CRYPTOGRAPHIC METHOD AND APPARATUS

US 20120036357A1
Filed: 10/17/2011
Published: 02/09/2012
Est. Priority Date: 11/14/2003
Status: Active Grant

First Claim

Patent Images

1-5. -5. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of formatting data for transmission to another party including the step of incorporating in the data a flag indicative of the absence of data for authentication of the sender. An authentication tag length is also included to permit variable length tags to be used.

55 Citations

View as Search Results

35 Claims

1-5. -5. (canceled)

6. A computer-implemented method of formatting data at a device capable of providing optional data confidentiality and optional data authenticity, the method comprising:
- obtaining message data m and nonce data N, wherein a value M encoded in the nonce data N indicates a length of an authentication tag, wherein the nonce data N comprises an identification of a security level, wherein the security level inhibits or invokes data confidentiality, and wherein the security level inhibits or invokes data authenticity; and
  
  generating an output based on the message data m and the nonce data N, wherein the output comprises the authentication tag if the security level invokes data authenticity, and wherein the output comprises encrypted data if the security level invokes data confidentiality.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 7. The method of claim 6, wherein generating the output comprises encrypting the message data m if the security level invokes data confidentiality.
  - 8. The method of claim 6, wherein generating the output comprises encrypting the authentication tag and the message data m if the security level invokes both data confidentiality and data authenticity.
  - 9. The method of claim 6, wherein the output comprises message data m and the authentication tag if the security level inhibits data confidentiality and invokes data authenticity, wherein the message data m in the output is unencrypted.
  - 10. The method of claim 6, wherein the authentication tag in the output is unencrypted.
  - 11. The method of claim 6, wherein the output lacks any authentication tag if the security level inhibits data authenticity.
  - 12. The method of claim 6, wherein the output comprises plain text if the security level inhibits data confidentiality.
  - 13. The method of claim 6, wherein the nonce data N is based on a frame identifier for an individual frame of data, wherein the security level inhibits or invokes data confidentiality for the individual frame, and wherein the security level inhibits or invokes data authenticity for the individual frame.
  - 14. The method of claim 6, further comprising obtaining key data.
  - 15. The method of claim 6, wherein the authentication tag comprises a variable-length authentication tag.
  - 16. The method of claim 6, wherein the value M is zero.
  - 17. The method of claim 6, wherein if the value M is zero, then data authenticity is disabled.
  - 18. The method of claim 6, wherein the value M is greater than zero.
  - 19. The method of claim 6, wherein the security level is configured to allow for varying levels of data authenticity.
  - 20. The method of claim 6, wherein the method is performed prior to transmission of data.
  - 21. The method of claim 6, further comprising transmitting a message comprising the output.

22. A computer-implemented method of processing data received at a device, the method comprising:
- obtaining nonce data N and data c, wherein a value M encoded in the nonce data N indicates a length of an authentication tag, wherein the nonce data N comprises an identification of a security level, wherein the security level indicates whether data confidentiality is invoked or inhibited, wherein the security level indicates whether data authenticity is invoked or inhibited, wherein the data c comprises encrypted data if the security level indicates data confidentiality is invoked, and wherein the data c comprises the authentication tag if the security level indicates data authenticity is invoked; and
  
  determining message data m based on the data c and the nonce data N.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 23. The method of claim 22, wherein determining message data m comprises checking authentication if the security level indicates data authenticity is invoked.
  - 24. The method of claim 22, wherein determining message data m comprises decrypting the data c if the security level indicates data confidentiality is invoked.
  - 25. The method of claim 22, wherein determining message data m comprises decrypting data c and checking authentication if the security level indicates data confidentiality and data authenticity are both invoked.
  - 26. The method of claim 22, wherein determining message data m comprises parsing data c if the security level indicates data confidentiality and data authenticity are both inhibited.
  - 27. The method of claim 22, wherein the nonce data Nis based on a frame identifier for an individual frame of data, wherein the security level inhibits or invokes data confidentiality for the individual frame, and wherein the security level inhibits or invokes data authenticity for the individual frame.
  - 28. The method of claim 22, further comprising obtaining key data.
  - 29. The method of claim 22, wherein the authentication tag comprises a variable-length authentication tag.
  - 30. The method of claim 22, wherein the value M is zero.
  - 31. The method of claim 22, wherein if the value M is zero, then data authenticity is disabled.
  - 32. The method of claim 22, wherein the value M is greater than zero.
  - 33. The method of claim 22, wherein the security level is configured to allow for varying levels of data authenticity.

34. A non-transitory machine-readable medium comprising machine-executable instructions for formatting data at a device capable of providing optional data confidentiality and optional data authenticity, the machine-executable instructions operable when executed to perform operations comprising:
- obtaining message data m and nonce data N, wherein a value M encoded in the nonce data N indicates a length of an authentication tag, wherein the nonce data N comprises an identification of a security level, wherein the security level inhibits or invokes data confidentiality, and wherein the security level inhibits or invokes data authenticity; and
  
  generating an output based on the message data m and the nonce data N, wherein the output comprises the authentication tag if the security level invokes data authenticity, and wherein the output comprises encrypted data if the security level invokes data confidentiality.

35. A non-transitory machine-readable medium comprising machine-executable instructions for processing data received at a device, the machine-executable instructions operable when executed to perform operations comprisingobtaining nonce data N and data c, wherein a value M encoded in the nonce data N indicates a length of an authentication tag, wherein the nonce data N comprises an identification of a security level, wherein the security level indicates whether data confidentiality is invoked or inhibited, wherein the security level indicates whether data authenticity is invoked or inhibited, wherein the data c comprises encrypted data if the security level indicates data confidentiality is invoked, and wherein the data c comprises the authentication tag if the security level indicates data authenticity is invoked;
- anddetermining message data m based on the data c and the nonce data N.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Struik, Marinus

Granted Patent

US 8,707,036 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/166
CPC Class Codes

H04L 2209/24   Key scheduling, i.e. genera...

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/12   Applying verification of th...

H04L 9/00   Cryptographic mechanisms or...

H04L 9/0618   Block ciphers, i.e. encrypt...

CRYPTOGRAPHIC METHOD AND APPARATUS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

CRYPTOGRAPHIC METHOD AND APPARATUS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links