专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2013128244A1 PREVENTION OF PLAYBACK ATTACKS USING OTP MEMORY 审中-公开
标题翻译：使用OTP内存防止回击攻击
公开(公告)号：WO2013128244A1
公开(公告)日：2013-09-06
申请号：PCT/IB2012/053074
申请日：2012-06-19
申请人： NDS LIMITED , BELENKY, Yaacov , SUMNER, Reuben
发明人： BELENKY, Yaacov , SUMNER, Reuben
IPC分类号： G06F21/24
CPC分类号： H04L9/3247 , G06F3/0679 , G06F21/64
摘要： A method for data security includes receiving, in a processor having a one-time programmable (OTP) memory, which includes multiple bits and has a current state defined by the bits of the OTP that have been programmed, new information to be written to a data memory. Based on the new information and the current state, at least one further bit of the OTP memory is selected to be programmed, thereby defining a new state of the OTP memory. A new digital signature is computed over the new information and the new state. The new information and the new digital signature are saved in the data memory. After saving the new information and the new digital signature in the data memory, the at least one further bit of the OTP memory is programmed, whereby the new state becomes the current state. Related apparatus and methods are also disclosed.
摘要翻译：一种用于数据安全的方法包括在具有一次可编程（OTP）存储器的处理器中接收包括多个位并具有由已被编程的OTP的位定义的当前状态的待写入的新信息数据存储器基于新信息和当前状态，选择OTP存储器的至少另外一个位进行编程，从而定义OTP存储器的新状态。对新信息和新状态计算新的数字签名。新的信息和新的数字签名被保存在数据存储器中。在将新信息和新的数字签名保存在数据存储器中之后，OTP存储器的至少另外一个位被编程，从而新的状态变为当前状态。还公开了相关的装置和方法。

2. 发明申请

WO2009156881A2 SECURITY WITHIN INTEGRATED CIRCUITS 审中-公开
标题翻译：在集成电路中的安全
公开(公告)号：WO2009156881A2
公开(公告)日：2009-12-30
申请号：PCT/IB2009/052135
申请日：2009-05-21
申请人： NDS LIMITED , SHEN-ORR, Chaim , SHKEDY, Zvi , ELBAUM, Reuven , SHLOMOVICH, Yonatan , SHAPIRO, Yigal , BELENKY, Yaacov , LEVY, Yaakov (Jordan) , SUMNER, Reuben , MANTIN, Itsik
发明人： SHEN-ORR, Chaim , SHKEDY, Zvi , ELBAUM, Reuven , SHLOMOVICH, Yonatan , SHAPIRO, Yigal , BELENKY, Yaacov , LEVY, Yaakov (Jordan) , SUMNER, Reuben , MANTIN, Itsik
IPC分类号： G06F21/00 , G06F21/02
CPC分类号： G06F21/60 , G06F21/79 , H04L9/003
摘要： A method for hindering detection of information unintentionally leaked from a secret held in a memory unit is described, the method including receiving a triggering event waiting for at least a first amount of time to pass after the receipt of the triggering event, the memory unit being in a non-operational state during the at least a first amount of time, after the at least a first amount of time has passed, changing at least one first condition under which the memory unit operates, thereby causing the memory unit to enter an operational state, waiting for a second amount of time to pass after the changing at least one first condition, and changing, after the second amount of time, at least one second condition under which the memory unit operates, thereby causing the memory unit to enter the non-operational state, wherein access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time. Related apparatus and methods are also described.
摘要翻译：描述了阻止从存储单元中保存的秘密泄漏的信息的检测的方法，所述方法包括在接收到触发事件之后接收等待至少第一时间量的触发事件以通过，所述存储单元为在所述至少第一时间量内处于非操作状态，在所述至少第一时间量过去之后，改变所述存储器单元在其下操作的至少一个第一状态，从而使所述存储器单元进入操作状态，等待改变至少一个第一条件之后经过的第二时间量，并且在所述第二时间量之后改变所述存储器单元操作的至少一个第二状态，从而使所述存储器单元进入非操作状态，其中仅在第二时间段期间启用对秘密信息的访问，并且在所述第二时间段期间无意中泄漏的秘密信息的检测受到限制第一次的时间。还描述了相关装置和方法。

3. 发明申请

WO2006043262A3 CERTIFICATE RENEWAL 审中-公开
公开(公告)号：WO2006043262A3
公开(公告)日：2006-04-27
申请号：PCT/IL2005/000957
申请日：2005-09-08
申请人： NDS LIMITED , SUMNER, Reuben , BELENKY, Yaacov
发明人： SUMNER, Reuben , BELENKY, Yaacov
IPC分类号： H04L9/00 , H04L9/08
摘要： An intermediate certificate authority (ICA) for a hierarchical certificate authority structure (HCAS), the HCAS having a plurality of levels, the levels including a root level, at least one intermediate level, and a leaf level, the root level having a root certificate authority, the ICA being in the at least one intermediate level, the ICA including a certificate receiving module to receive a first certificate signed by a certificate authority in a level above the level of the ICA, the first certificate certifying an aspect of the ICA,the first certificate having an expiration time, and a certificate signing module to sign a second certificate for a member of the HCAS, prior to the expiration time of the first certificate, such that the second certificate expires after the expiration time of the first certificate, the member being in a level below the level of the ICA, the second certificate certifying an aspect of the member. Related apparatus and methods are also described.

4. 发明申请

WO2007113802A2 KEY MANAGEMENT SYSTEM 审中-公开
标题翻译：关键管理系统
公开(公告)号：WO2007113802A2
公开(公告)日：2007-10-11
申请号：PCT/IL2007/000387
申请日：2007-03-25
申请人： NDS LIMITED , SHEN-ORR, Chaim , HIBSHOOSH, Eliphaz , BELENKY, Yaacov , ICKOWICZ, Gabi
发明人： SHEN-ORR, Chaim , HIBSHOOSH, Eliphaz , BELENKY, Yaacov , ICKOWICZ, Gabi
IPC分类号： G06F21/24
CPC分类号： H04N7/162 , H04N5/913 , H04N21/4405 , H04N21/4408 , H04N21/4623 , H04N2005/91364
摘要： A key management method including receiving content scrambled with a first scrambling algorithm (FSA), determining whether to descramble the content according to a first rule and producing a first result, only if the first result indicates that the content should be descrambled, descrambling the content according to an FSA control word, determining whether to apply a second scrambling algorithm (SSA) according to a second rule and producing a second result, and only if the second result indicates that the SSA should be applied, applying the SSA, the applying the SSA including re-scrambling according to a SSA control word, wherein the FSA control word changes at an FSA control word change time, and the method also includes changing the SSA control word in lockstep fashion with the FSA control word, such that each change of the FSA control word causes a change of the SSA control word. Related methods and apparatus are also described.
摘要翻译：一种密钥管理方法，包括：接收利用第一加扰算法（FSA）加扰的内容，根据第一规则确定是否解密该内容并产生第一结果，只有当第一结果指示该内容应被解扰时，对该内容进行解扰根据FSA控制字，确定是否根据第二规则应用第二加扰算法（SSA）并产生第二结果，并且仅当第二结果指示应用SSA时，应用SSA，应用 SSA包括根据SSA控制字的重新加扰，其中FSA控制字以FSA控制字改变时间改变，并且该方法还包括以FSA控制字的锁定方式改变SSA控制字，使得每个改变 FSA控制字导致SSA控制字的改变。还描述了相关方法和装置。

5. 发明申请

WO2007113787A3 CERTIFICATE IMPLEMENTATION SYSTEM 审中-公开
公开(公告)号：WO2007113787A3
公开(公告)日：2007-10-11
申请号：PCT/IL2007/000092
申请日：2007-01-25
申请人： NDS LIMITED , BELENKY, Yaacov , SHEN-ORR, Chaim
发明人： BELENKY, Yaacov , SHEN-ORR, Chaim
IPC分类号： H04L9/00 , H04K1/00 , H04K1/02
摘要： A certificate for use in a secure communication system that employs a public-key infrastructure (PKI) scheme is disclosed. The certificate includes: a certificate field including an indication of identity of a secure device to which the certificate pertains, a certificate field including a public key, and at least one of the following certificate fields: a certificate field including a level of security of a timer used in the secure communication system, a certificate field including a level of security of a non-volatile memory (NVM) of the secure device, a certificate field including a level of implementation of export to another secure communication system, a certificate field including an identification of at least one encryption mode supported by the secure device, and a certificate field including a rendering type specification. Related apparatus and methods are also disclosed.

6. 发明申请

WO2007110852A3 REVOCATION LIST IMPROVEMENT 审中-公开
公开(公告)号：WO2007110852A3
公开(公告)日：2007-10-04
申请号：PCT/IL2006/001151
申请日：2006-10-03
申请人： NDS LIMITED , SHEN-ORR, Chaim , LEVY, Yaacov (Jordan) , BELENKY, Yaacov
发明人： SHEN-ORR, Chaim , LEVY, Yaacov (Jordan) , BELENKY, Yaacov
IPC分类号： H04L9/00
摘要： A method for enforcing use of certificate revocation lists [figure 4, CRL 14] in validating certificates, the lists being associated with a series of list generation indices such that each list is assigned one index which advances according to a time of generation of the list, the lists and the indices being cryptographically signed, the method including receiving one of the lists and an associated index as an identifier of the one list, checking the certificates against the list, associating each of the certificates, which have been checked against the list, with the index, receiving an enforcement generation index (EGI) associated with a latest list in us.e, storing the EGI as a last known EGI, and refusing performance of an action associated with a certificate if the one index of the one certificate is earlier in the series than the last known EGI. Related apparatus and methods are also included.

7. 发明申请

WO2007107976A3 PERIOD KEYS 审中-公开
公开(公告)号：WO2007107976A3
公开(公告)日：2007-09-27
申请号：PCT/IL2007/000083
申请日：2007-01-22
申请人： NDS LIMITED , BELENKY, Yaacov
发明人： BELENKY, Yaacov
IPC分类号： H04L9/00 , H04K1/00
摘要： A method for securing encryption keys is described, the method including providing a first device and a second device (110 and 120), the devices include secure and insecure hardware, generating in the secure hardware at least two period keys (150-165), generating in the secure hardware a plurality of session keys (170a-190a and 170b-190b), the session keys being stored in either the secure hardware or the insecure hardware, encrypting at least one of the plurality of session keys generated in the device according to a first of the two period keys (150-165) included in the secure hardware, encrypting at least one of the plurality of session keys (170a-190a and 170b-190b), generated according to a second of the two period keys (150-165), wherein the at least two period keys (150-165) included in the first device and the at least two period keys (150-165) included in the second device are periodically regenerated in order to produce new period keys (150-165), thereby rendering useless any session keys (170a-190a and 170b-190b) encrypted according to an old period key.

8. 发明申请

WO2011114197A1 DATA EXPANSION USING AN APPROXIMATE METHOD 审中-公开
标题翻译：数据扩展使用近似方法
公开(公告)号：WO2011114197A1
公开(公告)日：2011-09-22
申请号：PCT/IB2010/054257
申请日：2010-09-21
申请人： NDS LIMITED , BELENKY, Yaacov
发明人： BELENKY, Yaacov
IPC分类号： H04L9/08 , H04L9/30
CPC分类号： H04L9/3263 , H04L9/0897 , H04L9/3093
摘要： A method for computation is described, the method including configuring a processor to expand input seed values into respective output data values using an approximated expansion process such that the output data values are not guaranteed to satisfy a required output data criterion, selecting a seed value so that an output data value generated by the processor by application of the approximated expansion process to the selected seed value will yield an output data value that satisfies the required output data criterion, and storing the selected seed value in a non-volatile memory to be accessed by the processor. Related apparatus and systems are also described.
摘要翻译：描述了一种用于计算的方法，所述方法包括配置处理器以使用近似扩展处理将输入种子值扩展为相应的输出数据值，使得输出数据值不能保证满足所需的输出数据标准，从而选择种子值由处理器通过将所接近的扩展处理应用于选择的种子值而产生的输出数据值将产生满足所需输出数据准则的输出数据值，并将所选择的种子值存储在要访问的非易失性存储器中由处理器。还描述了相关装置和系统。

9. 发明申请

WO2006117775A3 NATIVE SCRAMBLING SYSTEM 审中-公开
公开(公告)号：WO2006117775A3
公开(公告)日：2006-11-09
申请号：PCT/IL2006/000367
申请日：2006-03-22
申请人： NDS LIMITED , SHEN-ORR, Chaim , HIBSHOOSH, Eliphaz , BELENKY, Yaacov , LEVY, Jordan
发明人： SHEN-ORR, Chaim , HIBSHOOSH, Eliphaz , BELENKY, Yaacov , LEVY, Jordan
IPC分类号： H04L9/00
摘要： A system for scrambling / descrambling packets of a stream of content, each packet having a must stay clear (MSC) section, the system including an input handler including a receiving module to receive the stream, a characteristic analyzer to analyze the stream in order to determine a data independent characteristic of each packet, and a scrambling / descrambling device operationally associated with the input handler (figure 1, unit 12), the scrambling / descrambling device (figure 1, unit 14) including a receiving module to receive the data independent characteristic for each packet from the input handler, and an Initial Value module to determine a Initial Value for each packet as a function of the data independent characteristic of one of the packets being processed, wherein the scrambling / descrambling device is adapted to scramble and/or descramble the packets based on the Initial Value and a Control Word. Related apparatus and methods are included.

10. 发明申请

WO2006018826A1 SYSTEM FOR PROXIMITY DETERMINATION 审中-公开
标题翻译：遗传决定系统
公开(公告)号：WO2006018826A1
公开(公告)日：2006-02-23
申请号：PCT/IL2005/000499
申请日：2005-05-11
申请人： NDS LIMITED , SHEN-ORR, Chaim, D. , HIBSHOOSH, Eliphaz , BELENKY, Yaacov
发明人： SHEN-ORR, Chaim, D. , HIBSHOOSH, Eliphaz , BELENKY, Yaacov
IPC分类号： G06F15/00
CPC分类号： H04L63/0823 , G06F21/33 , G06F2221/2103 , G06F2221/2111 , G06F2221/2129 , H04L63/0428 , H04L63/06 , H04W12/02 , H04W12/04 , H04W12/06 , H04W24/00
摘要： A method for determining proximity between a first device and a second device, the method comprising providing a first device storing a first device private key, the first device having an associated secure first device certificate storing secured information, the secured information comprising a first device public key corresponding to the first device private key, providing a second device storing a second device private key, the second device having an associated secure second device certificate storing secured information, the secured information comprising a second device public key corresponding to the second device private key, and a second device processing delay, providing a copy of the second device certificate to the first device, establishing a secure authenticated channel between the first device and the second device, sending a proximity challenge from the first device to the second device, the proximity challenge including a numeric challenge value, receiving the proximity challenge at the second device, processing the proximity challenge at the second device to produce the response to the proximity challenge, and sending the response to the proximity challenge from the second device to the first device, receiving the response to the proximity challenge at the first device, and performing the following at the first device verifying, at the first device, that the response to the proximity challenge is legitimate, determining a gross time between sending the proximity challenge and receiving the response to the proximity challenge, subtracting the second device processing delay from the gross time to produce a net response time, and comparing the net response time to a first threshold and determining whether the first device and the second device are in proximity based on a result of the comparing. Related methods and apparatus are also described.
摘要翻译：一种用于确定第一设备和第二设备之间的接近度的方法，所述方法包括提供存储第一设备私钥的第一设备，所述第一设备具有存储安全信息的相关联的安全第一设备证书，所述安全信息包括第一设备公共密钥对应于第一设备私钥，提供存储第二设备专用密钥的第二设备，第二设备具有存储安全信息的相关联的安全第二设备证书，所述安全信息包括与第二设备专用密钥对应的第二设备公钥以及第二设备处理延迟，将第二设备证书的副本提供给第一设备，在第一设备和第二设备之间建立安全认证信道，从第一设备向第二设备发送接近质询，接近度挑战包括数字挑战价值，接受近似处理在第二设备处的接近度挑战，以产生对接近度挑战的响应，以及将响应发送到从第二设备到第一设备的接近挑战，接收对接近挑战的响应第一设备，并且在第一设备处，在第一设备处，验证对接近度挑战的响应是合法的，确定发送邻近度挑战和接收到接近质疑的响应之间的总时间，然后减去第二设备处理从总时间的延迟以产生净响应时间，以及将净响应时间与第一阈值进行比较，并且基于比较的结果来确定第一设备和第二设备是否处于接近状态。还描述了相关方法和装置。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式