专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08509448B2 Methods and device for secure transfer of symmetric encryption keys 有权
标题翻译：用于安全传输对称加密密钥的方法和设备
公开(公告)号：US08509448B2
公开(公告)日：2013-08-13
申请号：US12511731
申请日：2009-07-29
申请人： Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
发明人： Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
IPC分类号： G06F21/00
CPC分类号： H04L63/061 , G06F21/57 , G06F21/602 , G06F21/606 , H04L9/0822 , H04L9/0825 , H04L63/0428 , H04L2209/80 , H04L2463/062 , H04W12/04
摘要： A sending device generates a first and a second KMM, wherein the first KMM includes a first KEK and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys. The sending device further encrypts the set of symmetric encryption keys using the first KEK; encrypts the first KEK and the KMM encryption key using a first public key of a receiving device; and encrypts the second KMM using the KMM encryption key to generate an encrypted second KMM before sending the first KMM and the encrypted second KMM to the receiving device. The receiving device decrypts the first KEK and the KMM encryption key using a first private key that corresponds to the first public key; and decrypts the encrypted second KMM using the KMM encryption key to obtain the encrypted set of symmetric keys.
摘要翻译：发送设备生成第一和第二KMM，其中第一KMM包括第一KEK和KMM加密密钥，并且第二KMM包括一组对称加密密钥。所述发送装置使用所述第一KEK进一步加密所述一组对称加密密钥; 使用接收设备的第一公钥加密第一KEK和KMM加密密钥; 并且使用KMM加密密钥对第二KMM进行加密，以在将第一KMM和加密的第二KMM发送到接收设备之前生成加密的第二KMM。接收设备使用对应于第一公钥的第一私钥对第一KEK和KMM加密密钥进行解密; 并使用KMM加密密钥解密加密的第二KMM以获得加密的对称密钥集。

2. 发明申请

US20100165839A1 ANTI-REPLAY METHOD FOR UNICAST AND MULTICAST IPSEC 审中-公开
标题翻译：用于UNICAST和MULTICAST IPSEC的反复制方法
公开(公告)号：US20100165839A1
公开(公告)日：2010-07-01
申请号：US12345160
申请日：2008-12-29
申请人： THOMAS J. SENESE , MICHAEL W. BRIGHT , DIPENDRA M. CHOWDHARY , CHRIS A. KRUEGEL , LARRY MURRILL , TIMOTHY G. WOODWARD
发明人： THOMAS J. SENESE , MICHAEL W. BRIGHT , DIPENDRA M. CHOWDHARY , CHRIS A. KRUEGEL , LARRY MURRILL , TIMOTHY G. WOODWARD
IPC分类号： H04L12/26
CPC分类号： H04W28/06 , H04L43/106 , H04L43/16 , H04L63/0272 , H04L63/164 , H04L67/2842 , H04L69/28
摘要： A method for managing a packet in a communication system between two or more endpoints, a sender and one or more recipients, comprises receiving a first packet comprising a source identifier that uniquely identifies a sender of the first packet and a current source time assigned to the first packet by the sender, determining a received time for the first packet, retrieving a cached source time assigned by the sender to a second packet that was received prior to receiving the first packet, and determining whether to discard or process the first packet based on the current source time, the received time, and the cached source time. The current source time, the received time, and the cached time, in addition to predetermined parameters such as a maximum age and an anti-replay window allows a recipient to determine whether to process or discard a packet.
摘要翻译：一种用于管理两个或多个端点之间的通信系统中的分组的方法，发送方和一个或多个接收者，包括：接收第一分组，其包括唯一地标识所述第一分组的发送者的源标识符和分配给所述第一分组的当前源时间由发送方确定第一分组，确定接收到的第一分组的时间，将发送方分配的高速缓存的源时间检索到在接收第一分组之前接收的第二分组，以及基于是否丢弃或处理第一分组当前源时间，接收时间和缓存的源时间。除了诸如最大年龄和反重播窗口的预定参数之外，当前源时间，接收时间和缓存时间允许接收者确定是处理还是丢弃分组。

3. 发明授权

US5809148A Decryption of retransmitted data in an encrypted communication system 失效
标题翻译：在加密通信系统中重传数据的解密
公开(公告)号：US5809148A
公开(公告)日：1998-09-15
申请号：US649098
申请日：1996-05-17
申请人： Kevin G. Doberstein , Scott J. Pappas , Michael W. Bright
发明人： Kevin G. Doberstein , Scott J. Pappas , Michael W. Bright
IPC分类号： H04K1/00 , H04L1/18 , H04L9/00 , H04L9/18 , H04L9/36
CPC分类号： H04L9/0637 , H04L1/1809
摘要： The method generally includes the steps of receiving (201) a message (100) comprising a message indicator (101) and a plurality of encrypted blocks (103 through 111). When at least one block of the plurality of encrypted blocks is received with error, a second message is transmitted (215), which second message requests a retransmission of the at least one block. Upon receiving the retransmission of the at least one block without error, a keystream is generated (219) from the message indicator and the at least one block is decrypted using the keystream.
摘要翻译：该方法通常包括以下步骤：接收（201）包括消息指示符（101）和多个加密块（103至111）的消息（100）。当错误地接收到多个加密块中的至少一个块时，发送第二消息（215），哪个第二消息请求至少一个块的重传。一旦无错误地接收到至少一个块的重传，则从消息指示符生成密钥流（219），并且使用密钥流对至少一个块进行解密。

4. 发明授权

US5173938A Key management system 失效
标题翻译：密钥管理系统
公开(公告)号：US5173938A
公开(公告)日：1992-12-22
申请号：US753454
申请日：1991-09-03
申请人： Kurt W. Steinbrenner , Michael W. Bright
发明人： Kurt W. Steinbrenner , Michael W. Bright
IPC分类号： H04L9/08
CPC分类号： H04L9/083 , H04L9/0827 , H04L9/0891
摘要： This key management system effectively solves the key distribution problems of distance, time, operator error, and security risk by transferring encryption keys with appropriate system information between a key management controller (101) and a remote keyloader (109). The keyloader (109) is then coupled to a communication device to transfer (327) the keys and receive (329) identification information from the communication device. The keyloader (109) then sends (323) the information to the key management controller (101) that controls the distribution of the encryption keys and collection of the communication device identifications.
摘要翻译：该密钥管理系统通过在密钥管理控制器（101）和远程密钥加载器（109）之间传送具有适当系统信息的加密密钥来有效地解决距离，时间，操作者错误和安全风险的密钥分发问题。密钥加载器（109）然后被耦合到通信设备以传送（327）密钥并从通信设备接收（329）识别信息。密钥加载器（109）然后将信息发送（323）到控制加密密钥的分发和通信设备标识的收集的密钥管理控制器（101）。

5. 发明授权

US5161189A Encryption and decryption of chained messages 失效
标题翻译：链接消息的加密和解密
公开(公告)号：US5161189A
公开(公告)日：1992-11-03
申请号：US667151
申请日：1991-03-11
申请人： Michelle M. Bray , Michael W. Bright , Hans C. Sowa
发明人： Michelle M. Bray , Michael W. Bright , Hans C. Sowa
IPC分类号： H04L9/08 , H04L9/12
CPC分类号： H04L9/12 , H04L9/083 , H04L9/0891 , H04L2209/80
摘要： A single sync field (501) and multiple messages or message segments (503, 507, 511, and 515) are chained (407) together and encrypted (407) as a whole. When this encrypted chained message is received, it is decrypted as a whole (605), or in part (613) by setting up (609) and filling (611) a holding register with the encryption state of the encrypting device.
摘要翻译：作为整体，单个同步字段（501）和多个消息或消息段（503,507,511和515）被链接（407）在一起并加密（407）。当接收到加密的链接消息时，通过设置（609）并填充（611）具有加密设备的加密状态的保持寄存器，将其作为整体（605）或部分（613）进行解密。

6. 发明授权

US5146497A Group rekey in a communication system 失效
标题翻译：在通信系统中组密钥
公开(公告)号：US5146497A
公开(公告)日：1992-09-08
申请号：US662581
申请日：1991-02-27
申请人： Michael W. Bright
发明人： Michael W. Bright
IPC分类号： H04L9/08
CPC分类号： H04L9/0833 , H04L9/0891 , H04L2209/80
摘要： This method of key distribution rekeys (605) a group of communication units (107) within an encrypted communication system with over-the-channel rekeying. The method uses a key management controller (101) to manage and distribute keys (1541) to a plurality of communication units and handle acknowledgments from the plurality of communication units that are delayed from receipt of the rekeying message. The rekeying message (615) is sent to any of the group of communication units (107) when an acknowledgment is not received (611) from one or more of the group of communication units (107).
摘要翻译：密钥分配方法（605）在具有超频信道密钥的加密通信系统中的一组通信单元（107）。该方法使用密钥管理控制器（101）来管理和分配密钥（1541）到多个通信单元，并处理从接收到密钥信息延迟的多个通信单元的确认。当从一组或多个通信单元（107）未接收到确认（611）时，该密钥消息（615）被发送到该组通信单元（107）中的任何一个。

7. 发明授权

US08059817B2 Method and apparatus for encrypted communications using IPsec keys 有权
标题翻译：使用IPsec密钥进行加密通信的方法和装置
公开(公告)号：US08059817B2
公开(公告)日：2011-11-15
申请号：US11765085
申请日：2007-06-19
申请人： Chris A. Kruegel , Michael W. Bright , Dipendra M. Chowdhary , Thomas J. Senese , Timothy G. Woodward , Larry Murrill
发明人： Chris A. Kruegel , Michael W. Bright , Dipendra M. Chowdhary , Thomas J. Senese , Timothy G. Woodward , Larry Murrill
IPC分类号： H04L9/00 , H04L9/32 , G06F7/04
CPC分类号： H04L63/0428 , H04L9/083 , H04L9/0894 , H04L63/0485 , H04L63/062 , H04L63/164 , H04L2209/80 , H04L2463/061
摘要： Disclosed is a method for encrypted communications. A first IPsec endpoint selects a security association (SA) from a security association database (SAD) by using a selector and then extracts an indexing parameter from SA. The indexing parameter is used to determine an active key location from a key storage database (KSD). Data packets are then encrypted using a key from the active key location. The first IPsec endpoint also forms a security parameter index (SPI) in a header of the data packet by using a keyID from the active key location and transmits the encrypted data packet with the header indicating the SPI to a second IPsec endpoint.
摘要翻译：公开了一种用于加密通信的方法。第一个IPsec端点通过使用选择器从安全关联数据库（SAD）中选择安全关联（SA），然后从SA提取索引参数。索引参数用于从密钥存储数据库（KSD）确定活动密钥位置。然后使用活动密钥位置的密钥对数据包进行加密。第一IPsec端点还通过使用来自活动密钥位置的密钥ID在数据包的报头中形成安全参数索引（SPI），并将具有指示SPI的标题的加密数据包发送到第二IPsec端点。

8. 发明申请

US20110026714A1 METHODS AND DEVICE FOR SECURE TRANSFER OF SYMMETRIC ENCRYPTION KEYS 有权
标题翻译：用于安全转发对称加密密钥的方法和设备
公开(公告)号：US20110026714A1
公开(公告)日：2011-02-03
申请号：US12511731
申请日：2009-07-29
申请人： Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
发明人： Shanthi E. Thomas , Michael W. Bright , Chris A. Kruegel , Anthony R. Metke , Scott J. Pappas , Thomas J. Senese
IPC分类号： H04L9/08 , H04L9/00
CPC分类号： H04L63/061 , G06F21/57 , G06F21/602 , G06F21/606 , H04L9/0822 , H04L9/0825 , H04L63/0428 , H04L2209/80 , H04L2463/062 , H04W12/04
摘要： A sending device generates a first and a second KMM, wherein the first KMM includes a first KEK and a KMM encryption key, and the second KMM includes a set of symmetric encryption keys. The sending device further encrypts the set of symmetric encryption keys using the first KEK; encrypts the first KEK and the KMM encryption key using a first public key of a receiving device; and encrypts the second KMM using the KMM encryption key to generate an encrypted second KMM before sending the first KMM and the encrypted second KMM to the receiving device. The receiving device decrypts the first KEK and the KMM encryption key using a first private key that corresponds to the first public key; and decrypts the encrypted second KMM using the KMM encryption key to obtain the encrypted set of symmetric keys.
摘要翻译：发送设备生成第一和第二KMM，其中第一KMM包括第一KEK和KMM加密密钥，并且第二KMM包括一组对称加密密钥。所述发送装置使用所述第一KEK进一步加密所述一组对称加密密钥; 使用接收设备的第一公钥加密第一KEK和KMM加密密钥; 并且使用KMM加密密钥对第二KMM进行加密，以在将第一KMM和加密的第二KMM发送到接收设备之前生成加密的第二KMM。接收设备使用对应于第一公钥的第一私钥对第一KEK和KMM加密密钥进行解密; 并使用KMM加密密钥解密加密的第二KMM以获得加密的对称密钥集。

9. 发明授权

US5729559A Method and apparatus for correcting errors using multiple estimates 失效
标题翻译：使用多个估计来校正错误的方法和装置
公开(公告)号：US5729559A
公开(公告)日：1998-03-17
申请号：US411243
申请日：1995-03-27
申请人： Michael W. Bright , Eric F. Ziolko
发明人： Michael W. Bright , Eric F. Ziolko
IPC分类号： H03M13/23 , H03M13/43 , H03M13/12
CPC分类号： H03M13/43 , H03M13/23
摘要： An apparatus for and method of correcting errors in a received signal comprised of a rate-one orthogonal convolutional code generated by an LFSR involved feeding (403) a received signal into a multiple-stage shift register (201). Estimates of one of the stages of the shift register are performed by estimators (203, 205, 207, 209, 211, 213, and 215) and are based on the outputs of several of the other stages of the shift register (201). These estimates are combined on a bit-by-bit basis to provide a corrected received signal, which is used as the output of the shift register (201).
摘要翻译：一种用于校正由LFSR生成的速率一正交卷积码的接收信号中的误差的装置和方法，包括将接收的信号馈送（403）到多级移位寄存器（201）中。估计器（203,205,207,209,211,213和215）执行移位寄存器的一个级的估计，并且基于移位寄存器（201）的其他几个级的输出。这些估计被逐位地组合以提供用作移位寄存器（201）的输出的校正接收信号。

10. 发明授权

US5694473A Decryption of retransmitted data in an encrypted communication system 失效
标题翻译：在加密通信系统中重传数据的解密
公开(公告)号：US5694473A
公开(公告)日：1997-12-02
申请号：US650071
申请日：1996-05-17
申请人： Michael W. Bright , Scott J. Pappas , Kevin G. Doberstein
发明人： Michael W. Bright , Scott J. Pappas , Kevin G. Doberstein
IPC分类号： H04L9/00 , H04L1/16 , H04L1/18 , H04L9/18 , H04L9/22
CPC分类号： H04L9/0637 , H04L9/12 , H04L1/1809
摘要： A method of decrypting retransmitted parts of a message includes receiving (201) a message comprising encryption synchronization and a plurality of encrypted blocks. Until a first block of the plurality of encrypted blocks is received with error, a first keystream is generated (205) from the encryption synchronization and at least one of the plurality of encrypted blocks, and, using the first keystream, the plurality of encrypted blocks, received without error before the first block of the plurality of encrypted blocks is received with error, is decrypted (207). A priming block is determined (211) from the message. When the first block of the plurality of encrypted blocks is received with error, a second message is transmitted (219) requesting a retransmission of the first block. Upon receiving the retransmission of the first block without error, a second keystream is generated (223) from the priming block and the retransmission of the first block and decrypting the retransmission of the first block is decrypted (225) using the second keystream.
摘要翻译：解密消息的重传部分的方法包括接收（201）包括加密同步和多个加密块的消息。在错误地接收到多个加密块的第一块之前，从加密同步和多个加密块中的至少一个生成第一密钥流（205），并且使用第一密钥流来生成多个加密块在多个加密块的第一块被错误地接收之前没有错误地接收到，被解密（207）。从消息确定启动块（211）。当多个加密块的第一块被错误地接收时，发送第二消息（219）请求重发第一块。在没有错误地接收到第一块的重传时，从启动块生成第二密钥流（223），并且使用第二密钥流解密第一块的重传并解密第一块的重传。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式