会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • APPARATUS AND METHOD FOR A DIRECT ANONYMOUS ATTESTATION SCHEME FROM SHORT-GROUP SIGNATURES
    • 短组合签名方式的直接匿名表示方法的装置和方法
    • US20090129600A1
    • 2009-05-21
    • US12208989
    • 2008-09-11
    • Ernie F. BrickellJiangtao Li
    • Ernie F. BrickellJiangtao Li
    • H04L9/30
    • H04L9/3234H04L9/3073H04L9/3218H04L9/3255H04L2209/42
    • An apparatus and method is provided for a direct anonymous attestation scheme from short-group signatures. The method may include the creation of a group public/private key pair for a trusted membership group defined by an issuer; and assigning a cryptographic pair that is combined with a unique private member value to form a private membership key. A trusted member device generates the unique private member value during a join procedure of a trusted membership group. In one embodiment, the private member value of the private membership key is unknown to the issuer. A member may sign a message with the private membership key to form a short-group digital signature that is verified using a public key of the trusted membership group to maintain anonymity of trusted member devices. A size of the private membership key may be reduced to enable storage within a trusted platform module. Other embodiments are described and claimed.
    • 为短组签名提供直接匿名认证方案的设备和方法。 该方法可以包括为由发行者定义的可信会员组创建组公/私钥对; 以及分配与唯一私有成员值组合的密码对以形成私有成员密钥。 受信任的成员设备在受信任的成员资格组的连接过程中生成唯一的私有成员值。 在一个实施例中,私人会员密钥的私人会员值对于发行者来说是未知的。 成员可以使用私有成员密钥签名消息,形成一个短组数字签名,该数字签名使用受信任的成员资格组的公钥进行验证,以维护受信任的成员设备的匿名性。 可以减小私有成员密钥的大小以使得能够在可信平台模块内存储。 描述和要求保护其他实施例。
    • 2. 发明授权
    • Apparatus and method for a direct anonymous attestation scheme from short-group signatures
    • 来自短组签名的直接匿名认证方案的装置和方法
    • US08356181B2
    • 2013-01-15
    • US12208989
    • 2008-09-11
    • Ernie F. BrickellJiangtao Li
    • Ernie F. BrickellJiangtao Li
    • H04L9/32
    • H04L9/3234H04L9/3073H04L9/3218H04L9/3255H04L2209/42
    • An apparatus and method is provided for a direct anonymous attestation scheme from short-group signatures. The method may include the creation of a group public/private key pair for a trusted membership group defined by an issuer; and assigning a cryptographic pair that is combined with a unique private member value to form a private membership key. A trusted member device generates the unique private member value during a join procedure of a trusted membership group. In one embodiment, the private member value of the private membership key is unknown to the issuer. A member may sign a message with the private membership key to form a short-group digital signature that is verified using a public key of the trusted membership group to maintain anonymity of trusted member devices. A size of the private membership key may be reduced to enable storage within a trusted platform module. Other embodiments are described and claimed.
    • 为短组签名提供直接匿名认证方案的设备和方法。 该方法可以包括为由发行者定义的可信会员组创建组公/私钥对; 以及分配与唯一私有成员值组合的密码对以形成私有成员密钥。 受信任的成员设备在受信任的成员资格组的连接过程中生成唯一的私有成员值。 在一个实施例中,私人会员密钥的私人会员值对于发行者来说是未知的。 成员可以使用私有成员密钥签名消息,形成一个短组数字签名,该数字签名使用受信任的成员资格组的公钥进行验证,以维护受信任的成员设备的匿名性。 可以减小私有成员密钥的大小以使得能够在可信平台模块内存储。 描述和要求保护其他实施例。
    • 4. 发明申请
    • HARDENING INTER-DEVICE SECURE COMMUNICATION USING PHYSICALLY UNCLONABLE FUNCTIONS
    • 使用物理不可靠功能的硬化设备安全通信
    • US20140270177A1
    • 2014-09-18
    • US13844559
    • 2013-03-15
    • Ernie BrickellJiangtao Li
    • Ernie BrickellJiangtao Li
    • H04L9/08
    • H04L9/0877H04L9/3278
    • Embodiments of an invention for hardened inter-device secure communication using physically unclonable functions are disclosed. In one embodiment, an apparatus includes a first storage location, a second storage location, a physically unclonable function (PUF) circuit, a PUF key generator, and an encryption unit. The first storage location is to store an embedded key. The second storage location is to store a fuse key. The PUF circuit is to provide a PUF value. The PUF key generator is to generate a PUF key based on the PUF value. The encryption unit is to receive from a key server a global key encrypted using the embedded key, decrypt the global key using the embedded key, encrypt the global key using the PUF key, and store the global key encrypted using the PUF key in the second storage location.
    • 公开了使用物理不可克隆功能的硬件设备间安全通信的发明的实施例。 在一个实施例中,装置包括第一存储位置,第二存储位置,物理不可克隆功能(PUF)电路,PUF密钥发生器和加密单元。 第一个存储位置是存储一个嵌入的密钥。 第二个存储位置是存储保险丝钥匙。 PUF电路提供PUF值。 PUF密钥生成器基于PUF值生成PUF密钥。 加密单元是从密钥服务器接收使用嵌入密钥加密的全局密钥,使用嵌入密钥解密全局密钥,使用PUF密钥加密全局密钥,并将使用PUF密钥加密的全局密钥存储在第二个密钥中 存储位置。
    • 5. 发明申请
    • DEVICE AUTHENTICATION USING A PHYSICALLY UNCLONABLE FUNCTIONS BASED KEY GENERATION SYSTEM
    • 使用基于物理不可靠函数的密钥生成系统的设备认证
    • US20140189890A1
    • 2014-07-03
    • US13730469
    • 2012-12-28
    • Patrick KoeberlJiangtao Li
    • Patrick KoeberlJiangtao Li
    • G06F21/70
    • G06F21/70G06F21/44G06F21/73G09C1/00H04L9/0866H04L2209/12
    • At least one machine accessible medium having instructions stored thereon for authenticating a hardware device is provided. When executed by a processor, the instructions cause the processor to receive two or more device keys from a physically unclonable function (PUF) on the hardware device, generate a device identifier from the two or more device keys, obtain a device certificate from the hardware device, perform a verification of the device identifier, and provide a result of the device identifier verification. In a more specific embodiment, the instructions cause the processor to perform a verification of a digital signature in the device certificate and to provide a result of the digital signature verification. The hardware device may be rejected if at least one of the device identifier verification and the digital signature verification fails.
    • 提供了至少一个具有存储在其上用于认证硬件设备的指令的机器可访问介质。 当处理器执行时,指令使处理器从硬件设备上的物理不可克隆功能(PUF)接收两个或多个设备密钥,从两个或多个设备密钥生成设备标识符,从硬件获得设备证书 设备,执行设备标识符的验证,并提供设备标识符验证的结果。 在更具体的实施例中,指令使处理器执行设备证书中的数字签名的验证并提供数字签名验证的结果。 如果设备标识符验证和数字签名验证中的至少一个失败,则硬件设备可能被拒绝。
    • 10. 发明申请
    • HARDENING OF DIRECT ANONYMOUS ATTESTATION FROM SIDE-CHANNEL ATTACK
    • 从通道攻击引起的直接不正常情况的加强
    • US20140095883A1
    • 2014-04-03
    • US13630109
    • 2012-09-28
    • Sergey KirillovJiangtao LiMarc A. Valle
    • Sergey KirillovJiangtao LiMarc A. Valle
    • H04L9/32
    • H04L9/3281H04L9/003H04L9/0891H04L9/3247H04L2209/046
    • Various embodiments are generally directed to hardening the performance of calculations of a digital signature system for authenticating computing devices against side-channel attacks. An apparatus comprises a processor circuit and an interface operative to communicatively couple the processor circuit to a network; a storage communicatively coupled to the processor circuit and arranged to store instructions operative on the processor circuit to digitally sign a message to create a first signature using a modular arithmetic operation arranged to compensate for a value of a variable greater than a modulus without use of a branching instruction; and transmit the first signature to a verifying server via the network. Other embodiments are described and claimed herein.
    • 各种实施例通常旨在加强数字签名系统的计算性能,以便针对侧信道攻击认证计算设备。 一种装置包括处理器电路和可操作地将处理器电路通信地耦合到网络的接口; 存储器,其通信地耦合到所述处理器电路并且被布置为存储在所述处理器电路上操作的指令以对信息进行数字签名以使用被设置为补偿大于模数的变量的值的模算术运算来创建第一签名而不使用 分支指令 并经由网络将第一签名发送给验证服务器。 在此描述和要求保护的其它实施例。