Hiro is an intelligent assistant for R&D personnel, combined with Patent DNA, to facilitate innovative research.

49 results about "SAFER" patented technology

In cryptography, SAFER (Secure And Fast Encryption Routine) is the name of a family of block ciphers designed primarily by James Massey (one of the designers of IDEA) on behalf of Cylink Corporation. The early SAFER K and SAFER SK designs share the same encryption function, but differ in the number of rounds and the key schedule. More recent versions — SAFER+ and SAFER++ — were submitted as candidates to the AES process and the NESSIE project respectively. All of the algorithms in the SAFER family are unpatented and available for unrestricted use.

Interlocked Binary Protection Using Whitebox Cryptography

A system and method for transforming a software application comprising binary code and optionally associated data, from an original form to a more secure form. The method includes performing a combination of binary transmutations to the application, and interlocking the transmutations by generating and placing interdependencies between the transmutations, wherein a transmutation is an irreversible change to the application. Different types of the transmutations are applied at varied granularities of the application. The transmutations are applied to the application code and the implanted code as well. The result is a transformed software application which is semantically equivalent to the original software application but is resistant to static and / or dynamic attacks.

Consistent security enforcement for safer computing systems

Security can be enforced in a consistent manner with respect to various computing environments that may be operable in a computing system. Consistent security criteria can be generated, based on input security criterion, in a computer readable and storable form and stored in a computer readable storage medium, thereby allowing the consistent security criterion to be effectively provided to a computing system for enforcement of the input security criterion in a consistent manner with respect to, for example, (a) a first executable computer code effectively supported by an Operating System (OS), and (b) a second computer code effectively supported by the Virtual Computing Environment (VCE). A Trusted Component (TC) can effectively provide a consistent security criterion as a part and / or form that is suitable for a particular computing environment. The TC can, for example, be an automated tool that performs various functions including: verifying the consistency of security criteria, generation and deployment of consistent security criteria, and transformation of security criteria to parts and / or forms suitable for various computing environments. In addition, a Virtual Computing Environment (VCE) can obtain from the Operating System (OS) one or more security criteria. The Virtual Computing Environment (VCE) can be operable in a Trusted Computing Environment (TCE) and interface with a Trusted Operating System (TOS) that effectively enforces Mandatory Access Control (MAC), thereby allowing the Virtual Computing Environment (VCE) to leverage the security provided by the OS. The OS can, for example, be a Security-Enhanced Linux (SELinux) Operating System operating as a Trusted Component in a Trusted Environment that includes a Trusted Security Agent (TSA) operable to deploy consistent security criteria.

Method for establishing channel in TLS1_3 protocol based on national cryptographic algorithm

The invention discloses a method for establishing a channel in a TLS1_3 protocol based on a national cryptographic algorithm. The method comprises a key exchange stage, a server parameter stage and anidentity authentication stage. In the key exchange phase, an SM2 key exchange algorithm is introduced to negotiate a shared key, and compared with international algorithms such as ECDH and ECDSA, a safer mechanism is adopted; in the identity authentication stage, compared with an RSA algorithm, the SM2 algorithm has the advantages that the encryption strength is similar to the safety performanceof a 3072-bit RSA algorithm when the key length of the SM2 algorithm is 256 bits, two message words are used in each round of a compression function of the SM3 algorithm, and the SM3 algorithm has higher word completeness than an existing SHA256 algorithm. In a symmetric encryption algorithm, an SM4 algorithm is introduced, a 32-round nonlinear iterative structure is adopted, the number of roundsof calculation is far larger than that of an AES algorithm, and safety is higher. According to the method, by improving the encryption algorithm serving as a data transmission safety core, secret keyleakage in the transmission process is avoided, and the safety of establishing a TLS1_3 channel is improved to a great extent.

Data encryption method and system, client and computer readable storage medium

The invention discloses a data encryption method. The method is different from a conventional cyclic encryption mode. The basic data encrypted each time are inconsistent in a mode of adding the characteristic parameters on the basis of the encryption result obtained after each time of encryption. Even if the algorithm which is encrypted circularly is guessed, a cracker cannot finally obtain real and available user login information from the ciphertext obtained from the dragging library through reverse cracking, so that the user login information can be stored more safely under the protection of higher encryption intensity. The invention also discloses a data encryption system, a client and a computer readable storage medium, which have the above beneficial effects.

Data encryption method and device based on encryption algorithm and computer equipment

The invention provides a data encryption method and device based on an encryption algorithm and computer equipment, and the method comprises the steps: carrying out the encryption of a file through anAES encryption algorithm and an AES secret key, and obtaining a file ciphertext; encrypting the secret key of the AES through the public key of the RSA to obtain a secret key ciphertext; storing thepublic key and the private key of the RSA into a KeyStore file of a management tool of the Java data certificate, wherein the KeyStore file generates a KeyStore password; storing the file ciphertext,the key ciphertext and the KeyStore password into an SO dynamic library; and performing code obfuscation on Java program codes used in the encryption process through a ProGuard code obfuscation tool.The method has the beneficial effects that the RSA private key is stored by using the KeyStore key, so that the RSA private key is safer and cannot be violently cracked. And the SO dynamic inventory KeyStore password and the encrypted ciphertext of the RSA are used, so that the KeyStore password and the encrypted ciphertext of the RSA are more difficult to analyze and obtain. Code obfuscation is carried out by using a ProGuard tool, so that the code implementation process cannot be effectively decompiled.

Method for realizing secure transmission of data based on SM2-SM3-SM4 cryptographic algorithm

PendingCN113572741AEnhanced adaptationIncrease the amount of encryption calculationTransmissionAlgorithmTheoretical computer science
The invention discloses a method for realizing secure transmission of data based on a national cryptographic SM2-SM3-SM4 algorithm, which comprises the following steps of: adding the SM2-SM3-SM4 national cryptographic algorithm in a cipher.c cryptographic algorithm file in an OpenSSH (Open Secure Shell) source code, modifying the cipher.c cryptographic algorithm file in the OpenSSH source code, and generating a session key and a session ID (Identity); carrying out identity authentication on the OpenSSH client; establishing an encryption tunnel, the OpenSSH client and the OpenSSH server starting to communicate, and the integrity of data transmission between the OpenSSH client and the OpenSSH server being verified through a digest algorithm; and session data transmission between the OpenSSH client side and the OpenSSH server side being encrypted. According to the method, the source codes of the OpenSSH client side and the OpenSSH server side are modified, the adaptation of the SM2-SM3-SM4 cryptographic algorithm is increased, a safer mechanism is adopted, the information encryption calculation amount and complexity are improved, and an encryption communication tunnel is established, so that the attack on the block cipher algorithm can be effectively resisted when the OpenSSH client side accesses the OpenSSH server side.
Owner:深圳市证通云计算有限公司 +1

Commodity anti-counterfeiting code generation and verification method and system and computer readable storage medium

The invention discloses a commodity anti-counterfeiting code generation and verification method, and the method comprises the steps: distributing one to three ID codes of different anti-counterfeitingcode types to each commodity, enabling the ID codes to be composed of codes of the anti-counterfeiting code types, manufacturer identification codes and commodity codes, and enabling the anti-counterfeiting code types to comprise a plain code, a secret code and an internal code; and allocating a verification password corresponding to each ID code, wherein the verification password is a characterstring formed by encrypting the ID code or a character string formed by combining and encrypting the ID code, the production time of the ID code and at least one random value. The commodity anti-counterfeiting code verification method comprises the following steps: receiving anti-counterfeiting code information, wherein the anti-counterfeiting code information comprises the ID code and the verification password; and judging whether the anti-counterfeiting code type of the ID code is a plain code, a secret code or an internal code. According to the commodity anti-counterfeiting code generationand verification method, commodity anti-counterfeiting is safer and more reliable.

Encryption communication method and system of Arm architecture application processor

The invention discloses an encryption communication method and system of an Arm architecture application processor. The method comprises: an application operating system being made to run at a first-level exception level of the application processor; a microkernel system which at least performs memory allocation management and control running in a second-level exception level, higher than the first-level exception level, of the application processor, wherein the microkernel system divides a memory into a first memory area and a second memory area; the microkernel system enabling the application operating system to only read and write the first memory area, the communication chip only reading and writing the second memory area, and performing reading and writing between the first memory area and the second memory area through a hardware encryption module arranged outside the application processor. According to the invention, the risk that encryption is bypassed can be greatly reduced, so that communication is safer.

Working key generation method and device and computer readable storage medium

The invention provides a working key generation method and device and a computer readable storage medium, and belongs to the technical field of information security. The method comprises the following steps: the terminal receiving an operation instruction sent by an upper computer, obtaining a working key purpose and a working key algorithm according to the operation instruction, setting the working key purpose as a first purpose by the terminal, generating derived data according to the first purpose, a master key identifier, a first numerical value and a master key algorithm, determining the length of a working key according to the working key algorithm, obtaining data in a working key buffer area as a key, generating the working key according with the length of the working key according to the key and the derived data, executing corresponding operation according to the operation instruction and the working key, and returning an operation result to the upper computer. Compared with an encryption scheme in the prior art, the method provided by the invention is safer and wider in application range.

Glyoxylic acid continuous oxidation process

The invention relates to a glyoxylic acid production process, in particular to a glyoxylic acid continuous oxidation process, and belongs to the technical field of chemical synthesis. The process comprises the following steps: fully and evenly mixing glyoxal, a cocatalyst and an initiator which are accurately measured to obtain a mixture A; after preheating by a preheater, feeding the mixture A into an initiation kettle for reaction with nitric acid to obtain a reaction solution; then feeding the reaction solution into a first oxidation kettle, a second oxidation kettle and a thermal insulation kettle which are connected in series sequentially to complete oxidation reaction; after cooling by a cooler, obtaining an oxidation solution, and performing concentration dehydration, crystallization for oxalic acid removal and dechlorination to obtain teh glyoxylic acid finished product, wherein the molar ratio of glyoxal, nitric acid, the cocatalyst and the initiator is 1:0.3-0.4:0.2-0.3:0.01-00.2. The process is safer and more efficient, can reduce the production cost and improve stability of product quality, and is an industrial glyoxylic acid production process which is easy to operatecontinuously.

A security cloud audit method and system with updatable verification label

The invention discloses a security cloud audit method and a security cloud audit system with updatable verification label, comprising the following steps: 1, initializing; 2, updating the key; 3, verifying the update of the tag; 4, verifying the generation of the tag; 5, generating evidence; 6: auditing. The invention can effectively protect the audit key of the user and the file saved by the useron the cloud server, thereby making the audit key and the file of the user more secure.

Container image data management method, device and system

The invention provides a container image data management method, device and system. The method comprises the steps of acquiring an image data scheduling request; sending a first test request to at least two data management servers simultaneously according to the image data scheduling request; acquiring first test result information fed back by a running server; according to the first test result information, determining a first target data management server; and sending the image data scheduling request to the first target data management server, so as to enable the first target data management server to respond to the image data scheduling request. According to the method, at least two data management servers are adopted for storing image data for backup, so that the image data is safer.In the prior art, only one data management server is adopted, once image data fails, containers corresponding to the image data cannot be created. The invention solves the problem in the prior art.
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products