专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08036379B2 Cryptographic processing 有权
标题翻译：加密处理
公开(公告)号：US08036379B2
公开(公告)日：2011-10-11
申请号：US11376454
申请日：2006-03-15
申请人： Niels T. Ferguson , Peter L. Montgomery
发明人： Niels T. Ferguson , Peter L. Montgomery
IPC分类号： H04L9/00 , H04K1/00 , H04L29/02
CPC分类号： G06F21/72 , G06F9/30007 , G06F9/30029 , H04L9/0631 , H04L2209/12
摘要： Executable instructions designed to provide faster cryptographic processing, fixed-timing memory access, and dedicated memory usage are implementable on an x86 CPU utilizing XMM registers. The instructions can be utilized to implement cryptographic processing in accordance with the Advanced Encryption Standard (AES). To encrypt, a single instruction performs nonlinear transformation, rotation, and linear transformation. Another single instruction used during encryption performs nonlinear transformation and rotation. New instructions also are implemented to perform decryption. The instructions implemented to perform decryption perform the mathematical inverse functions of their counterparts used for encryption.
摘要翻译：旨在提供更快的加密处理，固定时间存储器访问和专用内存使用的可执行指令可在使用XMM寄存器的x86 CPU上实现。该指令可用于根据高级加密标准（AES）来实现加密处理。为了加密，单个指令执行非线性变换，旋转和线性变换。在加密期间使用的另一个指令执行非线性变换和旋转。新的指令也被实现来执行解密。执行解密的指令执行用于加密的对方的数学反函数。

2. 发明授权

US08885833B2 One-time recovery credentials for encrypted data access 有权
标题翻译：加密数据访问的一次性恢复凭据
公开(公告)号：US08885833B2
公开(公告)日：2014-11-11
申请号：US13084207
申请日：2011-04-11
申请人： Benjamin E. Nick , Magnus Bo Gustaf Nyström , Cristian M. Ilac , Niels T. Ferguson , Nils Dussart
发明人： Benjamin E. Nick , Magnus Bo Gustaf Nyström , Cristian M. Ilac , Niels T. Ferguson , Nils Dussart
IPC分类号： H04L9/08 , G06F21/62 , H04L9/00
CPC分类号： H04L9/0894 , G06F21/6209 , H04L9/0822
摘要： A key recovery request for a device is received at a key recovery service and a particular one-time recovery credential in a sequence of multiple one-time recovery credentials is identified. In the sequence of multiple one-time recovery credentials, previous one-time recovery credentials in the sequence are indeterminable given subsequent one-time recovery credentials in the sequence. A recovery key associated with the device is also identified. The particular one-time recovery credential in the sequence is generated based on the recovery key, and is returned in response to the key recovery request. The particular one-time recovery credential can then be used by the device to decrypt encrypted data stored on a storage media of the device.
摘要翻译：在密钥恢复服务处接收到对设备的关键恢复请求，并且识别出多个一次性恢复凭证的序列中的特定一次性恢复凭证。在多次一次性恢复凭据的顺序中，序列中的以前的一次性恢复凭证在序列中的后续一次恢复凭证中是不可确定的。还识别与该设备相关联的恢复密钥。序列中特定的一次性恢复凭证基于恢复密钥生成，并响应于密钥恢复请求而返回。然后，设备可以使用特定的一次性恢复凭证来解密存储在设备的存储介质上的加密数据。

3. 发明授权

US08682948B2 Scalable random number generation 有权
标题翻译：可扩展随机数生成
公开(公告)号：US08682948B2
公开(公告)日：2014-03-25
申请号：US12986006
申请日：2011-01-06
申请人： Niels T. Ferguson , Dayi Zhou , Vijay G. Bharadwaj
发明人： Niels T. Ferguson , Dayi Zhou , Vijay G. Bharadwaj
IPC分类号： G06F7/58
CPC分类号： G06F7/58
摘要： In embodiments of scalable random number generation, a system includes one or more entropy pools that combine entropy data, which is derived from entropy sources based on event data. A root pseudo-random number generator (PRNG) maintains a seeded entropy state that is reseeded by the entropy pools, and a seed version identifier updates to indicate a current seed version of the root PRNG. Processor PRNGs are instantiated one each per logical processor in a kernel of the system, where each processor PRNG maintains a PRNG entropy state that is reseeded from the root PRNG, and a processor PRNG generates a random number from a respective PRNG entropy state when invoked.
摘要翻译：在可扩展随机数生成的实施例中，系统包括一个或多个熵池，其组合基于事件数据从熵源导出的熵数据。根伪随机数生成器（PRNG）保持由熵池重新获得的种子熵状态，并且种子版本标识符更新以指示根PRNG的当前种子版本。处理器PRNG在系统的内核中每个逻辑处理器被实例化，其中每个处理器PRNG保持从根PRNG重新进入的PRNG熵状态，并且处理器PRNG在被调用时从相应的PRNG熵状态生成随机数。

4. 发明申请

US20110022856A1 Key Protectors Based On Public Keys 有权
标题翻译：基于公钥的主要保护者
公开(公告)号：US20110022856A1
公开(公告)日：2011-01-27
申请号：US12509255
申请日：2009-07-24
申请人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
发明人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
IPC分类号： G06F12/14
CPC分类号： H04L9/0822 , G06F21/602 , G06F21/62 , G06F21/78 , H04L9/0844 , H04L9/0894 , H04L9/14 , H04L2463/062
摘要： In accordance with one or more aspects, a key protector for a storage volume is created by generating an intermediate key and protecting, based at least in part on a public/private key pair, the intermediate key. A volume master key for encrypting and decrypting one or more volume encryption keys that are used to encrypt the storage volume can be encrypted in different manners, including being encrypted based at least in part on the intermediate key. A key protector for the storage volume is stored that includes both the encrypted volume master key and information indicating how to obtain the intermediate key. Subsequently, the key protector can be accessed and, based at least in part on a private key of the entity associated with the key protector, the intermediate key can be decrypted. The intermediate key can then be used to decrypt the volume master key.
摘要翻译：根据一个或多个方面，通过生成中间密钥并至少部分地基于公共/私人密钥对来保护中间密钥来创建用于存储卷的密钥保护器。用于加密和解密用于加密存储卷的一个或多个卷加密密钥的卷主密钥可以以不同的方式加密，包括至少部分地基于中间密钥进行加密。存储存储卷的密钥保护器，其包括加密的卷主密钥和指示如何获得中间密钥的信息。随后，可以访问密钥保护器，并且至少部分地基于与密钥保护器相关联的实体的私钥，中间密钥可以被解密。然后可以使用中间密钥来解密卷主密钥。

5. 发明申请

US20140108814A1 CRYPTOGRAPHIC KEY MANAGEMENT 有权
标题翻译： CRYPTOGRAPHIC主要管理
公开(公告)号：US20140108814A1
公开(公告)日：2014-04-17
申请号：US12978266
申请日：2010-12-23
申请人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
发明人： Vijay G. Bharadwaj , Niels T. Ferguson , Carl M. Ellison , Magnus Bo Gustaf Nyström , Dayi Zhou , Denis Issoupov , Octavian T. Ureche , Peter J. Novotney , Cristian M. Ilac
IPC分类号： G06F21/60
CPC分类号： G06F21/602 , G06F2221/2141 , H04L9/0836 , H04L9/0866
摘要： Cryptographic key management techniques are described. In one or more implementations, an access control rule is read that includes a Boolean expression having a plurality of atoms. The cryptographic keys that corresponds each of the plurality of atoms in the access control rule are requested. One or more cryptographic operations are then performed on data using one or more of the cryptographic keys.
摘要翻译：描述密码密钥管理技术。在一个或多个实现中，读取包括具有多个原子的布尔表达式的访问控制规则。请求与访问控制规则中的多个原子对应的密码密钥。然后使用一个或多个密码密钥对数据执行一个或多个加密操作。

6. 发明授权

US08462955B2 Key protectors based on online keys 有权
标题翻译：基于在线密钥的主要保护器
公开(公告)号：US08462955B2
公开(公告)日：2013-06-11
申请号：US12793455
申请日：2010-06-03
申请人： Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
发明人： Octavian T. Ureche , Nils Dussart , Michael A. Halcrow , Charles G. Jeffries , Nathan T. Lewis , Cristian M. Ilac , Innokentiy Basmov , Magnus Bo Gustaf Nyström , Niels T. Ferguson
IPC分类号： H04L9/08 , G06F11/30 , G06F12/14
CPC分类号： H04L9/0894 , H04L9/0822 , H04L63/061 , H04L2463/062
摘要： An online key stored by a remote service is generated or otherwise obtained, and a storage media (as it applies to the storage of data on a physical or virtual storage media) master key for encrypting and decrypting a physical or virtual storage media or encrypting and decrypting one or more storage media encryption keys that are used to encrypt a physical or virtual storage media is encrypted based at least in part on the online key. A key protector for the storage media is stored, the key protector including the encrypted master key. The key protector can be subsequently accessed, and the online key obtained from the remote service. The master key is decrypted based on the online key, allowing the one or more storage media encryption keys that are used to decrypt the storage media to be decrypted.
摘要翻译：生成或以其他方式获得由远程服务存储的在线密钥，以及存储介质（适用于存储物理或虚拟存储介质上的数据）主密钥，用于加密和解密物理或虚拟存储介质或加密和至少部分地基于在线密钥来加密用于加密物理或虚拟存储介质的一个或多个存储介质加密密钥的解密。存储存储介质的密钥保护器，密钥保护器包括加密的主密钥。随后可以访问密钥保护器，并从远程服务获取在线密钥。主密钥基于在线密钥解密，允许用于解密存储介质的一个或多个存储介质加密密钥被解密。

7. 发明申请

US20080022132A1 Storage device controlled access 有权
标题翻译：存储设备控制访问
公开(公告)号：US20080022132A1
公开(公告)日：2008-01-24
申请号：US11449553
申请日：2006-06-07
申请人： Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
发明人： Carl M. Ellison , Jamie Hunter , Kenneth D. Ray , Niels T. Ferguson , Philip J. Lafornara , Russell Humphries
IPC分类号： G06F12/14
CPC分类号： G06F21/85 , G06F21/78 , G06F2221/2113 , H04L9/0836
摘要： Access to a storage device, such as a disk, is controlled by performing a disk operation using a single cryptographic engine. Keys associated with each layer of a layered structure associated with controlling access to the storage device are combined. The resultant of this combination is used as the key to the cryptographic engine. Data to be retrieved from and written to the storage device are operated on by the cryptographic engine utilizing the combined key. Keys are combined by combining functions associated with layers of the layered structure. A combining function can include an exclusive or function, a cryptographic hash function, or a combination thereof.
摘要翻译：通过使用单个密码引擎执行磁盘操作来控制对诸如磁盘的存储设备的访问。与控制对存储设备的访问相关联的分层结构的每个层相关联的密钥被组合。这种组合的结果被用作密码引擎的关键。要从存储装置检索和写入存储装置的数据利用组合密钥由加密引擎进行操作。通过组合与分层结构的层相关联的功能来组合密钥。组合功能可以包括排他或功能，加密散列函数或其组合。

8. 发明授权

US08509449B2 Key protector for a storage volume using multiple keys 有权
标题翻译：使用多个键的存储卷的密钥保护器
公开(公告)号：US08509449B2
公开(公告)日：2013-08-13
申请号：US12509255
申请日：2009-07-24
申请人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
发明人： Octavian T. Ureche , Gaurav Sinha , Nils Dussart , Yi Liu , Vijay G. Bharadwaj , Niels T. Ferguson
IPC分类号： H04L9/16 , H04L9/08 , H04L9/34
CPC分类号： H04L9/0822 , G06F21/602 , G06F21/62 , G06F21/78 , H04L9/0844 , H04L9/0894 , H04L9/14 , H04L2463/062
摘要： A key protector for a storage volume is created by generating an intermediate key and protecting, based at least in part on a public/private key pair, the intermediate key. A volume master key for encrypting and decrypting one or more volume encryption keys that are used to encrypt the storage volume can be encrypted in different manners, including being encrypted based at least in part on the intermediate key. A key protector for the storage volume is stored that includes both the encrypted volume master key and information indicating how to obtain the intermediate key. Subsequently, the key protector can be accessed and, based at least in part on a private key of the entity associated with the key protector, the intermediate key can be decrypted. The intermediate key can then be used to decrypt the volume master key.
摘要翻译：通过生成中间密钥并至少部分地基于公共/私人密钥对来保护中间密钥来创建用于存储卷的密钥保护器。用于加密和解密用于加密存储卷的一个或多个卷加密密钥的卷主密钥可以以不同的方式加密，包括至少部分地基于中间密钥进行加密。存储存储卷的密钥保护器，其包括加密的卷主密钥和指示如何获得中间密钥的信息。随后，可以访问密钥保护器，并且至少部分地基于与密钥保护器相关联的实体的私钥，中间密钥可以被解密。然后可以使用中间密钥来解密卷主密钥。

9. 发明授权

US08799680B2 Transactional sealed storage 有权
标题翻译：交易密封存储
公开(公告)号：US08799680B2
公开(公告)日：2014-08-05
申请号：US11227659
申请日：2005-09-15
申请人： Niels T. Ferguson , Stacy N. Stonich
发明人： Niels T. Ferguson , Stacy N. Stonich
IPC分类号： G06F12/14
CPC分类号： G06F12/1408
摘要： A transactional sealed storage system enables data to be accessed according to transactional properties and also enables access to the data to be restricted to secured applications. The transactional properties according to which the data may be accessed may include, for example, at least some levels of atomicity, consistency, isolation, and durability. The access to the data may be restricted by, for example, employing a double layer security policy that involves encrypting the data and also authenticating any application that requests access to the encrypted data.
摘要翻译：事务性密封存储系统使得可以根据事务属性访问数据，并且还可以访问要被限制到安全应用程序的数据。可以访问数据的事务性质可以包括例如至少一些原子性，一致性，隔离性和耐久性的水平。对数据的访问可能受到例如采用双层安全策略的限制，该双层安全策略涉及加密数据并且还验证任何请求访问加密数据的应用。

10. 发明授权

US08417969B2 Storage volume protection supporting legacy systems 有权
标题翻译：支持传统系统的存储卷保护
公开(公告)号：US08417969B2
公开(公告)日：2013-04-09
申请号：US12388811
申请日：2009-02-19
申请人： Russell Humphries , Octavian T. Ureche , Niels T. Ferguson , Ping Xie
发明人： Russell Humphries , Octavian T. Ureche , Niels T. Ferguson , Ping Xie
IPC分类号： G06F21/00
CPC分类号： G06F21/78
摘要： A storage volume is encrypted using a particular encryption technique, the storage volume including an access application and one or more cover files. The access application can be executed by a computing device having an operating system lacking support for the particular encryption technique, and allows the computing device to access data on the storage volume encrypted using the particular encryption technique.
摘要翻译：使用特定的加密技术对存储卷进行加密，存储卷包括访问应用和一个或多个封面文件。访问应用可以由具有对特定加密技术的支持不足的操作系统的计算设备来执行，并且允许计算设备访问使用特定加密技术加密的存储卷上的数据。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式