Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


COMMUNICATION SYSTEM USING CRYPTOGRAPHY

Subclass of:

380 - Cryptography

Patent class list (only not empty are listed)

Deeper subclasses:

Class / Patent application numberDescriptionNumber of patent applications / Date published
380270000 Wireless communication 411
380259000 Symmetric key cryptography 89
380042000 Data stream/substitution enciphering 75
380256000 Fiber optic network 58
380268000 Pseudo-random sequence scrambling 42
380036000 Time segment interchange 20
380258000 Position dependent or authenticating 17
380257000 Circuit switched network (e.g., wired telephone) 13
380269000 Having compression 6
380275000 Speech scrambler detail 6
380038000 Frequency shift or inversion 4
20100098245METHOD AND SYSTEM FOR PROVIDING SPREAD SCRAMBLED CODED MULTIPLE ACCESS (SSCMA) - A spread scrambled multiple access (SSCMA) scheme is described. A first encoded bit stream of a first terminal is scrambled according to a first scrambling signature. A second encoded bit stream of a second terminal is scrambled according to a second scrambling signature. The first scrambled bit stream is spread to match a communication channel bandwidth. The second scrambled bit stream is spread to match the communication channel bandwidth.04-22-2010
20110228929Methods and Systems for Providing Interference Based Physical-Layer Encryption - A method for encrypting an information carrier comprising generating a sequence of data using a sequence generator, modulating, using a first modulator an output from the sequence generator such that an interference signal results, encoding the interference generator's synchronization information using an encoder, modulating, using a second modulator, the encoded synchronization information such that a synchronization carrier signal results, spreading the synchronization carrier signal using a spreader such that a spread sub-carrier synchronization signal results, and combining the modulated information carrier signal, interference signal, and spread sub-carrier synchronization signal using a signal combiner such that a composite signal results, the interference signal having one or more signal characteristics that results in obfuscation of the information carrier signal when the information carrier signal and interference signal are combined.09-22-2011
20110019817PERMISSION-BASED TDMA CHAOTIC COMMUNICATION SYSTEMS01-27-2011
20090161865Diffused Data Encryption/Decryption Processing Method - The present invention discloses a diffused data encryption/decryption processing method, which comprises a plaintext, being at least a 2D matrix; and a password, being at least a 2D matrix; such that the password determines the starting point of the diffusion, the length of the diffusion, the cycle of diffusion, the number of encrypted diffusions and the number of decrypted diffusions to perform the diffusion computation of the plaintext as to achieve the purpose of processing the encryption and decryption.06-25-2009
380035000 Variable time delay modulation 2
20080205640Digital content delivery system and method - A system and a method for flexible, yet secure distribution of digital content items, optionally with an automatic payment mechanism for purchasing such content. The present invention supports the distribution of content to end user devices from a central distribution point, as in client-server models and variations thereof, and/or peer-to-peer distribution, for example between end user devices. In addition, the present invention also supports distribution models within either of these mechanisms for unitary distribution, to a specified end user device, or broadcast/multicast distribution, to a plurality of end user devices. In any case, in order for the distributed content to be operative, for example to be “played back” or otherwise displayed, the recipient end user device must be in communication with a network control center. The network control center then enables the recipient end user device to play back or otherwise display the received content, for example by sending a code to the recipient end user device. Optionally, the network control center may require payment to be received before enabling the content for the recipient end user device. Thus, the present invention supports flexible distribution of content according to a number of different distribution models, while still preventing unauthorized play back or other display throughout the lifecycle of the digital content item, and optionally enabling assured payments.08-28-2008
20120027202ADAPTIVE AND SECURE MODULAR CONNECTION - A method and system to increase the security of messages transmitted over an otherwise unsecured network. A secure channel is established in a normal manner over the network. A demodularization module on the sender sends a demodularization method to the intended receiver over the secure channel. The sender encodes a message definition and message data separately consistent with the demodularization method. The message definition and message key is sent over the secure channel as one transmission and the message data with the message key is sent as separate transmissions over the secure channel. Other embodiments are also described and claimed.02-02-2012
380267000 Correcting for random appearance of control character code 1
20090316901SECRET COMMUNICATION METHOD AND SECRET COMMUNICATION DEVICE THEREOF - A secret communication method and a communication device used in the method are provided for secret communication using communication path less frequently as a whole while avoiding a duplicative use of public communication. The secret communication method includes steps of: estimating an error ratio of initial random numbers X, Y; estimating the upper limit of an eavesdrop information amount; determining an encryption function determined by the error correction code based on the estimated error probability, an error correction decoding function g, and a decryption auxiliary variable; uniquely determining a confidentiality increase matrix C based on the estimated upper limit value of the eavesdrop information amount and the encoding ratio of the error correction code; uniquely generating a ciphertext Z from information M to be sent to a receiver using the encryption function, the initial random number X, and the confidentiality increase matrix C; transmitting the ciphertext Z; and decrypting the ciphertext Z to a transmission text M12-24-2009
Entries
DocumentTitleDate
20120201383DECRYPTING APPARATUS, ENCRYPTING APPARATUS, DECRYPTING METHOD, ENCRYPTING METHOD, AND COMMUNICATION SYSTEM - A decrypting apparatus for decrypting cryptography data included in a packet includes a receiver, a key generator, and a decrypting section. The receiver receives a packet transmitted from an encrypting apparatus that executes an encrypting process. The key generator generates a key used for the encrypting process. The decrypting section decrypts cryptography data included in the packet received by the receiver with using the key generated by the key generator. In the decrypting apparatus, the packet received by the receiver includes packet information used for generating the key. The key generator generates the key with using the packet information.08-09-2012
20120201382SYSTEM AND METHOD FOR MULTICASTING IPSEC PROTECTED COMMUNICATIONS - A system and method is provided which allows multicast communications encrypted using IPSec protocol to be received by receivers in a network. In order to allow the receivers to receive the encrypted multicast communication, the address information of the received multicast communication is modified to appear as a unicast communication being transmitted directly to the address of the receiver, such that the receiver may then decrypt the received multicast communication using IPSec decryption capabilities or may, alternatively, forward the received multicast communication in its encrypted state to other devices. The system and method further provide IPSec encryption key delivery to the receiver using an encrypted markup language file. Multiple keys may also be generated for a given IP address of a receiver with each key being generated for a particular multicasting hierarchical classification.08-09-2012
20120201379METHOD AND APPARATUS FOR PROTECTING SECURITY PARAMETERS USED BY A SECURITY MODULE - A security module includes non-volatile memory, a key protection key generator, and volatile memory. The security module performs a method for protecting security parameters that includes: storing a secret key in the non-volatile memory, wherein the secret key is unique to the security module; applying a key split algorithm to a plurality of key split components to generate a key protection key, wherein the plurality of key split components includes the secret key; decrypting an encrypted first key using the key protection key; performing at least one of media encryption or media decryption using the decrypted first key; storing the key protection key and the decrypted first key in volatile memory.08-09-2012
20110182427ESTABLISHING, AT LEAST IN PART, SECURE COMMUNICATION CHANNEL BETWEEN NODES SO AS TO PERMIT INSPECTION, AT LEAST IN PART, OF ENCRYPTED COMMUNICATION CARRIED OUT, AT LEAST IN PART, BETWEEN THE NODES - An embodiment may include circuitry to establish, at least in part, a secure communication channel between, at least in part, a client in a first domain and a server in a second domain. The channel may include a first and second domain sessions in the first and second domains. The circuitry may generate first and second domain session keys that may encrypt, at least in part, respectively, the first and second domain sessions. The first domain session key may be generated based upon a first domain key assigned to the first domain and a first data set associated with the first domain session. The second domain session key may be generated based upon a second domain key assigned to the second domain and a second data set associated with the second domain session.07-28-2011
20130044876GENOMICS-BASED KEYED HASH MESSAGE AUTHENTICATION CODE PROTOCOL - Apparatuses, systems, computer programs and methods for implementing a genomics-based security solution are discussed herein. The genomics-based security solution may include reading and parsing a plaintext message comprising a string of words and assigning a lexicographic value to each word in the string to code each word in a rational number. The solution may also include assigning a letter code to each letter. The letter code for each letter may correspond with a function in molecular biology.02-21-2013
20080260150Ic Intrusion Detection - The invention relates to an electronic device for cryptographic processing, having at least two electronic circuits (IC, CC, CP) coupled via a connection means, wherein the connection means is arranged for transferring data signals between the two electronic circuits. The electronic device further has a monitoring circuit (10-23-2008
20100080385ENCRYPTED COMMUNICATION FOR SELECTIVELY DELIVERING A MESSAGE TO MULTIPLE DECRYPTING DEVICES - Reduces message length of encrypted message to be transmitted selectively to plurality of decrypting devices. An encrypting device includes a generating unit for generating node associating information configured to associate respective terminal nodes in a tree structure with each decrypting device in relation to a group of decrypting devices enabled for decryption, an extracting unit for extracting a decryption enabled node containing decrypting devices in descendant terminal nodes and not containing a decrypting device with decryption disabled in any of the descendant terminal nodes, and a unit for encrypting the message by use of a node encryption key for the decryption enabled node. Decrypting devices include specifying unit for specifying terminal node associated with decrypting device based on node associating information, and a decrypting unit for decrypting encrypted message using a node decryption key for any decryption enabled nodes ranging from terminal node to root node thereof.04-01-2010
20110194692VOICE-OVER INTERNET PROTOCOL (VOIP) SCRAMBLING MECHANISM - Systems and methods are disclosed for securing VoIP communication. A VoIP device sends a multiple pipe scrambling request, wherein the multiple pipe scrambling request includes (1) a numeric value indicating the number pipes, (2) an IP address for each pipe, and (3) a port number for each pipe. The VoIP device receives confirmation that the scrambling request was received and sends data packets randomly to one or more available pipes on a receiving VoIP device.08-11-2011
20110194695System And Method Of Creating And Sending Broadcast And Multicast Data - A method of encrypting broadcast and multicast data communicated between two or more parties, each party having knowledge of a shared key, is provided. The key is calculated using values, some of which are communicated between the parties, so that the shared key is not itself transferred. Avoiding the transfer of the key offers several advantages over existing encryption methods.08-11-2011
20110194694Accelerated Verification of Digital Signatures and Public Keys - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. For example, a technique for verifying a signature of a message can include applying a first mathematical function to a combination of the first signature component and the second message portion to obtain an intermediate component, using the intermediate component to generate a first value and a second value, where a second mathematical function applied to the first value and the second value obtains the intermediate component, and determining the ephemeral public key based on the first value, the second value, the second signature component, the base point of the elliptic curve, and a long-term public key of the long-term private-public key pair. The technique can include verifying whether a representation of the first message portion satisfies a predetermined characteristic.08-11-2011
20110194691Method for Privacy-Preserving Computation of Edit Distance of Symbol Sequences - Embodiments of the invention discloses a system and a method for determining an encrypted edit distance as an encryption of a minimum cost of transformation of a first sequence into a second sequence based on an insertion cost, a deletion cost, and a substitution cost. The method determines recursively a current element of the matrix as an encryption of a minimum of a first element, a second element, and a third element to produce the dynamic programming solution, wherein the first element represents the insertion cost, the second element represents the deletion cost, and the third element represents the substitution costs, and wherein the current element, the first element, the second element, and the third element are homomorphically encrypted with a public key; and selects the dynamic programming solution as the encrypted edit distance, wherein steps of the method are performed by a first processor and a second processor.08-11-2011
20130028417System and Method for Dynamically Allocating Stream Identifiers in a Multi-Encryption Transport System - The present invention is suitable for use in a multi-encrypted system that dynamically allocates stream identifiers in a second stream depending upon the identifiers in a first stream. The first stream is monitored and counters are incremented with the presence of an identifier. The count for each of the counters is then received. Using the count, a control processor then assigns or revises identifiers in the second stream.01-31-2013
20130039492CONTENT RECEIVING TERMINAL, CONTENT EXPORTING AND REPRODUCING METHOD, AND RECORDING MEDIUM - A content exporting and reproducing method includes i) a content export step of encrypting a decryption key for content, that is used for decrypting the encrypted content, by using an encryption key for decryption key, recording the encrypted decryption key for content in the portable recording medium, and exporting the encrypted content sequentially to the portable recording medium, and ii) a content reproduction step of reading out the encrypted decryption key for content from the portable recording medium, decrypting the encrypted decryption key for content by using a decryption key for decryption key, reading out the encrypted content that has been exported to the portable recording medium, and decrypting the encrypted content that is read out from the portable recording medium, by using the decrypted decryption key for content to reproduce the content, while the encrypted content is exported to the portable recording medium sequentially.02-14-2013
20100046754QUANTUM COMMUNICATION METHOD AND SYSTEM BETWEEN TWO USERS USING TWO PAIRS OF PHOTONS EMMITED BY AN INDEPENDENT LASER SOURCE - The present invention relates to the exchange of information, in particular using quantum mechanically entangled particles. Information is exchanged between a first party and a second party, by: (i) generating a third party group of entangled particles; (ii) quantum mechanically entangling the particles from the third party group with a first particle, which first particle is in a state that contains information to be conveyed from the first party apparatus; (iii) quantum mechanically entangling the particles from the third party group with a second particle, which second particle is in a state that contains information to be conveyed from the second party apparatus; (iv) using the first party apparatus to perform a local measurement on at least one of the third party group of entangled particles such that the result of the measurement provides an indication of the information from the second party apparatus; and, (v) using the second party apparatus to perform a local measurement on at least a further one of the third party group of entangled particles such that the result of the measurement provides an indication of the information from the first party apparatus.02-25-2010
20130077788Selective Downlink Data Encryption System for Satellites - A method and apparatus for a satellite system. A satellite system is comprised of a communications system in a satellite and a number of computers associated with the satellite. The communications system is configured to receive first information and transmit second information from the satellite to a remote platform over a number of communications links. The number of computers is configured to identify a block of information for encryption from instructions in the first information. The number of computers is further configured to generate a key from a portion of the block of information based on the instructions. The number of computers is further configured to perform an exclusive OR operation on the block of information using the key to form a block of encrypted information. The number of computers is further configured to transmit the block of encrypted information.03-28-2013
20080260151USE OF METADATA FOR TIME BASED ANTI-REPLAY - A system and method for facilitating anti-replay protection with multi-sender traffic is disclosed. The system employs time-based anti-replay protection wherein a sender transmits a data packet with a pseudo-timestamp encapsulated in a metadata payload. At the receiving end, the receiver compares the pseudo-timestamp information received with its own pseudo-time, determines if a packet is valid, and rejects a replay packet. The pseudo-time information is transmitted through the metadata payload and new fields need not be added to the IPSec (IP Security) Protocol, thus the existing hardware can be employed without any changes or modifications.10-23-2008
20090154699NETWORK-BASED DATA EXCHANGE - A method associated with the exchange of information over a network may include receiving a request for information from a first entity, identifying a second entity based on the request and receiving information from the first entity defining data or a type of data to be provided by the second entity. The method may also include modifying the request to a format compatible with the second entity and forwarding the modified request to the second entity. The method may further include receiving data from the second entity in response to the modified request, modifying the data from the second entity and forwarding the modified data to the first entity.06-18-2009
20100040231Security Classes in a Media Key Block - According to one embodiment of the present invention, a method for broadcast encryption with security classes in a media key block is provided. In one embodiment the method includes receiving encrypted media of a first and a second class, where the media includes a common media key block, in a device of a first class and in a device of a second class. A first media key is calculated from the common media key block in the device of a first class. A first media key precursor is calculated from the common media key block in the device of a second class. The first media precursor may be used to decrypt media of a first class. The first media precursor may also be used to calculate a second media key in the device of a second class to decrypt content of a first class.02-18-2010
20120183139ENCRYPTION APPARATUS, DECRYPTION APPARATUS, ENCRYPTION METHOD, DECRYPTION METHOD, AND ENCRYPTION/DECRYPTION SYSTEM - In order to protect SSL encrypted communication from MITM attacks, a server certificate is used in the communication. However, operation of the server certificate is not simple, and the certificate is not sufficient to protect the communication from the MITM attacks. In SSL encrypted communication in which a password is shared between a client and a server, the client encrypts random number data and a password by means of a public key, determines a value by processing encrypted data by means of encrypted password data, and transfers the thus-determined value to the server. The server eliminates the password encrypted data from the value and back calculates the random number data, which are then decrypted, to thus acquire the random number data generated by the client. A hash value of the random number data is submitted to the client.07-19-2012
20130083924SYSTEMS AND METHODS FOR BROADCAST ENCRYPTION OPTIMIZATION AND SCALABILITY - A content distribution method with broadcast encryption, comprising: executing a setup process, comprising: generating public domain parameters, generating a server secret, and generating one or more client private keys, one for each content receiving client; executing an encryption process, comprising: generating a cipher text using the server secret, a subscriber set, and a randomness, the cipher text being constant and independent of total number of content receiving clients in a distribution network, generating a plain text using the server secret and the randomness, encrypting an original content into an encrypted content using the plain text; distributing the client private keys to the content receiving clients; distributing the cipher text to the content receiving clients; broadcasting the encrypted content through the distribution network; and executing a decryption process on the encrypted content by each of the content receiving clients in the distribution network.04-04-2013
20100329458SMARTCARD, HOLDER AND METHOD FOR LOADING AND UPDATING ACCESS CONTROL DEVICE FIRMWARE AND/OR PROGRAMS - A smartcard having a secure memory storing new firmware, new programs, and/or updated firmware and/or programs. A holder configured to receive the smartcard and to position the smartcard within communication range of an access control device. Methods for loading and/or updating access control device firmware, programs and/or software.12-30-2010
20130089203Content Consumption Frustration - A device including a receiver to receive a media stream including media content for a plurality of services, the content packed into packets each having a header and payload including a part of the content of one of the services, a mapping table(s) directly or indirectly mapping, the services to packet-IDs such that each service is mapped to one packet-ID, thereby enabling the packets including the content of a service to be identified via the packet-ID identifying that service, encrypted packet-IDs such that each packet includes its encrypted packet-ID in its header, and a packet filter to derive the packet-ID of that service from the mapping table(s), calculate the encrypted packet-ID from the derived packet-ID, and filter, from the media stream, the packets with the header including the calculated encrypted packet-ID yielding the packets including the part of the content of that service. Related apparatus and methods are also described.04-11-2013
20100002879Method and apparatus for reducing communication system downtime when configuring a cryptographic system of the communication system - Disclosed is a method and apparatus for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system where the cryptographic system includes a first cryptographic device operatively coupled to a plurality of second cryptographic devices via a communication network of the communication system. The method includes causing a pass-through mode of the second cryptographic devices to be suspended, sequentially determining a state of each of the second cryptographic devices, causing the second cryptographic devices and the first cryptographic device to substantially simultaneously operate in a secure mode if each of the second cryptographic devices is determined to have a first state, and causing the second cryptographic devices and the first cryptographic device to operate in the pass-through mode if at least one of the plurality of second cryptographic devices is determined to have a second state.01-07-2010
20090304183COMMUNICATION SYSTEM AND COMMUNICATION METHOD - To improve a communication system including two communication apparatuses so as to reduce a possibility of having communication decrypted by a third party. The communication system includes a first communication apparatus and a second communication apparatus, where one of the communication apparatuses encrypts transmission subject data and transmits generated encrypted data to the other communication apparatus which decrypts received encrypted data. Each of the communication apparatuses generates an algorithm used for encryption each time it performs the encryption or decryption. In this case, each of the communication apparatuses generates the algorithm by assigning past solutions to a solution generating algorithm capable of having the past solutions assigned thereto and thereby generating a new algorithm. The past solutions are erased when they are no longer used.12-10-2009
20090097648CONTENT SERVICE PROVIDING METHOD AND AUTHENTICATION METHOD BETWEEN DEVICES USING BROADCAST ENCRYPTION, DISPLAY DEVICE, AND RESOURCE-CONSTRAINED DEVICE - A method of providing a content service and an authentication method between devices using broadcast encryption, a display device, and a resource-constrained device are provided. A method of providing a content service, the method including: transmitting, to a display device, an identification (ID) of a resource-constrained device via the resource-constrained device; receiving encryption information from the display device via the resource-constrained device; and decrypting the encryption information by using a stored secret key set via the resource-constrained device.04-16-2009
20130070925COMMUNICATION DEVICE, RECORDING MEDIUM, AND METHOD THEREOF - A communication device includes a data storage unit, a decryption unit, an encryption unit, and a judgment unit. The data storage unit stores a piece of encrypted data or a piece of decrypted data. The decryption unit decrypts each provided piece of encrypted data. The encryption unit encrypts each provided piece of decrypted data. The judgment unit issues an instruction to the encryption unit to read from the data storage unit first decrypted data obtained by the decryption unit decrypting first encrypted data with a cryptographic key, and to write back to the data storage unit second encrypted data obtained by the encryption unit encrypting the first decrypted data with the cryptographic key.03-21-2013
20130058483Public key cryptosystem and technique - A method is set forth for encrypting and decrypting a message, including: selecting a plurality of integers and a plurality of vectors, and deriving therefrom a public key that includes a collection of vectors and a private key; selecting a message, in the form of a vector; selecting a vector of random weights; deriving a preliminary encrypted message, in the form of a vector, as a function of the selected message, the public key, and the random weights; evaluating the preliminary encrypted message to derive a normalizing value; combining the preliminary encrypted message and the normalizing value, to obtain a security-enhanced encrypted message; and decrypting the security-enhanced encrypted message using the private key, to recover the selected message.03-07-2013
20130058482INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - According to at least one embodiment, an information processing apparatus includes: a content acquiring module configured to receive or store a content according to a first copyright protection method; a filter configured to acquire PIDs from first packets of the content; an analyzing module configured to acquire a PAT/PMT from each of the PIDs; a generating module configured to generate a PMT based on the PAT/PMT according to a second copyright protection method; encrypters configured to encrypt PES payloads by managing independent sets of an encryption key and an initial vector for the respective PIDs; and a packet generating module configured to generate second packets based on encryption results.03-07-2013
20090092250Methods and Systems for N-State Signal Processing with Binary Devices - Linear Feedback Shift Registers (LFSRs) based 204-09-2009
20090092251SYMMETRIC KEY CRYPTOGRAPHIC METHOD AND APPARATUS FOR INFORMATION ENCRYPTION AND DECRYPTION - For information encryption and decryption the apparatus uses the same hardware keys, which have the transition matrix of a key-automaton with no output signal and with an initial state and a final state burnt in. To each character in the character set of the plaintext message there is one or more final states of the key-automaton assigned. During encryption the message is read in sequentially character by character and the key automaton assigns to each character a random character string, whose length is adjustable length within a given length range. The process is the following: for each character in the message the apparatus generates a character string of adjustable length and with no initial- and end markers, which takes the apparatus from its current state into the final state that corresponds to the subsequent character of the message. The apparatus creates the encrypted message by linking these character strings together. The encrypted message can be decrypted using the same apparatus.04-09-2009
20130058484METHOD AND SYSTEM FOR SECURED BROADCASTING OF A DIGITAL DATA STREAM - A method and system for secured broadcasting of a digital data flow between a technical platform (03-07-2013
20110058673PUBLIC KEY ENCRYPTION FOR GROUPS - A system is comprised of a user and a group, wherein the group is comprised of a group leader and a group of M members where M is equal to or greater than one. The group leader generates a group public key and a group leader “master” private key. The group leader creates a personalized watermarked or decryption key, also referred to as an individual private key, for each group member. The individual private key uniquely identifies each group member. The group leader distributes the individual private keys to each of the group members. Each group member receives from a user a message encrypted using the group public key. Each of the group members uses its individual private key to decrypt the encrypted message sent by the user to the group.03-10-2011
20110058671SECURE PROTOCOL TERMINAL ADAPTER - A system and method for a terminal adapter including a telephony station interface, a data communications interface, and a processing unit. The processing unit is configured to establish a first connection over the data communications interface and a second connection over the telephony station interface. The processing unit is configured to communicate secure information between the first connection and the second connection. The processing unit includes a V.150 internetworking function and/or an Assured Services Session Initiation Protocol (AS-SIP) stack.03-10-2011
20090268908Methods and Apparatus for Securely Classifying Data - Techniques are disclosed for securely classifying or decoding data. By way of example, a method of determining a most likely sequence for a given data set comprises a computer system associated with a first party performing the following steps. An encrypted model is obtained from a second party. The encrypted model is utilized to determine cost values associated with a particular sequence of observed outputs associated with the given data set. The cost values are sent to the second party. At least one index of a minimum cost value determined by the second party from the cost values sent thereto is obtained from the second party. A minimum cost sequence resulting from the at least one index is determined as the most likely sequence.10-29-2009
20120224692METHOD FOR PUBLIC-KEY ATTRIBUTE-BASED ENCRYPTION WITH RESPECT TO A CONJUNCTIVE LOGICAL EXPRESSION - The aim of the present invention is to propose a method for providing attribute-based encryption for conjunctive normal form (CNF) expressions, the said CNF expression comprising at least one clause over a set of attributes, the said method using a key generation engine, an encryption engine and a decryption engine.09-06-2012
20120224691SYSTEM AND METHOD PROVIDING RESILIENT DATA TRANSMISSION VIA SPECTRAL FRAGMENTS - Systems, methods and apparatus for securely transmitting a data stream by dividing a data stream into a plurality of sub-streams; associating each substream with a respective spectral fragment; encrypting at least some of the sub-streams; and modulating each sub-stream to provide a respective modulated signal adapted for transmission via a respective spectral fragment.09-06-2012
20120224689ENFORCING SOFTWARE INDEPENDENT CONTENT PROTECTION IN AN ELECTRONIC DEVICE DURING TRANSCODING - A Set Top Box (STB) or client computer includes a communication interface operable to receive digital messages and digital content, memory, a transcoder, a central processing unit, and security processing circuitry. The security processor (or other components of the STB) is operable to identify protected digital content of the digital content that is to be isolated from the central processing unit during transcoding and to isolate the protected digital content from the central processing unit during the transcoding. The CPU may be denied access to a protected portion of the memory during the transcoding in which the transcoder stores non-scrambled protected digital content. The protected portion of the memory may be buffer memory accessible by the transcoder and not accessible by the central processing unit. The protected digital content may be identified from the digital message.09-06-2012
20130064371Systems and Methods of Multidimensional Encrypted Data Transfer - Example embodiments of the systems and methods of multidimensional encrypted data transfer disclosed herein also introduce novel and unobvious methods to store and access information. In example embodiments of the systems and methods of multidimensional encrypted data transfer disclosed herein, a multidimensional data structure is developed. For example, at least one additional dimension is added to a 2D data structure. Data may be encoded within multiple facets. Example embodiments of the multidimensional encoding include non-limiting examples of stacking or providing images or tiles in a very short period of time and moving a 3-dimensional object in space. In one example application, a number of distinct 2D data structures are presented over a time period in a .gif file.03-14-2013
20130163757METHOD AND APPARATUS FOR CONNECTION TO VIRTUAL PRIVATE NETWORKS FOR SECURE TRANSACTIONS - A system and method are provided for use in establishing secure end-to-end communication links over a VPN gateway via a network interface unit. Illustrative embodiments include establishing and providing secure communication relationships between users (customers) and companies for e-commerce and other business purposes. Each company's data and linkage to users remaining private and secure from the other participating companies as well as from the general public over the Internet. Login by user with network interface units, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Required authentication exchanges and required encryption key exchanges facilitate the secure communications. Financial arrangements regarding the provisioning and use of network interface units are also disclosed.06-27-2013
20130064370DISTRIBUTION OF PORTIONS OF CONTENT - Techniques for obtaining and providing a portion of content include receiving a request for the portion of the content, requesting and receiving one or more data chunks, processing the one or more data chunks, and providing one or more data blocks as the requested portion of the content. The processing may include validating, decrypting, and/or decompressing the one or more data chunks to create the one or more data blocks. Techniques for providing metadata and one or more data chunks may include receiving content and dividing the content into data blocks. Processing may then be performed on the data blocks to create data chunks, and the metadata may be generated from the processing. The metadata and one or more of the data chunks may be provided to a device.03-14-2013
20090232306COMMUNICATION SYSTEM AND COMMUNICATION METHOD - To improve a communication system including two communication apparatuses in order to reduce a possibility of having communication thereof decrypted by a third party. The communication system includes a first communication apparatus and a second communication apparatus, where one of the communication apparatuses encrypts transmission subject data to generate encrypted data and transmits it to the other communication apparatus which then decrypts received encrypted data. Before performing encryption, each of the communication apparatuses cuts the transmission subject data by a predetermined number of bits to generate transmission subject cut data. In this case, each of the communication apparatuses varies the number of bits of the transmission subject cut data, and mixes dummy data of a size of which number of bits matches with the largest number of bits out of the numbers of bits of the transmission subject cut data into the transmission subject cut data other than that of the largest number of bits.09-17-2009
20090316898RANDOM NUMBER GENERATION - A method and apparatus for obtaining, while on a spacecraft, a random number and hence a secure cryptographic key. The method includes the steps of providing, on the spacecraft, a device capable of producing random information when subject to random space phenomena, obtaining the random information and producing a random number therefrom and using an algorithm to establish the secure key. The apparatus includes a random access memory which experiences bit-flips when struck by radiation such as cosmic rays. Changes in the RAM bits are propagated using a linear feedback shift register.12-24-2009
20090010434METHOD OF ESTABLISHING A CRYPTOGRAPHIC KEY, NETWORK HEAD AND RECEIVER FOR THIS METHOD, AND METHOD OF TRANSMITTING SIGNALS - This method of establishing a cryptographic session key comprises: a subscription phase (01-08-2009
20090010433SCHRYPTION METHOD AND DEVICE - A schryption of a text message is based on a schryption key for defining one or more aspects of an encryption and/or a decryption of the text message. For an encryption of the text message, the schryption key is derived from a user key in the form of an encryption key (e.g., a secret key or a public key), and the text message in the form of plaintext is encrypted as defined, at least partially, by the schryption key to thereby yield a ciphertext. For a decryption of the text message, the schryption key is derived from user key in the form of a decryption key (e.g., a secret key or a private key), and the text message in the form of a ciphertext is decrypted as defined, at least partially, by the schryption key to thereby yield a plaintext.01-08-2009
20090010432STORAGE SYSTEM EXECUTING ENCRYPTION AND DECRYPTION PROCESSING - A storage system 01-08-2009
20100086132DATA ENCODING METHOD - A method of encoding a piece of information circulating in a network comprising at least one information transmitting node and one recipient node, using a public key encryption system, characterized in that it comprises at least the following steps: generating a public key by using a public key generation matrix NG consisting of u columns and u rows, an element of a column or of a row being a block formed by the code generation matrix G, and by use of a public key given by the matrix PUK=RI (matrix multiplication by block) NG (matrix multiplication) RP. The private key and the public key obtained are used to encode and decode the information transmitted in the network.04-08-2010
20120237030ELLIPTIC CURVE-BASED MESSAGE AUTHENTICATION CODE SYSTEM AND METHOD - The elliptic curve-based message authentication code is a computational method for improving the security of existing message authentication code (MAC) generating methods through the use of elliptic curve cryptography. Particularly, the message authentication codes and elliptic curve cryptography are based on an elliptic curve discrete logarithm problem, which is well known in mathematics to be a computationally hard problem.09-20-2012
20090220081Mechanism for broadcast stenography of data communications - In one embodiment, a mechanism for broadcast stenography of data communications is disclosed. In one embodiment, a method includes creating a plurality of messages for transmission to one or more recipients, the plurality of messages including one or more real messages intended for one or more of the recipients and one or more bogus messages intended for none of the recipients. The method further includes for each intended recipient of the one or more real message, calculating a message authentication code (MAC) based on the message and a shared secret key kept between a broadcaster of the plurality of messages and the intended recipient, and for each of the plurality of messages, creating a plurality of unique pseudo-MACs that have an identical format to a real MAC. In addition, the method includes sending the plurality of messages to the one or more recipients, with the calculated MACs for each intended recipient attached to the one or more real message and the associated unique pseudo-MACs attached to each message of the plurality of messages.. Other embodiments are also described.09-03-2009
20120269344METHODS AND APPARATUS FOR CREATING MUSIC MELODIES - A method of operating a music creation system is disclosed. The method includes receiving an input of characters, executing an algorithm to transform the characters into a string of musical notes, displaying the string of musical notes in a human readable format through the at least one output device, and acoustically outputting the string of musical notes.10-25-2012
20120201380COMMUNICATION APPARATUS AND SECURE MODULE - A communication apparatus includes: a secure module; a first storage device, provided outside the secure module, to store a program for encrypted communication with an apparatus external to the communication apparatus using a cryptographic key stored in the secure module; a detecting unit, provided in the secure module, to detect tampering of the program; and a setting unit, provided in the secure module, to disable the encrypted communication when the tampering of the program is detected.08-09-2012
20100014670One-Way Hash Extension for Encrypted Communication - Various apparatuses, methods and systems for encrypted communication are disclosed herein. For example, some embodiments provide an apparatus for encrypted communication, including a transmitter and a receiver. The transmitter includes a first one-way hash calculator and an encryptor. The encryptor has a code input connected to a hash value output of the first one-way hash calculator. The receiver includes a second one-way hash calculator. The first and second one-way hash calculators are configured with the same key. The decryptor has a code input connected to the hash value output of the second one-way hash calculator. The decryptor data input is connected to the encryptor output.01-21-2010
20110280399Transmission, reception and identification methods, security processor and information recording medium for said methods - The invention pertains to a method for transmitting a piece of additional data from a security processor to an external apparatus, in which the transmission of the piece of additional data is done by delaying (11-17-2011
20090028331Scrambled Digital Data Item - A method of decrypting a scrambled digital data item at a client is disclosed, the method including: receiving actual control messages at the client, wherein each actual control message includes control word generating information for generating a control word associated with the actual control message; storing the actual control messages at the client; receiving the scrambled digital data item at the client independently of the actual control messages, wherein the scrambled digital data item includes a plurality of segments of scrambled digital data, each segment of scrambled digital data being associated with one of the actual control messages and being scrambled with the control word associated with the one of the actual control messages, and wherein the scrambled digital data item further includes a plurality of reference control messages, each segment of scrambled digital data comprising one of the reference control messages, each of the reference control messages including a control message reference value identifying the actual control message associated with the segment of scrambled digital data; and decrypting the scrambled digital data item using the plurality of actual control messages.01-29-2009
20090034725METHOD OF AND SYSTEM FOR ENCRYPTION AND AUTHENTICATION - The invention provides a method of and system for networked security, involving multiple clients and servers. Rather than relying on single server based authentication and/or single stream based data transmission, the invention breaks apart information before if leaves the User's computer so that intercepting any single electronic message does not provide the hacker with sufficient information to gain access. The invention splits the values (i.e. password, User name, card number for authorization; enrypted text for encryption, etc.) at the point of sender/external authorization client. These split values are encrypted with different keys and transmitted to multiple external authorization servers. The invention can be applied to any secure transmission, storage or authentication of data over a data network.02-05-2009
20110293094DIGITAL HANDSHAKE BETWEEN DEVICES - This is directed to a digital handshake for establishing a secure communications path between two electronic devices. Each device can capture an image of the other device using a camera (e.g., a front facing camera or a back facing camera) and extract, from the captured image, a key or seed associated with the other device. For example, each device can display a seed to be identified from an image taken by the other device. Using the extracted keys or seeds, each device can generate, using a same process, an identical digital handshake key. The digital handshake key can then be used to define a secure communications path between the two devices and share information securely. In some embodiments, a digital handshake key can be shared among several devices to create a multi-device secure communications path. Once a communications path has been established, the devices in the path can be identified and authenticated from the digital handshake key to receive access to secured goods, services or information.12-01-2011
20080232585Method for Code Generation - A method for generating codes for encrypting data of an encrypting device and for decrypting said data by a decrypting device. The method includes the steps of providing a personal identification code to the encrypting device, the personal identification code being known or obtainable by the decrypting device, and selecting from a set of code generation parameters a current code generation parameter. The encryption code for encrypting the data of the encrypting device is generated by an algorithm, the algorithm being a function of the current code generation parameter and the personal identification code. The current code generation parameter is either known to the decrypting device based on its position in the sequence of said code generation parameters, or is transmitted to the decrypting device such that the decrypting device can generate the encryption code using the current code generation parameter, the personal identification code and the algorithm to allow decryption of the data.09-25-2008
20110299683DESCRAMBLER - According to one embodiment of the invention, the descrambler IC comprises a local memory to store a unique key and a plurality of process blocks. A first process block is adapted to perform cryptographic operations on input information using the unique key to produce a user key. A second process block is adapted to perform cryptographic operations on incoming information using the user key to produce a copy protection key while a third process block uses the unique key to decrypt an encrypted descrambling key and recover the descrambling key. The decryption logic uses the descrambling key to decrypt encrypted incoming digital content and produce digital content in a clear format. The encryption logic uses the copy protection key to re-encrypt the digital content in the clear format and produce encrypted digital content for transmission from the descrambler.12-08-2011
20090296932ENCRYPTED VOIP CALLS - The invention regards a system and a method to encrypted calls through a voice over Internet protocol in at least one of a telecommunication and a data network. Every call in the network (12-03-2009
20090175446COMMUNICATION APPARATUS AND CONTROL METHOD - This invention allows connection of an apparatus with a low security level without lowering the security level of a network even when such apparatus issues a connection request. This invention is directed to an access point which makes wireless communications with a station using an encryption method (AES). Upon reception of a connection request message including information indicating an encryption method (WEP) that can be used by a station, the access point checks if the encryption method (WEP) recognized based on the received connection request message is different from the encryption method (AES). When it is determined that the two encryption methods are different, the access point launches a controller which makes wireless communications with the station using that encryption method (WEP).07-09-2009
20090169005SELECTIVELY LOADING SECURITY ENFORCEMENT POINTS WTH SECURITY ASSOCIATION INFORMATION - A method, network element, and computer storage program product, are provided for selectively loading a communication network security enforcement point (“SEP”) with security association (“SA”) information for inspection of encrypted data in a secure, end-to-end communications path. At least one encrypted data packet is received. It is determined that SA information for decrypting the at least one encrypted data packet fails to exist locally at the SEP. A request is sent to a communication network key server for SA information associated with the at least one encrypted data packet. The SA information associated with the at least one encrypted data packet is received from the communication network key server.07-02-2009
20110007898METHOD FOR TRANSFERRING ENCRYPTED USEFUL DATA OBJECTS - An apparatus and method for transferring encrypted useful data objects (NDO) to a first telecommunication terminal (TG01-13-2011
20090190758Method and Apparatus for Authentication Service Application Processes During Service Reallocation in High Availability Clusters - A method and communication node for providing secure communications and services in a High Availability (HA) cluster. The communication node comprises an Operating System (OS) that detects an unavailability of a first service application process and switches a second service application process from the first state to the second state, the second service application being selected for taking over service currently provided from the first service application process, the first state and the second state each being associated to a set of rights in the cluster. The OS generates a private key for the second service application process based on its second state. The set of rights associated to the second state allows the OS to replace the first service application process with the second service application process for providing secure communications between the second service application and other service application processes in the HA cluster.07-30-2009
20080240434STORAGE VIRTUALIZATION APPARATUS COMPRISING ENCRYPTION FUNCTIONS - A storage virtualization apparatus comprises a judgment portion. The judgment portion judges whether encryption functions are present in an external storage subsystem having an external logical volume identified based on a write request received from a higher-level device. When the result of the judgment is negative, the storage virtualization apparatus uses its own encryption functions to encrypt the data of the write request before transmission to the external storage subsystem, but when the result of the judgment is positive, the storage virtualization apparatus transmits the data of the write request as-is to the external storage subsystem, without using its own encryption functions to perform encryption.10-02-2008
20100014669Codec-independent encryption of material that represents stimuli intended for human perception - Processors that encrypt frames of data representing images and sounds, for example, use a first encryption process to encrypt control data that includes selected data from the data frames and use a second encryption process to encrypt non-selected data from the data frames. The first encryption process is responsive to a key, which may be associated with an intended recipient of the data frames. The second encryption process is responsive to a key that is obtained or derived from the control data. The encrypted control data and the encrypted non-selected data may be delivered to a receiver using separate media. The receiver recovers the data frames using decryption processes that are inverse to the first and second encryption processes. Efficient implementations of the second encryption process are disclosed.01-21-2010
20090274299OPEN ARCHITECTURE BASED DOMAIN DEPENDENT REAL TIME MULTI-LINGUAL COMMUNICATION SERVICE - A system and method for real-time network communications provides a session identifier as a public key for group communication between clients, and provides a channel identifier representing a private key for each of a plurality of clients. The channel identifier includes client-specific attributes, which function to indicate grouping criteria for the group communication. A dynamic communication link is created over a network between a client and a service based upon the public and private key combination such that group communication is enabled based upon the attributes of the private key and the public key. Communications are translated using a translation service which employs the attributes associated with the private key and the public key combination to provide response information in a designated language to enable multi-lingual real-time communications.11-05-2009
20100027796MULTI-ENCRYPTION - Embodiments of methods, apparatuses, or systems associated with multi-encryption are disclosed.02-04-2010
20110261959METHOD AND APPARATUS FOR REMOTELY INSERTING WATERMARK INTO ENCRYPTED COMPRESSED VIDEO BITSTREAM - A method and apparatus for remote watermarking of a media program is disclosed. The method inserts a pattern of substituted second versions of media program portions that are invisible to the viewer, into reproduced copies of the media program. The method permits the watermarking of encrypted media programs.10-27-2011
20120027211Security Key Management In IMS-Based Multimedia Broadcast And Multicast Services (MBMS) - A system, method, and nodes for managing shared security keys between a User Equipment, UE, an authentication node such as an SCF/NAF, and a service node such as a BM-SC or AS. The SCF/NAF allocates to each BM-SC, a different SCF/NAF identifier such as a fully qualified domain name, FQDN, from the FQDN space the SCF/NAF administers. The SCF/NAF then locally associates these allocated FQDNs with the connected BM-SCs and with different services. The network sends the correct FQDN to the UE in a service description for a desired service, and the UE is able to derive a security key using the FQDN. When the UE requests the desired service, the SCF/NAF is able to associate the service identifier with the correct FQDN and an associated BM-SC. The SCF/NAF uses the FQDN to obtain the security key from a bootstrapping server and sends it to the associated BM-SC. As a result, the UE and the associated BM-SC share a specific security key.02-02-2012
20110194693CRYPTOGRAPHIC PROCESSING APPARATUS AND METHOD - A cryptographic processing apparatus that encrypts plaintext using a fixed-value common key that is shared with other cryptographic processing apparatus, includes an acquiring unit that acquires random information being used within the cryptographic processing apparatuses, an encrypting unit that encrypts encryption target data using key information and outputs encrypted data when the encryption target data and the key information is set, a transmitting unit that transmits, to the other cryptographic processing apparatus, the encrypted data; and a setting unit that sets the fixed-value common key as the key information and the random information as the encryption target data when the random information is acquired by the acquiring unit, and sets the encrypted data as the key information and at least one portion of the plaintext as the target data when the encrypted data is acquired.08-11-2011
20090316897COMMUNICATION APPARATUS, KEY SERVER, AND DATA - A communication apparatus that encrypts a plurality of pieces that constitute a part of data and transmits the encrypted pieces stores an encrypted piece that is one of the pieces encrypted by another communication apparatus, and first decryption key information used for decrypting the encrypted piece, while keeping the encrypted piece and the first decryption key information in correspondence with each other. Further, the communication apparatus generates temporary information that can be different at each time of generation, further performs an encrypting process on the encrypted piece based on the temporary information, and outputs a new encrypted piece. The communication apparatus transmits the new encrypted piece, the first decryption key information that is stored in correspondence with the encrypted piece, and second decryption key information used for decrypting the encrypting process.12-24-2009
20090310782MAPPING SCHEMES FOR SECONDARY SYNCHRONIZATION SIGNAL SCRAMBLING - Embodiments of the present disclosure provide a transmitter, a receiver and methods of operating a transmitter and a receiver. In one embodiment, the transmitter includes a synchronization unit configured to provide a primary synchronization signal and a secondary synchronization signal having first and second segments. The transmitter also includes a secondary scrambling unit configured to provide a scrambled secondary synchronization signal, wherein scrambling agents for the first and second segments are derived from a primary synchronization sequence of the primary synchronization signal. The secondary scrambling unit is further configured to provide an additional scrambling of one of the first and second segments, wherein a second scrambling agent is derived from the remaining segment of a secondary synchronization sequence of the secondary synchronization signal. The transmitter further includes a transmit unit configured to transmit the primary synchronization signal and the scrambled secondary synchronization signal.12-17-2009
20090141896PROCESSING MODULE OPERATING METHODS, PROCESSING MODULES, AND COMMUNICATIONS SYSTEMS - A processing module operating method includes using a processing module physically connected to a wireless communications device, requesting that the wireless communications device retrieve encrypted code from a web site and receiving the encrypted code from the wireless communications device. The wireless communications device is unable to decrypt the encrypted code. The method further includes using the processing module, decrypting the encrypted code, executing the decrypted code, and preventing the wireless communications device from accessing the decrypted code. Another processing module operating method includes using a processing module physically connected to a host device, executing an application within the processing module, allowing the application to exchange user interaction data communicated using a user interface of the host device with the host device, and allowing the application to use the host device as a communications device for exchanging information with a remote device distinct from the host device.06-04-2009
20100119069NETWORK RELAY DEVICE, COMMUNICATION TERMINAL, AND ENCRYPTED COMMUNICATION METHOD - A time required for actually starting encrypted communication after a trigger of an encrypted communication is shortened. When a key exchanging process is to be applied in order to exchange key information upon encrypting a communication performed between a communication terminal 05-13-2010
20100124329ENCRYPTED COMMUNICATION BETWEEN PRINTING SYSTEM COMPONENTS - A system and method of communicating between a first device and a second device are provided. The method includes providing unencrypted data to be transmitted in the first device, encrypting at least a portion of the unencrypted data to be transmitted to form encrypted data, using at least a portion of the encrypted data to form a first validation code, appending the first validation code to the unencrypted data to form a packet of data to be transmitted, and transmitting the packet of data from the first device to the second device. The first device and the second device can include inkjet printing system components.05-20-2010
20120189121CASCADING DYNAMIC CRYPTO PERIODS - Systems and methods for performing cascading dynamic crypto periods are disclosed. In embodiments, a control word and a set of functions is transmitted between a head-end and recipient devices at the beginning of a crypto period. The crypto period is divided into a discrete number of sub-crypto periods. The control word used to encrypt and decrypt the broadcast content is changed during each sub-crypto period. At the end of the first sub-crypto period, a derived control word is generated by passing the original control word to a function in the set of functions in order to generate a derived control word at the first transition between sub-crypto periods. The derived control word is used for encryption and decryption of the broadcasted content during the second sub-crypto period. Upon transitioning to the third sub-control-period, the derived control word is input into another function to produce a second derived control word.07-26-2012
20100086133Key Providing System, Key Providing Apparatus, Terminal Device, Key Providing Method, and Key Generation Method - A key providing apparatus for providing a key used for encryption or decryption of data to a predetermined terminal device is provided. The key providing apparatus includes an acquiring unit for acquiring a digraph formed by arranging at least one directional branch connecting the coordinate points on a coordinate axis having a plurality of coordinate points each corresponded with a subset representing a combination of a plurality of terminal devices, an extracting unit for extracting information of all the directional branches contained in the directional path connecting a starting point of the digraph and a predetermined coordinate point, and a key generation unit for generating a key corresponded to a subset to which a predetermined terminal deice belongs based on the digraph, where the information of the directional branch is provided to the predetermined terminal device.04-08-2010
20090046857QUANTUM CRYPTOGRAPHY TRANSMISSION SYSTEM AND OPTICAL DEVICE - A quantum cryptography transmission system according to the present invention comprises a transmission device (02-19-2009
20120106735ENCRYPTION KEY DISTRIBUTION SYSTEM - The encryption key distribution system includes a node A, a node B, and an authentication server S. Upon receiving a first nonce created by the node A and a second nonce created by the node B, the authentication server S creates a session key. The authentication server S sends a first message authentication code value and a first encryption message to the node A. The first encryption message is created by encrypting the first nonce, the session key, and first additional information with a first secret key. The authentication server S sends a second message authentication code value and a second encryption message to the node B. The second encryption message is created by encrypting the second nonce, the session key, and second additional information with a second secret key. The node A decrypts the first encryption message with the first secret key, thereby obtaining the session key and the first additional information. Further, the node A authenticates the session key by use of the first message authentication code value. The node B decrypts the second encryption message with the second secret key, thereby obtaining the session key and the second additional information. Further, the node B authenticates the session key by use of the second message authentication code value.05-03-2012
20090169007Control Area Network Data Encryption System and Method - A power machine is configured to carry an attachment which is detachably coupleable to the power machine. The power machine includes a supporting frame with an operating compartment from which an operator operates the power machine to actuate one or more actuators of the power machine. A sensing unit senses a change in an operating device of the power machine and generates data indicative of the change. A first controlling unit, positioned on and coupled to the power machine, receives the data from the sensing unit indicative of the change in the operating device, and generates in response a set of corresponding operating messages. An encryption module positioned on and coupled to the power machine uses a key to encrypt at least a first portion of the set of operating messages into encrypted messages. A first control-area-network (CAN) controller formats the encrypted messages into a CAN format, and the encrypted messages in the CAN format are transmitted over a CAN bus. At an attachment, the encrypted messages are received from the CAN bus, decrypted using the key, and used by a second controlling unit to execute instructions or acts.07-02-2009
20090262936DIGITAL CONTENT ENCRYPTING APPARATUS AND OPERATING METHOD THEREOF - The invention is directed to a source device and a method for encrypting digital contents at the source device. According to an embodiment, the method includes receiving digital content from an external device, the digital content being encrypted using a first encryption algorithm in the external device; decrypting the received digital content; performing an addition operation by using a first source internal key and an identifier (ID), the ID being associated with at least one of a target device and a storage medium of the target device; generating a source encryption key based on an output of the addition operation and a second source internal key by using a second encryption algorithm; re-encrypting the decrypted digital content using the source encryption key; and transmitting the re-encrypted digital content without the source encryption key to the target device.10-22-2009
20090262935DIGITAL CONTENT ENCRYPTING APPARATUS AND OPERATING METHOD THEREOF - The invention is directed to a source device and a method for encrypting digital contents at the source device. According to an embodiment, the method includes performing a first addition operation by using a first source internal key and an identifier (ID), the first source internal key being associated with the source device, the ID being associated with at least one of a target device and a storage medium of the target device, and the target device being connected to the source device; generating a source encryption key based on an output of the first addition operation and a second source internal key by using a predetermined encryption algorithm, wherein the second source internal key is associated with the source device; encrypting the digital content using the source encryption key; and transmitting the encrypted digital content without the source encryption key to the target device.10-22-2009
20090262934DIGITAL CONTENT ENCRYPTING APPARATUS AND OPERATING METHOD THEREOF - The invention is directed to a source device and a method for encrypting digital content at the source device. According to an embodiment, the method includes authenticating a target device connected to the source device using an identifier (ID) associated with at least one of the target device and a storage medium of the target device; performing an addition operation by using a source internal key and the ID, the source internal key being associated with the source device; generating a source encryption key based on an output of the addition operation; encrypting the digital content using the source encryption key; and transmitting the encrypted digital content without the source encryption key to the target device.10-22-2009
20090262933DIGITAL CONTENT ENCRYPTING APPARATUS AND OPERATING METHOD THEREOF - The invention is directed to a source device and a method for encrypting digital contents at the source device. According to an embodiment, the method includes performing an addition operation by using a first source internal key and an identifier (ID), the first source internal key being associated with the source device, the ID being associated with at least one of a target device and a storage medium of the target device, and the target device being connected to the source device; generating a source encryption key based on an output of the addition operation and a second source internal key by using a predetermined encryption algorithm, the second source internal key being associated with the source device; encrypting the digital content using the source encryption key; and transmitting the encrypted digital content without the source encryption key to the target device.10-22-2009
20090262932EMBEDDING AND EXTRACTION OF INFORMATION FROM AN EMBEDDED CONTENT USING REPLICA MODULATION - Apparatus and methods are provided for embedding or embedding digital data into an analog host or cover signal. A distributed signal feature of the cover signal in a particular domain (time, frequency or space) is calculated and compared with a set of predefined quantization values corresponding to an information symbol to be encoded. The amount of change required to modify the signal feature to the determined target quantization value is calculated and the cover signal is modified accordingly to so change the feature value over a predefined interval. Information symbols are extracted by the opposite process. In one embodiment, the predefined value is a short term autocorrelation value of the cover signal.10-22-2009
20090285393METHOD AND SYSTEM FOR PROVIDING USERS WITH INFORMATION RELATING TO A POSITION - The invention relates to a system for providing information to a user, comprising: a first database; a first module configured to receive information to be entered in said first database from an information provider, said information including at least data representative of a plurality of geographical codes and data representative of at least one categorical code; a second module configured to receive an information request from a user, said information request including at least data representative of a geographical position and data representative of a categorical preference; and a third module configured to enter information received by said first module in said first database, and to search said first database based on requests received by said second module, retrieve entries where a geographical code corresponds with said geographical position and a categorical code corresponds with said categorical preference, and transmit a presentation of retrieved entries to said user.11-19-2009
20100272258BIDIRECTIONAL DYNAMIC OFFLOADING OF TASKS BETWEEN A HOST AND A MOBILE DEVICE - One or more functions are exposed by a mobile device to a host connected to the mobile device. A function of the one or more functions is executed at the mobile device in response to a request from the host, wherein the function is associated with a host task. The result of the function is returned to the host.10-28-2010
20090285392Real-Time Help Services for Web Applications - A help service includes proxying a web application page between a user web browser and a web application server. The help service includes providing the web application page to a customer service representative (CSR) web browser and opening a live communication channel for human communication between a user and a customer service representative. In some embodiments, from within a user network, a user help request is generated from a user web browser and received from a help server. The web application page may be transmitted over the Internet to the CSR web browser. In some embodiments, the CSR web browser may operate as a COMET client, the user web browser may act as an AJAX server-side processor, and the user web browser may operate as a COMET client for receiving updates to the web application page.11-19-2009
20100278340ENCRYPTION DEVICE, ENCRYPTION METHOD AND STORAGE MEDIUM STORING ITS PROGRAM - When processing a data conversion function of a MISTY structure, such as the FO function of MISTY1, the logical calculation result t11-04-2010
20090103729HAIPE Peer Discovery Using BGP - A system, method, and computer program product are provided for performing peer discovery of HAIPE devices.04-23-2009
20090296931Method for encryption and decryption of messages - A communication system that includes a sender computer and plurality of designated receiver computers coupled to the sender through a communication link. Each one of the receiver computers is equipped with computational resources stronger than the computational resources of an adversary computer. There is provided a method for sending a secret from the sender computer to a designated receiver computer. The sender computer defining a succession of computational tasks having respective solutions. The computational tasks are so defined such that the duration of solving each task by the receiver computer is shorter than what would have been required for the adversary computer to solve the task. Next, the sender computer sending through the link the succession of tasks encrypted by previous solutions and the receiver computer receiving the tasks and is capable of decrypting the secret faster than what would have been required for the adversary computer to decrypt the secret.12-03-2009
20100111302DIGITAL SIGNAL PROCESSING METHOD AN SYSTEM EMPLOYING SUCH METHOD - The present invention relates to a method for transmission of a digital signal from a first unit (05-06-2010
20110200191STORAGE SYSTEM EXECUTING ENCRYPTION AND DECRYPTION PROCESSING - A storage system includes a channel interface (IF) unit having an interface with a server, a disk IF unit having an interface with a hard disk group, a memory unit for storing data to be read/written from/to the server or the hard disk group, a switching unit, and the hard disk group. The channel IF unit, the disk IF unit, and the memory unit are connected to each other through the switching unit, and an encryption and decryption processing unit is provided between a host IF unit and a transfer controller in the channel IF unit.08-18-2011
20120263300TAG GENERATION METHOD IN BROADCAST ENCRYPTION SYSTEM - A tag generation method for generating tags used in data packets in a broadcast encryption system is provided. The method includes detecting at least one revoked leaf node; setting a node identification (node ID) assigned to at least one node among nodes assigned node IDs at a layer 0 and to which the at least one revoked leaf node is subordinate, to a node path identification (NPID) of the at least one revoked leaf node at the layer 0; generating a tag list in the layer 0 by combining the NPID of each of the at least one revoked leaf nodes at the layer 0 in order of increment of node IDs of the corresponding at least one revoked leaf nodes; and generating a tag list in a lowest layer by repeatedly performing the setting and generation operation down to the lowest layer.10-18-2012
20120263299Method and System for Self Synchronizing Cryptographic Parameters - A method for encryption and decryption synchronization for a communications channel comprising encrypting a communications channel using a data encryption device, the communications channel comprising a data stream having unique information native to the data stream, transmitting the encrypted data stream using a transmitter without applying an additional framing structure or a multiplexing signaling message after the data stream is encrypted such that the encrypted data stream does not require additional bandwidth to support cryptographic synchronization, receiving by a receiver comprising a decryption device, the transmitted encrypted data stream, and identifying the unique information within the transmitted data stream by iteratively decrypting the encrypted data stream using a processor until a cryptographic parameter is found that results in cryptographic synchronization between the encryption and decryption devices based on a priori knowledge of the unique information within the transmitted data stream.10-18-2012
20120263298METHOD AND SYSTEM FOR SUPPORTING SECURITY IN A MOBILE COMMUNICATION SYSTEM - The present invention relates to a mobile communication system, and more particularly, to a method and system for efficiently supporting security in a mobile communication system. The method for supporting the security of a terminal in a mobile communication system according to the present invention comprises: a process of transmitting an information provision request message to a network; a process of performing a verification for the network and security; a process of receiving an information provision response message, comprising an index of an encrypted security key, an International Mobile Subscriber Identity (IMSI), and a security-related profile from the network when the verification is completed; and a process of selecting a security key on the basis of the index of an encrypted security key, and then storing the selected security key, the IMSI, and the profile.10-18-2012
20100128874ENCRYPTION / DECRYPTION IN PARALLELIZED DATA STORAGE USING MEDIA ASSOCIATED KEYS - A method and system to allow encryption/decryption to be performed substantially in parallel using one or more media associated keys. The system has an input buffer to store a plurality of media data from a plurality of media channels. A plurality of cryptographic engines is coupled with the input buffer to obtain a plurality of cipher keys and each cipher key is associated with one or more of a plurality of media channels The system encrypts or decrypts, substantially in parallel, each of the plurality of media data with a cryptographic algorithm using one or more of the obtained cipher keys.05-27-2010
20100098251Method for combining transfer functions and predetermined key creation - A method for combining transfer functions with predetermined key creation. In one embodiment, digital information, including a digital sample and format information, is protected by identifying and encoding a portion of the format information. Encoded digital information, including the digital sample and the encoded format information, is generated to protect the original digital information. In another embodiment, a digital signal, including digital samples in a file format having an inherent granularity, is protected by creating a predetermined key. The predetermined key is comprised of a transfer function-based mask set to manipulate data at the inherent granularity of the file format of the underlying digitized samples.04-22-2010
20080253566COMMUNICATIONS SYSTEM, COMMUNICATIONS APPARATUS AND METHOD, AND COMPUTER PROGRAM - Disclosed herein is a communications system configured to execute data transmission by use of a first transmission media and a second transmission media that are different from each other in security level, a communications apparatus on a transmitting side dividing transmission data into first transmission data and second transmission data that are transmitted via said first transmission media and said second transmission media, respectively, encrypting said first transmission data by use of at least a part of said second transmission data, transmitting the first and second transmission data, a communications apparatus on a receiving side receiving said first and second transmission data decrypting the encrypted first transmission data by use of at least a part of said second transmission data, and reconfiguring original transmission data from said first transmission data and said second transmission data.10-16-2008
20080232586INFORMATION TERMINAL APPARATUS, INFORMATION PROCESSING APPARATUS AND INFORMATION COMMUNICATION SYSTEM - When transmitting position/time information calculated by means of a GPS function to a server apparatus, authentication is carried out with the server apparatus. The position/time information may be certified as legitimate measured by a portable apparatus with a GPS reception function employed by a user. When transmitting information related to the position and the time acquired from a portable phone terminal having the GPS function and a network function by means of the GPS function to the server apparatus, authentication is carried out between the portable phone terminal and the server apparatus. The position/time information is transmitted to the server apparatus, only if the server apparatus is authenticated as a legitimate counterpart for connection. A secret key holding section is provided for holding different secret keys for different apparatuses. The position/time information measured based on an electromagnetic wave received from a positioning satellite is digitally signed by means of the secret key. The identification information and the position/time information having the digital signature are then transmitted to a counterpart.09-25-2008
20100128873METHOD AND DEVICE FOR MANAGING A TRANSMISSION OF KEYS - The present invention concerns a method and a device for encrypting an encoded scalable enhancement frame sent by an emitter to a receiver, the enhancement frame comprising a plurality of complementary streams ordered in term of quality level, each complementary stream corresponding to a combination of more than one scalability type, where a complementary stream of a lower quality level corresponds to a lower quality on each scalability type, comprising at the level of the emitter the steps of generating a key per complementary stream for encrypting said complementary stream in such a way that all scalability types can be either simultaneously or individually used, said keys being generated in such a way that only the keys of the complementary streams of quality levels lower than the quality level of a complementary stream can be obtained from the key of said complementary stream, and sending the key of a complementary stream corresponding to a required quality level to the receiver, the key permitting a receiver to generate the keys of the complementary streams of the lower quality levels only. The present invention also concerns a method and a device for decrypting a received encoded scalable enhancement frame.05-27-2010
20100128872METHOD AND SYSTEM FOR SECURING COMMUNICATIONS IN A METERING DEVICE - A method and system for securing the communication link between the accounting device and printer of a metering system by authenticating the data being sent via the link utilizing a Nonlinear Feedback Shift Register (NLFSR) based system is provided. A NLFSR is provided in each of the accounting unit and printing unit of a metering system. The NLFSR in the accounting unit is utilized to generate a message authentication code (MAC) for the image data being sent from the accounting unit to the printing unit. The printing unit generates a corresponding MAC for the received image data using the NLFSR in the printing unit. The MAC generated by the printing unit is compared with the MAC generated by the accounting unit. If the MACs are similar, the image data is accepted as authentic and the printing unit will print the image corresponding to the image data.05-27-2010
20120288093Transponder, Reader and Methods for Operating the Same - It is described a method for operating a transponder (11-15-2012
20080285752APPARATUS AND SYSTEM FOR ASYMMETRIC SECURITY - An apparatus and system are disclosed for asymmetric security in data communications between two or more nodes. Asymmetric security within data communications refers to sending and receiving messages at different security levels. The apparatus includes a receiving module, a transmission module, and a communication module. The receiving module receives a first message at a first security level from a first node. A security level may be defined by implementation of one or more security features, including encryption, digital signatures, and/or other security features. The transmission module transmits a second message at a second security level to the first node in response to receiving the first message. The first and second messages may be communicated during a single communication session. The communication module communicates the second security level to the first node. The communication may be directly between two nodes or may occur via a broker or other intermediate node.11-20-2008
20100142707DATA TRANSCEIVING APPARATUS AND METHOD THEREOF - A data transceiving apparatus includes a data communicator to set up a communication connection with a counterpart apparatus using a setup message containing encryption information, and a data processor to encrypt data transmitted to the counterpart apparatus or decrypt encrypted data received from the counterpart apparatus using the encryption information.06-10-2010
20080310632COMMUNICATION SYSTEM, TRANSMISSION DEVICE, RECEPTION DEVICE, AND COMMUNICATION SCHEME - A communication system includes a transmission device that transmits an information signal having information defined as a binary state value, the transmission device including a signal generation unit that generates an information decryption signal to transmit the information decryption signal together with the information signal, wherein the state value of the information decryption signal is unchanged when the state value of the information signal is changed, whereas the state value of the information decryption signal is changed when the state value of the information signal is unchanged; and a reception device that receives the information signal and the information decryption signal, the reception device including an information acquisition unit that acquires the state value of the information signal based on a changing timing of the state value of each of the information signal and the information decryption signal received.12-18-2008
20080310631ENCRYPTION OUTPUT DATA GENERATION METHOD AND SYSTEM - A hashing method and system. The method comprises receiving by a computing system first source data. A first hash function is applied to first source data. A first hash output is generated by the first hash function as a result of applying the first hash function to first source data. The computing system performs an operation relating the first source data with at least a portion of the first hash output to generate second source data. The first hash function is applied to the second source data. A second hash output is generated as a result of applying the first hash function to the second source data.12-18-2008
20120294442JOINT ENCRYPTION OF DATA - A method for joint generation of a ciphertext by devices of a data processing system includes providing, by a first device, a first message, representing secret data of the first device, generating an initial ciphertext comprising an initial blinded encrypted message, in which the first message is encrypted under a public key of a trusted entity, and an initial consistency component for validating the initial ciphertext using the bilinear map; and sending the initial ciphertext to a second device; wherein the second device provides a second message, representing secret data of the second device, generates an updated ciphertext comprising an updated blinded encrypted message and an updated consistency component for validating the updated ciphertext, and generating a final ciphertext comprising the final encrypted message and a final consistency component for validating the final ciphertext, wherein the final consistency component is generated using the updated consistency component and the bilinear map.11-22-2012
20090310783Controlled Dissemination of Information in Mobile Networks - The present invention discloses systems and methods for controlled dissemination of information in mobile networks using encrypted broadcasts that are decrypted at the device. An encryption key is generated corresponding to a particular category or granularity of information. The information is encrypted before it is broadcast to the sector. A user within the sector sends a key request across the network, in response to which the encryption key is sent to the user. The user can decrypt the encrypted information received in the broadcast. Additionally, a credit-checking mechanism may be employed to ensure that the user has sufficient credit to purchase the key. In one embodiment, the information to be disseminated is divided into a plurality of categories, wherein each category corresponds to a granularity of information. The encryption key is one in a set of encryption keys, each of said set of encryption keys being assigned to a particular hierarchical level corresponding to a particular granularity of information.12-17-2009
20110007897COMMUNICATION NODE AND NETWORK SYSTEM - As one aspect, a communication node is provided which transmits data using an assigned frame. The communication node includes a data information storing section which stores information in which plural types of data storage information are related to identifiers, the data storage information indicating a relationship between one or more time slots configuring a frame and data stored in the time slots, and the identifiers identifying the data storage information. The communication node further includes an identifier selecting section which selects one of the identifiers, an identifier transmitting section which transmits the selected identifier included in a predetermined position of the frame, and a data transmitting section which refers to the data storage information corresponding to the selected identifier and transmits data which is specified by the data storage information and is included in a time slot based on the data storage information.01-13-2011
20080253567ENCRYPTION COMMUNICATIONS SYSTEM - A system structured from a management device, a content key distribution device and a plurality of terminals suppresses the data volume of a terminal revocation list (TRL). The management device generates and transmits a TRL formed from data that expresses terminal IDs of all terminals to be invalidated, by only a value and a position of a common bit string in the IDs, to the content key distribution device. Each terminal holds a terminal ID that includes a manufacturer ID and a serial number, and requests the distribution of a content key by sending the terminal ID to the content key distribution device. The content key distribution device refers to the TRL, judges whether the terminal ID transmitted from the terminal is that of an invalidated terminal, and if negative, encrypts and transmits the content key to the terminal.10-16-2008
20080240435Perpetual Masking For Secure Watermark Embedding - Disclosed are a method and a system for secure watermark embedding in a server-client configuration (10-02-2008
20080240436Method and apparatus for determining whether to encrypt outbound traffic - An improved method, apparatus, and computer instructions for processing outbound traffic passing through a port. This port is for a server and receives a request from a client. The request includes a universal resource identifier to a destination. A determination is made as to whether the request requires encryption using the universal resource identifier in the request. The request is sent through the port to the destination in an encrypted form, in response to a determination that the request requires encryption.10-02-2008
20090122985DISTRIBUTION OF GROUP CRYPTOGRAPHY MATERIAL IN A MOBILE IP ENVIRONMENT - In one embodiment, a Home Agent receives a Mobile IP registration request from a group member, where the group member is a Mobile Node. The Home Agent generates a mobility binding for the group member that associates the group member with a care-of address, wherein the group member is a member of one or more groups. The Home Agent generates a Mobile IP registration reply, where the Mobile IP registration reply identifies one or more key servers. Each of the one or more key servers serves at least one of the one or more groups and is adapted for distributing group cryptography material to members of each group that is served by the corresponding key server. The Home Agent sends the Mobile IP registration reply to the group member, thereby enabling the group member to obtain cryptography material for at least one of the one or more groups from at least one of the one or more key servers to enable the group member to use the cryptography group material to securely communicate with other group members.05-14-2009
20120070000Securing Two-Party Computation Against Malicious Adversaries - Methods and apparatus are provided for securing two-party computations against malicious adversaries. A method is provided for secure function evaluation. The disclosed method is performed by a garbled circuit evaluator for the transfer of private information, and comprises receiving from a constructor (i) s garbled circuits (GCs), wherein each of the GCs having a plurality of input wires; and (ii) commitments for each of the input wires, wherein the commitments comprise s03-22-2012
20090003604Synchronization of Encryption in a Wireless Communication System - Disclosed embodiments include a method for synchronizing a cryptosystem. In one embodiment, the method uses existing control data that is transmitted as part of a connection establishment process in a wireless communication system. In one embodiment, messages that are normally sent between a base station and a remote unit during the setup of both originating and terminating calls are parsed to detect a particular control message that indicates the start of telephony data transmission. Detection of this message indicates a point at which encryption/decryption can begin, and is used to synchronize the cryptosystem. Synchronizing a cryptosystem involves generating an RC4 state space in a keyed-autokey (“KEK”) encryption system. In one embodiment, Lower Medium Access Channel (“LMAC”) messages are used according to a wireless communication protocol. This is convenient because the LMAC messages are passed through the same Associated Control Channel (“ACC”) processing that encrypts and decrypts the telephony data.01-01-2009
20090003603Platform Independent Networked Communications - Among other things, techniques and systems are described for facilitating networked communication among media players of various platforms, PCs with various DVD-ROM drives, mobile data processing devices and one or more network servers. At a network server, a request for communication is received from a client device. A secured network connection is provided with the client device. In addition, the received request is processed. Processing the received request includes, when detecting that the received request is a request for data, retrieving or generating the requested data in a platform-neutral format and sending the retrieved or generated data in a format compatible with the client device. Processing the received request includes, when detecting that the received request is a request to send data to another client device, retrieving or generating the requested data in a platform-neutral format and sending the retrieved or generated data in a format compatible with the other client device.01-01-2009
20110142236SECURITY KEY GENERATOR - A communication system has a first and a second communicating device operable to send and receive data units through a communication channel. Some of the data are encrypted using a security key. The first device comprises a first key generator generating a first embodiment of the key independently of a second embodiment of the key generated by a second generator of the second device, the second embodiment being generated independently of the first, which depends on parameter(s) characterizing a first transmission quality of the channel when receiving a first set of unencrypted data sent by the second device. The second embodiment depends on parameter(s) characterizing a second transmission quality of the channel when receiving a second set of unencrypted data sent by the first device, the first set being different from the second set.06-16-2011
20090097649DEVICE FOR RECEIVING MESSAGES, IN PARTICULAR WITHIN THE FRAMEWORK OF SECURE DATA EXCHANGES, ASSOCIATED AIRCRAFT AND METHOD - A device and method for receiving messages each having an order number includes a storage to store a plurality of prior-reception statuses, a mechanism to modify the status associated with an order number on receipt of a message having the order number, and a mechanism to process the message as a function of the status associated with its order number. An aircraft can be equipped with such a device.04-16-2009
20090097647Counterfeit Prevention System based on Random Positioning on a Pattern - A genuine detection part for a product formed by a label with a continually repeating pattern and with a sticker over the pattern. The position of the sticker is converted to a number, and encrypted with a private key, to form a signature. The product is only legitimate if the signature matches the position of the sticker on the pattern.04-16-2009
20110228936WIRELESS SYNCHRONIZATION OF REMOTE SWITCHES FOR END DEVICE APPLICATIONS - An apparatus comprises a first device including a first switch and a transmission circuit. The switch circuit is in one of a plurality of possible switch states. The transmission circuit is communicatively coupled to the first switch circuit and is configured to transmit a wireless communication signal upon the first switch changing state. A second device includes a receiver circuit and a second switch circuit. The receiver circuit is configured to remotely receive the wireless communication signal from the transmission circuit. The second switch circuit is communicatively coupled to the receiver circuit, wherein, upon receipt of the wireless communication signal, a state of the second switch is synchronized to the state of the first switch.09-22-2011
20110228935COMMUNICATION APPARATUS, COMMUNICATION METHOD, AND COMMUNICATION SYSTEM - A communication apparatus includes: connection-source terminating units, each constituting an independent communication path with a corresponding one of connection-destination terminating units; and an establishing unit that establishes a single piece of encryption information with a connection-destination apparatus having the connection-destination terminating units, the encryption information being used for encryption processing for communication performed between the connection-source terminating units and the corresponding connection-destination terminating units and being common to the communication paths.09-22-2011
20110228934COMMUNICATION DEVICE AND COMMUNICATION METHOD - A communication device includes: a first monitoring unit that monitors a first lifetime until a data amount transmitted through a first encryption communication path established between the communication device and another communication device exceeds a first threshold, a second monitoring unit that monitors a second lifetime until the data amount transmitted through the first encryption communication path exceeds a second threshold that is larger than the first threshold, a communication path establishing unit that establishes a second encryption communication path different from the first encryption communication path between the communication device and the another communication device when the first lifetime has expired, and a communication path deleting unit that deletes the first encryption communication path when the data amount transmitted through the second encryption communication path exceeds a remaining data amount of the second lifetime.09-22-2011
20130121490METHOD AND APPARATUS FOR TRUST BASED DATA SCANNING, CAPTURE, AND TRANSFER - A method and apparatus for enabling trust based data scanning and capture is described. The method may include capturing data with a data capture device. The method may also include encrypting the data with a first encryption key, encrypting the first encryption key with a second encryption key to generate a first encrypted key data, and encrypting the first encrypted key data with a third encryption key to generate a second encrypted key data. The method may also include transmitting the encrypted data and the second encrypted key data to a remote service provider over a network.05-16-2013
20130121491SYSTEM AND METHOD OF CREATING AND SENDING BROADCAST AND MULTICAST DATA - A method of encrypting broadcast and multicast data communicated between two or more parties, each party having knowledge of a shared key, is provided. The key is calculated using values, some of which are communicated between the parties, so that the shared key is not itself transferred. Avoiding the transfer of the key offers several advantages over existing encryption methods.05-16-2013
20080317249Encoded Digital Video Content Protection Between Transport Demultiplexer and Decoder - A system for encrypting and decrypting data is provided. The system includes a client for receiving a data packet, setting a value of a crypto bit, and transmitting the data packet over a system bus. A crypto module receives the data packet from the system bus and performs a cryptology function on the data packet based on a first value of the crypto bit. A memory controller receives the data packet from the system bus and performs non-cryptology functions on the data packet based on a second value of the crypto bit.12-25-2008
20090220080Application-Level Service Access to Encrypted Data Streams - Techniques for securely providing cryptographic keys to trusted intermediate nodes or monitoring devices are described so that SSL, TLS, or IPSec communications can be monitored, compressed over a WAN, or otherwise used. In an embodiment, a trusted intermediate node establishes a secure connection to a key server; receiving session identification data for an encrypted session between a client and a content server during negotiation of the encrypted session, and storing a copy of the session identification data; requesting from the key server, over the secure connection, a decryption key associated with the encrypted session; receiving an encrypted message communicated between the client and the content server; forwarding the encrypted message without modification to a destination address in the encrypted message; and decrypting the encrypted message using the decryption key to result in decrypted data and using or storing the decrypted data in a storage unit.09-03-2009
20090257592Content transmission system, communication device, and content transmission method - A content transmission system includes: a content transmission device that includes an encryption portion that encrypts content data using key information, a first communication portion that transmits, using a first communication method, content data encrypted by the encryption portion, and a second communication portion that performs communication using a second communication method that differs from the first communication method; a content reception device that includes a third communication portion that receives encrypted content data transmitted from the first communication portion using the first communication method, a decoding portion that decodes encrypted content data received by the third communication portion using key information that is symmetric or asymmetric to the key information, and a fourth communication portion that performs communication using the second communication method; and a communication device that acquires the key information and transmits the acquired key information using the second communication method.10-15-2009
20090245515METHOD, SYSTEM, AND PROGRAM PRODUCT FOR ASYMMETRIC KEY GENERATION - In asymmetric cryptography, initially-set public key and private keys are updated as a function of the chosen prime number pair, a host sending an updated public key exponent and a unique prime-pair key associated with the chosen prime number pair to the client, the client using the unique prime-pair key to look-up and retrieve the chosen prime number pair and determine the updated public key and the updated private key as a function of the retrieved chosen prime number pair, the host and the client encrypting and decrypting exchanged messages with the updated public key and the updated private key without executing another handshake. In one aspect, a large even integer is used by host and client to generate a plurality of prime number pairs, and the unique prime-pair key may be a distance between each prime number of an associated prime number pair.10-01-2009
20120195429METHOD AND SYSTEM FOR SECURELY SCANNING NETWORK TRAFFIC - Secure network communications via a firewall device are provided between a first device and a second device, where an encryption parameter is shared by the devices. A data packet sent by the first device may then be copied within the firewall device, so that the copy of the data packet can be decrypted within a portion of the firewall device. In particular, the portion of the firewall device in which decryption takes place is defined such that contents of the portion are inaccessible to an operator of the firewall device. Thus, scanning of the decrypted copy of the data packet for compliance with a predetermined criterion may take place within the firewall device, without an operator of the firewall device having access to the contents of the data packet to be transmitted. Thereafter, the original data packet can be forwarded to its originally intended recipient.08-02-2012
20100002880SYSTEM AND METHOD FOR LAWFUL INTERCEPTION USING TRUSTED THIRD PARTIES IN SECURE VoIP COMMUNICATIONS - Disclosed is a system for lawful interception using a trusted third party in secure VoIP communication. A VoIP transmit terminal generates a secure packet using a master key received from a trusted third party and then communicates with a VoIP receive terminal. A collection device having received a lawful interception instruction from a key recovering system collects and transmits the secure packet to the key recovering system. The key recovering system decrypts the secure packet using the master key received from the trusted third party and provides the decrypted secure packet to a lawful interception requester or provides the master key received from the trusted third party and the secure packet to the lawful interception requester. It is possible to provide the perfect lawful interception in the secure VoIP communication environment, and to guarantee a perfect forward secrecy since the master key is changed for each call.01-07-2010
20090252325SECURE CONTENT PRE-DISTRIBUTION TO DESIGNATED SYSTEMS - Described is a technology by which encrypted content is pre-distributed to recipients during a pre-distribution timeframe, for example to distribute protected content to many clients in a controlled manner. At a release moment, a key for decrypting the encrypted content is released. For example, a software update may be pre-distributed in this manner, whereby many clients may receive the updates over time but the update cannot be analyzed for hacking purposes, e.g., to use the update to figure out a prior vulnerability. By rapidly and widely disseminating the key at the release moment, the update is installed on a large percentage of client systems before those systems can be exploited. The content may be allowed to expire before the key is released, or may be canceled or replaced. The content may include a complete file, and/or a delta file that changes another file into a resultant piece of content.10-08-2009
20110228937METHOD OF ESTABLISHING A QUANTUM KEY FOR USE BETWEEN NETWORK NODES - A method of establishing a quantum key for use between a first network node (QNode09-22-2011
20090316899ENCRYPTION/DECRYPTION DEVICE AND SECURITY STORAGE DEVICE - Provided are an encryption/decryption device and a security storage device including same. The encryption/decryption device includes a first enc/decrypter, a second enc/decrypter, a controller configured to provide a plurality of control signals in response to a setting signal, and a path selection circuit configured to connect the first enc/decrypter and the second enc/decrypter in either a series arrangement or a parallel arrangement in response to a first control signal among the plurality of control signals.12-24-2009
20090274300METHOD FOR CONFIGURING THE ENCRYPTION POLICY FOR A FIBRE CHANNEL DEVICE - A data encryption engine and method for using to selectively encrypt communications. Data is received from a source device into the data encryption engine. The data encryption engine determines whether or not to encrypt the data based on a source device preference, a target device preference, a comparison of priority numbers for the source device and target device, the transport medium, the relationship between the source device and target device, a type/level of encryption or some combination. If the data is determined to need encryption, the data encryption device may encrypt the data or may flag the data for encryption by the target device. Otherwise the unencrypted data may be forwarded to the target device.11-05-2009
20100150347COMMUNICATION SYSTEM AND COMMUNICATION METHOD - The present invention relates to a communication system and communication method, an information processing apparatus and method, a device, a program, and a recording medium with which information communication can be performed securely and very conveniently by a simple configuration. In a secret-key storage unit 06-17-2010
20100183150Shared key management method, shared key generating method and message communication method for scada system, and recording medium - A shared key management method for a Supervisory Control And Data Acquisition (SCADA) system in which a master terminal unit (MTU), a plurality of sub master terminal units (SUB-MTUs), and a plurality of remote terminal units (RTUs) are configured in a sequential hierarchy, is provided. The method includes: (a) at the MTU, generating a plurality of secret keys and respectively allocating the secret keys to the RTUs; (b) at the MTU, generating a group key in a tree structure, wherein a leaf node of the tree structure corresponds to each RTU, a parent node of a node corresponding to an RTU corresponds to a SUB-RTU to which the RTU is connected, a shared key of each node of the group key is generated by hashing shared keys of all child nodes, and a shared key of a leaf node of the group key is set as a secret key of the RTU; (c) at the RTU or the SUM-MTU, receiving and storing shared keys of every node from a node corresponding to itself to a root node; (d) when the RTU or the SUM-MTU is added or deleted, at the MTU, generating shared keys of nodes along a path from a node corresponding to the added or deleted terminal unit to the root node again; and (e) at the RTU or the SUB-MTU, receiving and storing the generated shared keys. According to the key management method for the SCADA system described above, in the case of encrypting and broadcasting or multicasting a message, a computation amount can be reduced.07-22-2010
20100020972Wireless mobile device that permits toggling of whether to transmit information contained in SMS messages as encrypted or clear text - An exemplary method is implemented by a wireless mobile device that transmits and receives short message system (SMS) text messages. Entered first text to be transmitted as a first SMS text message from the wireless mobile device is accepted and stored by a resident application. A user selectable input is received by the resident application of the wireless mobile device, where the user selectable input controls whether a resident encryption algorithm will be used to convert the first text into an encrypted first text message. A user control input is received by the resident application that causes the transmission of the first SMS text message from the wireless mobile device. The text of the transmitted first SMS text message contains the first text if the resident encryption algorithm is not selected by the user. The text of the transmitted first SMS text message contains encrypted first text if the resident encryption algorithm is selected by the user.01-28-2010
20080317248INFORMATION EXCHANGE DEVICE - An embodiment of the present invention provides an information exchange device. The information exchange device includes a storage device which stores information items for disclosure, an encryption device which encrypts each of the information items for disclosure using a plurality of prepared secret keys which correspond to each of the information items for disclosure, a transmitting device which transmits the encrypted information items and the plurality of prepared secret keys, and a decryption device which receives an encrypted information item which is arbitrarily selected from the plurality of encrypted information items, receives a secret key related to the selected encrypted information item from among the plurality of prepared secret keys, and decrypts the selected encrypted information item using the secret key.12-25-2008
20100177894COMMUNICATION APPARATUS AND COMMUNICATION METHOD - When a communication apparatus transmits data to another communication apparatus, a network connected to the communication apparatus and a network connected to the other communication apparatus are searched for. It is determined, in accordance with a communication channel decided based on the search result, whether to execute encryption of the data to be transmitted. If it is determined to execute the encryption, the data is transmitted after encrypting at least part of it.07-15-2010
20100150348RFID AUTHENTICATION ARCHITECTURE AND METHODS FOR RFID AUTHENTICATION - A method for mutual authentication in an RFID system comprising an RFID reader and an RFID tag, the method comprising requesting an identification from the tag, receiving the identification, using the received identification to select a password associated with the identification, generating a password key based on the selected password, encrypting the selected password using the password key, and transmitting the encrypted password to the tag.06-17-2010
20100246822SECURELY PROVIDING SECRET DATA FROM A SENDER TO A RECEIVER - The invention provides a system and a method for securely providing a secret data from a sender to one or more receivers. The receiver uses a sequence of functions originating from a hierarchy of functions to migrate the secret data from an input transform space to an output transform space using a mathematical transformation under control of one or more seeds. The seeds are provided to the receiver by the sender. The sender conditionally allows the receiver to obtain the secret data by controlling the seeds.09-30-2010
20120140925METHOD AND APPARATUS FOR TRANSMITTING VOICE COMMUNICATIONS RELATED TO A MULTIMEDIA SESSION - A method and apparatus for transmitting a subset voice stream associated with a subset talk group. A voice communication device receives a session identifier from an associated data communication device engaged. The voice communication device transforms the session identifier into a session key identifier, obtains an encryption algorithm implementing a subset talk group filtering feature and a voice encryption key identifier, and combines the session key identifier with the voice encryption key identifier to generate a signaling key identifier. The voice communication device associates the signaling key identifier and an encryption algorithm identifier with the subset voice stream during transmission of the subset voice stream to a receiving voice communication device.06-07-2012
20100195828Conditional Access System For Each Transmitter In Single Frequency Network, And A Method Thereof - The conditional access system in a single frequency network in a digital broadcasting system includes a main broadcasting system transmitting encoded broadcasting signals including a data stream and transmitter identification information (TII) through a main broadcasting network; a repeating system amplifying and transmitting encoded broadcasting signals of the main broadcasting network, or modulating and amplifying a stream input by the main broadcasting system through a cable, and repeating broadcasting signals of the main broadcasting system through a repeating network; a subscriber station decoding the encoded signals of the main broadcasting network included in the broadcasting signals received through the main broadcasting network or the repeating network, TII, and an encoding key according to a decoding method; and a decoding key provider receiving a decoding key from the main broadcasting or repeating system, authenticating a user, and transmitting the decoding key to a charged subscriber station through a mobile communication network.08-05-2010
20090041242Method, System, Subscriber Equipment And Multi-Media Server For Digital Copyright Protection - A method for digital copyright protection includes stream media server negotiation with a copyright center to generate copyright object RO, RO carrying copyright service regulations and establishing encrypted communication channel information; subscriber equipment receiving RO, through the establishing encrypted communication channel information carried by RO to establish encrypted communication channel with stream media server; and stream media server transmitting media stream to subscriber equipment. The present disclosure also discloses a DRM system, subscriber equipment and multi-media server.02-12-2009
20090074185Advanced Multi-Channel Watermarking System and Method - A method, computer program product, and computing device for modifying a first channel portion of a digital media data file to include at least a first primary watermark. A second channel portion of the digital media data file is modified to include at least a first secondary watermark, wherein the first secondary watermark is the complement of the first primary watermark.03-19-2009
20120195428QUANTUM KEY DISTRIBUTION SYSTEM - A method is provided for distributing quantum cryptographic keys. The method includes receiving, from an initial quantum key generating transmitter, a first signal via a single combined channel that includes a first quantum signal and a public data signal alternating in a time shared manner. The first signal is split into a first split signal and a second split signal. A low attenuation is applied to the first split signal when the first split signal includes the first quantum signal. A high attenuation is applied to the first split signal when the second split signal includes the public data signal. The first split signal is received at an intermediate quantum key generating receiver when the low attenuation is applied. The initial quantum key generating transmitter is corresponded with to generate a first quantum key. A second quantum signal is transmitted to a recipient quantum key generating receiver. The recipient quantum key generating receiver is corresponded with to generate a second quantum key. The first quantum key is encoded using the second quantum key. The encoded first quantum key is transmitted to the recipient quantum key generating receiver.08-02-2012
20110026710System and Method for Cryptographically Authenticating Data Items - A cryptographic authentication system comprises an authentication media key block that comprises media key precursors. The system generates transformed keys by applying a function to a media ID of a media and each of the media key precursors, and generates entries in a binding table by applying an encrypting function to a media key of an encrypted content and each of the transformed keys. To play encrypted content, a media player processes the authentication media key block using a device key to extract a media key precursor, extracts a media key from the binding table using the extracted media key precursor and the media ID, and verifies that the extracted media key matches the media key of the encrypted content, allowing the media device to decrypt and play the encrypted content.02-03-2011
20110033048PACKING SOURCE DATA PACKETS INTO TRANSPORTING PACKETS WITH FRAGMENTATION - A communication system and method are disclosed for transmitting packets of information in at least one first format over a communications link that utilizes packets of information in a second format. In certain embodiments, the packets of information in a first format are converted to packets of information in the second format prior to transmission via the communications link by packing and fragmenting the information in the first format in a coordinated manner. Embodiments may also utilize packing subheaders and fragmentation control bits in the packing and fragmentation processes.02-10-2011
20100220861Multiple transform utilization and application for secure digital watermarking - Multiple transform utilization and applications for secure digital watermarking. In one embodiment of the present invention, digital blocks in digital information to be protected are transformed into the frequency domain using a fast Fourier transform. A plurality of frequencies and associated amplitudes are identified for each of the transformed digital blocks and a subset of the identified amplitudes is selected for each of the digital blocks using a primary mask from a key. Message information is selected from a message using a transformation table generated with a convolution mask. The chosen message information is encoded into each of the transformed digital blocks by altering the selected amplitudes based on the selected message information.09-02-2010
20090169006ENHANCED SHARED SECRET PROVISIONING PROTOCOL - An Enhanced Shared Secret Provisioning Protocol (ESSPP) provides a novel method and system for adding devices to a network in a secure manner. A registration process is launched at two network devices together within a predetermined time interval. These two devices then automatically register with each other. When two devices running ESSPP detect each other, they exchange identities and establish a key that can later be used by the devices to mutually authenticate each other and generate session encryption keys. With ESSPP, two ESSPP devices that are attempting to register with each other will only provision a key when they detect that they are the only two ESSPP devices on the wireless network running ESSPP. If additional devices running ESSPP are detected, the ESSPP protocol is either terminated or suspended.07-02-2009
20100220860METHOD OF AND APPARATUS FOR TRANSMITTING DATA - A method of transmitting data by which cipher-transmission of digital information data for which forbidden codes including timing identification codes are predetermined can be carried out with enciphered digital information data without containing undesirable forbidden code, in which digital information data contained in word sequence data which contain also time reference code data composed of the timing identification codes are subjected to enciphering process without producing the forbidden code to produce the enciphered digital information data which do not contain any forbidden code and then enciphered word sequence data are constituted with the enciphered digital information data and the time reference code data to be transmitted.09-02-2010
20100220859COMMUNICATION SYSTEM, AND AN ENCODING DEVICE AND A DECODING DEVICE THEREOF - A communication system includes encoding and decoding devices. The encoding device includes an encrypting module adapted for encrypting an original signal into an encrypted signal, and an error correction encoding module coupled to the encrypting module for receiving the encrypted signal therefrom, and generating an output signal by performing error correction encoding on the encrypted signal. The decoding device includes an error correction decoding module for receiving an input signal via a transmission channel, and a decrypting module. The input signal is a result of the output signal combined with noise. The error correction decoding module generates a recovery signal from the input signal by performing error correction decoding on the input signal. The decrypting module is coupled to the error correction decoding module for receiving the recovery signal therefrom, and generates a decrypted signal that corresponds to the original signal by decrypting a portion of the recovery signal.09-02-2010
20130129090Efficient Multivariate Signature Generation - A cryptographic method and apparatus, including providing a public key that defines a multivariate polynomial mapping Q( ) over a finite field F, extracting a first vector Y of verification values from a message, computing over the first vector, using a processor, a digital signature X including a second vector of signature values such that application of the mapping to the digital signature gives a third vector Q(X) of output values such that each output value is equal to a corresponding element of a vector sum Y+aY05-23-2013
20110235804TECHNIQUES FOR WATERMARKING AND DISTRIBUTING CONTENT - Techniques for watermarking and distributing are provided. Content is broken into frames, each frame includes a watermark. Resources request the content and each frame of each resource's acquired version of the content includes a watermark. The frames of each resource's acquired version of the content form unique watermark sequences or unique keys. Each watermark sequence or key is uniquely associated with a particular resource. Each resource is also provided one or more delivery plans for acquiring that resource's uniquely watermark and sequenced version of the content over the network.09-29-2011
20100296653SYSTEM OF DEPENDANT KEYS ACROSS MULTIPLE PIECES OF RELATED SCRAMBLED INFORMATION - A method for processing data including the steps of providing a scrambling key for a current data to be scrambled, the current data being a piece of information that is from a plurality of pieces of information; providing an identification token of another piece of information from the plurality of pieces of information; and, scrambling the current data to be scrambled with the scrambling key and the identification token of a last piece of information to create a scrambled current data. A system and an article of manufacture for processing data is also disclosed.11-25-2010
20110235803PERSONALIZED WHITEBOX DESCRAMBLERS - The invention prevents intercepted keys from being used in unauthorized whitebox descrambler modules for the decryption of a ciphertext. Hereto a receiver with a personalized whitebox descrambler is proposed, whereby a part of the descrambling operation of the personalized descrambler is performed in a preprocessing module external to the descrambler.09-29-2011
20100322423Data Transmission Method, and Tachograph System - In a data transmission method for a tachograph system, digital messages are transmitted between a speed transmitter (MS) and a recording unit (RU). The digital messages contain a pair of keys including a public key (KMP, KRP) and a private key (KMS, KRS), as well as a certificate (ZM, ZR) derived from the respective pair of keys. The public keys (KMP, KRP) and the certificates (ZM, ZR) are mutually verified between the recording unit (RU) and the speed transmitter (MS). If the verification is positive, the speed transmitter (MS) detects sensor data, and a digital message is generated therefrom. In addition, the speed transmitter (MS) generates authentication data for the message in accordance with the pair of keys (KMP, KMS) thereof. The message and the authentication data are transmitted to the recording unit and are processed there in accordance with a validity of the authentication data verified by the recording unit (RU).12-23-2010
20100322422METHOD FOR ELLIPTIC CURVE SCALAR MULTIPLICATION USING PARAMETERIZED PROJECTIVE COORDINATES - The method for elliptic curve scalar multiplication in an elliptic curve cryptosystem implemented over an insecure communications channel includes the steps of: (a) selecting positive integers L12-23-2010
20100322424DIGITAL BROADCASTING SYSTEM AND METHOD OF PROCESSING DATA IN DIGITAL BROADCASTING SYSTEM - A digital broadcast receiver and a control method thereof are disclosed. The control method includes receiving a broadcast signal into which mobile service data and main service data are multiplexed, extracting TPC signaling information and FIC signaling information from a data group in the received mobile service data, acquiring a program table describing virtual channel information and a service of an ensemble, using the extracted FIC signaling information, the ensemble being a virtual channel group of the received mobile service data, detecting a conditional access descriptor indicating whether the mobile service data was encrypted, using the acquired program table, and controlling such that the encrypted mobile service data is decrypted, using information of the detected conditional access descriptor.12-23-2010
20100322418Hardware Based Cryptography - Technologies are generally described for a hardware cryptographic unit that employs hardware public physically unclonable functions. A source computer can encrypt a message using a simulation of a hardware cryptographic unit. The encrypted message can then be sent to a destination computer. The destination computer can then use the hardware cryptographic unit to decrypt the message. The source computer can use a simulation of the hardware cryptographic unit to transform an input value into a simulation output. The simulation output can be transmitted from the source computer to the destination computer where all possible input values can be rapidly run through the hardware cryptographic unit until the output of the hardware cryptographic unit matches the simulated output. The input value that generated the matching output is now a shared secret between the source computer and destination computer without ever having been transmitted in the clear over the communication channel.12-23-2010
20090129594System and method for providing a trusted network facilitating inter-process communications via an e-box - A system and methods for providing a trusted network which facilitates inter-process communication in accordance with an aspect of the present invention. The system includes processes, a security device, a network security element, a communication path and an outside server. A method for enabling inter-process communication commences when one processes initiates communication with another process. A security device encrypts the message and validates it if the communication is in accordance with the network's security policy via the network security element. The security device functions to directly permit or cancel any communication between processes on the network. The initialization of the security device upon the network results in a series of interactions between the security device and the network security element. Such an initialization identifies the security device as being operational upon the network and further provides the security device with essential parameters of the network, including the location of the processes and the network security element.05-21-2009
20100322419DATA ENCRYPTION/DECRYPTION METHOD AND DATA PROCESSING DEVICE - It is possible to improve a radio communication digital baseband processing device including data encryption/decryption so as to prevent processing failure caused by a data rate increase in recent years by increasing the MAC processing speed of data encryption/decryption and realizing the load distribution in a processing device. A data processing device which performs a communication process including data encryption/decryption includes: a control processor which performs calculation of the MAC processing parameter; and MAC processing means which performs MAC data processing including data encryption/decryption. The control processor controls the MAC processing means by a command script continuously describing a combination of a command and parameter accompanying it.12-23-2010
20100322421METHOD FOR MAKING SECURE AN ELECTRONIC ENTITY WITH ENCRYPTED ACCESS - A method for protecting an electronic entity with encrypted access, against DFA (Differential Fault Analysis) attacks which includes: storing the result of a selected step (Rm, Kn) of an iterative process forming part of the cryptographic algorithm and in performing once more at least part of the steps of the iterative process up to a new computation of a result corresponding to the one which has been stored, comparing the two results and denying distribution of an encrypted message (MC) if they are different.12-23-2010
20110243328DATA PROVIDING PROCESS BASED ON AN IBPE SCHEME - The present invention is a method to ensure a secure exchange of crypted numeric data between two entities, where their decryption depends to the approval of a third entity. The solution uses a combination of Identity Based Encryption scheme, and transcription trap use.10-06-2011
20110033047BRIDGED CRYPTOGRAPHIC VLAN - The invention comprises three extensions of the IEEE 802.1Q VLAN bridge model. The first extension is the cryptographic separation of VLANs over trunk links. A LAN segment type referred to as an encapsulated LAN segment is introduced. All frames on such a segment are encapsulated according to an encryption and authentication code scheme. The second extension is the division of a trunk port into inbound and outbound ports. The third extension is a protocol that automatically infers for each outbound port in a bridged VLAN, a set of LAN segment types for the port that minimizes the number of transfers between encapsulated and unencapsulated segments required to transport a frame in the bridged VLAN.02-10-2011
20110044453SYSTEM AND METHOD OF ENCRYPTED MEDIA ENCAPSULATION - A system for and method of media encapsulation is presented. The method may include receiving, via an audio digitizer, a plurality of packets of data and compressing, via a codec, the plurality of packets of data. The method may also include queuing the plurality of packets of data in a queue and encrypting, via a filter, payloads of at least two of the plurality of packets of data in the queue into a single payload. The method further include transmitting the single payload in a single encrypted data packet.02-24-2011
20090016526METHOD AND APPARATUS FOR INTERCEPTING EVENTS IN A COMMUNICATION SYSTEM - An intercept system provides more effective and more efficient compliance with legal intercept warrants. The intercept system can provide any combination of operations that include near-real-time intercept capture of intercepted data in structured authenticated form, clear text intercept for communications where there is access to encryption keys, cipher text intercept for communications where there is no access to encryption keys, provision of transactional logs to the authorized agency, interception without altering the operation of the target services, and encryption of stored intercepted information.01-15-2009
20110019821IMAGE FORMING APPARATUS, CHARGING INFORMATION RECORDING METHOD, AND RECORDING MEDIUM - An image forming apparatus includes a unit for receiving process information indicating a list of processes used in a process flow requested by an information processing apparatus connected via a network; a unit for executing a process that the image forming apparatus is requested to execute, and recording charging information, which is relevant to the executed process, in charging information record data of the process flow; a unit for transferring the charging information record data to a service providing device that is requested to execute another process; a unit for receiving the charging information record data in which charging information, which is relevant to the other process executed by the service providing device, has been recorded by the service providing device; and a unit for recording, in a storage unit, the charging information record data in which charging information are recorded in association with the corresponding processes in the list.01-27-2011
20110019822KEYS FOR PROTECTING USER ACCESS TO MEDIA - A broadcasting server connectable to a plurality of user devices and connectable to or comprising a key distribution centre, the broadcasting server comprising a processor and a memory, the broadcasting server configured to generate a plurality of key parts which together form an encryption key and/or the memory of the broadcasting server includes a plurality of key parts which together form an encryption key, the broadcasting sever is configured to: send a first key part to a first user device of said plurality of user devices, the first key part being one of the plurality of key parts, send a second key part to a second user device of said plurality of user devices, the first key part being one of the plurality of key parts, and encrypt data for broadcast with the encryption key and to broadcast the encrypted data to said plurality of user devices.01-27-2011
20110085663METHOD FOR THE ACCESS-RELATED OR COMMUNICATION-RELATED RANDOM ENCRYPTION AND DECRYPTION OF DATA - A method is provided for encryption and decryption of data of any kind, in which data are encrypted and decrypted using a random key, for ensuring the integrity and/or authenticity thereof, and/or for keeping secret the data contents. At the location of encryption, at least one permutation data element, one key control data element, and a random number are generated. Random keys are determined from at least one separate random reference data element and one random number. Clear data are bit-permuted in function of the permutation data and the random key, and encrypted and/or packet-permuted. The permutation data, key data and random data are added to the encrypted data in form of relative data. At the location of decryption, any data necessary for decryption are determined from the added data, and the encrypted data are decrypted.04-14-2011
20090214034Systems and methods for enabling electronic messaging with recipient-specific content - The present invention is directed to a system and method for enabling electronic messaging with recipient-specific content, wherein multiple recipients may view non-private information and less than all recipients may view non-private information. In one embodiment, an author may select between two messaging processing algorithms to send messages to recipients, wherein one algorithm uses encryption and the other does not. In one embodiment, once private information is received by a recipient, its dissemination is automatically restricted. In one embodiment, the method of enabling messaging with recipient-specific content is transparent to email server machines. In one embodiment, HTML tags, comments and/or headers are used to mark information as private and to prevent such information from being viewed by unintended recipients. In one embodiment, non-private information is viewed by all recipients, but privately-highlighted non-private information is viewable by less than all recipients.08-27-2009
20110211696System and Method for Securing Wireless Transmissions - A system and method for securing wireless transmissions is provided. A method for transmitting secure messages by a transmitter includes encoding a message with a secrecy code to produce L output codewords, where L is an integer value greater than one. The secrecy code includes a first security code and a second security code. The method also includes transmitting one of the L output codewords to a communications device when a channel quality of a channel between the transmitter and the communications device satisfies a criterion, and repeating the transmitting for any remaining L−1 output codewords.09-01-2011
20100054470SHARING A SECRET VIA LINEAR INTERPOLATION - A method and system calculates shares and sub-shares of a secret for distribution among cooperating entities. In one embodiment, the method creates shares of the secret, with each share containing a point on a K-dimensional secret hyperplane that embeds the secret, where K is the number of shares to reconstruct the secret. The method further constructs sub-shares for the shares. The sub-shares of a share define a set of secondary K-dimensional hyperplanes that intersect at the point contained in the share. The sub-shares are distributed to a plurality of cooperating entities for secret sharing.03-04-2010
20100008505Secret sharing technique with low overhead information content - An apparatus and method for sharing a secret comprising the steps of generating a first random matrix, generating a first projection matrix from the first random matrix, and determining a first remainder matrix from the first projection matrix and the first secret matrix. The first secret matrix may be determined using the remainder matrix and a plurality of distributed vector shares.01-14-2010
20100034382SIGNCRYPTION SCHEME BASED ON ELLIPTIC CURVE CRYPTOGRAPHY - Embodiments include a method and a system for signcrypting data based on elliptic curve cryptography. In a head-end system data is encrypted using a random point R and digitally signed using the random point R. Only the x-coordinate R02-11-2010
20100034381SECURE RESOURCE NAME RESOLUTION USING A CACHE - Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user to be used during a name resolution process. In some implementations, when an identifier is obtained for a network resource, the identifier may be stored in a cache with resolution parameters that were used in obtaining the identifier. When a new name resolution request is received, the cache may be examined to determine whether a corresponding second identifier is in the cache, and whether resolution parameters used to retrieve the second identifier in the cache match the resolution parameters for the new resolution request. If so, the second identifier may be returned from the cache.02-11-2010
20100322420Duplicate Address Detection Proxy in Edge Devices - Methods, systems, and apparatus used to provide duplicate address detection in edge devices. Edge devices can include CMTS devices or DSLAMs where network nodes are not allowed to communicate with each other directly. Duplicate address detection proxies can provide duplicate address protection for network devices and can avoid the issue of broadcasting node advertisement messages to all of the devices connected to a particular downstream link.12-23-2010
20090028329Method and Apparatus for Providing Security in a Radio Frequency Identification System - A response to an event involves transmitting a communication for propagation away from a part externally thereof, the communication containing first and second segments that are respectively subject to first and second security provisions that are different.01-29-2009
20090028330ENCRYPTED COMMUNICATION FOR SELECTIVELY DELIVERING A MESSAGE TO MULTIPLE DECRYPTING DEVICES - Reduces message length of encrypted message to be transmitted selectively to plurality of decrypting devices. An encrypting device includes a generating unit for generating node associating information configured to associate respective terminal nodes in a tree structure with each decrypting device in relation to a group of decrypting devices enabled for decryption, a extracting unit for extracting a decryption enabled node containing decrypting devices in descendant terminal nodes and not containing a decrypting device with decryption disabled in any of the descendant terminal nodes, and a unit for encrypting the message by use of a node encryption key for the decryption enabled node. Decrypting devices include specifying unit for specifying terminal node associated with decrypting device based on node associating information, and a decrypting unit for decrypting encrypted message using a node decryption key for any decryption enabled nodes ranging from terminal node to root node thereof.01-29-2009
20110103583METHOD AND SYSTEM FOR PRESERVING SECURITY OF SENSOR DATA AND RECORDING MEDIUM USING THEREOF - A method and a system for preserving sensor data based on a time key, and a recording medium thereof are provided. The time key based sensor data security preserving method includes encrypting the sensor data with an encryption key obtained using a time key based polynomial derived using random numbers and a secret key which is shared by a sensor node and an application system; and decrypting the encrypted sensor data with a decryption key obtained by deriving the same polynomial as the time key based polynomial using the random numbers and the secret key. Thus, integrity and confidentiality of the sensor data can be preserved.05-05-2011
20110081018Obfuscating reception of communique affiliated with a source entity - A computationally implemented method includes, but is not limited to: receiving a communiqué that is affiliated with a source entity and that is directed to a receiving user; and presenting, in lieu of presenting indication of reception of the communiqué, a covert indicator that covertly indicates reception of the communiqué, the presenting of the covert indicator being in accordance with one or more conditional directives of the receiving user to conditionally obfuscate the reception of the communiqué affiliated with the source entity. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure.04-07-2011
20120201381CRYPTOGRAPHIC SECURITY FUNCTIONS BASED ON ANTICIPATED CHANGES IN DYNAMIC MINUTIAE - Dynamic key cryptography validates mobile device users to cloud services by uniquely identifying the user's electronic device using a very wide range of hardware, firmware, and software minutiae, user secrets, and user biometric values found in or collected by the device. Processes for uniquely identifying and validating the device include: selecting a subset of minutia from a plurality of minutia types; computing a challenge from which the user device can form a response based on the selected combination of minutia; computing a set of pre-processed responses that covers a range of all actual responses possible to be received from the device if the combination of the particular device with the device's collected actual values of minutia is valid; receiving an actual response to the challenge from the device; determining whether the actual response matches any of the pre-processed responses; and providing validation, enabling authentication, data protection, and digital signatures.08-09-2012
20120201378EFFICIENT, REMOTE, PRIVATE TREE-BASED CLASSIFICATION USING CRYPTOGRAPHIC TECHNIQUES - A method and apparatus are disclosed herein for classification. In one embodiment, the method comprises performing tree-based classification of a user input by a classifier with a classification tree at a first location, including exchanging data with a second location, different from the first location, to obtain the user input and provide results of classification to a user using singly homomorphic encryption so that the user input is not revealed to the classifier, the classification tree is not revealed to the user and the classifier's output is not revealed to the classifier.08-09-2012
20120148044METHOD AND DEVICE FOR NEGOTIATING ENCRYPTION INFORMATION - A method and a device for negotiating encryption information are provided. In one embodiment, the method for negotiating encryption information includes: obtaining information about encryption capabilities of a first device and information about encryption capabilities of a second device; determining encryption information applicable to the first device and the second device according to the information about encryption capabilities of the first device and the information about encryption capabilities of the second device; and sending the encryption information to the first device and the second device, wherein the encryption information serves as a basis for encrypting and/or decrypting data streams between the first device and the second device. Embodiments of the present invention ensure security of data streams transmitted between a Telephony Client (TC) and a Telephony Server (TS).06-14-2012
20110058672MESSAGE DECIPHERING METHOD, SYSTEM AND ARTICLE - A method for decrypting the encrypted messages sent by a transmission device to a first electronic device associated with a first trusted authority and to a second electronic device (ME). In one embodiment, first and second tokens are generated and exchanged, respectively, by the first and second electronic devices, which then generate a joint decryption key in order to decrypt the encrypted message.03-10-2011
20110019820COMMUNICATION CHANNEL CLAIM DEPENDENT SECURITY PRECAUTIONS - A set of security claims for a communication channel are obtained, the set of security claims including one or more security claims each identifying a security characteristic of the communication channel. The security claims are stored, as is a digital signature generated over the set of security claims by an entity. The security claims and digital signature are subsequently accessed when a computing device is to transfer data to and/or from the communication channel. The set of security claims is compared to a security policy of the computing device, and the entity that digitally signed the set of security claims is identified. One or more security precautions that the computing device is to use in transferring data to and/or from the communication channel are determined based at least in part on the comparing and the entity that has digitally signed the set of security claims.01-27-2011
20080240432Method and system for security protocol partitioning and virtualization - A method for implementing a security protocol, involving receiving a packet from a network connection, obtaining an identifier for one of a plurality of security association database (SADB) partitions associated with the packet, wherein each of the plurality of SADB partitions is associated with one of a plurality of packet destinations, applying a security association from the one of the plurality of SADB partitions to the packet, and sending the packet to the one of the plurality of packet destinations associated with the SADB partition, wherein the packet is processed at the one of the plurality of packet destinations.10-02-2008
20120033811METHOD AND APPARATUS FOR SECURING NETWORK COMMUNICATIONS - A verifier for verifying the authenticity of a communication sent via a communications network from a first network component to a second network component including input means/apparatus arranged for receiving via the communications network an encrypted communication from a said first network component. The verifier has key means/apparatus operable to issue to a said second network component a key associated with the first network component on condition that the verifier has verified the encrypted communication to be decryptable using said key thereby to enable the second network component to decrypt encrypted communications from the first network component sent independently of the verifier apparatus.02-09-2012
20110211697SYSTEM AND METHOD FOR THE CALCULATION OF A POLYNOMIAL-BASED HASH FUNCTION AND THE ERINDALE-PLUS HASHING ALGORITHM - The present invention is a polynomial-based hash function involving an ERINDALE-PLUS hashing algorithm. The function may involve several elements, including splitting with jumping, masking and bit string generation which generally involves representing an initial sequence of bits as a specially constructed set of polynomials. The means of achieving the function may involve methods that achieve improved speeds, such as requirements related to the size of the bit strings to cause the bit strings to be compatible with splitting and jumping and to involve iterated masking of a degree greater than 0. Additionally the function may involve recursive padding methods and a construction of MAC for considered hash function. The sum of the elements of the present invention is the provision of enhanced security as well as improved speed of processing for messages. Thus, messages processed by way of the present invention may be less prone to attack.09-01-2011
20110150220Method for Securing a Bi-Directional Communication Channel and Device for Implementing said Method - The present invention relates to a method for protecting a two-way communications channel between at least a network N06-23-2011
20110150219SYSTEM AND METHOD OF INCREASING ENCRYPTION SYNCHRONIZATION AVAILABILITY - Methods for increasing encryption synchronization availability include collecting encryption synchronization data from a first superframe received at a gateway. The encryption synchronization data is for decrypting media in a second superframe also received at the gateway. The encryption synchronization data from the first superframe is used to form a composite encryption synchronization codeword for decrypting media in a third superframe formed by the gateway, wherein the third superframe includes the composite encryption synchronization codeword and at least a portion of the media from the second superframe. The third superframe is sent to a receiving device so that media in the third superframe can be decrypted by the receiving device using the composite encryption synchronization codeword that is included in the same superframe as the media that is being decrypted.06-23-2011
20110150221ACCOUNT AGGREGATION SYSTEM, INFORMATION PROCESSING APPARATUS AND ENCRYPTION KEY MANAGEMENT METHOD OF THE ACCOUNT AGGREGATION SYSTEM - According to one embodiment, an account aggregation system includes an information processing apparatus and an account aggregation server. The information processing apparatus includes a database, an automatic sign-on process module and an encryption key processing module. The automatic sign-on process module is configured to provide authentication data the service providing servers have requested for, by using the authentication data stored in the database. The encryption key processing module is configured to register, for the account aggregation server, an encryption key for encrypting authentication data to be stored in the database or for decrypting the authentication data stored in the database, to acquire the encryption key from the account aggregation server when a process is performed by using the encryption key, and to erase the encryption key after the process is performed. The account aggregation server includes an encryption key management module which is configured to manage the encryption key.06-23-2011
20090022315SECURITY MODULE FOR SECURING AN ENCRYPTED SIGNAL WITH SYSTEM AND METHOD FOR USE THEREWITH - A security module includes a signal interface for receiving an encrypted signal and a host interface that is coupleable to a host. A processing module is operable to receive encrypted decryption code from the host via the host interface, decrypt the encrypted decryption code to form decrypted decryption code that is operable to decrypt the encrypted signal, send the decrypted decryption code to the host via the host interface, monitor the security of the decrypted decryption code via security signaling sent between the host and the security module via the host interface to detect potential tampering with the decrypted decryption code, transfer the encrypted signal to the host via the host interface, and discontinue transfer of the encrypted signal when the security signaling indicates the potential tampering with the decrypted decryption code.01-22-2009
20110176677MULTI-PARTY VARIANCE MULTIPLICATION DEVICE, MULTI-PARTY VARIANCE MULTIPLICATION SYSTEM AND METHOD - A multi-party variance multiplication device includes: an initial setting device which generates a first public key by using an inputted system parameter; a commitment generation device which generates a commitment of a first input value based on the system parameter and a random number; an encryption device which generates an encrypted text of the first input value based on the system parameter, the random number, and the first public key; an authentication device which generates a certificate that authenticates a range of the first input value based on the system parameter, the random number, the first public key, and the second public key already public; a decryption device which generates a decrypted text by decrypting a noisy encrypted text based on the system parameter, the first public key, and a private key; and a noise removal device which generates a product variance by removing a noise from the decrypted text.07-21-2011
20080267403System and method for privacy enhancement via adaptive cryptographic embedding - The system and method enhances privacy and security by determining parts of a data stream that should not be publicly available and doing in-place encryption of that data while leaving the remaining data unencrypted for direct usage in security. The system is composed of a designator, that determines what parts of the data stream require protection, and a protector, that performs the in-place encryption. The resulting protected data stream can be played/displayed using the same standard technology as for the original data stream, with the encrypted portions appearing as random noise. The system also supports an extractor, which can, given access to the appropriate keys, invert the encryption and provide back the original data stream.10-30-2008
20080253565Encrypted Content Parallel to Free Broadcast - The present invention relates to a method and a device (10-16-2008
20080205646COMPUTER-READABLE RECORDING MEDIUM STORING DATA DECRYPTION PROGRAM, DATA DECRYPTION METHOD, AND DATA DECRYPTION DEVICE - A method, device and computer-readable recording medium that stores therein a computer program for data decryption to execute processing when encrypted communication data including encrypted data obtained by encrypting plain text data and communication attributive data representing information of a data size of communicated data is received, the computer program making a computer execute notifying for receiving only the communication attributive data in the encrypted communication data and notifying the data size represented by the received communication attributive data to a preparing unit which prepares a storage area for storing the encrypted communication data in temporary storage incorporated in the computer. The computer program also enables the computer to execute storing the encrypted communication data in the prepared storage area and decrypting the encrypted data contained in the encrypted communication data, which is stored in the storage area, to obtain the plain text data.08-28-2008
20110110518Obfuscating reception of communique affiliated with a source entity in response to receiving information indicating reception of the communique - A computationally implemented method includes, but is not limited to: receiving communiqué reception information that indicates reception of a communiqué that is affiliated with a source entity and that is directed to an end user; and presenting, in response to receiving the communiqué reception information and in lieu of presenting direct indication of reception of the communiqué, a covert indicator that covertly indicates reception of the communiqué, the presenting of the covert indicator being in accordance with one or more conditional directives of the end user to conditionally obfuscate the reception of the communiqué affiliated with the source entity. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure.05-12-2011
20120121087SPOOFING DETECTION FOR CIVILIAN GNSS SIGNALS - A system and method for detecting spoofing of signals by processing intermittent bursts of encrypted Global Navigation Satellite System (GNSS) signals in order to determine whether unencrypted signals are being spoofed.05-17-2012
20080219446Electronic transmission device, and signal transmission method - An electronic signal transmission apparatus executes an authentication process with a transmitting electronic device over a transmission line and receives an encrypted signal and first and second key information therefrom. The encrypted signal is decrypted based on the first key information, displayed and/or recorded, and re-encrypted using the second key information. The encrypted signal is transmitted to another electronic transmission apparatus if that apparatus does not have a recording capability and determined to be authorized using a second authentication process. The re-encrypted signal is sent to the another electronic transmission apparatus if that device has a recording capability and is authorized.09-11-2008
20080219445Communications audit support system - A communications audit support system is provided, which makes it possible to audit communications of an arbitrary encrypted communication session at any time. The communications audit support system of the present invention stores key information used for encrypted communication in a key management DB in association with a key ID each time the key information is created, stores IP addresses of a user terminal and a service providing server which perform an encrypted communication session using the key information in a communication state management DB in association with the key ID, and stores an encrypted packet sent in an encrypted communication session in a packet DB in association with IP addresses of a sender and a receiver of the encrypted packet.09-11-2008
20080219444Method for the secure loading in a NFC chipset of data allowing access to a service - A method for the secured loading of data into a first secured host processor of an NFC system comprising an NFC interface circuit for sending and receiving data, enabling a service to be accessed, the method comprising: generating a secret data, transmitting the secret data to the first host processor through a secured link, ciphering data to be loaded into the first host processor using a public key of the first host processor, and transmitting the ciphered data to the system for the first host processor which deciphers the data using a private key corresponding to the public key.09-11-2008
20100215176Means and method for controlling the distribution of unsolicited electronic communications - Methods, devices, and systems for controlling distribution of unsolicited electronic communications such as bulk email or internet telephony telemarketing calls. A first Public Key (08-26-2010
20100166181BANDWIDTH EFFICIENT METHOD AND SYSTEM FOR OBSCURING THE EXISTENCE OF ENCRYPTION IN A COMMUNICATIONS CHANNEL - A system, method, and network interface obscures the existence of data encryption in a communication network is provided. A set of characters is generated by using a set of encryption keys as an input to a pseudo-random function. Each character corresponds to an index value. The encrypted data is divided into a plurality of parts. Each part is sectioned into a plurality of groups. Each group of the plurality of groups is encoded by mapping the group to a character in the set of characters according to its corresponding index value. The mapped characters are transmitted through the communication network.07-01-2010
20100158251METHOD AND APPARATUS FOR REDUCING COMMUNICATION SYSTEM DOWNTIME WHEN CONFIGURING A CRYTOGRAPHIC SYSTEM OF THE COMMUNICATION SYSTEM - Disclosed is a method and apparatus for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system where the cryptographic system includes a first cryptographic device operatively coupled to a plurality of second cryptographic devices via a communication network of the communication system. The method includes causing a pass-through mode of the second cryptographic devices to be suspended, sequentially determining a state of each of the second cryptographic devices, causing the second cryptographic devices and the first cryptographic device to substantially simultaneously operate in a secure mode if each of the second cryptographic devices is determined to have a first state, and causing the second cryptographic devices and the first cryptographic device to operate in the pass-through mode if at least one of the plurality of second cryptographic devices is determined to have a second state.06-24-2010
20100158250MESSAGE TRANSMISSION METHOD, PREFERABLY FOR AN ENERGY DISTRIBUTION NETWORK - A process for transmitting a message between a first electronic device and a second electronic device of an energy distribution network is described. The process includes generating, by the first electronic device, a first data encryption key identifying the second electronic device on the basis of a main data encryption key and an identification code of the second electronic device. The process further includes generating, by the first electronic device and the second electronic device, a communication key on the basis of said first data encryption key and a reference datum.06-24-2010
20100158249DATA TRANSMITTING APPARATUS AND DATA RECEIVING APPARATUS - Provided is a data communication apparatus which significantly increases time necessary for an eavesdropper to analyze cipher text and which is superior in concealability based on astronomical computational complexity. A multi-level signal, which is generated by using data and key information, has a minor amplitude modulation, which is based on a random number signal generated on a transmission side, overlapped thereon, and is then transmitted. On a receiving side, instead of data decision, three types of decision, i.e., “1”, “0” and “decision impossible”, are performed on a random number signal by using two threshold values whose interval is significantly wider than a modulation amplitude based on random numbers. Information of a bit whose decision is performed successively is returned to the transmission side, and the bit is used commonly as a new key. Accordingly, in a single transmitting/receiving apparatus, cipher text transmission and key distribution can be realized simultaneously.06-24-2010
20100195830ELECTRONIC DATA ENCRYPTION AND ENCRYPTED DATA DECRYPTION SYSTEM, AND ITS METHOD - An object of the present invention is to provide an electronic data encryption and decryption system allowing a privileged user to decrypt all encrypted data without using a plurality of secret keys but only by using a single secret key that the privileged user himself has. An electronic data encryption and decryption system includes: a privileged user device, a user device, and an encrypted data generation device. The privileged user device has: a privileged user key generation means for generating a privileged user secret key x and a privileged user public key x·P (P is a generator); a first session key generation means for generating a session key K; and a first decryption means for decrypting the encrypted data by using the session key K generated by the first session key generation means. The user device has: a user key generation means for generating a user secret key r, a user public key r·P, and a public key rx·P; a second session key generation means for generating the session key K; and a second decryption means for decrypting the encrypted data by using the session key K generated by the second session key generation means. The encrypted data generation device has: a third session key generation means for generating the session key K by using the public key rx·P, session key generation information s, and a random point Q; and a means for encrypting the input electronic data by using the session key K generated by the third session key generation means.08-05-2010
20100195829METHOD FOR ESTABLISHING A RANDOM NUMBER FOR SECURITY AND ENCRYPTION, AND A COMMUNICATIONS APPARATUS - A communications apparatus includes a mobile device. The apparatus includes a receiver for receiving at the mobile device a plurality of signals carrying information including received signals which provides randomly varying data related to location of the mobile device. The apparatus includes a random number generator which generates a random number as a function of the data. The apparatus includes acryptographickey generator which generates a cryptographic key using the random number. A method to establish at a mobile device a random number for cryptographic operations includes the steps of receiving at the mobile device a plurality of signals carrying information including received signals which provides randomly varying data related to location of the mobile device. There is the step of estimating signal entropy for at least one of the received signals in dependence of location where the signals are received by the mobile device. There is the step of selecting the at least one entropy estimated signal having estimated entropy—satisfying a predetermined property. There is the step of generating from the at least one entropy estimated signal the random number.08-05-2010
20110051931ENCRYPTION METHOD AND APPARATUS USING COMPOSITION OF CIPHERS - A method and associated apparatus for use in a data distribution process to allow an untrusted intermediary to re-encrypt data for transmission from an originator to a message receiver without revealing the data (message) or the cipher to the intermediary. This method uses a composition of two ciphers for re-encrypting the message at the intermediary, without revealing the plain text message or either cipher to the intermediary.03-03-2011
20100067695MESSAGE PROCESSING APPARATUS AND PROCESSING METHOD THEREOF - A message processing method for publishing a message is provided. A first message including a message topic and a privacy level setting is received. It is determined whether the privacy level setting of the first message is erroneous according to the message topic and a privacy inherent relationship corresponding thereto. If so, the privacy level setting of the first message is corrected according to a predetermined privacy inherent policy. Thereafter, the first message is dispatched to at least one subscriber corresponding to the message topic.03-18-2010
20110188653Communication system and device - A communication device receives secure communication frames on which a security transform has been performed to permit authentication. The communication device maintains an authentication history and a local time varying parameter. In multi-hop communication, the communication device provisionally verifies the freshness of a received secure communication frame by verifying that identifying information extracted from the frame is not already present in the authentication history and that a received time varying parameter extracted from the frame is not older than the local time varying parameter by more than a certain margin. If these freshness tests both pass, the frame is authenticated. If authentication succeeds, the frame is transmitted on the next hop without performance of a new security transform.08-04-2011
20110188655METHOD TO MANAGE MEMBERS OF AT LEAST ONE GROUP OF DECODERS HAVING ACCESS TO BROADCAST DATA - A method to manage members of a group of decoders having access to broadcast data, each group member sharing a common broadcast encryption scheme (BES) comprising the steps of, in a stage for a decoder to become a group member, receiving keys pertaining to the position in the group according to the BES, receiving a current group access data comprising a current group access key, and in a stage of accessing broadcast data, using the current group access data to access the broadcast data, and in a stage of renewing the current group access key, sending a first group message comprising at least a net group access key encrypted so that only non revoked decoders can access it, said group message being further encrypted by the current group access key, updating the current group access key with the next group access key.08-04-2011
20110188654Communication terminal using a temporary network key for assembling a secure communication frame - A communication terminal generates a temporary network key based on a managed master network key and on key identification used for security processing on a communication frame. The security processing is performed on the communication frame using the temporary network key. A secure communication frame is produced in which the identification of the key is indicated.08-04-2011
20110150218METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR MANAGING AND UTILIZING CONNECTIONS BETWEEN AN APPLICATION SERVER AND AN ENTERPRISE INFORMATION SYSTEM BASED ON A DAYTONA ARCHITECTURE - Methods for managing, and utilizing connections between an application server and an enterprise information system (EIS) based on a Daytona architecture are provided. The methods may include operating a resource adapter conforming to the JCA standard, and interfacing with and being managed by the application server. The resource adapter may be configured to provide a connection to the EIS and to submit a query request to and receive query results from the EIS, including receiving the query request from a client; instructing the EIS to open a query, compile the query, execute the query, and return the results of the execution of the query; receiving the results of the execution of the query from the EIS; instructing the EIS to terminate the connection; and returning the results of the execution of the query to the client. Related systems and computer program products are also provided.06-23-2011
20100027794QUANTUM COMMUNICATION SYSTEM - A system for transmitting quantum information comprising a sending unit and a receiving unit, 02-04-2010
20100027795DIGITAL CONTENT DISTRIBUTION - A method comprising distributing digital data encoding content and arranged into messages from a server to one or more client terminals through a network, each message being decodable by a decoder application on a client terminal, said method including transmitting a plurality of data packets from the server through a network through a network interface of the server, each packet including at least one header and a payload, each payload including at least part of a message, and providing each message to a first of a series of at least one service interface between two layers in a protocol stack, installed on the server, each service interface configured to add at least one packet header to the packet encoding information enabling the client to process the remainder of the packet.02-04-2010
20100020973TRANSMISSION DEVICE AND RECEPTION DEVICE FOR CIPHERING PROCESS - In a wireless communication system, a transmission device includes: a generation section configured to encrypt information shared between the transmission device and a reception device using first encryption information which changes in accordance with the sequence information, and to generate encrypted data for the shared information; a transmission section configured to transmit, to the reception device, the encrypted data for the shared information; a reception section configured to receive, from the reception device, information about a result of a comparison between the shared information and a result of decrypting the encrypted data for the shared information using second encryption information which changes in accordance with the sequence information assigned to the encrypted ciphering-process-target data at the reception device; and a determination section configured to determine, based on the comparison result, whether the first and second encryption information matches or not.01-28-2010
20100020971Device and Method for a Secure Transaction - A device comprises a first processor and a second processor. The first processor is connected to a display, a data input arrangement, and a data acquisition device in a first mode of operation. The first mode of operation relates to performing non-secure operations. The second processor is connected to the display, the data input arrangement, and the data acquisition device in a second mode of operation. The second mode of operation relates to performing a secure operation. The secure operation relates to a sales transaction. When the device is in the second mode of operation, the data acquisition device receives secure data from a remote source. The secure data is forwarded to the second processor to determine a success of the sales transaction.01-28-2010
20120308005Media Storage and Playback of Encrypted Content - A content distribution system is disclosed that supports verification of transmission. In some embodiments, a remote probe device captures content and sends the content to a decrypting device so that decryption may be performed. The decrypting device may archive the content and may subsequently send the content to the probe device or to a playback device so that the content may be displayed. Consequently, the content distribution system can verify that specified content (e.g., an advertisement) was correctly distributed according to scheduled information.12-06-2012
20110305336INFORMATION PROCESSING APPARATUS, SERVER APPARATUS, INFORMATION PROCESSING METHOD AND PROGRAM THEREFOR - Provided is an information processing apparatus including a board on which electronic components are provided, a content encryption section configured to encrypt a content with a device key, a first storage section which is provided as one of the electronic components on the board and is capable of storing first identification information specific to the board, the first identification information being used to generate the device key, a transfer section configured to transfer the first identification information through a network to a server apparatus capable of storing the first identification information, and a first acquisition section configured to acquire the first identification information through the network from the server apparatus.12-15-2011
20110305335COMMUNICATION DEVICE, COMMUNICATION METHOD, AND COMMUNICATION SYSTEM - Provided is a communication device including: a communication section performing proximity communication with a reader/writer; a storage section storing data and a sequence number; and a control section controlling the writing of the data to the storage section in accordance with a command from the reader/writer. The communication section sends the sequence number to the reader/writer and receives first encryption data, which is generated by the reader/writer using a value based on the sequence number and writing target data which is target data which is written into the storage section, and the writing target data from the reader/writer, and the control section generates second encryption data using the value based on the sequence number and the writing target data, writes the writing target data into the storage section, and updates the sequence number in a case where the first encryption data and the second encryption data match.12-15-2011
20100020970System And Method For Camera Imaging Data Channel - A system and method for using cameras to download data to cell phones or other devices as an alternative to CDMA/GPRS, BlueTooth, Infrared or cable connections. The data is encoded as a sequence of images such as 2D bar codes, which can be displayed in any flat panel display, acquired by a camera, and decoded by software embedded in the device. The decoded data is written to a file. The system and method meet the following challenges: (1) To encode arbitrary data as a sequence of images. (2) To process captured images under various lighting variations and perspective distortions while maintaining real time performance. (3) To decode the processed images robustly even when partial data is lost.01-28-2010
20090323952TIME OF DAY ENCRYPTION USING TDMA TIMING - Embodiments of the invention provide for encryption and decryption of data in a TDMA network using TDMA time values. In some embodiments, TDMA time values can be transmitted to terminals from a network controller using a burst time plan. These TDMA time values along with other data and/or counters can be combined to create a one-time key, which can be used to both encrypt data and/or decrypt data. Embodiments of the invention can decrease communication overhead by using the TDMA time value for TDMA purposes as well as for encryption purposes.12-31-2009
20110110519DATA TRANSMISSION DEVICE, DATA RECEPTION DEVICE, METHODS THEREOF, RECORDING MEDIUM, AND DATA COMMUNICATION SYSTEM THEREFOR - A data transmission device (05-12-2011
20090074186METHOD FOR DECRYPTING SERIAL TRANSMISSION SIGNAL - A method for decrypting a serial transmission signal includes the following steps. First, the serial transmission signal including a serial data signal and a serial clock signal is received. Then, m bits are sequentially read from the serial data signal according to the serial clock signal. Next, values corresponding to the m bits are generated. Thereafter, each value is added to a content value of a register by an addition operation to obtain an addition result, and then the addition result replaces the content value and is stored in the register.03-19-2009
20120099727PROVISIONING TECHNIQUES - Provisioning techniques are described. In implementations, a particular one of a plurality of public keys are located using an identifier included in a request received via a network. The located public key is communicated via the network, the public key configured to encrypt data that is to be decrypted by a secure element of a mobile communication device, the secure element implemented using hardware and including a private key that is configured to decrypt the data that was encrypted using the public key.04-26-2012
20110064222QUANTUM KEY DISTRIBUTION INVOLVING MOVEABLE KEY DEVICE - A method of key distribution from a first entity to a second entity including the first entity communicating with a moveable key device so as to share a secret data with said moveable key device, relocating said moveable key device to a location having a quantum link with said second entity, transmitting a quantum signal from said moveable key device to said second entity on said quantum link, the quantum signal being based on said secret data; and said first entity and said second entity undertaking key agreement based on the quantum signal received by the second entity. Such a method allows the principles of quantum key distribution to be applied even in the absence of a suitable quantum communications link between the first and second entities.03-17-2011
20110091038SYSTEM OF PROVIDING A FIXED IDENTIFICATION OF A TRANSPONDER WHILE KEEPING PRIVACY AND AVOIDING TRACKING - Transponder (04-21-2011
20110091037CONTENT PROTECTION KEY ENCRYPTOR FOR SECURITY PROVIDERS - Techniques are provided to receive at an encryption device from a control device an encryption request comprising a message and an identifier for a device. The control device and the device are associated with a security provider that provides secure content to the device using the message encrypted with a device key that is securely embedded in the device and also stored on the encryption device. The encryption device is associated with a key provider and the device key is not divulged to the security provider. At the encryption device, the device key is retrieved based on the identifier. The message is encrypted with the device key using a predetermined algorithm, and the encrypted message is then sent to the control device.04-21-2011
20110317835Method and Apparatus to Facilitate Wireline Transmission of an Encrypted Rolling Code - An encrypted rolling code (12-29-2011
20110317834SYSTEM AND METHOD FOR SECURE MESSAGING IN A HYBRID PEER-TO-PEER NETWORK - An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables endpoints to securely send and receive messages to one another within a hybrid peer-to-peer environment.12-29-2011
20120045057CHALLENGE RESPONSE-BASED DEVICE AUTHENTICATION SYSTEM AND METHOD - A challenge response scheme authenticates a requesting device by an authenticating device. The authenticating device generates and issues a challenge to the requesting device. The requesting device combines the challenge with a hash of a password provided by a user, and the combination is further hashed in order to generate a requesting encryption key used to encrypt the user supplied password. The encrypted user supplied password is sent to the authenticating device as a response to the issued challenge. The authenticating device generates an authenticating encryption key by generating the hash of a combination of the challenge and a stored hash of an authenticating device password. The authenticating encryption key is used to decrypt the response in order to retrieve the user-supplied password. If the user-supplied password hash matches the stored authenticating device password hash, the requesting device is authenticated and the authenticating device is in possession of the password.02-23-2012
20120045056CRYPTOGRAPHIC PROCESSING SYSTEM - It is aimed to implement a hierarchical predicate encryption (HPE) scheme. A cryptographic process is performed using dual vector spaces (dual distortion vector spaces (DDVS)) of a space V and a space V* paired through a pairing operation. An encryption device generates as a cipher vector a vector in the space V, the vector having transmission information embedded therein. A decryption device, using a predetermined vector in the space V* as a key vector, performs the pairing operation on the cipher vector generated by the encryption device and the key vector, to decrypt the cipher vector and to extract information concerning the transmission information.02-23-2012
20120045055COMMUNICATION DEVICE, INFORMATION PROCESSING SYSTEM, AND ENCRYPTION SWITCHING METHOD - There is provided a communication device including a change request reception unit for receiving a change request for temporarily changing an encryption type of the communication device transmitted from an information processing device, an encryption type change unit for temporarily changing the encryption type of the communication device on the basis of the change request received by the change request reception unit, and an authentication information transmission unit for transmitting authentication information for causing the information processing device to authenticate the communication device encrypted in the encryption type temporarily changed by the encryption type change unit to the information processing device.02-23-2012
20120002811SECURE OUTSOURCED COMPUTATION - Secure outsourced computation on data can be achieved by transmitting shares of the data to respective computation servers; establishing respective connections between each of the computation servers and respective security modules, wherein each security module contains respective security data, the security data on the security modules being related by means of a Linear Secret Sharing Scheme; computing respective shares of a computation result in the computation servers, using the respective shares of the data and the respective security data; returning the shares of the computation result to a data owner; and obtaining the computation result from the respective shares of the computation result.01-05-2012
20120008777METHOD AND APPARATUS FOR A CONTENT PROTECTING AND PACKAGING SYSTEM FOR PROTECTING A CONTENT PACKAGE - An apparatus for providing an improved content protecting and packaging system for protecting content may include an extractor for extracting a content package into a plurality of content segments including a first portion and a second portion. An enveloper may envelop each of the content segments in the first portion separately to thereby create one or more protected content segments. Further, a packager may package the protected content segments with the second portion of the content segments into a protected content package, which may then be uploaded to a distributor for distribution to user terminals. A corresponding method and computer program product are also provided.01-12-2012
20120008778METHOD AND SYSTEM FOR TRANSMITTING SIGNALING INFORMATION OVER A DATA TRANSPORT NETWORK - A method for transmitting signaling information, such as cryptographic key synchronization information, over a data path of a network, the data path having an originating end and a terminating end. The method uses in-band signaling to transmit the signaling information from the originating end of the data, path to the terminating end of the data path without consuming any bandwidth of the data path. More specifically, the method includes the steps of receiving user data to be transmitted over the data path and encrypting this user data with a cryptographic key, thereby generating cipher data. The method next includes processing the cipher data such that the cipher data includes the signaling information, and mapping the cipher data including the signaling information into a traffic unit for transmission over the data path.01-12-2012
20120008779METHOD FOR SECURE TRANSFER OF MESSAGES - The present invention may be deployed in a system for broadcast of conditional access content where it is desirable to detect and take action against receiver equipment which has been used in a control word sharing activity. By requiring that receiver equipment used in the system send a message to a broadcaster of conditional access content at a precise time, the invention provides a method for the server to detect receiver equipment involved in control word sharing activity and to inhibit that receiver's ability to further access the content.01-12-2012
20120008781METHOD FOR ACCESS CONTROL TO A SCRAMBLED CONTENT - A method for access control to a digital scrambled content distributed to a set of installed reception terminals including one master terminal and at least one slave terminal dependent on the master terminal. In the method the slave terminal systematically or occasionally returns at least one item of information about the access condition to the master terminal through a point-to-point link, to enable the master terminal to control access of the slave terminal to the content.01-12-2012
20120008780METHOD FOR ELLIPTIC CURVE SCALAR MULTIPLICATION - The method for elliptic curve scalar multiplication may provide several countermeasures to protect scalar multiplication of a private key k by a point P to produce the product kP from power analysis attacks. First, the private key, k, is partitioned into a plurality of key partitions, which are processed in a random order, the resulting points being accumulated to produce the scalar product kP. Second, in each partition, the encoding is randomly selected to occur in binary form or in Non-Adjacent Form (NAF), with the direction of bit inspection being randomly assigned between most-to-least and least-to-most. Third, in each partition, each zero in the key may randomly perform a dummy point addition operation in addition to the doubling operation. The method may be implemented in software, smart cards, circuits, processors, or application specific integrated circuits (ASICs) designed to carry out the method.01-12-2012
20120057702TAG GENERATION APPARATUS, TAG VERIFICATION APPARATUS, COMMUNICATION SYSTEM, TAG GENERATION METHOD, TAG VERIFICATION METHOD, AND RECORDING MEDIUM - The tag generation apparatus of the present invention includes a hash unit (12) that applies a hash function to a message to generate a hash value, a random number encryption unit (14) that applies an encryption function having a first key to a random number that is independent of the message to generate a first intermediate variable, a masked encryption unit (15) that applies the encryption function having a second key to the sum of the random number and the hash value to generate a second intermediate variable, and a tag generation unit (16) that generates as the tag a value contained in bits of a predetermined number of bits that is less than or equal to the number of bits of the random number and that are extracted from the exclusive OR of the first intermediate variable and the second intermediate variable.03-08-2012
20120027210CRYPTOGRAPHIC SYSTEM, CRYPTOGRAPHIC COMMUNICATION METHOD, ENCRYPTION APPARATUS, KEY GENERATION APPARATUS, DECRYPTION APPARATUS, CONTENT SERVER, PROGRAM, AND STORAGE MEDIUM - A cryptographic communication technology that is based on predicate encryption and that can operate flexibly is provided. A conversion rule information pair is determined in advance, which has attribute conversion rule information prescribing a conversion rule for converting attribute designation information to attribute information used in a predicate encryption algorithm and predicate conversion rule information prescribing a conversion rule for converting predicate designation information to predicate information used in the predicate encryption algorithm. One kind of conversion rule information included in the conversion rule information pair is used to obtain first attribute information or first predicate information from input information. The first attribute information or the first predicate information is used for encryption. Encryption information is decrypted with a decryption key generated by using second attribute information or second predicate information obtained from user information by using the other kind of conversion rule information.02-02-2012
20090136033METHOD FOR PRESERVING PRIVACY OF A REPUTATION INQUIRY IN A PEER-TO-PEER COMMUNICATION ENVIRONMENT - A method for preserving privacy of a reputation inquiry in a peer-to-peer communication environment. The method allows peers using their own personal agents to obtain reputation information of each other through a pair of trustworthy mediator proxies. A mediator proxy is considered trustworthy if even when it is compromised it can guarantee three conditions: (1) the anonymity of the identity of the responders and the target being inquired; (2) the privacy of the content in an inquiry and a response; and (3) the boundary limit of the reputation summary with no possibility of combining the response of multiple inquiries to reverse engineer the reputation rating of an individual responder.05-28-2009
20120300929METHOD FOR AUTHENTICATING ONBOARD UNITS - A method for authenticating vehicle devices that can conduct dedicated short-range communications with beacons of a road tolling system. The beacons have a system-wide key and the vehicle devices only have individual keys. A supply of pairs of individual keys and associated derivation identifiers is stored in the vehicle device, and for consecutive communications the vehicle device selects a different pair from the supply in each case and uses said pair for the respective communication. The vehicle device is triggered by an interrogation device to perform at least the part of a radio communication in which the vehicle device sends the selected derivation identifier, and the selected derivation identifier is received in the interrogation device and is compared with derivation identifiers of the supply stored in the interrogation device. The vehicle device is then authenticated in the case of consistency of the comparison.11-29-2012
20120207303Utilizing data reduction in steganographic and cryptographic systems - The present invention relates to methods for protecting a data signal using the following techniques: applying a data reduction technique to reduce the data signal into a reduced data signal; subtracting the reduced data signal from the data signal to produce a remainder signal; embedding a first watermark into the reduced data signal to produce a watermarked, reduced data signal; and adding the watermarked, reduced data signal to the remainder signal to produce an output signal. A second watermark may be embedded into the remainder signal before the final addition step. Further, cryptographic techniques may be used to encrypt the reduced data signals and to encrypt the remainder signals before the final addition step.08-16-2012
20120207302RECOVERY FROM DECRYPTION ERRORS IN A SEQUENCE OF COMMUNICATION PACKETS - A method in a receiver includes receiving from a transmitter a sequence of communication packets, which carry data encrypted with an encryption scheme. The encryption scheme depends on a counter value that is incremented independently by each of the transmitter and the receiver. Attempts are made to decrypt the data of a received packet multiple times using different, respective counter values, to produce multiple respective decrypted outputs. A decrypted output in which the data has been decrypted correctly is identified, the counter value is corrected, and the data of the received packet is recovered from the identified decrypted output.08-16-2012
20120155642COMMUNICATION SYSTEM, COMMUNICATION APPARATUS, COMMUNICATION METHOD, AND COMPUTER PROGRAM - A source apparatus and a conditional access apparatus are disclosed. The source apparatus may transmit a command to the conditional access apparatus. The conditional access apparatus may transmit a response to the command to the source apparatus. When a time elapsed between transmission of the command by the source apparatus and reception of the response by the source apparatus does not exceed a predetermined round trip time (RTT), a first authorization signal to permit the conditional access apparatus to decrypt encrypted content may be generated. Additionally, whenever a non-RTT condition is met, a second authorization signal to permit the conditional access apparatus to decrypt the content may be generated.06-21-2012
20120155641NON-INTERACTIVE VERIFIABLE, DELEGATED COMPUTATION - A processor on a delegator receives an input upon which an expensive function is to be evaluated. The delegator incorporates the input into a request to perform a task that is different from evaluating the function. When the task is performed, it provides a secondary result that is observable by the delegator. The secondary result is different from an answer to the expensive function and can be verified by the delegator with less computational expense than evaluation of the expensive function. The task can be performed by the server only after the server has verifiably evaluated the function based on the input. Request data, that is indicative of the request to perform a task with the input incorporated therein is transmitted to the server for performance of the task. The delegator then receives a returned result from the server indicative of the server performing the task. The returned result has a value that reflects both an answer to which the server has evaluated the function, and whether the answer is verified as being correct.06-21-2012
20090060185METHOD AND SYSTEM FOR PROVIDING FOR SECURITY IN COMMUNICATION - A method (and system) of securely communicating, includes using one of a preliminary secure transmission and exchange or acquisition of secret information that provides parties with a random sequence known only to first and second parties in communication with one another, the random sequence comprising a fixed length sequence of a form (N1j, N2j, . . . , Nmj, k1j, k2j, k3j, . . . , knj).03-05-2009
20100172499APPARATUS, METHOD, PROGRAM, AND SYSTEM FOR INFORMATION PROCESSING - Provided is an information processing apparatus including a communication unit for communication with an external apparatus, an operating system running unit for running first and second operating systems, respectively: the first for the communication via a first communication path under a first communication protocol; and the second for the communication via a second communication path under a second communication protocol. The apparatus also includes a storage including first and second data areas for the first/second operating system, and a shared area for both first and second operating systems. A first encryption key is stored in the first area for first protocol communication. The first operating system encrypts the communication via the first path by the first key, acquires, from the external apparatus via the first path, a second encryption key for second protocol communication, and stores the second key into the shared area. The second operating system transfers the second key to the second data area.07-08-2010
20090060184Systems and Methods for Providing Autonomous Security - Systems and methods for providing autonomous security are configured to modify an original header associated with an original data packet wherein key information is added; encrypt original data associated with the original data packet in response to the key information; and form an encrypted data packet including the modified header and the encrypted data, wherein the encrypted data packet is a same size as the original data packet.03-05-2009
20090060183PRIVATE LOCK INFRASTRUCTURE - A method and system for securely transmitting data from a sender to a receiver wherein a private lock is created by a receiver. The private lock is freely distributable while the key remains with the receiver. To receive encrypted data, the lock is sent to the sender who uses the lock to encrypt data. The sender sends the encrypted data to the receiver. When the receiver receives the encrypted data, he can decipher the message using his own key. In cases where there are multiple intended recipients, each recipient sends their lock to the sender and the sender encrypts the same data with each of the locks. The sender then sends the encrypted data to each of the recipients. Each recipient uses their own key to access the data. In some instances, the locks will be recognizable and each receiver will be able to identify his own lock while in other instances the locks will not be recognizable and the user will not know how many locks are on the data or the types of locks that are being used. In those cases, the receiver can still apply his own key to all locks to see if any of the locks open. By using the method and system of the present invention, the transmissions of data is more secure because of the reduced risk of keys being shared, lost or stolen, the role of certificate authority is eliminated, and the role of registration authority becomes optional.03-05-2009
20110103584PROTECTION OF A CIPHERING KEY - A method for protecting a key used, by an electronic circuit, in a symmetrical algorithm for ciphering or deciphering a message, including the steps of complementing to one the key and the message; executing the algorithm twice, respectively with the key and the message and with the key and the message complemented to one, the selection between that of the executions which processes the key and the message and that which processes the key and the message complemented to one being random; and checking the consistency between the two executions.05-05-2011
20120121088ENCRYPTION KEY GENERATION DEVICE - A master key (K05-17-2012
20090010431METHOD FOR THE RAPID SYNCHRONISATION OF A DEVICE FOR RECEIVING SCRAMBLED DATA, USING AN OPTIMISED CALCULATION OF A SYNCHRONISATION VALUE - The disclosure relates to a method of synchronising a device for receiving scrambled data, using at least one periodic scrambling sequence which is divided into K time intervals, each interval comprising N bit periods known as symbols. In particular, one such method includes calculating a synchronisation value of at least one polynomial that generates the aforementioned scrambling sequence within a pre-determined synchronisation time interval and synchronisation bit period. During the calculation step, the sequence is progressed through at increments of at least one time interval and at least one bit period, using a matrix calculation of the synchronisation value.01-08-2009
20120128154ESTABLISHING A SECURE PROXIMITY PAIRING BETWEEN ELECTRONIC DEVICES - A technique for establishing a common encrypted link between a first electronic device and a second electronic device in physical proximity in a system is described. During operation of the system, a user of a first electronic device in the system provides a notification that initiates secure device pairing. In response to the notification, the first electronic device conducts a first key exchange in an audible audio spectrum to the second electronic device in the system using a first zero-knowledge protocol. After the first key is received by the second electronic device, the second electronic device conducts a second key exchange in the audible audio spectrum to the first electronic device using a second zero-knowledge protocol, thereby establishing the common encrypted link between the first electronic device and the second electronic device.05-24-2012
20110182426Dynamic Group Creation for Managed Key Servers - A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.07-28-2011
20120213364COMBINATION-BASED BROADCAST ENCRYPTION METHOD - A combination-based broadcast encryption method includes: assigning by a server a base group of different combinations to each user; producing and sending secret information for each user by using as a base the base group allocated to each user; producing and sending an inverse-base parameter value through calculations with integers used to produce the base group and key value information of one or more privileged users; and deriving a group key by using the key value information of the privileged users, encrypting a session key by using the derived group key, and sending the encrypted session key to each user. Accordingly, each user is assigned a different base through a combination, thereby having security against collusion attacks.08-23-2012
20120213363DEVICE FOR AND A METHOD OF PROCESSING A DATA STREAM08-23-2012
20120163597METHOD FOR IMPLEMENTING LOCAL ROUTING OF TRAFFIC, BASE STATION AND SYSTEM - Embodiments of the present invention provide a method for implementing local routing of traffic, a base station and a system are provided, which relate to the field of communications technologies. The method for implementing local routing of traffic includes: judging whether local routing processing is performed on an uplink traffic flow of a first terminal that serves as a sending end; if it is judged as yes, updating a key of the uplink traffic flow of the first terminal and/or a key of a downlink traffic flow of a second terminal that serves as a receiving end to a public key; forwarding an encrypted data packet of the uplink traffic flow of the first terminal to the second terminal through the downlink traffic flow of the second terminal, where an encryption and decryption operation is not performed on the encrypted data packet before the forwarding or during the forwarding.06-28-2012
20120257752Public Key Encryption with Digital Signature Scheme - An improved encryption and digital signature system and method in accordance with the invention reuses an encryption ephemeral key pair from an encryption process in a digital signature process. The reuse of the encryption ephemeral key pair in the digital signature process advantageously results in reduced byte size of the digital signature and reduction of costly computation overhead. In a preferred embodiment, the invention is based on the El Gamal encryption scheme and the Nyberg-Rueppel signature scheme. The present invention is particularly useful for operation in conjunction with small communication devices having limited processing and storage, wherein such devices may communicate via bandwidth sensitive RF links.10-11-2012
20120076299Method for the encrypted transmission of data from a mobile date storage device to a stationary device as well as data encryption adapter - The present invention relates to a method for the encrypted transmission of data from a mobile, first data storage device (03-29-2012
20120076298UNIFIED ARCHITECTURE FOR CRYPTO FUNCTIONAL UNITS - In described embodiments, a unified Crypto Functional Unit (CFU) block architecture provides a capability for advanced communication processors to provide parallel and concurrent processing of multiple crypto operations/transactions within high-speed hardware to support different security standards (e.g. from IPsec, 3GPP). In particular, each CFU block of the unified CFU block architecture comprises a FIFO-based interface, switch, and wrapped cipher/hasher. The unified CFU block architecture allows for drop-in solutions for cipher blocks in ASIC designs with crypto function blocks.03-29-2012
20090080655Network system, data transmission device, session monitor system and packet monitor transmission device - In a network system for communication between a first terminal with an encrypting function and a second terminal without the encrypting function, a control data transmission device includes a receiving unit receiving control data sent from the first terminal to the second terminal, a data processing unit for extracting cipher information of the first terminal from the control data, a memory storing the cipher information of the first terminal, and a sending unit for sending the control data without the cipher information toward the second terminal, or sending to the first terminal the control data with the cipher information, and further sending the cipher information to the user data transmission device; a user data transmission device includes an encryption processing unit for decrypting the data that was sent from the first terminal to the second terminal while encrypting the data as sent from the second terminal to the first terminal.03-26-2009
20100008506METHOD AND APPARATUS FOR PERFORMING VOIP-BASED COMMUNICATION USING BIO KEYS - A method for performing an encrypted voice call between a first terminal and a second terminal supporting a Voice over Internet Protocol (VoIP)-based voice call. In the method, the first and second terminals generate and store a bio key using biographical (bio) information of a user in advance before performing a voice call, the first terminal sends a request for a voice call to the second terminal and establishing a session, the first and second terminals exchange and store a bio key stored in each terminal, and the first and second terminals generate a session shared key using the exchanged bio key and starting a Secure Real-time Transport Protocol (SRTP) session, and a restored bio key by acquiring bio information from received data. User authentication is then performed by comparing the bio key with the restored bio key.01-14-2010
20120314862SYSTEM AND METHOD FOR AN ATM ELECTRONIC LOCK SYSTEM - A method for ATM Electronic Lock System comprising the steps: (a) a user using ATM card and entering PIN in an ATM Electronic Lock Subsystem, (b) the ATM Lock System authenticating the user, (c) generating a RND and Local One Time Code (LOTC) with the user's personal ID, Equipment ID, (d) displaying the RND to the user and the user sending the RND to ATM management center via mobile device, (e) the Management Center authenticating the user and generating a Management Center One Time Code (MC-OTC) and sending the MC-OTC to the user's mobile device, (f) the user entering the MC-OTC to the ATM Electronic Lock Subsystem, (g) the ATM Electronic Lock Subsystem comparing the MC-OTC with LOTC, and sending unlock command to unlock the ATM Electronic Lock System to allow user to access the ATM if the MC-OTC matches the LOTC, otherwise, the ATM Electronic Lock System remains locked.12-13-2012
20120224690Cross Enterprise Communication - Method and system for cross enterprise communication are provided in which intermediary communication components carry out cross enterprise communication. A method at a first sending enterprise comprises: receiving a signed encrypted message from a sender within a first enterprise; validating the sender; decrypting the message; encrypting the message for receipt by a second enterprise; signing the encrypted message by the first enterprise; and sending the re-signed re-encrypted message to a second enterprise. The method at the second receiving enterprise comprises: receiving a signed encrypted message from a first enterprise; validating that the first enterprise is the sender; decrypting the message; encrypting the message for receipt by one or more recipients at the second enterprise; signing the encrypted message by the second enterprise indicating that the message is from the first enterprise; and sending the re-signed re-encrypted message to the one or more recipients of the second enterprise.09-06-2012
20120257751CONTROLLED SECURITY DOMAINS - A security domain control method includes defining a sequential series of security domains; designating one of the security domains as a current domain; generating a plurality of security tokens under the current security domain, each security token being configured to enable a party to exchange cryptographically secured messages with another party that is holding any one of: a token generated under the current security domain; a token generated under at least one next security domain in the series; and a token generated under at least one previous security domain in the series; and subsequently designating a next one of the security domains in the series as a current domain.10-11-2012
20130022198DEVICE AUTHENTICATION IN A PKI - A method for establishing a link key between correspondents in a public key cryptographic scheme, one of the correspondents being an authenticating device and the other being an authenticated device. The method also provides a means for mutual authentication of the devices. The authenticating device may be a personalized device, such as a mobile phone, and the authenticated device may be a headset. The method for establishing the link key includes the step of introducing the first correspondent and the second correspondent within a predetermined distance, establishing a key agreement and implementing challenge-response routine for authentication. Advantageously, main-in-the middle attacks are minimized.01-24-2013
20080298588METHODS AND SYSTEMS FOR THE AUTHENTICATION OF A USER - The present invention generally relates to a computer security system for use in the identification and authentication of a user. In one aspect, a method for identifying and authenticating a user is provided. The method includes establishing a trust between a server machine and an agent on a user machine. The method further includes establishing a session key to encrypt communications between the server machine and the agent. The method also includes receiving a username and password for use in validating the user. Additionally, the method includes creating an executable binary for the extraction of device data from the user machine to uniquely identify the machine. In another aspect, a computer-readable medium including a set of instructions that when executed by a processor causes the processor to identify and authenticate the user is provided. In a further aspect, a system for identifying and authenticating a user is provided.12-04-2008
20120269343Encrypting Communications - A method of securely communicating a data chirp signal from a transmitter to a receiver, the chirp signal comprising at least one symbol, each symbol comprising one or more identical chirps, each chirp encoding a symbol value, the method comprising: negotiating between the transmitter and the receiver encryption parameters of the chirp signal, the encryption parameters defining at least one property of each symbol of the chirp signal; at the transmitter, encrypting the chirp signal as negotiated; at the transmitter, encoding data in the chirp signal via the symbol value of each chirp; and transmitting the encrypted and encoded chirp signal from the transmitter to the receiver.10-25-2012
20120093311EFFICIENT PROCEDURE FOR PAIRING MEDICAL DEVICES FOR WIRELESS COMMUNICATION WITH LIMITED USER INTERACTION - A method for pairing a handheld diabetes managing device with an insulin pump for secure wireless communication with limited user interaction. A pump identification code that uniquely identifies the insulin pump can be displayed on the diabetes managing device and insulin pump. The diabetes managing device can receive an insulin pump selection input that selects the pump identification code corresponding to the insulin pump. The diabetes managing device and insulin pump can generate and display a first verification string and second verification string, respectively. Confirmation inputs corresponding to the first verification string matching the second verification string can be received at both the insulin pump and the diabetes managing device such that a secure bidirectional communication link between the diabetes managing device and the insulin pump is established.04-19-2012
20100189259PEER COMMUNITIES - A software architecture that permits for a unified mechanism for interfacing with multiple peer groups is disclosed. The architecture includes multiple peer group interfaces, each facilitating communication between computing systems in a corresponding peer group. In addition, a perhaps configurable number and type of service modules are configured to use the peer group interfaces to facilitate communication between peer groups in a manner that facilitates the service. A peer community application program interface is configured to allow one or more peer applications to enlist the services of the plurality of services by interfacing with the peer community application program interface.07-29-2010
20120321083SYSTEM, METHOD AND APPARATUS FOR SECURELY DISTRIBUTING CONTENT - System, method and apparatus for securely distributing content via an encrypted file wherein a Publisher Key (PK) associated with an authorized publisher enables presentation of the content by the authorized user via a Limited Capability Viewer (LCV), the LCV lacking the capability to forward, print, copy or otherwise disseminate the content to be presented.12-20-2012
20100232605METHOD AND APPARATUS FOR PROVIDING AND RECEIVING CONDITIONALLY-ACCESSED VARIOUS APPLICATION INFORMATION - The present invention provides various types of encrypted application information. An encoding method according to the present invention encrypts application information to be provided through an application service, creates a first service component frame including an ID of the application service and control data used for encryption of the application information, creates a second service component frame including the encrypted application information, organizes a data frame with the created first and second service component frames, and transmits the organized data frame.09-16-2010
20120281829REMOTE DIGITAL FIRING SYSTEM - A remote digital firing system for selectively firing a plurality of remote mission payloads. The remote digital firing system includes a first set of firing circuits communicatively coupled to and operative to fire a corresponding first set of remote mission payloads and a second set of firing circuits communicatively coupled to and operative to fire a corresponding second set of remote mission payloads. The remote digital firing system includes a firing control panel communicatively linked to the first and second sets firing circuits, a first digital code plug configured to be integrated in communicative combination with each firing circuit of the first set and the firing control panel, a second digital code plug configured to be integrated in communicative combination with each firing circuit of the second set and the firing control panel, and a payload selector switch for selecting a remote mission payload.11-08-2012
20120281830SECURITY SYSTEM AND METHOD - A method for generating data encryption coding with variable clocking according to one embodiment includes storing a secret code in a first register; storing a locally-generated random number in a second register; storing a second random number generated at a remote device in the second register; extracting bits from the first register; extracting bits from the second register; setting a state of a clock generator in response to one or more bits from each register, the clock generator generating a clock signal controlling operation of the first register, the clock signal varying depending on the state of the clock generator.11-08-2012
20120288094Secure Modulation and Demodulation - A system and method are disclosed for securely transmitting and receiving a signal. A nonlinear keying modulator is used in the transmitter to encrypt the signal using a nonlinear keying modulation technique. A nonlinear keying demodulator is used in the receiver to decrypt the signal.11-15-2012
20120288092DISCOVERY OF SECURITY ASSOCIATIONS FOR KEY MANAGEMENT RELYING ON PUBLIC KEYS - Techniques are disclosed for forming a discoverable security association in communication environments and for lawfully discovering security associations formed in communication environments. For example, a method for forming a discoverable security association between a first computing device and a second computing device comprises the following steps. The first computing device obtains from a key management entity: (i) a first private key assigned to the first computing device, which is computationally associative with a first public key associated with the first computing device; and (ii) a first root key assigned to the first computing device. The first computing device chooses a first random value and generating a first nonce, wherein the first nonce is a result of an encryption of the first random value using the first root key. The first computing device generates a first key component based on the first random value. The first computing device encrypts the first nonce and the first key component with a second public key associated with the second computing device using an identity-based encryption process and sends the encrypted first nonce and the encrypted first key component to the second computing device so as to establish a security association with the second computing device. The security association is discoverable by a third computing device unbeknownst to the first computing device and the second computing device.11-15-2012
20130010952METHOD OF PROVIDING A PORTABLE TRUE RANDOM NUMBER GENERATOR BASED ON THE MICROSTRUCTURE AND NOISE FOUND IN DIGITAL IMAGES - A method of providing a portable true random number generator based on the microstructure and noise found in digital images is claimed and disclosed. Using the lowest significant bits of digitized images, strings of binary data are extracted. These raw strings are shown to pass the DIEHARD, NIST, and ENT tests for randomness for a robust selection of natural images. This information is available to, and may be processed by off-the-shelf technology including smartphones or other embedded devices without undue constraints on physical and environmental parameters. The method represents a significantly improved portable means of random number generation for all security, cryptographic, entertainment and PSI applications.01-10-2013
20130010954METHOD FOR THE SECURE UNINDIRECTIONAL TRANSMISSION OF SIGNALS - A method transmits a signal using a unidirectional communications link, which is protected by an asymmetric cryptography method. A counter value is incremented by a transmitter during a transmission operation. Subsequently, a challenge is determined by the transmitter on the basis of the counter value and a control command that can be executed by a receiver and, on the basis of the challenge that is determined a response is in turn determined. The challenge and the response are transmitted from the transmitter to the receiver. The challenge received is then checked by the receiver to see whether the counter value used in the challenge is greater than a counter value previously stored by the transmitting transmitter. The response received is checked on the basis of the challenge. Following successful checking of the challenge and response, the control command transmitted in the challenge is executed.01-10-2013
20130010955METHOD FOR IMPLEMENTING AN ENCRYPTION ENGINE - Disclosed is a method for implementing an encryption engine, which includes: when an engine binding interface is called, a hardware encryption engine establishes a connection with a hardware encryption equipment, acquires an algorithm list of said hardware encryption equipment, and fills a first data structure; when a key initialization interface is called, said hardware encryption engine, according to the transmitted first data structure, sets an encryption/decryption algorithm to be used by said hardware encryption equipment, and retrieves a corresponding algorithm key; and if no algorithm key is retrieved, said hardware encryption engine controls said hardware encryption equipment to create said algorithm key; when a data encryption/decryption interface is called, said hardware encryption engine, according to the currently set encryption/decryption algorithm and said algorithm key, controls said hardware encryption equipment to perform an encryption/decryption operation on the transmitted data, and outputs the operation result; and when an engine release interface is called, said hardware encryption engine ends the connection with said hardware encryption equipment. The present invention can add or extend the encryption/decryption algorithm that can only be implemented in hardware to a software algorithm library.01-10-2013
20130010953ENCRYPTION AND DECRYPTION METHOD - A method and apparatus are provided for encrypting a plaintext message element into a ciphertext message element associated with a random vector a first subset of encrypting users. The message element is encoded using an error correcting code and then encrypted by a secret matrix, parameterized by the random vector and with noise added by a noise vector. The method includes obtaining the secret matrix parameterized by the random vector and with noise by adding together user secret matrices specific to each of the encryption users. The user secret matrices are parameterized by the random vectors and having noise added by respective noise vectors specific to the encrypting users.01-10-2013
20130016836CRYPTOGRAPHIC PROCESS EXECUTION PROTECTING AN INPUT VALUE AGAINST ATTACKS - A cryptographic process (such as the AES cipher) which uses table look up operations (TLUs) is hardened against reverse engineering attacks intended to recover the table contents and thereby the cipher key. This hardening involves removing any one-to-one correspondence between the TLU inputs and outputs, by altering the output of the TLU dynamically, e.g. at each execution (call) of the TLU. This is done by increasing the size of the tables, applying a dynamically determined mask value to the table input and/or output, or using an inverse of the table.01-17-2013
20130016837OCDM-BASED ALL OPTICAL MULTI-LEVEL SECURITY - A high data rate optical signal is inverse multiplexed into a multitude of lower-rate tributaries, each of which is coded by its unique OCDM code, and the combined coded tributaries are injected into a common phase scrambler. Coherent summation of these optically encoded tributaries pass through a shared phase or phase and frequency scrambler before exiting the secure location. The setting of the scrambler acts as the key. The authorized recipient with the correct key retrieves the ones and zeros of the several decoded signals.01-17-2013
20130016838MULTICAST KEY NEGOTIATION METHOD SUITABLE FOR GROUP CALLING SYSTEM AND A SYSTEM THEREOFAANM Hu; YananAACI Xi'anAACO CNAAGP Hu; Yanan Xi'an CNAANM Cao; JunAACI Xi'anAACO CNAAGP Cao; Jun Xi'an CNAANM Tie; ManxiaAACI Xi'anAACO CNAAGP Tie; Manxia Xi'an CNAANM Huang; ZhenhaiAACI Xi'anAACO CNAAGP Huang; Zhenhai Xi'an CN - The present invention discloses a multicast key negotiation method suitable for group calling system and a system thereof. The method includes that: a user terminal (UT) negotiates about a unicast key with a base station (BS), derives an information encryption key and an integrity verifying key according to the unicast key, and registers a service group identifier that the UT belongs to at the BS; the BS notifies the UT the multicast key of the service group that the UT needs to apply, constructs a multicast key notification packet, and sends it to the UT; after receiving the multicast key notification packet sent by the BS, the UT obtains the multicast key of the service group that the UT needs to apply by decrypting a service group key application list, constructs a multicast key confirmation packet, and sends it to the BS; the BS confirms that the multicast key of the UT service group is built successfully according to the multicast key confirmation packet sent by the UT.01-17-2013
20130016835APPARATUS AND METHOD FOR DISTRIBUTING A STRING OF SECRET BITS OVER A QUANTUM CHANNELAANM ZBINDEN; HugoAACI GeneveAACO CHAAGP ZBINDEN; Hugo Geneve CHAANM WALENTA; NinoAACI GeneveAACO CHAAGP WALENTA; Nino Geneve CHAANM LIM; Charles Ci WenAACI GeneveAACO CHAAGP LIM; Charles Ci Wen Geneve CH - For distributing a sequence of symbols, an emitter station transmits to a receiver station quantum systems through a quantum channel. Each of the quantum systems belongs to a set of at least two non-orthogonal quantum states and comprises a group of at least two weak coherent states of an electromagnetic field. Each weak coherent state is in a time bin of duration t. Centers of neighboring weak coherent states in a group are separated by a time T01-17-2013
20130022200Broadcast Encryption Based Security System - Provided are techniques for providing a home or business security system that relies upon data encryption for both communication and the storage of content. The disclosed technology incorporates all the devices necessary for a comprehensive security system, including, but not limited to, controllers, monitors, alarms and communication media. The system may include an unlimited number of devices and, further, individual devices may be added and removed as needed. Users may define and change the boundaries of a security system or, in other words, decide what devices to include or not include in such a system. A defined boundary does not need to be confined to a single location. In one embodiment, the claimed subject matter incorporates xCP based broadcast encryption technology.01-24-2013
20130022199ENCRYPTION METHOD AND APPARATUS FOR DIRECT COMMUNICATION BETWEEN TERMINALS - A method for performing direct communication between terminals includes: a transmitting terminal's encrypting data using a direct communication transport encryption key (DTEK) for direct communication; and transmitting the encrypted data to a receiving terminal, wherein the DTEK is managed in an SA (security association) defined within the transmitting terminal or the receiving terminal.01-24-2013
20120243684CONTENT DATA REPRODUCTION SYSTEM AND COLLECTION SYSTEM OF USE HISTORY THEREOF - According to one embodiment, a content data reproduction system includes a host device which uses content data, and a storage device configured such that content data, which is obtained by decrypting encrypted content data that is created by encrypting the content data by content key data, is made usable in the host device. The host device includes a device ID which is uniquely allocated to each of host devices. The storage device includes a memory and a controller configured to control the memory.09-27-2012
20120243683NODE AND GROUP KEY UPDATING METHOD - According to one embodiment, a node that is a root node of a network forming a directed acyclic graph topology, which is composed of plural nodes including the node serving as the root node and having a parent-child relationship among nodes of adjacent hierarchies, includes a generating unit, an encrypting unit, and a transmitting unit. The generating unit generates a group key, and a list indicating a first node to which a distribution of the group key is inhibited. The encrypting unit encrypts the group key so as to be capable of being decrypted by a first child node other than the first node out of the child nodes of the root node. The transmitting unit transmits a first message, including an encrypted group key, which is the group key that is encrypted with respect to the first child node, and the list.09-27-2012
20080247545Communication System and Communication Method - The present invention relates to communication system, communication method, information processor, method, device, program, and recording medium which permit plural algorithms to be treated and which can impart expansibility to communications.10-09-2008
20080240433LIGHTWEIGHT SECURE AUTHENTICATION CHANNEL - A secure authentication channel (SAC) between two nodes in a communication network is created by the nodes themselves using mutual authentication. The network has two nodes, a coordinating entity, two PKI-based SACs, and one non-PKI SAC which is created by the two nodes and is for use by the nodes. The coordinating entity generates a master key which is transmitted to two nodes via a PKI-based SAC established between the coordinating entity and each of the two nodes. One node uses the master key to generate a first random number and the second node uses the key to generate a second random number. The second node also has an encrypted third random number. The network also has a third SAC, which is not solely based on PKI, between the first node and the second node and is created when the two nodes have authenticated each other. The mutual authentication process occurs without the intervention of the coordinating entity.10-02-2008
20080226069Apparatus and Method for Providing Protection from Malware - An apparatus for protecting against malware comprises a first and a second processing module. The first processing module encrypts an input data generated by an input device. The encryption reduces unauthorized data monitoring by spyware. The second processing module is attached to the front of a protected data destination. The second processing module performs a decryption on any data that originates from the input device and enters the data destination. The encryption and decryption are synchronized. The decryption reduces the risk posed by an unencrypted backdoor command by making it undecipherable.09-18-2008
20130177155Method and System for Generating Normal Distributed Random Variables Based On Cryptographic Function - A method of generating normally distributed random variables for communication channel simulation comprising generating, by a processor, a stream of uniformly distributed random variables using a cryptographic algorithm, applying a mathematical transform to the uniformly distributed random variables using the processor to create a signal comprised of normally distributed random variables, adjusting a mean and variance of the signal using the processor, and outputting, by the processor, an output noise signal.07-11-2013
20130142333SEMICONDUCTOR STORAGE DEVICE - According to one embodiment, a device includes a storage and an authenticator. The storage includes a first area, a second area and a third area. The first area stores NKey and SecretID, the second area stores index information. E-SecretID is generated by SecretID. The third area stores FKB including information generated by FKey. The authenticator authenticates the external device. HKey is generated by an AES encryption calculating using NKey and HC. A SKey is generated by an AES encryption process using HKey and RN. A one-way conversion calculating is performed. E-SecretID, FKB and Oneway-ID are output to the external device. The index information is read from the second area.06-06-2013
20130114812DEMAND BASED ENCRYPTION AND KEY GENERATION AND DISTRIBUTION SYSTEMS AND METHODS - Systems and methods providing a key management platform that generates and distributes demand-based encryption and decryption keys are described.05-09-2013
20130094650SECURE DATA TRANSFER USING RANDOM ORDERING AND RANDOM BLOCK SIZING - Encrypted information is conventionally broken into blocks which are transmitted sequentially. Because the order and the size of such blocks can be easily determined, an eavesdropper can gain valuable information regarding the content of the communication. More specifically, if known types of information exist within a block, the encryption key may be determined allowing the content of other encrypted blocks to be obtained. Embodiments of a system, method and computer program product described herein can overcome this deficiency by securely transferring information through random ordering and random block sizing. An original data set to be transferred is divided into a plurality of blocks, where at least two blocks have different sizes. The blocks are encrypted and inserted into a sequence of data transfer slots. The blocks are then selected for transfer in random order by selecting a slot to transfer based on a generated random number.04-18-2013
20130114811Method for Privacy Preserving Hashing of Signals with Binary Embeddings - A hash of signal is determining by dithering and scaling random projections of the signal. Then, the dithered and scaled random projections are quantized using a non-monotonic scalar quantizer to form the hash, and a privacy of the signal is preserved as long as parameters of the scaling, dithering and projections are only known by the determining and quantizing steps.05-09-2013
20130101118METHOD AND APPARATUS FOR PROVIDING BROADCAST SERVICE USING ENCRYPTION KEY IN A COMMUNICATION SYSTEM - A method and apparatus for providing a broadcast service in a communication system is provided. The method includes generating a key pair comprising a first key and a second key, generating at least one of forward encryption keys by applying a forward hash chain to the first key, generating at least one of reverse encryption keys by applying a reverse hash chain to the second key, generating at least one of encryption keys using the at least one of forward encryption keys and the at least one of reverse encryption keys, encrypting broadcast service data using the at least one of encryption keys, and broadcasting the encrypted broadcast service data.04-25-2013
20130101116WIRED COMMUNICATIONS SYSTEMS WITH IMPROVED CAPACITY AND SECURITY - Provided are methods and systems of using division-free duplexing (DFD) in a cable communication network. Techniques for applying DFD in a cable communication network may enable data to be transmitted and received over a coaxial cable without using division duplexing techniques. For example, the cable communication network may include DFD enabled network nodes and each subscriber to the cable network may be equipped with a DFD system configured to operate in a DFD mode. In some embodiments, oppositely propagating signals may be transmitted over one frequency channel, and DFD techniques may be used to recover originally transmitted signals. Further, in some embodiments, DFD techniques may be used with encryption methods to increase the security of data transmitted in the cable communication network.04-25-2013
20130101117PRIVATE OVERLAY FOR INFORMATION NETWORKS - A private overlay is provided for information networking that puts the user in charge of the user's personal information. User identity is separated from a numeric tag that points to the cell in which the user equipment can be paged. The private overlay is created by addition of a registration and certification authority such as Public Key Infrastructure and Certification Authority (PKI). The registration and certification authority provides the network and all subscribers with public encryption keys for the network and the users. Private decryption key are generated and stored locally in a suitable manner. With this addition, a private overlay to the existing cellular, wireless or utility distribution infrastructure can be established for a device that has registered with, e.g., a cellular or wireless network or with a utility distribution system.04-25-2013
20080199010Information Processing Apparatus, Information Processing Method, and Computer Program - An information processing apparatus for receiving broadcast data and outputting the received data to a client connected to a network includes a broadcast receiving unit that receives broadcast data; an encryption processor that performs encryption processing on the broadcast data received by the broadcast receiving unit; a data accumulation unit that accumulates encrypted data generated by the encryption processor; a data transmission unit that generates a communication packet in which encrypted data accumulated in the data accumulation unit is stored and outputs the generated communication packet; and a transmission data controller that monitors a retained state of the encrypted data in the data accumulation unit and removes, if a state different from a predetermined allowable retained state is detected, at least part of the encrypted data accumulated in the data accumulation unit from transmission data.08-21-2008
20130148805METHOD AND APPARATUS FOR IMPLEMENTING KEY STREAM HIERARCHY - Various methods for implementing keystream hierarchy in a distributed memory environment are provided. One example method may comprise causing a generated keystream to be accessed on a memory device, wherein the keystream was generated in an instance in which the memory device was in radio communications range. One example method may further comprise determining a session key based on the generated keystream and a modified keystream. In some example embodiments, the modified keystream is created by the memory device based on the generated keystream and a keystream received by the memory device from a second device. One example method may further comprise causing communications data to be transmitted to the memory device or to the second device. In some example embodiments, the communications data is protected using at least a portion of the session key and is intended for the second device.06-13-2013
20130148806System and Method for Second Factor Authentication - As individuals increasingly engage in different types of transactions they face a growing threat from, possibly among other things, identity theft, financial fraud, information misuse, etc. and the serious consequences or repercussions of same. Leveraging the ubiquitous nature of wireless devices and the popularity of (Short Message Service, Multimedia Message Service, etc.) messaging, an infrastructure that enhances the security of the different types of transactions within which a wireless device user may participate through a Second Factor Authentication facility. The infrastructure may optionally leverage the capabilities of a centrally-located Messaging Inter-Carrier Vendor.06-13-2013
20120275598METHOD AND APPARATUS FOR PROVIDING SERVICE PROVIDER-CONTROLLED COMMUNICATION SECURITY - An approach is provided for service provider controlled communication security. A security platform receives a connection request from a client device. The security platform determines context information associated with the device, access network, a user of the device, or a combination thereof, and then processes and/or facilitates a processing of the context information to determine one or more encryption ciphers to offer for the session. Next, the security platform causes, at least in part, establishment of the connection request using, at least in part, the one of the offered encryption ciphers.11-01-2012
20100303233PACKET TRANSMITTING AND RECEIVING APPARATUS AND PACKET TRANSMITTING AND RECEIVING METHOD - When being triggered by a call setting request that has been made, dummy information that is different from information to be transmitted and is information used for creating a path on which encrypted communication is to be performed is generated. The path on which the encrypted communication is to be performed is established by using the generated dummy information. A responding process of responding to the call setting request is performed after the path on which the encrypted communication is to be performed has been established. Thus, in the case where information that is obtained after the responding process of responding to the call setting request is encrypted and transmitted, it is possible to transmit the information while maintaining the real-time characteristics of the information to be transmitted.12-02-2010
20080298587Apparatus and method for secure, user-friendly deployment of information - A method of securely deploying information to a device includes placing a device into a shielded structure and exchanging timing messages between a keying device located inside the shielded structure and a beacon located outside of the shielded structure. The shielded structure is closed. The exchange of timing messages is terminated, and upon termination, the keying device transfers the information via one or more shielded messages to the device, and the beacon jams the frequency at which the shielded messages are transferred. The shielded structure is opened, and the keying device and beacon exchange messages to verify the secure deployment of the information.12-04-2008
20100316218PERSONAL INFORMATION MANAGING DEVICE FOR FALSIFICATION PREVENTION OF PERSONAL INFORMATION AND NON REPUDIATION OF PERSONAL INFORMATION CIRCULATION - Falsification and repudiation of personal information ransmitted/received for circulation cannot be prevented when there is no trusted third party. A personal information managing device issues a personal information registration certificate corresponding 1:1 to personal information and sends the certificate to a service providing device through a user terminal. When personal information is transmitted/received, the user terminal and the service providing device check the relationship between the certificate and the personal information, thus the user terminal and the personal information receiving device can confirm whether or not the personal information has been falsified. When the personal information is transmitted/received, the personal information is always encrypted. After the encrypted personal information is transmitted/received, the decryption key is transmitted/received. By using the transmission/reception of the decryption key between the personal information managing device and the service providing device as a personal information reception confirmation message, repudiation of personal information transmission/reception can be prevented.12-16-2010
20130156188PROXY-BASED ENCRYPTION METHOD, PROXY-BASED DECRYPTION METHOD, NETWORK EQUIPMENT, NETWORK DEVICE AND SYSTEM - A proxy-based encryption method includes generating, according to a private key of a sending end and a public key of a receiving end, proxy keys that correspond to at least two proxy servers, respectively. The number of the proxy keys is equal to the number of the proxy servers. The method further includes sending encrypted ciphertexts and the proxy keys that correspond to the at least two proxy servers respectively to the at least two proxy servers, respectively, so that the at least two proxy servers re-encrypt the encrypted ciphertexts according to the corresponding proxy keys.06-20-2013
20130156189Terminating SSL connections without locally-accessible private keys - An Internet infrastructure delivery platform (e.g., operated by a service provider) provides an RSA proxy “service” as an enhancement to the SSL protocol that off-loads the decryption of the encrypted pre-master secret (ePMS) to an external server. Using this service, instead of decrypting the ePMS “locally,” the SSL server proxies (forwards) the ePMS to an RSA proxy server component and receives, in response, the decrypted pre-master secret. In this manner, the decryption key does not need to be stored in association with the SSL server.06-20-2013
20130182842SYSTEM AND METHOD FOR KEY SPACE DIVISION AND SUB-KEY DERIVATION FOR MIXED MEDIA DIGITAL RIGHTS MANAGEMENT CONTENT - Disclosed herein are systems, methods, and non-transitory computer-readable storage media for key space division and sub-key derivation for mixed media digital rights management content and secure digital asset distribution. A system practicing the exemplary method derives a set of family keys from a master key associated with an encrypted media asset using a one-way function, wherein each family key is uniquely associated with a respective client platform type, wherein the master key is received from a server account database, and identifies a client platform type for a client device and a corresponding family key from the set of family keys. The system encrypts an encrypted media asset with the corresponding family key to yield a platform-specific encrypted media asset, and transmits the platform-specific encrypted media asset to the client device. Thus, different client devices receive device-specific encrypted assets which can be all derived based on the same master key.07-18-2013
20130182843System and Method of Lawful Access to Secure Communications - The present disclosure relates to systems and methods for secure communications. In some aspects, one or more values used to generate an encryption key used to encrypt a packet are stored in a header of the packet. The packet is transmitted with the encrypted data portion in a communication. In some aspects, one or more values used to generate an encryption key are received. The encryption key is regenerated using the one or more values.07-18-2013
20110305334Transmission/Reception System, Transmission Device, Reception Device, Authentication Device, User Device, Method Executed by the Aforementioned, and Program - An encryption technique in which a transmission device and a reception device use solutions generated such that those generated in the same order are assumed to be the same is improved so as to enhance versatility without undermining security. An initial solution respectively used by two communication devices involved in communication in order to generate solutions is sent from one communicating device to the other. Both communication devices generate a mutually agreed-upon number of solutions from the initial solution and set the last solution among the generated solutions as a new initial solution, and using solutions generated based on the new initial solution, the transmission device performs encryption while the reception device performs decryption.12-15-2011
20110311049Information Theoretic Security Mechanisms Using a Time-Varying Key - In one exemplary embodiment, a method includes: storing a key on a storage medium of a first apparatus, where a value of the key varies over time, where the key is configured to enable decryption of encrypted information; and sending a plurality of communications from the first apparatus to a second apparatus, where each communication comprises at least one portion of the key, where no single communication comprises an entirety of the key. In further exemplary embodiments, the encrypted information is encrypted in accordance with a threshold-based encryption scheme having a threshold such that the encrypted information is configured to be decrypted only if a decryptor is in possession of sufficient accurate portions of the key as compared to the threshold.12-22-2011
20130195271COMMUNICATION DEVICE AND COMMUNICATION METHOD - A communication device for performing communication by employing first and second communication units, includes: a reception unit for receiving a communication packet including a random number generated for every connection with another communication device, a certificate calculated with the random number, and authentication method information indicating whether or not an authentication method at the second communication unit is compatible with the public key system, through the first communication unit; and a method determining unit for determining whether or not an originator of the communication packet accepts public key encryption based on the authentication method information included in the communication packet; wherein in a case of the method determining unit determining that the originator of the communication packet does not accept the public key system, the random number included in the communication packet is replied to the originator as the identification information of the device itself.08-01-2013
20120076300KEY INFORMATION MANAGEMENT METHOD, CONTENT TRANSMISSION METHOD, KEY INFORMATION MANAGEMENT APPARATUS, LICENSE MANAGEMENT APPARATUS, CONTENT TRANSMISSION SYSTEM, AND TERMINAL APPARATUS - The present invention aims to reliably prevent illegal use of content when the content is encrypted and transmitted with a cipher key. A content transmission method of the present invention includes: a basic key creating step of creating a basic key K03-29-2012
20120093313WHITE-BOX CRYPTOGRAPHIC SYSTEM WITH CONFIGURABLE KEY USING INTERMEDIATE DATA MODIFICATION - A white-box cryptographic system (04-19-2012
20120093312Data Transmitter with a Secure and Efficient Signature - An encryption device encrypts a first block of user data to obtain a first encryption result and encrypts a second block of user data, which follows the first block of user data, to obtain a second encryption result. The encryption device uses the first encryption result for encrypting the second block of user data. An extractor extracts a first portion of the first encryption result, the first portion being smaller than the first encryption result, and a second portion of the second encryption result, the second portion being smaller than the second encryption result. A message formatter combines the first block of user data and the first portion as a signature for the first block to produce a first transmission packet, and combines the second block of user data and the second portion as a signature for the second block to produce a second transmission packet.04-19-2012
20130208887COMMUNICATION SYSTEM - A system effective to communicate a message between two devices. A first device may include a plaintext to monoid element module effective to receive a plaintext message and apply a first function to the plaintext message to produce a first monoid element. A monoid element evaluator module may be effective to receive and insert submonoid generators into a monoid expression to produce a second monoid element in response. An encryption device module may be effective to apply a second function to the first monoid element, the second monoid element, the monoid expression, and a third monoid element to produce an encrypted plaintext message. Decryption may be performed on the encrypted plaintext message knowing the private key which includes the first function, the second function, the third monoid element and the submonoid generators list.08-15-2013
20130208888MANAGING CONTENT DISTRIBUTION IN A WIRELESS COMMUNICATIONS ENVIRONMENT - A method, system and computer program product for managing content distribution in a mobile communications environment. The communications environment includes a core network and a multitude of end-user devices. In one embodiment, the method comprises downloading content from the core network to the end-user devices; and maintaining a map between the end-user devices, the content downloaded to the end-user devices, and the locations of the end-user devices. When a first of the end-user devices requests a specified content, this map and one or more rules are used to identify a second of the end-user devices having the specified content. The first of the end-user devices fetches the specified content from this identified second of the end-user devices. In one embodiment, object location descriptors embedded in the content are rewritten when the content is downloaded to the end-user devices.08-15-2013

Patent applications in class COMMUNICATION SYSTEM USING CRYPTOGRAPHY

Patent applications in all subclasses COMMUNICATION SYSTEM USING CRYPTOGRAPHY