CN1284227A - Method for making secure transmission of message from transmitting device to receiving device - Google Patents

Method for making secure transmission of message from transmitting device to receiving device Download PDF

Info

Publication number
CN1284227A
CN1284227A CN 98813288 CN98813288A CN1284227A CN 1284227 A CN1284227 A CN 1284227A CN 98813288 CN98813288 CN 98813288 CN 98813288 A CN98813288 A CN 98813288A CN 1284227 A CN1284227 A CN 1284227A
Authority
CN
China
Prior art keywords
prgm
message
encrypted
type
result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 98813288
Other languages
Chinese (zh)
Inventor
莱昂内尔·布雷黑米
文森特·里加尔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Schlumberger SA
Original Assignee
Schlumberger SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Schlumberger SA filed Critical Schlumberger SA
Publication of CN1284227A publication Critical patent/CN1284227A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

一种从发射器装置E向接收器装置R安全传送消息Prgm的方法。本发明的方法的特征在于:消息Prgm被分为n个基本单I,其中n是大于或等于1的数;逻辑性能P以对于任何基本单元I定义这样一种方式被定义,应用于真实的基本单元I的逻辑性能P给出类型为“真”的逻辑值;消息Prgm应用加密算法被发射器装置E的加密装置来加密,该算法具有密钥(Kc)来获得加密的结果Ko(Prgm);加密的结果Ko(Prgm)被发射器装置E传送到接收器装置R,加密的结果Kc(Prgm)应用解密算法被接收器装置R解密,该算法具有安全密钥(Kd)来获得解密的结果Kd(Kc(Prgm));解密的结果Kd(Kc(Prgm))被分为基本单元I;逻辑性能P被应用于基本单元I,从而对每个单元获得类型为“真”或类型为“假”的逻辑值。本发明引起适用于智能卡领域。A method of securely transmitting a message Prgm from a transmitter device E to a receiver device R. The method of the present invention is characterized in that: the message Prgm is divided into n elementary units I, wherein n is a number greater than or equal to 1; the logical performance P is defined in such a way for any elementary unit I that it applies to the real The logical property P of the elementary unit I gives a logical value of type "true"; the message Prgm is encrypted by the encryption means of the transmitter device E using an encryption algorithm with a key (Kc) to obtain the encrypted result Ko(Prgm ); the encrypted result Ko(Prgm) is transmitted by the transmitter device E to the receiver device R, the encrypted result Kc(Prgm) is decrypted by the receiver device R using a decryption algorithm with a secure key (Kd) to obtain the decryption The result of Kd(Kc(Prgm)); the result of decryption Kd(Kc(Prgm)) is divided into basic units I; the logical property P is applied to the basic units I, thereby obtaining for each unit the type "true" or the type A logical value of "false". The invention leads to application in the field of smart cards.

Description

The method that message from transmitting device to receiving device safety is transmitted
The present invention relates to a kind of method that transmits message from transmitting device to receiving device safety.
When information when transmitting device to receiving device transmits, as the information that is included in the message danger that is worsened is arranged in transmission.This deterioration can come from the reflector of message, in the transfer path or the fault in the receiver, perhaps comes from third-party deceptive practices.The message that is received then is destroyed.
This is a reason of having developed the method that the message that may verify transmission is not destroyed why.
And, when information when emitter apparatus is sent to acceptor device, it is useful making information privacy sometimes, thereby usually for the reflector and receiver of message, only the people of limited quantity has been kept visit to described information.
This is why to have developed to make message remain the reason of secret method.
At last, when the information in being included in message is sent to acceptor device, be commonly used to message is verified as the message that really arrives from emitter apparatus.
This is a reason of having developed the message verification method why.
Known be used to verify do not have destruction, keep maintaining secrecy and the method for affirmation is provided, promptly be used to make the method for message safety to generally include a message encryption and before transmission, the checking book is connected to the there.If acceptor device is a computer program then, also may carry out it to decrypt messages, authentication certificate and message.
In deciphering with in authentication certificate comprises the scope of two different operations, this method obviously a bit bothers.When encryption and decryption operations is tediously long especially like this.
According to top described, the problem that the present invention seeks to solve provides a kind of method that message from transmitting device to receiving device safety is transmitted, wherein above-mentioned decrypt and two steps of authentication certificate of its unnecessary execution.
According to aforesaid problem, the invention provides a kind of method that message from transmitting device to receiving device safety is transmitted, the method is characterized in that:
-message is subdivided into n elementary cell, and wherein n is the numeral greater than 1;
-logical performance is to be defined for any one elementary cell a kind of like this mode of definition, and logical performance provides the logical value of type for " very " when being applied to real elementary cell;
-messages application cryptographic algorithm is launched the encryption device of apparatus and encrypts, and this algorithm has the result that a key obtains to encrypt;
The result of-encryption is launched apparatus and is sent to acceptor device;
The result of-encryption uses decipherment algorithm and is received the apparatus deciphering, and this algorithm has the result that a key obtains to decipher;
The result of-deciphering is divided into each elementary cell;
-logical performance is applied to elementary cell, is that " very " or type are the logical value of " vacation " thereby each unit is obtained type; And
If the logical value of-each unit is " very " type, message is regarded as real and unbroken.
Advantageously carry out storing message then.
Can see that also message Prgm is advantageously used in the computer program that is received apparatus R execution and/or compiling.Elementary cell is the instruction of program Prgm.The performance P that is used to elementary cell I no matter when if elementary cell I be executable and/or can compile all provide the logical value of type for " very ".The performance P that is used to elementary cell I no matter when if elementary cell I be can not carry out and/or can not compile all provide the logical value of type for " vacation ".Acceptor device R is the portable object with smart card type of memory.Acceptor device R comprises the portable object of the smart card type with memory.Portable object with memory is Subscriber Identity Module (SIM).Message Prgm is write with senior compiler language.Senior compiler language is a Java language.Computer program is made of one group of instruction of compiling in advance.Message Prgm is encrypted as continuous stream or chained block.Message Prgm encrypts with the piece form, and the piece of the message Prgm that encrypts is replaced.The piece of a displacement is begin block or the end block of message Prgm.Kc (Prgm) is with the deciphering of piece form as a result, and the piece of each encryption produces the piece of the deciphering that occupies the space identical with the piece of encrypting.The encryption and decryption algorithm utilizes the random digit that is transmitted to acceptor device R by emitter apparatus E.After being verified, message Prgm is recorded in the nonvolatile memory of acceptor device R.
To better understand the present invention after the nonrestrictive description below having read.
In the present invention, message Prgm transmits to acceptor device R from emitter apparatus E.
As example, message Prgm is suitable for the computer program that is performed and/or compiles.
As example, emitter apparatus E is the cell site in server, computer, the telecommunications network or the intelligent card reading of contact or non-contact type, promptly anyly can encrypt and launch the device of message.Certainly, emitter apparatus E must be considered in the broader sense, comprises the complicated apparatus that is made of the physical piece that in fact separates, and a part is used for encrypting message, the described message of another part actual transmission.
As example, acceptor device R selectively provides intelligent card reading and inserts the computer, the receiving station in the communication network of the card of described reader, selectively the portable phone of Subscriber Identity Module (SIM) is installed, perhaps even smart card or this module, in other words be any device that can receive message or storing message, be under the situation of computer program in message advantageously, device can compile and/or executive program.When acceptor device advantageously comprised the portable memory object of smart card type, portable object was Payment Card or for example controls card to the visit of computer network.
Of the present invention describing below is restricted to wherein that message is the example of computer program Prgm.
In the present invention, computer program Prgm is divided into n elementary cell I, and wherein n is the integer more than or equal to 1.It comprises instruction, instruction block or the instruction of compiling in advance (or byte code) under the situation that computer program Prgm is write by the language that compiles with the java class type.
In the present invention, logical performance P is to be defined for each elementary cell I a kind of like this mode of definition, and when being applied to real elementary cell, this performance provides the logical value P (I) of type for " very ".
But, attempt to be modified and corresponding to for example unrecognizable program command at described elementary cell I, especially whenever finding of the sort of instruction that can not be compiled and/or carry out provides the performance P of type for the logical value P (I) of " vacation " when being applied to real elementary cell I.
In the present invention, program Prgm application encipher algorithm is launched the encryption device of apparatus E and encrypts, and this algorithm has one to the known key K c of described device E, obtains Kc (Prgm) as a result.It is secret that the encryption of program Prgm guarantees to be held during transmitting and receiving, and keep maintaining secrecy when it is sent to receiving system R.Kc (Prgm) is sent to acceptor device R from device E so as a result.
Using the decipherment algorithm that comprises the known safe key Kd of receiving system is then deciphered it by device R.Obtain the Kd as a result (Kc (Prgm)) of deciphering then.
Key K c can for the device the special appointment of E and for the device R known, or for the device the special appointment of R and for the device E known.The example of first kind of structure is the user's of the emitter apparatus service of transmitting situation at device R.The example of second kind of structure is that the acceptor device that the requirement program transmits transmits key K c at device R, and decruption key Kd keeps only for the known situation of acceptor device simultaneously.Example with spline structure is that Kc (private key system) identical with Kd and described key are received the situation that apparatus sends to emitter apparatus with the form of encrypting.
In the present invention, the Kd as a result of deciphering (Kc (Prgm)) is segmented and is decomposed into n elementary cell, and it is or corresponding to the image of n elementary cell, the program Prgm of these unit from segmentation emitter apparatus E obtains.
Thereby logical performance P is applied to a described n elementary cell each unit is obtained type is the logical value of " vacation " for " very " or type then.
When all logical values are " very " types, Xie Mi program is identical with encrypted program probably, and is used for the key K c that encrypted secret key is expectation.That receiver R inference draws program Prgm message then is destroyed and in fact it is had the emitter apparatus E emission of key K c, from but approval.
But, when at least one logical value is the false sorts type, the program of deciphering is different from Prgm, acceptor device R inference draws program Prgm and is subjected at least once revising in emission, reception or in transmitting, perhaps described program Prgm utilizes the key different with Kc encrypted in message, and this Kc is not desired value.Program or destroyed or do not approve then.
Thereby the present invention may in single encryption and decryption operation, guarantee simultaneously message be not ruined, be approval and program Prgm be held secret.
The instruction of the computer language that is written into by by way of example suppose program Prgm is the instruction with 4 byte codes, and producing theoretical total value is 2 32Individual possible coding comes defined instruction.Certainly, some codings that limited by one group of parameter can be not corresponding with any intelligible instruction.In addition, be used for some parameter of some coding, normally last 3 bytes only have approved certain value.Thereby storage address can not be born, and perhaps can not be positioned at the outside, space of distributing to program Prgm.This is the reason why performance P advantageously comprises parameter testing, and described parameter testing depends on instruction type.
If unit not verification and measurement ratio C is applied to the percentage that program Prgm is defined as not being identified as false possible instruction by handle about deciphering performance P and following single change, suppose that single change is the reason of change in each instruction of result of deciphering, the possibility prob that acceptor device R can not detect deceptive practices will be provided by following
prob=(1-C) n
For following typical value, the possibility prob below obtaining:
n C(%) prob
256 10% 1.9E-12
128 10% 1.4E-06
512 5% 3.9E-12
128 5% 1.4E-03
Observe except have seldom instruction and for its unit program that verification and measurement ratio C is very not high, by the possibility of unobservable change, the possibility of especially fraudulent change is very low.This possibility is very low under the encrypted situation of the key outside the program application Kc Fortiori
Compare with traditional cryptographic operation, application performance P does not need extra investment, especially considers extra computing time.If cryptographic algorithm is high-quality, suppose that any effort all is a pseudo-randomness when the instruction operation of deciphering forgery, it can detect mistake in all types of program Prgm.
Cryptographic algorithm is chained block or Continuous Flow type advantageously.Thereby revise any one elementary instruction will produce other the instruction in modification.On the contrary, if algorithm is operated independently with piece, encrypted program can be broken down into a series of n piece, for example must be corresponding to n elementary cell.By revising a piece and observing the behavior of acceptor device, revise the undetected possibility Prgm that passes through and equal 1-C then, and therefore very high.
For avoiding being applied to first and the detected modification of tail piece of encrypted program, for example the piece of encrypted program is replaced, thereby described first and tail piece are in not the position that can be arrived by dishonest user in predicting, although they are known for device E and R.
When cryptographic algorithm use produce by for example acceptor device R and during with random digit that emitter apparatus E communicates by letter, also improve confidentiality.As example, this be based on the byte that is applied to predetermined number program or be applied to encrypt before the xor operation of all programs.
At last, in the beginning and/or the end of program, may insert do-nothing instruction (NOPs) before encryption, receiving system will be by application performance P identifies it and then with its elimination.
In the first embodiment of the present invention, emitter apparatus E is the mobile telephone system of any other type of the base station of GSM telecommunications network (GSM is the Global Link mobile phone) or module safe in utilization, and acceptor device R is the Subscriber Identity Module SIM that is associated with mobile phone.The program Prgm that downloads among the described SIM is encoded with the instruction type of compiling in advance (byte code), for example writes with Java language.
Certainly, the present invention uses the mode identical with other smart card, for example payment system or access control system.
In the first embodiment of the present invention, program is divided into n elementary cell, and each elementary cell is an instruction of compiling in advance, and it has the bit (or fixing or depend on instruction type) of predetermined number.
Logical performance P defines in such a way: when the elementary cell that is applied to the there is executable instruction (instruction that can compile) or it adopts true logical value when instructing corresponding to NOP.
The cryptographic algorithm that program Prgm uses then as RSA (RSA=Rivet, the Shamir Adelman) type of describing in U.S. Patent No. 4405829 is launched apparatus E encryption.Obtain encrypted result Kc (Prgm) then, i.e. the function of key K c.
This is Kc (Prgm) as a result, and promptly encrypted program is delivered to the cell site that is associated with the there and then is delivered to the mobile phone receiving system by the base station.It is loaded onto in the card then, and before the application encipher operation, it is recorded in (EEPROM) in the nonvolatile memory there, provides the time span that is used for carrying out at SIM this action need.
This as a result Kc (Prgm) use then and comprise that the decipherment algorithm of safe key Kd is decrypted.Each piece of decrypted result is stored in the address of the corresponding encrypted result piece among the EEPROM of SIM.Therefore, the storage space that is used to carry out according to deciphering of the present invention is minimized.Also observe in the embodiment of another kind of form of the present invention, under the help of at least one available storage space, may be stored in the result block of deciphering in the storage address of the address that is different from their corresponding pieces of encrypting.May replace circularly, thereby during decryption step, improve the reliability of program.
Performance P preferably is employed after the deciphering fully at the Kc as a result (Prgm) that encrypts, and only obtains last result (program acceptance or refusal) after having carried out all checkings.Thereby which elementary cell I the hollow man can not detect simply be identified, when application performance P, produce the logical value of a vacation.
Be given in available a spot of memory among the SIM, carry out simple computing function for performance P.This is a function of being carried out by compiler itself.In case the result who encrypts is decrypted, compiler is by checking that whether instructing is the significant result who compiles deciphering.In other words, compiler comes routine analyzer in mode identical when compiling with normal mode, have one be not both this compiling do not follow except that the result of checking deciphering whether real corresponding to any effect the program Prgm.
In the second embodiment of the present invention, emitter apparatus E is the server as the form Kc (Prgm) that writes with Java language of compiling in advance and encrypting that comprises program Prgm.Acceptor device R is a personal computer, and it advantageously provides the intelligent card reading that can insert card.Personal computer has a hard disk and the memory block that promptly can not be read or write by the third party reliably, the storage temporarily or for good and all of Kd as a result that is used to decipher (Kc (Prgm)) and key.Computer also has software, and be used for load module Prgm and be called as " loader ", when this program is called at every turn, before described program Prgm is employed, the program Prgm that must loading compiles in advance (compiling or expectation).In this second embodiment of the present invention, software comprises decipher function, and it advantageously has the element to deciphering the necessary function element and especially having decipherment algorithm.The loader software that is used for load module is called as " cross and load " then.Certainly, deciphering other function element that need can be comprised in the nonvolatile memory of smart card.These elements are then by program loader software and deciphering funcall.Thereby make loader software can with card decrypted result Kc (Prgm) and verify the Kd as a result (Kc (Prgm)) that deciphers before link to each other the time at the Kd as a result (Kc (Prgm)) of the described deciphering of compiling, after promptly this program Prgm was performed, performance P had been successfully applied to program Prgm once.
If card is separately as the key or the element that are used to comprise one or more deciphering needs, Biao secret physical medium for example, time and the storage space restrictive condition mentioned when describing the method for the first embodiment of the present invention are unessential in a second embodiment.The card in addition can comprise whole secure decryption algorithm.
As a result, performance P does not need only have the above-mentioned type, perhaps can be the property of implementing in verification algorithm.In one example, the verification algorithm instruction that checking is compiled in advance when each block instruction from the result who encrypts is decrypted.
Card and provide compiler, loader device and comprise 3 stages: initial phase with data interchange stage that card inserts between the relevant personal computer of wherein card reader; Transfer phase; Deciphering/Qualify Phase.
Initial phase is the stage that public keys and safe key are exchanged during it.This stage is moved during the initialization of decryption processing.Key is to also can at any time calculating on the hard disk that is not written in personal computer again.In this stage, the instruction that reinitializes is sent to card by personal computer.COMPUTER CALCULATION comprises public keys PKc and safe key PKd pair of secret keys then, and application safety key PKd calculates the feature of public keys PKc.This feature is sent to card with public keys PKc.Use public keys PKc then and verify it by card.Card application safety ciphering key Ld calculates the feature of public keys CKc.This feature application public keys CKc is sent to personal computer.Computer application public keys CKc verifies feature.
Transfer phase is that security information is loaded onto stage the personal computer from card during it.This information makes computer can decipher the program Prgm of the form of compiling in advance and encrypting.During this stage, computer requires card to transmit the decruption key Kd of the safety in the memory that it is included in it.Card is used key PKc and is encrypted this key and it is sent to computer.Its key K d of computer application is decrypted this message, then it is provided key K c.May obtain program Prgm ' by decrypted program Kc (Prgm) for computer then, if deceptive practices do not take place, it is identical with original program Prgm.
At this moment, computer can be further divided into elementary cell to program Prgm ', and performance P is applied to the there, and is the same with first embodiment.If the result is gratifying, described program for example for example is archived on the hard disk.Computer also can calculate authorization information (for example verification and or be more preferably hashing total), and it is archived in the card memory so that it in turn proving program do not have destroyed.

Claims (17)

1.一种使消息Prgm从发射器装置E向接收器装置R安全传送的方法,该方法的特征在于:1. A method of securely transmitting a message Prgm from a transmitter device E to a receiver device R, the method being characterized in that: -消息Prgm被分为n个基本单元I,其中n是大于1的数字;- the message Prgm is divided into n basic units I, where n is a number greater than 1; -逻辑性能P以对于任何一个基本单元I按这样一种方式进行定义,即当应用于真实的基本单元I时逻辑性能P给出类型为“真”的逻辑值;- the logical property P is defined for any elementary unit I in such a way that when applied to a real elementary unit I, the logical property P gives a logical value of type "true"; -消息Prgm应用加密算法被发射器装置E的加密装置来加密,该算法具有一个密钥Kc来获得加密的结果Kc(Prgm);- the message Prgm is encrypted by the encryption means of the transmitter device E using an encryption algorithm with a key Kc to obtain the encrypted result Kc(Prgm); -加密的结果Kc(Prgm)被发射器装置E传送到接收器装置R;- the encrypted result Kc(Prgm) is transmitted by the transmitter device E to the receiver device R; -加密的结果Kc(Prgm)应用解密算法被接收器装置R解密,该算法具有一个安全密钥Kd来获得解密的结果Kd(Kc(Prgm));- the encrypted result Kc(Prgm) is decrypted by the receiver device R applying a decryption algorithm with a security key Kd to obtain the decrypted result Kd(Kc(Prgm)); -解密的结果Kd(Kc(Prgm))被分为基本单元I;- the decrypted result Kd(Kc(Prgm)) is divided into basic units I; -逻辑性能P被应用于基本单元I从而对每个单元获得类型为“真”或类型为“假”的逻辑值;及- the logical property P is applied to the basic unit I to obtain for each unit a logical value of type "true" or type "false"; and -如果各个单元的逻辑值是“真”类型,消息Prgm被视为真实的且未被破坏的。- The message Prgm is considered true and uncorrupted if the logical value of the respective cell is of type "true". 2.根据前面所述的权利要求的方法,其特征在于消息Prgm是适合于接收器装置R执行和/或编译的计算机程序。2. A method according to the preceding claims, characterized in that the message Prgm is a computer program adapted to be executed and/or compiled by the receiver device R. 3.根据前面所述的权利要求的方法,其特征在于基本单元I是程序Prgm的指令。3. A method according to the preceding claims, characterized in that the basic unit I is an instruction of the program Prgm. 4.根据权利要求2或3的方法,其特征在于无论何时只要基本单元I是可执行的和/或可编译的,用于基本单元I的性能P给出类型为真的逻辑值。4. A method according to claim 2 or 3, characterized in that the property P for the basic unit I gives a logical value of type true whenever the basic unit I is executable and/or compilable. 5.根据权利要求2、3或4的方法,其特征在于无论何时只要基本单元I是不可执行的和/或不可编译的,用于基本单元I的性能P给出类型为假的逻辑值。5. A method according to claim 2, 3 or 4, characterized in that the capability P for the basic unit I gives a logical value of type false whenever the basic unit I is non-executable and/or non-compilable. 6.根据前面任一项所述的权利要求的方法,其特征在于接收器装置R是具有存储器的智能卡型的便携物体。6. A method according to any one of the preceding claims, characterized in that the receiver means R is a portable object of the smart card type with a memory. 7.根据权利要求1-5的任一项的方法,其特征在于接收器装置R包括具有存储器的智能卡型的便携物体。7. A method according to any one of claims 1-5, characterized in that the receiver means R comprise a portable object of the smart card type with a memory. 8.根据权利要求6的方法,其特征在于具有存储器的便携物体是用户标识模块(ISM)。8. 6. A method according to claim 6, characterized in that the portable object with memory is a Subscriber Identity Module (ISM). 9.根据前面任一项所述的权利要求的方法,其特征在于消息Prgm以高级编译语言被写入。9. A method according to any one of the preceding claims, characterized in that the message Prgm is written in a high-level compiled language. 10.根据权利要求9的方法,其特征在于高级编译语言是Java语言。10. The method according to claim 9, characterized in that the high-level compiled language is the Java language. 11.根据权利要求9或10的方法,其特征在于计算机程序由一组预先编纂的指令构成。11. 9. A method according to claim 9 or 10, characterized in that the computer program consists of a set of pre-programmed instructions. 12.根据前面任一项所述的权利要求的方法,其特征在于消息Prgm被加密为连续流或链接块。12. A method according to any one of the preceding claims, characterized in that the message Prgm is encrypted as a continuous stream or concatenated blocks. 13.根据前面任一项所述的权利要求的方法,其特征在于消息Prgm以块的形式被加密,并且加密的消息Prgm的块被置换。13. A method according to any one of the preceding claims, characterized in that the message Prgm is encrypted in blocks and the blocks of the encrypted message Prgm are permuted. 14.根据权利要求13的方法,其特征在于置换的块之一是消息Prgm的开始块或结束块。14. 13. A method according to claim 13, characterized in that one of the replaced blocks is the start block or the end block of the message Prgm. 15.根据权利要求1-12的任一项的方法,其特征在于结果Kc(Prgm)以块形密,各个解密的块产生与加密的块占据相同的空间的解密的块。15. A method according to any one of claims 1-12, characterized in that the result Kc(Prgm) is encrypted in block form, each decrypted block yielding a decrypted block occupying the same space as the encrypted block. 16.根据前面任一项所述的权利要求的方法,其特征在于加密和解密算法利用由发射器装置E向接收器装置R传送的随机数目。16. A method according to any one of the preceding claims, characterized in that the encryption and decryption algorithms use random numbers transmitted by the transmitter device E to the receiver device R. 17.根据前面任一项所述的权利要求的方法,其特征在于消息Prgm在验证后被记录在接收器装置R的非易失性存储器中。17. A method according to any one of the preceding claims, characterized in that the message Prgm is recorded in a non-volatile memory of the receiver device R after authentication.
CN 98813288 1997-12-16 1998-12-16 Method for making secure transmission of message from transmitting device to receiving device Pending CN1284227A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR9715971A FR2772532B1 (en) 1997-12-16 1997-12-16 METHOD FOR SECURING THE TRANSMISSION OF A MESSAGE FROM A TRANSMITTING DEVICE TO A RECEIVING DEVICE
FR97/15971 1997-12-16

Publications (1)

Publication Number Publication Date
CN1284227A true CN1284227A (en) 2001-02-14

Family

ID=9514695

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 98813288 Pending CN1284227A (en) 1997-12-16 1998-12-16 Method for making secure transmission of message from transmitting device to receiving device

Country Status (5)

Country Link
EP (1) EP1040620A1 (en)
JP (1) JP2002509269A (en)
CN (1) CN1284227A (en)
FR (1) FR2772532B1 (en)
WO (1) WO1999031845A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100462992C (en) * 2007-04-30 2009-02-18 北京飞天诚信科技有限公司 Method and system for producing information safety device
CN106104558A (en) * 2014-03-06 2016-11-09 微软技术许可有限责任公司 Secure hardware for striding equipment trusted applications

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ATE522039T1 (en) 2000-01-21 2011-09-15 Sony Computer Entertainment Inc DEVICE AND METHOD FOR PROCESSING ENCRYPTED DATA

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5155680A (en) * 1986-10-24 1992-10-13 Signal Security Technologies Billing system for computing software
US5222133A (en) * 1991-10-17 1993-06-22 Wayne W. Chou Method of protecting computer software from unauthorized execution using multiple keys
US6226749B1 (en) * 1995-07-31 2001-05-01 Hewlett-Packard Company Method and apparatus for operating resources under control of a security module or other secure processor
JPH09179951A (en) * 1995-12-22 1997-07-11 Dainippon Printing Co Ltd Portable information recording medium and its system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100462992C (en) * 2007-04-30 2009-02-18 北京飞天诚信科技有限公司 Method and system for producing information safety device
CN106104558A (en) * 2014-03-06 2016-11-09 微软技术许可有限责任公司 Secure hardware for striding equipment trusted applications
US10404466B2 (en) 2014-03-06 2019-09-03 Microsoft Technology Licensing, Llc Secure hardware for cross-device trusted applications
CN106104558B (en) * 2014-03-06 2020-07-10 微软技术许可有限责任公司 Secure hardware for cross-device trusted applications

Also Published As

Publication number Publication date
FR2772532A1 (en) 1999-06-18
FR2772532B1 (en) 2000-01-07
EP1040620A1 (en) 2000-10-04
WO1999031845A1 (en) 1999-06-24
JP2002509269A (en) 2002-03-26

Similar Documents

Publication Publication Date Title
US8909932B2 (en) Method and apparatus for security over multiple interfaces
US8000467B2 (en) Data parallelized encryption and integrity checking method and device
CN102419804B (en) Reliable software product confirmation and activation with redundancy security
US7127067B1 (en) Secure patch system
CN111639306A (en) Offline software authorization method, device, equipment and storage medium
CN1655087A (en) Method and computing device that securely runs authorized software
CN110710155A (en) Progressive key encryption algorithm
JP2009501470A (en) Protecting multimedia data
KR101494991B1 (en) Authenticator, authenticatee and authentication method
TWI436233B (en) Authentication element, certified component and its authentication method
US11720693B2 (en) System and method for securely transferring data
US8181869B2 (en) Method for customizing customer identifier
CN101164048B (en) Safety system applied in memory card
CN111884814B (en) Method and system for preventing intelligent terminal from being counterfeited
CN101556638A (en) Data processing apparatus
CN1284227A (en) Method for making secure transmission of message from transmitting device to receiving device
KR101494990B1 (en) Authenticator, authenticatee and authentication method
US11522707B2 (en) System and method for detecting compromised devices
CN114817956A (en) USB communication object verification method, system, device and storage medium
EP0356065B1 (en) Secure management of keys using control vectors
KR101290818B1 (en) Secure patch system
CN118921508B (en) Lightweight video stream data encryption method, system and device based on password card
US20220284113A1 (en) System and method for securely transferring data using encryption keys
CN118158021B (en) A data transmission processing method and system based on Glink bus protocol
CN113395156B (en) Logic encryption card, authentication method thereof and computer readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication