公开(公告)号：US10673615B2

公开(公告)日：2020-06-02

申请号：US16004846

申请日：2018-06-11

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Alon Shaltiel ,  Yair Fodor

IPC: H04L9/30 ,  H04L29/06 ,  H04L9/00 ,  H04L9/06 ,  H04L9/14

Abstract: In one embodiment, data for use by a processor is stored in a memory. A network interface communicates over a network with a second device. At a processor, a Somewhat Homomorphic Encryption (SHE) of a plurality of secret shares is generated. The SHE of the plurality of secret shares is sent to the second device. The following is performed in a loop: a first result of a homomorphic exclusive-or operation performed by the second device on the SHE is received, a SHE of the first result is performed, yielding a second result, a SHE of the second result is performed yielding a third result, the third result is transmitted to the second device, and a final SHE result is received from the second device. The received final SHE result is decrypted in order to produce a final Somewhat Homomorphically Decrypted (SHD) output. The final SHD output is then output. Related methods, systems, and apparatus are also described.

公开(公告)号：US09407434B2

公开(公告)日：2016-08-02

申请号：US14759417

申请日：2013-07-10

Applicant: Cisco Technology, Inc.

Inventor： Michael Kara-Ivanov ,  Aviad Kipnis ,  Tzachy Reinman ,  Efraim Mangell ,  Erez Waisbard ,  Yaacov Belenky

IPC: H04L9/08

CPC classification number: H04L9/0861 ,  H04L9/0869

Abstract: A method, system and apparatus for deriving a secondary secret from a root secret are described, the method, system and apparatus including reserving a memory buffer included in an integrated circuit, the memory buffer being large enough to contain all of the bits which will include the secondary secret, receiving a plurality of bits from a root secret, the root secret being stored in a secure memory of the integrated circuit, inputting the plurality of bits from the root secret and at least one control bit into a permutation network, and thereby producing a multiplicity of output bits, the at least one control bit including one of one bit of a value g, and one bit an output of a function which receives g as an input, receiving the multiplicity of output bits from the permutation network, inputting the multiplicity of output bits from the permutation network into a plurality of logic gates, thereby combining the multiplicity of output bits, wherein a fixed number of bits is output from the logic gates, inputting the fixed number of bits output by the logic gates into an error correcting code module, the fixed number of bits output by the logic gates including a first group of intermediate output bits and a second group of intermediate output bits and receiving output bits from the error correcting code module, the output bits of the error correcting code module including the first group of intermediate output bits as changed by the error correcting code module, where the change depends on the second group of intermediate output bits, filling non-filled registers in the reserved memory buffer with the first group of intermediate output bits as changed by the error correcting code module, and repeating the steps of “receiving a plurality of bits from a root secret” through “filling non-filled registers in the reserved memory buffer” until the entire secondary secret is derived, wherein the steps of “receiving a plurality of bits from a root secret” through “filling non-filled registers in the reserved memory buffer” are performed in a single clock cycle of the integrated circuit. Related apparatus, methods and systems are also described.

公开(公告)号：US09319752B2

公开(公告)日：2016-04-19

申请号：US14324751

申请日：2014-07-07

Applicant: Cisco Technology Inc.

Inventor： Itsik Mantin ,  Aviad Kipnis

IPC: G06K9/00 ,  H04N21/647 ,  G06T1/00 ,  H04N7/167 ,  H04N21/2389 ,  H04N21/8355 ,  H04N21/8358

CPC classification number: H04N21/64715 ,  G06T1/0021 ,  G06T1/005 ,  G06T2201/0061 ,  H04N7/1675 ,  H04N21/23892 ,  H04N21/8355 ,  H04N21/8358

Abstract: A method and system for embedding a watermark in block encrypted content, including encoding a bit string, the bit string including n bits, denoted b0-bn−1, the encoding including translating each bit, b0-bn−1, into a block of data, according to the following rule if bi=1, then translate bi into a block of data of a first type, and if bi=0, then translate bi into a block of data of a second type, thereby translating the n bits into n blocks of data corresponding to each bit b0-bn−1, arranging a composite block of data including the n blocks of data, and at least one additional block indicating the presence of the n blocks of data, and inserting the composite block of data into a content item as a watermark, wherein the watermarked content item is encrypted using an ECB mode of encryption. Related methods and apparatus are also described.

Abstract translation: 一种用于在块加密内容中嵌入水印的方法和系统，包括编码比特串，包括表示为b0-bn-1的n比特的比特串，包括将每个比特b0-bn-1转换成块 数据，如果bi = 1，则将bi转换成第一类型的数据块，并且如果bi = 0，则将bi转换成第二类型的数据块，从而将n位转换成 对应于每个位b0-bn-1的n个数据块，排列包括n个数据块的数据的合成块，以及指示存在n个数据块的至少一个附加块，以及插入复合数据块 作为水印进入内容项目，其中使用ECB加密模式来加密加水印的内容项目。 还描述了相关方法和装置。

公开(公告)号：US20150113125A1

公开(公告)日：2015-04-23

申请号：US14061165

申请日：2013-10-23

Applicant: Cisco Technology Inc.

Inventor： Brian Chamberlin ,  Simon Parnall ,  Hillel Solow ,  Yaron Sella ,  Aviad Kipnis ,  Perry Smith

IPC: H04L12/26 ,  H04L29/08

CPC classification number: H04L43/0805 ,  H04L63/0209 ,  H04L63/0281

Abstract: A system and method is described for providing the status of safety critical systems to untrusted devices.

Abstract translation: 描述了一种系统和方法，用于向不受信任的设备提供安全关键系统的状态。

公开(公告)号：US10469266B2

公开(公告)日：2019-11-05

申请号：US15595980

申请日：2017-05-16

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Erez Waisbard ,  Eliphaz Hibshoosh

IPC: H04L9/32 ,  H04L9/08

Abstract: In one embodiment, a first signature template is received, the first signature template being one of a signature template of a first message or a null template, the first signature template comprising at least the following fields: an aggregation depth field, a message identifier, one of the first message or a result of applying a one way hash function to the first message, a bit vector, an aggregated square random integer mod N, a signature of the first message. A second signature template is created based on the first signature template, the second signature template created as follows: increment the aggregation depth of the first signature template, determine a unique message identifier for a second message, determine a second bit vector, determine an second aggregated square random integer mod N, and calculate a new signature for the second message. Related methods, apparatus, and systems are also disclosed.

公开(公告)号：US10361865B2

公开(公告)日：2019-07-23

申请号：US15688894

申请日：2017-08-29

Applicant: Cisco Technology, Inc.

Inventor： Eliphaz Hibshoosh ,  Aviad Kipnis ,  Nir Moshe ,  Alon Shaltiel ,  Yair Fodor

IPC: H04L9/32 ,  H04L9/00 ,  G06F21/00 ,  G06F21/64 ,  G06F21/53

Abstract: In one embodiment, a method, system, and apparatus are described, the method, system, and apparatus including generating metadata to be associated with each block of a series of blocks, the generating including, except for an initial block, receiving: a first block, including a signed block, and a second block to be signed, retrieving a first value including a square of a random number, R′2, multiplying R′2 by a nonce, r, and setting r·R′2 to be a square of a first random number, denoted R2, for the second block, retrieving a second value from the first block, the second value including K-bit vector, E′, determining a bit string value of the second block, M, computing E=hash(R2∥M∥E′), and determining a signature, Sig, for the second block by calculating Sig=r Sig′ SE-E′. Related methods, systems, and apparatuses are also described.

公开(公告)号：US09571268B2

公开(公告)日：2017-02-14

申请号：US15132271

申请日：2016-04-19

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Eliphaz Hibshoosh

IPC: H04L9/00 ,  H04L9/08 ,  H04L9/30 ,  H04L9/06 ,  G06F7/58

CPC classification number: H04L9/008 ,  G06F7/58 ,  G06F7/582 ,  H04L9/00 ,  H04L9/002 ,  H04L9/0631 ,  H04L9/0643 ,  H04L9/065 ,  H04L9/08 ,  H04L9/0869 ,  H04L9/302 ,  H04L9/3093 ,  H04L2209/08 ,  H04L2209/24

Abstract: In one embodiment, a method for reducing information leakage in order to counter side channel attacks against a secure execution environment is described, the method including receiving at the secure execution environment a first input comprising a key comprising a sequence of k input elements in a commutative ring, CR, receiving at the secure execution environment a second input comprising a text comprising a sequence of p input elements in the commutative ring, CR, defining an input INP comprising a sequence of j input elements, wherein INP comprises either one or both of the first input or the second input, performing one of a matrix randomization operation or a polynomial randomization operation on the inputs, and producing a randomized output.

Abstract translation: 在一个实施例中，描述了一种用于减少针对安全执行环境的侧向信道攻击的信息泄漏的方法，所述方法包括在安全执行环境下接收第一输入，该第一输入包括一个包含k个输入元素序列在一个可交换 环，CR，在安全执行环境处接收第二输入，第二输入包括包括交换环中的p个输入元素序列的文本CR，其定义包括j个输入元素序列的输入INP，其中INP包括以下两个中的一个或两个： 第一输入或第二输入，对输入执行矩阵随机化操作或多项式随机化操作之一，并产生随机输出。

公开(公告)号：US10715508B2

公开(公告)日：2020-07-14

申请号：US16004860

申请日：2018-06-11

Applicant: Cisco Technology, Inc.

Inventor： Eliphaz Hibshoosh ,  Aviad Kipnis

IPC: H04L29/06 ,  H04L9/00 ,  H04L9/08

Abstract: In one embodiment, a method for secure computation, includes receiving in a server, over a communication channel from a device external to the server a request to perform a modular exponentiation operation in which an exponent of the operation comprises a secret value, wherein the secret value is not provided to the server, and at least two parameters that encode the secret value in accordance with a polynomial or matrix homomorphic encryption of the secret value computed by the device, and performing in the server, in response to the request, a homomorphic exponentiation using the at least two parameters received from the device without decrypting the secret value in the server, so as to generate an output that is indicative of a result of the modular exponentiation operation.

公开(公告)号：US20190182027A1

公开(公告)日：2019-06-13

申请号：US16004846

申请日：2018-06-11

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Alon Shaltiel ,  Yair Fodor

IPC: H04L9/00 ,  H04L9/06 ,  H04L9/30 ,  H04L9/14 ,  H04L29/06

Abstract: In one embodiment, data for use by a processor is stored in a memory. A network interface communicates over a network with a second device. At a processor, a Somewhat Homomorphic Encryption (SHE) of a plurality of secret shares is generated. The SHE of the plurality of secret shares is sent to the second device. The following is performed in a loop: a first result of a homomorphic exclusive-or operation performed by the second device on the SHE is received, a SHE of the first result is performed, yielding a second result, a SHE of the second result is performed yielding a third result, the third result is transmitted to the second device, and a final SHE result is received from the second device. The received final SHE result is decrypted in order to produce a final Somewhat Homomorphically Decrypted (SHD) output. The final SHD output is then output. Related methods, systems, and apparatus are also described.

公开(公告)号：US09350543B2

公开(公告)日：2016-05-24

申请号：US14417184

申请日：2013-07-25

Applicant: Cisco Technology, Inc.

Inventor： Aviad Kipnis ,  Eliphaz Hibshoosh

IPC: H04L9/08 ,  H04L9/00 ,  H04L9/30 ,  G06F7/58

CPC classification number: H04L9/008 ,  G06F7/58 ,  G06F7/582 ,  H04L9/00 ,  H04L9/002 ,  H04L9/0631 ,  H04L9/0643 ,  H04L9/065 ,  H04L9/08 ,  H04L9/0869 ,  H04L9/302 ,  H04L9/3093 ,  H04L2209/08 ,  H04L2209/24

Abstract: A fully homomorphic method and system for randomizing an input, wherein all computations are over a commutative ring is described. Equivalent methods for performing the randomization using matrices and polynomials are detailed, as well as ways to mix the matrix and polynomial functions. Addition, multiplication, and division of the matrix and polynomial functions is further described. By performing computations of the functions modulo N over a ring ZN, the functions are usable as encryption functions. The method and system can also be used for verifying that a returned result of a calculation performed by a third party is valid for any of the calculations described herein. Related methods, systems, and apparatus are also described.

Abstract translation: 描述了用于随机化输入的完全同态方法和系统，其中所有计算都在交换环上。 详细说明了使用矩阵和多项式执行随机化的等效方法，以及混合矩阵和多项式函数的方法。 进一步描述矩阵和多项式函数的加法，乘法和除法。 通过在环ZN上执行模N的函数的计算，这些函数可用作加密函数。 方法和系统还可以用于验证由第三方执行的计算的返回结果对于本文所描述的任何计算是有效的。 还描述了相关方法，系统和装置。