KR102345177B1 - 공개키 및 세션키를 이용한 인증 - Google Patents

공개키 및 세션키를 이용한 인증 Download PDF

Info

Publication number
KR102345177B1
KR102345177B1 KR1020167024911A KR20167024911A KR102345177B1 KR 102345177 B1 KR102345177 B1 KR 102345177B1 KR 1020167024911 A KR1020167024911 A KR 1020167024911A KR 20167024911 A KR20167024911 A KR 20167024911A KR 102345177 B1 KR102345177 B1 KR 102345177B1
Authority
KR
South Korea
Prior art keywords
key
payload
session key
public
combinations
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020167024911A
Other languages
English (en)
Korean (ko)
Other versions
KR20160123336A (ko
Inventor
제이슨 제이 무어
스티븐 이 맥닐
스티븐 엠 트림버거
Original Assignee
자일링크스 인코포레이티드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 자일링크스 인코포레이티드 filed Critical 자일링크스 인코포레이티드
Publication of KR20160123336A publication Critical patent/KR20160123336A/ko
Application granted granted Critical
Publication of KR102345177B1 publication Critical patent/KR102345177B1/ko
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)
KR1020167024911A 2014-02-20 2015-02-18 공개키 및 세션키를 이용한 인증 Active KR102345177B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US14/185,780 US9270469B2 (en) 2014-02-20 2014-02-20 Authentication using public keys and session keys
US14/185,780 2014-02-20
PCT/US2015/016417 WO2015126967A1 (en) 2014-02-20 2015-02-18 Authentication using public keys and session keys

Publications (2)

Publication Number Publication Date
KR20160123336A KR20160123336A (ko) 2016-10-25
KR102345177B1 true KR102345177B1 (ko) 2021-12-30

Family

ID=52633630

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020167024911A Active KR102345177B1 (ko) 2014-02-20 2015-02-18 공개키 및 세션키를 이용한 인증

Country Status (6)

Country Link
US (1) US9270469B2 (enExample)
EP (1) EP3108609B1 (enExample)
JP (1) JP6510546B2 (enExample)
KR (1) KR102345177B1 (enExample)
CN (1) CN106031082B (enExample)
WO (1) WO2015126967A1 (enExample)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9659191B2 (en) * 2014-04-09 2017-05-23 Seagate Technology Llc Encryption key storage and modification in a data storage device
US10541817B2 (en) * 2016-03-14 2020-01-21 Ricoh Company, Ltd. Data generation apparatus, data recording system, and program product
CN107451432A (zh) * 2016-05-30 2017-12-08 深圳市中兴微电子技术有限公司 一种启动程序检查方法和装置
US10034407B2 (en) * 2016-07-22 2018-07-24 Intel Corporation Storage sled for a data center
US10268844B2 (en) * 2016-08-08 2019-04-23 Data I/O Corporation Embedding foundational root of trust using security algorithms
TWI648741B (zh) * 2017-06-05 2019-01-21 慧榮科技股份有限公司 資料儲存裝置之控制器以及進階資料抹除的方法
US10541820B2 (en) * 2017-08-17 2020-01-21 Global Bonsai LLC Distributed digital ledger
US11558178B2 (en) * 2018-01-31 2023-01-17 Walmart Apollo, Llc System and method for prescription security and authentication
KR102192477B1 (ko) * 2018-07-16 2020-12-18 (주)이더블유비엠 Fido 기반 인증 대용의 암묵인증방법, 시스템 및 프로그램
US11232219B1 (en) 2019-01-31 2022-01-25 Xilinx, Inc. Protection of electronic designs
US11582021B1 (en) 2019-11-20 2023-02-14 Xilinx, Inc. Protection against differential power analysis attacks involving initialization vectors
KR20220126733A (ko) * 2019-11-20 2022-09-16 (주)이더블유비엠 Fido 기반 암묵인증방법, 시스템 및 프로그램
US11280829B1 (en) 2019-12-19 2022-03-22 Xlnx, Inc. System-on-chip having secure debug mode
EP3929784A1 (de) * 2020-06-23 2021-12-29 Siemens Aktiengesellschaft Booteinrichtung für ein computerelement und verfahren zum booten eines computerelements
US11893118B2 (en) * 2021-05-25 2024-02-06 Microsoft Technology Licensing, Llc Transfer of ownership of a computing device via a security processor
US12417191B2 (en) 2022-11-15 2025-09-16 Honeywell International Inc. Integrated key revocation with a field loading process and/or related safety checks related to an asset system
US20250045420A1 (en) * 2023-07-31 2025-02-06 Qualcomm Incorporated Apparatus and methods for binding a system on chip and a memory device with a key

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070226500A1 (en) * 2006-03-24 2007-09-27 Microsoft Corporation Subscription-based computing implemented in hardware of computing device
US20120110333A1 (en) * 2010-10-29 2012-05-03 Nokia Corporation Software security
US20130145160A1 (en) * 2011-12-05 2013-06-06 Certicom Corp. System and method for mounting encrypted data based on availability of a key on a network

Family Cites Families (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7917760B2 (en) * 1997-02-21 2011-03-29 Multos Limited Tamper resistant module having separate control of issuance and content delivery
US6816596B1 (en) * 2000-01-14 2004-11-09 Microsoft Corporation Encrypting a digital object based on a key ID selected therefor
US6760752B1 (en) * 1999-06-28 2004-07-06 Zix Corporation Secure transmission system
GB2355819A (en) 1999-10-26 2001-05-02 Marconi Comm Ltd Authentication of data and software
US6851049B1 (en) * 2000-10-02 2005-02-01 Pgp Corporation Method and apparatus for facilitating secure anonymous email recipients
US7404076B2 (en) * 2001-08-01 2008-07-22 Matsushita Electric Industrial Co., Ltd. Encrypted data delivery system
JP2003348079A (ja) * 2002-05-27 2003-12-05 Konica Minolta Holdings Inc 画像形成装置
US7440571B2 (en) 2002-12-03 2008-10-21 Nagravision S.A. Method for securing software updates
US20050235145A1 (en) * 2002-12-05 2005-10-20 Canon Kabushiki Kaisha Secure file format
JP2004304304A (ja) * 2003-03-28 2004-10-28 Fujitsu Ltd 電子署名生成方法,電子署名検証方法,電子署名生成依頼プログラム,及び電子署名検証依頼プログラム
EP1536606A1 (fr) * 2003-11-27 2005-06-01 Nagracard S.A. Méthode d'authentification d'applications
JP4546231B2 (ja) * 2004-12-09 2010-09-15 株式会社日立製作所 Idベース署名及び暗号化システムおよび方法
US20070269040A1 (en) * 2006-05-16 2007-11-22 Microsoft Corporation Cryptographic Protocol for Commonly Controlled Devices
US8863230B1 (en) * 2006-06-09 2014-10-14 Xilinx, Inc. Methods of authenticating a programmable integrated circuit in combination with a non-volatile memory device
US7987358B1 (en) * 2006-06-09 2011-07-26 Xilinx, Inc. Methods of authenticating a user design in a programmable integrated circuit
US8166304B2 (en) * 2007-10-02 2012-04-24 International Business Machines Corporation Support for multiple security policies on a unified authentication architecture
JP2009217722A (ja) * 2008-03-12 2009-09-24 Nippon Telegr & Teleph Corp <Ntt> 認証処理システム、認証装置、管理装置、認証処理方法、認証処理プログラムおよび管理処理プログラム
JP5382766B2 (ja) * 2008-09-26 2014-01-08 日本電気通信システム株式会社 電子メール検証システム、送信端末、受信端末、電子メール処理端末、電子メール検証、送信および受信方法
WO2010116618A1 (ja) * 2009-04-06 2010-10-14 パナソニック株式会社 鍵実装システム
US8242831B2 (en) * 2009-12-31 2012-08-14 Intel Corporation Tamper resistant fuse design
US9219604B2 (en) * 2011-05-09 2015-12-22 Cleversafe, Inc. Generating an encrypted message for storage
CN102761420B (zh) * 2012-08-08 2014-10-29 飞天诚信科技股份有限公司 一种安全认证方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070226500A1 (en) * 2006-03-24 2007-09-27 Microsoft Corporation Subscription-based computing implemented in hardware of computing device
US20120110333A1 (en) * 2010-10-29 2012-05-03 Nokia Corporation Software security
US20130145160A1 (en) * 2011-12-05 2013-06-06 Certicom Corp. System and method for mounting encrypted data based on availability of a key on a network

Also Published As

Publication number Publication date
US20150236856A1 (en) 2015-08-20
US9270469B2 (en) 2016-02-23
EP3108609A1 (en) 2016-12-28
KR20160123336A (ko) 2016-10-25
CN106031082A (zh) 2016-10-12
JP2017506850A (ja) 2017-03-09
CN106031082B (zh) 2019-08-27
WO2015126967A1 (en) 2015-08-27
EP3108609B1 (en) 2020-06-24
JP6510546B2 (ja) 2019-05-08

Similar Documents

Publication Publication Date Title
KR102345177B1 (ko) 공개키 및 세션키를 이용한 인증
US12189777B2 (en) Secure boot systems and methods for programmable logic devices
US12417319B2 (en) Multi-chip secure and programmable systems and methods
US9230112B1 (en) Secured booting of a field programmable system-on-chip including authentication of a first stage boot loader to mitigate against differential power analysis
US9165143B1 (en) Image file generation and loading
US9870488B1 (en) Method and apparatus for securing programming data of a programmable device
CN104734854B (zh) 密钥的安全提供
US10044514B1 (en) Secure external key storage for programmable ICS
CN108140085A (zh) 使用最少的硬件资源的可信平台
US20170339116A1 (en) Method and apparatus for secure provisioning of an integrated circuit device
US9003197B2 (en) Methods, apparatus and system for authenticating a programmable hardware device and for authenticating commands received in the programmable hardware device from a secure processor
JP7638427B2 (ja) Pufベースのルートキーと複数のデジタル入力シーケンスとが絡み合う電子システムおよびルートキー抽出器
US8983073B1 (en) Method and apparatus for restricting the use of integrated circuits
US8966253B1 (en) Method and apparatus for authenticating a programmable device bitstream
US10067770B2 (en) Platform key hierarchy
CN112437924B (zh) 用于可编程逻辑器件的安全引导系统和方法
CN115769204A (zh) 用于计算机元件的引导装置和用于引导计算机元件的方法
US9530022B1 (en) Protection of designs for electronic systems
US11366936B2 (en) Flexible cryptographic device
US20250315536A1 (en) Parallel processing systems and methods for facilitating bitstream security
US20250323802A1 (en) Systems and Methods for Bitstream Authentication
Horovitz et al. Protecting partial regions in FPGA bitstreams
Siddiqui et al. Boot time Bitstream Authentication for FPGAs

Legal Events

Date Code Title Description
PA0105 International application

St.27 status event code: A-0-1-A10-A15-nap-PA0105

E13-X000 Pre-grant limitation requested

St.27 status event code: A-2-3-E10-E13-lim-X000

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PG1501 Laying open of application

St.27 status event code: A-1-1-Q10-Q12-nap-PG1501

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

PA0201 Request for examination

St.27 status event code: A-1-2-D10-D11-exm-PA0201

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

St.27 status event code: A-1-2-D10-D21-exm-PE0902

P11-X000 Amendment of application requested

St.27 status event code: A-2-2-P10-P11-nap-X000

P13-X000 Application amended

St.27 status event code: A-2-2-P10-P13-nap-X000

E701 Decision to grant or registration of patent right
PE0701 Decision of registration

St.27 status event code: A-1-2-D10-D22-exm-PE0701

GRNT Written decision to grant
PR0701 Registration of establishment

St.27 status event code: A-2-4-F10-F11-exm-PR0701

PR1002 Payment of registration fee

St.27 status event code: A-2-2-U10-U12-oth-PR1002

Fee payment year number: 1

PG1601 Publication of registration

St.27 status event code: A-4-4-Q10-Q13-nap-PG1601

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 4

PR1001 Payment of annual fee

St.27 status event code: A-4-4-U10-U11-oth-PR1001

Fee payment year number: 5