Настройки

Укажите год
-

Небесная энциклопедия

Космические корабли и станции, автоматические КА и методы их проектирования, бортовые комплексы управления, системы и средства жизнеобеспечения, особенности технологии производства ракетно-космических систем

Подробнее
-

Мониторинг СМИ

Мониторинг СМИ и социальных сетей. Сканирование интернета, новостных сайтов, специализированных контентных площадок на базе мессенджеров. Гибкие настройки фильтров и первоначальных источников.

Подробнее

Форма поиска

Поддерживает ввод нескольких поисковых фраз (по одной на строку). При поиске обеспечивает поддержку морфологии русского и английского языка
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Укажите год
Укажите год
Применить Всего найдено 43389. Отображено 100.
12-01-2012 дата публикации

Digital signature generation apparatus, digital signature verification apparatus, and key generation apparatus

Номер: US20120011369A1
Автор: Koichiro Akiyama, Yasuhiro Goto
Принадлежит: Toshiba Corp

A digital signature generation apparatus includes memory to store finite field F q and section D(u x (s, t), u y (s, t), s, t) as secret key, section being one of surfaces of three-dimensional manifold A(x, y, s, t) which is expressed by x-coordinate, y-coordinate, parameter s, and parameter t and is defined on finite field Fq, x-coordinate and y-coordinate of section being expressed by functions of parameter s and parameter t, calculates hash value of message m, generates hash value polynomial by embedding hash value in 1-variable polynomial h(t) defined on finite field F q , and generates digital signature D s (U x (t), U y (t), t) which is curve on section, the x-coordinate and y-coordinate of curve being expressed by functions of parameter t, by substituting hash value polynomial in parameter s of section.

Подробнее
Номер записи: 1
19-01-2012 дата публикации

Method and system for the secure and verifiable consolidation of the results of election processes

Номер: US20120016723A1
Автор: Jordi PUIGGALÍ ALLEPUZ, Pere VALLÈS FONTANALS, Victor MORALES ROCHA
Принадлежит: Scytl Secure Electronic Voting SA

A method and system for the secure and auditable consolidation of the results of an electoral process, in which local electoral authorities ( 101 ) participate to validate, by generating a validation test ( 106 ), local electoral results. This validation test is communicated to a consolidation module ( 103 ), which will verify that the validation test ( 106 ) has been generated by the appropriate electoral authorities. It will then generate a receiving test ( 107 ), which will contain the result of the validation, which could be the acceptance or non-acceptance of the validation test. The receiving test ( 107 ) is finally sent to the electoral authorities for information of the validation. There are different ways of generating the validation and receiving tests so as to be able to robustly verify the identity of the local electoral authorities ( 101 ) who have participated in the validation of the electoral results and to verify if the validated local electoral results are the same that are going to be consolidated and to preserve the integrity of the official records of the local electoral results.

Подробнее
Номер записи: 2
26-01-2012 дата публикации

Electronic License Management

Номер: US20120023596A1
Автор: Devesh Parekh, Dianne K. Hackborn, Jasper Lin, Karl Rosaen, Mark D. Womack, Richard G. Cannings, Sanjay Jeyakumar
Принадлежит: Google LLC

In one aspect, this application describes a method for determining a license status of a software application. The method includes receiving a license status request to obtain an indication of whether a software application is licensed for use on a client computing device. The method also includes identifying identity information that corresponds to user identity information, device identity information, or both. The method also includes sending a communication generated from the license status request and the identity information to a licensing service, the communication being used by the licensing service to generate the indication based at least in part on the identity information and licensing information associated with the software application. The method also includes receiving a license status response from the licensing service that includes the indication. The method also includes sending the license status response to the software application for processing by the software application.

Подробнее
Номер записи: 3
02-02-2012 дата публикации

Cryptographic system, cryptographic communication method, encryption apparatus, key generation apparatus, decryption apparatus, content server, program, and storage medium

Номер: US20120027210A1
Автор: Kaku Takeuchi, Sakae Chikara, Tetsutaro Kobayashi
Принадлежит: Nippon Telegraph and Telephone Corp

A cryptographic communication technology that is based on predicate encryption and that can operate flexibly is provided. A conversion rule information pair is determined in advance, which has attribute conversion rule information prescribing a conversion rule for converting attribute designation information to attribute information used in a predicate encryption algorithm and predicate conversion rule information prescribing a conversion rule for converting predicate designation information to predicate information used in the predicate encryption algorithm. One kind of conversion rule information included in the conversion rule information pair is used to obtain first attribute information or first predicate information from input information. The first attribute information or the first predicate information is used for encryption. Encryption information is decrypted with a decryption key generated by using second attribute information or second predicate information obtained from user information by using the other kind of conversion rule information.

Подробнее
Номер записи: 4
02-02-2012 дата публикации

Methods and systems for facilitating communications between vehicles and service providers

Номер: US20120030467A1
Автор: Mark S. Schaefer
Принадлежит: GENERAL MOTORS LLC

Methods and systems for facilitating communications between a vehicle and a service provider are provided. A first address of a vehicle communication device and a second address of a service provider communication device are obtained at a remote location that is remote to both the vehicle and the service provider. A set of keys, including a first key and a second key, is generated at the remote server. The first key is for use by the vehicle in establishing communications with the service provider, and the second key is for use by the service provider in establishing communications with the vehicle. The first key is provided to the vehicle, and the second key is provided to the service provider.

Подробнее
Номер записи: 5
16-02-2012 дата публикации

Anti-counterfeiting electronic device and method thereof

Номер: US20120042169A1
Автор: Bo-Ching Lin, Hsien-Chung Shih, Sha-Sha Hu, Xiang Li
Принадлежит: Hon Hai Precision Industry Co Ltd, Hongfujin Precision Industry Shenzhen Co Ltd

An anti-counterfeiting electronic device includes a function component assigned with an identification code ID and a processor. The processor generates a random code K 1 and transmits the random code K 1 to the function component; the function component encrypts the random code K 1 and the identification code ID to generate a key ID 1 . The processor further obtains the key ID 1 from the function component and decrypts the key ID 1 to generate an identification code ID 2 , and determines whether the identification code ID 2 is the same as the ID and executes the system login command if the identification code ID 2 is the same as the identification code ID. An anti-counterfeiting method is also provided.

Подробнее
Номер записи: 6
08-03-2012 дата публикации

Security of a multimedia stream

Номер: US20120057697A1
Автор: Pekka Johannes Laitinen, Silke Holtmanns
Принадлежит: Nokia Oyj

A method including receiving encrypted multimedia information of a multimedia broadcast multicast service streaming session, wherein the multimedia information is encrypted using an encryption key. An indication allowing to switch the receiving of the encrypted multimedia information to a peer-to-peer streaming session is received and receiving of the encrypted multimedia information from the multimedia broadcast multicast service streaming session to the peer-to-peer streaming session is switched. Encrypted multimedia information of the peer-to-peer streaming session is received.

Подробнее
Номер записи: 7
08-03-2012 дата публикации

Organic keyed encryption

Номер: US20120057698A1
Автор: Howard J. Schantz, Rick C. Stevens
Принадлежит: Lockheed Martin Corp

An encryption technique that creates a unique encryption key or fingerprint based on unique physical and electrical characteristics of a target electronic assembly to be protected. The encryption key can be constructed by exploiting the manufacturing variances present in all electronic elements including active elements and passive elements. Active elements include, for example: oscillators/clocks, internal I/O controllers, external I/O controllers, memory, processors, and digital power converters. Passive elements include, for example: internal I/O interconnects, external I/O interconnects, memory buses, and power buses. The encryption key can also include one or more environmental condition thresholds.

Подробнее
Номер записи: 8
15-03-2012 дата публикации

Systems and methods for remotely loading encryption keys in card reader systems

Номер: US20120063601A1
Автор: Annmarie D. Hart
Принадлежит: Individual

Systems and methods for remotely loading encryption keys in card reader systems are provided. One such method includes storing, at a card reader, a device identification number for identifying the card reader, a first magnetic fingerprint of a data card, and a second magnetic fingerprint of the data card, wherein each of the first and second fingerprints includes an intrinsic magnetic characteristic of the data card, encrypting, using a first encryption key derived from the second fingerprint, information including the device identification number and first fingerprint, sending the encrypted information to an authentication server, receiving, from the authentication server, a score indicative of a degree of correlation between the first fingerprint and second fingerprint, and receiving, when the score is above a preselected threshold, a second encryption key from the authentication server, the second encryption key encrypted using a third encryption key derived from the first fingerprint.

Подробнее
Номер записи: 9
15-03-2012 дата публикации

Electronic device, key generation program, recording medium, and key generation method

Номер: US20120066515A1
Автор: Tomomi Kasuya
Принадлежит: Mitsubishi Electric Corp

An electronic device 100 executes a key-using process that uses a key. A physical quantity generation part 190 generates a physical quantity intrinsic to the electronic device and having a value which is different from one electronic device to another and different each time the physical quantity is generated. A key generation part 140 generates the same key for each key-using process, based on the physical quantity generated by the physical quantity generation part 190 , each time the key-using process is to be executed, immediately before the key-using process is started. A key-using process execution part 1010 executes the key-using process such as generation of a keyed hash value, by using the key generated by the key generation part 140 . A control program execution part 180 deletes the key generated by the key generation part 140 , each time the key-using process is ended.

Подробнее
Номер записи: 10
29-03-2012 дата публикации

Method, device, and system for deriving keys

Номер: US20120077501A1
Автор: Aiqin Zhang, Jing Chen, Xiaoyu Bi
Принадлежит: Huawei Technologies Co Ltd

Method, device, and system for deriving keys are provided in the field of mobile communications technologies. The method for deriving keys may be used, for example, in a handover process of a User Equipment (UE) from an Evolved Universal Terrestrial Radio Access Network (EUTRAN) to a Universal Terrestrial Radio Access Network (UTRAN). If a failure occurred in a first handover, the method ensures that the key derived by a source Mobility Management Entity (MME) for a second handover process of the UE is different from the key derived for the first handover process of the UE. This is done by changing input parameters used in the key derivation, so as to prevent the situation in the prior art that once the key used on one Radio Network Controller (RNC) is obtained, the keys on other RNCs can be derived accordingly, thereby enhancing the network security.

Подробнее
Номер записи: 11
29-03-2012 дата публикации

Generation of SW Encryption Key During Silicon Manufacturing Process

Номер: US20120079279A1
Автор: Maxime Leclercq
Принадлежит: Maxlinear Inc

A method of generating an encryption key during the manufacturing process of a device includes randomly generating a seed, encrypting a unique identifier disposed in the device to obtain a first encryption key, encrypting the first encryption key using a public key to obtain a second encryption key, and sending the second encryption key and the seed to a software provider. The method further includes receiving the second encryption key and the seed by the software provider and decrypting the second encryption key using a private key to recover the first encryption key. The manufacturer then encrypts a program code using the recovered first encryption key and installs the seed in a certificate that is associated with the encrypted program code.

Подробнее
Номер записи: 12
05-04-2012 дата публикации

Method of authentication and session key agreement for secure data transmission, a method for securely transmitting data, and an electronic data transmission system

Номер: US20120082312A1
Автор: Fuwen Liu, Hartmut Konig
Принадлежит: BRANDENBURGISCHE TECHNISCHE UNIVERSITAET COTTBUS

The invention relates to a method of authentication and session key agreement for secure data transmission between a first and second data communication entity in an electronic data transmission system. Furthermore, the invention relates to an electronic transmission system to perform a method of authentication and session key agreement.

Подробнее
Номер записи: 13
24-05-2012 дата публикации

Device archiving of past cluster binding information on a broadcast encryption-based network

Номер: US20120131337A1
Автор: Jeffrey B. Lotspiech, Matthew F. Rutkowski, Robert G. Deen, Thomas A. Bellwood
Принадлежит: International Business Machines Corp

Provided are techniques for the creation and storage of an archive for binding IDs corresponding to a cluster of devices that render content protected by a broadcast encryption scheme. When two or more clusters are merged, a binding ID corresponding to one of the clusters is selected and a new management key is generated. Binding IDs associated with the clusters other than the cluster associated with the selected binding ID are encrypted using the new management key and stored on a cluster-authorized device in a binding ID archive. Content stored in conformity with an outdated binding ID is retrieved by decrypting the binding ID archive with the management key, recalculating an old management key and decrypting the stored content.

Подробнее
Номер записи: 14
24-05-2012 дата публикации

Processing performance of repeated device compliance update messages

Номер: US20120131638A1
Автор: Jeffrey B. Lotspiech, Matthew F. Rutkowski, Robert G. Deen, Thomas A. Bellwood
Принадлежит: International Business Machines Corp

A message comprising an indication of a management key block and an indication of an authorization table is received at a first network device from a second network device. The indication of the management key block, the indication of the authorization table, and a response message generated based on validating the indication of the management key block and the indication of the authorization table are stored. A second message comprising a second indication of the management key block and a second indication of the authorization table is received at the first network device from the second network device. The first network device communicates with the second network device in accordance with the stored response associated with the first message on determining that the second indication management key block and the second indication of the authorization table match corresponding stored indications of the management key block and the authorization table.

Подробнее
Номер записи: 15
14-06-2012 дата публикации

Security usb storage medium generation and decryption method, and medium recorded with program for generating security usb storage medium

Номер: US20120151219A1
Автор: Daegull Ryu, Secheol Oh
Принадлежит: MW STORY CO Ltd

The present invention relates to a security USB storage medium generation and decryption method, and a medium having the record of a program for the generation of a security USB storage medium. The generation method of the present invention is for a USB host constituted by a USB connection port, an input interface, an output interface, a storage unit and a host control unit to code a USB storage medium constituted by a USB interface, a storage region and a USB control unit so as to generate a security USB storage medium, the method comprising the steps of: in the host control unit, outputting through the output interface information that requests for the input of a 1st user password to be set, when the connection of the USB interface to the USB connection port is detected; generating a random key and a disk key based on a 1st user password that is input from the input interface in response to the request for the input of the 1st user password; hashing the 1st user password and the random key after the random key and the disk key are generated, so as to generate a 1st encryption and decryption key; and generating a security volume header by dividing the storage region into a header and a body using the 1st encryption and decryption key, encrypting a 1st data and then storing the data in the header, and also generating a security volume body by encrypting a 2nd data using the disk key and then storing the data in the body. In this manner, no one is allowed to read the content stored in the USB storage medium through a disk dump for example without inputting a user password that was input during the generation of security volume, thereby increasing the security of the USB storage medium.

Подробнее
Номер записи: 16
21-06-2012 дата публикации

System and method for hardware strengthened passwords

Номер: US20120155637A1
Автор: Christopher Lyle Bender, Robert John Lambert
Принадлежит: Certicom Corp, Research in Motion Ltd

A cryptographic module and a computing device implemented method for securing data using a cryptographic module is provided. The cryptographic module may include an input component for receiving a password, an output component for outputting data to the computing device, a random number generator for generating a random number and a module processor operative to generate at least one cryptographic key using the generated random number, and to record an association between the received password linking the received password with the at least one cryptographic key in a data store accessible to the cryptographic module.

Подробнее
Номер записи: 17
05-07-2012 дата публикации

Removable devices

Номер: US20120174188A1
Автор: Ahuja Gurmukhsingh Ramesh, Senthil Kumar Chellamuthu
Принадлежит: Micron Technology Inc

Methods and removable devices are provided. Some such removable devices may include a secure partition and a public partition. The secure partition is not accessible by an operating system of a host for some embodiments. The secure partition is configured to store information so that formatting/reformatting does not alter the stored information for other embodiments.

Подробнее
Номер записи: 18
02-08-2012 дата публикации

Secure messaging with read-undeniability and deletion-verifiability

Номер: US20120198235A1
Автор: Benjamin J. Wester, Ramakrishna R. KOTLA
Принадлежит: Microsoft Corp

A cryptographically-secure component is used to provide read-undeniability and deletion-verifiability for messaging applications. When a messaging application of a sending node desires to send a message to a messaging application of a receiving node, the sending node requests an encryption key from the receiving node. The cryptographically-secure component of the receiving node generates an encryption key that is bound to a state of the receiving node. The messaging application of the sending node encrypts the message using the encryption key and sends the encrypted message to the messaging application of the receiving node. Because the encryption key used to encrypt the message is bound to the state associated with reading the message by the cryptographically-secure component, if the receiving node desires to decrypt and read the encrypted message, the receiving node may advance its state to the bound state to retrieve the decryption key.

Подробнее
Номер записи: 19
09-08-2012 дата публикации

Cryptographic security functions based on anticipated changes in dynamic minutiae

Номер: US20120201381A1
Автор: George Allen Tuvell, Paul Timothy Miller
Принадлежит: mSignia Inc

Dynamic key cryptography validates mobile device users to cloud services by uniquely identifying the user's electronic device using a very wide range of hardware, firmware, and software minutiae, user secrets, and user biometric values found in or collected by the device. Processes for uniquely identifying and validating the device include: selecting a subset of minutia from a plurality of minutia types; computing a challenge from which the user device can form a response based on the selected combination of minutia; computing a set of pre-processed responses that covers a range of all actual responses possible to be received from the device if the combination of the particular device with the device's collected actual values of minutia is valid; receiving an actual response to the challenge from the device; determining whether the actual response matches any of the pre-processed responses; and providing validation, enabling authentication, data protection, and digital signatures.

Подробнее
Номер записи: 20
16-08-2012 дата публикации

Authentication device using true random number generating element or pseudo-random number generating element, authentication apparatus, and authentication method

Номер: US20120210127A1
Автор: Masakazu Sato, Osamu Kameda
Принадлежит: Individual

Provided are an authentication device using a true random number generating element or a pseudo-random number generating element, for example, a USB token, an authentication apparatus using the same, an authentication method, an authentication system and the like. In the authentication system, the authentication device is prepared on a user side, and one code generated in the authentication device is used to encrypt another code. The authentication apparatus registers the codes and decrypts the encrypted code sent from the authentication device by using the registered codes to perform an authentication.

Подробнее
Номер записи: 21
11-10-2012 дата публикации

Methods and systems for re-securing a compromised channel in a satellite signal distribution environment

Номер: US20120257748A1
Автор: Alan Dagenais, Alexander Ishankov, Bratislav Becic, Louie Andriano, Ovidiu Octavian Popa, Tim Dinesen
Принадлежит: BCE Inc

A method implemented by a set top box that encrypts communications for a channel stacking switch (CS) using a public key of the CSS, the method comprising: obtaining a message from a head end; extracting electronic counter measure (ECM) data from the message; sending the ECM data to the CSS; receiving, in response to the sending, a new public key of the CSS; encrypting communications for the CSS using the new public key of the CSS. Also, a method for implementation by a CSS, comprising: maintaining a private key and a public key; obtaining ECM data sent by a set top box in communication with the CSS; obtaining an identifier of the CSS; formulating a new public key based on the private key, the identifier and the ECM; rendering the new public key available to the set top box.

Подробнее
Номер записи: 22
11-10-2012 дата публикации

Methods and Apparatus for Authenticating Data as Originating from a Storage and Processing Device and for Securing Software and Data Stored on the Storage and Processing Device

Номер: US20120260091A1
Автор: Alberto J. Fernandez
Принадлежит: XTec Inc

Techniques are described for using unique features of a storage medium for authentication of data as originating from the storage medium, and also for installing software and data to a storage medium in a way which inhibits unauthorized copying of the software and data to another storage medium. Cryptoprocessing keys are created using unique features of the storage medium such as location information related to storage of selected elements of a software installation on the storage medium, or alternatively defective block information relating to the storage medium. The cryptoprocessing keys are used to encrypt data for transmission to a remote server. The remote server uses the cryptoprocessing keys to decrypt the data and authenticates the data as having been encrypted with the correct keys.

Подробнее
Номер записи: 23
01-11-2012 дата публикации

Cryptographically secure authentication device, system and method

Номер: US20120275595A1
Автор: Glenn A. Emelko
Принадлежит: Aclara RF Systems Inc

An electronic device generates identifying values which are used in authenticating the electronic device. The device comprises an interface, a private key generator for generating a private key, a non-volatile memory for storing at least the private key, an index source, a hash engine, and a logical interconnection between the private key generator, the non-volatile memory, the index source, the hash engine and the interface. The hash engine generates identifying values provided to the interface via the logical interconnection. The identifying values are provided to a verifying device for use in authenticating the electronic device. Alternatively or in addition, devices may be paired to share a root key to cryptographically communicate between each other and/or to authenticate each other.

Подробнее
Номер записи: 24
01-11-2012 дата публикации

Document management system and method

Номер: US20120278631A1
Автор: Helen Balinsky, Liqun Chen, Steven J. Simske
Принадлежит: Hewlett Packard Development Co LP

A document management system and method are disclosed herein. An example of the document management system includes a composite document generation module that generates a composite document and a secret seed that is associated with an owner or initiator of the composite document, and a key derivation module that derives, from the secret seed and using a key derivation function, at least one of a key for encryption, a key for decryption, a key for signature, or a key for verification for a participant of a workflow associated with the composite document.

Подробнее
Номер записи: 25
08-11-2012 дата публикации

Method and System for Enhancing Crytographic Capabilities of a Wireless Device Using Broadcasted Random Noise

Номер: US20120281831A1
Автор: Alain C. Briancon, Alexander Reznik, Chunxuan Ye, Inhyok Cha, Robert A. DiFazio, Yevgeniy Dodis, Yogendra C. Shah
Принадлежит: Individual

A secret stream of bits begins by receiving a public random stream contained in a wireless communication signal at a transmit/receive unit. The public random stream is sampled and specific bits are extracted according to a shared common secret. These extracted bits are used to create a longer secret stream. The shared common secret may be generated using JRNSO techniques, or provided to the transmit/receive units prior to the communication session. Alternatively, one of the transmit/receive unit is assumed to be more powerful than any potential eavesdropper. In this situation, the powerful transmit/receive unit may broadcast and store a public random stream. The weaker transmit/receive unit selects select random bits of the broadcast for creating a key. The weaker transmit/receive unit sends the powerful transmit/receive unit the selected bit numbers, and powerful transmit/receive unit uses the random numbers to produce the key created by the weaker transmit/receive unit.

Подробнее
Номер записи: 26
08-11-2012 дата публикации

Method for facilitating access to a first access nework of a wireless communication system, wireless communication device, and wireless communication system

Номер: US20120284785A1
Автор: Apostolis K. Salkintzis, Kenneth A. Stewart
Принадлежит: MOTOROLA MOBILITY LLC

A method for facilitating access to a first access network ( 110 ) of a wireless communication system ( 100 ) comprises authenticating ( 300 ) a wireless communication device ( 102 ) with a second access network ( 104 ) and generating temporary access credentials using access information provided by the second access network ( 104 ). The wireless communication device ( 102 ) then transforms ( 302 ) the temporary access credentials and an identifier of the first access network ( 110 ) to provide first transformed access credentials which are transmitted ( 304 ) for performing authentication with the first access network ( 110 ). The identifier of the first access network ( 110 ) is provided to the second access network ( 104 ) which generates ( 308 ) second transformed access credentials using the identifier of the first access network ( 110 ) and the temporary access credentials. Authentication is performed ( 310 ) with the first access network ( 110 ), which includes comparing the first transformed access credentials with the second transformed access credentials and allowing access to the first access network ( 110 ) when the first transformed access credentials and the second transformed access credentials are substantially the same. A wireless communication device, and a wireless communication system are also disclosed and claimed.

Подробнее
Номер записи: 27
22-11-2012 дата публикации

Bit sequence generation apparatus and bit sequence generation method

Номер: US20120293354A1
Автор: Daisuke Suzuki
Принадлежит: Mitsubishi Electric Corp

A bit sequence generation apparatus includes a glitch generating circuit that generates a glitch, a sampling circuit that samples the glitch waveform generated by the glitch generating circuit, and a glitch shape determination circuit that generates 1-bit data indicating either 1 or 0, based on the glitch waveform sampled by the sampling circuit, and generates a bit sequence composed of a plurality of generated 1-bit data. The bit sequence generation apparatus can provide a PUF circuit that is able to generate highly randomized secret information even in a device with a low degree of freedom of alignment and wiring and that does not violate the design rules.

Подробнее
Номер записи: 28
29-11-2012 дата публикации

System and methods for permitting open access to data objects and for securing data within the data objects

Номер: US20120300928A1
Автор: Mike W. Berry, Scott Moskowitz
Принадлежит: Blue Spike Inc

A system and methods for permitting open access to data objects and for securing data within the data objects is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. The method includes the steps of ( 1 ) providing a data object comprising digital data and file format information; ( 2 ) embedding independent data into a data object; and ( 3 ) scrambling the data object to degrade the data object to a predetermined signal quality level. The steps of embedding and scrambling may be performed until a predetermined condition is met. The method may also include the steps of descrambling the data object to upgrade the data object to a predetermined signal quality level, and decoding the embedded independent data.

Подробнее
Номер записи: 29
29-11-2012 дата публикации

Method and apparatus for encrypting and processing data in flash translation layer

Номер: US20120303880A1
Автор: Chang-Woo MIN, Jin-Ha Jun
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A method and apparatus for preventing a user from interpreting optional stored data information even when the user extracts the optional stored data, by managing data associated with a flash memory in a flash translation layer, the method comprising searching at least one page of the flash memory when writing data to the flash memory, determining whether authority information corresponding to respective searched pages includes an encryption storage function, generating, corresponding to respective searched pages, a page key according to an encrypting function when the authority information includes the encryption storage function encrypting the data using the generated page key and storing the encrypted data in the respective searched pages, and storing the data in the respective searched pages without encryption when the authority information does not include the encryption storage function.

Подробнее
Номер записи: 30
06-12-2012 дата публикации

Method for protecting application and method for executing application using the same

Номер: US20120311720A1
Автор: Dong-Sung Kim, Jae-won Choi, Jong-Shin Kim, Min-Cheol Lee, Nam-geol Lee
Принадлежит: SAMSUNG ELECTRONICS CO LTD

An application protection method and an application execution method using the same are provided. The application protection method generates a key needed to execute the application which is provided to a user terminal using information on the user terminal, information on the application, and a part of text; and transmits the generated key to the user terminal. Therefore, the application is executed on the device which has a legal right for the application, thereby preventing the illegal use of the application.

Подробнее
Номер записи: 31
27-12-2012 дата публикации

Apparatus and method for skein hashing

Номер: US20120328097A1
Автор: Farhana Sheikh, Jesse Walker, Ram Krishnamurthy, Sanu K. Mathew
Принадлежит: Intel Corp

Described herein are an apparatus and method for Skein hashing. The apparatus comprises a block cipher operable to receive an input data and to generate a hashed output data by applying Unique Block Iteration (UBI) modes, the block cipher comprising at least two mix and permute logic units which are pipelined by registers; and a counter, coupled to the block cipher, to determine a sequence of the UBI modes and to cause the block cipher to process at least two input data simultaneously for generating the hashed output data.

Подробнее
Номер записи: 32
27-12-2012 дата публикации

System and method for generating session keys

Номер: US20120328098A1
Автор: Abishek Chandrashekar, Prashant Venkatesh Kanakpura
Принадлежит: Infosys Ltd

The present disclosure describes systems and methods of generating a cryptographic session key based on a known master key shared between a sender communicator and a receiver communicator in a communication network. In one example, a method includes receiving a request from the receiver communicator, by the sender communicator, to establish a communication session between the sender and the receiver communicator. The method further includes generating an open random number signal at the sender communicator and combining the generated open random number signal with the known master key to generate the cryptographic session key.

Подробнее
Номер записи: 33
10-01-2013 дата публикации

Secure Credential Unlock Using Trusted Execution Environments

Номер: US20130013928A1
Автор: Himanshu Soni, Kirk Shoop, Magnus Nyström, Marc R. Barbour, Nick Voicu, Robert K. Spiger, Stefan Thom, Xintong Zhou
Принадлежит: Microsoft Corp

Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges. Upon receiving a valid response back, the computing device can unlock the secured computing device cryptographic key associated with the issued challenge and subsequently provide access to protected data.

Подробнее
Номер записи: 34
24-01-2013 дата публикации

Systems and methods for secure communication using a communication encryption bios based upon a message specific identifier

Номер: US20130024686A1
Автор: Steven J. Drucker
Принадлежит: Drucker Steven J

An apparatus and methods of securely communicating a message between a first device and a second device using a message specific identifier is disclosed. The method begins by receiving an encryption key request from a sending device, where the encryption key request is based upon the message specific identifier, which is associated with a plurality of attributes associated with the message and the sending device. In more detail, the message specific identifier may be an information-based indicator that is unique with respect to the message and the sending device. The method parses the encryption key request and the message specific identifier to provide an intermediate argument used to enter a current random character set that is periodically generated and stored into memory. The intermediate argument helps identify which type of encryption method is desired for use in encryption key generation. An encryption key is constructed using the intermediate argument as an entry point to the current random character set. A data structure is stored associated with the message specific identifier, a random character set identifier for the current random character set, and an identifier of the encryption method used before the key is transmitted back to the device.

Подробнее
Номер записи: 35
21-02-2013 дата публикации

Genomics-based keyed hash message authentication code protocol

Номер: US20130044876A1
Автор: Harry C. Shaw, Sayed I. Hussein
Принадлежит: National Aeronautics and Space Administration NASA

Apparatuses, systems, computer programs and methods for implementing a genomics-based security solution are discussed herein. The genomics-based security solution may include reading and parsing a plaintext message comprising a string of words and assigning a lexicographic value to each word in the string to code each word in a rational number. The solution may also include assigning a letter code to each letter. The letter code for each letter may correspond with a function in molecular biology.

Подробнее
Номер записи: 36
21-02-2013 дата публикации

Using A Single Certificate Request to Generate Credentials with Multiple ECQV Certificates

Номер: US20130046972A1
Автор: James Robert Alfred, Matthew John Campagna, Robert John Lambert
Принадлежит: Individual

A method and apparatus are disclosed for using a single credential request (e.g., registered public key or ECQV certificate) to obtain a plurality of credentials in a secure digital communication system having a plurality of trusted certificate authority CA entities and one or more subscriber entities A. In this way, entity A can be provisioned onto multiple PKI networks by leveraging a single registered public key or implicit certificate as a credential request to one or more CA entities to obtain additional credentials, where each additional credential can be used to derive additional public key-private key pairs for the entity A.

Подробнее
Номер записи: 37
07-03-2013 дата публикации

Systems and methods for protecting alternative streams in adaptive bitrate streaming systems

Номер: US20130061040A1
Автор: Eric William Grab, Jason Braness, Michael George Kiefer
Принадлежит: Divx LLC

Systems and methods for performing adaptive bitrate streaming using alternative streams of protected content in accordance with embodiments of the invention are described. One embodiment includes a processor, and non-volatile storage containing an encoding application. In addition, the encoding application configures the processor to: receive source content; obtain common cryptographic information; encode the source content as a plurality of streams including a plurality of alternative streams of content; and protect the plurality of alternative streams of content using the common cryptographic information.

Подробнее
Номер записи: 38
14-03-2013 дата публикации

Method and apparatus for key sharing over remote desktop protocol

Номер: US20130067229A1
Автор: Eric T. Marshall, Richard W. German, Tony E. Thompson
Принадлежит: Stoneware Inc

Various methods for the secure exchange of private keys for authenticating a user to an RDP service are provided. One example method may comprise receiving a request comprising a session token to provide a user with access to an RDP service, and retrieving a username and password associated with the user using the session token. The method may further comprise assigning a time period of validity to the password. Furthermore, the method may comprise generating a first secret key based on user information, generating a second secret key based on the first secret key and a salt, and encrypting a packet comprising the password and the time period using the second secret key. Additionally, the method may comprise transmitting the username and encrypted packet to the device for authenticating the user with the requested RDP service. Similar and related example methods, apparatuses, systems, and computer program products are also provided.

Подробнее
Номер записи: 39
28-03-2013 дата публикации

METHOD AND APPARATUS FOR ESTABLISHING A KEY AGREEMENT PROTOCOL

Номер: US20130077783A1
Автор: ANSHEL IRIS, ANSHEL MICHAEL, Goldfeld Dorian
Принадлежит: SECURERF CORPORATION

A system and method for generating a secret key to facilitate secure communications between users. A first and second and a function between the two monoids are selected, the function being a monoid homomorphism. A group and a group action of the group on the first monoid is selected. Each user is assigned a submonoid of the first monoid so that these submonoids satisfy a special symmetry property determined by the function, a structure of the first and second monoids, and the action of the group. A multiplication of an element in the second monoid and an element in the first monoid is obtained by combining the group action and the monoid homomorphism. First and second users choose private keys which are sequences of elements in their respective submonoids. A first result is obtained by multiplying an identity element by the first element of the sequence in a respective submonoid. Starting with the first result, each element of the user's private key may be iteratively multiplied by the previous result to produce a public key. Public keys are exchanged between first and second users. Each user's private key may be iteratively multiplied by the other user's public key to produce a secret key. Secure communication may then occur between the first and second user using the secret key. 1. A method for securing communications from a user , the method comprising:selecting a first monoid;selecting a second monoid;selecting a function, the function being a monoid homomorphism that maps the first monoid to the second monoid;selecting a group;selecting an action of the group on the first monoid;determining a semi-direct product of the first monoid and the group to produce a third monoid;selecting a first and second submonoid of the third monoid, a pair of the first and second submonoids satisfying a criterion, the first submonoid being defined by a first set of generators, wherein the criterion satisfies a property determined by the function, a structure of the first and ...

Подробнее
Номер записи: 40
28-03-2013 дата публикации

MACHINE, MACHINE MANAGEMENT APPARATUS, SYSTEM, AND METHOD, AND RECORDING MEDIUM

Номер: US20130077784A1
Автор: Senda Shigeya
Принадлежит:

A machine management method includes installing software in a machine including a security device that holds a secret key unextractable from the security device and a public key extractable from the security device, encrypts input data with the public key, and decrypts the input data with the secret key; storing machine identification information of the machine in association with software identification information of the software installed in the machine in an external management apparatus; creating a device-encryption key to encrypt data stored on a first storage device of the machine; storing a device-encryption-key BLOB obtained by encrypting the device-encryption key with the public key on a second storage device of the machine; and storing the device-encryption key in association with the machine identification information in the external management apparatus. 1. (canceled)2. A machine management method , comprising:installing software in a machine;storing, in a management apparatus, first software identification information of the software installed in the machine;comparing second software identification information of the software installed in the machine with the first software identification information stored in the management apparatus;determining whether unauthorized modification has been performed on the software based on results of the comparing.3. The method according to claim 2 , wherein the storing step further comprises storing claim 2 , in the management apparatus claim 2 , machine identification information of the machine in association with the first software identification information of the software installed in the machine.4. The method according to claim 3 , wherein the comparing step further comprises:transmitting, by the machine to the management apparatus, a request for searching for the machine identification information;searching, by the management apparatus, for the machine identification information stored in the management ...

Подробнее
Номер записи: 41
04-04-2013 дата публикации

Cryptanalysis Method and System

Номер: US20130083918A1
Автор: Elad Barkan, Eli Biham
Принадлежит: Individual

A cryptanalysis method comprising: (A) Performing a ciphertext-only direct cryptanalysis of A5/1 and (B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R 4, and for each such value solving the linearized system of equations that describe the output; The solution of the equations gives the internal state of RI, R 2, and R 3; Together with R 4, this gives the full internal state which gives a suggestion for the key.

Подробнее
Номер записи: 42
04-04-2013 дата публикации

Updating data stored in a dispersed storage network

Номер: US20130086447A1
Автор: Jason K. Resch, Wesley Leggette
Принадлежит: Cleversafe Inc

A method begins by a dispersed storage (DS) processing module receiving a modified data object, wherein the modified data object is a modified version of a data object and the data object is divided into a plurality of data segments and stored in the DSN. The method continues with the DS processing module mapping portions of the modified data object to the plurality of data segments that includes creating a middle data segment of a second plurality of data segments based on a corresponding middle data segment of the plurality of data segments when the a portion of the portions corresponds to middle data of the modified data object. The method continues with the DS processing module encoding the middle data segment using a dispersed storage error coding function to produce an encoded data segment and overwriting the corresponding middle data segment with the encoded data segment in the DSN.

Подробнее
Номер записи: 43
11-04-2013 дата публикации

SECURE DATA TRANSFER ON A HANDHELD COMMUNICATIONS DEVICE

Номер: US20130089200A1
Автор: Drader Marc, PURDY Michael, ROBINSON JAMES
Принадлежит: RESEARCH IN MOTION LIMITED

A handheld communications device for transmitting an encryption key is provided. The device comprises a display device, and a data processor. The data processor of the handheld communications device is in communication with the display device. The data processor is configured to generate an encryption key, and to vary a visual output of the display device over time in accordance with a bit sequence of the encryption key. The varying visual output comprises a sequence of colours and/or brightness levels output by the display device. 1. A handheld communications device comprising:a display device; and generate an encryption key, the encryption key comprising a bit sequence; and', a sequence of colours rendered on the display device or', 'a sequence of brightness levels output by the display device., 'vary a visual output of the display device over a period of time in accordance with the bit sequence to transmit the encryption key from the handheld communications device by varying at least one of'}], 'a data processor in communication with the display device, the data processor being configured to2. The communications device as claimed in claim 1 , wherein:the display device comprises a display light; andthe data processor is configured to vary the sequence of brightness levels output by the display light to transmit the encryption key.3. The communications device as claimed in claim 2 , wherein:the display device is configured to render a plurality of colours thereon; andthe data processor is configured to vary the sequence of the colours and the sequence of brightness levels to transmit the encryption key.4. The communications device as claimed in claim 1 , wherein:the display device is configured to render a plurality of colours thereon; andthe data processor is configured to vary the plurality of colours to transmit the encryption key.5. The communications device as claimed in claim 4 , wherein the handheld communications device is configured to provide the ...

Подробнее
Номер записи: 44
25-04-2013 дата публикации

METHOD FOR SECURE DATA EXCHANGE BETWEEN TWO DEVICES

Номер: US20130101120A1
Автор: Brique Olivier, Nicolas Christophe, Sasselli Marco
Принадлежит:

This invention concerns a safe data exchange method between two devices locally connected to one another. In a preferred embodiment, the first device is a security module containing a first encrypting key, said private key of a pair of asymmetric encrypting keys. The second device is a receiver comprising at least one second encrypting key, said public key of said pair of asymmetric encrypting keys. Furthermore each of the devices comprises a symmetrical key. The first device generates a first random number, which is encrypted by said private key, then transmitted to the second device, in which it is decrypted by means of the public key. The second device generates a second random number, which is encrypted by said public key, then transmitted to the first device, in which it is decrypted by means of the private key. A session key, used for safe data exchange, is generated by a combination of the symmetric key and the random numbers generated and received by each of the devices. 1. Data exchange method between two devices locally connected to one another , a first device of the two devices being a security module and a second device of the two devices being a receiver , the first device comprising at least one first encrypting key of a pair of asymmetric keys and the second device comprising at least the second encrypting key of said pair of asymmetric keys , this method comprising:generating, at least one first random number in the first device,generating, at least one second random number in the second device,encrypting said first random number by said first encrypting key, the first encrypting key initialized in the first device during an initialization phase of the first device in a first protected environment,encrypting said second random number by said second encrypting key, the second encrypting key initialized in the second device during an initialization phase of the second device in a second protected environment,transmitting said first encrypted random ...

Подробнее
Номер записи: 45
09-05-2013 дата публикации

SYSTEM AND METHOD FOR PROVIDING AN INDICATION OF RANDOMNESS QUALITY OF RANDOM NUMBER DATA GENERATED BY A RANDOM DATA SERVICE

Номер: US20130114808A1
Автор: Adams Neil Patrick, Kirkup Michael Grant, LITTLE Herbert Anthony, Rybak Michal Andrzej, TAPUSKA David Francis
Принадлежит: RESEARCH IN MOTION LIMITED

A system and method for providing an indication of randomness quality of random number data generated by a random data service. The random data service may provide random number data to one or more applications adapted to generate key pairs used in code signing applications, for example. In one aspect, the method comprises the steps of: retrieving random number data from the random data service; applying one or more randomness tests to the retrieved random number data to compute at least one indicator of the randomness quality of the random number data; associating the at least one indicator with at least one state represented by a color; and displaying the color associated with the at least one indicator to a user. The color may be displayed in a traffic light icon, for example. 1. An apparatus for generating encryption key pairs from random number data , the apparatus comprising a processor configured to:receive random number data;apply one or more randomness tests to the random number data to compute at least one test result;associate the at least one test result with at least one of a plurality of states indicative of the randomness quality of the random number data to determine an indication of randomness quality of the random number data for display;display said indication of the randomness quality of the random number data in a user interface; provide, in the user interface, an option to create an encryption key pair, await a selection of the option to create the encryption key pair, and', 'receive an instruction to create the encryption key pair, in response to a display of said indication of the randomness quality of the random number data in the user interface and the selection of the option to create the encryption key pair; and, 'if said indication is one of a predefined set of one or more indications,'} 'not provide, in the user interface, the option to create the encryption key pair.', 'if said indication is not one of the predefined set of one or more ...

Подробнее
Номер записи: 46
09-05-2013 дата публикации

UNIQUE SURROGATE KEY GENERATION USING CRYPTOGRAPHIC HASHING

Номер: US20130114809A1
Автор: Tepper Clinton S.
Принадлежит: INTERNATIONAL BUSINESS MACHINES CORPORATION

The present invention relates to a method or system of generating a surrogate key using cryptographic hashing. One embodiment of the method of the present invention may have steps such as selecting a field or group of fields that is or are unique among all records in the database and for each record, extracting the data from the fields; concatenating the extracted data into an input message; running the input message through a hash generator, either in batches or one at a time, for testing purposes perhaps; and outputting a surrogate key. 1. A method for generating a surrogate key using cryptographic hashing in a system having a database having records , the records having fields having data therein , the method comprising:selecting a field that is unique among all records in the database and for each record, extracting the data from the fields;concatenating the extracted data into an input message; dividing the input message into a set of chunks;', 'dividing each chunk into a first set of words;', 'generating a second set of words based on the first set of words;', 'generating a third set of words based on the second set of words; and', 'generating final results for each message based on the third set of words; and, 'inputting the input message to a hash generator to perform the following stepsoutputting a surrogate key based on the final results.2. The method of claim 1 , wherein generating final results for each message comprises claim 1 , for each of the third set of words claim 1 , adding the first 32 bits of the fractional parts of the cube roots of the first 64 prime numbers.3. The method of claim 1 , wherein dividing the input message comprises dividing the input message into a predefined number of 512 bit chunks and dividing each bit chunk comprising dividing each chunk into a predefined number of 32 bit words.4. The method of claim 1 , wherein generating a second set of words comprises rotating and shifting the first set of words and generating additional ...

Подробнее
Номер записи: 47
09-05-2013 дата публикации

SECRET SHARING SYSTEM, SHARING APPARATUS, SHARE MANAGEMENT APPARATUS, ACQUISITION APPARATUS, SECRET SHARING METHOD, PROGRAM AND RECORDING MEDIUM

Номер: US20130114815A1
Автор: Nishimaki Ryo, Suzuki Koutarou
Принадлежит: Nippon Telegraph and Telephone Corporation

A sharing apparatus independently shares a value corresponding to each element θ(ψ, i, β)·gof basis vectors b*(θ) among each subset SUB(α) consisting of H(α) share management apparatuses PA(α, 1), . . . , PA(α, H(α)) to generate share information SH(ψ, i, β, α, h(α)) corresponding to each element θ(ψ, i, β)·g. The share management apparatus PA(α, h(α)) generates a share secret value DSH(ψ, α, h(α)) by performing a common calculation common in the subset SUB(α) on common information shared in the subset SUB(α) and the share information SH(ψ, i, β, α, h(α)). An acquisition apparatus generates reconstructed secret values SUBSK(ψ, α) for each subset SUB(α) by performing a reconstruction processing for the subset SUB(α) and generates generation information D*(ψ) from the reconstructed secret values SUBSK(ψ, α). 1. A secret sharing system , comprising:a sharing apparatus;{'sub': 'α=1', 'sup': 'L', 'Σh(α) share management apparatuses PA(α, h(α)), where α=1, . . . , L, L≧2, h(α)=1, . . . , H(α), H(α)≧2; and'}an acquisition apparatus,wherein the sharing apparatus includes:{'sub': 2', 'i', '2', '2', '2', 'i', '2', '2', '2', 'i', '2, 'sup': 'n(ψ)+ζ(ψ)', 'a secret sharing unit that independently shares a value corresponding to each element θ(ψ, i, β)·gof basis vectors b*(ψ) among each subset SUB(α) consisting of H(α) share management apparatuses PA(α, 1), . . . , PA(α, H(α)) according to a predetermined secret sharing scheme to generate share information SH(ψ, i, β, α, h(α)) corresponding to each element θ(ψ, i, β)·g, where h(α)=1, . . . , H(α), provided that Ψ denotes an integer equal to or greater than 1, ψ denotes an integer equal to or greater than 0 and equal to or smaller than Ψ, ψ=0, . . . , Ψ, n(ψ) denotes an integer equal to or greater than 1, ζ(ψ) denotes an integer equal to or greater than 0, a generator of a cyclic group Gis denoted by g, and the basis vectors b*(ψ)=(θ(ψ, i, 1)·g, . . . , θ(ψ, i, n(ψ)+ζ(ψ))·g)εGare n(ψ)+ζ(ψ)-dimensional basis vectors for θ(ψ, i, β), ...

Подробнее
Номер записи: 48
16-05-2013 дата публикации

Systems and methods for secure communication using a communication encryption bios based upon a message specific identifier

Номер: US20130124863A1
Автор: Steven J. Drucker
Принадлежит: Steven J. Drucker

An apparatus and methods of securely communicating a message between a first device and a second device using a message specific identifier is disclosed. The method begins by assembling the message specific identifier from one or more attributes associated with the message and the first device. An encryption key request is transmitted to a server, wherein the encryption key request is based upon the message specific identifier. An encryption key is received from the server, wherein the encryption key is based on the message specific identifier and a random character set. The message is encrypted using the received encryption key and the encrypted message is sent to the second device.

Подробнее
Номер записи: 49
23-05-2013 дата публикации

METHOD AND SYSTEM FOR GENERATING UNPREDICTABLE PSEUDO-RANDOM NUMBERS

Номер: US20130129088A1
Автор: Álvarez Marañón Gonzalo, Degano Gerardo Pastor, Encinas Luis Hernandez, Garcia Miguel Emilio Romera, Lopez Amalia Beatriz Orue, Marmol Veronica Fernandez, Vitini Fausto Montoya
Принадлежит: TELEFONICA, S.A

The invention relates to a system for generating unpredictable pseudorandom numbers in a chaotic manner, comprising discrete chaotic map processing means and an XOR gate for generating unpredictable pseudorandom numbers. The method is based on introducing a high degree of entropy in the system by cyclically shifting chaotic maps to the right. 2. A system for generating unpredictable pseudorandom numbers in a chaotic manner , characterized in that for predetermined implementation values comprising at least one word size “S” and a number of discrete chaotic maps “k” , it comprises at least:a chaotic-based unpredictable pseudorandom number generator;a parallel load module;an output register storing the generated sequence comprised by concatenating the generated numbers; and,{'sub': 1', 'k, 'an input register storing “k” initialization values yto y, said initialization values being referred to as “seed”.'} As expressed in the title of this specification, the present invention relates to a method and to a system for generating sequences of unpredictable pseudorandom numbers in a chaotic manner. The main field of application is cryptography, which affords it a number of applications associated with all aspects relating to information security. For that purpose, the present invention comprises a system for generating sequences of unpredictable pseudorandom numbers based on a combination of discrete chaotic maps the association of which results in a powerful system for generating said numbers. Said generator is basically made up of a discrete chaotic map processor and an XOR gate performing the bit-by-bit modulo 2 addition of the result of processing discrete chaotic maps to obtain the pseudorandom numbers.Cryptography is the science dedicated to studying all the aspects associated with information security, such as confidentiality, data integrity, entity authentication and source data authentication. There are a number of solutions in the state of the art implementing ...

Подробнее
Номер записи: 50
23-05-2013 дата публикации

PROTECTION METHOD, DECRYPTION METHOD, RECORDING MEDIUM AND TERMINAL FOR SAID PROTECTION METHOD

Номер: US20130132725A1
Автор: Chieze Quentin, Lafranchi Stephane, Pochon Nicolas
Принадлежит: VIACCESS

Protecting data transmission, either multimedia or a control word, between a security processor and a terminal includes, at the security processor, building a current session key by root key diversification as a function of a parameter transmitted by the terminal, decrypting the data, encrypting it with the session key, and transmitting it, and at the terminal, decrypting it using a secret code to obtain plain data, recording, in advance, secret codes, each enabling decryption of only data encrypted by a corresponding session key obtained by root-key diversification with a parameter, which can be the transmitted parameter, receiving the parameter in a message that also contains the data to be decrypted by the security processor, and in response, selecting, from the secret codes, a code for decrypting the data encrypted with the session key, as a function of the parameter or another parameter in the message. 111-. (canceled)12. A method for protecting transmission of one of multimedia content and a control word between a security processor and a terminal , said method comprising , at said security processor , building a current session key by diversification of a root key as a function of a particular parameter transmitted by said terminal , at said security processor , decrypting said one of multimedia content and a control word , encrypting said decrypted one of multimedia content and a control word with said session key , and transmitting said encrypted one of multimedia content and a control word , which is encrypted with said session key , to said terminal , and at said terminal , decrypting said one of multimedia content and a control word using a secret code to obtain a plain one of multimedia content and a control word , wherein said method further comprises , at said terminal , recording , in advance , a plurality of secret codes , each of which enables decryption of only data that has been encrypted by a corresponding session key that is obtained by ...

Подробнее
Номер записи: 51
30-05-2013 дата публикации

SYSTEM AND METHOD FOR PROVIDING SECURITY IN MOBILE WiMAX NETWORK SYSTEM

Номер: US20130136262A1
Автор: Tae-Shik Shon
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A method for providing security between a radio access station and an access control router in a mobile microwave access network includes: receiving, by the radio access station and the access control router, the same certificate from a licensed certification authority; generating, by the access control router, an access service network traffic encryption key (asn_TEK); encrypting, by the access control router, a message to be transmitted with the generated asn_TEK and transmitting the encrypted message to the radio access station; verifying, by the radio access station, the certificate of the licensed certification authority appended to the message received from the access control router to check the asn_TEK, and decrypting the message received from the access control router to obtain an actual message; encrypting, by the radio access station, the actual message with the checked asn_TEK and transmitting the encrypted message to the access control router.

Подробнее
Номер записи: 52
30-05-2013 дата публикации

Control method, program and system for link access

Номер: US20130138965A1
Автор: Hiroaki Nakamura, Hisashi Miyashita, Kohichi Kamijoh
Принадлежит: International Business Machines Corp

A plurality of users is assumed in which user A is the owner of content providing the source of a link, user B is the owner of the content providing the destination of the link, and user C is a viewer. Each user has a private key and a public key, and the public keys are shared by the users. User B selects user C in advance as a viewer. User B creates data including a value in which an encryption key with a proxy signature generated on the basis of the public key of user C and its own private key is encrypted using the public key of user A, and distributes the data to user A, which is the owner of the content providing the source of the link. User A decrypts the received data including the value using its own private key. This makes a function available based on encryption with the proxy signature. User A converts the link information using this function, signs the information using its own private key, and sends it to user C. User C verifies the signature by checking the received information using the public key of user A and the public key of user B, extracts the link information generated by user A using the function, decrypts it using its own private key, and obtains the link information.

Подробнее
Номер записи: 53
13-06-2013 дата публикации

MULTI-USER SEARCHABLE ENCRYPTION SYSTEM AND METHOD WITH INDEX VALIDATION AND TRACING

Номер: US20130148803A1
Автор: CHANG Ku Young, HONG Do Won, JHO Nam-Su
Принадлежит: Electronics and Telecommunications Research Institute

A multi-user searchable encryption system includes a key generation center to issue a private secret key to a user and trace information regarding a user who has generated an index, and a user terminal device to generate an index for searching for a database using the private secret key. The multi-user searchable encryption system includes a database (DB) server that verifies the index generated by the user terminal device and searches for corresponding data to the verified index. 1. A multi-user searchable encryption system , the system comprising:a key generation center configured to issue a private secret key to a user and trace information regarding a user who has generated an index;a user terminal device configured to generate an index for searching for a database by using the private secret key; anda database (DB) server configured to verify the index generated by the user terminal device, and search for corresponding data for the trap door, and provide the same.2. The system of claim 1 , wherein the user terminal device comprises the private secret key which is secret information to encrypt data and generate the index.3. The system of claim 1 , wherein claim 1 , in searching by using the index claim 1 , the user terminal device generates a trap door from a keyword desired to be searched by using the private secret key claim 1 , and requests for searching by using the trap door.4. The system of claim 1 , wherein when there is a problem with the index generated by the user terminal device claim 1 , the key generation center checks identifier of the user terminal device by using a secret key thereof to trace a user who has generated the index.5. The system of claim 1 , wherein when the user provides encrypted data claim 1 , the DB server verifies validity of the generated index by using a public key provided from the key generation center claim 1 , before storing the data in the DB.6. The system of claim 1 , wherein the key generation center issues a system ...

Подробнее
Номер записи: 54
20-06-2013 дата публикации

Cryptographic Key Generation

Номер: US20130156182A1
Автор: Näslund Mats, Norrman Karl
Принадлежит:

A technique for generating a cryptographic key is provided. The technique is particularly useful for protecting the communication between two entities cooperatively running a distributed security operation. The technique comprises providing at least two parameters, the first parameter comprising or deriving from some cryptographic keys which have been computed by the first entity by running the security operation; and the second parameter comprising or deriving from a token, where the token comprises an exclusive OR of a sequence number (SQN) and an Anonymity Key (AK). A key derivation function is applied to the provided parameters to generate the desired cryptographic key. 1. A method of generating a cryptographic key for protecting communication between a first entity and a second entity , the method carried out by a cryptographic key generation device comprised in the first entity as part of an Authentication and Key Agreement (AKA) procedure initiated by the second entity and comprising:providing at least two parameters, wherein a first parameter comprises or is derived from a set of cryptographic keys computed by the first entity by running the AKA procedure, and wherein a second parameter comprises or is derived from a token, the token comprising an exclusive OR of a sequence number (SQN) and an Anonymity Key (AK); andapplying a key derivation function to generate a cryptographic key based on the provided parameters.2. The method of claim 1 , wherein the SQN indicates the number of times the AKA procedure has been initiated by the second entity for the first entity.3. The method of claim 1 , wherein the token is a concatenation of the exclusive OR of the SQN and the Anonymity Key (AK) claim 1 , an Authentication and Key Management Field (AMF) claim 1 , and a Message Authentication Code (MAC).4. The method of claim 1 , wherein the set of cryptographic keys comprised in the first parameter or from which the first parameter is derived comprises or is derived from ...

Подробнее
Номер записи: 55
20-06-2013 дата публикации

ENCRYPTION KEY GENERATING APPARATUS AND COMPUTER PROGRAM PRODUCT

Номер: US20130156183A1
Автор: Komano Yuichi, Ohta Kazuo, Sakiyama Kazuo
Принадлежит:

According to an embodiment, an encryption key generating apparatus includes a converting unit to convert input data using a physically unclonable function and outputs output data; a memory to store a plurality of pattern data, each of which is a partial data in the output data indicated by one of a plurality of index data; a generating unit to generates an encryption key on the basis of the plural of index data; and a comparing unit to compare the output data with the plural of pattern data to detect plural of locations in the output data at which partial data similar to the plural of pattern data is present. The generating unit reproduces, as the plural of index data, the plural of locations detected by the comparing unit and reproduces the encryption key on the basis of the plural of index data that have been reproduced. 1. An encryption key generating apparatus comprising:a converting unit configured to convert input data with the use of a physically unclonable function and outputs output data;a memory to store a plurality of pattern data each of which is a partial data in the output data indicated by one of a plurality of index data;a generating unit configured to generates an encryption key on the basis of the plurality of index data; anda comparing unit configured to compare the output data with the plurality of pattern data so as to detect a plurality of locations in the output data at which partial data similar to the plurality of pattern data is present, whereinthe generating unit reproduces, as the plurality of index data, the plurality of locations detected by the comparing unit and reproduces the encryption key on the basis of the plurality of index data that have been reproduced.2. The apparatus according to claim 1 , further comprising a mask processing unit configured to perform mask processing with respect to the plurality of pattern data claim 1 , whereinthe memory unit stores the plurality of pattern data that have been subjected to mask processing ...

Подробнее
Номер записи: 56
20-06-2013 дата публикации

SECURE EMAIL COMMUNICATION SYSTEM

Номер: US20130156184A1
Автор: Cutrer Jonathan, Selgas Thomas Drennan
Принадлежит: MYMAIL TECHNOLOGY, LLC

The present invention provides a method and system for securing a digital data stream. A first key of a first asymmetric key pair from a key store remote from a host node is received at the host node. A dynamically generated key is received at the host node, which is used to encipher the digital data stream. The dynamically generated key is enciphered with the first key of the first asymmetric key pair. The enciphered digital data stream and the enciphered dynamically generated key are stored remotely from the host node and the key store. 1. A method of securing a digital data stream , the method comprising:receiving, at a first location, a first key of a first asymmetric key pair from a remote key store;receiving a dynamically generated key;enciphering the digital data stream with the dynamically generated key;enciphering the dynamically generated key with the first key of the first asymmetric key pair; andstoring the enciphered digital data stream and the enciphered dynamically generated key.2. The method of claim 1 , further comprising deciphering the first key of the first asymmetric key pair with a first key of a second asymmetric key pair.3. The method of claim 1 , further comprising:sampling a random number source; andgenerating the dynamically generated encipher key based on the sampling.4. The method of claim 1 , wherein enciphering the digital data stream comprises enciphering the digital data stream with a symmetric encipher algorithm.5. The method of claim 1 , further comprising deleting one or more copies of the dynamically generated key at the first location.6. The method of claim 1 , wherein the storing comprises associating claim 1 , using a database claim 1 , the enciphered digital data stream with the enciphered dynamically generated key.7. The method of claim 1 , further comprising compressing the digital data stream.8. The method of claim 1 , further comprising:receiving the digital data stream; andcorrelating the digital data stream with the ...

Подробнее
Номер записи: 57
20-06-2013 дата публикации

Proxy-based encryption method, proxy-based decryption method, network equipment, network device and system

Номер: US20130156188A1
Автор: Lei Xu, Xiaoxin Wu
Принадлежит: Huawei Technologies Co Ltd

A proxy-based encryption method includes generating, according to a private key of a sending end and a public key of a receiving end, proxy keys that correspond to at least two proxy servers, respectively. The number of the proxy keys is equal to the number of the proxy servers. The method further includes sending encrypted ciphertexts and the proxy keys that correspond to the at least two proxy servers respectively to the at least two proxy servers, respectively, so that the at least two proxy servers re-encrypt the encrypted ciphertexts according to the corresponding proxy keys.

Подробнее
Номер записи: 58
27-06-2013 дата публикации

KEY CREATION AND ROTATION FOR DATA ENCRYPTION

Номер: US20130163753A1
Автор: MacMillan Jeffrey Earl, Offrey Jason Arthur
Принадлежит: DARK MATTER LABS INC.

Embodiments are directed towards enabling cryptographic key rotation without disrupting cryptographic operations. If key rotation is initiated, a transitional key may be generated by encrypting the current key with a built-in system key. A new key may be generated based one at least one determined key parameter. Next, the new key may be activated by the one or more key holders. If the new key is activated, it may be designated as the new current key. The new current key may be employed to encrypt the transitional key and store it in a key array. Each additional rotated key may be stored in the key array after it is encrypted by the current cryptographic key. Further, in response to a submission of an unencrypted query value, one or more encrypted values that correspond to a determined number of rotated cryptographic keys are generated. 1. A method for cryptographic processing of data using a network device that is operative to perform actions , comprising: generating at least one transitional key by encrypting at least one current key using at least one system key;', 'generating at least one new key based on at least one determined key parameter;', 'activating at least one new key based on data provided by at least one key holder;', 'generating at least one new current key based on at least one activated key, wherein the new current key is stored at least in volatile memory; and', 'encrypting at least one transitional key using at least one new current key and storing it in at least one key array., 'responsive to receiving a request o rotate at least one current key, performing further actions, including2. The method of claim 1 , wherein activating at least one new key further comprises claim 1 , receiving at least a portion of keying data from at least one key holder claim 1 , wherein at least one key holder activates at least portion of keying data using at least one password that corresponds to at least portion of keying data.3. The method of claim 1 , wherein ...

Подробнее
Номер записи: 59
27-06-2013 дата публикации

INFORMATION DISTRIBUTION SYSTEM AND PROGRAM FOR THE SAME

Номер: US20130163754A1
Автор: Ogawa Keiko
Принадлежит:

An information distribution system described herein is capable of securely storing digitized personal information in an encrypted state in a storage section and securely transferring/disclosing the stored digitized information only to a particular third person via a network. Communication of the information is securely performed in the encrypted state between information terminals connected to the communication network. An information terminal which has created information encrypts the original information by a common key generated upon communication and stores the information in a secure storage of one of the information terminals connected to the communication network while maintaining the encrypted state. Further, the system creates a mechanism for authenticating a person having a particular authority for viewing the encrypted information and index information having an encrypted common key and link information indicating the location of the information for supply to a user. 1. An information processing apparatus , comprising:a common key generating section to generate a common key;an original information encrypting section to encrypt original information based on the common key;a key storage section to store public and private keys used to encrypt the common key;a common key encrypting section to encrypt the common key with the public key;a common key extracting section to extract a common key from an encrypted common key using the private key;a decryption processing section to decrypt encrypted information corresponding to the original information encrypted with the common key extracted from the encrypted common key;an encryption signature generating section to generate an encrypted signature using the private key;a secure transport core to perform encrypted communication via a communication network using the common key,wherein the decryption processing section decrypts encrypted link information received via the secure transport core using the private key to ...

Подробнее
Номер записи: 60
27-06-2013 дата публикации

Method and apparatus for connection to virtual private networks for secure transactions

Номер: US20130163757A1
Автор: Aviel D. Rubin, Bruce LaRose, Norman Loren Schryer, Steven Michael Bellovin, Thomas Joseph Killian
Принадлежит: AT&T Corp

A system and method are provided for use in establishing secure end-to-end communication links over a VPN gateway via a network interface unit. Illustrative embodiments include establishing and providing secure communication relationships between users (customers) and companies for e-commerce and other business purposes. Each company's data and linkage to users remaining private and secure from the other participating companies as well as from the general public over the Internet. Login by user with network interface units, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Required authentication exchanges and required encryption key exchanges facilitate the secure communications. Financial arrangements regarding the provisioning and use of network interface units are also disclosed.

Подробнее
Номер записи: 61
27-06-2013 дата публикации

SIMPLIFIED SMARTCARD PERSONALIZATION METHOD, AND CORRESPONDING DEVICE

Номер: US20130166902A1
Автор: Choukri Hamid, Girard Pierre
Принадлежит: GEMALTO SA

The invention relates to a method for personalizing an electronic device using an encryption device adaptable to standard certified apparatuses. The encryption device makes it possible to ensure the confidentiality of the transfer of a secret code from the user to a possible personalization server. 1. A method for personalizing an electronic device called “target” , using a secure terminal , as well as a communicating electronic device called “computer” , able to execute a computer program called “personalizing program” , comprising:a secure electronic device called “encryption device” is inserted into said terminal;the personalizing program sends a request by which it requests the terminal to submit a code to said encryption device;the user inputs a secret code called “provided code” using a keyboard of said terminal, and said secret code is transmitted to the encryption device through a request REQ;said provided code is saved in a memory of said encryption device;the personalizing program sends a <> command to the encryption device through said terminal;said encryption device encrypts said provided code using a cryptographic algorithm ALG and a key K to obtain an “encrypted provided code”; andsaid encrypted provided code is transmitted to said personalizing program.2. A personalizing method according to claim 1 , wherein said request REQ is a command to verify said provided code.3. A personalizing method according to claim 1 , wherein said encrypted provided code is transmitted to a remote personalization server.4. A personalizing method according to claim 1 , further includes including a step of verifying during which claim 1 , when said encryption device receives said provided code claim 1 , at least one security rule is analyzed.5. A personalizing method according to claim 4 , wherein said encryption device sends back to said personalizing program claim 4 , through said terminal claim 4 , a different response according to the result of the ...

Подробнее
Номер записи: 62
27-06-2013 дата публикации

Implementation process for the use of cryptographic data of a user stored in a data base

Номер: US20130166911A1
Автор: Jean-Marc DESPERRIER, Laurent Fournie, Raphael Daouphars
Принадлежит: DICTAO

A security module (“SM”) implements user cryptographic data by means of a user terminal. The cryptographic data is encrypted by a first encryption key established from a secret key from the terminal and the user's authentication element and by a second encryption key specific to the SM. An authentication is performed between the SM and the terminal, based on an asymmetric cryptographic protocol, and, in the event of a positive authentication of the SM and the terminal, an authentication of the SM and the user is performed. In the event of positive authentication between the SM and the terminal and between the SM and the user, the SM obtains the user's cryptographic data, and the terminal calculates the first encryption key and sends the first encryption key to the SM. The user's cryptographic data is decrypted by the SM using the second encryption key and then the first encryption key.

Подробнее
Номер записи: 63
27-06-2013 дата публикации

Methods for Single Signon (SSO) Using Decentralized Password and Credential Management

Номер: US20130166918A1
Автор: Mahmood Shahbazi, Majid Shahbazi
Принадлежит: Individual

A method for single sign-on (SSO) that provides decentralized credential management using end-to-end security. Credential (and other personal user information) management is decentralized in that encryption is performed locally on the user's computer. The user's encrypted credentials may be stored by the login server and/or a plurality of distributed servers/databases (such as a cloud). The login server never has access to the user's credentials or other personal information. When the user wants to use single sign-on, he enters his password into his browser and the browser submits the encrypted/hashed password to the login server for validation. Upon validation, the browser receives the user's encrypted credentials. The credentials are decrypted by the browser and provided to relevant websites to automatically log the user in.

Подробнее
Номер записи: 64
04-07-2013 дата публикации

Generator of Chaotic Sequences and Corresponding Generating System

Номер: US20130170641A1
Автор: El Assad Safwan, Noura Hassan
Принадлежит: UNIVERSITE DE NANTES

A generator of chaotic sequences of integer values is provided. The generator includes at least two discrete recursive filters at least of first-order, generating an output chaotic sequence of integer values, each recursive filter comprising means for implementing a nonlinear function connected via an exclusive-or gate to means for generating a perturbation sequence of integer values. The two filters are mounted in parallel. The chaotic sequence output from the generator is equal to an exclusive-or of the chaotic sequences output from the recursive filters, and in the means for implementing the nonlinear function includes a chaotic map. 112-. (canceled)13. A generator of chaotic sequences e(n) , n being a strictly positive integer , of integer values represented on a determined number of quantification bits N , to form data encrypting keys , the generator comprising:at least two discrete recursive filters at least of first-order generating an output chaotic sequence of integer values, each recursive filter comprising means for implementing a nonlinear function F, connected via an exclusive-or gate to means for generating a perturbation sequence Q(n) of integer values represented on a determined number of quantification bits k,{'sub': 'u', 'wherein the two filters are mounted in parallel, the chaotic sequence e(n) output from the generator being equal to an exclusive-or of the chaotic sequences output from the recursive filters, and'}wherein the means for implementing the nonlinear function includes a chaotic map.14. The generator of chaotic sequences according to claim 13 , wherein the means for generating a perturbation sequence in each filter includes a maximum length feedback shift register using a primitive polynomial of degree k.15. The generator of chaotic sequences according to wherein the order of each recursive filter is third-order or lower.16. The generator of chaotic sequences according to wherein the means for implementing the nonlinear function ...

Подробнее
Номер записи: 65
04-07-2013 дата публикации

ELLIPTIC CURVE RANDOM NUMBER GENERATION

Номер: US20130170642A1
Автор: Brown Daniel Richard L., Vanstone Scott Alexander
Принадлежит: Certicom Corp.

An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key. 119-. (canceled)20. A computer-implemented method of generating a random number for use in a cryptographic operation , the method comprising:generating a random number by operating one or more processors on a pair of inputs, each input representing at least one coordinate of a respective one of a pair of elliptic curve points, at least one input of the pair of inputs being generated in a manner to ensure that one point of the pair of elliptic curve points is not a multiple of the other point of the pair of elliptic curve points.21. The method of claim 20 , wherein the at least one of the pair of inputs is obtained from an output of a hash function.22. The method of claim 21 , wherein the other input of the pair of inputs is obtained from an output of a hash function.23. The method of claim 21 , wherein the other input of the pair of inputs is used as an input to the hash function.24. The method of claim 23 , wherein the other input of the pair of inputs represents an elliptic curve point.25. The method of claim 21 , further comprising:testing the output of the hash function to determine whether the output is a valid coordinate of a point on an elliptic ...

Подробнее
Номер записи: 66
04-07-2013 дата публикации

Method for sharing secret values between sensor nodes in multi-hop wireless communication network

Номер: US20130173910A1
Автор: Choong Seon Hong, Eung Jun Cho, Hee Bum Pyun
Принадлежит: Intellectual Discovery Co Ltd

A method for sharing a secret key between a source node and a destination node includes (a) adding, at each forward intermediate node, a secret key between the forward intermediate node and a node before the forward intermediate node to the secret key sharing request message; (b) generating a shared secret key between the source node and the destination node from the secret key between the forward intermediate node and the node before the forward intermediate node added in the secret key sharing request message; (c) adding, at each backward intermediate node, a secret key between the backward intermediate node and a node before it to the secret key sharing response message; and (d) generating the shared secret key between the destination node and the source node from the secret key between the backward intermediate node and the node before it added in the secret key sharing response message.

Подробнее
Номер записи: 67
11-07-2013 дата публикации

Cryptographic Key Spilt Combiner

Номер: US20130177152A1
Автор: Scheidt Edward M., Wack C. Jay
Принадлежит: TECSEC, INC.

A cryptographic key split combiner includes a plurality of key split generators adapted to generate cryptographic key splits, a key split randomizer adapted to randomize the cryptographic key splits to produce a cryptographic key, and a digital signature generator. Each of the key split generators is adapted to generate key splits from seed data. The digital signature generator is adapted to generate a digital signature based on the cryptographic key. The digital signature generator can also be adapted to generate the digital signature based on a credential value. A process for forming cryptographic keys includes generating a plurality of cryptographic key splits from seed data. The cryptographic key splits are randomized to produce a cryptographic key. A digital signature is generated based on the cryptographic key. Generating a digital signature based on the cryptographic key can include generating the digital signature based on a credential value. 1. A cryptographic key split combiner , comprising:a) a plurality of key split generators adapted to generate cryptographic key splits;b) a key split randomizer adapted to randomize the cryptographic key splits to produce a cryptographic key; andc) a digital signature generator;d) wherein each of the key split generators is adapted to generate key splits from seed data; ande) wherein the digital signature generator is adapted to generate a digital signature based on the cryptographic key.2. The cryptographic key split combiner of claim 1 , wherein the digital signature generator is also adapted to generate the digital signature based on a credential value.3. A process for forming cryptographic keys claim 1 , comprising:a) generating a plurality of cryptographic key splits from seed data;b) randomizing the cryptographic key splits to produce a cryptographic key; andc) generating a digital signature based on the cryptographic key.4. The process of claim 3 , wherein generating a digital signature based on the cryptographic ...

Подробнее
Номер записи: 68
11-07-2013 дата публикации

USING FILE METADATA FOR DATA OBFUSCATION

Номер: US20130177153A1
Автор: GERRATY Simon J.
Принадлежит: JUNIPER NETWORKS, INC.

A system and method may assist in securing data for transmission to a receiving entity. Received data may include metadata associated therewith. The data may be encrypted using an encryption key encoded within selected portions of the metadata, where the selection of the selected portions is based on a scheme shared with the receiving entity. The encrypted data including the metadata may be transferred to the receiving entity. The receiving entity may decrypt the encrypted data using the selected portions of the metadata. 126-. (canceled)27. A method comprising:extracting, by a device, metadata elements associated with data received by the device;selecting, by the device, a particular metadata element of the metadata elements;modifying, by the device, the particular metadata element to form a modified metadata element;generating, by the device, an encryption key based on the modified metadata element;encrypting, by the device, the data based on the encryption key to obtain encrypted data; andtransmitting, by the device, the encrypted data.28. The method of claim 27 , where the encryption key includes the modified metadata element.29. The method of claim 27 , where generating the encryption key includes:generating the encryption key based on the modified metadata element and the particular metadata element.30. The method of claim 27 , where modifying the particular metadata element to form the modified metadata element includes:modifying one or more permissions of the particular metadata element to form the modified metadata element.31. The method of claim 30 ,where the one or more permissions, of the particular metadata element, provide permission to modify the data, andwhere one or more modified permissions, of the modified metadata element, provide permission to only read the encrypted data.32. The method of claim 27 , where modifying the particular metadata element to form the modified metadata element includes:modifying a date associated with the particular ...

Подробнее
Номер записи: 69
11-07-2013 дата публикации

METHOD AND SYSTEM FOR DECRYPTING A TRANSPORT STREAM

Номер: US20130177154A1
Автор: Hill-Jowett David Richard
Принадлежит: Sony Europe Limited

A module configured in operation to connect to a host, the module including: a decryptor operable to decrypt an encrypted transport stream received from the host, the transport stream including content data and a decryption seed; a decryption key generator operable to extract the decryption seed from the transport stream and to generate a decryption key from the decryption key seed; and a secure channel generator operable to generate a secure channel between the module and the host, whereby the secure channel generator is further operable to provide the generated decryption key to the host over the secure channel. 121-. (canceled)22. A module configured to connect to a host , the module comprising:decryptor circuitry configured to decrypt an encrypted transport stream received from the host, the transport stream including content data and a decryption seed;a decryption key generator configured to extract the decryption seed from the transport stream and to generate a decryption key from the decryption key seed; anda secure channel generator operable to generate a secure channel between the module and the host, whereby the secure channel generator is further configured to provide the generated decryption key to the host over the secure channel.23. The module according to claim 22 , wherein the transport stream further includes usage rule information and the module further comprises a usage rule generator operable to generate a rule relating to use of the content data from the usage rule information in the transport stream.24. The module according to claim 23 , wherein the transport stream further includes a transport stream identifier which identifies the transport stream claim 23 , wherein the usage rule generator is configured to generate a rule specific to the content data of the transport stream identified by the transport identifier.25. The module according to claim 23 , wherein secure channel generator is further configured to transfer the rule relating to the ...

Подробнее
Номер записи: 70
18-07-2013 дата публикации

SEMICONDUCTOR DEVICE AND IC CARD

Номер: US20130182839A1
Автор: VUILLAUME Camille
Принадлежит: RENESAS ELECTRONICS CORPORATION

In power residue calculation in a primality determination, in addition to the conventional randomization of an exponent, a modulus is also randomized. A random number generated by a random number generator is set to a randomizing number, and is input to a modulus generator and an exponent generator. The modulus generator and the exponent generator randomize a prime number candidate P using the randomizing number to generate a randomized modulus R and exponent R. Using the randomized modulus R and exponent R, the power residue calculation for primality determination is executed, and based on the result, the primality of the prime number candidate P is determined. The power consumption during the primality determination of a semiconductor device becomes noncorrelated with a value of a prime number candidate to be determined, and the leakage of a prime number due to side channel attacks can be prevented. 1. A semiconductor device comprising: a random number generator; a modulus generator; an exponent generator; a power residue calculating unit; and a determination unit , and determining primality of an input prime number candidate ,wherein the random number generator generates a first random number as a randomizing number,wherein the modulus generator generates a first integer based on the prime number candidate and the randomizing number,wherein the exponent generator generates a second integer,wherein the power residue calculating unit carries out power residue calculation, with the first integer as a modulus and the second integer as an exponent, andwherein the determination unit determines primality of the prime number candidate based on an output of the power residue calculating unit.2. A semiconductor device comprising: a random number generator; a modulus generator; an exponent generator; a power residue calculating unit; and a determination unit , and determining primality of an input prime number candidate ,wherein the random number generator generates a first ...

Подробнее
Номер записи: 71
18-07-2013 дата публикации

System and Method of Lawful Access to Secure Communications

Номер: US20130182840A1
Автор: Buckley Michael Eoin, Campagna Matthew John, Zaverucha Gregory Marc
Принадлежит:

The present disclosure relates to systems and methods for secure communications. In some aspects, a method of signalling an interception time period is described. At least one keying information used by a KMF to regenerate a key is stored. A start_interception message is signaled from an ADMF to a CSCF. A halt_message is signaled from the ADMF to the CSCF. 1. A method of signalling an interception time period , the method comprising:storing at least one keying information used by a KMF to regenerate a key;signalling a start_interception message from an ADMF to a CSCF; andsignalling a halt_message from the ADMF to the CSCF.2. The method of claim 1 , further comprising decrypting intercepted packets.3. The method of claim 1 , wherein the at least one keying information is stored by the CSCF.4. The method of claim 1 , wherein the at least one keying information includes a TRANSFER_INIT message.5. The method of claim 1 , wherein the at least one keying information includes a TRANSFER_RESP message.6. The method of claim 1 , wherein the at least one keying information includes at least one of RANDRi claim 1 , RANDRr claim 1 , IDRi claim 1 , IDRr claim 1 , CS_ID claim 1 , TGK claim 1 , MOD claim 1 , HDR claim 1 , KEMAC claim 1 , TGK claim 1 , and TGK′.7. The method of claim 1 , wherein the halt_message includes a target user identifier.8. A method of decrypting an intercepted message claim 1 , the method comprising:receiving one or more values used in generation of an encryption key;storing the one or more values used by a KMF to regenerate the encryption key;generating the encryption key using the one or more values;signalling a start_interception message to a CSCF;decrypting intercepted packets; andsignalling a halt_message from an ADMF to the CSCF.9. The method of claim 8 , wherein the signalling of the start_interception message is from the ADMF to the CSCF.10. The method of claim 8 , wherein the one or more values comprise a crypto session identity (CS ID) and a ...

Подробнее
Номер записи: 72
18-07-2013 дата публикации

System and Method of Lawful Access to Secure Communications

Номер: US20130182841A1
Автор: Buckley Michael Eoin, Campagna Matthew John, Zaverucha Gregory Marc
Принадлежит:

The present disclosure relates to systems and methods for secure communications. In some aspects, an initiator KMS receives, from an initiator UE, one or more values used in generation of an encryption key, which includes obtaining at least one value associated with a RANDRi. The initiator KMS sends the at least one value associated with the RANDRi to a responder KMS. The responder KMS generates the encryption key using the one or more values. 1. A method for generating an encryption key , the method comprising:an initiator KMS receiving, from an initiator UE, one or more values used in generation of an encryption key, including obtaining at least one value associated with a RANDRi;the initiator KMS sending the at least one value associated with the RANDRi to a responder KMS; andthe responder KMS generating the encryption key using the one or more values.2. The method of claim 1 , wherein the at least one value associated with the RANDRi is one of a Request_Init message or the RANDRi.3. The method of claim 1 , wherein the obtaining comprises receiving the at least one value associated with the RANDRi.4. The method of claim 1 , wherein the obtaining comprises generating the RANDRi.5. A method performed by a responder KMS for generating an encryption key claim 1 , the method comprising:receiving, from an initiator KMS, one or more values used in generation of an encryption key, including obtaining at least one value associated with a RANDRi; andgenerating the encryption key using the one or more values, including the at least one value associated with the RANDRi.6. The method of claim 5 , wherein the at least one value associated with the RANDRi is one of a Request_Init message or a RANDRi value.7. The method of claim 5 , wherein the obtaining comprises receiving the at least one value associated with the RANDRi.8. The method of claim 5 , wherein the obtaining comprises generating the RANDRi. This application claims priority to U.S. Provisional Application No. 61/586, ...

Подробнее
Номер записи: 73
18-07-2013 дата публикации

System and method for key space division and sub-key derivation for mixed media digital rights management content

Номер: US20130182842A1
Автор: Augustin J. Farrugia, Bertrand Mollinier Toublet, Gelareh TABAN, Gianpaolo Fasoli, Nicholas T. Sullivan, Srinivas Vedula
Принадлежит: Apple Inc

Disclosed herein are systems, methods, and non-transitory computer-readable storage media for key space division and sub-key derivation for mixed media digital rights management content and secure digital asset distribution. A system practicing the exemplary method derives a set of family keys from a master key associated with an encrypted media asset using a one-way function, wherein each family key is uniquely associated with a respective client platform type, wherein the master key is received from a server account database, and identifies a client platform type for a client device and a corresponding family key from the set of family keys. The system encrypts an encrypted media asset with the corresponding family key to yield a platform-specific encrypted media asset, and transmits the platform-specific encrypted media asset to the client device. Thus, different client devices receive device-specific encrypted assets which can be all derived based on the same master key.

Подробнее
Номер записи: 74
18-07-2013 дата публикации

Methods for initializing and/or activating at least one user account for carrying out a transaction, as well as terminal device

Номер: US20130183934A1
Автор: Arno Roemer, Erik Hengels
Принадлежит: Vodafone Holding GmbH

The present invention in particular relates to a method for initializing and/or activating at least one user account and/or a user identifier with at least one service provider by means of a first communications network, in particular a mobile network, whereby the user account and/or the user identifier has validity in at least one other second communications network that is independent of the first communications network. In order to be able to utilize transaction systems based on mobile networks, particularly in a simple and inexpensive manner also in situations outside the mobile sector, for example in WLAN via DSL situations, the method is characterized by the following steps: a) a request for initializing and/or activating the user account and/or the user identifier is generated by the user via a terminal device assigned to the first communications network and transmitted via a communication channel of the first communications network from the terminal device of the user to the service provider, in particular at least partially encrypted; b) during the transmission, an identifier characterizing the user and/or the terminal device of the user is assigned to the request on the part of the first communications network; c) after receiving the request with the added identifier, at least one user identifier that is independent of the communications network is generated on the part of the service provider; d) the generated user identifier is transmitted by the service provider to the terminal device of the user, in particular at least partially encrypted, and stored in this device.

Подробнее
Номер записи: 75
25-07-2013 дата публикации

SYSTEM AND METHOD FOR SECURING COMMUNICATIONS BETWEEN DEVICES

Номер: US20130191639A1
Автор: Gluck Daniel S., Infante Steven D., Mangari Aparna
Принадлежит: SUMCORP LLC

A system and method for providing an improved way to secure messages being transmitted between communicating devices. Security mechanisms, operating below the session establishment level, provide fast encryption that is unconditionally secure or becomes stronger over time as devices continue to communicate. After random or arbitrary characters are used to encrypt an initial message, each new message communicated between two devices is encrypted with the most recent message communicated there-between as well as the changing key. Moreover, an exclusive dyadic relationship between the devices is obtained which prevents the cloning or piracy of the devices or the data communicated between them. The disclosed system and method also provide a multi-threading capability, thereby reducing the likelihood of a denial of service of attack. 13.-. (canceled)4. A method of encrypting a multi-digit plaintext string of multi-bit digits stored on a sending computer device using at least one multi-digit encryption key having a plurality of multibit encryption key digits , comprising:(a) on the sending computer device, adding one multi-bit digit of said plaintext string to a corresponding multi-bit digit of the at least one multi-digit encryption key to produce at least one ciphertext result digit;(b) on the sending computer device, truncating the most significant digit of the at least one ciphertext result digit if the at least one ciphertext result digit is longer than one digit;(c) storing the at least one ciphertext result digit on the sending computer device; and(d) repeating steps (a) and (b) and (c) for the next multibit digit in the plaintext string until the end of the plaintext string is reached.5. The method of claim 4 , further comprising:prior to (b), as part of producing the at least one ciphertext result digit, adding a corresponding digit of a second encryption key.6. The method of claim 4 , where the encryption is performed without the use of an encryption table.7. A ...

Подробнее
Номер записи: 76
01-08-2013 дата публикации

Apparatus and Method for Producing a Message Authentication Code

Номер: US20130195266A1
Автор: FISCHER Wieland
Принадлежит: INFINEON TECHNOLOGIES AG

An apparatus for producing a message authentication code based on a first message and an original key is provided. The apparatus includes a key generator configured to produce a generated key based on the original key and the first message. Furthermore, the apparatus includes a message authentication code generator configured to produce the message authentication code based on the generated key and the first message. 1. An apparatus for producing a message authentication code based on a first message and an original key , comprising:a key generator configured to produce a generated key based on the original key and the first message; anda message authentication code generator configured to produce the message authentication code based on the generated key and the first message.2. The apparatus according to claim 1 , wherein the key generator is configured to produce the generated key by using a cryptographic encryption algorithm.3. The apparatus according to claim 1 , wherein the key generator is configured to produce the generated key by a hash calculation for the first message.4. The apparatus according to claim 1 , wherein the key generator is configured to produce the generated key by performing a hash calculation for a portion of the first message.5. The apparatus according to claim 1 , wherein the key generator is configured to produce the generated key such that an entropy of the generated key is not lower than the entropy of the original key.6. The apparatus according to claim 1 , wherein the key generator is configured to produce the generated key such that when precisely one bit of the first message or of the original key is changed claim 1 , between 45% and 55% of the bits of the generated key change on average when the generated key is produced again.7. The apparatus according to claim 1 , wherein the key generator is configured to use AES encryption for producing the generated key.8. The apparatus according to claim 1 , wherein the key generator is ...

Подробнее
Номер записи: 77
01-08-2013 дата публикации

System and methods for permitting open access to data objects and for securing data within the data objects

Номер: US20130195270A1
Автор: Mike W. Berry, Scott A. Moskowitz
Принадлежит: Blue Spike Inc

A system and methods for permitting open access to data objects and for securing data within the data objects is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. According to one embodiment of the present invention, a method for securing a data object is disclosed. The method includes the steps of (1) providing a data object comprising digital data and file format information; (2) embedding independent data into a data object; and (3) scrambling the data object to degrade the data object to a predetermined signal quality level. The steps of embedding and scrambling may be performed until a predetermined condition is met. The method may also include the steps of descrambling the data object to upgrade the data object to a predetermined signal quality level, and decoding the embedded independent data.

Подробнее
Номер записи: 78
08-08-2013 дата публикации

Integrated Silicon Circuit Comprising a Physicallly Non-Reproducible Function, and Method and System for Testing Such a Circuit

Номер: US20130202107A1
Автор: Danger Jean-Luc
Принадлежит: INSTITUT TELECOM-TELECOM PARIS TECH

A silicon integrated circuit comprises a physically non-copyable function LPUF allowing the generation of a signature specific to said circuit. Said function comprises a ring oscillator composed of a loop traversed by a signal, being formed of N topologically identical chains of lags, connected in series and of an inversion gate, a chain of lags being composed of M delay elements connected in series. The function also comprises a control module generating N control words being used to configure the value of the delays introduced by the chains of lags on the signal traversing them. A measurement module measures the frequency of the signal at the output of the last chain of lags after the updating of the control words, and means can deduce from the frequency measurements the bits making up the signature of the circuit. A method and a system for testing such circuits are also provided. 1. A silicon integrated circuit comprising a physically non-copyable function LPUF allowing the generation of a signature specific to said circuit , said function comprising:a ring oscillator composed of a loop traversed by a signal e, said loop being formed of N topologically identical chains of lags, connected to one another in series and of an inversion gate, a chain of lags being composed of M delay elements connected to one another in series;a control module generating N control words, said words being used to configure the value of the delays introduced by the chains of lags on the signal e traversing them;a measurement module measuring the frequency of the signal at the output of the last chain of lags after the updating of the control words;means for deducing from the frequency measurements the bits making up the signature of the circuit.2. The circuit as claimed in claim 1 , wherein the circuit is an ASIC or an FPGA.3. The circuit as claimed in claim 1 , wherein the signature is used as encryption key.4. The circuit as claimed in claim 1 , wherein the signature is used for its ...

Подробнее
Номер записи: 79
08-08-2013 дата публикации

Protecting privacy of shared personal information

Номер: US20130205404A1
Автор: Simon P. King
Принадлежит: Yahoo Inc until 2017

Methods and apparatus are described to protect personal information by decoupling it from user identity. According to specific embodiments, this is accomplished by associating each user with an anonymous token that is decoupled from the user's identity. Personal information (e.g., a user's physical or geographic location) is stored in association with this anonymous token, with no apparent connection to the user. Those allowed to access the personal information—including the owner himself—are granted the ability through a variety of mechanisms to connect the anonymous token back to the owner. The personal information can then be retrieved by locating the data stored in association with the anonymous token in the data store.

Подробнее
Номер записи: 80
15-08-2013 дата публикации

Method and System for a Certificate-less Authenticated Encryption Scheme Using Identity-based Encryption

Номер: US20130212377A1
Автор: Behzad Malek
Принадлежит: Individual

A method of verifying public parameters from a trusted center in an identity-based encryption system prior to encrypting a plaintext message by a sender having a sender identity string may include: identifying the trusted center by a TC identity string, the trusted center having an identity-based public encryption key of the trusted center based on the TC identity string; determining if the sender has a sender private key and the public parameters for the trusted center including the public encryption key of the trusted center and a bilinear map; and verifying the public parameters using the TC identity string prior to encrypting the plaintext message into a ciphertext by comparing values of the bilinear map calculated with variables from the trusted center. The ciphertext may include a component to authenticate the sender once the ciphertext is received and decrypted by the recipient using the private key of the recipient.

Подробнее
Номер записи: 81
29-08-2013 дата публикации

PORTABLE SECURE ELEMENT

Номер: US20130223623A1
Автор: Farmer Shane Alexander, Jooste Sarel Kobus, JOSEPH JOHN
Принадлежит:

Transferring control of a secure element between TSMs comprises a zone master key established between the TSMs that facilitates encryption of a temporary key. The TSMs create the zone master key prior to initiation of transfer of control. Once transfer of control is initiated, the first TSM establishes a communication channel and deletes its key from the secure element. The first TSM creates a temporary key that is encrypted with the zone master key established between the first TSM and the second TSM. The encrypted temporary key is communicated to the second TSM with a device identifier. The second TSM decrypts the temporary key using the zone master key and identifies the user device using the device identifier. The new TSM establishes a communication channel and deletes the temporary key from the secure element. The new TSM then inputs and saves its key into the secure element. 1. A computer-implemented method for transferring control of a secure memory , comprising:creating, by a computer, a master key between a first secure services provider and a second secure services provider, wherein the master key facilitates a transfer of control of a secure memory from the first secure services provider to the second secure services provider;receiving, by the computer, a request to transfer control of the secure memory from the first secure services provider to the second secure services provider;initiating, by the computer, a secure communication channel with the secure memory, wherein, the secure communication channel is established using an access key known by the first secure services provider that is resident on the secure memory;communicating, by the computer, an instruction to delete the access key from the secure memory;creating, by the computer, a temporary key;communicating, by the computer, the temporary key to the secure memory;encrypting, by the computer, the temporary key using the master key established between the first secure services provider and the ...

Подробнее
Номер записи: 82
29-08-2013 дата публикации

SELF-SIGNED IMPLICIT CERTIFICATES

Номер: US20130227277A1
Автор: Campagna Matthew John, Struik Marinus
Принадлежит: Certicom Corp.

There are disclosed systems and methods for creating a self-signed implicit certificate. In one embodiment, the self-signed implicit certificate is generated and operated upon using transformations of a nature similar to the transformations used in the ECQV protocol. In such a system, a root CA or other computing device avoids having to generate an explicit self-signed certificate by instead generating a self-signed implicit certificate. 1. A method of generating a first and a second private key and establishing a first and a second self-signed implicit certificate that can be operated on to obtain a first and a second corresponding public key , the method being performed by a computing device in a cryptographic system based on an underlying group of order n , the computing device having a cryptographic unit , the method comprising:the computing device obtaining a long-term private key and a corresponding public-key reconstruction value;the computing device obtaining a first and a second data;the computing device operating on said public-key reconstruction value and said first data to obtain said first self-signed implicit certificate;the computing device operating on said public-key reconstruction value and said second data to obtain said second self-signed implicit certificate;the computing device operating on said long-term private key and said first self-signed implicit certificate to obtain said first private key; andthe computing device operating on said long-term private key and said second self-signed implicit certificate to obtain said second private key.2. The method of wherein said computing device is a certification authority device that issues certificates in the cryptographic system claim 1 , said first and said second data are first and second certificate data claim 1 , said first and said second private key are respectively a first and a second root private key claim 1 , and said first and said second public key are respectively a first and a second ...

Подробнее
Номер записи: 83
12-09-2013 дата публикации

METHODS FOR CREATING SECRET KEYS USING RADIO AND DEVICE MOTION AND DEVICES THEREOF

Номер: US20130236007A1
Автор: Hammond Peter M., Munro James F.
Принадлежит: DIGITAL LOBE, LLC

A method and system for generating one or more keys includes obtaining at two or more devices data based on movement of at least one of the devices with the respect to the other device. An RF signal sent from each of the one or more of the devices to the other devices is used to generate data that changes in accordance with the movement of the one or more devices. At least one key is generated based on the obtained data at each of the devices for use in securing communications between the devices. The key at each of the devices is substantially the same.

Подробнее
Номер записи: 84
12-09-2013 дата публикации

ENCIPHERING APPARATUS AND METHOD, DECIPHERING APPARATUS AND METHOD AS WELL AS INFORMATION PROCESSING APPARATUS AND METHOD

Номер: US20130236009A1
Автор: Asano Tomoyuki, Ishiguro Ryuji, Osakabe Yoshio, OSAWA Yoshitomo, SATO Makoto, Shima Hisato
Принадлежит: SONY CORPORATION

The invention provides an enciphering apparatus and method, a deciphering apparatus and method and an information processing apparatus and method by which illegal copying can be prevented with certainty. Data enciphered by a 1394 interface of a DVD player is transmitted to a personal computer and a magneto-optical disk apparatus through a 1394 bus. In the magneto-optical disk apparatus with which a change to a function is open to a user, the received data is deciphered by a 1394 interface. In contrast, in the personal computer with which a change to a function is open to a user, the enciphered data is deciphered using a time variable key by a 1394 interface, and a result of the decipherment is further deciphered using a session key by an application section. 117-. (canceled)18. Apparatus for generating a cryptographic key , comprising: provide a first key which is derived through an authentication procedure, the first key being based on information generated in another apparatus;', 'provide a second key which is changed during a term that the first key is used;', 'generate the cryptographic key based on the first and second keys, the cryptographic key being changed in accordance with the change of the second key; and, 'a memory storing computer executable instructions which, when executed by a processor, cause the processor toa processor programmed to execute the stored instructions to output the cryptographic key.19. The apparatus of claim 18 , wherein said first key and said second key are secret.20. The apparatus of claim 19 , wherein the second key is based on information assigned to each apparatus.21. The apparatus of claim 18 , wherein the first key includes secret information shared with a deciphering apparatus claim 18 , the second key is derived from a source claim 18 , and the secret information is a disturbance key to disturb the source of the second key.22. The apparatus of claim 18 , wherein a source of the second key is changed in accordance with a ...

Подробнее
Номер записи: 85
19-09-2013 дата публикации

Physical key-protected one time pad

Номер: US20130243187A1
Автор: Benjamin Judkewitz, Changhuei Yang, Ivo M. Vellekoop, Roarke Horstmeyer
Принадлежит: California Institute of Technology CalTech

A device, including one or more Communication Physical Unclonable Function (CPUF) and key storage devices, the CPUF devices each comprising: a coherent Electromagnetic (EM) radiation source; a spatial light modulator (SLM) connected to the coherent EM radiation source; a volumetric scattering medium connected to the SLM; a detector connected to the volumetric scattering medium; and one or more processors or circuits connected to the detector and one or more processors or circuits connected to the SLM. A communication protocol is also provided.

Подробнее
Номер записи: 86
19-09-2013 дата публикации

ENCRYPTION KEY GENERATING APPARATUS

Номер: US20130243191A1
Автор: Isogai Taichi, Kanda Mitsuru, Komano Yuichi, Shimizu Hideo, Tanaka Yasuyuki
Принадлежит: KABUSHIKI KAISHA TOSHIBA

According to an embodiment, an encryption key generating apparatus includes first to third calculators. The first calculator executes a first round operation to a first portion of first data. The second calculator executes the first round to a second portion of second data pieces. Each second data piece includes the first portion of the first data to which the first round operation has been completed and the second portion obtained by changing at least a part of the first data other than the first portion. At least a part of the second portion is different from that of each of the other second portions. The second calculator executes the first round operation to each second portion. The third calculator unit executes operations of the second and subsequent rounds to the second data pieces. 1. An encryption key generating apparatus that generates plural encryption keys through an execution of a cryptographic operation based upon master secret key , where the cryptographic operation repeats a round operation based upon a predetermined round function in a prescribed number of rounds ,the encryption key generating apparatus comprising:a first calculator to perform an operation of a first round in the cryptographic operation to a first portion of first data;a second calculator to perform an operation of the first round in the cryptographic operation to a second portion of each of plural pieces of second data, wherein each of the plural pieces of second data includes the first portion of the first data to which the operation of the first round in the cryptographic operation has been completed and the second portion that is obtained by changing at least a part of the first data other than the first portion, and wherein at least a part of the second portion is different from that of each of the other second portions; anda third calculator to perform operations of the second and subsequent rounds in the cryptographic operation to the plural pieces of second data to which the ...

Подробнее
Номер записи: 87
19-09-2013 дата публикации

DIGITAL SIGNATURE GENERATION APPARATUS, DIGITAL SIGNATURE VERIFICATION APPARATUS, AND KEY GENERATION APPARATUS

Номер: US20130243193A1
Автор: AKIYAMA Koichiro, GOTO Yasuhiro
Принадлежит: KABUSHIKI KAISHA TOSHIBA

A digital signature generation apparatus includes memory to store finite field Fand section D(u(s, t), u(s, t), s, t) as secret key, section being one of surfaces of three-dimensional manifold A(x, y, s, t) which is expressed by x-coordinate, y-coordinate, parameter s, and parameter t and is defined on finite field Fq, x-coordinate and y-coordinate of section being expressed by functions of parameter s and parameter t, calculates hash value of message m, generates hash value polynomial by embedding hash value in 1-variable polynomial h(t) defined on finite field F, and generates digital signature D(U(t), U(t), t) which is curve on section, the x-coordinate and y-coordinate of curve being expressed by functions of parameter t, by substituting hash value polynomial in parameter s of section. 14-. (canceled)5. A key generation apparatus for generating a finite field F , a three-dimensional manifold A(x , y , s , t) which is used as a public key for signature verification , is expressed by an x-coordinate , a y-coordinate , a parameter s , and a parameter t , and is defined on the finite field F , and a section which is used as a secret key for signature generation and is one of surfaces of the three-dimensional manifold A(x , y , s , t) , x-coordinate and y-coordinate of the section being expressed by functions of the parameter s and the parameter t , comprising:{'sub': x,i', 'q', 'y,i', 'q, 'a first generation unit configured to generate n (n is a positive integer), first to n-th (n is a positive integer) 2-variable polynomials u(s, t) (i: 1≦i≦n) for the parameter s and the parameter t defined on the finite field F, and n, first to n-th n 2-variable polynomials u(s, t) (1≦i≦n) for the parameter s and the parameter t defined on the finite field F;'}{'sub': x,i', 'y,i', 'x,i', 'y,i, 'a second generation unit configured to generate n, first to n-th sections Di (1≦i≦n) by generating an i-th section Di: (x, y, s, t)=(u(s, t), u(s, t), s, t) (1≦i≦n) which has the i-th (1≦i≦ ...

Подробнее
Номер записи: 88
19-09-2013 дата публикации

GENERATING PROTOCOL-SPECIFIC KEYS FOR A MIXED COMMUNICATION NETWORK

Номер: US20130246783A1
Автор: Cohen Etan Gur, HO Saiyiu Duncan, Mohanty Bibhu Prasad, QUICK Roy Franklin
Принадлежит: Qualcomm Atheros, Inc.

Security keys are typically needed to communicate with various network communication protocols of a mixed communication network. Herein, a protocol-specific key for a particular network communication protocol is generated based upon a result of a hash operation that includes a network key associated with the mixed communication network and information corresponding to the particular network communication protocol. Interoperability of multiple devices in the mixed communication network is made possible when the multiple devices generate (i.e. derive) protocol-specific keys using the same network key and common information corresponding to particular network communication protocols. 1. A method , comprising:generating, at a first device, a first protocol-specific key for use with a first network communication protocol of a mixed communication network, the first protocol-specific key based upon a result of a hash operation that includes a network key associated with the mixed communication network and information corresponding to the first network communication protocol; andcommunicating with a second device in the mixed communication network via the first network communication protocol using the first protocol-specific key.2. The method of claim 1 , wherein the first protocol-specific key is used for encryption of communications via the first network communication protocol.3. The method of claim 1 , wherein said generating the first protocol-specific key includes one oftruncating the result of the hash operation to generate the first protocol-specific key,duplicating the result of the hash operation to generate the first protocol-specific key longer than the result of hash operation, orcombining the result of the hash operation with a further value to generate the first protocol-specific key.4. The method of claim 1 , wherein said generating the first protocol-specific key includes truncating the result of the hash operation claim 1 , such that the first protocol- ...

Подробнее
Номер записи: 89
26-09-2013 дата публикации

Access control system and a user terminal

Номер: US20130254541A1
Автор: Satoshi Ito, Shinji Yamanaka, Yuichi Komano
Принадлежит: Toshiba Corp

In a user terminal, a public key, a master key and a public parameter are generated. An ID including an identifier, an issue date and a validity period of a secret key for service is generated. The secret key is generated based on the master key and the ID. The ID and the secret key are transmitted to a service providing server. The public key and the public parameter are transmitted to a data storage device. In the service providing server, signature data is generated based on the ID and the secret key. A data request, the signature data and the ID are transmitted to the data storage device. In the data storage device, the data request is verified based on the signature data, the public key and the public parameter. When the data request is verified, measurement data of a target device is transmitted to the service providing server.

Подробнее
Номер записи: 90
03-10-2013 дата публикации

Communication apparatus and key managing method

Номер: US20130259233A1
Автор: Hideaki Sato, Shinichi Baba, Yoshimichi Tanizawa
Принадлежит: Toshiba Corp

According to an embodiment, a communication apparatus includes a key storage unit configured to store therein a cryptographic key; a receiving unit configured to receive a message; an analyzing unit configured to analyze whether the message includes an access request for the cryptographic key; a generating unit configured to, when the message includes the access request, generate request information used to request an access to the cryptographic key requested by the access request; and an access controller configured to control the access to the cryptographic key based on the request information.

Подробнее
Номер записи: 91
10-10-2013 дата публикации

Systems, methods and apparatus for multivariate authentication

Номер: US20130269013A1
Автор: Beau Robertson PARRY, Yasodekshna BODDETI
Принадлежит: BRIVAS LLC

Systems, methods, and apparatus are disclosed for user authentication using a plurality of authentication variables, such as biometrics and contextual data. Example contextual data includes the geographical location of the user, a gesture of the user, and the machine identification of the individual's user device.

Подробнее
Номер записи: 92
17-10-2013 дата публикации

SPEECH ENCRYPTION METHOD AND DEVICE, SPEECH DECRYPTION METHOD AND DEVICE

Номер: US20130272518A1
Автор: Chen Chin-Yuan, Ma Chia-Lung, Wu Meng-Tse
Принадлежит: BLUCRYPT TECHNOLOGIES INC.

A speech encryption method for encrypting a digital speech signal includes the steps of generating an encryption key, deriving a plurality of voice feature data from the digital speech signal, determining a corresponding shift parameter according to the encryption key and converting the voice feature data derived therefrom into converted speech data based on the shift parameter, and determining corresponding dual-tone multi-frequency (DTMF) data according to the encryption key and interleaving the DTMF data with the converted speech data so as to obtain a scrambled speech signal. 1. A speech encryption method to be implemented by an encryption device for encrypting a digital speech signal , comprising the steps of:(A) configuring the encryption device to generate an encryption key;(B) configuring the encryption device to derive a plurality of voice feature data from the digital speech signal;(C) configuring the encryption device to determine a corresponding shift parameter according to the encryption key generated thereby, and to convert the voice feature data derived therefrom into converted speech data based on the shift parameter; and(D) configuring the encryption device to determine corresponding dual-tone multi-frequency (DTMF) data according to the encryption key generated thereby, and to interleave the DTMF data with the converted speech data so as to obtain a scrambled speech signal.2. The speech encryption method as claimed in claim 1 , wherein step (B) includes:(B1) configuring the encryption device to divide the digital speech signal into a plurality of speech frames, to form expanded speech frames from the speech frames, and to derive the voice feature data from the expanded speech frames.3. The speech encryption method as claimed in claim 2 , wherein each of the expanded speech frames is formed by attaching claim 2 , to a respective one of the speech frames claim 2 , a segment of one of the speech frames adjacent to the respective one of the speech ...

Подробнее
Номер записи: 93
17-10-2013 дата публикации

Method of generating key

Номер: US20130272520A1
Автор: Hiroyuki Seki, Jun Noda, Yoshitaka Nakamura
Принадлежит: Nara Institute of Science and Technology NUC, NEC Corp

According to a method of generating a key of the present invention, a first device and a second device are first brought into contact with one vibrator. In this state, the vibrator generates vibration. A first acceleration sensor provided in the first device and a second acceleration sensor provided in the second device detect the vibration. Subsequently, the first device notifies the second device of a first feature value based upon the detection result of the first acceleration sensor. The second device notifies the first device of a second feature value based upon the detection result of the second acceleration sensor. Then the first device compares the notified second feature value with the first feature value and generates a key based upon the comparison result. The second device compares the notified first feature value with the second feature value and generates a key based upon the comparison result.

Подробнее
Номер записи: 94
17-10-2013 дата публикации

SECURE MESSAGING

Номер: US20130275758A1
Автор: Marlow William J.
Принадлежит:

Given the rise in popularity of communicating personal, private, sensitive, or vital peer-to-peer or peer-to-group information over insecure text messaging infrastructure, it would be highly desirable to provide a lightweight solution that enables the exchange of information in a secure manner. The non-limiting technology herein provides systems and methods for the exchange of cryptographic material that can be used to encipher message-oriented communications between at least two peer devices. Once the cryptographic material is exchanged between cooperating peers, this lightweight solution can be used by common off the shelf hardware such as smartphones, tablets, feature phones, or special purpose machine to machine devices for private communications, such as command and control, location services, etc. using insecure voice or data communication paths, such as SMS. 1. A method of exchanging information to enable secure messaging between first and second messaging devices , comprising:encapsulating a first public key associated with a first device's public-private key pair with a first identifier so that the encapsulated public key does not occupy more than half the payload available for transmitting a message;communicating the encapsulated first public key and first identifier from the first device to the second device;receiving, from the second device, a response including a second public key and second identifier associated with the second device;computing a shared secret based at least in part on the received second public key; andderiving, from the shared secret, a key to encrypt or decrypt a further message communicated over the messaging network.2. The method of further including time stamping the message to securely indicate when the message was sent.3. The method of further including receiving an acknowledgement that the message was received.4. The method of wherein the encapsulation occupies a maximum of a single SMS message length.5. The method of wherein ...

Подробнее
Номер записи: 95
17-10-2013 дата публикации

Electronic physical unclonable functions

Номер: US20130276059A1
Автор: Dane R. Walther, James M. Lewis, Paul H. Horn
Принадлежит: Lewis Innovative Technologies, Inc.

An electronic asymmetric unclonable function applied to an electronic system being evaluated includes an electronic system and an AUF array electronically associated with the electronic system. The AUF array includes a plurality of non-identical cells. Each of the non-identical cells includes a test element representing a characteristic of the electronic system being evaluated and a measurement device evaluating the test element. A comparison unit processes an output of the measurement device to provide a multi-bit output value representing a magnitude of differences.

Подробнее
Номер записи: 96
31-10-2013 дата публикации

ENCRYPTION PROCESSING DEVICE AND METHOD

Номер: US20130287209A1
Автор: ITOH Kouichi, Takenaka Masahiko, YAMAMOTO Dai
Принадлежит:

A constant multiplier inputs a base and a modulo n, performs modular exponentiation modulo n with a prescribed constant as the exponent and with base a, and outputs the result of this calculation as base b. A personal key converter inputs a personal key d and calculates a personal key d′ as the quotient when d is divided by the prescribed constant. A correction key generator generates a correction key d″ as the remainder of the aforementioned division. A first modular exponentiation unit performs modular exponentiation base b with d′ as the exponent. A second modular exponentiation unit performs modular exponentiation base a with d″ as the exponent, and outputs a correction value. A correction calculation unit multiplies the outputs of the first and second modular exponentiation units and outputs the result as the encryption processing result. 1. An encryption processing device , comprising:a constant multiplier, to which a first base a and a modulus n are input, configured to perform a modular exponentiation computation for the modulus n by using a specified constant as an exponent for the first base a, and to output a computation result as a second base b;a private key converter, to which a first private key d is input, configured to compute a second private key d′ as a quotient obtained by dividing the first private key d by the specified constant;a correction key generator configured to generate a correction key d″ as a remainder obtained by dividing the first private key d by the specified constant;a first modular exponentiation computing unit configured to perform a modular exponentiation computation for the modulus n by using the second private key d′ as an exponent for the second base b, and to output a computation result;a second modular exponentiation computing unit configured to perform a modular exponentiation computation for the modulus n by using the correction key d″ as an exponent for the first base b, and to output a computation result as a ...

Подробнее
Номер записи: 97
31-10-2013 дата публикации

DATA PROCESSING APPARATUS AND DATA STORAGE APPARATUS

Номер: US20130287210A1
Автор: Hattori Mitsuhiro, Hirano Takato, ITO Takashi, Matsuda Nori, Mori Takumi
Принадлежит: Mitsubishi Electric Corporation

An access terminal apparatus provides a group determination key being a decryption key to a data center apparatus previously, and then transmits grouping information generated from a keyword of storage target data and having been encrypted to the data center apparatus, with encrypted data of the storage target data and tag data of the encrypted data of the storage target data. The data center apparatus stores the encrypted data relating it to the tag data, decrypts a part of the grouping information with the group determination key, derives an index value from a bit value obtained by the decryption, and stores the derived index value and the tag data relating them with each other. 1. A data processing apparatus connected to a data storage apparatus that stores a plurality of encrypted data and tag data being related to each of the plurality of encrypted data and being collated when the plurality of encrypted data are searched , the data processing apparatus comprising:a keyword specification unit that specifies a keyword of storage target data being a target to be stored in the data storage apparatus, as a storage keyword;an allowed bit position specification unit that specifies a bit position where disclosure of a bit value to the data storage apparatus is allowed, as an allowed bit position;an index derive bit sequence generation unit that generates a bit sequence from the storage keyword by performing a generation procedure, as a storage index derive bit sequence; anda concealing processing unit that performs concealing processing to disclose the bit value at the allowed bit position in the storage index derive bit sequence to the data storage apparatus, and to conceal bit values at other than the allowed bit position in the storage index derive bit sequence from the data storage apparatus, and that causes the data storage apparatus to derive a storage index value, which is to be attached to the tag data by the data storage apparatus when the tag data to be ...

Подробнее
Номер записи: 98
14-11-2013 дата публикации

Multiple Domain Smartphone

Номер: US20130303146A1
Автор: Christopher Paul Wren, Franklin David Van Voorhees, Phil Mar, Steven R. Hart, Ty Lindteigen
Принадлежит: Viasat Inc

A smartphone is adapted, through software modifications, to provide multiple operating domains or domains that provide differing levels of security and reliability. Each operating domain is isolated from the others. Detection of unauthorized modification is provided in some embodiments. Cross domain activity notification is provided in some embodiments.

Подробнее
Номер записи: 99
21-11-2013 дата публикации

Cloud-based system for reading of decodable indicia

Номер: US20130306720A1
Автор: Benjamin Hejl, Donald Anderson, Erik Todeschini, Stephen Patrick Deloge, Thomas Koziol, Timothy Meier
Принадлежит: Honeywell International Inc

A data decoding system can comprise one or more computers communicatively coupled to a network. The computers can execute at least one decoding process. The decoding process can be configured, responsive to receiving a decoding request comprising an image of decodable indicia, to locate the decodable indicia within the image, and to decode the decodable indicia into a decoded message. The decoding process can be further configured, responsive to completing a decoding operation, to transmit to the client the decoded message and/or the decoding operation completion code.

Подробнее
Номер записи: 100