公开(公告)号：US11463430B2

公开(公告)日：2022-10-04

申请号：US16264897

申请日：2019-02-01

申请人： RSA Security LLC

发明人： Brian C. Mullins ,  Kevin Bowers

IPC分类号： H04L9/26 ,  H04L9/40 ,  H04L9/08

摘要： Techniques are provided for authenticating a user using shared secret updates. One method comprises, in response to a first authentication of a client using a given shared secret, updating, by the server, the given shared secret using information from the first authentication as part of a secret update protocol to generate an updated shared secret; and evaluating a second authentication using the updated shared secret. An anomaly may be detected when the client attempts the second authentication using a shared secret and the server determines that the shared secret was previously used for an authentication. The server may detect a breach of shared secrets of multiple users by monitoring a number of the detected anomalies across a user population and initiate a predefined recovery flow depending upon a number of impacted users.

公开(公告)号：US10701046B1

公开(公告)日：2020-06-30

申请号：US16231095

申请日：2018-12-21

申请人： VERISIGN, INC.

发明人： Burton S. Kaliski, Jr. ,  Glen S. Wiley

IPC分类号： H04L9/26 ,  H04L29/06 ,  H04L9/08 ,  G06F16/958 ,  H04L12/24 ,  H04L29/12

摘要： Techniques for provisioning a key server to facilitate secure communications between a web server and a client by providing the client with a first data structure including information on how the web server may obtain a target symmetric key are presented. The techniques can include: provisioning the key server with a second data structure including information on how the key server may generate the first data structure; receiving a request on behalf of a web server for a third data structure comprising information on how the client may obtain the first data structure from the key server; and obtaining the third data structure, such that the third data structure is published in association with an identification of the web server, and such that the client uses the third data structure to obtain the first data structure and uses the first data structure to communicate with the web server.

公开(公告)号：US09979706B2

公开(公告)日：2018-05-22

申请号：US15805398

申请日：2017-11-07

申请人： Guangdong Oppo Mobile Telecommunications Corp., Ltd.

发明人： Haiping Zhang ,  Yibao Zhou

IPC分类号： H04L9/26 ,  H04L29/06 ,  H04L9/08 ,  H04L9/16 ,  H04L9/32

CPC分类号： H04L63/0428 ,  H04L9/0894 ,  H04L9/16 ,  H04L9/32 ,  H04L9/3231

摘要： An encryption method for data includes acquiring data to be encrypted and user information set relevant to the encryption, sending a key acquisition instruction to a terminal corresponding to the user information, receiving a key returned from the terminal corresponding to the user information, encrypting the data to be encrypted by using the key, and transmitting encrypted data to the terminal corresponding to the user information.

公开(公告)号：US09252953B2

公开(公告)日：2016-02-02

申请号：US14519621

申请日：2014-10-21

申请人： INTERNATIONAL BUSINESS MACHINES CORPORATION

发明人： Dan F. Greiner ,  Bernd Nerz ,  Tamas Visegrady

IPC分类号： H04L29/06 ,  H04L9/08 ,  H04L9/22 ,  G06F7/58 ,  H04L9/26 ,  H04L9/06 ,  G06F9/30

CPC分类号： G06F9/30181 ,  G06F7/58 ,  G06F7/582 ,  G06F9/3001 ,  G06F9/30018 ,  H04L9/0643 ,  H04L9/0662 ,  H04L9/0869 ,  H04L2209/24

摘要： A machine instruction is provided that includes an opcode field to provide an opcode, the opcode to identify a perform pseudorandom number operation, and a register field to be used to identify a register, the register to specify a location in memory of a first operand to be used. The machine instruction is executed, and execution includes for each block of memory of one or more blocks of memory of the first operand, generating a hash value using a 512 bit secure hash technique and at least one seed value of a parameter block of the machine instruction; and storing at least a portion of the generated hash value in a corresponding block of memory of the first operand, the generated hash value being at least a portion of a pseudorandom number.

摘要翻译： 提供了一种机器指令，其包括用于提供操作码的操作码字段，用于识别执行伪随机数操作的操作码，以及用于识别寄存器的寄存器字段，该寄存器指定第一操作数的存储器中的位置 使用。 执行机器指令，并且执行包括用于第一操作数的一个或多个存储器块的每个存储器块，使用512位安全散列技术生成散列值，以及机器的参数块的至少一个种子值 指令; 以及将所生成的散列值的至少一部分存储在所述第一操作数的存储器的对应块中，所生成的散列值是伪随机数的至少一部分。

公开(公告)号：US07688976B2

公开(公告)日：2010-03-30

申请号：US11485208

申请日：2006-07-12

申请人： Tara Chand Singhal

发明人： Tara Chand Singhal

IPC分类号： H04L9/22 ,  H04L9/26 ,  G06F7/58 ,  H04L9/08

CPC分类号： H04W12/08 ,  G06F7/582 ,  H04L9/0662 ,  H04L9/0668 ,  H04L9/0869 ,  H04L9/12 ,  H04L63/0428 ,  H04L63/068 ,  H04L63/08 ,  H04L2209/80 ,  H04W12/04 ,  H04W88/02

摘要： A random wave envelope is created from a set of bounded random numbers by additively combining a triangle, a square and a sine wave. The random wave envelope is then used to create a sequence of wave random numbers from the wave envelope, which are used to generate random-variant keys for encryption in place of the pre-placed encryption key. An ambiguity envelope is thus created over the transmission of data packets as random-variant-keys are used that are distinct and separate for each packet and may also be distinct and separate for each incoming and outgoing packet. The random-variant keys are only created at the time of the actual use for encrypting or decrypting a data packet and not before and then discarded after one time use. The random-variant keys may be used in wireless network using wireless access points, cellular phone and data networks and ad hoc mobile wireless networks.

摘要翻译： 通过相加地组合三角形，正方形和正弦波，从一组有界随机数产生随机波包络。 然后随机波包被用于从波包产生一系列波随机数，其用于产生用于加密的随机变量密钥以代替预先加密的密钥。 因此，对于数据分组的传输，创建了模糊包络，因为对于每个分组使用不同且分离的随机变体键，并且对于每个输入和输出分组也可以是截然不同的。 随机变量键仅在实际使用时创建，用于加密或解密数据包，而不是在之前使用，然后在一次使用后丢弃。 随机变量键可以用于使用无线接入点，蜂窝电话和数据网络以及自组织移动无线网络的无线网络中。

公开(公告)号：US20090154700A1

公开(公告)日：2009-06-18

申请号：US11659052

申请日：2004-08-02

申请人： Herve Sibert ,  Aline Gouget

发明人： Herve Sibert ,  Aline Gouget

IPC分类号： H04L9/26 ,  G06F7/58 ,  G06F5/01 ,  G06N5/02

CPC分类号： G06F7/58

摘要： A method of generating a pseudorandom data sequence, wherein said pseudorandom data sequence is generated by a procedure for searching for a search pattern in an initial data sequence of N bits, said search procedure comprising the following steps: (a) detecting in said initial data sequence a particular search pattern of r bits that is one of a set of search patterns; (b) determining an output pattern of k bits by an operation that depends on the progress of the preceding step; and repeating the preceding steps (a) and (b) successively to form the pseudorandom data sequence from a succession of output patterns.

摘要翻译： 一种生成伪随机数据序列的方法，其中所述伪随机数据序列由用于搜索N比特的初始数据序列中的搜索模式的过程产生，所述搜索过程包括以下步骤：（a）在所述初始数据中检测 对作为一组搜索模式之一的r位的特定搜索模式进行排序; （b）通过取决于前一步骤的进展的操作来确定k比特的输出模式; 并重复上述步骤（a）和（b），以从一系列输出模式形成伪随机数据序列。

公开(公告)号：US07526087B2

公开(公告)日：2009-04-28

申请号：US10340600

申请日：2003-01-13

申请人： Inng-Lane Sun

发明人： Inng-Lane Sun

IPC分类号： H04L9/26 ,  H04L9/20 ,  H04L9/22 ,  H04L9/18 ,  H04L9/00

CPC分类号： G06F7/588 ,  H04L9/003 ,  H04L9/0662 ,  H04L2209/08 ,  H04L2209/125

摘要： A random number generator. The random number generator includes a noise source, a circuit controlling random current consumption, and a circuit generating random bits. A noise voltage output from the noise source drives the circuit controlling random current consumption, which also generates a random control signal. The circuit generating random bits also includes a voltage-controlled oscillator, a plurality of frequency dividers, and a plurality of flip-flops. The voltage-controlled oscillator is controlled by both the noise voltage and the random control signal. The output of the voltage-controlled oscillator is input to the frequency dividers and the flip-flops to generate a random number.

摘要翻译： 随机数生成器。 随机数发生器包括噪声源，控制随机电流消耗的电路和产生随机位的电路。 从噪声源输出的噪声电压驱动控制随机电流消耗的电路，其也产生随机控制信号。 产生随机位的电路还包括压控振荡器，多个分频器和多个触发器。 压控振荡器由噪声电压和随机控制信号控制。 压控振荡器的输出被输入到分频器和触发器以产生随机数。

公开(公告)号：US20090103726A1

公开(公告)日：2009-04-23

申请号：US11975308

申请日：2007-10-18

申请人： Nabeel Ahmed

发明人： Nabeel Ahmed

IPC分类号： H04L9/26

CPC分类号： H04L9/12 ,  H04L9/0668 ,  H04L2209/12

摘要： In a cryptography system, client and server terminals each generate a private key constituting a randomized compilation of dynamic system parameters. Public keys are then generated based on the private keys, exchanged between the terminals, and used to generate a shared secret. Key stream generators generate a randomized key stream at each terminal using the shared secret, based on self-generating primitive polynomials. Key length is user selected, and may be modified during an ongoing encryption session. The generator includes a plurality of linear feedback shift registers whose lengths are self-configuring based on the user-specified key length. The registers are interconnected so that their output, namely, the key stream, is non-linear and random. Data is converted to binary form and encrypted by XOR'ing the binary-format data with the key stream. The system may be used in both a static secure transfer mode and a dynamic secure real time transfer mode.

摘要翻译： 在密码系统中，客户机和服务器终端各自生成构成动态系统参数的随机编译的私钥。 然后基于私钥生成公钥，在终端之间交换，并且用于生成共享秘密。 密钥流生成器使用共享秘密，基于自生成的原始多项式生成每个终端的随机密钥流。 密钥长度是用户选择的，并且可以在正在进行的加密会话期间被修改。 发生器包括多个线性反馈移位寄存器，其长度基于用户指定的密钥长度自配置。 这些寄存器互连，使得它们的输出，即密钥流是非线性和随机的。 数据转换为二进制形式，并通过使用密钥流XOR'二进制格式数据进行加密。 该系统可以用于静态安全传输模式和动态安全实时传输模式。

公开(公告)号：US20050220297A1

公开(公告)日：2005-10-06

申请号：US11073018

申请日：2005-03-04

申请人： Rainer Goettfert ,  Berndt Gammel ,  Kalman Cinkler ,  Stefan Rueping

发明人： Rainer Goettfert ,  Berndt Gammel ,  Kalman Cinkler ,  Stefan Rueping

IPC分类号： H04K1/00 ,  H04L9/06 ,  H04L9/26

CPC分类号： H04L9/0668 ,  H04L2209/12

摘要： A bit sequence which is generated by a feedback shift register is decimated with a variable decimation value m (mε|N) in a predetermined manner which is known on the decryption side, i.e. in that every mth bit of the bit sequence is picked out from the bit sequence so as to obtain the key bit stream.

摘要翻译： 由反馈移位寄存器产生的位序列以在解密侧已知的预定方式中的可变抽取值m（mepsilon | N）被抽取，也就是说，每第m个/ 从比特序列中选出比特序列，以获得密钥比特流。

公开(公告)号：US06944253B2

公开(公告)日：2005-09-13

申请号：US10803263

申请日：2004-03-18

申请人： Fatih M. Ozluturk

发明人： Fatih M. Ozluturk

IPC分类号： H03K3/84 ,  H04L9/06 ,  H04L9/18 ,  H04L9/22 ,  H04L9/26 ,  H04L23/00

CPC分类号： H03K3/84 ,  H04L9/0662 ,  H04L9/12 ,  H04L2209/12 ,  H04L2209/805

摘要： A circuit or software generates a cipher stream. The software models components or the circuit comprises a first and a second plurality of linear feedback shift registers (LFSR). A first of the second plurality of LFSR has a clock signal as a clock input and others of the second plurality of LFSR each have an output of a previous one of the second plurality of LFSR as a clock input. A first of the first plurality of LFSR has the clock signal combined with an output of the first of the second plurality of LFSR as a clock input and others of the first plurality of LFSR each have an output of a previous one of the second plurality of LSFR combined with an output of another of the first plurality of LFSR as a clock input. An output of a last of the first plurality of LFSR and an output of a last of the second plurality of LFSR is combined to produce the cipher stream.

摘要翻译： 电路或软件产生密码流。 软件模型组件或电路包括第一和第二多个线性反馈移位寄存器（LFSR）。 第二多个LFSR中的第一个具有作为时钟输入的时钟信号，并且第二多个LFSR中的另一个具有作为时钟输入的第二多个LFSR中的前一个的输出。 第一多个LFSR中的第一个具有与第二多个LFSR中的第一个LFSR的输出组合的时钟信号作为时钟输入，并且第一多个LFSR中的其他第一多个LFSR中的每一个具有第二多个LFSR中的前一个的输出 LSFR与第一多个LFSR中的另一个的输出结合作为时钟输入。 第一多个LFSR中的最后一个的输出和第二多个LFSR中的最后一个的输出被组合以产生密码流。