专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20130173928A1 CRYPTOGRAPHIC DEVICE WITH RESISTANCE TO DIFFERENTIAL POWER ANALYSIS AND OTHER EXTERNAL MONITORING ATTACKS 有权
标题翻译：具有抵抗差分功率分析和其他外部监测攻击的结构设备
公开(公告)号：US20130173928A1
公开(公告)日：2013-07-04
申请号：US13762703
申请日：2013-02-08
申请人： Paul C. Kocher , Pankaj Rohatgi , Joshua M. Jaffe
发明人： Paul C. Kocher , Pankaj Rohatgi , Joshua M. Jaffe
IPC分类号： G06F12/14
CPC分类号： G06F21/575 , G06F8/71 , G06F9/44505 , G06F12/1408 , G06F21/556 , G06F21/602 , G06F21/755 , G06F21/76 , G06F2212/402 , G06F2221/034 , G06F2221/2107 , G06F2221/2125 , G06F2221/2145 , H04L9/003 , H04L9/0631 , H04L9/085 , H04L9/0861 , H04L9/088 , H04L9/0894 , H04L9/16 , H04L9/3236 , H04L9/3247 , H04L63/0428 , H04L63/0869 , H04L2209/24 , H04L2209/38 , H04L2209/56 , H04L2463/061
摘要： Techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments.
摘要翻译：技术可以由设备加密和解密敏感数据，以提供安全性从外部监视攻击。加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。

2. 发明申请

US20110138192A1 Verifiable, Leak-Resistant Encryption and Decryption 有权
标题翻译：可验证的，防泄漏的加密和解密
公开(公告)号：US20110138192A1
公开(公告)日：2011-06-09
申请号：US12958570
申请日：2010-12-02
申请人： Paul C. KOCHER , Pankaj Rohatgi , Joshua M. Jaffe
发明人： Paul C. KOCHER , Pankaj Rohatgi , Joshua M. Jaffe
IPC分类号： G06F21/24 , G06F21/00
CPC分类号： G06F21/575 , G06F8/71 , G06F9/44505 , G06F12/1408 , G06F21/556 , G06F21/602 , G06F21/755 , G06F21/76 , G06F2212/402 , G06F2221/034 , G06F2221/2107 , G06F2221/2125 , G06F2221/2145 , H04L9/003 , H04L9/0631 , H04L9/085 , H04L9/0861 , H04L9/088 , H04L9/0894 , H04L9/16 , H04L9/3236 , H04L9/3247 , H04L63/0428 , H04L63/0869 , H04L2209/24 , H04L2209/38 , H04L2209/56 , H04L2463/061
摘要： This patent describes techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments. Derived keys and validators are produced using methods designed to preserve security even if cipher and hashing operations leak information. Embodiments for systems including SoCs, firmware loading, FPGAs and network communications are described.
摘要翻译：本专利描述了可以通过设备加密和解密敏感数据的技术，以提供来自外部监视攻击的安全性的方式。加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。派生密钥和验证器使用旨在保护安全性的方法生成，即使加密和散列操作泄漏信息。描述了包括SoC，固件加载，FPGA和网络通信的系统的实施例。

3. 发明申请

US20100091982A1 DIFFERENTIAL POWER ANALYSIS - RESISTANT CRYPTOGRAPHIC PROCESSING 有权
标题翻译：差分功率分析 - 抗振动加工
公开(公告)号：US20100091982A1
公开(公告)日：2010-04-15
申请号：US12637565
申请日：2009-12-14
申请人： Paul C. KOCHER , Joshua M. Jaffe , Benjamin C. Jun
发明人： Paul C. KOCHER , Joshua M. Jaffe , Benjamin C. Jun
IPC分类号： H04L9/28
CPC分类号： H04L9/0618 , G06F1/06 , G06F1/266 , G06F1/3225 , G06F7/00 , G06F21/75 , G06F21/755 , G06F21/77 , G06F2207/7223 , G06F2207/7266 , G06K19/073 , G06K19/07363 , G06Q20/341 , G06Q20/382 , G06Q20/409 , G07F7/08 , G07F7/082 , G07F7/1008 , G09C1/00 , H04L9/003 , H04L2209/04 , H04L2209/08 , H04L2209/56 , H04L2209/805
摘要： Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.
摘要翻译：从智能卡和其他防篡改加密设备泄露的信息可以进行统计分析，以确定密钥或其他秘密数据。数据采集和分析系统配置有连接的模拟 - 数字转换器，用于测量设备在设备处理期间变化的设备的电力消耗或目标设备的某些其他属性。当目标设备执行加密操作时，对于每个密码操作记录来自A / D转换器的数据。然后使用统计分析处理存储的数据，产生整个密钥，或者可以用于加速强力搜索或其他攻击的密钥的部分信息。

4. 发明授权

US07599488B2 Differential power analysis 有权
标题翻译：差分功率分析
公开(公告)号：US07599488B2
公开(公告)日：2009-10-06
申请号：US11978364
申请日：2007-10-29
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
IPC分类号： H04K3/00 , H04L9/00 , G06F11/30
CPC分类号： H04L9/0618 , G06F1/06 , G06F1/266 , G06F1/3225 , G06F7/00 , G06F21/75 , G06F21/755 , G06F21/77 , G06F2207/7223 , G06F2207/7266 , G06K19/073 , G06K19/07363 , G06Q20/341 , G06Q20/382 , G06Q20/409 , G07F7/08 , G07F7/082 , G07F7/1008 , G09C1/00 , H04L9/003 , H04L2209/04 , H04L2209/08 , H04L2209/56 , H04L2209/805
摘要： Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.
摘要翻译：从智能卡和其他防篡改加密设备泄露的信息可以进行统计分析，以确定密钥或其他秘密数据。数据采集和分析系统配置有连接的模拟 - 数字转换器，用于测量设备在设备处理期间变化的设备的电力消耗或目标设备的某些其他属性。当目标设备执行加密操作时，对于每个密码操作记录来自A / D转换器的数据。然后使用统计分析处理存储的数据，产生整个密钥，或者可以用于加速强力搜索或其他攻击的密钥的部分信息。

5. 发明申请

US20080130886A1 Content security layer providing long-term renewable security 有权
公开(公告)号：US20080130886A1
公开(公告)日：2008-06-05
申请号：US11982234
申请日：2007-10-31
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun , Matthew T. Carter , Peter K. Pearson
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun , Matthew T. Carter , Peter K. Pearson
IPC分类号： H04N7/167
CPC分类号： H04L9/0891 , G11B20/00086 , G11B20/00166 , G11B20/00173 , G11B20/0021 , G11B20/00246 , G11B20/00659 , G11B20/00818 , G11B20/0084 , G11B20/00884 , H04L9/3247 , H04L2209/603 , H04L2209/608 , H04N5/913 , H04N21/26613 , H04N21/4135 , H04N21/4181 , H04N21/4325 , H04N21/4405 , H04N21/44236 , H04N21/4627 , H04N21/8355 , H04N21/8358 , H04N2005/91335 , H04N2005/91342
摘要： In an exemplary embodiment, digital content is mastered as a combination of encrypted data and data processing operations that enable use in approved playback environments. Player devices having a processing environment compatible with the content's data processing operations are able to decrypt and play the content. Players can also provide content with basic functions, such as loading data from media, performing network communications, determining playback environment configuration, controlling decryption/playback, and/or performing cryptographic operations using the player's keys. These functions allow the content to implement and enforce its own security policies. If pirates compromise individual players or content titles, new content can be mastered with new security features that block the old attacks. A selective decryption capability can also be provided, enabling on-the-fly watermark insertion so that attacks can be traced back to a particular player. Features to enable migration from legacy formats are also provided.

6. 发明申请

US20110264923A1 SELF-PROTECTING DIGITAL CONTENT 有权
标题翻译：自我保护数字内容
公开(公告)号：US20110264923A1
公开(公告)日：2011-10-27
申请号：US13175238
申请日：2011-07-01
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun , Carter C. Laren , Peter K. Pearson , Nathaniel J. Lawson
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun , Carter C. Laren , Peter K. Pearson , Nathaniel J. Lawson
IPC分类号： G06F12/14 , H04L9/00
CPC分类号： H04N7/1675 , G06F21/50 , G06F21/62 , G06F21/6281 , G06F21/78 , G11B20/00086 , G11B20/00115 , G11B20/0021 , G11B20/00231 , G11B20/00246 , G11B20/00253 , G11B20/00449 , G11B20/00659 , G11B20/00818 , G11B20/00884 , H04L9/3236 , H04L9/3249 , H04L2209/56 , H04L2209/60 , H04L2209/606 , H04N21/25816 , H04N21/4135 , H04N21/4181 , H04N21/42646 , H04N21/4405 , H04N21/44236 , H04N21/8358 , H04N2005/91342
摘要： Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.
摘要翻译：通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。示例性的光盘携带加密的数字视频标题，与实现标题的安全策略和解密过程的数据处理操作相结合。播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。播放器还提供程序调用，使内容代码从媒体加载数据，执行网络通信，确定播放环境配置，访问安全的非易失性存储，提交数据到CODEC进行输出和/或执行加密操作。内容可以在解码输出中插入取证水印，以追踪盗版副本。如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。

7. 发明授权

US07787620B2 Prevention of side channel attacks against block cipher implementations and other cryptographic systems 有权
标题翻译：防止针对块密码实现和其他加密系统的侧信道攻击
公开(公告)号：US07787620B2
公开(公告)日：2010-08-31
申请号：US11252898
申请日：2005-10-18
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
IPC分类号： H04L9/22
CPC分类号： H04L9/0625 , G06F21/556 , G06F21/602 , G06F21/755 , G06F2207/7219 , H04L9/003 , H04L2209/046 , H04L2209/08 , H04L2209/127
摘要： Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P{K1} XOR K2P{K2} equals the “standard” DES key K, and M1P{M1} XOR M2P{M2} equals the “standard” message. During operation of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.
摘要翻译：公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来改善DES和其他加密协议以防外部监视攻击的方法和装置。本发明的改进的DES实施方案改为使用两个56位密钥（K1和K2）和两个64位明文消息（M1和M2），每个与排列相关联（即，K1P，K2P和M1P，M2P），使得 K1P {K1} XOR K2P {K2}等于“标准”DES密钥K，M1P {M1} XOR M2P {M2}等于“标准”消息。在设备的操作期间，优选地通过将新鲜的熵引入到表中比信息泄漏出来更周期地更新表，使得攻击者将不能通过分析测量获得表内容。该技术可在加密智能卡，防篡改芯片和各种安全处理系统中实现。

8. 发明授权

US07668310B2 Cryptographic computation using masking to prevent differential power analysis and other attacks 有权
标题翻译：使用掩码进行密码计算，以防止差分功率分析和其他攻击
公开(公告)号：US07668310B2
公开(公告)日：2010-02-23
申请号：US09930836
申请日：2001-08-15
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
IPC分类号： H04L9/22
CPC分类号： H04L9/0625 , G06F21/556 , G06F21/602 , G06F21/755 , G06F2207/7219 , H04L9/003 , H04L2209/046 , H04L2209/08 , H04L2209/127
摘要： Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P{K1} XOR K2P {K2} equals the “standard” DES key K, and M1P{M1} XOR M2P{M2} equals the “standard” message. During operation of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.
摘要翻译：公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来改善DES和其他加密协议以防外部监视攻击的方法和装置。本发明的改进的DES实施方案改为使用两个56位密钥（K1和K2）和两个64位明文消息（M1和M2），每个与排列相关联（即，K1P，K2P和M1P，M2P），使得 K1P {K1} XOR K2P {K2}等于“标准”DES密钥K，M1P {M1} XOR M2P {M2}等于“标准”消息。在设备的操作期间，优选地通过将新鲜的熵引入到表中比信息泄漏出来更周期地更新表，使得攻击者将不能通过分析测量获得表内容。该技术可在加密智能卡，防篡改芯片和各种安全处理系统中实现。

9. 发明授权

US07587044B2 Differential power analysis method and apparatus 有权
公开(公告)号：US07587044B2
公开(公告)日：2009-09-08
申请号：US10005105
申请日：2001-12-03
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun
IPC分类号： H04L9/00 , G06F21/00
CPC分类号： H04L9/0618 , G06F1/06 , G06F1/266 , G06F1/3225 , G06F7/00 , G06F21/75 , G06F21/755 , G06F21/77 , G06F2207/7223 , G06F2207/7266 , G06K19/073 , G06K19/07363 , G06Q20/341 , G06Q20/382 , G06Q20/409 , G07F7/08 , G07F7/082 , G07F7/1008 , G09C1/00 , H04L9/003 , H04L2209/04 , H04L2209/08 , H04L2209/56 , H04L2209/805
摘要： Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.

10. 发明申请

US20080137848A1 Reprogrammable security for controlling piracy and enabling interactive content 有权
标题翻译：可重复编程的安全性，用于控制盗版和启用交互式内容
公开(公告)号：US20080137848A1
公开(公告)日：2008-06-12
申请号：US11982190
申请日：2007-10-31
申请人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun , Carter C. Laren , Peter K. Pearson , Nathaniel J. Lawson
发明人： Paul C. Kocher , Joshua M. Jaffe , Benjamin C. Jun , Carter C. Laren , Peter K. Pearson , Nathaniel J. Lawson
IPC分类号： H04N7/167 , H04L9/00
CPC分类号： G06F21/10 , G06F9/445 , G06F21/64 , G06Q50/188 , G11B20/00086 , G11B20/00115 , G11B20/0021 , G11B20/00231 , G11B20/00246 , G11B20/00253 , G11B20/00449 , G11B20/00818 , G11B20/00884 , H04L9/0844 , H04L9/302 , H04L9/3236 , H04L9/3249 , H04L9/3271 , H04L2209/56 , H04L2209/60 , H04N5/913 , H04N21/4181 , H04N21/42646 , H04N21/4325 , H04N21/4405 , H04N21/4627 , H04N21/8193 , H04N21/8358 , H04N2005/91342 , H04N2005/91364
摘要： Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.
摘要翻译：通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。示例性的光盘携带加密的数字视频标题，与实现标题的安全策略和解密过程的数据处理操作相结合。播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。播放器还提供程序调用，使内容代码从媒体加载数据，执行网络通信，确定播放环境配置，访问安全的非易失性存储，提交数据到CODEC进行输出和/或执行加密操作。内容可以在解码输出中插入取证水印，以追踪盗版副本。如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式