KR20220069042A - 암호화 코프로세서에서 엔티티-특정 암호화 코드 실행 - Google Patents

암호화 코프로세서에서 엔티티-특정 암호화 코드 실행 Download PDF

Info

Publication number
KR20220069042A
KR20220069042A KR1020227013092A KR20227013092A KR20220069042A KR 20220069042 A KR20220069042 A KR 20220069042A KR 1020227013092 A KR1020227013092 A KR 1020227013092A KR 20227013092 A KR20227013092 A KR 20227013092A KR 20220069042 A KR20220069042 A KR 20220069042A
Authority
KR
South Korea
Prior art keywords
cryptographic
encrypted code
code
coprocessor
cryptographic coprocessor
Prior art date
Application number
KR1020227013092A
Other languages
English (en)
Korean (ko)
Inventor
와엘 이브라힘
매니쉬 델리와라
매닉 비스와스
수브라매니암 비쉬누바할라
앤드류 레이
Original Assignee
아메리칸 익스프레스 트레블 릴레이티드 서비스즈 컴퍼니, 아이엔씨.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US16/669,002 external-priority patent/US20210111901A1/en
Priority claimed from US16/668,973 external-priority patent/US11341280B2/en
Application filed by 아메리칸 익스프레스 트레블 릴레이티드 서비스즈 컴퍼니, 아이엔씨. filed Critical 아메리칸 익스프레스 트레블 릴레이티드 서비스즈 컴퍼니, 아이엔씨.
Publication of KR20220069042A publication Critical patent/KR20220069042A/ko

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Business, Economics & Management (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
KR1020227013092A 2019-10-11 2020-09-30 암호화 코프로세서에서 엔티티-특정 암호화 코드 실행 KR20220069042A (ko)

Applications Claiming Priority (9)

Application Number Priority Date Filing Date Title
US201962914275P 2019-10-11 2019-10-11
US201962914272P 2019-10-11 2019-10-11
US62/914,275 2019-10-11
US62/914,272 2019-10-11
US16/669,002 US20210111901A1 (en) 2019-10-11 2019-10-30 Executing entity-specific cryptographic code in a trusted execution environment
US16/668,973 US11341280B2 (en) 2019-10-11 2019-10-30 Executing entity-specific cryptographic code in a cryptographic coprocessor
US16/668,973 2019-10-30
US16/669,002 2019-10-30
PCT/US2020/053520 WO2021071719A1 (en) 2019-10-11 2020-09-30 Executing entity-specific cryptographic code in a cryptographic coprocessor

Publications (1)

Publication Number Publication Date
KR20220069042A true KR20220069042A (ko) 2022-05-26

Family

ID=75437590

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020227013092A KR20220069042A (ko) 2019-10-11 2020-09-30 암호화 코프로세서에서 엔티티-특정 암호화 코드 실행

Country Status (5)

Country Link
EP (1) EP4042630A4 (zh)
JP (1) JP7385025B2 (zh)
KR (1) KR20220069042A (zh)
CN (1) CN114556344A (zh)
WO (1) WO2021071719A1 (zh)

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2001125481A (ja) 1999-10-25 2001-05-11 Toshiba Corp 暗号通信端末、暗号通信センター装置及び暗号通信システム並びに記録媒体
JP2001338271A (ja) 2000-03-23 2001-12-07 Matsushita Electric Ind Co Ltd Icカード及びicカード利用システム
DE10107373A1 (de) 2001-02-16 2002-08-29 Infineon Technologies Ag Sicherheitsmodul mit flüchtigem Speicher zur Speicherung eines Algorithmuscodes
US7657033B2 (en) * 2004-12-10 2010-02-02 Fiske Software Llc Cryptography related to keys
KR20090059602A (ko) * 2007-12-07 2009-06-11 한국전자통신연구원 세션 메모리 버스를 구비한 암호화 장치
US9026803B2 (en) * 2009-11-30 2015-05-05 Hewlett-Packard Development Company, L.P. Computing entities, platforms and methods operable to perform operations selectively using different cryptographic algorithms
CN102546562A (zh) * 2010-12-22 2012-07-04 腾讯科技(深圳)有限公司 在web中传输数据时进行加解密的方法及系统
CN103297958B (zh) * 2012-02-22 2017-04-12 华为技术有限公司 建立安全上下文的方法、装置及系统
US10243727B2 (en) * 2013-10-31 2019-03-26 Ati Technologies Ulc Method and system for constant time cryptography using a co-processor

Also Published As

Publication number Publication date
JP2022551586A (ja) 2022-12-12
JP7385025B2 (ja) 2023-11-21
EP4042630A4 (en) 2023-10-11
CN114556344A (zh) 2022-05-27
WO2021071719A1 (en) 2021-04-15
EP4042630A1 (en) 2022-08-17

Similar Documents

Publication Publication Date Title
CN111181720B (zh) 基于可信执行环境的业务处理方法及装置
CN107743133B (zh) 移动终端及其基于可信安全环境的访问控制方法和系统
KR101712784B1 (ko) 글로벌 플랫폼 규격을 사용하는 발행자 보안 도메인에 대한 키 관리 시스템 및 방법
EP2954448B1 (en) Provisioning sensitive data into third party network-enabled devices
US9009854B2 (en) Platform-hardened digital rights management key provisioning
CN106899571B (zh) 信息交互方法及装置
CN102571329B (zh) 密码密钥管理
CN110889696A (zh) 一种基于sgx技术的联盟区块链秘钥存储方法、装置、设备及介质
CN106027503A (zh) 一种基于tpm的云存储数据加密方法
CN107453880B (zh) 一种云数据安全存储方法和系统
US11783091B2 (en) Executing entity-specific cryptographic code in a cryptographic coprocessor
JP2010514000A (ja) 電子装置にプログラム状態データをセキュアに記憶するための方法
US9524394B2 (en) Method and apparatus for providing provably secure user input/output
EP3292654B1 (en) A security approach for storing credentials for offline use and copy-protected vault content in devices
Cooijmans et al. Secure key storage and secure computation in Android
JP2015104020A (ja) 通信端末装置、通信端末関連付けシステム、通信端末関連付け方法、及びコンピュータプログラム
US20230021749A1 (en) Wrapped Keys with Access Control Predicates
US20210111901A1 (en) Executing entity-specific cryptographic code in a trusted execution environment
KR20140071775A (ko) 암호키 관리 시스템 및 방법
JP7385025B2 (ja) 暗号化コプロセッサにおけるエンティティ固有の暗号化コードの実行
CN115081000A (zh) 保护远程目标程序源码的方法、系统、设备和存储介质
CN116346341A (zh) 私钥保护和服务端访问方法、系统、设备及存储介质