Paul C Kocher

Author:

Paul Harold Kocher

ISBN #:

0395289505

Author:

Paul H. Kocher

ISBN #:

0345306368

Author:

Paul H. Kocher

ISBN #:

0345465601

Author:

Paul H. Kocher

ISBN #:

0500010951

Author:

Paul H. Kocher

ISBN #:

0395140978

Author:

Paul H. Kocher

ISBN #:

0819906018

Author:

Paul H. Kocher

ISBN #:

0819906891

US Patent:

6381699, Apr 30, 2002

Filed:

Dec 13, 2000

Appl. No.:

09/737182

Inventors:

Paul C. Kocher - San Francisco CA
Joshua M. Jaffe - San Francisco CA

Assignee:

Cryptography Research, Inc. - San Francisco CA

International Classification:

H04L 910

US Classification:

713172, 713174, 713340, 705 65

Abstract:

The present invention provides a method and apparatus for securing cryptographic devices against attacks involving external monitoring and analysis. A âself-healingâ property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations of the invention are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption, ElGamal digital signing, and the Digital Signature Algorithm.

US Patent:

6442689, Aug 27, 2002

Filed:

Jul 28, 1998

Appl. No.:

09/123732

Inventors:

Paul Carl Kocher - Menlo Park CA

Assignee:

ValiCert, Inc. - Mountain View CA

International Classification:

H04L 900

US Classification:

713158

Abstract:

Methods and apparatuses for having a single trusted party collect digitally signed lists (e. g. , CRLs) from different trusted data item issuers (e. g. , CAs). According to one embodiment, the trusted third party collects the digitally signed lists. The trusted third party then associates with sorted entries from each of the digitally signed lists a representation of the trusted data item issuer that provided the digitally signed list. The trusted third party cryptographically manipulates the sorted entries and associated representations. The trusted party electronically transmits at least one of the entries on one of the digitally signed lists and part of the cryptographically manipulated data onto a network.

US Patent:

6510518, Jan 21, 2003

Filed:

Jun 3, 1999

Appl. No.:

09/325611

Inventors:

Joshua M. Jaffe - San Francisco CA
Paul C. Kocher - San Francisco CA
Benjamin C. Jun - Palo Alto CA

Assignee:

Cryptography Research, Inc. - San Francisco CA

International Classification:

G06F 124

US Classification:

713168, 713171, 713200, 713201

Abstract:

Cryptographic devices that leak information about their secrets through externally monitorable characteristics (such as electromagnetic radiation and power consumption) may be vulnerable to attack, and previously-known methods that could address such leaking are inappropriate for smartcards and many other cryptographic applications. Methods and apparatuses are disclosed for performing computations in which the representation of data, the number of system state transitions at each computational step, and the Hamming weights of all operands are independent of computation inputs, intermediate values, or results. Exemplary embodiments implemented using conventional (leaky) hardware elements (such as electronic components, logic gates, etc. ) as well as software executing on conventional (leaky) microprocessors are described. Smartcards and other tamper-resistant devices of the invention provide greatly improved resistance to cryptographic attacks involving external monitoring.

US Patent:

6532540, Mar 11, 2003

Filed:

Jun 23, 1998

Appl. No.:

09/103656

Inventors:

Paul Carl Kocher - San Francisco CA

Assignee:

ValiCert, Inc. - Mountain View CA

International Classification:

H04L 900

US Classification:

713158, 713175

Abstract:

Methods and apparatuses for providing cryptographic assurance based on ranges as to whether a particular data item is on a list. According to one computer-implemented method, the items on the list are sorted and ranges are derived from adjacent pairs of data items on the list. Next, cryptographically manipulated data is generated from the plurality of ranges. At least parts of the cryptographically manipulated data is transmitted onto a network for use in cryptographically demonstrating whether any given data item is on the list. According to another computer-implemented method, a request message is received requesting whether a given data item is on a list of data items. In response, a range is selected that is derived from the pair of data items on the list that define the smallest range that includes the given data item. A response message is transmitted that cryptographically demonstrates whether the first data item is on the list using cryptographically manipulated data derived from the range. According to another computer-implemented method, a request message requesting an indication as to whether a first data item is on a list of data items is transmitted.

US Patent:

6539092, Mar 25, 2003

Filed:

Jul 2, 1999

Appl. No.:

09/347493

Inventors:

Paul C. Kocher - San Francisco CA

Assignee:

Cryptography Research, Inc. - San Francisco CA

International Classification:

H04K 102

US Classification:

380252, 380 1, 713193, 713194

Abstract:

Methods and apparatuses for increasing the leak-resistance of cryptographic systems using an indexed key update technique are disclosed. In one embodiment, a cryptographic client device maintains a secret key value as part of its state. The client can update its secret value at any time, for example before each transaction, using an update process that makes partial information that might have previously leaked to attackers about the secret no longer usefully describe the new updated secret value. By repeatedly applying the update process, information leaking during cryptographic operations that is collected by attackers rapidly becomes obsolete. Thus, such a system can remain secure (and in some embodiments is provably secure) against attacks involving analysis of measurements of the devices power consumption, electromagnetic characteristics, or other information leaked during transactions. The present invention can be used in connection with a client and server using such a protocol. To perform a transaction with the client, the server obtains the clients current transaction counter.

US Patent:

6640305, Oct 28, 2003

Filed:

Sep 6, 2001

Appl. No.:

09/948473

Inventors:

Paul C. Kocher - San Francisco CA
Joshua M. Jaffe - San Francisco CA
Benjamin C. Jun - Palo Alto CA

Assignee:

Cryptography Research, Inc. - San Francisco CA

International Classification:

H04L 910

US Classification:

713194, 713162, 713172, 380228, 380286

Abstract:

Before use, a population of tamper-resistant cryptographic enforcement devices is partitioned into groups and issued one or more group keys. Each tamper-resistant device contains multiple computational units to control access to digital content. One of the computational units within each tamper-resistant device communicates with another of the computational units acting as an interface control processor, and serves to protect the contents of a nonvolatile memory from unauthorized access or modification by other portions of the tamper-resistant device, while performing cryptographic computations using the memory contents. Content providers enforce viewing privileges by transmitting encrypted rights keys to a large number of recipient devices. These recipient devices process received messages using the protected processing environment and memory space of the secure unit. The processing result depends on whether the recipient device was specified by the content provider as authorized to view some encrypted digital content.

US Patent:

6654884, Nov 25, 2003

Filed:

Jan 17, 2003

Appl. No.:

10/346848

Inventors:

Joshua M. Jaffe - San Francisco CA
Paul C. Kocher - San Francisco CA
Benjamin C. Jun - Palo Alto CA

Assignee:

Cryptography Research, Inc. - San Francisco CA

International Classification:

G06F 124

US Classification:

713168, 713171, 713200, 713201

Abstract:

Differential power analysis is a powerful cryptanalytic method that can be used to extract secret keys from cryptographic hardware during operation. To reduce the risk of compromise, cryptographic hardware can employ countermeasures to reduce the amount of secret information that can be deduced by power consumption measurements during processing. Such countermeasures can include balancing circuitry inside a cryptographic hardware device to reduce the amount of variation in power consumption that is correlated to data parameters being manipulated. This can be facilitated by using a constant-Hamming-weight representation when representing and manipulating secret parameters. Low-level operation modules, such as Boolean logic gates, can be built to process input parameters in a manner that balances the number of ON transistors while simultaneously maintaining a data-independent number of transistor transitions during computation. Leakage reduction may be used with other countermeasures, including introducing noise, unrelated to data being processed, into the power measurements.

US Patent:

6901509, May 31, 2005

Filed:

Feb 22, 2000

Appl. No.:

09/511645

Inventors:

Paul Carl Kocher - Menlo Park CA, US

Assignee:

Tumbleweed Communications Corp. - Redwood City CA

International Classification:

H04L009/00

US Classification:

713158, 713175, 713156, 713176

Abstract:

Methods and apparatuses for providing cryptographic assurance based on ranges as to whether a particular data item is on a list. According to one computer-implemented method, the items on the list are sorted and ranges are derived from adjacent pairs of data items on the list. Next, cryptographically manipulated data is generated from the plurality of ranges. At least parts of the cryptographically manipulated data is transmitted onto a network for use in cryptographically demonstrating whether any given data item is on the list. According to another computer-implemented method, a request message is received requesting whether a given data item is on a list of data items. In response, a range is selected that is derived from the pair of data items on the list that define the smallest range that includes the given data item. A response message is transmitted that cryptographically demonstrates whether the first data item is on the list using cryptographically manipulated data derived from the range. According to another computer-implemented method, a request message requesting an indication as to whether a first data item is on a list of data items is transmitted.