Systems and Methods Using Cryptography to Protect Secure Computing Environments
    15.
    发明申请
    Systems and Methods Using Cryptography to Protect Secure Computing Environments 审中-公开
    使用密码术来保护安全计算环境的系统和方法

    公开(公告)号:US20120166807A1

    公开(公告)日:2012-06-28

    申请号:US13408967

    申请日:2012-02-29

    IPC分类号: H04L9/32

    摘要: Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm compromise, and subsets of multiple digital signatures may be used to reduce the scope of any specific compromise.

    摘要翻译: 通过使用验证机构颁发的数字签名,封条和证书,可以保护安全的计算环境免受假冒或流氓加载模块,可执行文件和其他数据元素的影响。 验证机构可以是可靠的独立第三方 - 测试加载模块或其他可执行文件,以验证其相应的规范是否准确和完整,然后基于篡改工作因素分类对加载模块或其他可执行文件进行数字签名。 使用不同防篡改工作因子的安全计算环境使用不同的验证数字签名认证技术(例如,不同的签名算法和/或签名验证密钥) - 允许一个防篡改工作因子环境来保护自身免受另一种不同的篡改电阻工作的负载模块 因素环境。 可以使用几种不相似的数字签名算法来减少算法折中的脆弱性,并且可以使用多个数字签名的子集来减少任何特定折中的范围。