| Class / Patent application number | Description | Number of patent applications / Date published |
|---|
| 713194000 | Tamper resistant | 60 |
| 20080222430 | Protection of Secure Electronic Modules Against Attacks - A method and apparatus is disclosed for preventing the unintended retention of secret data caused by preferred state/burn in secure electronic modules. Sequentially storing the data, and its inverse on alternating clock cycles, and by actively overwriting it to destroy it, prevents SRAM devices from developing a preferred state. By encrypting a relatively large amount of secret data with a master encryption key, and storing said master key in this non-preferred state storage, the electronic module conveniently extends this protection scheme to a large amount of data, without the overhead of investing or actively erasing the larger storage area. | 09-11-2008 |
| 20080288790 | Means and Method of Using Cryptographic Device to Combat Online Institution Identity Theft - Whereas smartcards and similar cryptographic devices may customarily be used to protect against personal identity theft, this invention stores Public Keys of an institution in cryptographic devices issued by the institution to its customers, in order to protect the institution's identity from being stolen. The invention improves the security of electronic business applications using Secure Sockets Layer, Secure E-mail, Object Signing and similar low level electronic business security functions by storing various Public Keys of the institution within the cryptographic device. The invention thereby helps to reduce the likelihood of “ghosting” an institution's web site (where an illegitimate web site seeks to mimic a genuine web site in order to defraud customers), and provides a means to overcome the problem of “phishing” (where illegitimate e-mails purporting to be from the institution are sent to customers in order to elicit personal information). | 11-20-2008 |
| 20080313475 | METHODS AND SYSTEMS FOR TAMPER RESISTANT FILES - Embodiments of the present invention provide a tamper proof file system. In particular, the present invention utilizes a virtual block device that is coupled with a real block device and a private/public key pair. The virtual block device receives the original data and then digitally signs it with the private key. The virtual block device then passes the digitally signed data to the real block device for storage. In order to retrieve or verify the data, the virtual block device may provide the public key and an acknowledgment. The acknowledgment may include a hash of the public key. The virtual block device is configured to discard the private key and to be removed from the system based on a finite lifespan. | 12-18-2008 |
| 20090013197 | Method and Apparatus for Trusted Branded Email - A trusted branded email method and apparatus in one aspect detects branded electronic messages and performs validation before it is sent to a recipient. In another aspect, an electronic messages is branded by embedding branding assets and validation signatures. Algorithms that generate validation signatures are dynamically selected to further strengthen the security aspects. Branding assets are presented to a user using a distinct indicia that represents to the user that the branding assets are secure. | 01-08-2009 |
| 20090037749 | System and method of tamper-resistant control - A method of tamper-resistant control comprising reading a flag of an electronic device with firmware, the flag indicating a provision enable/disable state of the electronic device and provisioning a management processor of the electronic device to facilitate communications between the management processor and a server in response to reading the flag indicating a provision enable/disable state | 02-05-2009 |
| 20090106563 | TAMPER REACTIVE MEMORY DEVICE TO SECURE DATA FROM TAMPER ATTACKS - Systems and methods that can facilitate securing data associated with a memory from tampering are presented. A counter tamper component can detect tamper attacks or tamper attempts associated with a memory and/or data stored therein or associated therewith and reacts to such tamper attacks/attempts, as the counter tamper component can provide evidence of, provide a response to, and/or resist tamper attacks/attempts. The counter tamper component can be associated with a memory module that includes a memory device(s) module and is contained in an electronic device and the memory module can change a color state to provide evidence of tampering. A window component is positioned on the casing of the electronic device so that the memory module is visible to the user so the user can perceive that a tamper attack associated with the module has occurred. | 04-23-2009 |
| 20090125729 | Original data circulation method, system, apparatus, and computer readable medium - An original data circulation system for storing or circulating original data which is digital information is provided. The original data circulation system includes an issuer apparatus, a user apparatus and a collector apparatus. The issuer apparatus generates originality information including first information corresponding to the issuer apparatus and second information corresponding to data and sends the originality information. The user apparatus verifies the validity of the source apparatus of the originality information and stores the originality information when the validity is verified. The collector apparatus verifies the validity of the source apparatus of the originality information and processes data corresponding to the second information when the validity is verified. | 05-14-2009 |
| 20090138731 | Tamper-Resistant Trusted JAVA Virtual Machine And Method Of Using The Same - A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted. Secrets required by the open source programming code of the application are encrypted in TrustedDictionary. | 05-28-2009 |
| 20090150685 | PROGRAM EXECUTION DEVICE - A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program. | 06-11-2009 |
| 20090172420 | TAMPER RESISTANT METHOD AND APPARATUS FOR A STORAGE DEVICE - A method for authenticating software for use in a device includes encrypting software to be input to a device with a private key, and decrypting the software presented to the device with a public key retrieved from a memory accessible by the device. | 07-02-2009 |
| 20090177895 | CONTROLLER FOR CONTROLLING LOGICAL VOLUME-RELATED SETTINGS - A controller carries out a first determination as to whether or not data to be stored in a target logical volume can be used by a plurality of access devices. The controller carries out a second determination as to whether or not the access devices comprise data encryption units respectively when the result of the first determination is affirmative. The controller controls a setting related to the target logical volume for one access device of the plurality of access devices, based on the result of the second determination. | 07-09-2009 |
| 20090183011 | MODULAR TAMPER RESISTANT ENCLOSURE FOR SECURE SYSTEMS - An active membrane creates a secure area around one or more devices. The active membrane forms a physical barrier between the encased secure area and an external environment. Linked to the membrane and acting as the sole interface between the secure area and the outside environment is a boundary interface. The boundary interface tunnels data to the secure area in a secure fashion. According to one embodiment of the present invention, the boundary interface utilizes symmetric and/or asymmetric cryptographic techniques to secure the data path. The boundary interface is also coupled to the active membrane, and upon the membrane sensing a breach of the membrane (thus signifying an intrusion of the secure area), the boundary interface can be configured to sever the data paths linking the secure area with the unsecured area as well as take other active steps to ensure that data within the secure area is not compromised. | 07-16-2009 |
| 20090199017 | ONE TIME SETTABLE TAMPER RESISTANT SOFTWARE REPOSITORY - A one-time-settable tamper resistant software repository may be used in any computing system to store system information such as security violations and policies for responding to them. A one-time-settable tamper resistant software repository may be cryptographically signed, encrypted with a per device key and accessible by only the most privileged software executed by a computing device, e.g., hypervisor or operating system kernel. A one-time-settable tamper resistant software repository may be mirrored in RAM for performance. Recordable event fields in a software repository may be one-time-settable without the ability to reset them in a field operation mode whereas they may be resettable in a different mode such as a manufacturing mode. Memory allocated to a one-time-settable tamper resistant software repository may be reset, reclaimed, reassigned, scaled and otherwise flexibly adapted to changing conditions and priorities in the lifespan of a computing device, which may be particularly useful for service-backed consumer devices. | 08-06-2009 |
| 20090199018 | One time settable tamper resistant software repository - An individualized per device initialization of a computing device is unique relative to the initialization of other computing devices. A common initialization program, common to all computing devices of a particular type such as a game console, may be modified to be unique for each computing device. Modification may comprise the application of at least one individualized per device secret, e.g., key, to at least a portion of the common initialization program such as at least one initialization stage. Initialization is tied to one or more device specific identities. In this way, initialization vulnerabilities discovered on a particular device cannot be exploited en masse on other computing devices because each initialization program stored in each computing device is unique. The device specific nature of the initialization program may be extended to other information input to the computing device in order to prevent unauthorized sharing of information with other computing devices. | 08-06-2009 |
| 20090249085 | Security module and personalization method for such a security module - This invention relates to a security module comprising a microprocessor, a program memory containing at least one operating program and unique identification means of said module. This security module is characterized in that the identification means are constituted by a set of unique and artificial computer codes, compatible with their execution by said microprocessor of the module and stored in the program memory. | 10-01-2009 |
| 20090259858 | METHOD AND APPARATUS FOR THE SECURE STORAGE OF AUDIO SIGNALS - In one embodiment, a method, system and apparatus for recording audio is provided so that the recording can be authenticated. The system may be implemented as a central server that is accessed via one or more lines for audio communication, or as a stand-alone unit. The system operates by encrypting communicated data (e.g., audio signals), storing the encrypted information, and providing at least one user with a key that can be used to decrypt the stored information. | 10-15-2009 |
| 20090282269 | METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR DETECTING TAMPERING OF ELECTRONIC EQUIPMENT BASED ON CONSTRAINED TIME TO OBTAIN COMPUTATIONAL RESULT - Tampering of electronic equipment may be detected by instructing the electronic equipment to perform at least one computational operation at the electronic equipment, such as hashing of at least some of the memory of the electronic equipment, to produce a result. The result is received from the electronic equipment. Tampering of the electronic equipment is detected if the result is not received within a constrained time of the instructing, even if the result is correct. Tampering also may be detected if the result is not correct. | 11-12-2009 |
| 20090287942 | CLOCK ROLL FORWARD DETECTION - Method and apparatus to detect clock roll-forward attacks in a computing device or similar system. This protects against hackers who tamper with the system clock of, for instance, a digital media playback device in order to access a content item which has been rented for a limited time. By detecting clock roll-forward tampering, the present method and system prevent such hackers from accessing the content item outside its authorized rental time period. | 11-19-2009 |
| 20090327762 | Methods and Systems for Secure Encryption of Data - Provided is a data acquisition module. The data acquisition module includes a memory and a controller. The controller includes an encryption module configured to encrypt information written to the memory using a key included in the controller. The key is unique to the controller. | 12-31-2009 |
| 20090327763 | Method for Using a Compact Disk as a Smart Key Device - A data processing method accepts a removable storage media, which becomes electrically engaged with a system unit within the data processing system, after which the removable storage media and the hardware security unit mutually authenticate themselves. The removable storage media stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the hardware security unit, and the hardware security unit stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the removable storage media. In response to successfully performing the mutual authentication operation between the removable storage media and the hardware security unit, the system unit is enabled to invoke cryptographic functions on the hardware security unit while the removable storage media remains engaged with the system unit. | 12-31-2009 |
| 20100031064 | Tamper Detection Line Circuitry For An Authentication Integrated Circuit - The invention provides for tamper detection line circuitry for an authentication integrated circuit for use in authenticating an integrated circuit. The tamper detection line circuitry includes a source of pseudo-random bits, and an XOR gate with two inputs and an output in signal communication with flash memory erase and reset circuits, where a complete erasure is triggered by a 0 from the XOR gate. The circuitry also includes first and second paths arranging the source and XOR gate in signal communication with each other, the first path connected to one input of the XOR gate and the second path having an inverter and connected to a second input of the XOR gate. Also included are a number of triggers connected to the respective paths, each trigger configured to detect a physical attack on the authentication integrated circuit. | 02-04-2010 |
| 20100031065 | INFORMATION SECURITY APPARATUS - Provided is an information security apparatus ( | 02-04-2010 |
| 20100058077 | CONFIDENTIAL INFORMATION MEMORY APPARATUS, ERASING METHOD OF CONFIDENTIAL INFORMATION, AND ERASING PROGRAM OF CONFIDENTIAL INFORMATION - A tamper resistant apparatus | 03-04-2010 |
| 20100131776 | SCALABLE AND EXTENSIBLE SECURE RENDERING OF DIGITAL CONTENT - A number of digital content rendering modules are equipped such that selective subsets of the modules may be employed to render digital content of different media, and of different format types. The modules are organized into a hierarchy, with a selected one occupying a root position of the hierarchy, to exclusively receive the digital contents to be rendered, and that each module is further responsible for verifying the integrity of its immediate downstream modules, to collectively protect the digital contents being rendered. Additionally, in accordance with another aspect, a tamper resistant module is employed to recover digital contents provided in a protected state, obfuscating the recovery. Further, the modules may be of different application domains. | 05-27-2010 |
| 20100138674 | COMPUTER NETWORK - A distributed computer system is disclosed in which computers co-operate with one another by sending messages over a network such as the Internet in order to perform a distributed application. In order to improve the security of such system, each web service involved in the distributed application runs in a separate virtual machine. Furthermore, the virtual machines on a web server dedicated to respective web service instances utilise the same policy enforcement point—running in another virtual machine on the web-server—in order to handle messages for or from the web server. To increase security still further, each virtual machine provides virtual cryptoprocessor functionality which is used in the processing of messages sent in the performance of the distributed application. | 06-03-2010 |
| 20100146304 | EXECUTION DEVICE - A program execution device is a device for executing an application program having at least one class including an execution code created by an object directivity language. The program execution device includes a first execution device having a memory and a processor and a tamper-resistant second execution device having a memory and a processor. When a class is executed, a loader loads an execution code of the class in the memory of the second execution device and loads a portion of the class other than the execution code loaded in the memory of the second execution device, in the memory of the first execution device. | 06-10-2010 |
| 20100199109 | ABSTRACTING PROGRAMMATIC REPRESENTION OF DATA STORAGE SYSTEMS - Providing for a paradigm shift in block-level abstraction for storage devices is described herein. At a block-level, storage is characterized as a variable size data record, rather than a fixed size sector. In some aspects, the variable size data record can comprise a variable binary key-data pair, for addressing and identifying a variable size block of data, and for dynamically specifying the size of such block in terms of data storage. By changing the key or data values, the location, identity or size of block-level storage can be modified. Data records can be passed to and from the storage device to facilitate operational commands over ranges of such records. Block-level data compression, space management and transactional operations are provided, mitigating a need of higher level systems to characterize underlying data storage for implementation of such operations. | 08-05-2010 |
| 20100199110 | INTEGRATED CIRCUIT HAVING OBSCURED STATE CHANGE CIRCUITRY - An integrated circuit is provided having first and second circuitry which are configured to emit light when undergoing changes in state. The first and second circuitry being operated to change state at the same time so as to hinder optical detection of the light emitted by the first circuitry. | 08-05-2010 |
| 20100218002 | SECURING COMPUTER LOG FILES - A log file is secured. One implementation involves maintaining a log file including one or more log entries in a storage device connected to a computer, and entering a new log entry by generating a new message authentication code based on a preceding log entry including a preceding message authentication code, and applying the message authentication code to the new log entry. | 08-26-2010 |
| 20100250971 | PRINTER CONSUMABLE COMPRISING INTEGRATED CIRCUIT PROTECTED FROM POWER SUPPLY ATTACKS - A printer consumable includes an integrated circuit for authentication of the consumable. The integrated circuit has a non-volatile memory for storing secret information and an indicator, as well as a detection unit for preventing a power supply attack on the secret information. The detection unit includes a comparator having reference voltage and power supply line inputs; and an output connected into a reset line of the integrated circuit. The output provides a reset signal to first delete, overwrite, or otherwise render unreadable the indicator and then delete, overwrite, or otherwise render unreadable the secret information in the memory when a detection signal is output by the comparator. The reset signal is provided when the power supply voltage drops below a predetermined limit due to a power-down of the integrated circuit. | 09-30-2010 |
| 20100275040 | Systems and Methods for Secure Transaction Management and Electronic Rights Protection - The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.” | 10-28-2010 |
| 20100318813 | NETWORK SECURITY DEVICE AND METHOD - The invention describes a method for hardening a security mechanism against physical intrusion and substitution attacks. A user establishes a connection between a network peripheral device and a network via a security mechanism. The security mechanism includes read only memory (ROM) that contains code that initiates operation of the mechanism and performs authentication functions. A persistent memory contains configuration information. A volatile memory stores user and device identification information that remains valid only for a given session and is erased thereafter to prevent a future security breach. A tamper-evident enclosure surrounds the memory elements, which if breached, becomes readily apparent to the user. | 12-16-2010 |
| 20100332855 | Method and Memory Device for Performing an Operation on Data - A method and memory device for implementing long operations and supporting multiple streams are provided. In one embodiment, a memory device receives data and a command from a host to perform an operation on the data, wherein a time required for the memory device to complete the operation exceeds a maximum response time for the memory device to respond to the command. The memory device begins performing the operation on the data and, before exceeding the maximum response time and before completing the operation, sends the context of the operation to the host. At a later time, the memory device receives from the host: (i) a command to resume performing the operation and (ii) the context. The memory device then resumes performing the operation on the data based on the context received from the host. | 12-30-2010 |
| 20110010565 | APPARATUS AND METHOD FOR STORING KEY DATA, LIBRARY UNIT, AND STORAGE DEVICE - A key data recording device includes a key data recording medium section which stores key data of the encrypted data; and a reading/writing section which reads and writes the key data from and into the key data recording medium section, which sections are contained in a cartridge casing accommodatable in a library unit. When the cartridge casing is irregularly ejected from the library unit, the key data recorded in the key data recording medium section is deleted. This configuration can enhance the confidentiality of encrypted data because the key data is not leaked even when the recording medium in which key data of the encrypted data is recorded is carried away. | 01-13-2011 |
| 20110047389 | Trusted Infrastructure Support Systems, Methods and Techniques for Secure Electronic Commerce Electronic Transactions and Rights Management - An integrated, modular array of administrative and support services are provided for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting transaction-related capabilities over electronic networks, and can also be adapted to the specific needs of electronic commerce value chains. In one embodiment a Distributed Commerce Utility having a secure, programmable, distributed architecture provides these administrative and support services. The Distributed Commerce Utility may comprise a number of Commerce Utility Systems. These Commerce Utility Systems provide a web of infrastructure support available to, and reusable by, the entire electronic community and/or many of its participants. Different support functions can be collected together in hierarchical and/or networked relationships to suit various business models or other objectives. Modular support functions can be combined in different arrays to form different Commerce Utility Systems for different design implementations and purposes. | 02-24-2011 |
| 20110060922 | LICENSE MANAGEMENT SYSTEM - A history file that an IC card received from a receiver is confirmed to be a proper history file, so that a repeat input of a license can be prevented. A server ( | 03-10-2011 |
| 20110072279 | DEVICE AND METHOD FOR SECURELY STORING DATA - Devices and methods for securely storing data are provided. A device for constructing an encryption key comprising a tamper-protection barrier that encloses one or more memory devices is provided. The memory stores data for constructing the encryption key. The memory may include a single memory device or a plurality of memory devices. The tamper-protection barrier also encloses a security processor configured to combine the data stored in the memory based in part on a function, such as a logical exclusive-or (XOR) function, to construct the encryption key. The stored data in the memory may include partial keys. These partial keys may be created based in part on applying the XOR function to an encryption key. | 03-24-2011 |
| 20110113261 | TAMPER RESISTANT APPARATUS FOR A STORAGE DEVICE - In various embodiments, an apparatus includes a processor, a read only memory communicatively coupled to the processor, and a visibility port associated with the apparatus. The visibility port provides information about the processor and the read only memory to the port, with the read only memory including at least a portion of cryptographic information. A visibility port disabler masks the visibility port during cryptographic operations of the processor. | 05-12-2011 |
| 20110185193 | DE-SEQUENCING ENCODED DATA SLICES - A method begins by a processing module obtaining at least an ordering threshold number of encoded data slices to produce obtained encoded data slices. The method continues with the processing module ordering the obtained encoded data slices based on a pseudo-random de-sequencing order to produce a plurality of sets of encoded data slices. The method continues with the processing module dispersed storage error decoding the plurality of sets of encoded data slices to produce a plurality of encrypted data segments. The method continues with the processing module decrypting the plurality of encrypted data segments to produce a plurality of data segments. The method continues with the processing module aggregating the plurality of data segments to produce a data stream. | 07-28-2011 |
| 20120179921 | END TO END ENCRYPTION FOR INTRUSION DETECTION SYSTEM - An intrusion detection module includes an enclosure and a sensor to detect a predetermined type of intrusion. The module further includes a tamper sensor to detect a tampering attempt. An encryption mechanism is coupled to receive signals from the sensor and tamper sensor and encrypt such signals for transmission to a control panel. | 07-12-2012 |
| 20120210141 | INFORMATION PROCESSING APPARATUS, PROGRAM EXECUTION METHOD, AND COMPUTER PROGRAM - An information processing apparatus includes: a program executing unit which interprets and executes codes of a computer program created in a procedural language in an environment with a tamper resistant performance, wherein a security attribute and an authentication key are provided in units of functions in the computer program executed by the program executing unit, and wherein the program executing unit executes authentication processing with the authentication key for executing the function, which makes it possible to execute the function based on the security attribute. | 08-16-2012 |
| 20120331309 | USING BUILT-IN SELF TEST FOR PREVENTING SIDE CHANNEL SECURITY ATTACKS ON MULTI-PROCESSOR SYSTEMS - A data processing system having a first processor, a second processor, a local memory of the second processor, and a built-in self-test (BIST) controller of the second processor which performs BIST memory accesses on the local memory of the second processor and which includes a random value generator is provided. The system can perform a method including executing a secure code sequence by the first processor and performing, by the BIST controller of the second processor, BIST memory accesses to the local memory of the second processor in response to the random value generator. Performing the BIST memory accesses is performed concurrently with executing the secure code sequence. | 12-27-2012 |
| 20130036314 | Security perimeter - Embodiments of memory devices, computer systems, security apparatus, data handling systems, and the like, and associated methods facilitate security in a system incorporating the concept of a security perimeter which combines cryptographic and physical security. The memory device can comprise a memory operable to store information communicated with a processor, and a logic operable to create at least one cryptographic security perimeter enclosing at least one selected region of the memory and operable to manage information communication between the processor and the at least one selected region of the memory. | 02-07-2013 |
| 20130111222 | Verification of Authenticity and Responsiveness of Biometric Evidence And/Or Other Evidence | 05-02-2013 |
| 20130311791 | METHOD AND DEVICE FOR PROVIDING A CRYPTOGRAPHIC KEY FOR A FIELD DEVICE - A security device and a method provide a cryptographic key for a field device. The security device is connected to at least one tamper sensor which is associated with the field device and which, when a physical manipulation carried out on the field device is detected, a manipulation message is emitted. The cryptographic key is only provided to the field device by the security device if the security device does not receive a manipulation message from the tamper sensors associated with the field device. | 11-21-2013 |
| 20140068280 | SECURITY CHIP, PROGRAM, INFORMATION PROCESSING APPARATUS, AND INFORMATION PROCESSING SYSTEM - There is provided a security chip having a tamper-resistant feature, including an acquisition part configured to acquire specific information transmitted by a device performing challenge-response authentication, the specific information being specific to the device, a storage configured to store second key information that enables generation of first key information from the specific information, the first key information being used by the device for challenge-response authentication, and a generation part configured to generate, using the second key information, the first key information from the specific information. A response to be transmitted to the device is generated, using the first key information, from a challenge transmitted by the device. In the device, the first key information is not stored in a tamper-resistant security chip. | 03-06-2014 |
| 20140189374 | SYSTEM AND METHOD FOR THE SECURE TRANSMISSION OF DATA - A system for securely transmitting data includes a control device and at least one security module. The control device is configured for producing a cryptographic key using a physically unclonable function (PUF). The at least one security module is configured for communicating with the control device at least one of confidentially and authentically using the cryptographic key. The control device has no storage for storing the cryptographic key. The control device includes at least one hardware device that is configured for providing a specific feature combination. The control device also includes a calculation unit that is configured for producing the cryptographic key using the specific feature combination and the physically unclonable function (PUF). The control device further includes a program-controlled device that is configured for executing a first computer program product, which is configured for performing the encrypted/authenticated communication with the security module via a first and second communication interfaces. | 07-03-2014 |
| 20140298044 | METHOD AND APPARATUS FOR SECURE MEASUREMENT CERTIFICATION - The invention relates to methods and apparatuses for acquiring a physical measurement, and for creating a cryptographic certification of that measurement, such that its value and time can be verified by a party that was not necessarily present at the measurement. | 10-02-2014 |
| 20140337642 | TRUSTED TAMPER REACTIVE SECURE STORAGE - A cryptographic system includes a memory device and a processor. The memory device has at least two sections, including a first section and a second section. The processor is configured to determine a mode of operation, receive a signal, and selectively zeroize at least one section of the memory device based at least in part on the received signal and the determined mode of operation. | 11-13-2014 |
| 20150026485 | METHOD AND APPARATUS FOR PREVENTION OF TAMPERING AND UNAUTHORIZED USE, AND UNAUTHORIZED EXTRACTION OF INFORMATION FROM SECURED DEVICES - The present invention considers an apparatus for prevention of tampering, unauthorized use, and unauthorized extraction of information from at least one secure system including at least one information device arranged to process information, at least one integrated encryption segment arranged to encrypt the information using at least one encryption process enabled by a set of encryption key information incorporated in at least one secure information storage of the at least one information device, at least one destruction driver arranged to initiate and support at least one controllable energy release in a proximity of the at least one secure information storage of the at least one information device incorporating the set of encryption key information, such that at least fraction of the set of encryption key information has been obliterated during the controllable energy discharge. | 01-22-2015 |
| 20150134974 | APPARATUS AND METHOD FOR SECURING BIOS IN A TRUSTED COMPUTING SYSTEM - An apparatus including a BIOS read only memory (ROM) and a tamper detector. The BIOS ROM includes BIOS contents stored as plaintext, and an encrypted message digest comprising an encrypted version of a first message digest that corresponds to the BIOS contents. The tamper detector is coupled to the BIOS ROM, and accesses the BIOS contents and the encrypted message digest upon reset of a microprocessor, and directs the microprocessor to generate a second message digest corresponding to the BIOS contents and a decrypted message digest corresponding to the encrypted message digest using the same algorithms and key that were employed to generate the first message digest and the encrypted message digest, and compares the second message digest with the decrypted message digest, and precludes the operation of the microprocessor if the second message digest and the decrypted message digest are not equal. | 05-14-2015 |
| 20150134975 | SECURE BIOS MECHANISM IN A TRUSTED COMPUTING SYSTEM - An apparatus including a ROM and a microprocessor. The ROM includes BIOS contents that are stored as plaintext and an encrypted digest. The encrypted digest includes an encrypted version of a first digest corresponding to the BIOS contents. The microprocessor is coupled to the BIOS ROM, and includes a tamper timer and a tamper detector. The tamper timer periodically generates an interrupt at a prescribed interval. The tamper detector accesses the BIOS contents and the encrypted digest upon assertion of the interrupt, and directs the microprocessor to generate a second digest corresponding to the BIOS contents and a decrypted digest corresponding to the encrypted digest using the same algorithms and key that were employed to generate the first digest and the encrypted digest, and compares the second digest with the decrypted digest, and precludes operation of the microprocessor if the second digest and the decrypted digest are not equal. | 05-14-2015 |
| 20150134976 | EVENT-BASED APPARATUS AND METHOD FOR SECURING BIOS IN A TRUSTED COMPUTING SYSTEM DURING EXECUTION - An apparatus including a ROM, an event detector, and a tamper detector. The ROM has BIOS contents stored as plaintext, and an encrypted digest. The encrypted digest is an encrypted version of a first digest corresponding to the BIOS contents. The event detector generates an interrupt that interrupts operation of the system upon occurrence of an event. The tamper detector is operatively coupled to the ROM and accesses the BIOS contents and the encrypted digest upon assertion of the interrupt, and directs a microprocessor to generate a second digest corresponding to the BIOS contents and a decrypted digest corresponding to the encrypted digest using the same algorithms and key that were employed to generate the first digest and the encrypted digest, and compares the second message digest with the decrypted message digest, and precludes the operation of the microprocessor if the second digest and the decrypted digest are not equal. | 05-14-2015 |
| 20150134977 | PARTITION-BASED APPARATUS AND METHOD FOR SECURING BIOS IN A TRUSTED COMPUTING SYSTEM DURING EXECUTION - An apparatus including a ROM, a selector, and a detector. The ROM has partitions and encrypted digests. Each of the partitions is stored as plaintext, and each of the encrypted digests includes an encrypted version of a first digest associated with a corresponding one of the partitions. The selector selects one or more of the partitions responsive to an interrupt. The detector accesses the one or more of the partitions and corresponding one or more of the encrypted digests upon assertion of the interrupt, and directs a microprocessor to generate one or more of second digests corresponding to the one or more of the partitions and one or more of decrypted digests corresponding to the one or more of encrypted digests using the same algorithms and key that were employed to generate the first digest and the encrypted digests, and compares the one or more of the second digests with the one or more of the decrypted digests, and precludes operation of the microprocessor if the one or more of the second digests and the one or more of the decrypted digests are not pair wise equal. | 05-14-2015 |
| 20150134978 | SECURE BIOS TAMPER PROTECTION MECHANISM - An apparatus including a ROM, a selector, and a detector. The ROM has a partitions, each stored as plaintext, and a encrypted digests, each comprising an encrypted version of a first digest associated with a corresponding one of the partitions. The selector selects one or more partitions responsive to an interrupt. The detector generates the interrupt at a combination of intervals and event occurrences, and accesses the one or more partitions and corresponding one or more encrypted digests upon assertion of the interrupt, and directs a microprocessor to generate corresponding one or more second digests corresponding to the one or more partitions and corresponding one or more decrypted digests corresponding to the one or more encrypted digests using the same algorithms and key that were employed to generate the first message digest and encrypted digests, and compares the one or more second digests with the one or more decrypted digests, and precludes the operation if the one or more second digests and the one or more decrypted digests are not pair wise equal. | 05-14-2015 |
| 20150358152 | TAMPERING DETECTION DEVICE, TAMPERING DETECTION METHOD AND PROGRAM - The present invention can be efficiently applied to secure computation and can achieve a low probability of successful tampering. A tampering detection device includes a parameter storage storing a parameter α | 12-10-2015 |
| 20150365227 | SHARED SECURITY UTILITY APPLIANCE FOR SECURE APPLICATION AND DATA PROCESSING - A security information technology element (ITE) for secure application and data processing, including a physical enclosure defining a protection envelope and a secure computing device disposed within the protection envelope. The security ITE provides security services to applications and a secure processing environment for hosting applications, and includes cryptographic services and hardware acceleration. A security manager within the security ITE is configured to erase data within the protection envelope upon detecting physical tampering. | 12-17-2015 |
| 20160072621 | SEMICONDUCTOR DEVICE - In data processing including high-speed cipher calculation for which it is not appropriate to employ a leveling technique, tamper resistance is improved against an attack to a specific position performed by knowing a layout of functional blocks in a semiconductor chip. Examples of the attack include micro-probing, fault injection, and electromagnetic wave analysis. | 03-10-2016 |
| 20160080153 | DEVICE AUTHENTICITY DETERMINATION SYSTEM AND DEVICE AUTHENTICITY DETERMINATION METHOD - Provided is a system for using printed information, which is viewable from an exterior of a device having mounted thereon a semiconductor chip having a PUF function and an encryption function, and includes auxiliary data and the secret information, the system comprising a control terminal for reading and transmitting the printed information, in which the semiconductor chip further has a tampering determination function of temporarily reconstructing, through the encryption function and the PUF function, the secret information being difficult to duplicate with use of the auxiliary data included in the printed information acquired from the control terminal, performing comparison processing between the secret information included in the printed information and the temporarily-reconstructed secret information being difficult to duplicate, and determining that tampering has occurred when detecting a mismatch between the secret information included in the printed information and the temporarily-reconstructed secret information being difficult to duplicate. | 03-17-2016 |
| 20180025184 | PROGRAM EXECUTION DEVICE | 01-25-2018 |
