-
公开(公告)号:US20180328984A1
公开(公告)日:2018-11-15
申请号:US16044007
申请日:2018-07-24
发明人: Ryan Helinski , Lyndon G. Pierson , Edward I. Cole , Tan Q. Thai
IPC分类号: G01R31/28 , H04L9/32 , G01R31/317 , H03K19/003
CPC分类号: G01R31/2894 , G01R31/2856 , G01R31/31703 , G01R31/31708 , H03K19/003 , H04L9/3247 , H04L9/3255 , H04L9/3281
摘要: Described herein are various technologies pertaining to identifying counterfeit integrated circuits (ICs) by way of allowing the origin of fabrication to be verified. An IC comprises a main circuit and a test circuit that is independent of the main circuit. The test circuit comprises at least one ring oscillator (RO) signal that, when energized, is configured to output a signal that is indicative of a semiconductor fabrication facility where the IC was manufactured.
-
公开(公告)号:US10060973B1
公开(公告)日:2018-08-28
申请号:US14719535
申请日:2015-05-22
IPC分类号: G01R31/28
CPC分类号: G01R31/2894 , G01R31/2856 , G01R31/2884 , G01R31/31703 , G01R31/31708 , H03K19/003 , H04L9/3247 , H04L9/3255 , H04L9/3281
摘要: Described herein are various technologies pertaining to identifying counterfeit integrated circuits (ICs) by way of allowing the origin of fabrication to be verified. An IC comprises a main circuit and a test circuit that is independent of the main circuit. The test circuit comprises at least one ring oscillator (RO) signal that, when energized, is configured to output a signal that is indicative of a semiconductor fabrication facility where the IC was manufactured.
-
公开(公告)号:US09690927B2
公开(公告)日:2017-06-27
申请号:US14658611
申请日:2015-03-16
CPC分类号: G06F21/30 , G01C1/00 , G06F21/44 , G06F2221/2129 , G09C1/00 , G11B20/00086 , H04L9/3278 , H04L9/3281 , H04L63/08 , H04N1/32144
摘要: Embodiments of the present invention provide an authenticating service of a chip having an intrinsic identifier (ID). In a typical embodiment, an authenticating device is provided that includes an identification (ID) engine, a self-test engine, and an intrinsic component. The intrinsic component is associated with a chip and includes an intrinsic feature. The self-test engine retrieves the intrinsic feature and communicates it to the identification engine. The identification engine receives the intrinsic feature, generates a first authentication value using the intrinsic feature, and stores the authentication value in memory. The self-test engine generates a second authentication value using an authentication challenge. The identification engine includes a compare circuitry that compares the first authentication value and the second authentication value and generates an authentication output value based on the results of the compare of the two values.
-
公开(公告)号:US09667427B2
公开(公告)日:2017-05-30
申请号:US15294643
申请日:2016-10-14
发明人: Alex Oberhauser , Matthew Commons , Alok Bhargava
CPC分类号: H04L63/126 , G06F21/33 , G06Q10/06 , G11B20/00086 , H04L9/3236 , H04L9/3247 , H04L9/3281 , H04L63/08 , H04L2209/38 , H04L2209/56 , H04N2201/3233
摘要: Systems and methods for managing digital identities. In some embodiments, a method is provided, comprising acts of: using a plurality of measurements taken from a user to generate an identifier for the user, the identifier comprising a cryptographic proof of the plurality of measurements; instantiating a digital identity representation associated with the identifier for the user, the digital identity representation comprising program code that implements rules for attestation; generating an electronic signature over the digital identity representation; and publishing the digital identity representation and the electronic signature to a distributed ledger system.
-
5.发明授权Verifying a geographic location of a virtual disk image executing at a data center server within a data center 有权验证在数据中心内的数据中心服务器上执行的虚拟磁盘映像的地理位置公开(公告)号:US09374228B2
公开(公告)日:2016-06-21
申请号:US13651380
申请日:2012-10-12
CPC分类号: H04L9/3263 , H04L9/0872 , H04L9/0877 , H04L9/3247 , H04L9/3281 , H04L63/0442 , H04L63/0492 , H04L63/062 , H04L63/0823 , H04L2209/127
摘要: A method to verify a geographic location of a virtual disk image executing at a data center server within a data center. One embodiment includes a cryptoprocessor proximate the data center server, a hypervisor configured to send a disk image hash value of the virtual disk image, a digital certificate issued to the cryptoprocessor, an endorsement key to a data center tenant and a location provider. The method includes sending a disk image hash value of the virtual disk image, an endorsement key unique to a cryptoprocessor proximate the data center server to a data center tenant, and a digital certificate to a data center tenant. Next, the location provider sends the geographic location of the cryptoprocessor matching the endorsement key to the data center tenant.
摘要翻译: 一种验证在数据中心内的数据中心服务器上执行的虚拟磁盘映像的地理位置的方法。 一个实施例包括靠近数据中心服务器的密码处理器,被配置为发送虚拟磁盘映像的磁盘映像散列值的管理程序,发给密码处理器的数字证书,数据中心租户和位置提供者的背书密钥。 该方法包括将虚拟磁盘映像的磁盘映像散列值,数据中心服务器附近的密码处理器特有的背书密钥发送给数据中心租户,以及向数据中心租户发送数字证书。 接下来,位置提供商将匹配背书密钥的密码处理器的地理位置发送到数据中心租户。
-
公开(公告)号:US08793487B2
公开(公告)日:2014-07-29
申请号:US12321260
申请日:2009-01-16
CPC分类号: H04L9/006 , G06F21/33 , G06Q20/02 , H04L9/3247 , H04L9/3263 , H04L9/3265 , H04L9/3281 , H04L9/3294 , H04L63/0442 , H04L63/0823 , H04L63/20
摘要: A public key infrastructure comprising a participant that issues digital certificates. Each digital certificate can be relied upon in at least two different trust domains. The public key infrastructure does not employ policy mapping between or among the trust domains. Furthermore, the public key infrastructure does not link any pair of trust domains via cross-certificates. Just one trust domain is bound to the digital certificate at any given moment. The current trust domain that is to be bound to the digital certificate is elected by a relying party at the time of reliance, based upon a specific certificate validation methodology selected by the relying party.
摘要翻译: 包括发布数字证书的参与者的公钥基础设施。 至少两个不同的信任域可以依赖每个数字证书。 公钥基础架构不使用信任域之间或之间的策略映射。 此外,公钥基础架构不会通过交叉证书链接任何一对信任域。 在任何特定的时刻,只有一个信任域被绑定到数字证书。 根据依赖方选择的特定证书验证方法,依赖方在信任时选择要绑定到数字证书的当前信任域。
-
7.发明申请公开(公告)号:US20140189360A1
公开(公告)日:2014-07-03
申请号:US13730795
申请日:2012-12-28
申请人: Davit Baghdasaryan , Matthew Lourie
发明人: Davit Baghdasaryan , Matthew Lourie
IPC分类号: H04L9/32
CPC分类号: H04L9/3281 , H04L9/3231 , H04L9/3234 , H04L9/3247 , H04L63/0861 , H04L63/126 , H04L2209/56
摘要: A system, apparatus, method, and machine readable medium are described for performing transaction signing within an authentication framework. For example, one embodiment of a method comprises: executing an online transaction between a first server and a client; providing transaction details of the online transaction to a second server; generating a signature over the transaction details using a key at the second server; transmitting an authentication request to the client with the signature and the transaction details; authenticating a user on the client to generate authentication data, the authentication data specifying whether the user was successfully authenticated on the client; and transmitting the authentication data, the transaction details, and the signature to the second server; using the transaction details and the key to validate the signature and using the authentication details to authenticate the client at the second server, wherein upon validating the signature and authenticating the client, the second server transmits a confirmation for the transaction to the first server.
摘要翻译: 描述了用于在认证框架内执行事务签名的系统,装置,方法和机器可读介质。 例如,方法的一个实施例包括:在第一服务器和客户端之间执行在线交易; 向第二服务器提供在线交易的交易细节; 使用第二服务器上的密钥在事务细节上生成签名; 向所述客户端发送具有所述签名和所述交易细节的认证请求; 在客户端上验证用户以生成认证数据,所述认证数据指定所述用户是否在客户端上被成功认证; 以及将所述认证数据,所述交易细节和所述签名发送到所述第二服务器; 使用所述交易细节和所述密钥来验证所述签名,并使用所述认证细节来在所述第二服务器处认证所述客户端,其中在验证所述签名并认证所述客户端时,所述第二服务器向所述第一服务器发送所述交易的确认。
-
8.发明申请公开(公告)号:US20140019766A1
公开(公告)日:2014-01-16
申请号:US13938624
申请日:2013-07-10
申请人: HITACHI, LTD.
IPC分类号: H04L9/32
CPC分类号: H04L9/3281 , G06F21/34 , G06F21/64 , H04L9/006 , H04L9/3231 , H04L9/3247 , H04L9/3263
摘要: A signature generation and verification system including a signature generation apparatus and a signature verification apparatus is provided. Based on signer certification information possessed by a signer, the signature generation apparatus generates a digital signature and verification data corresponding to a given electronic document and outputs the set of the digital signature and the verification data as signature data. Upon receipt of the electronic document and the signature data, the signature verification apparatus verifies the digital signature using the verification data to verify the integrity of the electronic document. As needed, the signature verification apparatus performs user identification ex-post facto by authenticating that the signer certification information from which the verification data was generated belongs to a legitimate user without knowledge of the signer certification information.
摘要翻译: 提供了包括签名生成装置和签名验证装置的签名生成和验证系统。 签名生成装置根据签名人拥有的签名者认证信息,生成与给定的电子文档对应的数字签名和验证数据,作为签名数据输出该数字签名和验证数据。 在接收到电子文档和签名数据之后,签名验证装置使用验证数据验证数字签名,以验证电子文档的完整性。 根据需要,签名验证装置通过在不知道签名者认证信息的情况下认证生成验证数据的签名者认证信息属于合法用户,从而事后进行用户识别。
-
公开(公告)号:US20130159721A1
公开(公告)日:2013-06-20
申请号:US13714817
申请日:2012-12-14
申请人: Thomson Licensing
发明人: Jean-Marie STEYER , Didier Roustide
IPC分类号: H04L9/32
CPC分类号: H04L9/3281 , H04L9/0894 , H04L9/3247 , H04N21/443 , H04N21/4432 , H04N21/4623 , H04N21/4627
摘要: A receiver comprises a security processor and a first memory that stores software code or second stage authentication key and a signature for the software or the second stage key. The receiver also stores a plurality of verification keys (PUAK). When the receiver is switched on or reset, the software or second stage key and the signature are loaded from the first memory. The security processor then loads a PUAK and uses it to verify the signature. In case of successful verification, the software code or second stage key is used and the verification method ends; it is then possible to activate CA specific functions in the receiver. However, if the verification is unsuccessful, then it is verified if there are untried PUAKs. If there are no untried signatures, then the verification has failed and the software cannot be verified; the verification method ends. If there are untried signatures, then the next PUAK is loaded.
摘要翻译: 接收机包括安全处理器和存储软件代码或第二级认证密钥的第一存储器以及用于软件或第二级密钥的签名。 接收机还存储多个验证密钥(PUAK)。 当接收机接通或复位时,从第一个存储器加载软件或第二阶段密钥和签名。 安全处理器然后加载一个PUAK并使用它来验证签名。 在成功验证的情况下,使用软件代码或第二阶段密钥,验证方法结束; 那么可以激活接收机中的CA特定功能。 但是,如果验证不成功,则验证是否有未经验证的PUAK。 如果没有未经验证的签名,则验证失败,软件无法验证; 验证方法结束。 如果有未经验证的签名,则加载下一个PUAK。
-
10.发明授权Digital signature generation apparatus, digital signature verification apparatus, and key generation apparatus 失效数字签名生成装置,数字签名验证装置以及密钥生成装置公开(公告)号:US08458471B2
公开(公告)日:2013-06-04
申请号:US13241374
申请日:2011-09-23
申请人: Koichiro Akiyama , Yasuhiro Goto
发明人: Koichiro Akiyama , Yasuhiro Goto
IPC分类号: H04L29/06
CPC分类号: H04L9/3263 , H04L9/0861 , H04L9/3033 , H04L9/3066 , H04L9/3093 , H04L9/3247 , H04L9/3281
摘要: A digital signature generation apparatus includes memory to store finite field Fq and section D(ux(s, t), uy(s, t), s, t) as secret key, section being one of surfaces of three-dimensional manifold A(x, y, s, t) which is expressed by x-coordinate, y-coordinate, parameter s, and parameter t and is defined on finite field Fq, x-coordinate and y-coordinate of section being expressed by functions of parameter s and parameter t, calculates hash value of message m, generates hash value polynomial by embedding hash value in 1-variable polynomial h(t) defined on finite field Fq, and generates digital signature Ds(Ux(t), Uy(t), t) which is curve on section, the x-coordinate and y-coordinate of curve being expressed by functions of parameter t, by substituting hash value polynomial in parameter s of section.
摘要翻译: 数字签名生成装置包括存储器,用于存储有限域Fq和区段D(ux(s,t),uy(s,t),s,t)作为秘密密钥,区段是三维歧管A的表面之一 x,y,s,t),由x坐标,y坐标,参数s和参数t表示,并定义在有限域Fq,x坐标和y坐标的区间由参数s的函数表示 和参数t计算消息m的哈希值,通过在有限域Fq上定义的1变量多项式h(t)中嵌入哈希值来生成哈希值多项式,生成数字签名Ds(Ux(t),Uy(t) t),曲线的x坐标和y坐标由参数t的函数表示,通过在段的参数s中代入散列值多项式。
-
-
-
-
-
-
-
-
-
搜索结果
89 条记录 (耗时 0.026 秒)
