专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2007035461A2 CHANGING STATES OF COMMUNICATION LINKS IN COMPUTER NETWORKS IN AN AUTHENTICATED MANNER 审中-公开
标题翻译：计算机网络中的通信链接更改状态
公开(公告)号：WO2007035461A2
公开(公告)日：2007-03-29
申请号：PCT/US2006/035967
申请日：2006-09-14
申请人： NTT DOCOMO INC. , GENTRY, Craig, B. , MACKENZIE, Philip , RAMZAN, Zulfikar, Amin
发明人： GENTRY, Craig, B. , MACKENZIE, Philip , RAMZAN, Zulfikar, Amin
IPC分类号： G06F13/28
CPC分类号： H04L63/065 , H04L63/08
摘要： A protocol for closing all active communication links between one device (110.1) and one or more other devices in a group provides that the first device sets up the group by generating an input to a predefined function (e.g. one-way function) according to some random distribution, computing the output of the one-way function, and sharing the output value with all other devices in the group. Then to close all communication links, the first device broadcasts the stored input to all other devices in the group. The other devices may check that the one-way function applied to this input results in the shared output value, and if so, close the communication link.
摘要翻译：用于关闭一个设备（110.1）和一组中的一个或多个其他设备之间的所有活动通信链路的协议规定，第一设备通过根据一些设备（110.1）生成到预定义功能（例如，单向功能）的输入来建立组随机分配，计算单向函数的输出，并与组中的所有其他设备共享输出值。然后关闭所有通信链路，第一个设备将存储的输入广播到组中的所有其他设备。其他设备可以检查应用于该输入的单向功能是否产生共享输出值，如果是，则关闭通信链路。

2. 发明申请

WO2006119358A2 SECURE ADDRESS PROXYING USING MULTI-KEY CRYPTOGRAPHICALLY GENERATED ADDRESSES 审中-公开
标题翻译：使用多关键生成地址进行安全地址代理
公开(公告)号：WO2006119358A2
公开(公告)日：2006-11-09
申请号：PCT/US2006/016970
申请日：2006-05-02
申请人： NTT DOCOMO INC. , GENTRY, Craig B. , KEMPF, James
发明人： GENTRY, Craig B. , KEMPF, James
IPC分类号： G06F15/16
CPC分类号： H04L61/2015 , H04L29/12 , H04W8/26 , H04W80/04
摘要： A method allows Internet Protocol version 6 (IPv6) nodes that use Mobile IPv6 for mobility management, or DHCP for address provisioning, to securely claim and defend their network addresses themselves or through proxies using the SEND protocol. The network node may also sign and verify a message that claims and defends a network address. The network address to be claimed and defended may be either autoconfigured or obtained from a server using the DHCPv6 protocol. If the MCGA is generated by a mobile IPv6 node as a mobile IPv6 home address, the MCGA can be securely proxied by the mobile IPv6 home agent after the mobile node has left the home link. However, if the MCGA is generated as a mobile IPv6 care-of address by a mobile IPv6 node while on a foreign subnet, the MCGA can be securely proxied by the current or new access router, before the mobile node arrives on the link and after it has left the link, respectively.
摘要翻译：一种方法允许使用移动IPv6进行移动性管理的Internet协议版本6（IPv6）节点，或者用于地址配置的DHCP可以自己安全地声称和保护自己的网络地址，或通过使用SEND协议的代理来保护自己的网络地址。网络节点还可以签署和验证声称和捍卫网络地址的消息。要声明和辩护的网络地址可以是自动配置的，也可以使用DHCPv6协议从服务器获取。如果MCGA由移动IPv6节点生成为移动IPv6归属地址，则在移动节点离开主链路之后，MCGA可以由移动IPv6归属代理安全地代理。然而，如果MCGA在外部子网上由移动IPv6节点生成为移动IPv6转交地址，则在移动节点到达链路之前，MCGA可以由当前或新的接入路由器安全地代理，它已分别离开了链接。

3. 发明申请

WO2006066143A2 MULTI-CERTIFICATE REVOCATION USING ENCRYPTED PROOF DATA FOR PROVING CERTIFICATE'S VALIDITY OR INVALIDITY 审中-公开
标题翻译：使用加密证书数据提供证书的有效性或无效的多证书撤销
公开(公告)号：WO2006066143A2
公开(公告)日：2006-06-22
申请号：PCT/US2005/045798
申请日：2005-12-16
申请人： NTT DOCOMO, INC. , RAMZAN, Zulfikar, Amin , GENTRY, Craig, B. , BRUHN, Bernhard
发明人： RAMZAN, Zulfikar, Amin , GENTRY, Craig, B. , BRUHN, Bernhard
IPC分类号： G06F12/14
CPC分类号： G06F21/33 , H04L9/0836 , H04L9/3268 , H04L2209/56 , H04L2209/805
摘要： A certification authority (CA, 120) generates decryption key data (K' F ) for each set (F) in the complement cover (804) for a plurality of digital certificates. The CA encrypts all or a portion of the validity proof data (c j (i)) for each digital certificate (140.i) for each time period j for which the validity proof is to be provided. For each certificate, the decryption can be performed with decryption keys (K,,;) that can be obtained from the decryption key data (K' F ) for any set containing the certificate. The CA distributes the encrypted portions of the validity proof data to prover systems that will provide validity proofs in the periods j. To perform certificate re-validation in a period j, the CA constructs the complement cover for the set of the revoked certificates, and distributes the decryption key data (K'F) for the sets in the complement cover. In some embodiments, for each period j, the decryption keys (K i ) are also a function of the decryption key data provided for the preceding periods of time. Therefore, to perform the re-validation, the CA constructs the complement cover not for the set of all the revoked certificates but only for the set of the certificates revoked in the previous period j-1. The complement cover size can therefore be reduced. Other features and embodiments are also provided.
摘要翻译：认证机构（CA，120）生成解密密钥数据（K'<！ - SIPO

4. 发明申请

WO2006024042A2 PROVISIONAL SIGNATURE SCHEMES 审中-公开
标题翻译：临时签名方案
公开(公告)号：WO2006024042A2
公开(公告)日：2006-03-02
申请号：PCT/US2005/030850
申请日：2005-08-29
申请人： NTT DOCOMO, INC. , GENTRY, Craig, B. , MOLNAR, David , RAMZAN, Zulfikar, Amin
发明人： GENTRY, Craig, B. , MOLNAR, David , RAMZAN, Zulfikar, Amin
IPC分类号： H04L9/32
CPC分类号： H04L9/3218 , H04L9/3013 , H04L9/3066 , H04L9/3257 , H04L2209/42 , H04L2209/56
摘要： A method and apparatus for implementing portions of a provisional signature scheme are disclosed. In one embodiment, the method comprises creating a provisional signature by performing an operation on a message and completing the provisional signature to create a final signature on the message. Such a scheme may be used for server assisted signature schemes, designated confirmer signature schemes and blind signature schemes.
摘要翻译：公开了一种用于实现临时签名方案的部分的方法和设备。在一个实施例中，该方法包括通过对消息执行操作并完成临时签名以在消息上创建最终签名来创建临时签名。这样的方案可以用于服务器辅助签名方案，指定的确认者签名方案和盲签名方案。

5. 发明申请

WO2005017809A3 METHOD AND APPARATUS FOR AUTHENTICATION OF DATA STREAMS WITH ADAPTIVELY CONTROLLED LOSSES 审中-公开
标题翻译：用于使用自适应控制损失验证数据流的方法和装置
公开(公告)号：WO2005017809A3
公开(公告)日：2005-09-22
申请号：PCT/US2004025513
申请日：2004-08-04
申请人： DOCOMO COMM LAB USA INC , GENTRY CRAIG B , HEVIA ALEJANDRO , JAIN RAVI KUMAR , KAWAHARA TOSHIRO , RAMZAN ZULFIKAR AMIN
发明人： GENTRY CRAIG B , HEVIA ALEJANDRO , JAIN RAVI KUMAR , KAWAHARA TOSHIRO , RAMZAN ZULFIKAR AMIN
IPC分类号： G06K20060101 , H04L9/00
CPC分类号： H04L9/3242 , G11B20/00086 , G11B20/0021 , H04L9/3247 , H04L2209/30 , H04L2209/34 , H04L2209/38 , H04L2209/80 , H04N7/1675
摘要： Methods, components, and systems for efficient authentication, either through a digital signature or message authentication codes, and verification of a digital stream sent from a source (505) to a receiver via zero or more intermediaries (503), such that the source (501) or intermediary (503) (or both) can remove certain portions of the data stream without inhibiting the ability of the ultimate receiver to verify the authenticity and integrity of the data received. According to the invention, a source (501) may sign an entire data stream once, but may permit either itself or an intermediary to efficiently remove certain portions of the stream before transmitting the stream to the ultimate recipient (505), without having to re-sign the entire stream. Applications may include the signing of media streams which often need to be further processed to accommodate the resource requirements of a particular environment. Another application allows an intermediary to choose an advertisement to include in a given slot.
摘要翻译：通过数字签名或消息认证码，以及通过零个或多个中介（503）从源（505）发送到接收者的数字流的验证，用于有效认证的方法，组件和系统，使得源 501）或中介（503）（或两者）可以移除数据流的某些部分，而不会阻碍最终接收者验证接收到的数据的真实性和完整性的能力。根据本发明，源（501）可以对整个数据流进行一次签名，但是可以允许其本身或中间人在将流发送到最终接收者（505）之前有效地去除该流的某些部分，而无需重新 - 分配整个流。应用可以包括经常需要进一步处理以适应特定环境的资源需求的媒体流的签名。另一个应用允许中间人选择一个广告以包含在给定的时隙中。

6. 发明申请

WO2005017809A2 METHOD AND APPARATUS FOR AUTHENTICATION OF DATA STREAMS WITH ADAPTIVELY CONTROLLED LOSSES 审中-公开
标题翻译：用于使用自适应控制损失验证数据流的方法和装置
公开(公告)号：WO2005017809A2
公开(公告)日：2005-02-24
申请号：PCT/US2004/025513
申请日：2004-08-04
申请人： DOCOMO COMMUNICATIONS LABORATORIES USA, INC. , GENTRY, Craig, B. , HEVIA, Alejandro , JAIN, Ravi Kumar , KAWAHARA, Toshiro , RAMZAN, Zulfikar, Amin
发明人： GENTRY, Craig, B. , HEVIA, Alejandro , JAIN, Ravi Kumar , KAWAHARA, Toshiro , RAMZAN, Zulfikar, Amin
IPC分类号： G06K
CPC分类号： H04L9/3242 , G11B20/00086 , G11B20/0021 , H04L9/3247 , H04L2209/30 , H04L2209/34 , H04L2209/38 , H04L2209/80 , H04N7/1675
摘要： Methods, components, and systems for efficient authentication, either through a digital signature or message authentication codes, and verification of a digital stream sent from a source to a receiver via zero or more intermediaries, such that the source or intermediary (or both) can remove certain portions of the data stream without inhibiting the ability of the ultimate receiver to verify the authenticity and integrity of the data received. According to the invention, a source may sign an entire data stream once, but may permit either itself or an intermediary to efficiently remove certain portions of the stream before transmitting the stream to the ultimate recipient, without having to re-sign the entire stream. Applications may include the signing of media streams which often need to be further processed to accommodate the resource requirements of a particular environment. Another application allows an intermediary to choose an advertisement to include in a given slot.
摘要翻译：无论是通过数字签名还是消息认证码，以及通过零个或多个中间人从源向接收者发送的数字流的验证，使得源或中介（或两者）可以进行有效认证的方法，组件和系统删除数据流的某些部分，而不会妨碍最终接收方验证所接收数据的真实性和完整性的能力。根据本发明，源可以对整个数据流进行一次签名，但是可以允许其本身或中间人在将流发送到最终接收者之前有效地去除流的某些部分，而无需重新签署整个流。应用可以包括经常需要进一步处理以适应特定环境的资源需求的媒体流的签名。另一个应用允许中间人选择一个广告以包含在给定的时隙中。

7. 发明申请

WO2004107635A3 BROADCAST ENCRYPTION USING RSA 审中-公开
标题翻译：使用RSA进行广播加密
公开(公告)号：WO2004107635A3
公开(公告)日：2005-01-27
申请号：PCT/US2004015946
申请日：2004-05-21
申请人： DOCOMO COMM LAB USA INC , GENTRY CRAIG B , RAMZAN ZULFIKAR AMIN
发明人： GENTRY CRAIG B , RAMZAN ZULFIKAR AMIN
IPC分类号： H04L9/08 , H04L9/30 , H04L9/00
CPC分类号： H04H60/23 , H04L9/0836 , H04L9/302 , H04L2209/601
摘要： Methods, components and systems for implementing secure and efficient broadcast encryption schemes with configurable and practical tradeoffs among a pre-broadcast transmission bandwidth t, a key storage cost k, and a key derivation cost c, in which the schemes use subtree difference and key decomposition to generate secondary keys, use the secondary keys to encrypt the broadcast and generate ciphertexts, and use the RSA encryption scheme to implement derivability between the primary keys and the secondary keys. To decrypt the broadcast, a privileged user uses one of its primary keys to derive a secondary key, which is used to decrypt the broadcast. The product of key derivation cost c and the key storage cost k is at most (2a - log a - 2)loga n, when n is the number of users, 1 , and revoked users r
摘要翻译：用于实现安全和有效的广播加密方案的方法，组件和系统，其中广播传输带宽t，密钥存储成本k和密钥导出成本c之间具有可配置和实际的权衡，其中方案使用子树差分和密钥分解生成辅助密钥，使用辅助密钥加密广播并生成密文，并使用RSA加密方案来实现主密钥和次密钥之间的派生。为了对广播进行解密，特权用户使用其主键之一来导出用于解密广播的辅助密钥。密钥导出成本c和密钥存储成本k的乘积最多为（2a-log a-2）loga n，当n为用户数时，1 <= b <= LOGn，a = 2 并撤销用户r

8. 发明申请

WO2011123418A1 AN EFFICIENT HOMOMORPHIC ENCRYPTION SCHEME FOR BILINEAR FORMS 审中-公开
标题翻译：有效的双子格式加密方案
公开(公告)号：WO2011123418A1
公开(公告)日：2011-10-06
申请号：PCT/US2011/030276
申请日：2011-03-29
申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION , GENTRY, Craig, B. , HALEVI, Shai , VAIKUNTANATHAN, Vinod
发明人： GENTRY, Craig, B. , HALEVI, Shai , VAIKUNTANATHAN, Vinod
IPC分类号： G06F17/14
CPC分类号： H04L9/30 , H04L9/008 , H04L9/0861 , H04L9/3093 , H04L2209/08 , H04L2209/24
摘要： In one exemplary embodiment, a computer readable storage medium tangibly embodying a program of instructions executable by a machine for performing operations including: receiving information B to be encrypted as a ciphertext C in accordance with an encryption scheme having an encrypt function; and encrypting B in accordance with the encrypt function to obtain C, the scheme utilizes a public key A, where B, C, and A are matrices, the encrypt function receives as inputs A and B and outputs C as C ∼ AS + p X + B(mod q ), S is a random matrix, X is an error matrix, p is in integer, q is an odd prime number. In other exemplary embodiments, the encryption scheme includes a decrypt function that receives as inputs at least one private key T (a matrix) and C and outputs B as B = T -1 · (TCT t mod q ) . (Τ') -1 mod p .
摘要翻译：在一个示例性实施例中，一种有形地体现由机器执行的用于执行操作的指令程序的计算机可读存储介质，包括：根据具有加密功能的加密方案，接收要加密的信息B作为密文C; 并根据加密函数对B进行加密以获得C，该方案利用公钥A，其中B，C和A是矩阵，加密函数接收作为输入A和B，并将C输出为C〜AS + pX + B（mod q），S是随机矩阵，X是误差矩阵，p是整数，q是奇素数。在其他示例性实施例中，加密方案包括解密功能，其接收作为输入的至少一个私钥T（矩阵）和C，并将B输出为B = T-1·（TCTt mod q）。（？'） - 1 mod p。

9. 发明申请

WO2006119358A3 SECURE ADDRESS PROXYING USING MULTI-KEY CRYPTOGRAPHICALLY GENERATED ADDRESSES 审中-公开
标题翻译：使用多关键生成地址进行安全地址代理
公开(公告)号：WO2006119358A3
公开(公告)日：2007-10-11
申请号：PCT/US2006016970
申请日：2006-05-02
申请人： NTT DOCOMO INC , GENTRY CRAIG B , KEMPF JAMES
发明人： GENTRY CRAIG B , KEMPF JAMES
IPC分类号： H04L12/66 , H04L9/00 , H04W8/26 , H04W80/04
CPC分类号： H04L61/2015 , H04L29/12 , H04W8/26 , H04W80/04
摘要： A method allows Internet Protocol version 6 (IPv6) nodes that use Mobile IPv6 for mobility management, or DHCP for address provisioning, to securely claim and defend their network addresses themselves or through proxies using the SEND protocol (103). The network node may also sign and verify a message that claims and defends a network address (107). The network address to be claimed and defended may be either autoconfigured or obtained from a server using the DHCPv6 protocol (104). If the MCGA is generated by mobile IPv6 node as a mobile IPv6 home address, the MCGA can be securely proxied by the mobile IPv6 home agent after the mobile node has left the home link. However, if the MCGA is generated as a mobile IPv6 care-of-address by a mobile IPv6 node while on a foreign subnet, the MCGA can be securely proxied by the current or new access router, before the mobile node arrives on the link and after it has left the link, respectively.
摘要翻译：一种方法允许使用移动IPv6进行移动性管理的Internet协议版本6（IPv6）节点，或者用于地址配置的DHCP来自己安全地声称和保护自己的网络地址，或通过代理使用SEND协议（103）。网络节点还可以签署并验证声称和捍卫网络地址的消息（107）。要声明和辩护的网络地址可以是使用DHCPv6协议的服务器自动配置或获取（104）。如果MCGA由移动IPv6节点生成为移动IPv6归属地址，则在移动节点离开主链路之后，MCGA可以被移动IPv6归属代理安全地代理。然而，如果MCGA在外部子网上由移动IPv6节点生成为移动IPv6转交地址，则在移动节点到达链路之前，MCGA可以由当前或新的接入路由器安全地代理，分别已经离开了链接。

10. 发明申请

WO2007079291A2 GENERATION OF SET COVERINGS WITH FREE RIDERS, AND GENERATION OF ORDERED SETS OF MEETING POINTS, IN SYSTEMS WHICH INCLUDE, BUT ARE NOT LIMITED TO, SYSTEMS FOR BROADCAST ENCRYPTION AND SYSTEMS FOR CERTIFICATE REVOCATION 审中-公开
标题翻译：产生无盖骑手的套装，以及订单会议点的生成，包括但不限于广播加密和系统进行证书转让的系统
公开(公告)号：WO2007079291A2
公开(公告)日：2007-07-12
申请号：PCT/US2006061166
申请日：2006-11-21
申请人： NTT DOCOMO INC , GENTRY CRAIG B , RAMZAN ZULFIKAR AMIN , WOODRUFF DAVID P
发明人： GENTRY CRAIG B , RAMZAN ZULFIKAR AMIN , WOODRUFF DAVID P
IPC分类号： H04L9/00
CPC分类号： H04L9/0822 , H04L9/3265 , H04L9/3268 , H04L2209/601
摘要： In a broadcast encryption scheme, an optimal or near-optimal set covering CV( f,P) is computed for a set P of privileged users and at most a predefined number f of revoked users ("free riders"). The covering consists of elements of a predefined set cover CC(U) for the set of all users U. The covering is computed by finding optimal or near-optimal coverings for privileged users for CC(U) elements that are proper subsets of U. More particularly, possible assignments of free riders to the subsets are examined, and an assignment is selected to fit an optimality criterion for the total set covering. In some embodiments, only "meeting point" elements of CC(U) are fully examined. A meeting point is an element containing at least two "immediate child" elements each of which contains a revoked user. An immediate child of a "parent" element is a proper subset of the parent with no intermediate elements (no elements containing the child as a proper subset and itself being a proper subset of the parent). An ordered list MP of meeting points is computed efficiently. The list is ordered by the number of elements in a chain from the meeting point to the root. The complete-subtree method is used in some embodiments. The methods have applications besides broadcast encryption, e.g. certificate revocation.
摘要翻译：在广播加密方案中，针对特权用户的集合P以及最多已被撤销的用户（“免费乘客”）的预定数量f计算覆盖CV（f，P）的最佳或接近最佳的集合。覆盖由用于所有用户U的集合的预定义集合封闭CC（U）的元素组成。通过为作为U的适当子集的CC（U）元素找到用于特权用户的优化或近似最佳覆盖来计算覆盖。更具体地说，检查可用的分配给子集的自由车手，并且选择一个分配以适合总集合覆盖的最优性准则。在一些实施例中，仅完全检查CC（U）的“会合点”元素。会议点是包含至少两个“直接子”“元素的元素，每个元素包含撤销的用户。 “父”元素的直接子代是没有中间元素的父类的正确子集（不包含子元素作为适当子集的子元素，并且本身是母体的正确子集）。有效地计算会议点的有序列表MP。列表由从会合点到根的链中的元素数量排序。在一些实施例中使用完全子树方法。除了广播加密之外，这些方法还具有应用。证书撤销。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式