buyer calculate a hash of the package and transmit the calculated hash to the SVPOS for comparison to prevent repudiation. If the calculated hash is identical the buyer receives the merchants encryption key and decrypts the package. Payment is released by the SVPOS if the buyer is satisfied with the package via a Parlay system. If the buyer is not satisfied, said SVPOS performs arbitration between the buyer and merchant to determine if the package is correct.
摘要翻译：一个安全的虚拟服务点（SVPOS），用于协调电子商业交易的认证，授权和身份，结算，仲裁和不可否认性。对于每个商业交易，买方和商家都向SVPOS进行身份验证，并创建两个独特的交易加密密钥，一个用于买方，一个用于商家。商家使用两个加密密钥对至少包括产品标识的包进行加密。商家和买方计算包的散列，并将计算出的散列传送到SVPOS进行比较以防止否认。如果计算的散列是相同的，买方将收到商家加密密钥并解密该包。如果买方通过Parlay系统对包裹感到满意，SVPOS将发放付款。如果买方不满意，SVPOS将在买方和商家之间进行仲裁，以确定包裹是否正确。

2. 发明授权

US08635681B2 Method and system to authorize and assign digital certificates without loss of privacy, and/or to enhance privacy key selection 有权
标题翻译：方法和系统授权和分配数字证书而不会失去隐私，和/或加强隐私密钥选择
公开(公告)号：US08635681B2
公开(公告)日：2014-01-21
申请号：US12012454
申请日：2008-02-01
申请人： Tao Zhang , Eric Van Den Berg , Andrew Burnette , Giovanni Di Crescenzo , Richard Ferrer , Stanley Pietrowicz , Robert G. White
发明人： Tao Zhang , Eric Van Den Berg , Andrew Burnette , Giovanni Di Crescenzo , Richard Ferrer , Stanley Pietrowicz , Robert G. White
IPC分类号： H04L9/32 , H04K1/00
CPC分类号： H04L63/0823 , H04L63/20 , H04L2209/42 , H04L2209/84
摘要： A method and system for public key infrastructure key and certificate management provides anonymity to certificate holders and protects the privacy of certificate holders from the compromise of a certificate authority. Functional separation is provided in the authorization of a certificate request and the assignment of certificates and key pairs. The authorizing certificate authority approves or denies each certificate request from a requestor whose identity is not made available to the assigning certificate authority. The assigning certificate authority, upon approval from the authorizing certificate authority, issues one or more certificates and optionally generates and provides the associated key pairs to the requester without disclosing these certificates and key pairs to the authorizing certificate authority. In another aspect, a distributed method is disclosed that allows individual nodes and/or units in a network to select certificates for broadcasting messages to a community of interest with a non-unique key.
摘要翻译：公共密钥基础设施密钥和证书管理的方法和系统为证书持有人提供匿名性，并保护证书持有者的隐私免受认证机构的损害。功能分离在证书请求的授权和证书和密钥对的分配中提供。授权证书颁发机构批准或拒绝来自请求者的每个证书请求，该请求者的身份不可用于分配证书颁发机构。分配证书颁发机构经授权认证机构批准后，会发出一个或多个证书，并可选择地生成并将相关的密钥对提供给请求者，而不向授权认证机构披露这些证书和密钥对。在另一方面，公开了一种分布式方法，其允许网络中的各个节点和/或单元使用非唯一密钥来选择用于向感兴趣的社区广播消息的证书。

3. 发明授权

US08572743B2 Virus localization using cryptographic hashing 有权
公开(公告)号：US08572743B2
公开(公告)日：2013-10-29
申请号：US13408728
申请日：2012-02-29
申请人： Giovanni Di Crescenzo , Faramak Vakil
发明人： Giovanni Di Crescenzo , Faramak Vakil
IPC分类号： H04L29/14
CPC分类号： H04L9/3239 , G06F21/565
摘要： Methods for using integrity checking techniques to identify and locate computer viruses are provided. A method for virus localization for each of three types of virus infections is provided, including the steps of computing a sequence of file blocks, calculating hashes for the sequences of file blocks from a host file and calculating hashes for the same or related sequences of file blocks from an infected file, and comparing the hashes from host file to the hashes from the infected file from the same or related sequences of file blocks such that when some of said first hashes and said second hashes do not match, a location of a virus is output. Methods for computing the sequence of file blocks depending on the type of virus infection, and for calculating the hashes using a collision resistant hash function, a digital signature scheme, a message authentication code, or a pseudo-random function.

4. 发明申请

US20080232583A1 Vehicle Segment Certificate Management Using Shared Certificate Schemes 有权
标题翻译：使用共享证书方案的车辆段证书管理
公开(公告)号：US20080232583A1
公开(公告)日：2008-09-25
申请号：US12051241
申请日：2008-03-19
申请人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
发明人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
IPC分类号： H04L9/06
CPC分类号： H04L9/006 , H04L9/002 , H04L9/08 , H04L9/0872 , H04L9/0891 , H04L2209/42 , H04L2209/84 , H04W4/046 , H04W12/04 , H04W12/12
摘要： The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position.
摘要翻译：本发明有利地提供了通过解决关于其可行性，可扩展性和性能的关键问题来解决组合匿名证书管理问题的技术。介绍了管理IEEE 1609.2匿名和识别车辆基础设施集成（VII）系统中的加密密钥和证书的方法和步骤，以及用于管理用于增强车辆隐私的分区证书颁发机构架构中的识别和匿名证书的方法。给出了车辆在维护车辆隐私时动态更改匿名证书以供使用的新方法。提出了基本组合方案的改进，包括概率密钥替换，重新计数器递减，动态密钥阈值，地理攻击隔离和地理位置证明。

5. 发明申请

US20060265339A1 Secure virtual point of service for 3G wireless networks 有权
标题翻译：为3G无线网络提供安全的虚拟服务点
公开(公告)号：US20060265339A1
公开(公告)日：2006-11-23
申请号：US11434633
申请日：2006-05-16
申请人： Faramak Vakil , Vijay Varma , Raquel Morera Sempere , Giovanni Di Crescenzo
发明人： Faramak Vakil , Vijay Varma , Raquel Morera Sempere , Giovanni Di Crescenzo
IPC分类号： G06Q99/00
CPC分类号： G06Q20/02 , G06Q20/12 , G06Q20/1235 , G06Q20/3821 , G06Q20/3823 , G06Q30/06 , H04L63/0428 , H04L63/0853 , H04L2463/102 , H04W12/02 , H04W12/06
摘要： A Secure Virtual Point of Service (SVPOS) that coordinates the authentication, authorization, and identity, settlement, arbitration and non-repudiation for an electronic commercial transaction. For each commercial transaction, both the buyer and merchant authenticate itself to the SVPOS and create two unique transaction encryption keys, one for the buyer and one for the merchant. The merchant uses both encryption keys to encrypt a package that include at least product identification. The merchant and buyer calculate a hash of the package and transmit the calculated hash to the SVPOS for comparison to prevent repudiation. If the calculated hash is identical the buyer receives the merchants encryption key and decrypts the package. Payment is released by the SVPOS if the buyer is satisfied with the package via a Parlay system. If the buyer is not satisfied, said SVPOS performs arbitration between the buyer and merchant to determine if the package is correct.
摘要翻译：一个安全的虚拟服务点（SVPOS），用于协调电子商业交易的认证，授权和身份，结算，仲裁和不可否认性。对于每个商业交易，买方和商家都向SVPOS进行身份验证，并创建两个独特的交易加密密钥，一个用于买方，一个用于商家。商家使用两个加密密钥对至少包括产品标识的包进行加密。商家和买方计算包的散列，并将计算出的散列传送到SVPOS进行比较以防止否认。如果计算的散列是相同的，买方将收到商家加密密钥并解密该包。如果买方通过Parlay系统对包裹感到满意，SVPOS将发放付款。如果买方不满意，SVPOS将在买方和商家之间进行仲裁，以确定包裹是否正确。

6. 发明授权

US08767965B2 Method for a public-key infrastructure providing communication integrity and anonymity while detecting malicious communication 有权
标题翻译：在检测恶意通信时提供通信完整性和匿名性的公钥基础设施的方法
公开(公告)号：US08767965B2
公开(公告)日：2014-07-01
申请号：US12175807
申请日：2008-07-18
申请人： Giovanni Di Crescenzo , Tao Zhang , Robert G. White
发明人： Giovanni Di Crescenzo , Tao Zhang , Robert G. White
IPC分类号： H04L9/06 , H04L9/08
CPC分类号： H04L9/0891 , G06F2221/0771 , H04L9/002 , H04L9/006 , H04L9/14 , H04L2209/42 , H04L2209/84
摘要： An inventive scheme for detecting parties responsible for repeated malicious activities in secure and anonymous communication is presented. The scheme comprises generating a pool of keys, distributing to and associating with each party a small number of keys chosen randomly from the pool, revoking a key when it is detected as used in a malicious activity, creating a set of parties associated with the revoked key, revoking additional keys randomly chosen among the keys not currently revoked, selecting new keys, and when a party requests an updated key, sending the updated key selected from among the new keys to the requesting party, wherein if an other malicious activity is detected, creating another set of the parties associated with the other malicious activity and identifying the parties in both sets. The steps of the inventive scheme are repeated until only one party is in the intersection set.
摘要翻译：提出了一种用于检测在安全和匿名通信中负责重复恶意活动的各方的创新方案。该方案包括生成一个密钥池，向每一方分配少量从池中随机选择的密钥并将其关联，当被检测为在恶意活动中被使用时撤销密钥，创建一组与被撤销的关联的一方密钥，撤销在当前未被撤销的密钥中随机选择的附加密钥，选择新密钥，以及当一方请求更新密钥时，将从新密钥中选择的更新密钥发送给请求方，其中如果检测到其他恶意活动，创建另一组与其他恶意活动相关联的各方，并确定两方的各方。重复本发明方案的步骤，直到只有一方在交集中。

7. 发明申请

US20080232595A1 Vehicle Segment Certificate Management Using Short-Lived, Unlinked Certificate Schemes 有权
标题翻译：使用短期，未连接证书方案的车辆段证书管理
公开(公告)号：US20080232595A1
公开(公告)日：2008-09-25
申请号：US12051309
申请日：2008-03-19
申请人： Stanley Pietrowicz , Giovanni Di Crescenzo , Tao Zhang , Robert G. White
发明人： Stanley Pietrowicz , Giovanni Di Crescenzo , Tao Zhang , Robert G. White
IPC分类号： H04L9/14
CPC分类号： G06Q20/3829 , H04L9/002 , H04L9/3268 , H04L9/3297 , H04L63/062 , H04L63/068 , H04L63/0823 , H04L2209/42 , H04L2209/56 , H04L2209/84
摘要： The present invention advantageously provides a system and method for management of cryptographic keys and certificates for a plurality of vehicles. Each vehicle of the plurality of vehicles generates public/private key pairs, requests multiple time-distributed certificates, creates an encrypted identity, and surrenders expired certificates. An assigning authority receives the public/private key pairs, the request for multiple time-distributed certificates, the encrypted identity, and the expired certificates from said vehicle. The assigning authority authorizes the vehicle with an authorizing authority, validates the expired certificates, proves ownership, and distributes the requested time-distributed certificates to said vehicle. Validation can comprise checking expired certificates against misused, compromised and/or previously surrendered certificates. Time-distributed certificates can have lifetimes adjustable based on certificate misuse detection system algorithms, amount of malicious activity detected, and/or certificate authority capacity.
摘要翻译：本发明有利地提供了一种用于管理多个车辆的密码密钥和证书的系统和方法。多个车辆中的每个车辆产生公共/私人密钥对，请求多个时间分布证书，创建加密身份，并交出过期证书。分配机构从所述车辆接收公钥/私钥对，多个时间分布证书的请求，加密的身份和过期的证书。分配机构授权车辆授权，验证过期的证书，证明所有权，并将所要求的分发时间的证书分发给所述车辆。验证可以包括检查过期的证书，以防被滥用，受到损害和/或以前交出的证书。基于证书滥用检测系统算法，检测到的恶意活动量和/或证书颁发机构容量，分布式证书的生命周期可以调整。

8. 发明授权

US06813358B1 Method and system for timed-release cryptosystems 有权
标题翻译：定时释放密码系统的方法和系统
公开(公告)号：US06813358B1
公开(公告)日：2004-11-02
申请号：US09441740
申请日：1999-11-17
申请人： Giovanni Di Crescenzo , Rafail Ostrovsky , Sivaramakris Rajagopalan
发明人： Giovanni Di Crescenzo , Rafail Ostrovsky , Sivaramakris Rajagopalan
IPC分类号： H04L900
CPC分类号： H04L63/0428 , H04L9/083 , H04L9/088 , H04L63/0442 , H04L2209/50
摘要： A method and system are provided for timed-release cryptography. A sender encrypts data in a timed-release fashion such that a receiver based on information exchanged with a server decrypts the encrypted data at or after a release time without revealing to the server any information about the sender, the data, and the release time. In one embodiment, the sender encrypts a key and a release time based on a public key of the receiver and encrypts the data based on the encrypted key. The server determines a condition, which is a function of the encrypted key, the encrypted release time, and a current time. The server then sends the condition to the receiver using a conditional oblivious transfer method. If the current time as determined by the server is greater than or equal to the release time, the receiver determines the encrypted key based on the condition. The receiver then uses the encrypted key to decrypt the encrypted data. However, if the current time is less than the release time, the receiver fails to determine the encrypted key based on the condition, and thus, fails to decrypt the encrypted data.
摘要翻译：提供了一种定时释放加密技术的方法和系统。发送方以定时发布的方式加密数据，使得基于与服务器交换的信息的接收者在释放时间之内或之后解密加密数据，而不向服务器透露关于发送者，数据和释放时间的任何信息。在一个实施例中，发送者基于接收者的公钥加密密钥和释放时间，并且基于加密的密钥对数据进行加密。服务器确定一个条件，它是加密密钥的函数，加密的释放时间和当前时间。然后，服务器使用条件忽略传输方法将条件发送给接收方。如果由服务器确定的当前时间大于或等于发布时间，接收者将根据条件确定加密的密钥。然后，接收器使用加密的密钥来解密加密的数据。然而，如果当前时间小于释放时间，则接收机根据条件无法确定加密密钥，因此无法解密加密数据。

9. 发明授权

US08528060B2 Method and system for password protocols in the bounded retrieval mode with security dictionary attacks and intrusions 有权
标题翻译：有限检索模型中密码协议的方法和系统，具有针对字典攻击和入侵的安全性
公开(公告)号：US08528060B2
公开(公告)日：2013-09-03
申请号：US11644368
申请日：2006-12-22
申请人： Giovanni Di Crescenzo , Richard J. Lipton , Sheldon Walfish
发明人： Giovanni Di Crescenzo , Richard J. Lipton , Sheldon Walfish
IPC分类号： H04L29/06
CPC分类号： G06F21/31 , G06F21/46 , G06F21/62 , H04L63/1416
摘要： Efficient secure password protocols are constructed that remain secure against offline dictionary attacks even when a large, but bounded, part of the storage of a server responsible for password verification is retrieved by an adversary through a remote or local connection. A registration algorithm and a verification algorithm accomplish the goal of defeating a dictionary attack. A password protocol where a server, on input of a login and a password, carefully selects several locations from the password files, properly combines their content according to some special function, and stores the result of this function as a tag that can be associated with this password and used in a verification phase to verify access by users. Two main instantiations of our method are given; in one, a combination of mathematical tools, called dispersers and pairwise-independent hash functions is used to achieve security against adaptive intrusions (dispersers make sure that the password of each user depends on randomly chosen locations in a large password file, and pairwise-independent hash functions help in making this dependency sufficiently random); in a second one, a combination of mathematical tools, called k-wise independent hash functions and locally-computable and strong extractors (k-wise independent hash functions make sure that the locations chosen in the large password file from each password are sufficiently random, and locally-computable and strong extractors are used to combine the contents of these locations to generate a single long random value, which makes verification harder for the adversary to foil).
摘要翻译：构建有效的安全密码协议，即使当负责密码验证的服务器的存储的大型但有限的部分通过远程或本地连接被对手检索时，仍然可以防止离线字典攻击。注册算法和验证算法实现了击败字典攻击的目标。密码协议，其中服务器输入登录名和密码，从密码文件中仔细选择多个位置，根据一些特殊功能正确组合其内容，并将此功能的结果存储为可与此密码用于验证阶段，以验证用户的访问。给出了我们的方法的两个主要实例; 在一个方面，使用称为分散器和成对独立散列函数的数学工具的组合来实现针对自适应入侵的安全性（分散器确保每个用户的密码取决于大密码文件中的随机选择的位置，并且成对独立哈希函数有助于使此依赖性足够随机）; 在第二个方面，数学工具的组合，称为k-独立散列函数和本地可计算和强提取器（k-独立散列函数确保从每个密码在大密码文件中选择的位置是足够随机的，并且使用本地可计算和强抽取器来组合这些位置的内容以产生单个长随机值，这使得对手更难验证。

10. 发明授权

US08363832B2 Vehicle segment certificate management using shared certificate schemes 有权
标题翻译：使用共享证书方案的车辆段证书管理
公开(公告)号：US08363832B2
公开(公告)日：2013-01-29
申请号：US12051241
申请日：2008-03-19
申请人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
发明人： Giovanni Di Crescenzo , Stanley Pietrowicz , Eric Van Den Berg , Robert G. White , Tao Zhang
IPC分类号： H04L29/06
CPC分类号： H04L9/006 , H04L9/002 , H04L9/08 , H04L9/0872 , H04L9/0891 , H04L2209/42 , H04L2209/84 , H04W4/046 , H04W12/04 , H04W12/12
摘要： The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position.
摘要翻译：本发明有利地提供了通过解决关于其可行性，可扩展性和性能的关键问题来解决组合匿名证书管理问题的技术。介绍了管理IEEE 1609.2匿名和识别车辆基础设施集成（VII）系统中的加密密钥和证书的方法和步骤，以及用于管理用于增强车辆隐私的分区证书颁发机构架构中的识别和匿名证书的方法。给出了车辆在维护车辆隐私时动态更改匿名证书以供使用的新方法。提出了基本组合方案的改进，包括概率密钥替换，重新计数器递减，动态密钥阈值，地理攻击隔离和地理位置证明。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式