BR112017011624A2 - proteção de chaves de dispositivo - Google Patents
proteção de chaves de dispositivoInfo
- Publication number
- BR112017011624A2 BR112017011624A2 BR112017011624A BR112017011624A BR112017011624A2 BR 112017011624 A2 BR112017011624 A2 BR 112017011624A2 BR 112017011624 A BR112017011624 A BR 112017011624A BR 112017011624 A BR112017011624 A BR 112017011624A BR 112017011624 A2 BR112017011624 A2 BR 112017011624A2
- Authority
- BR
- Brazil
- Prior art keywords
- bits
- programmable memory
- unlocked
- protected element
- device key
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/556—Detecting local intrusion or implementing counter-measures involving covert channels, i.e. data leakage between processes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/006—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
- Amplifiers (AREA)
Abstract
resumo "proteção de chaves de dispositivo" trata-se de um método para proteger uma chave de dispositivo em um dispositivo que compreende ao menos um elemento protegido conectado localmente a ao menos uma memória programável uma única vez, a qual armazena um valor global na forma de uma sequência de bis que inclui bits bloqueados e bits desbloqueados. os bits bloqueados são pré-programados de maneira irreversível na memória programável uma única vez durante a fase de inicialização do dispositivo, ao passo que os bits desbloqueados, que permanecem em um estado inicial, podem ser programáveis pelo elemento protegido. o elemento protegido é configurado para gerar, quando da inicialização do dispositivo, um valor específico ao dispositivo usando o valor global, programar o valor específico ao dispositivo previamente obtido na memória programável uma única vez e apagar o valor global programando os bits desbloqueados da sequência de bits correspondente. outro objetivo da invenção inclui um dispositivo configurado para praticar o método.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP14197711.6 | 2014-12-12 | ||
EP14197711 | 2014-12-12 | ||
PCT/EP2015/078896 WO2016091837A1 (en) | 2014-12-12 | 2015-12-08 | Device keys protection |
Publications (2)
Publication Number | Publication Date |
---|---|
BR112017011624A2 true BR112017011624A2 (pt) | 2017-12-26 |
BR112017011624B1 BR112017011624B1 (pt) | 2023-05-23 |
Family
ID=
Also Published As
Publication number | Publication date |
---|---|
AU2015359526A1 (en) | 2017-06-15 |
SG11201704265YA (en) | 2017-06-29 |
US20190280853A1 (en) | 2019-09-12 |
CN107004083A (zh) | 2017-08-01 |
US11018847B2 (en) | 2021-05-25 |
MX2017006977A (es) | 2017-11-15 |
KR102445518B1 (ko) | 2022-09-20 |
EP3230918B1 (en) | 2018-10-03 |
CN107004083B (zh) | 2020-05-26 |
EP3230918A1 (en) | 2017-10-18 |
US10205588B2 (en) | 2019-02-12 |
CA2968452A1 (en) | 2016-06-16 |
JP2018500823A (ja) | 2018-01-11 |
WO2016091837A1 (en) | 2016-06-16 |
US20180034625A1 (en) | 2018-02-01 |
TW201633207A (zh) | 2016-09-16 |
AU2015359526B2 (en) | 2018-07-05 |
KR20170093847A (ko) | 2017-08-16 |
MX366863B (es) | 2019-07-26 |
CA2968452C (en) | 2023-10-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
MX366863B (es) | Protección de claves de dispositivos. | |
DK3453076T3 (da) | Låsende jordklemme | |
IL248906A0 (en) | Locking devices that include material with a form memory | |
IL271729B1 (en) | Tree integrity counter for memory security | |
DK3372762T3 (da) | Foldelås med alarmanordning | |
PL3123387T3 (pl) | Zabezpieczenie ładowania danych do pamięci nieulotnej zabezpieczonego elementu | |
DK3425143T3 (da) | Låseblik til en låseslå af et afspærringsindelukke | |
DK3480395T3 (da) | Elektromekanisk lås | |
DK3183405T3 (da) | Bøjlelås med drejningssikring | |
DK3197763T3 (da) | Tyverisikret cykellåseindretning | |
DK3440286T3 (da) | Sikringssøjle | |
GB201601036D0 (en) | Vector atomic memory update instruction | |
DE112017001079A5 (de) | Schleuse | |
DK3225283T3 (da) | Fireproof closure | |
IL267292A (en) | non-volatile memory | |
IL264706B (en) | Keeping secrets protected in a secure boot update | |
DK3710655T3 (da) | Dørlås | |
FI20155295A (fi) | Lukkorunko | |
DK3276112T3 (da) | Dørlåseindretning | |
AR101128A1 (es) | Unidad de bloqueo para bocas de incendios | |
IT201700095994A1 (it) | Elemento logico a superconduttori | |
IT201700076671A1 (it) | Serratura di sicurezza | |
PL3186741T3 (pl) | Ochrona dostępu do danych zewnętrznych w pamięci nieulotnej tokena | |
IT201700065487A1 (it) | Serratura a cilindro con bloccaggio alla rotazione in caso di spezzamento | |
FR3050222B1 (fr) | Serrure de surete |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
B06U | Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette] | ||
B09A | Decision: intention to grant [chapter 9.1 patent gazette] | ||
B16A | Patent or certificate of addition of invention granted [chapter 16.1 patent gazette] |
Free format text: PRAZO DE VALIDADE: 20 (VINTE) ANOS CONTADOS A PARTIR DE 08/12/2015, OBSERVADAS AS CONDICOES LEGAIS |