公开(公告)号：US09735953B2

公开(公告)日：2017-08-15

申请号：US14641119

申请日：2015-03-06

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Rosario Cammarota

IPC: G06F9/00 ,  G06F9/24 ,  H04L9/00

CPC classification number: H04L9/003 ,  H04L2209/08 ,  H04L2209/12

Abstract: A distributed technique for implementing a cryptographic process performs operations in parallel on both valid and irrelevant data to prevent differentiation of the operations based on an encryption key content. A control entity switches or points valid data to appropriate CPU(s) that are responsible for operations such as squaring or multiplying. Irrelevant data is also switched or pointed to appropriate CPU(s) that execute operations in parallel with the CPU(s) operating on the valid data. The distributed technique contributes to obscuring side channel analysis phenomena from observation, such that cryptographic operations cannot easily be tied to the content of the encryption key.

公开(公告)号：US09706397B2

公开(公告)日：2017-07-11

申请号：US15065608

申请日：2016-03-09

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04M11/00 ,  H04W12/04 ,  H04L9/00 ,  H04W12/06 ,  H04L29/06 ,  H04L9/32 ,  H04W4/00 ,  H04W12/02

CPC classification number: H04W12/04 ,  H04L9/006 ,  H04L9/0841 ,  H04L9/3265 ,  H04L63/062 ,  H04W4/80 ,  H04W12/02 ,  H04W12/06

Abstract: An apparatus and method for configuring a wireless station for use within a wireless local area network are disclosed. In at least one exemplary embodiment, a pairwise master key is generated by the wireless station and an access point within the wireless local area network. The pairwise master key may be based, at least in part, on a transient identity key pair of the wireless station. The transient identity key pair may be generated by the wireless station in response to receiving a message from the access point. In some embodiments, a public transient identity key of the transient identity key pair may be provided to additional access points to enable the wireless station to authenticate with the additional access points.

公开(公告)号：US09521642B2

公开(公告)日：2016-12-13

申请号：US15139797

申请日：2016-04-27

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap ,  Etan Gur Cohen ,  Anand Palanigounder

IPC: H04W12/06 ,  H04L12/28 ,  H04L12/24 ,  H04L29/06 ,  H04W84/18 ,  H04W60/00 ,  G06K19/06

CPC classification number: H04W60/00 ,  G06K19/06037 ,  H04L12/2809 ,  H04L29/06551 ,  H04L29/06782 ,  H04L41/0806 ,  H04L41/0809 ,  H04L41/28 ,  H04L63/08 ,  H04L63/083 ,  H04L63/10 ,  H04W12/06 ,  H04W84/18

Abstract: A new enrollee device is configured for a communication network using an electronic device and a network registrar. The new enrollee device is a headless device that lacks a first user interface for configuring the new enrollee device for the communication network. The electronic device obtains, at a sensor, sensor information that is indicative of a device key associated with the new enrollee device. The electronic device determines the device key based on the sensor information. The device key is provided to the network registrar to cause the network registrar to configure the new enrollee device for the communication network.

Abstract translation: 新的登记器设备被配置为使用电子设备和网络注册器的通信网络。 新的注册设备是无头设备，其缺少用于为通信网络配置新的登记器设备的第一用户界面。 电子设备在传感器处获取指示与新的登记者设备相关联的设备密钥的传感器信息。 电子设备基于传感器信息确定设备密钥。 设备密钥被提供给网络注册器以使网络注册器配置用于通信网络的新的登记者设备。

公开(公告)号：US20160286390A1

公开(公告)日：2016-09-29

申请号：US15055840

申请日：2016-02-29

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04W12/04 ,  H04L9/32 ,  H04L29/06

CPC classification number: H04W12/04 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/0428 ,  H04L63/0823 ,  H04L2209/80 ,  H04W12/003 ,  H04W12/06

Abstract: An apparatus and method for configuring access points and wireless devices for use within a wireless local area network (WLAN) is disclosed. In at least one exemplary embodiment, a network manager may obtain the public keys of an access point and the wireless devices to be included in the WLAN. The network manager may generate and provide a public key list including the public keys of the wireless devices to the access point. The access point may establish communication links with the wireless devices corresponding to the public keys in the public key list. The network manager may generate a de-authorization list that includes the public keys of access points no longer authorized to operate within the WLAN. The de-authorization list may be distributed to wireless devices within the WLAN. The wireless devices may refuse connections to access points listed on the de-authorization list.

Abstract translation: 公开了一种用于配置在无线局域网（WLAN）内使用的接入点和无线设备的装置和方法。 在至少一个示例性实施例中，网络管理器可以获得接入点的公开密钥以及要包括在WLAN中的无线设备。 网络管理器可以生成并提供包括无线设备的公开密钥的公共密钥列表到接入点。 接入点可以建立与公共密钥列表中的公共密钥对应的无线设备的通信链路。 网络管理器可以生成包括不再授权在WLAN内操作的接入点的公开密钥的去授权列表。 去授权列表可以被分发给WLAN内的无线设备。 无线设备可以拒绝与去授权列表上列出的接入点的连接。

公开(公告)号：US20160269175A1

公开(公告)日：2016-09-15

申请号：US14642591

申请日：2015-03-09

Applicant: QUALCOMM Incorporated

Inventor： Rosario Cammarota ,  Olivier Jean Benoit ,  Anand Palanigounder

IPC: H04L9/06

CPC classification number: H04L9/0631 ,  G09C1/00 ,  H04L9/002 ,  H04L2209/043 ,  H04L2209/24 ,  H04L2209/34

Abstract: Various features pertain to cryptographic ciphers such as Advanced Encryption Standard (AES) block ciphers. In some examples described herein, a modified masked AES SubBytes procedure uses a static lookup table that is its own inverse in GF(22). The static lookup table facilitates computation of the multiplicative inverse during nonlinear substitution operations in GF(22) In an AES encryption example, the AES device combines plaintext with a round key to obtain combined data, then routes the combined data through an AES SubBytes substitution stage that employs the static lookup table and a dynamic table to perform a masked multiplicative inverse in GF(22) to obtain substituted data. The substituted data is then routed through additional cryptographic AES stages to generate ciphertext. The additional stages may include further SubBytes stages that also exploit the static and dynamic tables. Other examples employ either a static lookup table or a dynamic lookup table but not both.

Abstract translation: 各种特征涉及加密密码，例如高级加密标准（AES）块密码。 在本文描述的一些示例中，经修改的掩蔽AES子字节过程使用在GF（22）中其自身的逆的静态查找表。 静态查找表有助于在GF（22）中的非线性替换操作期间计算乘法逆。在AES加密示例中，AES设备将明文与循环密钥相结合以获得组合数据，然后通过AES子字符替换阶段路由组合数据 其使用静态查找表和动态表来在GF（22）中执行掩蔽乘法逆，以获得替代数据。 然后，经替代数据通过附加密码AES阶段路由生成密文。 附加阶段可能还包括进一步利用静态和动态表的SubBytes阶段。 其他示例使用静态查找表或动态查找表，但不使用两者。

公开(公告)号：US20160055485A1

公开(公告)日：2016-02-25

申请号：US14463276

申请日：2014-08-19

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: G06Q20/40 ,  H04L29/06

CPC classification number: G06Q20/401 ,  G06Q20/20 ,  G06Q20/3278 ,  G06Q2220/12 ,  H04L63/045 ,  H04L63/061 ,  H04L63/18 ,  H04W12/04 ,  H04W12/06

Abstract: A user device can be configured for network access, such as for guest network access. In one example, a first device receives an indication of a transaction that uses the first device. The first device communicates a request for network access to an access point of the network in response to receiving the indication of the transaction. The first device then receives a first key from the access point. The first device provides the first key to the user device. The user device is to use the first key to obtain the network access to the network.

Abstract translation: 可以将用户设备配置为网络访问，例如用于访客网络访问。 在一个示例中，第一设备接收使用第一设备的事务的指示。 响应于接收到交易的指示，第一设备向网络的接入点传送网络接入请求。 然后，第一设备从接入点接收第一密钥。 第一个设备为用户设备提供第一个密钥。 用户设备将使用第一个密钥来获取对网络的网络访问。

公开(公告)号：US20160050565A1

公开(公告)日：2016-02-18

申请号：US14462272

申请日：2014-08-18

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Peerapol Tinnakornsrisuphap

IPC: H04W12/06 ,  H04L29/06

CPC classification number: H04W12/06 ,  H04L63/0853 ,  H04L63/18 ,  H04W12/04

Abstract: Techniques are described for securely provisioning a client device. A client device may output first client information over a secure interface to a trusted device to be transmitted to an authentication server. Second client information related to the first client information may be transmitted to the authentication server. The authentication server may link the second client information and the first client information. The client device may receive an encrypted authentication credential from the authentication server. The authentication credential may be encrypted based at least in part on the first client information or the second client information. The client device may decrypt the encrypted authentication credential using the first client information, the second client information, or a shared secret key.

Abstract translation: 描述了用于安全地配置客户端设备的技术。 客户端设备可以通过安全接口将第一客户端信息输出到可信任的设备以被发送到认证服务器。 与第一客户端信息相关的第二客户端信息可以被发送到认证服务器。 认证服务器可以链接第二客户端信息和第一客户端信息。 客户端设备可以从认证服务器接收加密的认证证书。 至少部分地基于第一客户端信息或第二客户端信息来加密认证证书。 客户端设备可以使用第一客户端信息，第二客户端信息或共享秘密密钥对加密的认证凭证进行解密。

公开(公告)号：US20150092701A1

公开(公告)日：2015-04-02

申请号：US14489234

申请日：2014-09-17

Applicant: QUALCOMM Incorporated

Inventor： Gavin Bernard Horn ,  Anand Palanigounder ,  Olivier Jean Benoit

IPC: H04W76/02 ,  H04W4/00 ,  H04W84/12

CPC classification number: H04W76/11 ,  H04W4/50 ,  H04W8/18 ,  H04W12/04 ,  H04W84/12

Abstract: Methods, systems, and devices are described for provisioning of devices, such as UEs, for service at a wireless network. One or more device parameters may be identified for use in provisioning the device on the wireless network, which may be provided to a network element. The network element may use the provided parameters to access a subscription server. The subscription server may provide verification and/or subscription parameters of the device that may then be used by the device to verify that the device is authorized to access the wireless network.

Abstract translation: 描述了用于为无线网络服务的诸如UE之类的设备的供应的方法，系统和设备。 可以识别一个或多个设备参数，以用于在可以提供给网络元件的无线网络上提供设备。 网元可以使用所提供的参数来访问订阅服务器。 订阅服务器可以提供设备的验证和/或订阅参数，然后设备可以使用该参数来验证设备是否被授权接入无线网络。

公开(公告)号：US09955333B2

公开(公告)日：2018-04-24

申请号：US14673628

申请日：2015-03-30

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Stephen Jay Shellhammer ,  Rahul Malik

IPC: H04W8/00 ,  H04W52/02 ,  H04W68/00 ,  H04W12/04 ,  H04W12/06 ,  H04W68/02 ,  H04W12/10 ,  H04W84/12 ,  H04W76/02 ,  H04L29/06 ,  H04W88/06

CPC classification number: H04W8/005 ,  H04L63/123 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W52/0209 ,  H04W52/0216 ,  H04W52/0219 ,  H04W52/0225 ,  H04W52/0229 ,  H04W56/00 ,  H04W56/001 ,  H04W68/005 ,  H04W68/02 ,  H04W76/14 ,  H04W76/27 ,  H04W84/12 ,  H04W88/06 ,  Y02D70/00 ,  Y02D70/142 ,  Y02D70/164

Abstract: Certain aspects of the present disclosure generally relate to wireless communications and, more particularly, to ultra low power paging frames for wake up and discovery. One example apparatus for wireless communications generally includes at least one interface configured to obtain a frame via a first radio and a second radio, wherein the interface receives a frame from another apparatus via the second radio while the first radio is in a first power state; and a processing system configured to take one or more actions based on a command field included in the frame. A second example apparatus for wireless communications generally includes at least one interface configured to obtain a frame via a first radio and a second radio, wherein the interface receives a frame from another apparatus via the second radio while the first radio is in a first power state; and a processing system configured to take one or more actions based on whether or not an authentication code included in the frame matches a local authentication code.

公开(公告)号：US09875378B2

公开(公告)日：2018-01-23

申请号：US14738240

申请日：2015-06-12

Applicant: QUALCOMM Incorporated

Inventor： Olivier Jean Benoit ,  Rosario Cammarota

IPC: G06F21/00 ,  G06F12/14 ,  G06F21/79 ,  H04L9/32 ,  H04L9/08 ,  G06F21/73 ,  G06F21/85 ,  G06F11/30

CPC classification number: G06F21/79 ,  G06F12/1408 ,  G06F21/73 ,  G06F21/85 ,  H04L9/0866 ,  H04L9/0897 ,  H04L9/3278

Abstract: Techniques for encrypting the data in the memory of a computing device are provided. An example method for protecting data in a memory according to the disclosure includes encrypting data associated with a store request using a memory encryption device of the processor to produce encrypted data. Encrypting the data includes: obtaining a challenge value, providing the challenge value to a physically unclonable function module to obtain a response value, and encrypting the data associated with the store request using the response value as an encryption key to generate the encrypted data. The method also includes storing the encrypted data and the challenge value associated with the encrypted data in the memory.