公开(公告)号：WO2005101977A2

公开(公告)日：2005-11-03

申请号：PCT/IL2005/000431

申请日：2005-04-21

Applicant: FORTRESS GB LTD. ,  GRESSEL, Carmi David ,  VAGO, Gabriel ,  GRANOT, Ran ,  KANZA, Tomer ,  APPLE, Uzi ,  HECHT, Avi ,  SALMON, Timothy James ,  AMSILI, Herve ,  WEINSTEIN-LUSTIG, Mika ,  HADAD, Mordechay ,  INGHER, Amir ,  VAGO, Anat

Inventor： GRESSEL, Carmi David ,  VAGO, Gabriel ,  GRANOT, Ran ,  KANZA, Tomer ,  APPLE, Uzi ,  HECHT, Avi ,  SALMON, Timothy James ,  AMSILI, Herve ,  WEINSTEIN-LUSTIG, Mika ,  HADAD, Mordechay ,  INGHER, Amir ,  VAGO, Anat

IPC: G06F7/04 ,  G06F13/00 ,  G06F17/30 ,  G06F21/00 ,  G06K19/00 ,  G07C9/00 ,  G07F7/10 ,  G08B29/00 ,  G11C7/00 ,  G11C7/24 ,  H04L9/00 ,  H04L9/32

CPC classification number: G11C7/24 ,  G06F21/35 ,  G06Q20/341 ,  G06Q20/346 ,  G06Q20/40145 ,  G07C9/00039 ,  G07F7/1008

Abstract: A system for multi-factor security involving multiple secure devices that distribute the secured functions of the system over the different devices, such that the loss or theft of any one of them does not compromise the overall security of the system. Moreover, a configuration of devices is also secure even if one of them has been attacked by malicious software agents, such as "keyboard sniffers". A novel contactless smart card reader is presented that incorporates a transceiver antenna within a keypad of a device used with contactless smart cards. When the card is pressed against the device's keypad, the transceiver of the device establishes a session with the smart card. This configuration is very easy to use, because precise alignment of the smart card and the reader is not required. Moreover, the close proximity of the smart card and the antenna in the device reduces radio frequency power requirements, conserves battery power, and allows maximum power utilization by the smart card, for performing complex cryptographic calculations. A variety of systems are presented, including those using mobile telephones, computer-interfaced card readers, personal digital appliances, and television set-top box remote controllers.

Abstract translation: 一种涉及多个安全设备的多因素安全系统，它们通过不同的设备分发系统的安全功能，使得任何一个安全设备的丢失或被盗都不会损害系统的整体安全性。 此外，即使其中一个已经被恶意软件代理（例如“键盘嗅探器”）攻击，设备的配置也是安全的。 提出了一种新颖的非接触式智能卡读卡器，其在与非接触式智能卡一起使用的设备的小键盘内集成收发器天线。 当卡被按在设备的键盘上时，设备的收发器与智能卡建立会话。 这种配置非常容易使用，因为不需要智能卡和读卡器的精确对准。 此外，智能卡和设备中的天线的紧密接近降低了射频功率需求，节省了电池电量，并且允许智能卡的最大功率利用来进行复杂的加密计算。 提出了各种系统，包括使用移动电话，计算机接口读卡器，个人数字设备和电视机顶盒遥控器的系统。

公开(公告)号：WO2005101977A3

公开(公告)日：2005-12-22

申请号：PCT/IL2005000431

申请日：2005-04-21

Applicant: FORTRESS GB LTD ,  GRESSEL CARMI DAVID ,  VAGO GABRIEL ,  GRANOT RAN ,  KANZA TOMER ,  APPLE UZI ,  HECHT AVI ,  SALMON TIMOTHY JAMES ,  AMSILI HERVE ,  WEINSTEIN-LUSTIG MIKA ,  HADAD MORDECHAY ,  INGHER AMIR ,  VAGO ANAT

Inventor： GRESSEL CARMI DAVID ,  VAGO GABRIEL ,  GRANOT RAN ,  KANZA TOMER ,  APPLE UZI ,  HECHT AVI ,  SALMON TIMOTHY JAMES ,  AMSILI HERVE ,  WEINSTEIN-LUSTIG MIKA ,  HADAD MORDECHAY ,  INGHER AMIR ,  VAGO ANAT

IPC: G06F7/04 ,  G06F13/00 ,  G06F17/30 ,  G06F21/00 ,  G06K19/00 ,  G07C9/00 ,  G07F7/10 ,  G08B29/00 ,  G11C7/00 ,  G11C7/24 ,  H04L9/00 ,  H04L9/32

CPC classification number: G11C7/24 ,  G06F21/35 ,  G06Q20/341 ,  G06Q20/346 ,  G06Q20/40145 ,  G07C9/00039 ,  G07F7/1008

Abstract: A system for multi-factor security involving multiple secure devices that distribute the secured functions of the system over the different devices, such that the loss or theft of any one of them does not compromise the overall security of the system. Moreover, a configuration of devices is also secure even if one of them has been attacked by malicious software agents, such as "keyboard sniffers". A novel contactless smart card reader (200) is presented that incorporates a transceiver antenna (220) within a keypad (210) of a device used with contactless smart cards (100). When the card (100) is pressed against the device's keypad (210), the transceiver (220) of the device establishes a session with the smart card (100). A variety of systems are presented, including those using mobile telephones, computer-interfaced card readers, personal digital appliances, and television set-top box remote controllers.

Abstract translation: 一种涉及多个安全设备的多因素安全系统，用于通过不同的设备分发系统的安全功能，使得任何一个安全设备的丢失或被盗都不会损害系统的整体安全性。 此外，即使其中一个已经被恶意软件代理（例如“键盘嗅探器”）攻击，设备的配置也是安全的。 提出了一种新颖的非接触式智能卡读取器（200），其在与非接触式智能卡（100）一起使用的设备的键盘（210）内并入收发器天线（220）。 当卡（100）被按压在设备的键盘（210）上时，设备的收发器（220）与智能卡（100）建立会话。 提出了各种系统，包括使用移动电话，计算机接口读卡器，个人数字设备和电视机顶盒遥控器的系统。

公开(公告)号：WO2005101978A2

公开(公告)日：2005-11-03

申请号：PCT/IL2005000432

申请日：2005-04-21

Applicant: FORTRESS GB LTD ,  GRESSEL CARMI DAVID ,  VAGO GABRIEL ,  GRANOT RAN ,  WEINSTEIN-LUSTIG MIKA ,  APPLE UZI ,  AMSILI HERVE ,  SALMON TIMOTHY JAMES ,  HECHT AVI ,  KANZA TOMER ,  VAGO ANAT ,  HADAD MORDECHAY ,  INGHER AMIR

Inventor： GRESSEL CARMI DAVID ,  VAGO GABRIEL ,  GRANOT RAN ,  WEINSTEIN-LUSTIG MIKA ,  APPLE UZI ,  AMSILI HERVE ,  SALMON TIMOTHY JAMES ,  HECHT AVI ,  KANZA TOMER ,  VAGO ANAT ,  HADAD MORDECHAY ,  INGHER AMIR

IPC: H04L9/00 ,  H04L29/06

CPC classification number: H04L63/0421 ,  H04L63/0823 ,  H04L63/102

Abstract: An arrangement, system, and methods for creating and distributing authenticated personal information for users of network services and participants in social surveys, and in chat rooms and other forums. A trusted organization verifies that personal information presented by a user is correct, and authenticates the information in an encapsulated form as "certified profiles" within a smart card or other secure portable hardware device issued to the user. Certified profiles are authenticated by digital signatures of the trusted organization and the profile users. Personal information in certified profiles can be in raw and/or in statistically-processed and abstracted form, and can be tailored by the user for specific needs to include whatever personal information is required, and to exclude all other personal information. By the use of unique aliases, it is possible for users to anonymously access restricted network sites and participate in surveys, while still satisfying recipients that supplied personal information is accurate, and for surveys that the user has not responded to the same survey more than once. Users enroll for certified profiles via trusted enrollment vendors who market the service to the public and also make hardware and software available to users for managing, maintaining, and distributing the certified profiles.

Abstract translation: 用于为网络服务用户和社会调查参与者以及聊天室和其他论坛创建和分发经过身份验证的个人信息的安排，系统和方法。 受信任的组织验证由用户呈现的个人信息是正确的，并且以封装形式将信息认证为发布给用户的智能卡或其他安全便携式硬件设备中的“认证简档”。 认证的配置文件由受信任的组织和配置文件用户的数字签名进行身份验证。 认证资料中的个人信息可以是原始和/或统计处理和抽象的形式，并且可以由用户根据具体需要进行调整，以包括所需的任何个人信息，并排除所有其他个人信息。 通过使用独特的别名，用户可以匿名访问受限网站并参与调查，同时仍然满足提供个人信息的收件人是准确的，并且对于用户尚未响应相同调查的调查，不止一次 。 用户通过信任的注册供应商注册认证的个人资料，他们向公众提供服务，并为用户提供管理，维护和分发认证个人资料的硬件和软件。

公开(公告)号：WO2010086855A3

公开(公告)日：2010-12-29

申请号：PCT/IL2010000075

申请日：2010-01-28

Applicant: FORTRESS APPLIC LTD ,  GRESSEL CARMI DAVID ,  COURTOIS NICOLAS TADEUSZ ,  BARD GREGORY VAN ,  HECHT AVI ,  GRANOT RAN ,  SALMON TIMOTHY JAMES ,  MINTZ ITZHAK

Inventor： GRESSEL CARMI DAVID ,  COURTOIS NICOLAS TADEUSZ ,  BARD GREGORY VAN ,  HECHT AVI ,  GRANOT RAN ,  SALMON TIMOTHY JAMES ,  MINTZ ITZHAK

IPC: G06F7/58

CPC classification number: H04L63/12 ,  H04L9/0637 ,  H04L9/0643 ,  H04L9/0662 ,  H04L9/3236 ,  H04L63/0435 ,  H04L2209/04

Abstract: A data integrity system including a transmitter, having a TX pseudorandom function generator, a TX switching function having a transmitting option and a TX combiner operative to receive, from a Host, an initialization data entity including at least one word, [TA1], in an initialization phase, to receive, during normal operation, two data entities of interest each including at least one data word of interest [TA2] and [TA3] respectively; to receive a first data entity including at least one word [TC1] comprising a randomized data entry, from the TX pseudorandom function generator, to generate a first XOR sum of the initialization data entity's word [TA1] and the at least one randomized data entity [TC1], in at least one iteration of an initialization phase; and, during normal operation, to generate and to output a second XOR sum [TA2 ? TC2 = TB2] and a third XOR sum [TA3 ? TC3 = TB3], wherein TB2 and TB3 are randomized data entities, wherein the words TA1, TA2 and TA3 are operative to initialize the data integrity system including enabling the data integrity system to encrypt the TA2 word and to generate an identifying hash value output using the TA3 word.

Abstract translation: 一种数据完整性系统，包括具有TX伪随机函数发生器的发射机，具有发射选项的TX切换功能和TX组合器，其可操作以从主机接收包括至少一个字[TA1]的初始化数据实体， 初始化阶段，用于在正常操作期间接收分别包括至少一个感兴趣的数据字[TA2]和[TA3]的两个感兴趣的数据实体; 以从所述TX伪随机函数发生器接收包括至少一个包括随机化数据条目的字[TC1]的第一数据实体，以生成所述初始化数据实体的字[TA1]和所述至少一个随机化数据实体的第一异或求和 [TC1]，在初始化阶段的至少一次迭代中; 并且在正常操作期间，产生和输出第二异或和[TA2？ TC2 = TB2]和第三异或和[TA3？ TC3 = TB3]，其中TB2和TB3是随机化的数据实体，其中字TA1，TA2和TA3操作以初始化数据完整性系统，包括使数据完整性系统能够加密TA2字并且使用 TA3字。

公开(公告)号：WO2005101978A3

公开(公告)日：2005-11-03

申请号：PCT/IL2005/000432

申请日：2005-04-21

Applicant: FORTRESS GB LTD. ,  GRESSEL, Carmi David ,  VAGO, Gabriel ,  GRANOT, Ran ,  WEINSTEIN-LUSTIG, Mika ,  APPLE, Uzi ,  AMSILI, Herve ,  SALMON, Timothy James ,  HECHT, Avi ,  KANZA, Tomer ,  VAGO, Anat ,  HADAD, Mordechay ,  INGHER, Amir

Inventor： GRESSEL, Carmi David ,  VAGO, Gabriel ,  GRANOT, Ran ,  WEINSTEIN-LUSTIG, Mika ,  APPLE, Uzi ,  AMSILI, Herve ,  SALMON, Timothy James ,  HECHT, Avi ,  KANZA, Tomer ,  VAGO, Anat ,  HADAD, Mordechay ,  INGHER, Amir

IPC: H04L9/00

Abstract: An arrangement, system, and methods for creating and distributing authenticated personal information for users of network services and participants in social surveys, and in chat rooms and other forums. A trusted organization verifies that personal information presented by a user is correct, and authenticates the information in an encapsulated form as "certified profiles" within a smart card or other secure portable hardware device issued to the user. Certified profiles are authenticated by digital signatures of the trusted organization and the profile users. Personal information in certified profiles can be in raw and/or in statistically-processed and abstracted form, and can be tailored by the user for specific needs to include whatever personal information is required, and to exclude all other personal information. By the use of unique aliases, it is possible for users to anonymously access restricted network sites and participate in surveys, while still satisfying recipients that supplied personal information is accurate, and for surveys that the user has not responded to the same survey more than once. Users enroll for certified profiles via trusted enrollment vendors who market the service to the public and also make hardware and software available to users for managing, maintaining, and distributing the certified profiles.

公开(公告)号：WO2012098543A3

公开(公告)日：2012-12-06

申请号：PCT/IL2012000028

申请日：2012-01-17

Applicant: FORTRESS GB LTD ,  GRESSEL CARMI DAVID ,  PINNICK RICHARD DANIEL ,  COURTOIS NICOLAS TADEUS ,  VAGO GABRIEL ,  VAN BARD GREGORY ,  GRANOT RAN ,  HECHT AVI

Inventor： GRESSEL CARMI DAVID ,  PINNICK RICHARD DANIEL ,  COURTOIS NICOLAS TADEUS ,  VAGO GABRIEL ,  VAN BARD GREGORY ,  GRANOT RAN ,  HECHT AVI

IPC: G06Q20/00

CPC classification number: G06Q20/3827 ,  G06Q20/389 ,  G06Q30/06 ,  H04L63/0428

Abstract: An accelerated transparent authenticated Data Exchange system wherein the chronology of alternating senders' and receivers' messages are authenticated typically at each step, with an easy to use provision for resending, in the event of faulty transmission, such that the final message hash value authenticates the negotiation chronologically from first to final message, wherein the final hash value is operative to enable a signature of an entity or entities which binds such entity to the whole data exchange, which signature can be in clear text, encoded, and/or encrypted with authentication integrity. The system is useful for managing computerized negotiations including client-initiated computerized negotiations and including computerized financial transactions.

Abstract translation: 一种加速透明认证的数据交换系统，其中通常在每个步骤对交替的发送者和接收方的消息进行认证，其中易于使用的规定在发生错误的传输时重新发送，使得最终消息散列值认证 从第一到最后消息的时间顺序协商，其中最终哈希值可操作以使能够将该实体绑定到整个数据交换的实体的签名，该签名可以是明文，编码和/或加密的认证 完整性。 该系统有助于管理电脑化谈判，包括客户启动的计算机化谈判，包括电脑化金融交易。

公开(公告)号：WO2010086855A2

公开(公告)日：2010-08-05

申请号：PCT/IL2010/000075

申请日：2010-01-28

Applicant: FORTRESS APPLICATIONS LTD. ,  GRESSEL, Carmi, David ,  COURTOIS, Nicolas, Tadeusz ,  BARD, Gregory, Van ,  HECHT, Avi ,  GRANOT, Ran ,  SALMON, Timothy, James ,  MINTZ, Itzhak

Inventor： GRESSEL, Carmi, David ,  COURTOIS, Nicolas, Tadeusz ,  BARD, Gregory, Van ,  HECHT, Avi ,  GRANOT, Ran ,  SALMON, Timothy, James ,  MINTZ, Itzhak

IPC: H04W88/04

CPC classification number: H04L63/12 ,  H04L9/0637 ,  H04L9/0643 ,  H04L9/0662 ,  H04L9/3236 ,  H04L63/0435 ,  H04L2209/04

Abstract: A data integrity system including a transmitter, having a TX pseudorandom function generator, a TX switching function having a transmitting option and a TX combiner operative to receive, from a Host, an initialization data entity including at least one word, [TA1], in an initialization phase, to receive, during normal operation, two data entities of interest each including at least one data word of interest [TA2] and [TA3] respectively; to receive a first data entity including at least one word [TC1] comprising a randomized data entry, from the TX pseudorandom function generator, to generate a first XOR sum of the initialization data entity's word [TA1] and the at least one randomized data entity [TC1], in at least one iteration of an initialization phase; and, during normal operation, to generate and to output a second XOR sum [TA2 ⊕ TC2 = TB2] and a third XOR sum [TA3 ⊕ TC3 = TB3], wherein TB2 and TB3 are randomized data entities, wherein the words TA1, TA2 and TA3 are operative to initialize the data integrity system including enabling the data integrity system to encrypt the TA2 word and to generate an identifying hash value output using the TA3 word.

Abstract translation: 一种数据完整性系统，包括具有TX伪随机函数发生器，具有发送选项的TX切换功能和可操作以从主机接收包括至少一个单词[TA1]的初始化数据实体的TX组合器的发射机， 初始化阶段，在正常操作期间接收两个感兴趣的数据实体，分别包括至少一个感兴趣的数据字[TA2]和[TA3] 从TX伪随机函数发生器接收包括至少一个包括随机化数据条目的单词[TC1]的第一数据实体，以生成初始化数据实体的字[TA1]和至少一个随机数据实体的第一异或和 [TC1]，在初始化阶段的至少一次迭代中; 并且在正常操作期间，产生并输出第二XOR和[TA2？ TC2 = TB2]和第三XOR和[TA3？ TC3 = TB3]，其中TB2和TB3是随机数据实体，其中字TA1，TA2和TA3可操作以初始化数据完整性系统，包括使数据完整性系统能够加密TA2字，并使用 TA3字。

公开(公告)号：WO2008029406A3

公开(公告)日：2009-05-07

申请号：PCT/IL2007001101

申请日：2007-09-06

Applicant: FORTRESS GB LTD ,  GRESSEL CARMI DAVID ,  BARD GREGORY VAN ,  DUNKELMAN ORR DAVID ,  HECHT AVI ,  GRANOT RAN

Inventor： GRESSEL CARMI DAVID ,  BARD GREGORY VAN ,  DUNKELMAN ORR DAVID ,  HECHT AVI ,  GRANOT RAN

IPC: H04L9/00 ,  G06F11/30

CPC classification number: H04L9/0643 ,  H04L9/0662 ,  H04L2209/04 ,  H04L2209/08 ,  H04L2209/125

Abstract: A data hashing system operative to hash an incoming string of message words, thereby to generate a hash value tag comprising a deterministic random number string which uniquely identifies the incoming string, the system comprising at least first and second register arrays, at least one 1-way at least pseudo-randomizing functionality; and a set of at least first and second orthogonal feedback word stream generators operative to generate a set of at least first and second orthogonal feedback streams of message words respectively, including applying respective permutations to the incoming string, wherein the first and second feedback streams are combined into the first and second register arrays respectively, the at least pseudo-randomizing functionality accepts input from the register arrays and generates at least pseudo-random output which, in combination with a present word in the incoming string, is provided to the stream generators, and the first feedback stream is a first function of a present word in the incoming stream and the second feedback stream is a second function of a present and previous words, in the incoming stream.

Abstract translation: 一种数据散列系统，用于对输入的消息字串进行散列，由此产生一个散列值标签，其包括唯一地标识输入字符串的确定性随机数字串，该系统至少包括第一和第二寄存器阵列，至少一个1- 至少是伪随机化功能; 以及一组至少第一和第二正交反馈字流生成器，用于分别产生消息字的至少第一和第二正交反馈流的集合，包括对输入字符串应用相应置换，其中第一和第二反馈流是 组合到第一和第二寄存器阵列中，所述至少伪随机化功能接受来自寄存器阵列的输入，并且至少产生伪随机输出，其结合传入串中的当前字被提供给流生成器 并且第一反馈流是输入流中的当前单词的第一函数，并且第二反馈流是输入流中当前和先前单词的第二函数。

公开(公告)号：WO2007049268A1

公开(公告)日：2007-05-03

申请号：PCT/IL2006/000627

申请日：2006-05-25

Applicant: FORTRESSGB LTD. ,  GRESSEL, Carmi David ,  HECHT, Avi ,  GRANOT, Ran

Inventor： GRESSEL, Carmi David ,  HECHT, Avi ,  GRANOT, Ran

IPC: G06F1/02

CPC classification number: H03K3/84 ,  G06F1/04

Abstract: Random number generators are used for entertainment in gambling, lotteries and video gaming devices. True Random Number Generators, as are now currently defined, must be actuated by a physical noise source, typically based on the uncertainty of the phase differences of a stable and an unstable autonomous oscillator. In this invention an autonomous random frequency modulated oscillator driven by a self contained pseudo random number generator outputs three loosely correlated random binary streams. Included in the invention is a hardware method for proving wandering phase differences and also the existence of a colored random distribution of concatenated nibbles.

Abstract translation: 随机数发生器用于赌博，彩票和视频游戏设备的娱乐。 目前定义的真随机数发生器必须由物理噪声源启动，通常基于稳定和不稳定的自主振荡器的相位差的不确定性。 在本发明中，由自包含的伪随机数发生器驱动的自主随机频率调制振荡器输出三个松散相关的随机二进制流。 本发明中包括用于证明漂移相位差的硬件方法，以及串联半字节的彩色随机分布的存在。

公开(公告)号：WO2012098543A2

公开(公告)日：2012-07-26

申请号：PCT/IL2012/000028

申请日：2012-01-17

Applicant: FORTRESS GB LTD. ,  GRESSEL, Carmi, David ,  PINNICK, Richard, Daniel ,  COURTOIS, Nicolas, Tadeus ,  VAGO, Gabriel ,  VAN BARD, Gregory ,  GRANOT, Ran ,  HECHT, Avi

Inventor： GRESSEL, Carmi, David ,  PINNICK, Richard, Daniel ,  COURTOIS, Nicolas, Tadeus ,  VAGO, Gabriel ,  VAN BARD, Gregory ,  GRANOT, Ran ,  HECHT, Avi

IPC: G06F21/24

CPC classification number: G06Q20/3827 ,  G06Q20/389 ,  G06Q30/06 ,  H04L63/0428

Abstract: An accelerated transparent authenticated Data Exchange system wherein the chronology of alternating senders' and receivers' messages are authenticated typically at each step, with an easy to use provision for resending, in the event of faulty transmission, such that the final message hash value authenticates the negotiation chronologically from first to final message, wherein the final hash value is operative to enable a signature of an entity or entities which binds such entity to the whole data exchange, which signature can be in clear text, encoded, and/or encrypted with authentication integrity. The system is useful for managing computerized negotiations including client-initiated computerized negotiations and including computerized financial transactions.

Abstract translation: 一种加速的透明认证的数据交换系统，其中通常在每个步骤中认证交替的发送者和接收者消息的时间顺序，并且在发送错误的情况下容易使用重新发送的规定，例如 最终消息散列值按时间顺序从第一到最终消息认证协商，其中最终散列值操作来启用将这样的实体绑定到整个数据交换的一个或多个实体的签名，该签名可以是明文形式的， 编码和/或用认证完整性加密。 该系统对管理计算机化的谈判非常有用，包括客户发起的计算机化谈判和包括计算机化金融交易。