Abstract: An MD5 processing apparatus is a hardware-implemented MD5 process in a programmable device such as an FPGA or the like. The programmable device is programmed to include four processing engines, each of which performs a single MD5 stage having four MD5 operations performed by the MD5 stage. Each stage begins with four 32-bit values in an A register, a B register; a C register; and a D register. These values are processed using four sub-stages in the MD5 stage using a number of adders along with fixed nonlinear function processing units and fixed 32-bit-shift units. The fixed nonlinear function processing units in a given stage implement only the nonlinear function needed for the MD5 round being performed by the stage. Likewise, each fixed 32-bit-shift unit uses direct bit routing to effect bit shifts taking advantage of the cyclic nature of shifts required by the MD5 hashing algorithm.
Abstract: An intrusion prevention/detection system filter (IPS filter) performance evaluation is provided. The performance evaluation is performed at both the security center and at the customer sites to derive a base confidence score and local confidence scores. Existence of new vulnerability is disclosed and its attributes are used in the generation of new IPS filter or updates. The generated IPS filter is first tested to determine its base confidence score from test confidence attributes prior to deploying it to a customer site. A deep security manager and deep security agent, at the customer site, collect local confidence attributes that are used for determining the local confidence score. The local confidence score and the base confidence score are aggregated to form a global confidence score. The local and global confidence scores are then compared to deployment thresholds to determine whether the IPS filter should be deployed in prevention or detection mode or sent back to the security center for improvement.
Type:
Grant
Filed:
October 22, 2008
Date of Patent:
November 27, 2012
Assignee:
Trend Micro Incorporated
Inventors:
Blake Stanton Sutherland, William G. McGee
Abstract: A secret sharing apparatus according to the present invention is based on a (k,n)-threshold scheme with a threshold of at least 4 but is still operational with a threshold of at least 2. The secret sharing apparatus generates a generator matrix (G) of GF(2) in which any k of n column vectors are at a full rank, divides secret information into n?1 pieces to generate divided secret data (K(1), . . . , K(n?1)), generates random data (U(0,1), . . . , U(k?2,n?1)), calculates the product of matrixes of the divided secret data, the random data, and the generator matrix (G), assigns the j×(n?1)+ith column of the calculation result to sharing partial data (D(j,i)) to calculate sharing partial data (D(j,1)), generates header information (H(j)), and individually distributes n pieces of sharing information (D(0), . . . , D(n?1)) made up of the header information (H(j)) and sharing partial data (D(j,i)) to n storage apparatuses.
Abstract: A secret sharing device of (k, n) threshold scheme creates a generator matrix G, first divided secret data, and random number data, calculates shared partial data based on the product of matrices with the random number data, the divided secret data, and the generator matrix G, and delivers the shared information formed by the shared partial data and the header information individually to the storage units. The secret sharing device calculates a recovery matrix and multiplies the shared information by the recovery matrix, hence to recover the secret information.