公开(公告)号：US20140237611A1

公开(公告)日：2014-08-21

申请号：US13770802

申请日：2013-02-19

Applicant: QUALCOMM INCORPORATED

Inventor： Alexander W. DENT

IPC: G06F21/64 ,  G06F21/78

CPC classification number: G06F21/64 ,  G06F21/79 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/3242

Abstract: One feature pertains to an efficient algorithm to protect the integrity of a plurality of data structures by computing an aggregate message authentication code (MAC) over the plurality of data structures. An aggregate MAC may be constructed from a plurality of MAC values associated with a plurality of data structures. The aggregate MAC binds the plurality of data structures and attests to their combined integrity simultaneously. Rather than checking the integrity of a data structure when it is accessed, the aggregate MAC is periodically checked or verified, to ascertain the integrity of all data structures. If the aggregate MAC computed is different from the previously stored aggregate MAC, then all data structures that are part of the aggregate MAC are discarded.

Abstract translation: 一个特征涉及通过在多个数据结构上计算聚合消息认证码（MAC）来保护多个数据结构的完整性的有效算法。 可以从与多个数据结构相关联的多个MAC值构建聚合MAC。 聚合MAC绑定多个数据结构并同时证明其组合的完整性。 在访问数据结构时，不是检查数据结构的完整性，而是定期检查或验证聚合MAC，以确定所有数据结构的完整性。 如果计算的聚合MAC与先前存储的聚合MAC不同，那么作为聚合MAC的一部分的所有数据结构将被丢弃。

公开(公告)号：US20140223192A1

公开(公告)日：2014-08-07

申请号：US13762195

申请日：2013-02-07

Applicant: QUALCOMM INCORPORATED

Inventor： Alexander W. DENT ,  Can Erkin Acar ,  Billy B. Brumley

IPC: G06F21/71

CPC classification number: G06F21/71 ,  G06F21/52 ,  G06F21/64 ,  H04L9/0643 ,  H04L9/3242 ,  H04L63/123

Abstract: One feature pertains to a mechanism to secure a data structure by using a computationally efficient algorithm. A plurality of keys and/or masks may be pre-generated upon boot-up or initiation of a session. An authentication code may be computed for each data structure (e.g., memory block or header block) by selecting a subset of the plurality of pre-generated keys and/or a mask from the plurality of pre-generated masks. The authentication code may be stored within the data structure for future verification of the integrity of the data structure. The keys and/or masks used for all authentication codes (e.g., for other data structures) may be selected from the same plurality of keys and/or masks during the same cycle or session.

Abstract translation: 一个特征涉及通过使用计算有效的算法来保护数据结构的机制。 可以在启动或启动会话时预先生成多个键和/或掩码。 可以通过从多个预生成的掩模中选择多个预先生成的密钥的子集和/或掩码来为每个数据结构（例如，存储块或头块）计算认证码。 认证码可以存储在数据结构中，以便将来验证数据结构的完整性。 用于所有认证码（例如，对于其他数据结构）的密钥和/或掩码可以在相同周期或会话期间从相同的多个密钥和/或掩码中选择。