Verifiable, leak-resistant encryption and decryption
US8386800B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 2, 2010 |
| Grant date | Feb 26, 2013 |
| Priority date | — |
| Expiry date | Apr 17, 2031 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/061
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
This patent describes techniques usable by devices to encrypt and decrypt sensitive data to in a manner that provides security from external monitoring attacks. The encrypting device has access to a base secret cryptographic value (key) that is also known to the decrypting device. The sensitive data are decomposed into segments, and each segment is encrypted with a separate encryption key derived from the base key and a message identifier to create a set of encrypted segments. The encrypting device uses the base secret cryptographic value to create validators that prove that the encrypted segments for this message identifier were created by a device with access to the base key. The decrypting device, upon receiving an encrypted segments and validator(s), uses the validator to verify the message identifier and that the encrypted segment are unmodified, then uses a cryptographic key derived from the base key and message identifier to decrypt the segments. Derived keys and validators are produced using methods designed to preserve security even if cipher and hashing operations leak information. Embodiments for systems including SoCs, firmware loading, FPGAs and network communications …
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.