公开(公告)号：MY169097A

公开(公告)日：2019-02-18

申请号：MYPI2014702902

申请日：2014-10-01

Applicant: MIMOS BERHAD

Inventor： ALWYN GOH ,  POH GEONG SEN ,  MOESFA SOEHEILA MOHAMAD ,  CHOONG KHONG NENG

Abstract: The present invention provides a method for secure network establishment, via authentication of single-use passwords, or equivalent credentials, between a plurality of nodes (602, 702) undertaking a basic embodiment (602), a hardened embodiment (702) and a mixture of both basic and hardened embodiments. In the basic embodiment, particular node is designated a trusted party (601) with the method comprising previous provision, by the trusted party (501), of a single-use public key (612, 613) for use by any node in plurality thereof to confirm present use of a single-use password or credential (621) as subject to acknowledgment (624) by the trusted party in present instance of secure connectivity; verification (631) by any node in plurality thereof of such acknowledgement; and then independent computation of a session-key (632) also by any node in plurality thereof, with which to establish present instance of secure connectivity by means of Zero-Knowledge (ZK) integration of presently applicable password; previously received single-use public-key; and further provision, by the trusted party, of a subsequent single-use public-key for use by any node in the plurality thereof to confirm use of a subsequent single-use password or credential (523), as presently unknown, for a subsequent instance of secure connectivity. In the hardened embodiment, the method further comprises reciprocal previous provision, by particular node in plurality thereof, of a single-use public-key (717, 718) for use to undertake commitment (740) prior to establishment of present instance of secure connectivity by means of Zero-Knowledge (ZK) integration of presently applicable password or credential; previously transmitted single-use public-key; fine-grained context of commitment; and further provision, by particular node undertaking commitment, of a subsequent single-use public-key to undertake commitment in relation to subsequent instance of secure connectivity. Trusted party is able, by means of undertaking verification (750) of such commitments as received from plurality of nodes, to detect replay of passwords or credentials, or alternatively misuse of node-associated private-keys, by an unauthorized node seeking to participate in present instance of secure connectivity; and thereafter to undertake sanction, on such node that had attempted replay of password or credential, or misuse of private-key.

公开(公告)号：MY186786A

公开(公告)日：2021-08-20

申请号：MYPI2015702118

申请日：2015-06-23

Applicant: MIMOS BERHAD

Inventor： POH GEONG SEN ,  MOESFA SOEHEILA MOHAMAD ,  ALWYN GOH ,  NG KANG SIONG

IPC: G06F21/00 ,  H04L9/00

Abstract: The present invention relates to a method and system for data privacy in a scenario where a data owner (100) wishes to outsource storage of data to multiple remote data storage providers (110) in a private manner, in such a way that every data storage provider (110) only stores partial data of a document. This means no one data storage provider (110) is able to learn the content of any one or more documents outsourced among the data storage providers (110). Existing solutions mainly considered the problem of a data owner submitting storage of data to one data storage provider, for both single-keyword and conjunctive keyword searches. Given today the availability of various data storage providers, the present invention provides solution utilizing different index information in the form of tables and index query mechanisms for the case of direct segmentation and outsourcing with minimal involvement of the data storage providers (110). (Figure 1)

公开(公告)号：MY188082A

公开(公告)日：2021-11-16

申请号：MYPI2015700997

申请日：2015-03-27

Applicant: MIMOS BERHAD

Inventor： MOESFA SOEHEILA MOHAMAD ,  ALWYN GOH ,  LEE KAY WIN

IPC: H04L9/32 ,  H04L9/00 ,  H04L29/06

Abstract: The present invention provides a method and system for a one time user-to-user delegation. The system comprises a delegation token generation module (112), an application server (106), an authentication server (102) and an authorization server (104). The method comprises the delegator (110) generating a delegation token and transmitting the token to a delegatee, the application server (106) verifying validity of a delegation token, the application server (106) then enquires authorization of a delegator (110) from the authorization server (104); and upon receiving authorization from the authorization server (104), the application server (106) executes a task or allows the delegatee to perform the task and removes the task entry from the delegation table (118).

公开(公告)号：MY172679A

公开(公告)日：2019-12-10

申请号：MYPI2013002270

申请日：2013-06-18

Applicant: MIMOS BERHAD

Inventor： POH GEONG SEN ,  MOESFA SOEHEILA MOHAMAD

Abstract: A system for collaborative document generation comprrsrng: a document management server (102) adapted to manage document storage (101) and having an associated pair of signing and verification keys; at least two clients (104) each having a unique identifier and a pair of signing and verification keys, said verification keys of said clients being available to said document management server and to other clients; a document management module (103) adapted to receive service requests from said clients; an aggregate signature module (105) residing in said document management server; and digital signature modules (106) residing in each of said clients; wherein said aggregate signature module is adapted to sign messages using the document management server signing key by verifying signatures on messages given a signature, verification key and message; aggregating a set of signatures to produce an aggregate signature; and verifying said aggregate signature given said aggregate signature, a set of associated verification keys and a set of associated messages; and wherein said digital signature modules are adapted to: sign messages using the respective client signing keys; verify signatures and messages given a signature, verification key and message; and verify said aggregate signature given said aggregate signature, a set of associated verification keys and a set of associated messages. The most illustrative drawing is FIG. 1.0.

公开(公告)号：MY166590A

公开(公告)日：2018-07-17

申请号：MYPI2013002055

申请日：2013-06-05

Applicant: MIMOS BERHAD

Inventor： MOESFA SOEHEILA MOHAMAD ,  POH GEONG SEN

IPC: H04L9/30 ,  H04L9/32

Abstract: NON-REPUDIABLE LOG ENTRIES FOR FILE RETRIEVAL WITH SEMI-TRUSTED SERVER IS PROVIDED BY COERCING USER TO DIGITALLY SIGN THE LOG ENTRY ON THE EVENT THAT THE USER RETRIEVES A FILE FROM THE SERVER WHICH PREVENTS USER OR SERVER FROM INDEPENDENTLY FORGING OR MODIFYING A LOG ENTRY. THE SYSTEM (100) COMPRISING A USER INTERFACE MODULE (102A), A SERVER INTERFACE MODULE (104A), AN ASYMMETRIC ENCRYPTION MODULE (102C), A SYMMETRIC ENCRYPTION MODULE (102E), A DIGITAL SIGNATURE MODULE (102B), A COMBINER MODULE (102D), A REGISTRATION MODULE (104D) AND A LOG FILE (104G). THE ASYMMETRIC ENCRYPTION MODULE (102C) EXPLOITS KEY DUALITIES PROPERTIES BY ENCRYPTING MESSAGES USING PUBLIC KEY AND COMBINED PUBLIC KEY; AND DECRYPTING MESSAGES USING DECRYPTION KEY WHICH INCLUDES ONE SIGNATURE OR A COMBINATION OF SIGNATURES. THE METHOD OF FILE RETRIEVAL IS CONSTRUCTED SUCH THAT THE USER MUST SUBMIT THE FIRST SIGNATURE TO THE SERVER; THE USER MUST SIGN THE CORRECT LOG ENTRY RECORDING THE FILE RETRIEVAL. FURTHER, WHEN THE SERVER COMBINES THE FIRST SIGNATURE WITH ITS OWN SIGNATURE, THE COMBINATION FORMS ONLY PART OF THE DECRYPTION KEY. THE DECRYPTION KEY CAN BE COMPLETED ONLY BY USING THE USER’S SECOND SIGNING KEY WHEREBY THE SERVER CANNOT DECRYPT THE FILE AT ANY TIME. THE METHOD OF PROTECTION OF THE PRESENT INVENTION LIES IN THE COMBINATION OF SERVER’S AND USER’S DIGITAL SIGNATURES ON EVERY LOG ENTRY TO PROTECT AGAINST RECIPIENT OR USER WHO DENIES FROM RETRIEVING A FILE. THE MOST ILLUSTRATIVE DRAWING IS

公开(公告)号：WO2008147171A3

公开(公告)日：2009-03-05

申请号：PCT/MY2008000041

申请日：2008-05-09

Applicant: MIMOS BERHAD ,  MOESFA SOEHEILA MOHAMAD ,  NORZIANA JAMIL ,  JESNI BIN SHAMSUL SHAARI

Inventor： MOESFA SOEHEILA MOHAMAD ,  NORZIANA JAMIL ,  JESNI BIN SHAMSUL SHAARI

IPC: H04L9/08

CPC classification number: H04L9/0852

Abstract: The present invention relates to a method of error elimination protocol by creating a secret key from an initially shared correlated binary sequence. Furthermore, it is a method to reconcile correlated but not identical binary sequences to establish an identical binary sequence without allowing any information to be gained by an eavesdropper about the identical binary sequence. It is yet the objective of the present invention to eliminate the bottleneck in Quantum Key Distribution performance by eliminating the need of an error correction protocol. The problems in the prior art is eliminated by omitting the error rather than correcting it.

Abstract translation: 本发明涉及一种通过从最初共享的相关二进制序列创建秘密密钥的错误消除协议的方法。 此外，它是一种协调相关但不相同的二进制序列以建立相同二进制序列的方法，而不允许关于相同二进制序列的窃听者获得任何信息。 本发明的目的是通过消除对纠错协议的需要来消除量子密钥分发性能的瓶颈。 通过省略错误而不是纠正现有技术中的问题而消除。

公开(公告)号：WO2012060685A8

公开(公告)日：2016-09-01

申请号：PCT/MY2011000105

申请日：2011-06-17

Applicant: MIMOS BERHAD ,  MOHAMED RIDZA WAHIDDIN ,  ABDULRASHID MAMADOLIMOV ,  MOESFA SOEHEILA MOHAMAD ,  RAMLAN MAHMOD

Inventor： MOHAMED RIDZA WAHIDDIN ,  ABDULRASHID MAMADOLIMOV ,  MOESFA SOEHEILA MOHAMAD ,  RAMLAN MAHMOD

IPC: H04L9/28 ,  H04L9/06

CPC classification number: H04L9/0631

Abstract: One embodiment of the present invention is a method of linear transformation in Substitution-Permutation Network symmetric-key block cipher producing n x n key-dependent MDS matrices from given n x n MDS matrix by scalar multiplication and permutations of elements of given matrix where multiplicative scalar and permutations are derived from binary inputs of length l. The method comprising deriving multiplicative scalar from binary input; multiplying given matrix with multiplicative scalar, producing first intermediate matrix; deriving first permutation of n objects from binary input; permuting rows of first intermediate matrix according to first permutation, producing second intermediate matrix; deriving second permutation of n objects from binary input; and permuting columns of second intermediate matrix according to second permutation to produce final MDS matrix. Another embodiment of the present invention is a method of linear transformation in Substitution-Permutation Network symmetric-key block cipher producing n x n key-dependent MDS matrices from given n x n MDS matrix by scalar multiplication and permutations of elements of given matrix where multiplicative scalar and permutations are derived from binary inputs of length l. The method comprising deriving multiplicative scalar from the key (202); multiplying given matrix with multiplicative scalar to produce first intermediate matrix (204); deriving first permutation of n objects from the key (206); permuting rows of first intermediate matrix according to first permutation to produce second intermediate matrix (208); deriving second permutation of n objects from the key (304); and permuting columns of second intermediate matrix according to second permutation (212) to produce final MDS matrix (214).

Abstract translation: 本发明的一个实施例是一种替代置换网络对称密钥块密码中的线性变换的方法，其通过标量乘法和给定矩阵的元素的排列产生来自给定nxn个MDS矩阵的nxn个密钥相关MDS矩阵，其中乘法标量和排列是 源自长度为l的二进制输入。 该方法包括从二进制输入中导出乘法标量; 将给定矩阵与乘法标量相乘，产生第一中间矩阵; 从二进制输入中导出n个对象的第一个置换; 根据第一排列排列第一中间矩阵行，产生第二中间矩阵; 从二进制输入中导出n个对象的第二个置换; 以及根据第二排列置换第二中间矩阵的列以产生最终MDS矩阵。 本发明的另一实施例是一种替代置换网络对称密钥块密码中的线性变换的方法，其通过标量乘法和给定矩阵的元素的排列产生来自给定nxn个MDS矩阵的nxn密钥相关MDS矩阵，其中乘法标量和排列是 源自长度为l的二进制输入。 所述方法包括从所述密钥（202）导出乘法标量; 将给定矩阵与乘法标量相乘以产生第一中间矩阵（204）; 从所述键（206）导出n个对象的第一置换; 根据第一排列置换第一中间矩阵行以产生第二中间矩阵（208）; 从所述键（304）导出n个对象的第二置换; 以及根据第二置换（212）置换第二中间矩阵的列以产生最终MDS矩阵（214）。

公开(公告)号：WO2010151103A1

公开(公告)日：2010-12-29

申请号：PCT/MY2010/000101

申请日：2010-06-15

Applicant: MIMOS BERHAD ,  ABDURASHID MAMADOLIMOV ,  HERMAN ISA ,  MOESFA SOEHEILA MOHAMAD

Inventor： ABDURASHID MAMADOLIMOV ,  HERMAN ISA ,  MOESFA SOEHEILA MOHAMAD

IPC: H04L9/28 ,  H04L9/06 ,  G09C5/00 ,  H04L9/14

CPC classification number: H04L9/0618

Abstract: A method (100) for generating a bijective Substitution Box, the method (100) comprises selecting a Boolean map (102) from a plurality of non-bijective power functions and iterating extending an image of the Boolean map (104) to generate an extended Boolean map, obtaining a bijective function (106) from the extended Boolean map, performing a differential uniformity test (108) on the bijective function to obtain a differential uniformity parameter and performing a nonlinearity test (108) on the bijective function to obtain a nonlinearity parameter, until the differential uniformity parameter and the nonlinearity parameter meet a predetermined condition.

Abstract translation: 一种用于生成双射替代盒的方法（100），所述方法（100）包括从多个非双射功率函数中选择布尔映射（102），并迭代地扩展布尔映射（104）的图像以生成扩展 布尔映射，从扩展布尔图获得双射函数（106），对双射函数执行差分均匀性测试（108）以获得差分均匀性参数，并对双射函数执行非线性测试（108）以获得非线性 参数，直到差分均匀性参数和非线性参数满足预定条件。