CERTICOM CORP. Patent applications |
Patent application number | Title | Published |
20160087789 | Cryptographic Method and Apparatus - A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used. | 03-24-2016 |
20160048462 | SYSTEM AND METHOD FOR HARDWARE BASED SECURITY - An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session. | 02-18-2016 |
20160044496 | METHODS AND APPARATUS FOR USE IN TRANSFERRING AN ASSIGNMENT OF A SECURE CHIP BETWEEN SUBSCRIPTION MANAGERS - Techniques for use in transferring an assignment of a secure chip of a wireless device from a current subscription manager (SM) of a current mobile network operator (MNO) to a new SM of a new MNO are described. In one illustrative example, the current SM receives a request for transferring the assignment and produces transfer permission data in response. The transfer permission data includes an identifier of the secure chip, an identifier of the current SM, and a digital signature of the current SM. The current SM then sends to the secure chip a transfer permission message which includes the transfer permission data. The transfer permission data indicates a permission for the secure chip to transfer the assignment from the current SM to the new SM. Additional techniques are performed by the secure chip, and the new SM, as described. | 02-11-2016 |
20150270975 | METHOD FOR VALIDATING MESSAGES - There is provided a method for secure communications. The method includes a computing device receiving a notification comprising a message, a counter value, a signature signed by a signer and based on the message and the counter value, and an indication of the signer. The device obtains a current counter value based on an identity of the signer, checks the signature and compares the counter value with the current counter value; and, if the counter comparison and the signature checking is successful, accepting the message. | 09-24-2015 |
20150139424 | KEY AGREEMENT FOR WIRELESS COMMUNICATION - Methods, systems, and computer programs for performing key agreement operations in a communication system are described. In some aspects, a wireless network operator receives a mobile device identifier and accesses a secret key associated with the mobile device. A message authentication code function is evaluated based on the secret key to produce an output value. A session key and a challenge value are obtained based on the output value. In some aspects, a mobile device accesses a secret key in response to receiving the challenge value from the wireless network operator. A message authentication code function is evaluated based on the secret key to produce an output value. A response value and a session key are obtained based on the output value. The response value is transmitted to the wireless network operator. | 05-21-2015 |
20150124961 | Public Key Encryption Algorithms for Hard Lock File Encryption - In some aspects, an encryption method comprises encrypting a first portion of a message using a first secret key. The first secret key is generated based on the public key of an entity. A one-way function is used to generate a second secret key from the first secret key, and the first secret key is subsequently discarded. A second portion of the message is encrypted using the second secret key. The encrypted first portion of the message and the encrypted second portion of the message are provided to the entity. | 05-07-2015 |
20140365779 | GENERATING DIGITAL SIGNATURES - Methods, systems, and computer programs for generating a digital signature are disclosed. In some aspects, a symmetric key is accessed. The symmetric key is based on an ephemeral public key. The ephemeral public key is associated with an ephemeral private key. A ciphertext is generated based on the symmetric key and a message. An input value is obtained based on the ciphertext independent of a hash function. A digital signature is generated from the ephemeral private key, the input value, and a long term private key. | 12-11-2014 |
20140351580 | URL-BASED CERTIFICATE IN A PKI - A method of requesting and issuing a certificate from certification authority for use by an initiating correspondent with a registration authority is provided. The initiating correspondent makes a request for a certificate to the registration authority, and the registration authority sends the request to a certificate authority, which issues the certificate to the registration authority. The certificate is stored at a location in a directory and this location is associated with a pointer such as uniform resource locator (URL) that is derived from information contained in the certificate request. The initiating correspondent computes the location using the same information and forwards it to other corespondents. The other correspondents can then locate the certificate to authenticate the public key of the initiating correspondent. | 11-27-2014 |
20140344576 | KEY VALIDATION SCHEME - A system and method for validating digital information transmitted by one correspondent to another in a data communication system. The method comprising the steps of generating a public key in accordance with a predetermined, generating a public key in accordance with a predetermined cryptographic scheme having predetermined arithmetic properties and system parameters. The verifying said public key conforms to said arithmetic properties of said scheme, transmitting said verified public key to a recipient. | 11-20-2014 |
20140325227 | Method and Apparatus for Verifiable Generation of Public Keys - The invention provides a method of verifiable generation of public keys. According to the method, a self-signed signature is first generated and then used as input to the generation of a pair of private and public keys. Verification of the signature proves that the keys are generated from a key generation process utilizing the signature. A certification authority can validate and verify a public key generated from a verifiable key generation process. | 10-30-2014 |
20140298033 | HYBRID SIGNATURE SCHEME - A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion. | 10-02-2014 |
20140282873 | Cryptographic Method and Apparatus - A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used. | 09-18-2014 |
20140281538 | ACCELERATED SIGNATURE VERIFICATION ON AN ELLIPTIC CURVE - A public key encryption system exchanges information between a pair of correspondents. The recipient performs computations on the received data to recover the transmitted data or verify the identity of the sender. The data transferred includes supplementary information that relates to intermediate steps in the computations performed by the recipient. | 09-18-2014 |
20140215206 | SYSTEM AND METHOD FOR PROVIDING A TRUST FRAMEWORK USING A SECONDARY NETWORK - A system for providing security services to a mobile device where the mobile device is in communication with a public network through a first network path that is subject to interference by a third party. The system includes a security server and a private network. The security server is operative to communicate with the mobile device through the private network. The security server is also operative to communicate with the public network through a second network path that is less susceptible to the interference by the third party than is the first network path. The security server communicates with the public network through the second network path to provide security services to the mobile device that are delivered over the private network. | 07-31-2014 |
20140211938 | MODIFIED ELLIPTIC CURVE SIGNATURE ALGORITHM FOR MESSAGE RECOVERY - A modified Chinese State Encryption Management Bureau's SM2 Elliptic Curve Signature Algorithm that offers partial message recovery and lowers the signature size for a given cryptographic strength. The modified SM2 Elliptic Curve Signature Algorithm includes a signature and verification algorithm that modifies a signature generation primitive to compute a key derived from the ephemeral signing key, and a multiple of the signer's public key. | 07-31-2014 |
20140201535 | INCORPORATING DATA INTO AN ECDSA SIGNATURE COMPONENT - During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported to be signed by the signer, a verifier can extract the particular information from the signature component. | 07-17-2014 |
20140201521 | Method and Apparatus for Providing an Adaptable Security Level in an Electronic Communication - A method of communicating in a secure communication system, comprises the steps of assembling a message at a sender, then determining a frame type, and including an indication of the frame type in a header of the message. The message is then sent to a recipient and the frame type used to perform a policy check. | 07-17-2014 |
20140181990 | METHOD AND APPARATUS FOR SYNCHRONIZING AN ADAPTABLE SECURITY LEVEL IN AN ELECTRONIC COMMUNICATION - A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient. | 06-26-2014 |
20140181955 | TWO FACTOR AUTHENTICATION USING NEAR FIELD COMMUNICATIONS - There is provided a method and apparatus for communications using short range communications such as Near Field Communications (NFC). A mobile device comprising an NFC subsystem provides a dynamic credential for use to login to a network requiring two factor authentication. A terminal used for logging in to the network is associated with an NFC reader, and bringing the NFC device in proximity to the NFC reader provides the terminal with the dynamic credential required for two factor authentication. | 06-26-2014 |
20140173704 | SYSTEM, DEVICE, AND METHOD FOR AUTHENTICATION OF A USER ACCESSING AN ON-LINE RESOURCE - A system, device and method for authenticating a user. The system, device and method may employ a computing device for providing credentials required for access to an on-line resource available over a network. The computing device may connect to the on-line resource to register a user. The computing device may receive from the on-line resource at least one request for a credential to identify the user. In response to the request, the computing device may generate a random credential, store the random credential in association with an on-line resource identifier and the request in a data store accessible to the computing device and, submit the random credential to the on-line resource to register the user. | 06-19-2014 |
20140173276 | Local Area Network - A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices arc allowed access to the communication network and the trusted network. | 06-19-2014 |
20140171151 | METHODS AND APPARATUS FOR USE IN TRANSFERRING AN ASSIGNMENT OF A SECURE CHIP SUBSCRIPTION MANAGERS - Techniques for use in transferring an assignment of a secure chip of a wireless device from a current subscription manager (SM) of a current mobile network operator (MNO) to a new SM of a new MNO are described. In one illustrative example, the current SM receives a request for transferring the assignment and produces transfer permission data in response. The transfer permission data includes an identifier of the secure chip, an identifier of the current SM, and a digital signature of the current SM. The current SM then sends to the secure chip a transfer permission message which includes the transfer permission data. The transfer permission data indicates a permission for the secure chip to transfer the assignment from the current SM to the new SM. Additional techniques are performed by the secure chip, and the new SM, as described. | 06-19-2014 |
20140156998 | Challenge-Response Authentication Using a Masked Response Value - Challenge-response authentication protocols are disclosed herein, including systems and methods for a first device to authenticate a second device. In one embodiment, the following operations are performed by the first device: (a) sending to the second device: (i) a challenge value corresponding to an expected response value known by the first device, and (ii) a hiding value; (b) receiving from the second device a masked response value; (c) obtaining an expected masked response value from the expected response value and the hiding value; and (d) determining whether the expected masked response value matches the masked response value received from the second device. The operations from the perspective of the second device are also disclosed, which in some embodiments include computing the masked response value using the challenge value, the hiding value, and secret information known to the second device. | 06-05-2014 |
20140154975 | Verifying a Wireless Device - In some aspects of what is described here, a first wireless device detects proximity of a second wireless device (e.g., by a Near Field Communication (NFC) interface or another type of interface). Based on detecting proximity of the second wireless device, the first wireless device generates a recommendation request from information received from the second wireless device. The first wireless device sends the recommendation request to a trusted authority and receives a response. The response includes the trusted authority's recommendation whether to trust the second wireless device. The first wireless device can determine whether to trust the second wireless device based on the recommendation. | 06-05-2014 |
20140153714 | Challenge-Response Authentication Using a Masked Response Value - Challenge-response authentication protocols are disclosed herein, including systems and methods for a first device to authenticate a second device. In one embodiment, the following operations are performed by the first device: (a) sending to the second device: (i) a challenge value corresponding to an expected response value known by the first device, and (ii) a hiding value; (b) receiving from the second device a masked response value; (c) obtaining an expected masked response value from the expected response value and the hiding value; and (d) determining whether the expected masked response value matches the masked response value received from the second device. The operations from the perspective of the second device are also disclosed, which in some embodiments include computing the masked response value using the challenge value, the hiding value, and secret information known to the second device. | 06-05-2014 |
20140152417 | ANTENNA SHIELD FOR PROXIMITY-BASED COMMUNICATION DEVICES - A shielding article is provided, for shielding a device enabled for proximity-based communications, for example, NFC-enabled devices. The shielding article comprises a shielding component configured to prevent operation of an antenna of the device used for conducting proximity-based communications, without preventing operation of at least one other antenna of the device when the shielding component is aligned with the antenna used for conducting proximity-based communications. The shielding article may be separate from, or included in an accessory or carrying article and may be fixed or detachably coupled thereto. | 06-05-2014 |
20140146964 | AUTHENTICATED ENCRYPTION METHOD USING WORKING BLOCKS - A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block. The method further includes computing a global message authentication tag as a function of the message authentication tag computed for each working block and a global message authentication key. The ciphertext message comprises the working block ciphertext computed for each working block and the global message authentication tag. | 05-29-2014 |
20140141750 | DATA INTEGRITY FOR PROXIMITY-BASED COMMUNICATION - Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, information is wirelessly transmitted from a first mobile device to a second mobile device. The information permits the second mobile device to detect proximity of the first mobile device. In some implementations, the information can be wirelessly transmitted by a proximity-activated wireless interface, such as, for example, a Near Field Communication (NFC) interface. In response to the information, the first mobile device receives a message and a first authentication value wirelessly transmitted from the second mobile device to the first mobile device. A second authentication value is generated at the first mobile device based on the message and the shared secret value. Integrity of the message is verified based on comparing the first authentication value and the second authentication value. | 05-22-2014 |
20140137197 | DATA INTEGRITY FOR PROXIMITY-BASED COMMUNICATION - Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, an authentication value is generated at a first mobile device based on a message and a shared secret value stored on the first mobile device. In response to detecting proximity of a second mobile device, the message and the authentication value are wirelessly transmitted from the first mobile device to the second mobile device. In some implementations, the message and the authentication value can be wirelessly transmitted by a proximity-activated wireless interface, such as, for example, a Near Field Communication (NFC) interface. | 05-15-2014 |
20140136834 | HTTP Layer Countermeasures Against Blockwise Chosen Boundary Attack - A client application, when executed by a processor, is operative to create a HyperText Transfer Protocol (HTTP) request containing a target header that includes a confidential value. The HTTP request is to be sent over a Secure Sockets Layer (SSL) 3.0 connection or a Transport Layer Security (TLS) 1.0 connection to a web server. The client application implements at its HTTP layer a countermeasure to a blockwise chosen-boundary attack. The client application generates an additional header having a header name that is not recognizable by the web server and inserts the additional header into the HTTP request ahead of the target header, thus creating a modified HTTP request. The modified HTTP request is to be sent, instead of the unmodified HTTP request, over the SSL 3.0 connection or the TLS 1.0 connection to the web server. | 05-15-2014 |
20140082367 | VERIFYING PASSWORDS ON A MOBILE DEVICE - Methods, systems, and computer programs for verifying a password are disclosed. For example, the password can be verified on a mobile device to control user access to the mobile device. In some implementations, a mobile device includes a user interface, a main processor, and a co-processor. The user interface receives a submitted password value from a user. The main processor calls the co-processor to provide a hash chain input value based on the submitted password value. The main processor evaluates a hash chain based on the hash chain input value provided by the co-processor. Evaluating the hash chain generates a submitted password verification value. The submitted password verification value is compared to a stored password verification value stored on the mobile device. Access to mobile device functionality may be permitted or denied based on a result of the comparison. | 03-20-2014 |
20140032911 | KEY AGREEMENT AND TRANSPORT PROTOCOL - A key establishment protocol includes the generation of a value of cryptographic function, typically a hash, of a session key and public information. This value is transferred between correspondents together with the information necessary to generate the session key. Provided the session key has not been compromised, the value of the cryptographic function will be the same at each of the correspondents. The value of the cryptographic function cannot be compromised or modified without access to the session key. | 01-30-2014 |
20140003604 | AUTHENTICATION OF A MOBILE DEVICE BY A NETWORK AND KEY GENERATION | 01-02-2014 |
20130343542 | METHODS AND DEVICES FOR ESTABLISHING TRUST ON FIRST USE FOR CLOSE PROXIMITY COMMUNICATIONS - Methods and devices for establishing trust on first use for close proximity communications are disclosed. An example method includes receiving a public key from a device via a close proximity communications connection, obtaining, via a user interface, an indication that the device is trusted, and storing at least one of the public key or an identifier for the device. | 12-26-2013 |
20130318342 | Method and System for Generating Implicit Certificates and Applications to Identity-Based Encryption (IBE) - The invention relates to a method of generating an implicit certificate and a method of generating a private key from a public key. The method involves a method generating an implicit certificate in three phases. The public key may be an entity's identity or derived from an entity's identify. Only the owner of the public key possesses complete information to generate the corresponding private key. No authority is required to nor able to generate an entity's private key. | 11-28-2013 |
20130290713 | HASHING PREFIX-FREE VALUES IN A CERTIFICATE SCHEME - Methods, systems, and computer programs for producing hash values are disclosed. A prefix-free value is obtained based on input data. The prefix-free value can be based on an implicit certificate, a message to be signed, a message to be verified, or other suitable information. A hash value is obtained by applying a hash function to the prefix-free value. The hash value is used in a cryptographic scheme. In some instances, a public key or a private key is generated based on the hash value. In some instances, a digital signature is generated based on the hash value, or a digital signature is verified based on the hash value, as appropriate. | 10-31-2013 |
20130290712 | HASHING PREFIX-FREE VALUES IN A SIGNATURE SCHEME - Methods, systems, and computer programs for producing hash values are disclosed. A prefix-free value is obtained based on input data. The prefix-free value can be based on an implicit certificate, a message to be signed, a message to be verified, or other suitable information. A hash value is obtained by applying a hash function to the prefix-free value. The hash value is used in a cryptographic scheme. In some instances, a public key or a private key is generated based on the hash value. In some instances, a digital signature is generated based on the hash value, or a digital signature is verified based on the hash value, as appropriate. | 10-31-2013 |
20130287207 | MULTIPLE HASHING IN A CRYPTOGRAPHIC SCHEME - Methods, systems, and computer programs for producing hash values are disclosed. A first hash value is obtained by applying a first hash function to a first input. The first input can be based on an implicit certificate, a message to be signed, a message to be verified, or other suitable information. A second hash value is obtained by applying a second hash function to a second input. The second input is based on the first hash value. The second hash value is used in a cryptographic scheme. In some instances, a public key or a private key is generated based on the second hash value. In some instances, a digital signature is generated based on the second hash value, or a digital signature is verified based on the second hash value, as appropriate. | 10-31-2013 |
20130246805 | SECURE INTERFACE FOR VERSATILE KEY DERIVATION FUNCTION SUPPORT - Improper re-use of a static Diffie-Hellman (DH) private key may leak information about the key. The leakage is prevented by a key derivation function (KDF), but standards do not agree on key derivation functions. The module for performing a DH private key operation must somehow support multiple different KDF standards. The present invention provides an intermediate approach that neither attempts to implement all possible KDF operations, nor provide unprotected access to the raw DH private key operation. Instead, the module performs parts of the KDF operation, as indicated by the application using the module. This saves the module from implementing the entire KDF for each KDF needed. Instead, the module implements only re-usable parts that are common to most KDFs. Furthermore, when new KDFs are required, the module may be able to support them if they built on the parts that the module has implemented. | 09-19-2013 |
20130238899 | System and Method for Remote Device Registration - A system and method for remote device registration, to monitor and meter the injection of keying or other confidential information onto a device, is provided. A producer who utilizes one or more separate manufacturers, operates a remote module that communicates over forward and backward channels with a local module at the manufacturer. Encrypted data transmissions are sent by producer to the manufacturer and are decrypted to obtain sensitive data used in the devices. As data transmissions are decrypted, credits from a credit pool are depleted and can be replenished by the producer through credit instructions. As distribution images are decrypted, usage records are created and eventually concatenated, and sent as usage reports back to the producer, to enable the producer to monitor and meter production at the manufacturer. | 09-12-2013 |
20130232554 | System and Method for Connecting Client Devices to a Network - A system and method are provided for enabling a client device to connect to a network. The method comprises: obtaining an authorization code via a communication channel different from the network, the authorization code corresponding to the client device; and after detecting initiation of a security negotiation protocol by the client device, using the authorization code in at least one security negotiation operation. | 09-05-2013 |
20130227277 | SELF-SIGNED IMPLICIT CERTIFICATES - There are disclosed systems and methods for creating a self-signed implicit certificate. In one embodiment, the self-signed implicit certificate is generated and operated upon using transformations of a nature similar to the transformations used in the ECQV protocol. In such a system, a root CA or other computing device avoids having to generate an explicit self-signed certificate by instead generating a self-signed implicit certificate. | 08-29-2013 |
20130222160 | METHOD AND APPARATUS FOR ENTROPY DECODING - An entropy decoder and method for decoding code words with an indication of associated probability for each code word. The decoder can be operable to receive code words and the indication of associated probability. A branch node block can be in communication with a leaf node block. The branch node block comprising one or more branch node lookup tables and branch node control logic. The branch node control logic operable to process a code word in the input buffer using a selected table from the one or more branch node lookup tables to obtain leaf node information and a bit count of a code word size, the branch control logic further operable to refresh the input buffer to replace the bit count of the code word size and to make the leaf node information and the table selection available to the leaf node block. | 08-29-2013 |
20130182843 | System and Method of Lawful Access to Secure Communications - The present disclosure relates to systems and methods for secure communications. In some aspects, one or more values used to generate an encryption key used to encrypt a packet are stored in a header of the packet. The packet is transmitted with the encrypted data portion in a communication. In some aspects, one or more values used to generate an encryption key are received. The encryption key is regenerated using the one or more values. | 07-18-2013 |
20130182841 | System and Method of Lawful Access to Secure Communications - The present disclosure relates to systems and methods for secure communications. In some aspects, an initiator KMS receives, from an initiator UE, one or more values used in generation of an encryption key, which includes obtaining at least one value associated with a RANDRi. The initiator KMS sends the at least one value associated with the RANDRi to a responder KMS. The responder KMS generates the encryption key using the one or more values. | 07-18-2013 |
20130182840 | System and Method of Lawful Access to Secure Communications - The present disclosure relates to systems and methods for secure communications. In some aspects, a method of signalling an interception time period is described. At least one keying information used by a KMF to regenerate a key is stored. A start_interception message is signaled from an ADMF to a CSCF. A halt_message is signaled from the ADMF to the CSCF. | 07-18-2013 |
20130170642 | ELLIPTIC CURVE RANDOM NUMBER GENERATION - An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key. | 07-04-2013 |
20130152213 | APPARATUS, SYSTEM AND METHOD FOR PREVENTING DATA LOSS - A device and method are provided for a device that communicates security information to a user entering content into the device. In an aspect, the device may access content from a server over a connection through the network. The device displays the content on a user interface of the device. The device detects information entered into a field of the displayed content and evaluates a security state of the device. If the security state is below a security threshold and, if the entered information is identified as protected information based on stored criteria, the device displaying a visual indication on the user interface. | 06-13-2013 |
20130145168 | MASKED DIGITAL SIGNATURES - A method for creating and authenticating a digital signature is provided, including selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system, a recovered second signature component s′ is computed by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. | 06-06-2013 |
20130145160 | SYSTEM AND METHOD FOR MOUNTING ENCRYPTED DATA BASED ON AVAILABILITY OF A KEY ON A NETWORK - A system and a method are provided for retrieving decryption keys from a secure location that is separate from the encrypted data. In particular, for each decryption key, there is an associated key ID, public and private authentication key pair and a storage key. The decryption key is encrypted and can be decrypted with the storage key. A key-server securely stores the encrypted decryption key, key ID and public authentication key. A separate key-host stores the storage key, key ID and private authentication key. For the key-host to retrieve the encrypted decryption key, the key-server first authenticates the key-host using the authentication keys. Upon receipt of the encrypted decryption key, the key-host decrypts the encrypted key using the storage key. The decryption key is then used for decrypting the encrypted data. | 06-06-2013 |
20130136255 | ASSESSING CRYPTOGRAPHIC ENTROPY - Systems, methods, software, and combinations thereof for evaluating entropy in a cryptography system are described. In some aspects, sample values are produced by an entropy source system. A typicality can be determined for each of the sample values. A grading is determined for preselected distributions based on the typicalities of the sample values. A subset of the preselected distributions are selected based on the gradings. An entropy of the entropy source system is calculated based on the subset of the plurality of distributions. | 05-30-2013 |
20130124870 | CRYPTOGRAPHIC DOCUMENT PROCESSING IN A NETWORK - Data received over a network is processed by a server. The processing includes determining identity information corresponding to an identity associated with a document represented by document data received over an input port of the server from a sender. At the server, a private key is computed based on: a master private key, and the identity information. At the server digital information is computed based at least in part on the document data using the computed private key. The digital information is stored in a storage medium accessible to the server in association with the identify information. | 05-16-2013 |
20130111224 | INTEGRATED CIRCUIT WITH LOGIC CIRCUITRY AND MULTIPLE CONCEALING CIRCUITS | 05-02-2013 |
20130097420 | Verifying Implicit Certificates and Digital Signatures - Methods, systems, and computer programs for verifying a digital signature are disclosed. The verifier accesses an implicit certificate and a digital signature provided by the signer. The implicit certificate includes a first elliptic curve point representing a public key reconstruction value of the signer. The verifier accesses a second elliptic curve point representing a pre-computed multiple of the certificate authority's public key. The verifier uses the first elliptic curve point and the second elliptic curve point to verify the digital signature. The verifier may also use a third elliptic curve point representing a pre-computed multiple of a generator point. Verifying the digital signature may provide verification that the implicit certificate is valid. | 04-18-2013 |
20130091362 | GENERATING IMPLICIT CERTIFICATES - Methods, systems, and computer programs for using an implicit certificate are disclosed. In some implementations, an identifier for an entity is obtained. A first cryptographic pair that includes a first private value and a first public value is generated. A second cryptographic pair that includes a second private value and a second public value is generated. Based on the first public value and the identifier for the entity, an implicit certificate IC is generated at a first computing device. Based on the implicit certificate IC, the first private value, and the second private value, a private key for the entity is generated at the first computing device. The implicit certificate IC is then sent with the second public value from the first computing device to the second computing device. The implicit certificate IC can be used, for example, to generate or verify digital signatures, to encrypt or decrypt messages, etc. | 04-11-2013 |
20130073867 | METHOD FOR STRENGTHENING THE IMPLEMENTATION OF ECDSA AGAINST POWER ANALYSIS - A method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. Each of the plurality of parts is combined with the random value to derive a plurality of new values such that the new values when combined are equivalent to the secret value. Each of the new values is used in the cryptographic operation, thereby using the secret generator in place of the generator G in the cryptographic operation. The introduction of randomness facilitates the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks. | 03-21-2013 |
20130073857 | ONE WAY AUTHENTICATION - A cryptosystem prevents replay attacks within existing authentication protocols, susceptible to such attacks but containing a random component, without requiring modification to said protocols. The entity charged with authentication maintains a list of previously used bit patterns, extracted from a portion of the authentication message connected to the random component. If the bit pattern has been seen before, the message is rejected; if the bit pattern has not been seen before, the bit pattern is added to the stored list and the message is accepted. | 03-21-2013 |
20130073850 | HYBRID ENCRYPTION SCHEMES - Methods, systems, and computer programs for using hybrid encryption schemes are disclosed. In some implementations, a random value is obtained by a pseudorandom generator. A symmetric key is generated based on the random value. A public component is also generated based on the random value. Additionally, an initialization vector is generated based on the random value. The symmetric key and the initialization vector are used to generate an encrypted message based on an input message. The encrypted message and the public component are transmitted to an entity. At least one of the public component or the symmetric key is generated based additionally on a public key of the entity. | 03-21-2013 |
20130067233 | DATA CARD VERIFICATION SYSTEM - To verify a pair of correspondents in an. electronic transaction, each of the correspondents utilises respective parts of first and second signature schemes. The first signature scheme is computationally more difficult in signing than verifying and the second signature scheme is computationally more difficult in verifying than signing. The first correspondent signs information according to the first signature scheme, the second correspondent verifies the first signature received from the first correspondent, using the first signature scheme. The second correspondent then signs information according to the second signature scheme and the first correspondent verifies the second signature received from the second correspondent, according to the second signature algorithm. The method thereby allows one of the correspondents in participate with relatively little computing power while maintaining security of the transaction. | 03-14-2013 |
20130067218 | INCORPORATING DATA INTO CRYPTOGRAPHIC COMPONENTS OF AN ECQV CERTIFICATE - During generation of an implicit certificate for a requestor, a certificate authority incorporates information in the public-key reconstruction data, where the public-key reconstruction data is to be used to compute the public key of the requestor. The information may be related to one or more of the requestor, the certificate authority, and the implicit certificate. The certificate authority reversibly encodes the public-key reconstruction data in the implicit certificate and sends it to the requestor. After receiving the implicit certificate from the certificate authority, the requestor can extract the incorporated information from the public-key reconstruction data. The implicit certificate can be made available to a recipient, and the recipient can also extract the incorporated information. | 03-14-2013 |
20130064363 | INCORPORATING DATA INTO AN ECDSA SIGNATURE COMPONENT - During generation of a signature on a message to create a signed message, a signer determines one of the signature components such that particular information can be extracted from the signature component. The particular information may be related to one or more of the signer and the message to be signed. After receiving a signed message purported to be signed by the signer, a verifier can extract the particular information from the signature component. | 03-14-2013 |
20130046976 | System and Method for Accessing Private Networks - A system and method are provided for using a mobile device to authenticate access to a private network. The mobile device may operate to receive a challenge from an authentication server, the challenge having being generated according to a request to access a private network; obtain a private value; use the private value, the challenge, and a private key to generate a response to the challenge; and send the response to the authentication server. An authentication server may operate to generate a challenge; send the challenge to a mobile device; receive a response from the mobile device, the response having been generated by the mobile device using a private value, the challenge, and a private key; verify the response; and confirm verification of the response with a VPN gateway to permit a computing device to access a private network. | 02-21-2013 |
20130031361 | URL-BASED CERTIFICATE IN A PKI - A method of requesting and issuing a certificate from certification authority for use by an initiating correspondent with a registration authority is provided. The initiating correspondent makes a request for a certificate to the registration authority, and the registration authority sends the request to a certificate authority, which issues the certificate to the registration authority. The certificate is stored at a location in a directory and this location is associated with a pointer such as uniform resource locator (URL) that is derived from information contained in the certificate request. The initiating correspondent computes the location using the same information and forwards it to other corespondents. The other correspondents can then locate the certificate to authenticate the public key of the initiating correspondent. | 01-31-2013 |
20130016840 | Mobile Certificate Distribution in a PKI - A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad-hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET. | 01-17-2013 |
20130016831 | Method and Apparatus For Computing A Shared Secret Key - A method of generating a key by a first correspondent. The key is computable by a second correspondent by a second correspondent. The method comprising the steps of:
| 01-17-2013 |
20130013916 | Method and Apparatus for Verifiable Generation of Public Keys - The invention provides a method of verifiable generation of public keys. According to the method, a self-signed signature is first generated and then used as input to the generation of a pair of private and public keys. Verification of the signature proves that the keys are generated from a key generation process utilizing the signature. A certification authority can validate and verify a public key generated from a verifiable key generation process. | 01-10-2013 |
20130003970 | System and Method for Controlling Features on a Device - Trust between entities participating in an upgrade or enablement/disablement process is established and, to facilitate this remotely and securely, a highly tamper resistant point of trust in the system that is being produced is used. This point of trust enables a more efficient distribution system to be used. Through either a provisioning process or at later stages, i.e. subsequent to installation, manufacture, assembly, sale, etc.; the point of trust embodied as a feature controller on the device or system being modified is given a feature set (or updated feature set) that, when validated, is used to enable or disable entire features or to activate portions of the feature. | 01-03-2013 |
20130003964 | Simultaneous Scalar Multiplication Method - In computing point multiples in elliptic curve schemes (e.g. kP and sQ) separately using, for example, Montgomery's method for the purpose of combining kP+sQ, several operations are repeated in computing kP and sQ individually, that could be executed at the same time. A simultaneous scalar multiplication method is provided that reduces the overall number of doubling and addition operations thereby providing an efficient method for multiple scalar multiplication. The elements in the pairs for P and Q method are combined into a single pair, and the bits in k and s are evaluated at each step as bit pairs. When the bits in k and s are equal, only one doubling operation and one addition operation are needed to compute the current pair, and when the bits in k and s are not equal, only one doubling operation is needed and two addition operations. | 01-03-2013 |
20120314855 | Trapdoor One-Way Functions on Elliptic Curves and Their Application to Shorter Signatures and Asymmetric Encryption - A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. | 12-13-2012 |
20120311007 | SQUARING BINARY FINITE FIELD ELEMENTS - Methods and systems for squaring a binary finite field element are described. In some aspects, a data processing apparatus includes registers and processor logic. A first register stores a sequence of binary values that define a binary finite field element input. The processor logic accesses input components from the first register according to intervals in the sequence. Each input component includes a binary value from each interval in the sequence. In some cases, the intervals are periodic and the binary finite field element corresponds to a sum of phase-shifted input components. The processor logic generates output components based on the input components. The processor logic generates a square of the binary finite field element in the second register based on the output components. The number of input components can be selected, for example, to balance costs of additional processing time against benefits associated with reduced processing hardware. | 12-06-2012 |
20120300925 | RANDOMNESS FOR ENCRYPTION OPERATIONS - Methods, systems, and computer programs for generating random values for encryption operations are described. In some examples, information from a message to be encrypted can be used to refresh the state of a pseudorandom generator. In some aspects, a state parameter of the pseudorandom generator is modified based on information in the message. Modifying the state parameter changes the state parameter from a prior state to a refreshed state based on the information in the message. A random output value is obtained by the pseudorandom generator in the refreshed state. The message is encrypted based on the random output value. | 11-29-2012 |
20120290836 | ACCELERATED SIGNATURE VERIFICATION ON AN ELLIPTIC CURVE - A public key encryption system exchanges information between a pair of correspondents. The recipient performs computations on the received data to recover the transmitted data or verify the identity of the sender. The data transferred includes supplementary information that relates to intermediate steps in the computations performed by the recipient. | 11-15-2012 |
20120284800 | Method and Apparatus for Synchronizing an Adaptable Security Level in an Electronic Communication - A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient. | 11-08-2012 |
20120284508 | VALIDATING A BATCH OF IMPLICIT CERTIFICATES - Methods, systems, and computer programs for validating a batch of implicit certificates are described. Data for a batch of implicit certificates are received and validated. In some aspect, the data include key-pair-validation values that can be used to validate the public and private keys for each implicit certificate. For example, the key-pair-validation values can include a private key, a public key reconstruction value, a public key of the certificate authority, and a hash of the implicit certificate. The key-pair-validation values are either valid or invalid according to a key-pair-validation function. In some cases, modification values are obtained independent of the key-pair-validation values, and the modification values are combined with the key-pair-validation values in a batch-validation function. The batch-validation function is evaluated for the batch of implicit certificates. Evaluating the batch-validation function identifies whether the key-pair-validation data include key-pair-validation values that are invalid according to the key-pair-validation function. | 11-08-2012 |
20120281826 | RESILIENT CRYPTOGRAPHIC SCHEME - A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key. | 11-08-2012 |
20120268174 | SYSTEM FOR DETECTING A RESET CONDITION IN AN ELECTRONIC CIRCUIT - There is disclosed a system for detecting the assertion of a reset signal. A plurality of circuit elements is configurable by a reset signal to output a string of data values in a predetermined pattern. A comparator receives the string of data values and determines whether the string of data values matches the predetermined pattern. If so, the comparator generates an output signal indicative of a reset. In one embodiment, the output signal of the comparator can be used to automatically trigger a reset if the reset signal has not been asserted. | 10-25-2012 |
20120257745 | Split-Key Key-Agreement Protocol - There is provided a method of one member of a first entity generating an intra-entity public key. The first entity has a plurality of members and the one member has a long-term private key and a corresponding long-term public key. The method includes generating a short-term private key and a corresponding short-term public key, computing an intra-entity shared key by mathematically combining the short-term public key of the one member and respective short-term public keys of each other member of the first entity and computing the intra-entity public key by mathematically combining the short-term private key, the long-term private key and the intra-entity shared key. | 10-11-2012 |
20120257742 | Efficient Implementation of Hash Algorithm on a Processor - An efficient implementation of SHA-512, and similarly SHA-384, on an ARM processor. The implementation maximizes reuse of the register values between iterations so as to minimize the need to load these values from memory. This is achieved by categorizing the iterations into even and odd ones such that the sequence of computation in the even iteration is reversed in the odd iteration and the register values at the end of one iteration are consumed at the beginning of the following one. | 10-11-2012 |
20120239930 | Keyed PV Signatures - A system and method enabling a recipient correspondent of a keyed PV signature to convert it to a signature with properties similar to a traditional signature (i.e., where the message is public and may be verified by anyone), removing the keyed aspect of the signature. The recipient correspondent may transfer the converted signature to a third party and provide the third party with a proof of knowledge such that the third party may be convinced that the originator of the signature signed the message. | 09-20-2012 |
20120237021 | MULTI-DIMENSIONAL MONTGOMERY LADDERS FOR ELLIPTIC CURVES - An algorithm is provided having a matrix phase and point addition phase that permits computation of the combination of more than two point multiples. The algorithm has particular utility in elliptic curve cryptography (ECC) such as for computing scalar multiplications in, e.g. batch ECC operations, accelerating Lenstra's ECM factoring algorithm, exploiting expanded ECC certificates (which contain pre-computed multiples of a party's public key), incremental hashing based on elliptic curves, accelerating verification of ECDSA signatures, etc. | 09-20-2012 |
20120233469 | HYBRID SIGNATURE SCHEME - A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. | 09-13-2012 |
20120233457 | ISSUING IMPLICIT CERTIFICATES - Methods, systems, and computer programs for issuing an implicit certificate are disclosed. In some implementations, a certificate authority of an elliptic curve cryptography (ECC) system performs one or more operations for issuing the implicit certificate. A certificate request associated with a requester is received, and the certificate request includes a first element R | 09-13-2012 |
20120221858 | Accelerated Key Agreement With Assisted Computations - A method is provided for obtaining a secret value for use as a key in a cryptographic operation, the secret value combining a private key, x, of one computing device with a public key, Y, of another computing device to obtain a secret value xY. The method includes obtaining a pair of scalars x | 08-30-2012 |
20120221850 | System and Method for Reducing Computations in an Implicit Certificate Scheme - There are disclosed systems and methods for reducing the number of computations performed by a computing device constructing a public key from an implicit certificate associated with a certificate authority in an implicit certificate scheme. In one embodiment, the device first operates on the implicit certificate to derive an integer e. The device then derives a pair of integers (e | 08-30-2012 |
20120213366 | Aggregate Signature Schemes - An authenticated RFID system is provided that uses elliptic curve cryptography (ECC) to reduce the signature size and read/write times when compared to traditional public key implementations such as RSA. Either ECDSA or ECPVS can be used to reduce the signature size and ECPVS can be used to hide a portion of the RFID tag that contains sensitive product identifying information. As a result, smaller tags can be used or multiple signatures can be written at different stages in a manufacturing or supply chain. A key management system is used to distribute the verification keys and aggregate signature schemes are also provided for adding multiple signatures to the RFID tags, for example in a supply chain. | 08-23-2012 |
20120155637 | SYSTEM AND METHOD FOR HARDWARE STRENGTHENED PASSWORDS - A cryptographic module and a computing device implemented method for securing data using a cryptographic module is provided. The cryptographic module may include an input component for receiving a password, an output component for outputting data to the computing device, a random number generator for generating a random number and a module processor operative to generate at least one cryptographic key using the generated random number, and to record an association between the received password linking the received password with the at least one cryptographic key in a data store accessible to the cryptographic module. | 06-21-2012 |
20120137133 | Key Agreement and Transport Protocol - A key establishment protocol includes the generation of a value of cryptographic function, typically a hash, of a session key and public information. This value is transferred between correspondents together with the information necessary to generate the session key. Provided the session key has not been compromised, the value of the cryptographic function will be the same at each of the correspondents. The value of the cryptographic function cannot be compromised or modified without access to the session key. | 05-31-2012 |
20120131322 | System and Method for Authenticating a Gaming Device - A method and system are provided for authenticating and securing an embedded device using a secure boot procedure and a full non-volatile memory encryption process that implements Elliptic Curve Pinstov-Vanstone Signature (ECPV) scheme with message recovery on a personalized BIOS and master boot record. The signature includes code that is recovered in order to unlock a key that is in turn used to decrypt the non-volatile memory. The use of ECPVS provides an implicit verification that the hardware is bound to the BIOS since the encrypted memory is useless unless properly decrypted with the proper key. | 05-24-2012 |
20120102334 | System and Method for Hardware Based Security - An asset management system is provided, which includes a hardware module operating as an asset control core. The asset control core generally includes a small hardware core embedded in a target system on chip that establishes a hardware-based point of trust on the silicon die. The asset control core can be used as a root of trust on a consumer device by having features that make it difficult to tamper with. The asset control core is able to generate a unique identifier for one device and participate in the tracking and provisioning of the device through a secure communication channel with an appliance. The appliance generally includes a secure module that caches and distributes provisioning data to one of many agents that connect to the asset control core, e.g. on a manufacturing line or in an after-market programming session. | 04-26-2012 |
20120102318 | Method for the Application of Implicit Signature Schemes - A method of certifying a correspondent in data communication system by a certifying authority. The certifying authority includes a cryptographic unit. The method includes generating a random number and implicit certificate components based on the random number using the cryptographic unit. The implicit certificate components have a first component and a second component. The method also includes providing the implicit certificate components for use in the data communication system and providing a public key of the certifying authority for use in derivation of a public key of the correspondent from the first component. The certifying authority recertifies the correspondent by providing implicit certificate components using a changed value for the random number. | 04-26-2012 |
20120096274 | AUTHENTICATED ENCRYPTION FOR DIGITAL SIGNATURES WITH MESSAGE RECOVERY - A framework is proposed for authenticated encryption for digital signatures with message recovery whereby authentication is achieved without a redundancy requirement. The Elliptic Curve Pintsov-Vanstone Signature scheme is modified through the use of authenticated encryption, thereby enabling authentication using a message authentication code. The authenticated encryption may be performed within a single function or as two separate functions. The authenticated encryption may also be applied to associated data in the message to be signed. | 04-19-2012 |
20120096273 | AUTHENTICATED ENCRYPTION FOR DIGITAL SIGNATURES WITH MESSAGE RECOVERY - A framework is proposed for authenticated encryption for digital signatures with message recovery whereby authentication is achieved without a redundancy requirement. The Elliptic Curve Pintsov-Vanstone Signature scheme is modified through the use of authenticated encryption, thereby enabling authentication using a message authentication code. The authenticated encryption may be performed within a single function or as two separate functions. The authenticated encryption may also be applied to associated data in the message to be signed. | 04-19-2012 |
20120089844 | ONE WAY AUTHENTICATION - A cryptosystem prevents replay attacks within existing authentication protocols, susceptible to such attacks but containing a random component, without requiring modification to said protocols. The entity charged with authentication maintains a list of previously used bit patterns, extracted from a portion of the authentication message connected to the random component. If the bit pattern has been seen before, the message is rejected; if the bit pattern has not been seen before, the bit pattern is added to the stored list and the message is accepted. | 04-12-2012 |
20120084243 | Malleable Access Decision Processing And Ordering - An electronic device is provided. The electronic device comprises a memory, a processor, a rules data base stored in the memory, a context data base stored in the memory, and a rules engine stored in the memory. The rules data base comprises a plurality of access rules defined by different stakeholders. The context data base comprises contextual information comprising at least one of a relationship of the electronic device to a communication service plan owner associated with the electronic device, a work schedule associated with a user of the electronic device, a communication service account status, an entertainment service account status, and a gaming service account status. The rules engine application, when executed by the processor, grants access to a requested communication service based on applying the rules stored in the rules data base in accordance with the contextual information. | 04-05-2012 |
20120079593 | System and Method For Hindering a Cold Boot Attack - A method for hindering a cold boot attack on a user equipment (UE) is provided. The method includes, in response to detection of the cold boot attack, executing prioritized security procedures. A user equipment (UE) is also provided that includes a processor configured to execute prioritized security procedures responsive to detection of a cold boot attack. | 03-29-2012 |
20120079274 | Key Agreement and Transport Protocol with Implicit Signatures - A key establishment protocol between a pair of correspondents includes the generation by each correspondent of respective signatures. The signatures are derived from information that is private to the correspondent and information that is public. After exchange of signatures, the integrity of exchange messages can be verified by extracting the public information contained in the signature and comparing it with information used to generate the signature. A common session key may then be generated from the public and private information of respective ones of the correspondents. | 03-29-2012 |
20120075099 | Systems and Methods for Managing Lost Devices - A method for a device to determine that it has been lost is provided. The method comprises the device determining its current location, the device comparing its current location to a plurality of stored locations, and the device determining that it has been lost when its current location is a stored location that has been designated as a location where the device is unlikely to be located or is not a stored location that has been designated as a location where the device is likely to be located. | 03-29-2012 |
20120072975 | Circumstantial Authentication - An authentication system is provided. The authentication system comprises a first component configured to obtain information specific to an individual, a second component configured to dynamically formulate at least one challenge question based on the information, a third component configured to cause the at least one challenge question to be presented on a device when the device is used to perform an act that involves authentication, and a fourth component configured to judge authenticity based on an answer to the at least one challenge question. | 03-22-2012 |
20120047363 | Implicit Certificate Verification - A method of computing a cryptographic key to be shared between a pair of correspondents communicating with one another through a cryptographic system is provided, where one of the correspondents receives a certificate of the other correspondents public key information to be combined with private key information of the one correspondent to generate the key. The method comprises the steps of computing the key by combining the public key information and the private key information and including in the computation a component corresponding to verification of the certificate, such that failure of the certificate to verify results in a key at the one correspondent that is different to the key computed at the other correspondent. | 02-23-2012 |
20120022861 | PARALLEL ENTROPY ENCODER AND PARALLEL ENTROPY DECODER - An entropy encoder block for use in a context adaptive encoder and an entropy decoder block for use in a context adaptive decoder is presented. The encoder block includes a plurality of encoding elements, for processing encoding search tree look tables corresponding to encoding probabilities used by the context adaptive encoder, at least two of the encoding elements servicing the same probability. In an embodiment, at least one of the encoding search tree lookup tables comprises a set of shared encoding search tree lookup tables, accessible by at least two of the encoding elements. The decoder block includes a plurality of decoding elements, for processing decoding search tree lookup tables corresponding to the decoding probabilities used by the context adaptive decoder, at least two of the decoding elements servicing the same probability. In an embodiment, at least one of the decoding search tree lookup tables comprises a set of shared decoding search tree lookup tables, accessible by at least two of the decoding elements. | 01-26-2012 |
20120011362 | System and Method for Performing Device Authentication Using Key Agreement - A system and method are provided which employs a key agreement scheme, wherein the agreed-upon-shared key is used in a protocol message in the authentication rather than being employed as a session key. | 01-12-2012 |
20110307698 | MASKING THE OUTPUT OF RANDOM NUMBER GENERATORS IN KEY GENERATION PROTOCOLS - To mitigate the effects of a weak random number generator (RNG) in a public key cryptosystem, a public key obtained from the RNG is encrypted using a deterministic cryptographic scheme before being made publicly available. A trusted party receiving the encrypted public key can recover the public key and combine it with other information so it is not subject to direct scrutiny. In one embodiment, the trusted party incorporates the public key in a certificate, such as an implicit certificate, for use by the correspondents in other communications. | 12-15-2011 |
20110270906 | METHOD AND APPARATUS FOR PROVIDING FLEXIBLE BIT-LENGTH MODULI ON A BLOCK MONTGOMERY MACHINE - Techniques are disclosed for utilizing a block Montgomery machine designed only to operate at a fixed block length to perform operations using non-block length (flexible)moduli. In one embodiment, a new modulus n′ is obtained having a block length equal to the fixed block length of the Montgomery machine or a multiple thereof. At least one modular additive operation is performed with the new modulus n′, and at least one modular multiplicative operation is performed with the non-block length modulus n. In this way, the result of the at least one additive operation is sufficiently reduced when a carry stems from the additive operation. | 11-03-2011 |
20110268270 | Method of Public Key Generation - A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated. | 11-03-2011 |
20110261956 | Simultaneous Scalar Multiplication Method - In computing point multiples in elliptic curve schemes (e.g. kP and sQ) separately using, for example, Montgomery's method for the purpose of combining kP+sQ, several operations are repeated in computing kP and sQ individually, that could be executed at the same time. A simultaneous scalar multiplication method is provided that reduces the overall number of doubling and addition operations thereby providing an efficient method for multiple scalar multiplication. The elements in the pairs for P and Q method are combined into a single pair, and the bits in k and s are evaluated at each step as bit pairs. When the bits in k and s are equal, only one doubling operation and one addition operation are needed to compute the current pair, and when the bits in k and s are not equal, only one doubling operation is needed and two addition operations. | 10-27-2011 |
20110231664 | ACCELERATED SIGNATURE VERIFICATION ON AN ELLIPTIC CURVE - A public key encryption system exchanges information between a pair of correspondents. The recipient performs computations on the received data to recover the transmitted data or verify the identity of the sender. The data transferred includes supplementary information that relates to intermediate steps in the computations performed by the recipient. | 09-22-2011 |
20110222683 | DEVICE AND METHOD FOR IMPLEMENTING A CRYPTOGRAPHIC HASH FUNCTION - A computing device and a computing device implemented method are provided for preparing a message a bit-length number of bits in length less than or equal to a pre-determined maximum size, for input to a cryptographic hash function operating on blocks of a predetermined block size of B bits. The computing device comprises a processor in communication with a memory for processing the message. The method comprises the processor padding the message by adding sufficient padding bits and a length block of length n bits, such that a padded bit-length of the padded message is an integer factor times the block size B; and the processor setting the bits of the length block such that if the bit-length is less than 2 | 09-15-2011 |
20110213982 | ELGAMAL SIGNATURE SCHEMES - There is disclosed a method of generating a digital signature of a message m. A signature component s of the digital signature is calculated by first masking the long-term private key d using a single additive operation to combine the key d with a first value. The masked value is then multiplied by a second value to obtain component s. The first value is calculated using the message m and another component of the digital signature, and the second value is derived using the inverse of a component of the first value. In this way, the signature component s is generated using a method that counters the effectiveness of side channel attacks, such as differential side channel analysis, by avoiding a direct multiplication using long-term private key d. | 09-01-2011 |
20110213960 | CUSTOMIZABLE PUBLIC KEY INFRASTRUCTURE AND DEVELOPMENT TOOL FOR SAME - A public key infrastructure comprises a client side to request and utilize certificates in communication across a network and a server side to administer issuance and maintenance of said certificates. The server side has a portal to receive requests for a certificate from a client. A first policy engine to processes such requests in accordance with a set of predefined protocols. A certification authority is also provided to generate certificates upon receipt of a request from the portal. The CA has a second policy engine to implement a set of predefined policies in the generation of a certificate. Each of the policy engines includes at least one policy configured as a software component e.g. a Java bean, to perform the discreet functions associated with the policy and generate notification in response to a change in state upon completion of the policy. | 09-01-2011 |
20110210770 | SYSTEM FOR DETECTING A RESET CONDITION IN AN ELECTRONIC CIRCUIT - There is disclosed a system for detecting the assertion of a reset signal. A plurality of circuit elements is configurable by a reset signal to output a string of data values in a predetermined pattern. A comparator receives the string of data values and determines whether the string of data values matches the predetermined pattern. If so, the comparator generates an output signal indicative of a reset. In one embodiment, the output signal of the comparator can be used to automatically trigger a reset if the reset signal has not been asserted. | 09-01-2011 |
20110208970 | DIGITAL SIGNATURE AND KEY AGREEMENT SCHEMES - A method is disclosed for performing key agreement to establish a shared key between correspondents and for generating a digital signature. The method comprises performing one of key agreement or signature generation, and using information generated in said one of key agreement or signature generation in the other of said key agreement or said signature generation. By doing this, computations and/or bandwidth can be saved. | 08-25-2011 |
20110194694 | Accelerated Verification of Digital Signatures and Public Keys - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. For example, a technique for verifying a signature of a message can include applying a first mathematical function to a combination of the first signature component and the second message portion to obtain an intermediate component, using the intermediate component to generate a first value and a second value, where a second mathematical function applied to the first value and the second value obtains the intermediate component, and determining the ephemeral public key based on the first value, the second value, the second signature component, the base point of the elliptic curve, and a long-term public key of the long-term private-public key pair. The technique can include verifying whether a representation of the first message portion satisfies a predetermined characteristic. | 08-11-2011 |
20110145585 | SYSTEM AND METHOD FOR PROVIDING CREDENTIALS - A method and system is operable to provide credentials by generating a first credential that conforms to a first specified format. A second credential conforming to a second specified format is included in the first credential so that the second credential may be distributed through the cryptosystem using the first specified format. The credential may be a digital certificate. | 06-16-2011 |
20110093718 | HYBRID SIGNATURE SCHEME - A signature scheme is provided in which a message is divided in to a first portion which is hidden and is recovered during verification, and a second portion which is visible and is required as input to the verification algorithm. A first signature component is generated by encrypting the first portion alone. An intermediate component is formed by combining the first component and the visible portion and cryptographically hashing them. A second signature component is then formed using the intermediate component and the signature comprises the first and second components with the visible portion. A verification of the signature combines a first component derived only from the hidden portion of the message with the visible portion and produces a hash of the combination. The computed hash is used together with publicly available information to generate a bit string corresponding to the hidden portion. If the required redundancy is present the signature is accepted and the message reconstructed from the recovered bit string and the visible portion. | 04-21-2011 |
20110087883 | SELF-SIGNED IMPLICIT CERTIFICATES - There are disclosed systems and methods for creating a self-signed implicit certificate. In one embodiment, the self-signed implicit certificate is generated and operated upon using transformations of a nature similar to the transformations used in the ECQV protocol. In such a system, a root CA or other computing device avoids having to generate an explicit self-signed certificate by instead generating a self-signed implicit certificate. | 04-14-2011 |
20110064226 | SPLIT-KEY KEY-AGREEMENT PROTOCOL - This invention relates to a method for generating a shared secret value between entities in a data communication system, one or more of the entities having a plurality of members for participation in the communication system, each member having a long term private key and a corresponding long term public key. The method comprises the steps of generating a short term private and a corresponding short term public key for each of the members; exchanging short term public keys of the members within an entity. For each member then computing an intra-entity shared key by mathematically combining the short term public keys of each the members computing an intra-entity public key by mathematically combining its short-term private key, the long term private key and the intra-entity shared key. Next, each entity combines intra-entity public keys to derive a group short-term S | 03-17-2011 |
20110063093 | SYSTEM AND METHOD FOR PERFORMING SERIALIZATION OF DEVICES - A serialization service module is provided for configuring an asset management system to provide a secure means of generating, assigning to chips (or other electronic objects or devices), and tracking unique serial numbers. To provide this service, a controller is used to define a product model, then to define one or more serialization schemas to be bound to each product model. Each serialization schema contains a range of serial numbers for a particular product. The serial number schemas are sent over a secure, encrypted connection to appliances at the manufacturer's location. Agents can then request serial number values by product name. The serial numbers are generated by the appliance, metered, and provided to the agents. The serial numbers are then injected sequentially into each die in a chip manufacturing process using the agent. | 03-17-2011 |
20110060909 | TRAPDOOR ONE-WAY FUNCTIONS ON ELLIPTIC CURVES AND THEIR APPLICATION TO SHORTER SIGNATURES AND ASYMMETRIC ENCRYPTION - The present invention provides a new trapdoor one-way function. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. Every rational map is a composition of a translation and an endomorphism. The most secure part of the rational map is the endomorphism as the translation is easy to invert. If the problem of inverting the endomorphism and thus [z] is as hard as the discrete logarithm problem in E, then the size of the cryptographic group can be smaller than the group used for RSA trapdoor one-way functions. | 03-10-2011 |
20110016324 | DATA CARD VERIFICATION SYSTEM - A method of verifying a pair of correspondents in electronic transaction, the correspondents each including first and second signature schemes and wherein the first signature scheme is computationally more difficult in signing than verifying and the second signature scheme is computationally more difficult in verifying than signing. The method comprises the step of the first correspondent signing information according to the first signature scheme and transmitting the first signature to the second correspondent, the second correspondent verifying the first signature received from the first correspondent, wherein the verification is performed according to the first signature scheme. The second correspondent then signs information according to the second signature scheme and transmits the second signature to the first correspondent, the first correspondent verifies the second signature received from the second correspondent, wherein the verification is performed according to the second signature algorithm; the transaction is rejected if either verification fails. The method thereby allows one of the correspondents to participate with relatively little computing power while maintaining security of the transaction. | 01-20-2011 |
20110013768 | SYSTEM AND METHOD FOR REDUCING THE COMPUTATION AND STORAGE REQUIREMENTS FOR A MONTGOMERY-STYLE REDUCTION - A system and method are described that provide an alternative way in which to produce a Montgomery reduction from below by storing a new precomputed value used to substantially replace the μ and n values used in Montgomery reduction with a single value. By modifying the Montgomery reduction mechanism in this way, the number of multiplications and registers required to effect the Montgomery reduction can be reduced. To avoid having to store both μ and n, a modified reduction value or a logical shift or signed version of such a value can be used in place of μ and n for the bulk of the low-order reduction. | 01-20-2011 |
20110010770 | SYSTEM AND METHOD FOR PERFORMING KEY INJECTION TO DEVICES - A key injection service module for an asset management system is provided for a secure means of injecting keys into products. To provide this service, a controller is used to define one or more key types defining the format of the keys in a file. The controller is then used to define a product model, and then to bind each key type to the product models. | 01-13-2011 |
20110010720 | SYSTEM AND METHOD FOR MANAGING ELECTRONIC ASSETS - An asset management system is provided which comprises one or more controllers, which operate as main servers and can be located at the headquarters of an electronic device manufacturer to remotely control their operations at any global location. The controller can communicate remotely over the Internet or other network to control one or more secondary or remote servers, herein referred to as appliances. The appliances can be situated at different manufacturing, testing or distribution sites. The controller and appliances comprise hardware security modules (HSMs) to perform sensitive and high trust computations, store sensitive information such as private keys, perform other cryptographic operations, and establish secure connections between components. The HSMs are used to create secure end-points between the controller and the appliance and between the appliance and the secure point of trust in an asset control core embedded in a device. | 01-13-2011 |
20110010540 | Method for Providing Information Security for Wireless Transmissions - A wireless communication system includes a pager or similar device that communicates to a home terminal. The home terminal confirms the identity of the pager and attaches a certificate to the message for ongoing transmission. Where the recipient is also a pager, an associated home terminal verifies the transmission and forwards it in a trusted manner without the certificate to the recipient. | 01-13-2011 |
20100312791 | PARTIAL REVOCATION LIST - A partial revocation list and a system and method for using the partial revocation list for tracking the authenticity of replacement cartridges in a manufactured device to inhibit cloning of the cartridges is provided. A revocation pool is maintained by a manufacturer who chooses a partial revocation list from the revocation pool to store in the memory of the cartridge. The device stores its own revocation list, informs the manufacturer of cartridges which have been used and checks when a new device is installed to ensure a cloned replacement is not being used. The partial revocation list distributes enough revocation information to devices to statistically impair the cartridge yield of a cloning operation. | 12-09-2010 |
20100308978 | SYSTEM AND METHOD FOR AUTHENTICATING RFID TAGS - A system and method of providing authenticity to a radio frequency identification (RFID) tag are provided. The method comprises generating a plurality of digital signatures, wherein each digital signature is generated using an index value unique to that digital signature and using information associated with the RFID tag; and storing the plurality of digital signatures on the RFID tag in association with respective index values to enable a desired digital signature to be selected according to a provided index value. Also provided are a system and method of enabling an RFID reader to authenticate an RFID tag, which utilize a challenge comprising an index value to request one of the stored signature and authenticating same. Also provided is an RFID tag that is configured to participate in the challenge-response protocol. | 12-09-2010 |
20100306546 | MOBILE CERTIFICATE DISTRIBUTION IN A PKI - A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad-hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET. | 12-02-2010 |
20100284540 | RESILIENT CRYPTOGRAPHIC SCHEME - A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key. | 11-11-2010 |
20100281259 | KEY AGREEMENT AND TRANSPORT PROTOCOL WITH IMPLICIT SIGNATURES - A key establishment protocol between a pair of correspondents includes the generation by each correspondent of respective signatures. The signatures are derived from information that is private to the correspondent and information that is public. After exchange of signatures, the integrity of exchange messages can be verified by extracting the public information contained in the signature and comparing it with information used to generate the signature. A common session key may then be generated from the public and private information of respective ones of the correspondents. | 11-04-2010 |
20100278334 | METHOD AND APPARATUS FOR MINIMIZING DIFFERENTIAL POWER ATTACKS ON PROCESSORS - A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation. | 11-04-2010 |
20100278333 | METHOD AND APPARATUS FOR PERFORMING ELLIPTIC CURVE ARITHMETIC - A method of performing a cryptographic operation on a point in an elliptic curve cryptosystem using an elliptic curve. The method comprises the steps of obtaining information that uniquely identifies the elliptic curve and performing computations on the point to obtain the result of the cryptographic operation. The computations use the information. The computations produce an incorrect result if the point is not on the elliptic curve. | 11-04-2010 |
20100260335 | METHOD AND APPARATUS FOR GENERATING A KEY STREAM - A method of generating a key stream for a precomputed state information table. The method comprises initialising a counter and an accumulator with non-zero values; combining state information identified by the counter with the accumulator; swapping state information identified by the counter with state information identified by the accumulator; combining the two pieces of state information; outputting the state information identified by the combination as a byte of the key stream; adding a predetermined number odd number to the counter; and repeating the above steps to produce each byte of the key stream. | 10-14-2010 |
20100250945 | PRIVACY-ENHANCED E-PASSPORT AUTHENTICATION PROTOCOL - A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value. | 09-30-2010 |
20100241848 | SYSTEM AND METHOD FOR SECURELY COMMUNICATING WITH ELECTRONIC METERS - An infrastructure for securely communicating with electronic meters is described, which enables secure communication between a utility and a meter located at a customer, over a communication link or connection such as via a network. This enables messages to be sent from the utility to the meter and vice versa in a secure manner. The network provides a communication medium for communicating via the C12.22 protocol for secure metering. A cryptographic backend is used to cryptographically process messages to be sent to the meter and to similarly cryptographically process messages sent from the meter. By providing appropriate cryptographic measures such as key management, confidentiality and authentication, the meter can only interpret and process messages from a legitimate utility and the utility can ensure that the messages it receives are from a legitimate meter and contain legitimate information. | 09-23-2010 |
20100223478 | SYSTEM AND METHOD FOR PERFORMING EXPONENTIATION IN A CRYPTOGRAPHIC SYSTEM - There are disclosed systems and methods for computing an exponentiatied message. In one embodiment blinding is maintained during the application of a Chinese Remainder Theorem (CRT) algorithm and then removed subsequent to the completion of the CRT algorithm. In another embodiment, fault injection attacks, such as the gcd attack, can be inhibited by applying and retaining blinding during the application of the CRT algorithm to yield a blinded exponentiation value, and then subsequently removing the blinding in a manner that causes an error injected into the CRT computation to cascade into the exponent of the value used to unblind the blinded exponentiated value. | 09-02-2010 |
20100205433 | SYSTEM AND METHOD FOR REMOTE DEVICE REGISTRATION - A system and method for remote device registration, to monitor and meter the injection of keying or other confidential information onto a device, is provided. A producer who utilizes one or more separate manufacturers, operates a remote module that communicates over forward and backward channels with a local module at the manufacturer. Encrypted data transmissions are sent by producer to the manufacturer and are decrypted to obtain sensitive data used in the devices. As data transmissions are decrypted, credits from a credit pool are depleted and can be replenished by the producer through credit instructions. As distribution images are decrypted, usage records are created and eventually concatenated, and sent as usage reports back to the producer, to enable the producer to monitor and meter production at the manufacturer. | 08-12-2010 |
20100189253 | PRIVACY-ENHANCED E-PASSPORT AUTHENTICATION PROTOCOL - A passport authentication protocol provides for encryption of sensitive data such as biometric data and transfer of the encryption key from the passport to the authentication authority to permit comparison to a reference value. | 07-29-2010 |
20100166188 | IMPLICIT CERTIFICATE SCHEME - A method of generating a public key in a secure digital communication system, having at least one trusted entity CA and subscriber entities A. For each entity A, the trusted entity selects a unique identity distinguishing the entity A. The trusted entity then generates a public key reconstruction public data of the entity A by mathematically combining public values obtained from respective private values of the trusted entity and the entity A. The unique identity and public key reconstruction public data of the entity A serve as A's implicit certificate. The trusted entity combines the implicit certificate information with a mathematical function to derive an entity information ƒ and generates a value k | 07-01-2010 |
20100153728 | ACCELERATION OF KEY AGREEMENT PROTOCOLS - The generation of a shared secret key K in the implementation of a key agreement protocol, for example MQV, may be optimized for accelerated computation by selecting the ephemeral public key and the long-term public key of a correspondent to be identical. One correspondent determines whether the pair of public keys of the other correspondent are identical. If it is, a simplified representation of the shared key K is used which reduces the number of scalar multiplication operations for an additive group or exponentiation operations for a multiplicative group. Further optimisation may be obtained by performing simultaneous scalar multiplication or simultaneous exponentiation in the computation of K. | 06-17-2010 |
20100146028 | METHOD AND APPARATUS FOR MODULUS REDUCTION - A modulo reduction is performed on a value a represented as an ordered sequence of computer readable words. The lowest order words are eliminated by substituting an equivalent value represented by higher order words for each of the lower order words. The lowest order words are eliminated until the sequence has a word length corresponding to the modulus. Carries and borrows resulting from the substitution are propagated from lower order words to higher order words. Further reduction is performed to maintain the word length of the sequence to that of the modulus. The further reduction may be determined by examination of a carryover bit or may be performed a predetermined number of times without examination. | 06-10-2010 |
20100111296 | COLLISION-RESISTANT ELLIPTIC CURVE HASH FUNCTIONS - Elliptic curve hash functions are provided which do not require a pre-existing hash function, such as that required by the MuHash. The elliptic curve hash functions can be built from scratch and are collision free and can be incremental. In one embodiment, rather than a pre-existing hash function, the identity function with padding is used; and in another embodiment, rather than a pre-existing hash function, a block cipher with a fixed non-secret key is used. | 05-06-2010 |
20100109721 | SYSTEM FOR DETECTING A RESET CONDITION IN AN ELECTRONIC CIRCUIT - There is disclosed a system for detecting the assertion of a reset signal. A plurality of circuit elements is configurable by a reset signal to output a string of data values in a predetermined pattern. A comparator receives the string of data values and determines whether the string of data values matches the predetermined pattern. If so, the comparator generates an output signal indicative of a reset. In one embodiment, the output signal of the comparator can be used to automatically trigger a reset if the reset signal has not been asserted. | 05-06-2010 |
20100014663 | Strengthened public key protocol - A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics. | 01-21-2010 |
20090319790 | MASKED DIGITAL SIGNATURES - The present invention relates to digital signature operations using public key schemes in a secure communications system and in particular for use with processors having limited computing power such as ‘smart cards’. This invention describes a method for creating and authenticating a digital signature comprising the steps of selecting a first session parameter k and generating a first short term public key derived from the session parameter k, computing a first signature component r derived from a first mathematical function using the short term public key, selecting a second session parameter t and computing a second signature component s derived from a second mathematical function using the second session parameter t and without using an inverse operation, computing a third signature component using the first and second session parameters and sending the signature components (s, r, c) as a masked digital signature to a receiver computer system. In the receiver computer system computing a recovered second signature component s′ by combining a third signature component with the second signature component to derive signature components (s′, r) as an unmasked digital signature. Verifying these signature components as in a usual ElGamal or ECDSA type signature verification. | 12-24-2009 |
20090316902 | METHOD AND APPARATUS FOR ENCODING SECURITY STATUS INFORMATION - A method of transmitting messages from a sender to a recipient over a wireless channel, the messages including a sequence counter and a frame counter. The method comprises establishing initial values of the sequence counter and the frame counter at the sender. Initial values of the frame counter and the sequence counter are provided to the recipient. The sender sends compressed messages including the value of the sequence counter and not the frame counter and monitors for an acknowledgement of receipt by the recipient. When no acknowledgment is received, the sender sends uncompressed messages until an acknowledgement of receipt is received from the recipient. The sequence counter is incremented and the next value of the frame counter is established as the integer next larger than previous value of the frame counter which is congruent to the sequence counter modulo | 12-24-2009 |
20090292920 | Device authentication in a PKI - A method for establishing a link key between correspondents in a public key cryptographic scheme, one of the correspondents being an authenticating device and the other being an authenticated device. The method also provides a means for mutual authentication of the devices. The authenticating device may be a personalized device, such as a mobile phone, and the authenticated device may be a headset. The method for establishing the link key includes the step of introducing the first correspondent and the second correspondent within a predetermined distance, establishing a key agreement and implementing challenge-response routine for authentication. Advantageously, main-in-the middle attacks are minimized. | 11-26-2009 |
20090262930 | METHOD FOR STRENGTHENING THE IMPLEMENTATION OF ECDSA AGAINST POWER ANALYSIS - A method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. Each of the plurality of parts is combined with the random value to derive a plurality of new values such that the new values when combined are equivalent to the secret value. Each of the new values is used in the cryptographic operation, thereby using the secret generator in place of the generator G in the cryptographic operation. The introduction of randomness facilitates the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks. | 10-22-2009 |
20090077384 | Accelerated signature verification on an elliptic curve - A public key encryption system exchanges information between a pair of correspondents. The recipient performs computations on the received data to recover the transmitted data or verify the identity of the sender. The data transferred includes supplementary information that relates to intermediate steps in the computations performed by the recipient. | 03-19-2009 |
20080307068 | Mobile certificate distribution in a PKI - A method of providing certificate issuance and revocation checks involving mobile devices in a mobile ad-hoc network (MANET). The wireless devices communicate with each other via Bluetooth wireless technology in the MANET, with an access point (AP) to provide connectivity to the Internet. A Certificate authority (CA) distributes certificates and certification revocation lists (CRLs) to the devices via the access point (AP). Each group of devices has the name of the group associated with the certificate and signed by the CA. A device that is out of the radio range of the access point may still connect to the CA to validate a certificate or download the appropriate CRL by having all the devices participate in the MANET. | 12-11-2008 |