专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2008080414A1 METHOD AND SYSTEM FOR BIOMETRIC AUTHENTICATION AND ENCRYPTION 审中-公开
标题翻译：用于生物识别和加密的方法和系统
公开(公告)号：WO2008080414A1
公开(公告)日：2008-07-10
申请号：PCT/EP2006/012562
申请日：2006-12-28
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan , BALTATU, Madalina
发明人： GOLIC, Jovan , BALTATU, Madalina
IPC分类号： H04L9/32
CPC分类号： H04L9/0866 , G06K9/00288 , G07C9/00158 , H04L9/3231 , H04L2209/08 , H04L2209/34
摘要： Disclosed herein is a biometric user authentication method, comprising enrolling a user based on user's biometric samples to generate user's reference data; and authenticating the user based on a user's live biometric sample and the user's reference data; wherein enrolling a user includes acquiring the user's biometric samples; extracting an enrollment feature vector (x j ) from each user's biometric sample; computing a biometric reference template vector as a mean vector (x) based on the enrollment feature vectors (x j ); computing a variation vector (g) based on the enrollment feature vectors (x j ) and the mean vector (x); randomly generating an enrollment secret vector (s); computing an enrollment code vector (z) based on the enrollment secret vector (s) and the variation vector (g); computing a difference vector (w) as a wrap-around difference between the enrollment code vector (z) and the mean vector (x); computing an error correction vector (p) based on the enrollment secret vector (s) to enable error correction during the user authentication phase according to a given error tolerance level (e), wherein the error correction vector is not computed if the error tolerance level is equal to zero; and storing the variation vector (q), the difference vector (w), and the error correction vector (p) as a part of the user's reference data to be used during the user authentication phase.
摘要翻译：本文公开了一种生物特征用户认证方法，包括基于用户的生物特征样本登记用户以生成用户的参考数据; 以及基于用户的实时生物特征样本和用户的参考数据来认证用户; 其中登记用户包括获取所述用户的生物特征样本; 从每个用户的生物测定样本中提取注册特征向量（x∈J）; 基于所述注册特征向量（x> j），将生物测定参考模板向量计算为平均向量（x）; 基于所述注册特征向量（x N j）和所述平均向量（x）计算变量向量（g）; 随机生成登记秘密向量; 基于所述登记秘密向量和所述变化向量（g）计算登记码矢量（z）; 将差分矢量（w）计算为注册码矢量（z）和平均矢量（x）之间的环绕差; 基于所述注册秘密向量来计算纠错向量（p），以在根据给定的误差容许度（e）的用户认证阶段期间能够进行纠错，其中如果误差容限等级等于零; 并将变化矢量（q），差矢量（w）和误差校正矢量（p）存储为在用户认证阶段期间要使用的用户参考数据的一部分。

2. 发明申请

WO2006015625A1 METHOD AND APPARATUS FOR GENERATING RANDOM DATA 审中-公开
标题翻译：用于生成随机数据的方法和装置
公开(公告)号：WO2006015625A1
公开(公告)日：2006-02-16
申请号：PCT/EP2004/051747
申请日：2004-08-09
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： G06F7/58
CPC分类号： G06F7/582 , G06F7/584
摘要： An apparatus for generating random data, comprising a raw random sequence source (105) adapted to generate a raw random sequence (RRBS) and a digital post processor (110) adapted to process said raw random sequence to generate said random data (PRBS), wherein said digital post-processor (110) comprises a synchronous fmite state machine (115) having at least one input adapted to repeatedly receive a current value of said raw random sequence and at least one output to provide a current output value (OS) depending on previous values of said raw random sequence.
摘要翻译：一种用于产生随机数据的装置，包括适于生成原始随机序列（RRBS）的原始随机序列源（105）和适于处理所述原始随机序列以生成所述随机数据（PRBS）的数字后处理器（110）其中所述数字后处理器（110）包括具有至少一个输入的同步状态机（115），所述至少一个输入适于重复地接收所述原始随机序列的当前值和至少一个输出，以提供依赖于当前输出值对于所述原始随机序列的先前值。

3. 发明申请

WO2008064704A1 METHOD AND DEVICE FOR PREVENTING INFORMATION LEAKAGE ATTACKS ON A DEVICE IMPLEMENTING A CRYPTOGRAPHIC FUNCTION 审中-公开
标题翻译：用于防止信号泄漏攻击的方法和装置实现色彩功能的装置
公开(公告)号：WO2008064704A1
公开(公告)日：2008-06-05
申请号：PCT/EP2006/011490
申请日：2006-11-30
申请人： TELECOM ITALIA S.P.A , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： G06F7/72 , G06F7/76 , H04L9/06
CPC分类号： G06F7/764 , G06F2207/7238 , H04L9/003 , H04L2209/046 , H04L2209/08 , H04L2209/12
摘要： A method for preventing information leakage attacks during execution of a cryptographic function performing random masking of a multiplexer operation XOR masking a first binary word in a bitwise way, to obtain a masked first binary word; arithmetic random masking a second binary word to obtain a masked second binary word, wherein the arithmetic random masking is either arithmetic subtraction or arithmetic addition operation; rotating the bits in the masked first binary word a number of positions to the left or to the right to obtain a rotated masked first binary word, wherein the number of positions is related to an integer value expressed by the arithmetic random mask; selecting a bit of the rotated masked first binary word as in the multiplexer operation based on a value of the masked second binary word. In particular, said first binary word may define a truth table of a Boolean function.
摘要翻译：一种用于在执行执行多路复用器操作的随机屏蔽的加密功能期间防止信息泄漏攻击的方法，以逐位的方式对第一二进制字进行掩蔽，以获得屏蔽的第一二进制字; 算术随机屏蔽第二二进制字以获得掩蔽的第二二进制字，其中所述算术随机屏蔽是算术减法或算术加法运算; 将掩蔽的第一二进制字中的位旋转到左或右的多个位置以获得旋转的屏蔽的第一二进制字，其中位置数与由算术随机掩码表示的整数值相关; 基于被掩蔽的第二二进制字的值，在多路复用器操作中选择旋转的被屏蔽的第一二进制字的位。特别地，所述第一二进制字可以定义布尔函数的真值表。

4. 发明申请

WO2007048430A1 A METHOD FOR SCALAR MULTIPLICATION IN ELLIPTIC CURVE GROUPS OVER BINARY POLYNOMIAL FIELDS FOR SIDE-CHANNEL ATTACK-RESISTANT CRYPTOSYSTEMS 审中-公开
标题翻译：用于侧通道抗撞击性能的二次聚合域的椭圆曲线集合中的标量多项式的方法
公开(公告)号：WO2007048430A1
公开(公告)日：2007-05-03
申请号：PCT/EP2005/011567
申请日：2005-10-28
申请人： TELECOM ITALIA S.p.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： G06F7/72
CPC分类号： G06F7/726 , G06F7/725 , G06F2207/7261
摘要： A method for transforming data with a secret parameter in an elliptic curve cryptosystem based on an elliptic curve defined over an underlying binary polynomial field, the method comprising multiplying a point of the elliptic curve, representing the data to be transformed, by a scalar representing the secret parameter, wherein the multiplying includes performing at least one point addition operation and at least one point doubling operation on points of the elliptic curve. The point addition operation comprises a first sequence of elementary field operations, and the point doubling operation comprises a second sequence of elementary field operations, both the first and the second sequences of elementary field operations including a field inversion of coordinates of the elliptic curve points. A representation of the elliptic curve points in affine coordinates is provided and the first and second sequences of elementary field operations are balanced. The field inversion of coordinates is performed by the Extended Euclidean Algorithm and the balancing includes balancing the Extended Euclidean Algorithm by adding at least one dummy operation. In particular, the balancing of the Extended Euclidean Algorithm includes: after comparing respective degrees of two binary polynomials being iteratively processed in the algorithm, performing a same sequence of operations regardless of the result of said comparing. A device (305) is also provided, for transforming data with a secret parameter, comprising an integrated circuit (315) adapted to perform the above mentioned method. Circuit (315) implements a cryptosystem (317) including a scalar multiplication unit (320), includes in turn four subunits: a point addition unit (325), a point doubling unit (330), a field arithmetic unit (335), and a control unit (340).
摘要翻译：一种用于基于在底层二进制多项式域上定义的椭圆曲线在椭圆曲线密码系统中用秘密参数变换数据的方法，该方法包括将表示要变换的数据的椭圆曲线的点乘以表示秘密参数，其中所述相乘包括对所述椭圆曲线的点执行至少一个点加法运算和至少一个加倍运算。点加法运算包括基本场运算的第一序列，点加倍运算包括基本场运算的第二序列，基本场运算的第一和第二序列包括椭圆曲线点的坐标的场反转。提供了仿射坐标中的椭圆曲线点的表示，并且基本场操作的第一和第二序列是平衡的。坐标的场反转由扩展欧几里德算法执行，平衡包括通过添加至少一个虚拟操作来平衡扩展欧几里德算法。特别地，扩展欧几里德算法的平衡包括：在比较在算法中迭代处理的两个二进制多项式的各个度之后，执行相同的操作序列，而不管所述比较的结果如何。还提供了一种用于利用秘密参数来变换数据的设备（305），包括适于执行上述方法的集成电路（315）。电路（315）实现包括标量乘法单元（320）的加密系统（317），依次包括四个子单元：点加法单元（325），点加倍单元（330），场运算单元（335）和控制单元（340）。

5. 发明申请

WO2007045258A1 A METHOD FOR SCALAR MULTIPLICATION IN ELLIPTIC CURVE GROUPS OVER PRIME FIELDS FOR SIDE-CHANNEL ATTACK RESISTANT CRYPTOSYSTEMS 审中-公开
标题翻译：用于侧向通道抗撞击强度的主要场合的ELLIPTIC曲线组中的标量多项式的方法
公开(公告)号：WO2007045258A1
公开(公告)日：2007-04-26
申请号：PCT/EP2005/011208
申请日：2005-10-18
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： G06F7/72
CPC分类号： G06F7/725 , G06F7/721 , G06F7/728 , G06F2207/7257 , G06F2207/7261
摘要： A method for transforming data with a secret parameter in an elliptic curve cryptosystem based on an elliptic curve defined over an underlying prime field, the method comprising multiplying a point of the elliptic curve, representing the data to be transformed, by a scalar representing the secret parameter, wherein the multiplying includes performing at least one point addition operation and at least one point doubling operation on points of the elliptic curve. The method includes: providing a representation in affine coordinates of the elliptic curve point to be multiplied, and a representation in projective coordinates of intermediate elliptic curve points obtained during said multiplying; performing both the point addition operation and the point doubling operation by means of a sequence of elementary prime field operation types, the elementary prime field operation types including: a first type of prime field operations including field multiplication and field squaring of coordinates of the elliptic curve points, and a second type of prime field operations including field addition, field doubling, and field subtraction of coordinates of the elliptic curve points. A device is also provided, for transforming data with a secret parameter, comprising an integrated circuit adapted to perform the above mentioned method.
摘要翻译：一种用于在椭圆曲线密码系统中使用秘密参数来转换数据的方法，该方法基于在底层素数域上定义的椭圆曲线，该方法包括将表示待变换的数据的椭圆曲线的点乘以代表秘密的标量参数，其中所述相乘包括对所述椭圆曲线的点执行至少一个点加法运算和至少一个加倍运算。该方法包括：提供要乘以的椭圆曲线点的仿射坐标中的表示，以及在所述乘法期间获得的中间椭圆曲线点的投影坐标中的表示; 通过基本素场操作类型的序列来执行点加法运算和点加倍运算，所述基本素数运算类型包括：包括场乘法和椭圆曲线坐标的场平方的第一类素数场运算点和第二种主场操作，包括场加法，场倍增和椭圆曲线点坐标的场减法。还提供了一种用于使用秘密参数来转换数据的装置，包括适于执行上述方法的集成电路。

6. 发明申请

WO2006058561A1 METHOD AND RELATED DEVICE FOR HARDWARE-ORIENTED CONVERSION BETWEEN ARITHMETIC AND BOOLEAN RANDOM MASKING 审中-公开
标题翻译：方法和相关设备在算术和布尔随机屏蔽之间的硬件转换
公开(公告)号：WO2006058561A1
公开(公告)日：2006-06-08
申请号：PCT/EP2004/053203
申请日：2004-12-01
申请人： TELECOM ITALIA S.p.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： G06F7/00
CPC分类号： G06F7/764 , G06F2207/7233 , H04L9/003 , H04L2209/046 , H04L2209/08 , H04L2209/12
摘要： A method for secure conversion between two different random markings used for cryptographic functions, comprising converting a first binary data word (x';x"), masked by a binary mask word (r) according to a first masking process, into a corresponding second binary data word (x";x'), masked by said binary mask word according to a second masking process, the first and second binary data words and the binary mask word comprising corresponding pluralities of bits (x' i ,x" i ,r i ), wherein each of said pluralities of bits includes a least significant bit (x' 0 ,x" 0, r 0 ), a first bit (x' 1 ,x" 1 ,r 1 ), and at least one i-th bit (x' i ,x" i ,r i ), i≥2. The conversion method comprises: taking as a least significant bit (x" 0 ;x' 0 ) of the second binary data word the least significant bit (x' 0 ;x" 0 ) of the first binary data word; calculating the first bit (x" 1 ;x' 1 ) of the second binary data word by: performing a first XORing (205;405;605;805) of the least significant bit (r 0 ) of the binary mask word with the first bit (x' 1 ;x" 1 ) of the first binary data word, and selecting (210;410;610;810) as a value of the first bit (x" 1 ;x' 1 ) of the second binary data word either a result of said first XORing or the first bit of the first binary data word, depending on a value related to the least significant bit (x' 0 ) of the first or the second binary data word; and calculating the i-th bit (x" 1 ; x' i ) of the second binary data word by: performing a second XORing (215;415;615;815) of the i-th bit (x' i ;x" i ) of the first binary data word with the (I-1)-th bit (r i-1 ) of the binary mask word; performing a third XORing (220;420;620;820) of the i-th bit (x' i ;x" i ) of the first binary data word with a first value related to the (i-1)-th bit (x" i-1 ) of the first or the second binary data word; and selecting (225;425;625;825) as a value of the i-th bit (x" i ;x' i ) of the second binary data word a result of either said second XORing or said third XORing depending on a second value related to the (i-1)-th bit (x' I - 1 ) of the first or the second binary data word.
摘要翻译：一种用于加密功能的两个不同随机标记之间的安全转换的方法，包括：将根据第一掩蔽处理的二进制掩码字（r）掩蔽的第一二进制数据字（x'; x“）转换成相应的第二根据第二掩蔽处理由所述二进制掩码字掩蔽的二进制数据字（x“; x”），所述第一和第二二进制数据字和所述二进制掩码字包括相应的多个位（x' 其中，所述多个位中的每一个包括最低有效位（x'，x'，x'，x“，x” 第一位（x'1，...，x“1，...，SUB <0> > 1 ）和至少一个第i位（x'，i“，x”i，i，i） I = 2。该转换方法包括：将第二二进制数据字的最低有效位（x'SUB）作为最低有效位（x“<0> 0 x“0 ）; 通过以下方式计算第二二进制数据字的第一位（x“1”; x“1”）：执行第二异或运算的第一异或（205; 405; 605; 805）具有第一二进制位的第一位（x'1“x”1“）的二进制掩码字的最低有效位（r <0> 0 ）数据字，并且选择（210; 410; 610; 810）作为第二二进制数据字的第一位（x“1”x“1”）的值取决于与第一或第二二进制数据字的最低有效位（x'> 0 ）相关的值的所述第一异或或第一二进制数据字的第一位的结果; 以及通过执行第二异或（215; 415; 615; 815）来计算所述第二二进制数据字的所述第i位（x“1”; x“ ）与第（I-1）比特（r i> x“ 对所述二进制掩码字进行所述第i-1（i-1）个所述第i个所述第i个比特的第三异或（220; 420; 620; 820） > i ）第一二进制数据字与第一或第二二进制数据字的第（i-1）位（x“i-1”）有关的第一值; 以及选择（225; 425; 625; 825）作为第二二进制数据字a的第i个位（x“i”x“i”）的值所述第二异或或所述第三异或的结果取决于与所述第一或第二异或的第（i-1）位相关的第二值（x' 1> 或第二个二进制数据字。

7. 发明申请

WO2011013148A1 SYMMETRIC-KEY ENCRYPTION METHOD AND CRYPTOGRAPHIC SYSTEM EMPLOYING THE METHOD 审中-公开
标题翻译：使用方法的对称加密方法和克隆系统
公开(公告)号：WO2011013148A1
公开(公告)日：2011-02-03
申请号：PCT/IT2009/000333
申请日：2009-07-28
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： H04L9/18 , H04L29/06
CPC分类号： H04L9/065 , H04L9/0637 , H04L63/0435
摘要： Symmetric-key encryption method (200) for transforming a sequence of plaintext symbols (x) into a sequence of ciphertext symbols (y), the method including an iterative encryption process comprising: computing (202, ST-ALT) an altered current internal state by combining a current internal state with a current memory symbol; computing (202, ST-NXT) a next internal state from said altered current internal state; generating (202, KEY-OUT) a keystream symbol (z) from said next internal state; verifying (203) whether said generated keystream symbol satisfies a condition related to data-format/syntax rules; iteratively (204, 202) computing next internal states and iteratively generating keystream symbols; iteratively encrypting (205, 206, 208) plaintext symbols by employing next keystream symbols to obtain the sequence of ciphertext symbols (y).
摘要翻译：用于将明文符号序列（x）变换成密文符号序列（y）的对称密钥加密方法（200），所述方法包括迭代加密处理，包括：计算（202，ST-ALT）改变的当前内部状态通过将当前内部状态与当前存储器符号组合; 从所述改变的当前内部状态计算（202，ST-NXT）下一个内部状态; 从所述下一个内部状态生成（202，KEY-OUT）密钥流符号（z）; 验证（203）所述生成的密钥流符号是否满足与数据格式/语法规则相关的条件; 迭代地（204,202）计算下一个内部状态并迭代地产生密钥流符号; 通过使用下一个密钥流符号来迭代地加密（205,206,208）明文符号以获得密文符号（y）的序列。

8. 发明申请

WO2009083022A1 METHOD OF DETECTING ANOMALIES IN A COMMUNICATION SYSTEM USING NUMERICAL PACKET FEATURES 审中-公开
标题翻译：使用数字分组特征检测通信系统中异常的方法
公开(公告)号：WO2009083022A1
公开(公告)日：2009-07-09
申请号：PCT/EP2007/011473
申请日：2007-12-31
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan , D'ALESSANDRO, Rosalia
发明人： GOLIC, Jovan , D'ALESSANDRO, Rosalia
IPC分类号： H04L29/06
CPC分类号： H04L63/1416 , H04L63/1458 , H04L2463/141
摘要： A method (200) of detecting anomalies in a communication system, the method comprising: providing (202) a first packet flow portion (PFPl) and a second packet flow portion (PFP2); extracting (203) samples of a numerical feature (x) associated to a traffic status of the first and second packet flow portions; computing (204) from said extracted samples a first statistical dispersion quantity (Dq 1 ) and a second statistical dispersion quantity (Dq 2 ) of the numerical feature associated with the first and second packet flow portions, respectively; computing (205) from said dispersion quantities a variation quantity (Δ) representing a dispersion change from the first packet flow portion to the second packet flow portion; comparing (206) the variation quantity (Δ) with a comparison value (Thr); detecting (207) an anomaly in the system in response to said comparison.
摘要翻译：一种检测通信系统异常的方法（200），所述方法包括：提供（202）第一分组流部分（PFP1）和第二分组流部分（PFP2）; 提取（203）与所述第一和第二分组流部分的交通状况相关联的数字特征（x）的样本; 从所述提取的样本中分别计算（204）与第一和第二分组流部分相关联的数字特征的第一统计色散量（Dq1）和第二统计色散量（Dq2）从所述色散量计算（205）表示从第一分组流部分到第二分组流部分的色散变化的变化量（？）; 将变化量（Δ）与比较值（Thr）进行比较（206）; 响应于所述比较，检测（207）系统中的异常。

9. 发明申请

WO2006015624A1 RANDOM NUMBER GENERATION BASED ON LOGIC CIRCUITS WITH FEEDBACK 审中-公开
标题翻译：基于反馈逻辑电路的随机数生成
公开(公告)号：WO2006015624A1
公开(公告)日：2006-02-16
申请号：PCT/EP2004/051746
申请日：2004-08-09
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： H03K3/84
CPC分类号： H03K3/84 , G06F7/584 , G06F7/588 , G06F2207/583
摘要： A random binary sequence generator (105) for generating a random binary sequence (RRBS) adapted to be used for producing random numbers, comprising at least one logic circuit (115) corresponding to an associated finite-state machine having a statetransition function including states arranged to form cycles of states, wherein: the at least one logic circuit has a set of logic circuit inputs (In) and a set of logic circuit outputs (Out) fed back to said logic circuit inputs; the associated finite-state machine is autonomous and asynchronous; the state-transition function is void of loops; and any of the cycles of states has either a minimum length equal to three states, in case the cycle is stable, or a minimum length of two states, in case the cycle is meta-stable.
摘要翻译：用于产生适用于产生随机数的随机二进制序列（RRBS）的随机二进制序列发生器（105），其包括至少一个逻辑电路（115），所述逻辑电路（115）对应于相关的有限状态其中：所述至少一个逻辑电路具有一组逻辑电路输入（In）和一组逻辑电路输出（Out），所述逻辑电路输出（Out）被反馈到所述逻辑电路输入端; 相关的有限状态机是自治的和异步的; 状态转换函数没有循环; 任何状态周期的最小长度等于三个状态，在周期稳定的情况下，或者两个状态的最小长度在周期是亚稳定的情况下。

10. 发明申请

WO2005025124A1 SECRET-KEY-CONTROLLED REVERSIBLE CIRCUIT AND CORRESPONDING METHOD OF DATA PROCESSING 审中-公开
标题翻译：秘密钥匙控制的可逆电路和数据处理的相应方法
公开(公告)号：WO2005025124A1
公开(公告)日：2005-03-17
申请号：PCT/IT2003/000532
申请日：2003-09-05
申请人： TELECOM ITALIA S.P.A. , GOLIC, Jovan
发明人： GOLIC, Jovan
IPC分类号： H04L9/06
CPC分类号： H04L9/0618 , H04L2209/08 , H04L2209/125 , H04L2209/24
摘要： A combinatorial key-dependent network (46), suitable for the encryption/decryption of data on buses and in memories of data-processing devices, comprises a number of layers, where each layer is composed of a number of elementary building blocks (2) operating on very small block sizes. A generic building block (2) acts on a small number of input data bits, which are divided into two groups of m and n bits, respectively. The m input bits, which are passed to the output intact, are used to select k out of 2 m k key bits by a multiplexer circuit; the k bits are then used to select an (nxn)-bit reversible transformation (R k ) acting on the remaining n input bits to produce the corresponding n output bits. The total number of the key bits in the building block is thus 2 m k, which can easily be made larger that m+n. An inverse building block is the same except that the reversible transformations RK are replaced by their inverses Rk-1.
摘要翻译：适用于数据处理设备的总线和数据存储器中的数据的加密/解密的组合密钥相关网络（46）包括多个层，其中每个层由多个基本构建块（2）组成，操作在非常小的块大小。通用构建块（2）作用于少量输入数据位，分别被分成两组m位和n位。通过多路复用器电路使用输出到输出端的m个输入位用于选择2个k个k个密钥位中的k个; 然后使用k位来选择作用于剩余的n个输入位的（nxn）位可逆变换（Rk）以产生相应的n个输出位。因此，构建块中的关键位的总数为2k，这可以容易地使得m + n更大。反向构建块是相同的，除了可逆变换RK被其反转Rk-1替代。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式