公开(公告)号：US20120017089A1

公开(公告)日：2012-01-19

申请号：US13245054

申请日：2011-09-26

申请人： PAUL C. KOCHER

发明人： PAUL C. KOCHER

IPC分类号： H04L9/32

CPC分类号： G07F7/1008 ,  G06F2207/7219 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L9/003 ,  H04L9/0625 ,  H04L9/0891

摘要： Methods and apparatuses for increasing the leak-resistance of cryptographic systems are disclosed. A cryptographic token maintains secret key data based on a top-level key. The token can produce updated secret key data using an update process that makes partial information that might have previously leaked to attackers about the secret key data no longer usefully describe the new updated secret key data. By repeatedly applying the update process, information leaking during cryptographic operations that is collected by attackers rapidly becomes obsolete. Thus, such a system can remain secure against attacks involving analysis of measurements of the device's power consumption, electromagnetic characteristics, or other information leaked during transactions. Transactions with a server can be secured with the token.

摘要翻译： 公开了增加密码系统的防漏性的方法和装置。 加密令牌基于顶级密钥来维护密钥数据。 令牌可以使用更新过程产生更新的秘密密钥数据，该更新过程使先前泄漏给攻击者的部分信息对于秘密密钥数据不再有用地描述新的更新的秘密密钥数据。 通过重复应用更新过程，攻击者收集的密码操作过程中信息泄露迅速变得过时。 因此，这种系统可以保持安全性，防止涉及分析设备的功耗，电磁特性或事务中泄露的其他信息的测量的攻击。 可以使用令牌来保护与服务器的事务。

公开(公告)号：US20110264923A1

公开(公告)日：2011-10-27

申请号：US13175238

申请日：2011-07-01

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun ,  Carter C. Laren ,  Peter K. Pearson ,  Nathaniel J. Lawson

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun ,  Carter C. Laren ,  Peter K. Pearson ,  Nathaniel J. Lawson

IPC分类号： G06F12/14 ,  H04L9/00

CPC分类号： H04N7/1675 ,  G06F21/50 ,  G06F21/62 ,  G06F21/6281 ,  G06F21/78 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/0021 ,  G11B20/00231 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00449 ,  G11B20/00659 ,  G11B20/00818 ,  G11B20/00884 ,  H04L9/3236 ,  H04L9/3249 ,  H04L2209/56 ,  H04L2209/60 ,  H04L2209/606 ,  H04N21/25816 ,  H04N21/4135 ,  H04N21/4181 ,  H04N21/42646 ,  H04N21/4405 ,  H04N21/44236 ,  H04N21/8358 ,  H04N2005/91342

摘要： Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.

摘要翻译： 通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。 示例性的光盘携带加密的数字视频标题，与实现标题的安全策略和解密过程的数据处理操作相结合。 播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。 播放器还提供程序调用，使内容代码从媒体加载数据，执行网络通信，确定播放环境配置，访问安全的非易失性存储，提交数据到CODEC进行输出和/或执行加密操作。 内容可以在解码输出中插入取证水印，以追踪盗版副本。 如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。

公开(公告)号：US07941666B2

公开(公告)日：2011-05-10

申请号：US10396975

申请日：2003-03-24

申请人： Paul C. Kocher

发明人： Paul C. Kocher

IPC分类号： H04L9/00

CPC分类号： G07F7/1008 ,  G06F2207/7219 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L9/003 ,  H04L9/0625 ,  H04L9/0891

摘要： Chip cards are used to secure credit and debit payment transactions. To prevent fraudulent transactions, the card must protect cryptographic keys used to authenticate transactions. In particular, cards should resist differential power analysis and/or other attacks. To address security risks posed by leakage of partial information about keys during cryptographic transactions, cards may be configured to perform periodic cryptographic key update operations. The key update transformation prevents adversaries from exploiting partial information that may have been leaked about the card's keys. Update operations based on a hierarchical structure can enable efficient transaction verification by allowing a verifying party (e.g., an issuer) to derive a card's current state from a transaction counter and its initial state by performing one operation per level in the hierarchy, instead of progressing through all update operations performed by the card.

摘要翻译： 芯片卡用于确保信用卡和借记支付交易。 为防止欺诈性交易，该卡必须保护用于验证交易的加密密钥。 特别地，卡应该抵抗差分功率分析和/或其他攻击。 为了解决在加密事务期间泄漏关于密钥的部分信息所引起的安全隐患，卡可被配置为执行周期性加密密钥更新操作。 关键的更新转换防止对手利用可能已经泄露的卡的密钥的部分信息。 基于层次结构的更新操作可以通过允许验证方（例如，发行者）从事务计数器及其初始状态通过在层次结构中执行每个级别的一个操作来导出卡的当前状态来实现高效的事务验证，而不是进行 通过卡执行的所有更新操作。

公开(公告)号：US07787620B2

公开(公告)日：2010-08-31

申请号：US11252898

申请日：2005-10-18

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC分类号： H04L9/22

CPC分类号： H04L9/0625 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  H04L9/003 ,  H04L2209/046 ,  H04L2209/08 ,  H04L2209/127

摘要： Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P{K1} XOR K2P{K2} equals the “standard” DES key K, and M1P{M1} XOR M2P{M2} equals the “standard” message. During operation of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.

摘要翻译： 公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来改善DES和其他加密协议以防外部监视攻击的方法和装置。 本发明的改进的DES实施方案改为使用两个56位密钥（K1和K2）和两个64位明文消息（M1和M2），每个与排列相关联（即，K1P，K2P和M1P，M2P），使得 K1P {K1} XOR K2P {K2}等于“标准”DES密钥K，M1P {M1} XOR M2P {M2}等于“标准”消息。 在设备的操作期间，优选地通过将新鲜的熵引入到表中比信息泄漏出来更周期地更新表，使得攻击者将不能通过分析测量获得表内容。 该技术可在加密智能卡，防篡改芯片和各种安全处理系统中实现。

公开(公告)号：US07668310B2

公开(公告)日：2010-02-23

申请号：US09930836

申请日：2001-08-15

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC分类号： H04L9/22

CPC分类号： H04L9/0625 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F2207/7219 ,  H04L9/003 ,  H04L2209/046 ,  H04L2209/08 ,  H04L2209/127

摘要： Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P{K1} XOR K2P {K2} equals the “standard” DES key K, and M1P{M1} XOR M2P{M2} equals the “standard” message. During operation of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.

摘要翻译： 公开了用于通过减少在处理期间泄露的有用信息的量（和信噪比）来改善DES和其他加密协议以防外部监视攻击的方法和装置。 本发明的改进的DES实施方案改为使用两个56位密钥（K1和K2）和两个64位明文消息（M1和M2），每个与排列相关联（即，K1P，K2P和M1P，M2P），使得 K1P {K1} XOR K2P {K2}等于“标准”DES密钥K，M1P {M1} XOR M2P {M2}等于“标准”消息。 在设备的操作期间，优选地通过将新鲜的熵引入到表中比信息泄漏出来更周期地更新表，使得攻击者将不能通过分析测量获得表内容。 该技术可在加密智能卡，防篡改芯片和各种安全处理系统中实现。

公开(公告)号：US07587044B2

公开(公告)日：2009-09-08

申请号：US10005105

申请日：2001-12-03

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun

IPC分类号： H04L9/00 ,  G06F21/00

CPC分类号： H04L9/0618 ,  G06F1/06 ,  G06F1/266 ,  G06F1/3225 ,  G06F7/00 ,  G06F21/75 ,  G06F21/755 ,  G06F21/77 ,  G06F2207/7223 ,  G06F2207/7266 ,  G06K19/073 ,  G06K19/07363 ,  G06Q20/341 ,  G06Q20/382 ,  G06Q20/409 ,  G07F7/08 ,  G07F7/082 ,  G07F7/1008 ,  G09C1/00 ,  H04L9/003 ,  H04L2209/04 ,  H04L2209/08 ,  H04L2209/56 ,  H04L2209/805

摘要： Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack.

公开(公告)号：US20080137848A1

公开(公告)日：2008-06-12

申请号：US11982190

申请日：2007-10-31

申请人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun ,  Carter C. Laren ,  Peter K. Pearson ,  Nathaniel J. Lawson

发明人： Paul C. Kocher ,  Joshua M. Jaffe ,  Benjamin C. Jun ,  Carter C. Laren ,  Peter K. Pearson ,  Nathaniel J. Lawson

IPC分类号： H04N7/167 ,  H04L9/00

CPC分类号： G06F21/10 ,  G06F9/445 ,  G06F21/64 ,  G06Q50/188 ,  G11B20/00086 ,  G11B20/00115 ,  G11B20/0021 ,  G11B20/00231 ,  G11B20/00246 ,  G11B20/00253 ,  G11B20/00449 ,  G11B20/00818 ,  G11B20/00884 ,  H04L9/0844 ,  H04L9/302 ,  H04L9/3236 ,  H04L9/3249 ,  H04L9/3271 ,  H04L2209/56 ,  H04L2209/60 ,  H04N5/913 ,  H04N21/4181 ,  H04N21/42646 ,  H04N21/4325 ,  H04N21/4405 ,  H04N21/4627 ,  H04N21/8193 ,  H04N21/8358 ,  H04N2005/91342 ,  H04N2005/91364

摘要： Technologies are disclosed to transfer responsibility and control over security from player makers to content authors by enabling integration of security logic and content. An exemplary optical disc carries an encrypted digital video title combined with data processing operations that implement the title's security policies and decryption processes. Player devices include a processing environment (e.g., a real-time virtual machine), which plays content by interpreting its processing operations. Players also provide procedure calls to enable content code to load data from media, perform network communications, determine playback environment configurations, access secure nonvolatile storage, submit data to CODECs for output, and/or perform cryptographic operations. Content can insert forensic watermarks in decoded output for tracing pirate copies. If pirates compromise a player or title, future content can be mastered with security features that, for example, block the attack, revoke pirated media, or use native code to correct player vulnerabilities.

摘要翻译： 通过实现安全逻辑和内容的集成，公开了技术来将责任和控制权从播放器制造者转移到内容作者。 示例性的光盘携带加密的数字视频标题，与实现标题的安全策略和解密过程的数据处理操作相结合。 播放器设备包括通过解释其处理操作播放内容的处理环境（例如，实时虚拟机）。 播放器还提供程序调用，使内容代码从媒体加载数据，执行网络通信，确定播放环境配置，访问安全的非易失性存储，提交数据到CODEC进行输出和/或执行加密操作。 内容可以在解码输出中插入取证水印，以追踪盗版副本。 如果海盗妥协一个玩家或者标题，那么未来的内容就可以掌握安全功能，例如阻止攻击，撤销盗版媒体或使用本机代码纠正播放器漏洞。

公开(公告)号：US20130173928A1

公开(公告)日：2013-07-04

申请号：US13762703

申请日：2013-02-08

申请人： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

发明人： Paul C. Kocher ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC分类号： G06F12/14

CPC分类号： G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

摘要： Techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments.

摘要翻译： 技术可以由设备加密和解密敏感数据，以提供安全性从外部监视攻击。 加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。 敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。 加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。 解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。

公开(公告)号：US20110138192A1

公开(公告)日：2011-06-09

申请号：US12958570

申请日：2010-12-02

申请人： Paul C. KOCHER ,  Pankaj Rohatgi ,  Joshua M. Jaffe

发明人： Paul C. KOCHER ,  Pankaj Rohatgi ,  Joshua M. Jaffe

IPC分类号： G06F21/24 ,  G06F21/00

CPC分类号： G06F21/575 ,  G06F8/71 ,  G06F9/44505 ,  G06F12/1408 ,  G06F21/556 ,  G06F21/602 ,  G06F21/755 ,  G06F21/76 ,  G06F2212/402 ,  G06F2221/034 ,  G06F2221/2107 ,  G06F2221/2125 ,  G06F2221/2145 ,  H04L9/003 ,  H04L9/0631 ,  H04L9/085 ,  H04L9/0861 ,  H04L9/088 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/3236 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/0869 ,  H04L2209/24 ,  H04L2209/38 ,  H04L2209/56 ,  H04L2463/061

摘要： This patent describes techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments. Derived keys and validators are produced using methods designed to preserve security even if cipher and hashing operations leak information. Embodiments for systems including SoCs, firmware loading, FPGAs and network communications are described.

摘要翻译： 本专利描述了可以通过设备加密和解密敏感数据的技术，以提供来自外部监视攻击的安全性的方式。 加密设备可以访问解密设备也是已知的基本密钥加密值（密钥）。 敏感数据被分解为段，并且每个段用来自基本密钥的单独的加密密钥和消息标识符加密，以创建一组加密的段。 加密设备使用基本秘密加密值来创建验证器，证明该消息标识符的加密段由具有访问基本密钥的设备创建。 解密装置在接收到加密的段和验证器时，使用验证器来验证消息标识符，并且加密段未被修改，然后使用从基本密钥和消息标识符导出的加密密钥来解密段。 派生密钥和验证器使用旨在保护安全性的方法生成，即使加密和散列操作泄漏信息。 描述了包括SoC，固件加载，FPGA和网络通信的系统的实施例。

公开(公告)号：US20110113248A1

公开(公告)日：2011-05-12

申请号：US13010034

申请日：2011-01-20

申请人： Paul C. KOCHER

发明人： Paul C. KOCHER

IPC分类号： H04L9/32

CPC分类号： G07F7/1008 ,  G06F2207/7219 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L9/003 ,  H04L9/0625 ,  H04L9/0891

摘要： Chip cards are used to secure credit and debit payment transaction. To prevent fraudulent transaction, the card must protect cryptographic keys used to authenticate transactions. In particular, cards should resist differential power analysis and/or other attacks. To address security risks posed by leakage of partial information about keys during cryptographic transactions, cards may be configured to perform periodic cryptographic key update operations. The key update transformation prevents adversaries from exploiting partial information that may have been leaked about the card's keys. Update operations based on a hierarchical structure can enable efficient transaction verification by allowing a verifying party (e.g., an issuer) to derive a card's current state from a transaction counter and its initial state by performing one operation per level in the hierarchy, instead of progressing through all update operations performed by the card.

摘要翻译： 芯片卡用于确保信用卡和借记支付交易。 为了防止欺诈性交易，该卡必须保护用于验证交易的加密密钥。 特别地，卡应该抵抗差分功率分析和/或其他攻击。 为了解决在加密事务期间泄漏关于密钥的部分信息所引起的安全隐患，卡可被配置为执行周期性加密密钥更新操作。 关键的更新转换防止对手利用可能已经泄露的卡的密钥的部分信息。 基于层次结构的更新操作可以通过允许验证方（例如，发行者）从事务计数器及其初始状态通过在层次结构中执行每个级别的一个操作来导出卡的当前状态来实现高效的事务验证，而不是进行 通过卡执行的所有更新操作。