## Inventors list |
## Assignees list |
## Classification tree browser |
## Top 100 Inventors |
## Top 100 Assignees |

# PARTICULAR ALGORITHMIC FUNCTION ENCODING

## Subclass of:

## 380 - Cryptography

### Patent class list (only not empty are listed)

#### Deeper subclasses:

Class / Patent application number | Description | Number of patent applications / Date published |
---|---|---|

380030000 | Public key | 95 |

380029000 | NBS/DES algorithm | 61 |

Entries | ||

Document | Title | Date |
---|---|---|

20130028410 | Method and System for Conducting High Speed, Symmetric Stream Cipher Encryption - A method is provided for processing a digital information set having a plurality of information bytes. The method comprises receiving the information set, determining a set of initialization parameters, initializing a set of state variables using the set of initialization parameters, and generating a plurality of cryptors, each cryptor being a virtual dynamic array containing a monoalphabetic cipher. The method further comprises modifying the state variables and one or more of the cryptors, setting the index value for each cryptor in the plurality of cryptors; and selecting an ordered cryptor subset to be applied to an information byte. The information byte is processed using the ordered cryptor subset to produce a processed information byte. If the information byte is a plaintext byte, the processed byte is an encrypted byte, and vice versa. The actions of modifying, setting, selecting, and processing are then repeated for each remaining information byte. | 01-31-2013 |

20130028413 | Method and Device for Generating Random Wait States - A random source for generating a random number r with a bit length k, r=r | 01-31-2013 |

20120163588 | FUNCTIONAL ENCRYPTION APPLIED SYSTEM, INFORMATION OUTPUT APPARATUS, INFORMATION PROCESSING APPARATUS, ENCRYPTION PROTOCOL EXECUTION METHOD, INFORMATION OUTPUT METHOD, INFORMATION PROCESSING METHOD, PROGRAM AND RECORDING MEDIUM - An information output apparatus identifies, according to a rule established for each of functional encryption protocols or a rule established for each combination of the protocols, one or more identifiers corresponding to a particular functional encryption protocol or a combination of the particular protocols, sets a particular piece of first correspondence information corresponding to the identifier or identifiers, and outputs first information which is a ciphertext or key information of the functional encryption scheme that corresponds to the particular piece of first correspondence information. An information processing apparatus inputs the first information and second information which is key information or a ciphertext of the functional encryption scheme that corresponds to a particular piece of second correspondence information into a decryption function of the functional encryption scheme and, when the truth value of a logical formula corresponding to the combination of the particular piece of first correspondence information corresponding to the first information and the particular piece of second correspondence information corresponding to the second information is true, generates a decryption result | 06-28-2012 |

20120163581 | ELLIPTIC CURVE CRYPTOGRAHY WITH FRAGMENTED KEY PROCESSING AND METHODS FOR USE THEREWITH - A cryptography module includes a key store having a plurality of storage locations for storing a private key as k key fragments. One or more crypto-processing segments each operate based on corresponding ones of the k key fragments to process a message in accordance with elliptic curve digital signature algorithm (ECDSA) to produce a signed message. | 06-28-2012 |

20090196415 | HYBRID METHOD FOR DISTRIBUTING KEYS FOR THE DIFFUSION OF ENCRYPTED DATA - The invention relates to a method for broadcasting data in a system using a BES (A | 08-06-2009 |

20090196416 | TWEAKABLE BLOCK ENCRYPTION APPARATUS, METHOD, AND PROGRAM - A tweakable block cipher apparatus includes an input unit that receives a pair of a plaintext M and a tweak; an offset calculation unit that calculates a sum of a value (E(K, const)), which is generated by encrypting a constant plaintext (constant const) using a block cipher, and the tweak and outputs a value (G(Ksub, E(K, const)+tweak), which is generated by encrypting the result (E(K, const)+tweak) using a partial block cipher (G), as an offset; an internal encryption unit that calculates a sum of the offset and the plaintext M, encrypts the sum using the block cipher E, calculates a sum (E(K, M+offset)+offset) of the result (E(K, M+offset)) and the offset, and outputs the sum as a ciphertext (C); and an output unit that outputs the ciphertext. | 08-06-2009 |

20090196414 | Online data conversion technique - An embodiment of the invention provides an apparatus and method for online data conversion. The apparatus and method are configured to read data that is overlapped by a window in a first position in a volume, convert the data into a converted text, write the converted text into the volume, and slide the window to a second position in the volume. | 08-06-2009 |

20090074178 | Accelerating Scalar Multiplication On Elliptic Curve Cryptosystems Over Prime Fields - A method and apparatus for accelerating scalar multiplication in an elliptic curve cryptosystem (ECC) over prime fields is provided. Multiplication operations within an ECC point operation are identified and modified utilizing an equivalent point representation that inserts multiples of two. Algebraic substitutions of the multiplication operations with squaring operations and other cheaper field operations are performed. Scalar multiplication can also be protected against simple side-channel attacks balancing the number of multiplication operations and squaring operations and providing novel atomic structures to implement the ECC operation. In addition, a new coordinate system is defined to enable more effective operation of ECC to multiprocessor environments. | 03-19-2009 |

20100014656 | Cryptographic Method Comprising Secure Modular Exponentiation Against Hidden-Channel Attacks, Cryptoprocessor for Implementing the Method and Associated Chip Card - A cryptographic method carries out a modular exponentiation of the type C=A | 01-21-2010 |

20090046850 | GENERAL DATA HIDING FRAMEWORK USING PARITY FOR MINIMAL SWITCHING - A framework is provided for reducing the number of locations modified when hiding data, such as a digital watermark, in binary data. The framework complements data hiding techniques, such as digital watermarking techniques. After determining potential embedding locations according to an underlying technique, a data structure is created with values associated with those locations. A parity calculation is performed on the values in the data structure. The calculated parity is compared with hidden data to determine locations for modifications. Manipulations are then performed to reduce the total number of modifications needed to represent the hidden data. Modifications are made to the binary data according to the underlying technique. During decoding of the hidden data, the same locations can be determined, the same data structure can be created with the modified values, and a parity calculation is then performed to decode the hidden data. | 02-19-2009 |

20130028412 | METHOD OF COUNTER-MEASURING AGAINST SIDE-CHANNEL ATTACKS - According to the present invention there is provided a method of counter-measuring against side channel attacks, the method comprising executing a block-cipher algorithm to mask intermediate variables, wherein the block-cipher algorithm comprises one or more non-linear functions, characterised in that at least one of the non-linear functions is implemented using a match-in-place function. | 01-31-2013 |

20130028411 | Simple Group Security for Machine-to-Machine Networking (SGSM2M) - A group identity for a set of devices is generated by acquiring an identity for each one of the devices and joining the identities into a common identity data set. A group identity for the set of devices is created by performing a hash function on the common identity set and using a resulting hash value as the group identity. A group identity for a set of devices is verified by acquiring a first group identity from a trusted party. An identity is acquired from each device in the set and the identities are joined into a common identity data set and a second group identity is created for the set of devices by performing a hash function on the common identity data set. A determination is made whether there is a match between the first group identity and the second group identity. | 01-31-2013 |

20110194686 | Method of encrypting and transmitting data and system for transmitting encrypted data - A method of encrypting and transmitting data and a system for transmitting encrypted data. The method includes one or more different encryption algorithms, and may include employing different encryption algorithms to achieve multiple levels of encryption. A first encryption algorithm is based upon multiple rearrangements of bits representing data to obtain encoded data. A second encryption algorithm is based upon performing multiple XOR operations on bits representing data so that each data word is at least encoded with previous data words. The system comprises first and second computers and a plurality of communication parameters. The two computers are communicably connected to a network, and the second computer is adapted to route a transmission to the first computer. The transmission includes a data part and a header part, both of which are encrypted by the second computer utilizing the communication parameters. The first computer decrypts the transmission utilizing the communication parameters. | 08-11-2011 |

20090122979 | METHOD AND APPARATUS FOR PROTECTING PATTERN RECOGNITION DATA - Provided is a data protection technique that converts original data into a secure form so that even if data registered to a system or database is leaked, information relating to original data cannot be exposed from the leaked data. Accordingly, a method of generating a template for protecting data is provided, wherein the method includes: generating a positive numbered (n) registration feature vector g (g=[g | 05-14-2009 |

20090122978 | METHOD AND SYSTEM FOR OBFUSCATING A CRYPTOGRAPHIC FUNCTION - In a system | 05-14-2009 |

20080292097 | SYSTEM AND METHOD FOR TEXT-BASED ENCRYPTION - A system, method, and computer program for text-based encryption, comprising accessing a text file with a plurality of lines of text characters; re-sequencing each of said text characters; translating a base representation for each of said text character by an offset of a base value so that a resulting translated character is printable; inserting a plurality of characters between each of said translated text characters on each of said line to form a random character string; inserting a plurality of random numbers of random characters before and after said random character string to output to a resultant file; and including a translated seed with said resultant file and appropriate means and computer-readable instructions. | 11-27-2008 |

20100074437 | IMAGE PROCESSING SYSTEM, PROGRAM AND METHOD - Provided is an image processing system capable of simply executing image processing for encryption and decryption without causing a user to perform a time-consuming operation of generating a processing target image, the system including: a rendering information input accepting unit | 03-25-2010 |

20100074436 | Method, apparatus and computer program support for regular recording of a positive integer - A regular method for recoding a positive integer n in which an integer s smaller than n is chosen for defining an integer n′=n−s whose m-ary representation is added digit-wise to the m-ary representation of s to yield a recoded representation of n, for some integer m. Also provided are a device and a computer program product. An advantage of the present method is that it is regular. | 03-25-2010 |

20130039486 | CRYPTOGRAPHIC PROCESSING DEVICE AND CRYPTOGRAPHIC PROCESSING METHOD - A cryptographic processing device includes a private key storage unit which stores a private key d for elliptic curve cryptography, a random number generation unit which generates a b-bit random value s, and a processing unit. A bit string D is the private key d or a bit string obtained by modifying the private key d in such a way that a value of a most significant bit is 0, and a relation u=mk+b holds true for a length u of the bit string D, a window size k, and a positive integer m. The processing unit determines a signed k-bit window value w[i] corresponding to each i where 0≦i≦(m−1), a signed b-bit random value s[i] corresponding to each i, and a correction value g. The processing unit determines the above values under a certain constraint condition, while determining each random value s[i] to be +s or −s. | 02-14-2013 |

20130039485 | INFORMATION PROCESSING SYSTEM, REPRODUCING DEVICE, INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD, AND PROGRAM - An information processing system includes a medium storing contents for reproduction, and a reproducing device to reproduce the contents. The reproducing device obtains a device certificate and transmits the device certificate to the medium. The device certificate includes the reproducing device's type information, and the medium encodes a media ID for identifying the medium according to an encoding algorithm selected according to the reproducing device's type information. The encoded media ID is transmitted to the reproducing device, which decodes the encoded media ID according to a decoding algorithm corresponding to the device type of the reproducing device, and decrypts and reproduces data to which the obtained media ID is applied. | 02-14-2013 |

20130039484 | VERIFICATION METHOD AND SYSTEM - The present disclosure relates to a verification method and system. The method comprises: applying an encryption algorithm to a secret information so as to generate at least two images; transmitting a first image of the at least two images to a first device; and aligning and overlaying a second image of the at least two images with the first image during the proceeding of a verification process for recovering and revealing the secret information. | 02-14-2013 |

20100046744 | Methods and Devices Responsive to Ambient Audio - A portable device uses a microphone to listen to ambient audio, derives data from captured audio signals, and uses the derived data to request delivery of the audio or related information to the user's home or other location. The device is desirably pocket-sized, or suitable for carrying on a key-ring. The device may also detect a watermark signal that is present in the user's environment (e.g., played through a public address speaker system) to aid the user in recalling the context from which the audio was requested. | 02-25-2010 |

20100046743 | APPARATUS FOR PERFORMING DATA COMPRESSION PROCESSING USING ALGEBRAIC TORUS - A compressing unit compresses an element on an algebraic torus into affine representation according to a compression map. A determining unit determines whether a target element on the algebraic torus to be compressed is an exceptional point representing an element on the algebraic torus that cannot be compressed by the compression map. The compressing unit generates, when it is determined that the target element is the exceptional point, a processing result including exceptional information indicating that the target element is the exceptional point, and generates, when it is determined that the target element is not the exceptional point, a processing result including affine representation obtained by compressing the target element according to the compression map. | 02-25-2010 |

20100046742 | APPARATUS AND COMPUTER PROGRAM PRODUCT FOR PERFORMING DATA COMPRESSION PROCESSING USING ALGEBRAIC TORUS - An encryption processing unit executes an arithmetic operation decided in advance and outputs an arithmetic result as an element on an algebraic torus. A compressing unit outputs, when the arithmetic result is an exceptional point representing an element on the algebraic torus that cannot be compressed by a compression map for compressing an element on the algebraic torus into affine representation, a compression result obtained by compressing the arithmetic result according to the compression map and outputs, when the arithmetic result is the exceptional point, an element belonging to a specific set decided in advance that does not overlap a set to which a compression result obtained by compressing the arithmetic result, which is not the exceptional point, belongs. | 02-25-2010 |

20100046741 | APPARATUS, METHOD, AND COMPUTER PROGRAM PRODUCT FOR DECRYPTING, AND APPARATUS, METHOD, AND COMPUTER PROGRAM PRODUCT FOR ENCRYPTING - An input unit inputs encrypted data that elements of a subgroup and expressed in an affine representation. A transforming unit transforms the inputted encrypted data into projective representation data expressed in a projective representation. A plain data calculating unit subjects the projective representation data to a decrypting process previously defined by a cryptosystem, thereby calculating plain data expressed in the projective representation. | 02-25-2010 |

20100046740 | EMBEDDING A SECRET IN A LARGER POLYNOMIAL - A secret polynomial is embedded in a larger polynomial. In one embodiment, the secret is represented as a secret polynomial of degree d over GF(q), q being a prime or a power of a prime. The secret polynomial is added to a product of two random pairwise coprime polynomials, using arithmetic defined on GF(q), to produce an extension polynomial of degree m that is greater than d. From the extension polynomial, n shares of the secret is generated for distribution to a plurality of cooperating entities for secret sharing. | 02-25-2010 |

20130077778 | Duo Codes for Product Authentication - Systems and methods are provided that employ two or more cryptographically linked codes. The codes, when encrypted, become cipher texts that appear unrelated. The codes described herein are characterized by a series of bits including one or more switch bits. The cipher text of a code having a switch bit in one state will appear to be unrelated to the cipher text of another code differing only in that the switch bit is in the opposite state. The cryptographically linked codes can be used in various combinations, such as on a product and its packaging, on a product and a component of the product, on a certificate packaged with the product and on the packaging, or on outer and inner packagings of the product. | 03-28-2013 |

20090110187 | METHOD AND APPARATUS FOR PROTECTING AN RSA CALCULATION ON AN OUTPUT BY MEANS OF THE CHINESE REMAINDER THEOREM - An apparatus for protecting an RSA calculation of an output based on input values by means of the Chinese remainder theorem, the apparatus comprising for a first determining device adapted to determine a first security parameter based on the input values, a computing device adapted to compute a control value based on the first security parameter and the input values, a calculating device adapted to calculate a modified input parameters based on the input values and the first security parameter, for a performing device adapted to perform the RSA calculation based on the modified input values to obtain a single modified output, and for a second determining device adapted to determine whether the single modified output is in a predetermined relation to the control value and applying a countermeasure in case the predetermined relation is not fulfilled. | 04-30-2009 |

20100098243 | METHOD OF OPERATING AN ITEM OF ON-BOARD EQUIPMENT, ASSOCIATED EQUIPMENT AND AIRCRAFT COMPRISING SUCH EQUIPMENT - The present invention relates to equipment items ( | 04-22-2010 |

20100111294 | VERIFICATION OF MOVEMENT OF ITEMS - A method, apparatus and system for verifying a route taken during movement of an RFID tag ( | 05-06-2010 |

20100111291 | SYSTEM AND A METHOD FOR GENERATING AN INTERLEAVED OUTPUT DURING A DECODING OF A DATA BLOCK - A method for generating an interleaved output during a decoding of a data block, the method includes: (i) selecting, in response to a row indicator, a row register and a multiplication factor to provide a selected row register and a selected multiplication factor; wherein the selected multiplication factor is responsive to a size of the data block; (ii) multiplying a value stored in the selected row register by the selected multiplication factor to provide an intermediate result; (iii) performing a modulo P operation on the intermediate result to provide a permutated result; wherein the permutated result and the value stored in the selected row register are adjacent elements of the same permutation; wherein P is responsive to a size of the data block; (iv) writing the permutated result to the selected row register; and (v) outputting a data block element that is selected in response to the permutated result. | 05-06-2010 |

20100322413 | ELECTRONIC DEVICE, CONTENT REPRODUCTION CONTROL METHOD, PROGRAM, STORAGE MEDIUM, AND INTEGRATED CIRCUIT - To play back a content while managing the right of use of the content, such as a total time of playback of the content, an electronic device stores right information in a right temporary storage unit | 12-23-2010 |

20100104094 | CIPHERTEXT GENERATING APPARATUS, CRYPTOGRAPHIC COMMUNICATION SYSTEM, AND GROUP PARAMETER GENERATING APPARATUS - The random number generating unit | 04-29-2010 |

20100104093 | Encryption Processing Apparatus, Encryption Processing Method, and Computer Program - A common-key blockcipher processing configuration with enhanced immunity against attacks such as saturation attacks and algebraic attacks (XSL attacks) is realized. In an encryption processing apparatus that performs common-key blockcipher processing, S-boxes serving as non-linear transformation processing parts set in round-function executing parts are configured using at least two different types of S-boxes. With this configuration, the immunity against saturation attacks can be enhanced. Also, types of S-boxes present a mixture of different types. With this configuration, the immunity against algebraic attacks (XSL attacks) can be enhanced, thereby realizing a highly secure encryption processing apparatus. | 04-29-2010 |

20100040224 | OPTICAL SECURITY SYSTEM USING FOURIER PLANE ENCODING - A method of encrypting a set of data is disclosed. The method may include encoding a set of data with a first encryption key, and transforming the set of data encoded with the first encryption key. The method may also include using a second encryption key to encode the transformation of the set of data encoded with the first encryption key. The method may also include transforming the encoded transformation of the set of data encoded with the first encryption key generating thereby and encrypted set of data. | 02-18-2010 |

20090136024 | Sharing a secret using polynomials - A method and system for distributing n shares of a secret to n computing systems, and a method and system for reconstructing the secret from k shares of the secret. In one embodiment, the method for distributing the secret comprises representing the secret as a first polynomial over GF(2). The method further comprises creating the n shares from the secret, each of the n shares including a polynomial over GF(2). The secret can be reconstructed, in one embodiment, by solving coefficients of an interpolating polynomial using k points in the k shares using modulo 2 arithmetic. | 05-28-2009 |

20120183134 | METHOD FOR MULTI-MEDIA CAPTURE, TRANSMISSION, CONVERSION, METATAGS CREATION, STORAGE AND SEARCH RETRIEVAL - This invention relates to a network interface device having a first capture device interfacing with a first external information source to capture first external information. The captured information is processed and stored in a first media, which storage is initiated at an initial time and completed at a completion time, thus providing a stored defined set of first captured information. A transmitter transmits the captured information to a remote location on a network after the completion time. A remote processing system is disposed at the remote node on the network and includes a database and a receiver for receiving the transmitted information from the transmitter as a received defined set of first captured information. A data converter converts the received information to a second format as a set of converted first captured information, the second format different than the first media format, the second format being a searchable format. | 07-19-2012 |

20130083920 | Data Converter, Data Conversion Method, and Computer Program - A data conversion algorithm achieving efficient data diffusion is achieved. For example, in a configuration where a various processes are executed on two data segments which are resultants of dividing a rectangular matrix of data containing arranged one-byte data blocks into two parts to perform data conversion, efficient data scrambling with less operation cost is achieved by executing a linear conversion process on one of the data segments, an exclusive OR operation between the two data segments, a shift process on one of the data segments, and a swap process between the two data segments. Moreover, cryptographic processing with a high security level is achieved by including nonlinear conversion or key application operation on the data segments. | 04-04-2013 |

20130083919 | ACCESS CONTROL METHOD, INFORMATION DISPLAY DEVICE USING THE SAME, AND INFORMATION DISPLAY SYSTEM - When a user carries a mobile terminal with confidential information, such as customer information, stored therein, it is required to maintain information confidentiality and to prevent an unauthorized third party from accessing the confidential information even if the mobile terminal is stolen. According to the disclosed access control method, an encryption key is generated based on a planned route and the information is encrypted. When the user accesses the information, a decryption key is generated based on the actual movement route that is regularly acquired. The encrypted information can be decrypted if the planned route and the movement route match. | 04-04-2013 |

20100091981 | Steganalysis of Suspect Media - Techniques described herein are generally related to steganalysis of suspect media. Steganalysis techniques may include receiving instances of suspect media as input for steganalytic processing. A first set of quantized blocks of data elements may be identified within the media, with this first set of blocks being eligible to be embedded with steganographic data. A second set of quantized blocks of data elements may be identified within the media, with this second set of blocks being ineligible to be embedded with steganographic data. The steganalysis techniques may requantize the first and second blocks. In turn, these techniques may compare statistics resulting from requantizing the first block with statistics resulting from requantizing the second block. The steganalysis techniques may then assess whether the first block of data elements is embedded with steganographic features based on how the statistics of the second blocks compare with the statistics of the first blocks. | 04-15-2010 |

20100067685 | ENCRYPTION DEVICE - Provided is an encryption device with enhanced function to prevent an encryption key from being decrypted by consumption current analysis, by complicating alignment of consumption current waveforms. The encryption device comprises a clock control circuit adapted to receive a clock signal and a pseudo-random number, and perform a suspend process and a resume process to the clock signal based on the pseudo-random number to generate an encryption processor clock signal; an encryption processor adapted to perform an encryption process to encryption target data in synchronization with the encryption processor clock signal; and a current control circuit adapted to obtain an arithmetic state showing an operational state of the encryption processor to adjust a consumption current amount based on the arithmetic state. | 03-18-2010 |

20090046849 | Data integrity and non-repudiation method - A method is disclosed for establishing data integrity and non-repudiation without hashing and without performing a bit to bit comparison of the message. The method includes: generating a random symmetric key for use with a symmetric encryption algorithm; generating a random sequence having a plurality of elements; separating a message into a plurality of blocks, wherein each block has a size less than or equal to the block size of the symmetric algorithm less the size of a digital signature of one of the plurality of elements; generating a signature for each of the plurality of elements; encrypting a concatenation of each of the plurality of blocks of the message with a corresponding signature, the encrypting performed with the symmetric encryption algorithm and the random symmetric key; and communicating the encrypted concatenation to a gaming device. | 02-19-2009 |

20100002873 | Cipher For Disk Encryption - Encryption is provided with additional diffusion components to construct a block cipher with a large and variable block size. The cipher incorporates an encryption system or algorithm such that the cipher is at least as secure as the encryption system or algorithm. Additional components of the cipher provide improved diffusion. This combination ensures that the cipher is at least as strong as the encryption algorithm, and at the same time it provides additional security properties due to its improved diffusion. | 01-07-2010 |

20100002871 | DEVICE PROVIDED WITH REWRITABLE CIRCUIT, UPDATING SYSTEM, UPDATING METHOD, UPDATING PROGRAM AND INTEGRATED CIRCUIT - A problem to be solved is that a conventional device is not equipped with a unit that enables efficient circuit update taking into consideration an unconfigured area in the reconfigurable circuit in the device. A data using device | 01-07-2010 |

20100002870 | PARTIAL ENCRYPTION AND FULL AUTHENTICATION OF MESSAGE BLOCKS - Methods and apparatus are presented for encrypting and authenticating data, wherein some data is encrypted and some data is not encrypted, but all of the data is authenticated. Masking modules ( | 01-07-2010 |

20090220071 | COMBINING INSTRUCTIONS INCLUDING AN INSTRUCTION THAT PERFORMS A SEQUENCE OF TRANSFORMATIONS TO ISOLATE ONE TRANSFORMATION - The Advanced Encryption Standard (AES) is a symmetric block cipher that can encrypt and decrypt information. Encryption (cipher) performs a series of transformations (Shift Rows, Substitute Bytes, Mix Columns) using the secret key (cipher key) to transforms intelligible data referred to as “plaintext” into an unintelligible form referred to as “cipher text”. The transformations (Inverse Shift Rows, Inverse Substitute Bytes, Inverse Mix Columns) in the inverse cipher (decryption) are the inverse of the transformations in the cipher. Encryption and decryption is performed efficiently through the use of instructions that perform the series of transformations. Combinations of these instructions allow the isolation of the transformations (Shift Rows, Substitute Bytes, Mix Columns, Inverse Shift Rows, Inverse Substitute Bytes, Inverse Mix Columns) to be obtained. | 09-03-2009 |

20090304179 | SYSTEM AND METHOD TO PRECLUDE MESSAGE MODIFICATION IN DATA AUTHENTICATION SYSTEMS THROUGH EFFICENT USE OF FEEDBACK IN CRYPTOGRAPHIC FUNCTIONS - A data hashing system operative to hash an incoming string of message words, thereby to generate a hash value tag comprising a deterministic random number string which uniquely identifies the incoming string, the system comprising at least first and second register arrays, at least one 1-way at least pseudo-randomizing functionality; and a set of at least first and second orthogonal feedback word stream generators operative to generate a set of at least first and second orthogonal feedback streams of message words respectively, including applying respective permutations to the incoming string, wherein the first and second feedback streams are combined into the first and second register arrays respectively, the at least pseudo-randomizing functionality accepts input from the register arrays and generates at least pseudo-random output which, in combination with a present word in the incoming string, is provided to the stream generators, and the first feedback stream is a first function of a present word in the incoming stream and the second feedback stream is a second function of a present and previous words, in the incoming stream. | 12-10-2009 |

20120219150 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING METHOD - An information processing device comprises: a non-linear transformation unit that takes a k/2-number of odd-numbered string data B | 08-30-2012 |

20120219149 | ENCRYPTION AND DECRYPTION PROCESSING METHOD, SYSTEM AND COMPUTER-ACCESSIBLE MEDIUM FOR ACHIEVING SMS4 CRYPTOGRAPHIC PROCEDURE - An encryption and decryption processing system for achieving SMS4 cryptographic procedure can be provided. The system includes a repeating encryption and decryption data processing device comprising a first constant array storing unit, a first data registering unit and a first data converting unit. The first constant array storing unit stores a first constant array and send it to N-data converting sub-units of the first data converting unit. The first data registering unit registers data, deliver the registered data to a first data converting sub-unit. The N-data converting sub-units perform a data conversion processing, and transmit the obtained conversion data to a next data converting sub-unit for subsequent processing until the data conversion processing processes are completed, a particular number of the completed processed being equal to a value of a data depth. | 08-30-2012 |

20120219148 | ENCRYPTION/DECRYPTION METHODS, AND DEVICES AND SYSTEMS USING THE SAME - An encryption/decryption device includes a control unit, an encryption/decryption unit and a verification unit. The control unit generates a start text and an encryption/decryption control signal in response to a command signal and one of an input text and an inner text according to an operational mode. The encryption/decryption unit encrypts or decrypts the start text to generate a result text in response to the encryption/decryption control signal. The verification unit provides the result text to the control unit as the inner text and generates an output text and an alarm signal based on the result text and the input text according to the operational mode, where the output text is an encrypted version of the input text or a decrypted version of the input text, and the alarm signal indicates the integrity of the output text. | 08-30-2012 |

20130058477 | INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD, AND PROGRAM - An information processing device includes a data processing unit executing decryption and playing processing of an encrypted content, with the data processing unit executing content playback propriety determination processing by applying an encrypted content signature file set in response to a content to be played; with the encrypted content signature file including a content hash list group including a hash value, and signature data for data generated from a content encryption key and the content hash list group; and with the data processing unit executing, with the content playback propriety determination processing, hash value matching processing between a hash value calculated from a content to be played, and a hash value for matching included in the content hash list group, and signature data verification processing to which the signature has been applied to perform decryption and playing processing of the encrypted content with success of both processes as a condition. | 03-07-2013 |

20130136255 | ASSESSING CRYPTOGRAPHIC ENTROPY - Systems, methods, software, and combinations thereof for evaluating entropy in a cryptography system are described. In some aspects, sample values are produced by an entropy source system. A typicality can be determined for each of the sample values. A grading is determined for preselected distributions based on the typicalities of the sample values. A subset of the preselected distributions are selected based on the gradings. An entropy of the entropy source system is calculated based on the subset of the plurality of distributions. | 05-30-2013 |

20090092246 | Calculation apparatus and encrypt and decrypt processing apparatus - A calculation apparatus capable of executing any of a first calculating process operation including a first matrix calculation, and a second calculating process operation including a second matrix calculation, includes: a first calculation unit for executing the second matrix calculation; at least one calculation unit other than the first calculation unit, for executing a matrix calculation in parallel to the first calculation unit so as to execute the first matrix calculation; and a logic circuit for performing a logic calculation with respect to a calculation result of the first calculation unit and a calculation result of the other calculation unit. Then, when a calculation result of the first matrix calculation is requested, the calculation apparatus acquires the calculation result from the logic circuit. As a result, the calculation apparatus and an encrypt/decrypt processing apparatus can commonly perform portions of the plural calculating process operations which contain the matrix calculations, and can realize high speed operation by executing portions of the matrix calculations in parallel. | 04-09-2009 |

20090092245 | Protection Against Side Channel Attacks - The invention relates to a cryptographic mechanism and to a cryptographic device incorporating such cryptographic mechanism. The cryptographic mechanism offers a better resistance to side channel attacks than that of known cryptographic mechanisms by incorporating a new type of masking mechanism. | 04-09-2009 |

20090092244 | Method and Device for Incorporating Additional Information into Main Information Through Electronic Watermarking Technique - Two data units are selected from main information, such as MIDI data, into which additional information is to be incorporated, to calculate a difference between respective values of the two data units. A particular data segment to be incorporated into one of the MIDI data units is selected from a group of data of additional information. The size of the data segment to be incorporated into one of the data units may be either one bit or two or more bits. Substitute data to replace the content of one MIDI data unit is generated on the basis of a predetermined function using, as variables, the data-related value and a value of the particular data segment, and the content of the data unit corresponding to a predetermined one of the two MIDI data units is replaced by the generated substitute data. Thus, through such an electronic watermarking technique, any desired additional information can be incorporated into the MIDI data without changing the MIDI data format. In another implementation, data of encoding information, representative of an encoding procedure, are incorporated dispersedly into particular data units belonging to a predetermined first data group of the main information, and data belonging to a predetermined second data group of the main information are encoded by the encoding procedure represented by the encoding information. | 04-09-2009 |

20110013770 | ENCRYPTING METHOD HAVING COUNTERMEASURE FUNCTION AGAINST POWER ANALYZING ATTACKS - Based on an encrypting method for performing an exponential remainder calculation y=a | 01-20-2011 |

20110013769 | ENCRYPTION APPARATUS HAVING COMMON KEY ENCRYPTION FUNCTION AND EMBEDDED APPARATUS - A common key block encryption apparatus for performing a nonlinear transformation with a multiplication executed in a binary field or a composite field includes a computing unit to execute a computation other than the nonlinear transformation with fixed value masked input data obtained by XORing input data with a fixed mask value, an XOR operation circuit to transform all input data into fixed value masked input data by XORing the input data with a fixed mask value and to transform the data into random value masked input data by XORing the input data with a random mask value in the multiplication, a multiplier to execute a multiplication based on the random value masked input data output from the XOR operation circuit, and a random value mask-to-fixed mask value transformation circuit to again transform the random value masked output data into fixed value masked output data and to output the data. | 01-20-2011 |

20110013768 | SYSTEM AND METHOD FOR REDUCING THE COMPUTATION AND STORAGE REQUIREMENTS FOR A MONTGOMERY-STYLE REDUCTION - A system and method are described that provide an alternative way in which to produce a Montgomery reduction from below by storing a new precomputed value used to substantially replace the μ and n values used in Montgomery reduction with a single value. By modifying the Montgomery reduction mechanism in this way, the number of multiplications and registers required to effect the Montgomery reduction can be reduced. To avoid having to store both μ and n, a modified reduction value or a logical shift or signed version of such a value can be used in place of μ and n for the bulk of the low-order reduction. | 01-20-2011 |

20110013767 | MASKING METHOD OF DEFENDING DIFFERENTIAL POWER ANALYSIS ATTACK IN SEED ENCRYPTION ALGORITHM - A plurality of S-boxes is masked by one masking inverse table. Therefore, the computation cost and the use amount of the RAM necessary for masking at the time of a masking operation for defending a differential power analysis attack in a SEED encryption algorithm can be effectively reduced. | 01-20-2011 |

20110064214 | Methods and Apparatus in Alternate Finite Field Based Coders and Decoders - Methods and apparatus for coding and decoding n-state symbols with n≧2 and n>2 and n>3 and n>4 are provided wherein at least one implementation of an addition over an alternate finite field GF(n) and an inverter defined by a multiplication over the alternate finite field GF(n) are provided. Encoders and decoders implementing a single n-state truth table that is a truth table of an addition over an alternate finite field GF(n) modified in accordance with at least one inverter defined by a multiplication over the alternate finite field GF(n) are also provided. Encoders include scramblers, Linear Feedback Shift Register (LFSR) based encoders, sequence generator based encoders, block coders, streaming cipher encoders, transposition encoders, hopping rule encoders, Feistel network based encoders, check symbol based encoders, Hamming coder, error correcting encoders, encipherment encoders, Elliptic Curve Coding encoders and all corresponding decoders. Systems applying encoders and decoders also are provided. | 03-17-2011 |

20090296923 | Signature generation apparatus and signature verification apparatus - A signature generation apparatus generates a signature for a message m from the i-th user, and computes any two or three of a[1] | 12-03-2009 |

20080273694 | Combining Interleaving with Fixed-Sequence Windowing in an Elliptic Curve Scalar Multiplication - An Elliptic Curve scalar multiplication product involving a scalar and a base point is determined in a manner that acts as a countermeasure to side channel attacks. A key splitting strategy called Additive Splitting Using Division involves selecting a random integer and determining an integer quotient and a remainder by dividing the scalar by the random integer. The product may then be expressed as a sum of scalar multiplications, which may be evaluated using a combination of a fixed-sequence window method with the known Interleaving method. When the integer quotient and remainder are odd, major collisions may be avoided when determining the product. Accordingly, the random integer that determines whether the integer quotient and remainder are odd may be subject to some control. | 11-06-2008 |

20090268900 | SIGNED MONTGOMERY ARITHMETIC - A system and method configured for applying Montgomery style reduction directly to negative quantities as well as positive values, producing the new form which does not require conditional operations to move values into the positive range. The low-order components of the resulting product, or partially completed product, can be reduced either by the addition of multiples of the modulus, as is usual in the standard Montgomery multiplication which accepts positive values, or by subtracting multiples of the modulus, which of course depends on the actual computation. Signed versions of the Montgomery values in a Montgomery computation are used to avoid the conditional addition and subtraction that can leak information, for example, using a two's complement representation. | 10-29-2009 |

20130188789 | METHOD AND APPARATUS FOR GENERATING AN ADVANCED ENCRYPTION STANDARD (AES) KEY SCHEDULE - An Advanced Encryption Standard (AES) key generation assist instruction is provided. The AES key generation assist instruction assists in generating round keys used to perform AES encryption and decryption operations. The AES key generation instruction operates independent of the size of the cipher key and performs key generation operations in parallel on four 32-bit words thereby increasing the speed at which the round keys are generated. This instruction is easy to use in software. Hardware implementation of this instruction removes potential threats of software (cache access based) side channel attacks on this part of the AES algorithm. | 07-25-2013 |

20090238361 | IMAGE ENCRYPTION APPARATUS AND IMAGE DECRYPTION APPARATUS - In an image encryption apparatus, an input processor inputs data of an input image. An encryptor encrypts a part or whole of the data of the input image. A marker generator generates data of a marker indicating an encrypted area. An image saver saves data of a marker-covered image covered with the marker. A marker sticker sticks the marker. An output processor outputs an encrypted image. In an image decryption apparatus, an input processor inputs data of an input image. A marker detector detects a marker and identifies an encrypted area. A decryptor decrypts data in the encrypted area. An image restorer restores data in an area covered with the marker by sticking data of a marker-covered image. An output processor outputs data of a decrypted image. | 09-24-2009 |

20090238360 | EXPONENTIATION LADDER FOR CRYPTOGRAPHY - Method and apparatus for data security using exponentiation. This is suitable for public key cryptography authentication and other data security applications using a one-way function. A type of exponentiation is disclosed here where the bits of an exponent value expressed in binary form correspond to a course (path) in a given graph defining the one-way function. This uses an approach called here F sequences. Each value is in a ladder of a sequence of values, as defined from its predecessor values. This ladder satisfies certain algebraic identities and is readily calculated by a computer program or logic circuitry. | 09-24-2009 |

20090010425 | ENCRYPTION/DECRYPTION DEVICE, ENCRYPTION/DECRYPTION DEVICE MANUFACTURING DEVICE, AND METHOD, AND COMPUTER PROGRAM - A Feistel type common key block cipher process configuration capable of maintaining the involution property and safety and easily changing the number of rounds is realized. The Feistel type cipher process configuration having an SP type F function which includes a nonlinear conversion section and a linear conversion section configures an n-round basic unit which has a matrix arrangement satisfying involution property and ODM-MR or SDM-MR which is a preset F function arrangement condition. For this unit, an F function satisfying the arrangement condition of the F function is selected and added or a plurality of basic units are connected so as to constitute the Feistel cipher configuration having an increased number of rounds having the arrangement satisfying the involution property and the ODM-MR or the SDM-MR. | 01-08-2009 |

20090010424 | System and Methods for Side-Channel Attack Prevention - A side channel attack utilizes information gained from the physical implementation of a cryptosystem. Software and hardware-based systems and methods for preventing side channel attacks are presented. Cryptographic hardware may introduce dummy operations to compensate for conditional math operations in certain functions such as modular exponentiation. Cryptographic hardware may also introduce random stalls of the data path to introduce alterations in the power profile for the operation. A cryptographic function may be mapped to a micro code sequence having a plurality of instructions. Firmware in the cryptosystem may alter the micro code sequence by altering the order of instructions, add dummy operations in the micro code sequence, break the micro code sequence into multiple sub micro code sequences and/or change the register location for source and destination operands used in the sequence. These alterations are designed to randomly change the timing and power profile of the requested function. | 01-08-2009 |

20120114116 | APPARATUS AND METHOD FOR STORING ELECTRONIC RECEIPTS ON A UNIFIED CARD - A Unified Card system allows customers to store receipts on a Unified Card when making purchases from different retailer merchants. The customer purchases goods or services and the receipt is recorded electronically onto a single Unified Card. This eliminates the need for paper receipts. The user can then use the Unified Card to make returns or exchanges or as proof of purchase. Unified Card readers can be located at Kiosks as part of a home based system that works with the user's home computer. | 05-10-2012 |

20120237022 | SENSOR WITH SIGNATURE OF DATA RELATING TO SENSOR - A sensor has codes useful for a monitor which can be authenticated as accurate. The sensor produces a signal corresponding to a measured physiological characteristic and provides codes which can be assured of being accurate and authentic when used by a monitor. A memory associated with the sensor stores both data relating to the sensor and a digital signature. The digital signature authenticates the quality of the code by ensuring it was generated by an entity having predetermined quality controls, and ensure the code is accurate. | 09-20-2012 |

20130163751 | Method for Determining the Cofactor of an Elliptic Curve, Corresponding Electronic Component and Computer Program Product - A method and apparatus are proposed for cryptographic computations implemented in an electronic component. The method includes determining the cofactor of an elliptic curve E defined over a finite field F | 06-27-2013 |

20110033041 | INDEX-BASED CODING WITH A PSEUDO-RANDOM SOURCE - Outputs from at least one pseudo-random source are used to encode hidden value. The hidden value is encoded using index based quantities, for example, based on numerically ordering a sequence of outputs from pseudo-random source(s). In some examples, the numerical ordering of re-generated device-specific quantities is used to re-generate the hidden value, without necessarily requiring additional error correction mechanisms. Information leak may be reduced by constructing system whose “syndrome” helper bits are random, as measured, for example, by NIST's Statistical Tests for Randomness In some examples, index based coding provides coding gain that exponentially reduces total error correction code complexity, resulting in efficiently realizable PRS-based key generation systems. In some examples, index based coding allows noisy PRS to be robust across conditions where conventional error correction code cannot error correct. | 02-10-2011 |

20110033040 | IMAGE PROCESSING APPARATUS AND CONTROL METHOD THEREOF - An image processing apparatus includes a determination unit configured to determine whether secret information that should not be transmitted to a web server is contained in an HTML file provided by a web server. A web browser does not transmit the secret information determined by the determination unit to the web server. A job control unit executes a device function using the secret information that is not transmitted to the web server according to determination by the determination unit. | 02-10-2011 |

20100054459 | SYSTEM AND METHOD FOR MODULUS OBFUSCATION - Disclosed herein are methods for obfuscating data on a client, on a server, and on a client and a server. The method on a client device includes receiving input data, storing an operation value in a secure location, performing a modulus obfuscation on the operation value, performing a modulus operation on the operation value and the input data, performing a modulus transformation on the operation value and the input data to obtain client output data, and checking if the client output data matches corresponding server output data. The method on a server device includes receiving input data, performing a modulus transformation on the input data to obtain a result, performing a plain operation on the result and an operation value to obtain server output data, and checking if the server output data matches corresponding client output data from a client device that (1) receives input data, (2) stores an operation value in a secure location, (3) performs a modulus obfuscation on the operation value, (4) performs a modulus operation on the operation value and the input data, and (5) performs a modulus transformation on the operation value and the input data to obtain client output data. In an optional step applicable to both clients and servers, the method further includes authenticating the client input data and the server input data if the server output data matches the client output data. In one aspect, server input data and client input data pertain to a cryptographic key. | 03-04-2010 |

20110069833 | EFFICIENT NEAR-DUPLICATE DATA IDENTIFICATION AND ORDERING VIA ATTRIBUTE WEIGHTING AND LEARNING - A method to efficiently detect, and thus store, approximately duplicate or most likely duplicate files or data sets that will benefit from differencing technology rather than standard compression technology. During archive creation or modification, sets of most likely files are detected and a reduced number of transformed file segments are stored in whole. During archive expansion, one or more files are recreated from each full or partial copy. | 03-24-2011 |

20110261956 | Simultaneous Scalar Multiplication Method - In computing point multiples in elliptic curve schemes (e.g. kP and sQ) separately using, for example, Montgomery's method for the purpose of combining kP+sQ, several operations are repeated in computing kP and sQ individually, that could be executed at the same time. A simultaneous scalar multiplication method is provided that reduces the overall number of doubling and addition operations thereby providing an efficient method for multiple scalar multiplication. The elements in the pairs for P and Q method are combined into a single pair, and the bits in k and s are evaluated at each step as bit pairs. When the bits in k and s are equal, only one doubling operation and one addition operation are needed to compute the current pair, and when the bits in k and s are not equal, only one doubling operation is needed and two addition operations. | 10-27-2011 |

20110280395 | IMAGE ENCRYPTION DEVICE, IMAGE DECRYPTION DEVICE AND METHODS - Constraints are added to the size of an encryption area at the time of encryption processing. For example, if the respective number of horizontal and vertical divided blocks is divided by a predetermined positive integer, the size of the encryption area is limited such that the remaining is a certain number of 0 (namely, a multiple of the predetermined positive integer to the respective number of blocks) or 1 or more. Block positions in the encryption area are detected according to the constraints of the number of blocks of an encryption image as the decryption processing corresponding to the encryption processing. Because the number of horizontal and vertical blocks is previously limited at the time of the encryption, the possibility of the number of blocks to be considered in the detection of the block positions is reduced, resulting in improved decryption accuracy. | 11-17-2011 |

20110280394 | Format-Preserving Encryption Via Rotating Block Encryption - Methods and systems are described for format-preserving encryption. Format-preserving encryption on an entire format F may be achieved by performing format-preserving encryption on one or more subsets of F and then applying one or more permutation rounds in such a way that all elements of F enter a subset to be encrypted. A predetermined number of encryption rounds and a predetermined number of permutation rounds may be interleaved until all elements are thoroughly mixed. The resultant output data may be saved in a database in the same format as the original input data, meet all constraints of the database, and pass all validity checks applied by software supporting the database. | 11-17-2011 |

20090028324 | METHOD AND SYSTEM FOR PROVIDING SCRAMBLED CODED MULTIPLE ACCESS (SCMA) - A multiple access scheme is described. A first bit stream is scrambled from a first terminal according to a first scrambling signature. A second bit stream is scrambled from a second terminal according to a second scrambling signature, wherein the first bit stream and the second bit stream are encoded using a low rate code. The first scrambling signature and the second scrambling signature are assigned, respectively, to the first terminal and the second terminal to provide a multiple access scheme. | 01-29-2009 |

20080317242 | DATA SCRAMBLING AND ENCRYPTION OF DATABASE TABLES - An apparatus, program product and method protect data in a database table from unauthorized access through the combination of scrambling the data in the rows and columns of a database table and encrypting the data in different rows and/or columns using different encryption keys. A complementary descrambling and decryption process may then be used by an authorized party to recover the data stored in the scrambled and encrypted table. | 12-25-2008 |

20100266120 | DISPERSED DATA STORAGE SYSTEM DATA ENCRYPTION AND ENCODING - A computing system securely stores data to a dispersed data storage system. The computing system includes a processing module and a plurality of storage units. The processing module includes an encryptor and error encoder to encrypt and encode the data for dispersal utilizing a write command to the storage units. The storage units store the encrypted and encoded data when receiving the write command and the encrypted and encoded data. | 10-21-2010 |

20090003589 | Native Composite-Field AES Encryption/Decryption Accelerator Circuit - A system comprises reception of input data of a Galois field GF(2 | 01-01-2009 |

20090310776 | INFORMATION CONCEALMENT METHOD AND INFORMATION CONCEALMENT DEVICE - An information concealment method comprising: a splitting step to split information into an encryption segment to be encrypted and a non-encryption segment not to be encrypted according to a predetermined rule; an encryption step of encrypting the encryption segment; a control table generating step of generating a control table for indicating one of a location of the encryption segment and/or a location of the non-encryption segment of the information; and an organization step of coupling or associating the information, in which the encryption segment has been encrypted, with the control table and a device for performing the method are provided. | 12-17-2009 |

20110142227 | METHOD AND APPARATUS FOR ENCODING DATA AND METHOD AND APPARATUS FOR DECODING DATA - A method and apparatus for encoding data, and a method and apparatus for decoding data. The method of encoding data including generating first encoded data by encoding input data, dividing the first encoded data into a plurality of segments, and generating second encoded data by combining the plurality of segments and dummy data. | 06-16-2011 |

20090202065 | Scrambler, scramble processing method, and program - A multiplication value decision unit ( | 08-13-2009 |

20120099725 | METHOD OF GENERATING ID WITH GUARANTEED VALIDITY, AND VALIDITY LEGITIMACY GUARANTYING RFID TAG - A portion of a digital signature value for authenticating the validity of ID information is also used as an ID so as to reduce the amount of data. This is achieved by using a digital signature scheme with a short signature length obtained by transforming a Schnorr signature, which is a typical example of a digital signature scheme. | 04-26-2012 |

20110299678 | SECURE MEANS FOR GENERATING A SPECIFIC KEY FROM UNRELATED PARAMETERS - A technique and method for improving the security of the usage of a key in devices or systems with modes of operation that must be secured whereby the key has multiple fields with timing information that must be matched to transitions of a randomly generated clock, the randomly generated clock derived from a fixed frequency clock, whereby tampering of the fixed frequency clock will result in detection of the security attack and exit from the secure mode of operation. | 12-08-2011 |

20110293088 | METHOD OF DETERMINING A REPRESENTATION OF A PRODUCT, METHOD OF EVALUATING A FUNCTION AND ASSOCIATED DEVICES - A representation is determined of the product of first and second elements of a finite set with cardinality strictly greater than two and in which are defined an addition and a multiplication that is commutative and distributive with respect to that addition. For each pair formed by a first integer included between 1 and d and a second integer strictly greater than the first integer, obtaining a value by element of the sub-steps: picking a random value associated with the pair, performing a first addition of the random value and of the product of the first value associated with the first integer and of the second value associated with the second integer, performing a second addition of the result of the first addition and of the product of the first value associated with the second integer and of the second value associated with the first integer; and for each integer included between 1 and d, determining the value associated with the integer concerned in the representation by summing the product of the first and second values associated with the integer concerned, the random values associated with the pairs of which the first integer is the integer concerned and the values obtained for the pairs of which the second integer is the integer concerned. | 12-01-2011 |

20100046739 | SHARING A SECRET USING POLYNOMIAL DIVISION OVER GF(Q) - A method and system for distributing a secret are described. In one embodiment, the secret is represented by a secret polynomial of degree d over GF(q) constructed with a prime or a power of a prime. The secret polynomial is then embedded into an extension polynomial of degree m that is greater than d. The extension polynomial is divided by n coprime divisor polynomials over GF(q), using arithmetic defined for polynomials over GF(q), to generate n shares of the secret. Each share includes one of the divisor polynomials and a corresponding remainder. These n shares are distributed among a plurality of cooperating entities for secret sharing. | 02-25-2010 |

20110293087 | DATA ENCRYPTION DEVICE AND CONTROL METHOD THEREOF - In an encryption device, in a case where predetermined first data is input, the first data is converted into second data that is data decrypted from the first data and, in a case where the second data is input, the second data is converted into the first data, and the converted data is encrypted to be output to a storage unit. | 12-01-2011 |

20080247539 | Method and system for secure data aggregation in wireless sensor networks - A method for transmitting sensed data in a wireless sensor network including multiple sensors, includes: encrypting the sensed data with an encryption key and a verification key to generate encrypted data in each of the multiple sensors that senses data; wirelessly receiving the encrypted data from the multiple sensors; determining that the sensed data from one of the multiple sensors is different from the sensed data from others of the multiple sensors without decrypting the encrypted data; and transmitting the encrypted sensed data determined to be different. | 10-09-2008 |

20090279691 | SECURE DISTRIBUTION OF DATA OR CONTENT USING KEYLESS TRANSFORMATION - A computer enabled method and apparatus for encrypting and decrypting data using a keyless transformation cryptographic technique. Data is protected using a keyless (unkeyed) complex mathematical transformation, in contrast to a traditional cryptographic algorithm using a secret key. This approach is resistant to both static analysis (hacking) performed on executable encryption/decryption code, as well as dynamic analysis performed during execution (runtime) of ciphering or deciphering. The method uses a family of asymmetric data transformations based on Galois field polynomials. | 11-12-2009 |

20080279368 | Low-Latency Method And Apparatus Of Ghash Operation For Authenticated Encryption Galois Counter Mode - Disclosed is a low-latency method and apparatus of GHASH operation for authenticated encryption Galois Counter Mode (GCM), which simultaneously computes three interim values respectively yielded from the additional authenticated data A, the ciphertext C, and the hash key H defined in the GCM. Then, the output of the GHASH operation may be derived. Therefore, supposing that A has m blocks and C has n blocks, then this invention performs the GHASH operation with max{m,n}+1 steps. The input order for the additional authenticated data A and the ciphertext C may be independent. A disordered sequence for the additional authenticated data A and the ciphertext C may also be accepted by this invention. This allows the applications in GCM be more flexible. | 11-13-2008 |

20090161863 | HARDWARE IMPLEMENTATION OF THE SECURE HASH STANDARD - An integrated circuit for implementing the secure hash algorithm is provided, According to one aspect of the integrated circuit, the integrated circuit includes a data path and a controller controlling operation of the data path. According to another aspect of the integrated circuit, the data path is capable of handling each round of processing reiteratively. The controller flirter includes an address control module and a finite state machine. | 06-25-2009 |

20100232597 | ENCRYPTION AND DECRYPTION PROCESSING METHOD, SYSTEM AND COMPUTER-ACCESSIBLE MEDIUM FOR ACHIEVING SMS4 CRYPTOGRAPHIC PROCEDURE - An encryption and decryption processing method of achieving SMS4 cryptographic algorithm and a system thereof are disclosed. Firstly, the method prepares constant arrays, inputs the external data into a data registering unit and deals with the first data conversion; secondly, deals with the second data conversion; thirdly, repeats the second data conversion, until completing all the prescribed data conversion, and then achieving the results of repeating encryption and decryption processing. | 09-16-2010 |

20100014658 | METHOD OF CUSTOMIZING A SECURITY COMPONENT, NOTABLY IN AN UNPROTECTED ENVIRONMENT - The invention relates to a method of customizing a security component in an unprotected environment. The method according to embodiments of the invention includes: inserting a first secret K | 01-21-2010 |

20100014657 | PRIVACY PRESERVING SOCIAL NETWORK ANALYSIS - A method and a system for privacy-preserving SNA. A plurality of vertices of a first subgraph of a graph is encrypted with a first key of a commutatively encryption scheme. A plurality of vertices of a second subgraph encrypted with a second key of the commutatively encryption scheme are received and encrypted commutatively with the first key. A plurality of commutatively encrypted vertices of the first subgraph and a plurality of commutatively encrypted vertices of the second subgraph are used for computing centrality metrics preserving the privacy of the graph and its structure. | 01-21-2010 |

20100266119 | DISPERSED STORAGE SECURE DATA DECODING - A method operating on a computer begins by generating a read command to read at least some of a plurality of data slices from a dispersed storage network. The method continues by receiving the at least some of the plurality of data slices. The method continues by performing a reverse information dispersal algorithm on at least some of the plurality of data slices to produce a plurality of transposed data elements. The method continues by reverse transposing the plurality of transposed data elements to recover data elements of a data segment. | 10-21-2010 |

20090245505 | MULTIPLICATION CIRCUIT AND DE/ENCRYPTION CIRCUIT UTILIZING THE SAME - A multiplication circuit generates a product of a matrix and a first scalar when in matrix mode and a product of a second scalar and a third scalar when in scalar mode. The multiplication circuit comprises a sub-product generator, an accumulator and an adder. The adder is configured to sum outputs of the accumulator to generate the product of the first scalar second scalar and the third scalar when in scalar mode. The sub-product generator generates sub-products of the matrix and the first scalar when in matrix mode and sub-products of the second scalar and the third scalar when in scalar mode. The accumulator is configured to generate the product of the matrix and the first scalar by providing save of the multiplication operation of the outputs from the sub-product generator. | 10-01-2009 |

20100158241 | Method and apparatus to perform redundant array of independent disks (RAID) operations - A method and apparatus to compute a Q syndrome for RAID 6 through the use of AES operations is provided. In an embodiment, the result of GF multiplication performed using the AES operations allows RAID-6 support to be provided without the need for a dedicated RAID controller. | 06-24-2010 |

20110268265 | DISK MEDIA SECURITY SYSTEM AND METHOD - A system and method for secure writing to a disk are disclosed for securely writing live data to the disk. A free space of the disk after the live data is written to the disk is determined. Random bits are generated for the free space. At least some of the random bits are written to the disk to fill the free space in a first part of a write process. The live data is written to the disk in a second part of the write process adapted to begin at a terminus of the free space on the disk and continue until all of the live data is written to the disk. | 11-03-2011 |

20090086962 | ENCRYPTION OPERATING APPARATUS - Valid code data and invalid code data are alternately input to a register that fetches data synchronously with a clock signal. A state of a data value input to the register is monitored. Each time when it is determined that the data is stabilized by the valid code data, the register holds the valid code data. | 04-02-2009 |

20100061548 | CRYPTOGRAPHIC PROCESSING APPARATUS, CRYPTOGRAPHIC-PROCESSING-ALGORITHM CONSTRUCTING METHOD, AND CRYPTOGRAPHIC PROCESSING METHOD, AND COMPUTER PROGRAM - To realize an extended-Feistel-type common-key block-cipher process configuration for realizing a diffusion-matrix switching mechanism (DSM). In a cryptographic process configuration in which an extended Feistel structure having a number of data lines: d that is set to an integer satisfying d≧2 is applied, a plurality of multiple different matrices are selectively applied to linear transformation processes performed in F-function sections. A plurality of different matrices satisfying a condition in which a minimum number of branches for all of the data lines is equal to or more than a predetermined value are selected as the matrices, the minimum number of branches for all of the data lines being selected from among minimum numbers of branches corresponding to the data lines, each of the minimum numbers of branches corresponding to the data lines being based on linear transformation matrices included in F-functions that are input to a corresponding data line in the extended Feistel structure. According to the present invention, common-key block cipher based on the DSM with a high resistance to linear analysis and differential analysis is realized. | 03-11-2010 |

20110261955 | SCALAR MULTIPLIER AND SCALAR MULTIPLICATION PROGRAM - Provided are a scalar multiplier and a scalar multiplication program for performing a scalar multiplication at a high speed. In computing a scalar multiplication [s]P of a rational point P of an additive group E(F | 10-27-2011 |

20090310775 | Using a single instruction multiple data (SIMD) instruction to speed up galois counter mode (GCM) computations - In one embodiment, an encryption operation may be performed by obtaining a product of a carry-less multiplication using multiple single instruction multiple data (SIMD) multiplication instructions each to execute on part of first and second operands responsive to an immediate datum associated with the corresponding instruction, and reducing the product modulo g to form a message authentication code of a block cipher mode. Other embodiments are described and claimed. | 12-17-2009 |

20100266122 | ENCRYPTION METHOD, DECRYPTION METHOD, DEVICE, AND PROGRAM - An encryption/decryption method comprises by using a generalized Feistel structure in which data is divided into n pieces and mixing processing with key data is performed, diffusion processing, in which data transformation via linear operation is executed, is performed at least once between rounds of the generalized Feistel structure, wherein. As the diffusion processing, linear transformation is performed in which each of n pieces of output data is operated on by two or more pieces of input data. The method is adapted for encryption or decryption. | 10-21-2010 |

20100266121 | IC CHIP AND INFORMATION PROCESSING APPARATUS MOUNTING IC CHIP - An IC chip includes: a first memory which stores a control program for executing cryptographic processing; a second memory which stores an application; an arithmetic processor which receives first data including at least part of a cryptographic private key stored in a predetermined area of the application, and executes the cryptographic processing in accordance with the control program; and an auxiliary arithmetic processor which executes predetermined arithmetic processing under control of the arithmetic processor. If the first data does not match a data format defined by a software interface of the auxiliary arithmetic processor, the arithmetic processor controls to generate second data by processing the first data so as to match the data format, and to store the generated second data in a data table provided in the second memory. | 10-21-2010 |

20090110188 | CONFIGURABLE RANDOM NUMBER GENERATOR - A method for random number generation includes generating random number sequences using a Random Number Generator (RNG) circuit having an externally-modifiable configuration. The RNG circuit generates a first random number sequence having a first measure of randomness, and modifies the configuration of the RNG circuit, causing the RNG circuit to generate a second random number sequence having a second measure of the randomness, indicating a degree of the randomness that is no less than the first measure. | 04-30-2009 |

20120189117 | Methods And Apparatus For Protecting Digital Content - A processing system to serve as a source device for protected digital content comprises a processor and control logic. When used by the processor, the control logic causes the processing system to receive a digital certificate from a presentation device. The processing system then uses public key infrastructure (PKI) to determine whether the presentation device has been authorized by a certificate authority (CA) to receive protected content. The processing system may also generate a session key and use the session key to encrypt data. The processing system may transmit the encrypted data to the presentation device only if the presentation device has been authorized by the CA to receive protected content. Presentation devices and repeaters may perform corresponding operations, thereby allowing content to be transmitted and presented in a protected manner. Other embodiments are described and claimed. | 07-26-2012 |

20120189116 | Technique for Determining Usage of Encrypted Media Content - A technique for determining usage of encrypted media content is described. A method implementation of this technique comprises the steps of obtaining a short-term key for decrypting the media content, obtaining a long-term key for decrypting the short-term key, decrypting the short-term key based on the long-term key, decrypting the media content based on the decrypted short-term key, and logging a parameter relating to the short-term key as a basis for determining media content usage. The short-term key may be a Traffic Encryption Key, TEK, and the long-term key may be a Service Encryption Key, SEK. | 07-26-2012 |

20100119057 | Efficient method and apparatus for modular inverses - Methods and apparatus are described for computing modular inverses of odd input values modulo 2 | 05-13-2010 |

20120033805 | FINITE FIELD CALCULATION APPARATUS, FINITE FILED CALCULATION METHOD, PROGRAM, AND RECORDING MEDIUM - A calculation Π | 02-09-2012 |

20120033804 | METHOD AND MODULE FOR RENEWING THE CODE OF A CRYPTOGRAPHIC ALGORITHM, METHOD AND MODULE FOR GENERATING A SEED, SECURITY PROCESSOR AND RECORDING CARRIER FOR THESE METHODS - This method for renewing the code of an algorithm comprises: | 02-09-2012 |

20090046851 | METHOD AND SYSTEM FOR ATOMICITY FOR ELLIPTIC CURVE CRYPTOSYSTEMS - A method and system are provided for atomicity for elliptic curve cryptosystems (ECC-systems). The method includes a side channel atomic scalar multiplication algorithm using mixed coordinates. The algorithm including repeating a sequence of field operations for each elliptic curve addition or doubling operation to provide an atomic block, wherein an atomic block appears equivalent by side-channel analysis. The mixed coordinates are chosen based on a ratio of I/M where I and M are the time required to execute an inversion and a multiplication in the ground field respectively. If the I/M ratio is less than 60, a mixture of affine and Jacobian coordinates are used during scalar multiplication. If the I/M ratio is 60 or more, a mixture of Chudnovsky-Jacobian and Jacobian coordinates are used during scalar multiplication. The method is optimized for elliptic curves over F | 02-19-2009 |

20090046848 | Encryption management system - Systems and methods are presented for increasing the security of transmitted message. A text selection component selects at least one portion of a document that contains sensitive information. A text extraction component extracts characters belonging to a selected character set from at least one selected portion of the document. An encryption interface provides the extracted characters to an encryption algorithm to provide an encrypted representation of the extracted characters. A document reconstruction component incorporates the encrypted representation of the extracted characters into the document to produce a reconstructed document in which the encrypted representation of the extracted characters replaces the extracted characters. | 02-19-2009 |

20120106731 | SPEEDING UP GALOIS COUNTER MODE (GCM) COMPUTATIONS - Methods and apparatus to speed up Galois Counter Mode (GCM) computations are described. In one embodiment, a carry-less multiplication instruction may be used to perform operations corresponding to verification of an encrypted message in accordance with GCM. Other embodiments are also described. | 05-03-2012 |

20110200185 | Method of performing elliptic polynomial cryptography with elliptic polynomial hopping - The method of performing elliptic polynomial cryptography with elliptic polynomial hopping allows for the encryption of messages through elliptic polynomial cryptography, i.e., using elliptic polynomials with multi x-coordinates, and particularly with the utilization of elliptic polynomial hopping based upon both the elliptic polynomial and its twist, regardless of whether the elliptic polynomial and its twist are isomorphic with respect to one another. Each plaintext block is encrypted by a different elliptic polynomial, and the elliptic polynomials used are selected by an initial secret key and a random number generator. The method is particularly useful for symmetric encryption systems, and provides a block cipher fundamentally based upon a computationally hard problem. | 08-18-2011 |

20110170685 | COUNTERMEASURE METHOD AND DEVICES FOR ASYMMETRIC ENCRYPTION WITH SIGNATURE SCHEME - A countermeasure method in an electronic component implementing an asymmetric private key encryption algorithm includes generating a first output data, using a primitive, and a protection parameter, transforming, using the protection parameter, at least one element of a set consisting of the private key and an intermediate parameter obtained from the first output data, to respectively supply first and second operands, and generating, from an operation involving the first and second operands, a second output data. | 07-14-2011 |

20090279690 | CRYPTOGRAPHIC SYSTEM INCLUDING A MIXED RADIX NUMBER GENERATOR WITH CHOSEN STATISTICAL ARTIFACTS - A cryptographic system ( | 11-12-2009 |

20090279689 | SYSTEM AND METHOD OF AUTHENTICATION - Disclosed herein are systems, methods and computer readable media for performing authentication. The proposed scheme utilizes new algorithms that introduce randomness using a physical value for authentication. An exemplary method includes sharing an initial state value S( | 11-12-2009 |

20090279687 | CRYPTOGRAPHIC OPERATION PROCESSING CIRCUIT - A dummy operation instruction circuit ( | 11-12-2009 |

20090279688 | CLOSED GALOIS FIELD CRYPTOGRAPHIC SYSTEM - A cryptographic system (CS) comprised of generators ( | 11-12-2009 |

20090279693 | METHOD AND A DEVICE FOR GENERATING A PSEUDORANDOM STRING - The invention relates to a method of generating a pseudorandom string of terms belonging to a finite body K of cardinal q≧2 intended to be used in a cryptography procedure, said method comprising the iterative calculation of a system (Γ) of m polynomials with n variables belonging to the finite body K. According to the invention, the coefficients of these m polynomials are regenerated at each iteration. The invention also relates to pseudorandom string generator intended to implement this method. | 11-12-2009 |

20090279692 | FAST COMPUTATION OF ONE-WAY HASH SEQUENCES - Some embodiments of the present invention provide a system that computes a target secret S | 11-12-2009 |

20100278331 | SECURE HASHING DEVICE USING MULTIPLE DIFFERENT SHA VARIANTS AND RELATED METHODS - A monolithic integrated circuit (IC) secure hashing device may include a memory, and a processor integrated with the memory. The processor may be configured to receive a message, and to process the message using a given secure hash algorithm (SHA) variant from among different SHA variants. The different SHA variants may be based upon corresponding different block sizes of bits. | 11-04-2010 |

20090103717 | System and method for implementing elliptic curve scalar multiplication in cryptography - A system and method for implementing the Elliptic Curve scalar multiplication method in cryptography, where the Double Base Number System is expressed in decreasing order of exponents and further on using it to determine Elliptic curve scalar multiplication over a finite elliptic curve. | 04-23-2009 |

20090103715 | Rules-Driven Hash Building - Methods and apparatus, including computer program products, implementing and using techniques for generating a hash. A data store including multiple hashing tables is provided. A set of data is received on which the hash is to be based. The set of data includes one or more components. An identifier is received. The identifier identifies one or more hashing tables to use when generating the hash. The received one or more components are processed in accordance with rules defined in the identified one or more hashing tables. The processed components are combined into a final hash. | 04-23-2009 |

20090103714 | Encryption device, encryption method, and computer program - The invention realizes a high-security cryptographic processing apparatus that increases difficulty in analyzing its key and a method therefor. In Feistel-type common-key-block cryptographic processing that repeatedly executes an SPN-type F-function having the nonlinear conversion section and the linear conversion section over a plurality of rounds, Linear conversion processing of an F-function corresponding to each of the plurality of rounds is carried out by linear conversion processing that applies square MDS (Maximum Distance Separable) matrices. The invention uses a setting that arbitrary m column vectors included in inverse matrices of square MDS matrices being set up at least in consecutive even-numbered rounds and in consecutive odd-numbered rounds, respectively, constitute a square MDS matrix. This structure realizes cryptographic processing whereby resistance to linear cryptanalysis attacks in the common-key-block cipher is improved. | 04-23-2009 |

20090296922 | WATERMARKING COMPUTER CODE BY EQUIVALENT MATHEMATICAL EXPRESSIONS - A method of embedding information in a computer program code, including a plurality of program statements. The method comprises: parsing the computer program code to identify at least one program statement that includes a first mathematical expression, wherein said first mathematical expression includes at least a first algebraic expression adapted to produce at least one numeric result; generating a modified mathematical expression by performing a predetermined transformation of the first mathematical expression, wherein the modified mathematical expression includes a transformed algebraic expression instead of the first algebraic expression, such that the modified mathematical expression is adapted to produce the same result as the first mathematical expression, and wherein the modified mathematical expression is indicative of at least a part of said information; replacing said first mathematical expression in the identified program statement by the modified mathematical expression. | 12-03-2009 |

20090041232 | ESTABLISHING TRUST WITHOUT REVEALING IDENTITY - A method, system, and apparatus are provided for establishing trust without revealing identity. According to one embodiment, values in a first proof corresponding to a first statement are precomputed, a request for a second proof is received from a challenger, and the first and second proofs are completed. | 02-12-2009 |

20090041231 | METHOD AND APPARATUS FOR PARTIALLY ENCRYPTING SPEECH PACKETS - Provided are a method and apparatus for partially encrypting speech packets, more specifically, a method and apparatus for selecting partial encryption sets used for a partial encryption technique in which compressed speech packets are partially encrypted to obtain the same effect as a full encryption technique. The method includes the steps of: (a) compressing respective speech files stored in a large-capacity speech database into the speech packets using a speech codec; (b) measuring single-bit loss distortion and sequential-bit loss distortion of the speech packets compressed in step (a); (c) generating standards for selecting partial encryption sets based on the measurement results of the single-bit loss distortion and sequential-bit loss distortion; (d) selecting the partial encryption sets according to the generated standards; and (e) encrypting the speech packets using the selected partial encryption sets. In this method, distortion sensitivity caused by loss of a speech packet can be exactly measured in various embodiments so that partial encryption sets can be efficiently and securely selected based on the measurement result. As a result, by reducing the amount of encryption operation, encryption services can be applied in various wireless communication environments. | 02-12-2009 |

20100111296 | COLLISION-RESISTANT ELLIPTIC CURVE HASH FUNCTIONS - Elliptic curve hash functions are provided which do not require a pre-existing hash function, such as that required by the MuHash. The elliptic curve hash functions can be built from scratch and are collision free and can be incremental. In one embodiment, rather than a pre-existing hash function, the identity function with padding is used; and in another embodiment, rather than a pre-existing hash function, a block cipher with a fixed non-secret key is used. | 05-06-2010 |

20100111295 | SWAP CIRCUIT FOR COMMON KEY BLOCK CIPHER AND ENCRYPTION/DECRYPTION CIRCUIT INCLUDING THE SAME - An encryption/decryption circuit includes a swap circuit for outputting each of text data and initialization vector data which are input from an input terminal to either a first or second output terminal in accordance with one of modes of operation, an encryption/decryption processing unit to which one of the text data and the initialization vector data are input from the first output terminal and which performs encryption processing and decryption processing on the data, and an exclusive OR processing unit to which another one of the initialization vector data and the text data are input from the second output terminal and which performs an exclusive OR operation on the data. | 05-06-2010 |

20100111292 | AGGREGATE AND PARALLELIZABLE HASH FUNCTION - A hash provides aggregation properties, and allows distributed and/or concurrent processing. In an example, the hash operates on message M, and produces a multiplicative matrix sequence by substituting a 2×2 matrix A for binary ones and substituting a 2×2 matrix B for binary zeros in M. A and B are selected from SL | 05-06-2010 |

20080212769 | Processing method for message integrity with tolerance for non-sequential arrival of message data - Example embodiments of the present invention disclose a method for processing an application packet for transmission includes receiving a plurality of segments of the application packet in a byte stream, the byte stream including a plurality of blocks, creating a plurality of superblocks within the byte stream by grouping a number of the plurality of blocks within the byte stream, and creating first pseudorandom bits for the plurality of superblocks. The method also includes determining a block number and a superblock number for a beginning of each of the plurality of segments, determining a block number and a superblock number for an ending of each of the plurality of segments in the byte stream. | 09-04-2008 |

20120121083 | ENCRYPTION APPARATUS AND METHOD - An encryption method and apparatus for encrypting a plurality of rounds are provided. The encryption method including: extracting a conversion function, which is convertible in a table form from a predetermined block encryption method; converting the extracted conversion function into a corresponding converted table; applying the converted table to an input bit; applying an extension function, which extends an output bit, to an output of the converted table; and applying a restore function, which restores the extended output bit. | 05-17-2012 |

20120121081 | NONLINEAR FEEDBACK SHIFT REGISTER AND METHOD FOR NONLINEAR SIGNATURE FORMATION - A nonlinear feedback shift register for creating a signature for cryptographic applications includes a sequence of series-connected flip-flops which are connected to each other for forming at least one polynomial, with the aid of at least one signal feedback having at least one operator. The flip-flops are connected to at least one switching operator for forming at least two different polynomials, the switching operator switching between the polynomials as a function of an input signal. A method for nonlinear signature formation is also provided. | 05-17-2012 |

20100278332 | DATA CONVERSION FUNCTION PROCESSOR | 11-04-2010 |

20100278333 | METHOD AND APPARATUS FOR PERFORMING ELLIPTIC CURVE ARITHMETIC - A method of performing a cryptographic operation on a point in an elliptic curve cryptosystem using an elliptic curve. The method comprises the steps of obtaining information that uniquely identifies the elliptic curve and performing computations on the point to obtain the result of the cryptographic operation. The computations use the information. The computations produce an incorrect result if the point is not on the elliptic curve. | 11-04-2010 |

20090168995 | Systems and Methods of Information/Network Processing Consistent with Creation, Encryption and/or Insertion of UIDs/Tags - Embodiments are directed to a system and method of generating a global unique identifier (GUID) associated with web/network-related requests. In the context of processing a web-bound request associated with a browsing session, the method comprises receiving information associated with a device that initiated a web-bound request, extracting non-personal/device information during MAC/network layer processing, and creating an anonymous GUID based on the non-personal/device information. The GUID may be implemented as an alphanumeric string that is least partially encrypted and inserted in an extensible location of the HTTP data. The non-personal/device information includes one or more of data associated with a device/user, data related to the device, software on the device, or any user/input data that is resident on the device. The global persistence of the GUID is enabled as a function of extraction of non-personal/device data during MAC/network layer processing. | 07-02-2009 |

20100278334 | METHOD AND APPARATUS FOR MINIMIZING DIFFERENTIAL POWER ATTACKS ON PROCESSORS - A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation. | 11-04-2010 |

20090003590 | MULTI-DIMENSIONAL MONTGOMERY LADDERS FOR ELLIPTIC CURVES - An algorithm is provided having a matrix phase and point addition phase that permits computation of the combination of more than two point multiples. The algorithm has particular utility in elliptic curve cryptography (ECC) such as for computing scalar multiplications in, e.g. batch ECC operations, accelerating Lenstra's ECM factoring algorithm, exploiting expanded ECC certificates (which contain pre-computed multiples of a party's public key), incremental hashing based on elliptic curves, accelerating verification of ECDSA signatures, etc. | 01-01-2009 |

20090034717 | METHOD OF PROCESSING DATA PROTECTED AGAINST ATTACKS BY GENERATING ERRORS AND ASSOCIATED DEVICE - A data processing method comprises the following steps: | 02-05-2009 |

20090052657 | Method for Scalar Multiplication in Elliptic Curve Groups Over Binary Polynomial Fields for Side-Channel Attack-Resistant Cryptosystems - A method for transforming data with a secret parameter in an elliptic curve cryptosystem based on an elliptic curve defined over an underlying binary polynomial field, includes multiplying a point of the elliptic curve, and representing the data to be transformed by a scalar representing the secret parameter, wherein the multiplying includes performing at least one point addition operation and at least one point doubling operation on points of the elliptic curve. The point addition operation includes a first sequence of elementary field operations, and the point doubling operation includes a second sequence of elementary field operations, both the first and the second sequences of elementary field operations including a field inversion of coordinates of the elliptic curve points. A representation of the elliptic curve points in affine coordinates is provided and the first and second sequences of elementary field operations are balanced. The field inversion of coordinates is performed by the extended Euclidean algorithm and the balancing includes balancing the extended Euclidean algorithm by adding at least one dummy operation. | 02-26-2009 |

20090168994 | Method for providing stronger encryption using conventional ciphers - A method of transforming files that will produce a much stronger encryption over conventional encryption methods. | 07-02-2009 |

20080273693 | EFFICIENT ENCODING PROCESSES AND APPARATUS - A method for encoding video includes receiving data, and encrypting the data using at least four Huffman trees. A method for encoding video includes receiving data, and encrypting the data such that an internal state of a stream cipher is independent of plaintext and ciphertext. A video encoding system for encoding video in a computing environment includes means for accessing data, and means for encrypting the data such that there are approximately 2 | 11-06-2008 |

20120033803 | SYSTEM FOR DESCRAMBLING AND METHODS FOR USE THEREWITH - A system includes a key path generator that generates a key path based on a plurality of encryption keys. A block descrambling unit generates a plurality of codewords to by de-entropy processing, de-chaos processing and de-permutation processing each of a plurality of encrypted blocks. A decoder generates a plurality of data blocks by decoding the plurality of codewords. | 02-09-2012 |

20080279369 | SYSTEM AND METHOD FOR N-DIMENSIONAL ENCRYPTION - A system and method is directed to providing an n-dimensional entity for encoding and storing data securely. A user provides a cursor position within the n-dimensional entity, and a user seed to a pseudo-random number generator. The user seed may be combined with a fingerprint of a computing system in which the invention operates. The n-dimensional entity is populated with bits from the pseudo-random number generator. Bits within the n-dimensional entity are associated with actions to be performed at each cursor position. Subsequent cursor directions within the n-dimensional entity are determined using a random number generator. Plaintext is bitwise translated to a direction and an offset from the cursor position to a bit matching the plaintext bit within the n-dimensional entity. The offset is employed to modify a row of truly random bits in an encoded array. | 11-13-2008 |

20080279367 | METHOD AND APPARATUS FOR PROVIDING ECRYPTION/DECRYTPION USING TWO SEQUENCES OF NUMBERS - A method encrypting data including selecting a pair of sequences based on a seed, performing a transposition of the data utilizing elements of a first one of the pair of sequences to produce a first transposition result, and performing a transposition of the first transposition result utilizing elements of a second one of the pair of sequences to produce the encrypted data. The pair of sequences may be selected from a pool of constrained sequences. The pool of constrained sequences may be generated utilizing a Knights Tour sequence generating system. The pool of constrained sequences may be transferred to a decrypting device for decryption of the encrypted data. The pair of sequences may be randomly generated utilizing a random integer sequence generator and the seed. The constrained indication may be constrained to a number of sequences present in the pool of sequences. | 11-13-2008 |

20080292098 | COMMUNICATION SYSTEM AND RECEIVER DEVICE - A communication system includes: a transmission device; and a reception device, wherein the transmission device includes an encryption section that encrypts a plaintext to be transmitted to the reception device with a first encryption key, and a transmission section that transmits the encrypted plaintext to the reception device; and the reception device includes a FeRAM that stores a second encryption key to pair with the first encryption key, wherein, upon reading out the second encryption key from the FeRAM, the second encryption key is erased from the FeRAM, a reception section that receives the encrypted plaintext from the transmission device, and a decoding section that decodes the received plaintext encrypted with the first encryption key with the second encryption key that is supposed to be stored in the FeRAM. | 11-27-2008 |

20080310620 | METHOD, APPARATUS AND SYSTEM FOR MANAGING A/V PROFILES - A method, apparatus and system for managing A/V (Audio/Video) profiles are provided, which is related to a technology that supports different profiles in a domain. The method of managing A/V profiles includes requesting a license component and an encrypted content component, and creating a DRM license and encrypted content by gathering elements that correspond to an A/V profile of a specified device from the license component and the encrypted content component. | 12-18-2008 |

20080310621 | PRIVACY ENHANCED COMPARISON OF DATA SHEETS - A computer implemented method for performing a privacy enhanced comparison of a plurality of data sets includes allocating a private encryption key to each of the data sets; performing an encryption operation for each of the data sets, the encryption operation comprising generating a commutatively encrypted data set of the respective data set, wherein the commutatively encrypted data sets are generated by successively applying a keyed commutative encryption function on the respective data set with the private encryption key of the respective data set itself and with the private encryption keys of the other data sets; and comparing the commutatively encrypted data sets. | 12-18-2008 |

20080310619 | Process of Encryption and Operational Control of Tagged Data Elements - A process of encrypting an object having an associated object tag includes generating a cryptographic key by binding an organization split, a maintenance split, a random split, and at least one label split ( | 12-18-2008 |

20080253560 | Duo Codes for Product Authentication - Systems and methods are provided that employ two or more cryptographically linked codes. The codes, when encrypted, become cipher texts that appear unrelated. The codes described herein are characterized by a series of bits including one or more switch bits. The cipher text of a code having a switch bit in one state will appear to be unrelated to the cipher text of another code differing only in that the switch bit is in the opposite state. The cryptographically linked codes can be used in various combinations, such as on a product and its packaging, on a product and a component of the product, on a certificate packaged with the product and on the packaging, or on outer and inner packagings of the product. | 10-16-2008 |

20110007894 | CRYPTOGRAPHIC PROCESSING METHOD, COMPUTER READABLE STORAGE MEDIUM, AND CRYPTOGRAPHIC PROCESSING DEVICE - stores, in | 01-13-2011 |

20110007893 | METHOD AND APPARATUS FOR FINGERPRINTING AND COPY PROTECTING OPTICAL RECORDING MEDIA - A method for generating a unique identity for objects having measurable properties. The teachings include deriving unique features of the object and using them to generate a fingerprint for the device. The teachings also include techniques for providing appropriate signal processing for the incoming information from any physical device to be fingerprinted. The invention also includes methods for access control to optical recording media and physical devices. | 01-13-2011 |

20090190752 | METHOD AND APPARATUS FOR COMMUNICATION EFFICIENT PRIVATE INFORMATION RETRIEVAL AND OBLIVIOUS TRANSFER - A method, article of manufacture and apparatus for performing private retrieval of information from a database is disclosed. In one embodiment, the method comprising obtaining an index corresponding to information to be retrieved from the database and generating a query that does not reveal the index to the database. The query is an arithmetic function of the index and a secret value, wherein the arithmetic function includes a multiplication group specified by a modulus of a random value whose order is divisible by a prime power, such that the prime power is an order of the random value. The secret value is an arithmetic function of the index that comprises a factorization into prime numbers of the modulus. The method further comprises communicating the query to the database for execution of the arithmetic function against the entirety of the database. | 07-30-2009 |

20120294439 | METHOD FOR IMPLEMENTING SYMMETRIC KEY ENCRYPTION ALGORITHM AGAINST POWER ANALYSIS ATTACKS - Disclosed is a method for implementing a symmetric key encryption algorithm against power analysis attacks, including: generating and storing an affine transform table; generating and storing a masked inversion table; and operating a masked S-box using the affine transform table and the masked inversion table. | 11-22-2012 |

20080292096 | Hybrid data encryption - A method and apparatus for encrypting and decrypting data. A first block cipher encrypts data to generate a first cipher output. A first double irregular columnar transposition cipher encrypts the first cipher output to generate a second cipher output. A second block cipher encrypts the second cipher output to generate a third cipher output. | 11-27-2008 |

20110268267 | METHOD AND APPARATUS FOR PROVIDING CONTENT SERVICE - There is provided a method and apparatus for providing a content service. A method of providing a content service includes generating a plurality of pieces of decryption information according to a continuous period of using a broadcasting service with respect to predetermined contents, encrypting the contents, and decrypting the encrypted contents using the decryption information. | 11-03-2011 |

20100135485 | SYSTEM FOR AUTHENTICATING OBJECTS - A system for authenticating an object is disclosed. The system has a sensing device for sensing coded tags printed on the object. Each coded tags encodes an identity of the object and a signature fragment. An entire signature is encoded in multiple coded tags. The system further has a processor for determining a signature fragment identifier associated with respective signature fragments. The processor also generates the entire signature from the signature fragments and associated signature fragment identifiers. The entire signature is then decrypted to obtain a generated identity. By comparing the identity encoded by the coded tags with the generated identity, the object is authenticated. | 06-03-2010 |

20100135484 | HASH VALUE CALCULATION APPARATUS AND METHOD THEREOF - A hash value calculation apparatus, which calculates a hash value of a message, includes: an input unit adapted to input an extended block obtained from a message to be processed; a hash value calculation unit adapted to execute a hash value calculation of the input block and to output a hash intermediate value; a plurality of intermediate value storage units adapted to store the hash intermediate value output by the hash value calculation unit for the message to be processed; an output unit adapted to output a hash intermediate value associated with all blocks of the message to be processed as a hash value of the message; and a hash value calculation control unit adapted to control hash value calculations for a plurality of messages by switching the intermediate value storage units used to store the hash intermediate value output from the hash value calculation unit. | 06-03-2010 |

20120069994 | METHOD FOR GENERTAING A DIGITAL SIGNATURE - A method for generating a digital signature includes calculating a first magnitude representative of the inverse of a random number raised to the power two; obtaining a first element of the digital signature by executing scalar multiplication between an established point of the elliptic curve and the random number; obtaining a second magnitude by executing modular multiplication, with modulus corresponding to the established elliptic curve's order between the first magnitude and the secret encryption key; obtaining a third magnitude by executing a modular multiplication, with modulus corresponding to the established elliptic curve's order between the random number and the secret encryption key; obtaining a first addend of a second element of the digital signature by executing a modular multiplication, with modulus corresponding to the established elliptic curve's order between the second magnitude and the third magnitude; and generating a second element of the digital signature based on the first addend. | 03-22-2012 |

20120069993 | CRYPTOGRAPHIC APPARATUS AND MEMORY SYSTEM - According to one embodiment, a cryptographic apparatus includes: cryptographic cores (“cores”), an assigning unit, a concatenating unit, and an output controlling unit. If a CTS flag thereof is on, each core encrypts using a symmetric key cipher algorithm utilizing CTS, while using a symmetric key. When an input of a CTS signal is received, the assigning unit assigns first input data to a predetermined core and turns on the CTS flag thereof. The concatenating unit generates concatenated data by concatenating operation data generated during encrypting the first input data, with second input data that is input immediately thereafter. The output controlling unit controls outputting the concatenated data to the predetermined core, outputting first encrypted data obtained by encrypting the concatenated data, and over outputting second encrypted data obtained by encrypting the first input data, and further turns off the predetermined core's CTS flag. | 03-22-2012 |

20080240421 | Method and apparatus for advanced encryption standard (AES) block cipher - The speed at which encrypt and decrypt operations may be performed in a general purpose processor is increased by providing a separate encrypt data path and decrypt data path. With separate data paths, each of the data paths may be individually optimized in order to reduce delays in a critical path. In addition, delays may be hidden in a non-critical last round. | 10-02-2008 |

20080240420 | METHOD AND SYSTEM FOR A RECURSIVE SECURITY PROTOCOL FOR DIGITAL COPYRIGHT CONTROL - Systems and methods are described which utilize a recursive security protocol for the protection of digital data. These may include encrypting a bit stream with a first encryption algorithm and associating a first decryption algorithm with the encrypted bit stream. The resulting bit stream may then be encrypted with a second encryption algorithm to yield a second bit stream. This second bit stream is then associated with a second decryption algorithm. This second bit stream can then be decrypted by an intended recipient using associated keys. | 10-02-2008 |

20100142701 | EFFICIENT FULL OR PARTIAL DUPLICATE FORK DETECTION AND ARCHIVING - A method to efficiently detect, store, modify, and recreate fully or partially duplicate file forks is described. During archive creation or modification, sets of fully or partially duplicate forks are detected and a reduced number of transformed forks or fork segments are stored. During archive expansion, one or more forks are recreated from each full or partial copy. | 06-10-2010 |

20090180609 | Modular Reduction Using a Special Form of the Modulus - A special form of a modulus and a modified Barrett reduction method are used to perform modular arithmetic in a cryptographic system. The modified Barrett reduction is a method of reducing a number modulo another number without the use of any division. By pre-computing static values used in the Barrett reduction method and by using a special form of the modulus, the calculation of reducing a number modulo another number can be reduced. This can result in a decrease in computation time, speeding up the overall cryptographic process. | 07-16-2009 |

20090129585 | Exclusive encryption system - An encryption system includes a plurality of encryption operations including individual encryption operations and group encryption operations available for application in the encryption of data. The plurality of encryption operations are selected from the group consisting of functional variance, functional alignment, mathematical offset, wide XOR function, short logical rotation, long logical rotation, functional order, and address encryption. The system includes at least one round of encryption composed of a first encryption operation and a second encryption operation. The first encryption operation is selected from the plurality of encryption operations acting upon input data to generate a first encrypted data set. The second encryption operation is selected from the plurality of encryption operations acting upon the first encrypted data set to generate a second encrypted data set. The first encryption operation and the second encryption operation are different. | 05-21-2009 |

20090129586 | CRYPTOGRAPHIC MODULE MANAGEMENT APPARATUS, METHOD, AND PROGRAM - A cryptographic module management apparatus searches for cryptographic module meta-information based on the category information of a requested cryptographic module and, if associated cryptographic module category information is contained in this cryptographic module meta-information, searches for the cryptographic module meta-information of an associated cryptographic module, to generate composite type cryptographic module evaluation information based on this cryptographic module meta-information, select a cryptographic module based on this composite type cryptographic module evaluation information, and read this cryptographic module from a cryptographic module storage portion and output such composite type cryptographic module evaluation information. | 05-21-2009 |

20120069992 | Product Authentication Using End-To-End Cryptographic Scheme - A system is provided for inside-to-outside or outside-to-inside cryptographic coding that facilitates product authentication along a distribution channel. An association of authenticated, secured codes is generated between inner items (e.g., pharmaceutical doses such as pills, capsules, tablets) and outer items (e.g., packaging containing inner items). For instance, an inner code associated with a first item is used to generate (at least partially) an outer code associated with a second item that contains one or more first items. This process may be repeated multiple times with codes for outer items being a function of codes for inner items. The sequence of items may be authenticated by the dependent relationship between their codes. | 03-22-2012 |

20090185676 | METHOD TO GENERATE A PRIVATE KEY IN A BONEH-FRANKLIN SCHEME - The aim of the present invention is to propose an alternative scheme to the classical Boneh-Franklin scheme in order to simplify the generation and the use of the asymmetric keys. | 07-23-2009 |

20090028323 | ENHANCING THE SECURITY OF PUBLIC KEY CRYPTOSYSTEM IMPLEMENTATIONS - In one embodiment, cryptographic transformation of a message is performed by first performing a table initiation phase to populate a data structure. Then, a first random number multiplied by a public key is added to each value in the data structure, in modulo of a second random number multiplied by the public key. Then an exponentiation phase is performed, wherein each modular multiplication and square operation in the exponentiation phase is performed in modulo of the second random number multiplied by the public key, producing a result. Then the result of the exponentiation phase is reduced in modulo of the public key. The introduction of the random numbers aids in the prevention of potential security breaches from the deduction of operands in the table initiation phase by malicious individuals. | 01-29-2009 |

20090245508 | CONVERTER, ENCRYPTION/DECRYPTION SYSTEM, MULTI-STAGE CONVERTER, CONVERTING METHOD, MULTI-STAGE CONVERTING METHOD, PROGRAM, AND INFORMATION RECORDING MEDIUM - A converter uses a predetermined parameter a. A generating unit accepts generated inputs x | 10-01-2009 |

20090080645 | INTEGRATED SHUFFLE VALIDITY PROVING DEVICE, PROOF INTEGRATING DEVICE, INTEGRATED SHUFFLE VALIDITY VERIFYING DEVICE, AND MIX NET SYSTEM - An integrated shuffle validity proving device ( | 03-26-2009 |

20080304657 | Secure Threshold Decryption Protocol Computation - The present invention relates to a method of converting an encrypted data set into an encryption of individual bits representing the data set. Further, the invention relates to a system for converting an encrypted data set into an encryption of individual bits representing the data set. A basic idea of the present invention is to provide a protocol in which it is possible to divide an encryption of a data set in the form of e.g. a biometric feature, such as a number x, where xε{0, 1, . . . , n−1}, into an encryption of respective bits x | 12-11-2008 |

20090052656 | Method and System for Block Cipher Encryption - A method of encrypting a block of data, is described, the method including providing a combining unit operative to combine a key with a block of data, the block of data expressed as a block of bits, providing a mix and condense unit operative to mix bits included in the block of bits among themselves, receiving an input including the block of data expressed as the block of bits, combining, at the combining unit, the block of bits with a key, and mixing, at the mixing and condensing unit, the combined block of bits, wherein the mix and condense unit includes a plurality of layers, each layer among the plurality of layers including a plurality of mini-functions. Related apparatus and methods are described. | 02-26-2009 |

20090097637 | RANDOMIZED RSA-BASED CRYPTOGRAPHIC EXPONENTIATION RESISTANT TO SIDE CHANNEL AND FAULT ATTACKS - Systems and/or methods that facilitate secure electronic communication of data are presented. A cryptographic component facilitates data encryption, data decryption, and/or generation of digital signatures, associated with messages. The cryptographic component includes a randomized exponentiation component that facilitates decryption of data and/or generation of digital signatures by exponentiating exponents associated with messages. A random number is generated and utilized to randomize the value of a message. After an exponentiation is performed on the randomized message value, intermediate results can be analyzed to determine if there was error in the exponentiation. If there was no error in the exponentiation, a final value of the exponentiation is determined and provided as output as decrypted data or a digital signature; if there is error, an “error” output can be provided. | 04-16-2009 |

20120288088 | METHOD AND SYSTEM FOR COMPRESSING AND ENCRYPTING DATA - A method and system for compressing and encrypting data. The method includes: receiving original data; performing a first compression of the original data to obtain a first compression result; and encrypting only a literal portion in the first compression result to obtain an encrypted first compression result. Various embodiments improve the efficiency of the process of compression and encryption to a great extent by encrypting only the literal portion of the compression result. | 11-15-2012 |

20110142229 | APPARATUS AND METHOD FOR PERFORMING TRANSPARENT HASH FUNCTIONS - A method for performing hash operations including: receiving a hash instruction that prescribes one of the hash operations and one of a plurality of hash algorithms; translating the hash instruction into a first plurality of micro instructions and a second plurality of micro instructions; and via a hash unit, executing the one of the hash operations. The executing includes indicating whether the one of the hash operations has been interrupted by an interrupting event; first executing the first plurality of micro instructions within the hash unit to produce output data; second executing the second plurality of micro instructions within an x86 integer unit in parallel with the first executing to test a bit in a flags register, to update text pointer registers, and to process interrupts during execution of the hash operation; and storing a corresponding intermediate hash value to memory prior to allowing a pending interrupt to proceed. | 06-16-2011 |

20110142228 | APPARATUS AND METHOD FOR EMPLOYING CONFIGURABLE HASH ALGORITHMS - A method for performing hash operations including: receiving a hash instruction that is part of an application program, where the hash instruction prescribes one of the hash operations and one of a plurality of hash algorithms; translating the hash instruction into a first plurality of micro instructions and a second plurality of micro instructions; and via a hash unit disposed within execution logic, executing the one of the hash operations. The executing includes first executing the first plurality of micro instructions within the hash unit to produce output data; second executing the second plurality of micro instructions within an x86 integer unit in parallel with the first executing to test a bit in a flags register, to update text pointer registers, and to process interrupts during execution of the hash operation; and storing a corresponding intermediate hash value to memory prior to allowing a pending interrupt to proceed. | 06-16-2011 |

20110142226 | METHOD OF GENERATING PSEUDO-RANDOM BIT STRINGS - Method for generating pseudo-random bit strings in a system in which the data interchanges between a first user and a second user are protected, characterized in that it comprises at least the following steps: using an application f | 06-16-2011 |

20090190751 | METHOD AND APPARATUS FOR COMMUNICATION EFFICIENT PRIVATE INFORMATION RETRIEVAL AND OBLIVIOUS TRANSFER - A method, article of manufacture and apparatus for performing private retrieval of information from a database is disclosed. In one embodiment, the method comprising obtaining an index corresponding to information to be retrieved from the database and generating a query that does not reveal the index to the database. The query is an arithmetic function of the index and a secret value, wherein the arithmetic function includes a multiplication group specified by a modulus of a random value whose order is divisible by a prime power, such that the prime power is an order of the random value. The secret value is an arithmetic function of the index that comprises a factorization into prime numbers of the modulus. The method further comprises communicating the query to the database for execution of the arithmetic function against the entirety of the database. | 07-30-2009 |

20110222684 | PROTECTION OF REGISTERS AGAINST UNILATERAL DISTURBANCES - A method for protecting a key intended to be used by an electronic circuit in an encryption or decryption algorithm, including the steps of: submitting the key to a first function taking a selection value into account; storing all or part of the result of this function in at least two registers; when the key is called by the algorithm, reading the contents of said registers and submitting them to a second function taking into account all or part of the bits of the registers; and providing the result of the combination as an input for the algorithm, the second function being such that the provided result corresponds to the key. | 09-15-2011 |

20110222683 | DEVICE AND METHOD FOR IMPLEMENTING A CRYPTOGRAPHIC HASH FUNCTION - A computing device and a computing device implemented method are provided for preparing a message a bit-length number of bits in length less than or equal to a pre-determined maximum size, for input to a cryptographic hash function operating on blocks of a predetermined block size of B bits. The computing device comprises a processor in communication with a memory for processing the message. The method comprises the processor padding the message by adding sufficient padding bits and a length block of length n bits, such that a padded bit-length of the padded message is an integer factor times the block size B; and the processor setting the bits of the length block such that if the bit-length is less than 2 | 09-15-2011 |

20090225981 | Document processing and management approach to adding an exclusive plugin implementing a desired functionality - A method of adding a plug-in to a system, the method comprising sending a login request to a client. The login request is sent to an exclusive plug-in by the client. The exclusive plug-in, sends the login request to a server. The exclusive plug-in requests a certified plug-in list from the server on receiving a login success message from the server. The server sends a certified plug-in list to the exclusive plug-in module. The server, requests a plug-in list from the client. The client, sends the embedded plug-in list to the exclusive plug-in. The exclusive plug-in compares the certified plug-in list with plug-ins in the plug-in list. The exclusive plug-in notifies the client of a successful comparison. The client, notifies the user of a successful comparison. | 09-10-2009 |

20110142230 | REAL-TIME DATA ENCRYPTION - A system and a method for real-time encryption of input data are described. A character numerical value associated with the input data is encrypted. The encoded character numerical value is then associated with a glyph corresponding to the input data. The encoded character numerical value and the glyph are then stored in a database. The encoded character numerical value is further encrypted using an encryption key to obtain an encrypted encoded character numerical value. | 06-16-2011 |

20090220072 | Secure serial number generation - An apparatus and a method for generating serial numbers is described. In one embodiment, a block cipher encrypter encrypts an application identifier and a sequence of random numbers to generate a signature. The block cipher encrypter is associated with a serial number key. The application identifier, the sequence of random numbers, and the signature are concatenated to generate a serial number. An encoder encodes the serial number into a string. | 09-03-2009 |

20090245509 | TRANSMITTING APPARATUS, RECEIVING APPARATUS, AND DATA TRANSMITTING SYSTEM - Video data exploitation by alteration of data is prevented. An extractor | 10-01-2009 |

20090245507 | DATA PROCESSING SYSTEM AND DATA PROCESSING METHOD - A technique which contributes to materialization of efficient encryption even with devices such as smartcards restricted in memory resource is provided. The system for generating cryptographic keys includes: | 10-01-2009 |

20090245506 | FOURIER SERIES BASED AUTHENTICATION/DERIVATION - For purposes of cryptographic authentication, verification and digital signature processes, a derivation function is provided. The derivation function is generated from a Fourier series, using a prime number to compute the initial value in the series. | 10-01-2009 |

20080260143 | XZ-ELLIPTIC CURVE CRYPTOGRAPHY WITH SECRET KEY EMBEDDING - Secure communications over an insecure channel is provided using symmetric key elliptic curve cryptography. More specifically, a shared secret key and/or data bit string is embedded in the X-coordinate and the Z-coordinate of an elliptic curve point defined in projective coordinates, wherein the embedding process is deterministic and non-iterative. In addition, the base point may be blinded by making the base point dependant on the shared secret key. | 10-23-2008 |

20080232580 | SECRET SHARING APPARATUS, METHOD, AND PROGRAM - A secret sharing apparatus according to the present invention is based on a (k,n)-threshold scheme with a threshold of at least 4. The secret sharing apparatus generates a generator matrix (G) of GF( | 09-25-2008 |

20090180610 | DECRYPTION METHOD - The invention relates to a method of determining a plaintext M on the basis of a cipher C and using a secret key d, wherein the secret key d is used in binary form, wherein the plaintext M is determined in each iteration step i for the corresponding bit d | 07-16-2009 |

20100002872 | DATA TRANSFORMATION APPARATUS, DATA TRANSFORMATION METHOD, AND COMPUTER PROGRAM - A non-linear transformation processing structure having a high implementation efficiency and a high security is realized. Data transformation is performed using a first non-linear transformation part performing non-linear transformation using a plurality of small S-boxes; a linear transformation part receiving all the outputs from the first non-linear transformation part and performing data transformation using a matrix for performing optimal diffusion mappings; and a second non-linear transformation part including a plurality of small non-linear transformation parts that perform non-linear transformation on individual data units into which output data from the linear transformation part is divided. With this structure, appropriate data diffusion can be achieved without excessively increasing a critical path, and a structure with a high implementation efficiency and a high security can be achieved. | 01-07-2010 |

20090316885 | NATURAL LANGUAGE DEPENDENT STREAM CIPHERS - A natural language dependent stream cipher is provided to increase complexity of stream cipher encryption. In one aspect, a message is received from a sender as an input in a first natural language and is translated into a selected second natural language. A binary Unicode representation of the input in the second natural language is created. An XOR operation is performed on the binary Unicode representation of the input in the second natural language and a binary key to generate an encrypted output. The encrypted output is sent to a receiver. The encrypted output may be decrypted by the receiver in the reverse of the encryption process. The decryption process yields the original message for viewing by an end-user of the system for a natural language dependent stream cipher. | 12-24-2009 |

20100150339 | SYSTEM AND DEVICE FOR DATA ENCRYPTION AND RECOVERY - The present invention provides a flexible encryption device, comprising N encryption units connected in series for encrypting N-bit input data, each one of the N encryption units further comprising an exclusive-OR gate for receiving an input data; and a flip-flop connected coupled to the exclusive-OR gate. Furthermore, the present invention also provides the data transferring system that can be easily modified without the needs of manual intervention. | 06-17-2010 |

20100150340 | DEVICE AND METHOD FOR ELLIPTIC CURVE CRYPTOSYSTEM - An exemplary embodiment of the present invention provides a method and an apparatus for minimizing a difference in data path between elliptic curve point addition and elliptic curve point doubling. An elliptic curve encryption method includes a first operation step of performing point addition for two points when two points on an elliptic curve are different from each other, and a second operation step of performing point doubling for any one point when two points on the elliptic curve are the same, wherein inverse multiplication processes and multiplication processes of the first operation step and the second operation step have the same path delay. | 06-17-2010 |

20100002869 | ENCRYPTION CIRCUIT AND DECRYPTION CIRCUIT - A CBC encryption circuit, configured with an input register | 01-07-2010 |

20100002868 | METHOD AND SYSTEM FOR ENCRYPTION OF BLOCKS OF DATA - A method for encryption of blocks of data ( | 01-07-2010 |

20100183142 | Encryption Processing Apparatus, Encryption Processing Method, and Computer Program - An apparatus and method for performing a high-speed operation in a hyperelliptic curve cryptography process are provided. If a standard divisor having a weight equal to a genus g in the hyperelliptic curve cryptography of genus g is a target divisor of scalar multiplication, a determination as to whether the standard divisor is divisible into a theta divisor defined as a divisor having a weight less than the genus g is determined, and if the standard divisor is divisible, the theta divisor is generated by dividing the standard divisor, and a scalar multiplication executing block performs the scalar multiplication using the theta divisor. With this arrangement, the scalar multiplication is performed at high speed with an amount of calculation reduced, and a high-speed encryption processing operation is thus performed. | 07-22-2010 |

20100260334 | SHARE GENERATION APPARATUS, RECONSTRUCTION APPARATUS, VERIFICATION APPARATUS, AND SECRET SHARING SYSTEM - A share generation apparatus ( | 10-14-2010 |

20100183146 | PARALLELIZABLE INTEGRITY-AWARE ENCRYPTION TECHNIQUE - The present disclosure provides a parallelizable integrity-aware encryption technique. In at least one embodiment of the present disclosure, a parallelizable integrity-aware encryption method comprises whitening at least one message block with a first mask value, encrypting the whitened at least one message block using a block cipher and a first key, and whitening the encrypted at least one message block with a second mask value to generate at least one corresponding output ciphertext block. In another embodiment of the present disclosure, a parallelizable integrity-aware encryption method comprises applying a XOR function to all blocks of a message to compute a XOR-sum, applying a first mask value to the XOR-sum; encrypting the masked XOR-sum using a block cipher and a first key, and applying a second mask value to the encrypted XOR-sum to generate an integrity tag. | 07-22-2010 |

20100183145 | ARITHMETIC CIRCUIT FOR MONTGOMERY MULTIPLICATION AND ENCRYPTION CIRCUIT - An arithmetic circuit capable of Montgomery multiplication using only a one-port RAM is disclosed. In a first read process, b[i] is read from a memory M | 07-22-2010 |

20100183143 | CRYPTOGRAPHIC PROCESSING APPARATUS AND CRYPTOGRAPHIC PROCESSING METHOD - A cryptographic processing apparatus for performing arithmetic operation on an FL function and an FL | 07-22-2010 |

20100177888 | WARERMARKING AND ENCRYPTION OF ENTROPY-CODED DATA USING ADDITIVE HUFFMAN TABLE - A secure forensic watermarking system is disclosed that distributes the same encrypted content to all users. The decryption key is different for each user, so that the decrypted content differs slightly from the original, i.e. is watermarked. Forensic tracking is possible by distributing unique decryption keys to individual users. The invention allows a forensic mark to be securely embedded in the compressed domain signal. In an embodiment of this invention, the content (x) and an encryption sequence (r) are entropy encoded using a homomorphic Huffman table. A homomorphic Huffmann table is a table H having the property that there exists an operation f( ) such that H- | 07-15-2010 |

20100177887 | MONTGOMERY-BASED MODULAR EXPONENTIATION SECURED AGAINST HIDDEN CHANNEL ATTACKS - The invention relates to a cryptographic method that incorporates a modular exponentiation secured against hidden channel attacks, without requiring knowledge of the public exponent. The method includes a modular exponentiation and the following steps: drawing of a random value s; initialization of variables with the aid of s; application of an algorithm enabling a loop invariant to be retained by virtue of the properties of the Montgomery multiplier Mgt; unmasking of the result of the algorithm to obtain the signature of the message. | 07-15-2010 |

20100296649 | CRYPTOGRAPHIC PROCESSING OF CONTENT - A system for cryptographic processing of content comprises an input for receiving the content. A plurality of look-up tables represents a white-box implementation of a combined cryptographic and watermarking operation. The look-up tables represent processing steps of the combined cryptographic and watermarking operation and the look-up tables being arranged for being applied according to a predetermined look-up scheme. The look-up scheme prescribes that an output of a first look-up table of the plurality of look-up tables be used to generate an input of a second look-up table of the plurality of look-up tables. The combined cryptographic and watermarking operation comprises a cryptographic operation and a watermarking operation. A control module looks up values in the plurality of look-up tables in dependence on the received content and in accordance to the look-up scheme, thereby applying the combined cryptographic and watermarking operation to the content. | 11-25-2010 |

20100226493 | ENCRYPTION/DECRYPTION DEVICE, ENCRYPTION/DECRYPTION METHOD, AND COMPUTER PROGRAM - It is possible to realize a Feistel-type common key block encryption/decryption processing configuration capable of reducing data stored in a memory at a low cost. The Feistel-type common key block encryption/decryption processing repeatedly executes an SP-type F function having nonlinear and linear transform sections by several rounds. At least one of the nonlinear and linear transform processes executed in the F function in each round is executed as a transform process identical with a transform process applied to an encryption/decryption algorithm other than a Feistel-type common key block encryption/decryption algorithm and/or another hash function such as AES and Whirlpool. With this configuration, it is possible to reduce the design cost and the amount of data stored in a memory. | 09-09-2010 |

20100177886 | INFORMATION SECURITY DEVICE - To aim to provide an information security device capable of reducing a period necessary for performing a power operation used for secret communication or authentication. The information security device performs secret communication or authentication by calculating an exponentiation X̂d based on target data X and a secret value d using the window method. In the process of calculating the exponentiation X̂d, immediately after square of a random value R acquired for multiplication is repeatedly performed a predetermined number of times, for example 256 times, a result of square of the random value R is cancelled using a cancellation value S (=R̂(−2̂256)). This makes it unnecessary to perform cancellation processing that has been conventionally performed. | 07-15-2010 |

20100177885 | METHODS TO FACILITATE ENCRYPTION IN DATA STORAGE DEVICES - Methods are provided for managing data encryption for a data storage library. An implementation assessment is performed for a customer and, in response to the implementation assessment, a set of customizations are generated for an encryption command communications appliance to enable the appliance to communicate with an encryption-capable storage device and a data storage library controller within the data storage library and with an encryption key manager (EKM) coupled to the data storage library. The encryption command communications appliance is configured with the set of customizations and the configured encryption command communications appliance is installed in the data storage library coupled to the library controller, the storage device and the EKM. | 07-15-2010 |

20100232602 | ENCRYPTION PROCESSING APPARATUS - Disclosed herein is an encryption processing apparatus including: a first register device; a second register device; a first flag operation device; a first operation device; a second operation device; a round operation device; a third and a fourth operation device; a second flag operation device; and a fifth operation device. | 09-16-2010 |

20100226494 | SYSTEM AND METHOD FOR PAYLOAD ENCODING AND DECODING - Systems, methods and apparatuses are disclosed for protecting encoded media data. A minimum set of information needed to encode a single message for an encoded audio signal is loaded separately from the media data into an encoder. A media license file is generated to protect the encoded data, where the underlying information relevant to the media data may be hidden through encryption or other means in order to foster security. The algorithm(s) for encoding may be provided using a shared library, combined with an encoding payload that provides the minimum information set required to form the single message. A partial decoder may apply pattern matching information in the encoded payload in order to confirm that the encoding is actually present and is proper. Accordingly, the payload must be successfully decoded and verified before the underlying data may be decoded. | 09-09-2010 |

20100254532 | METHOD OF OBSCURING CRYPTOGRAPHIC COMPUTATIONS - Obscuring cryptographic computations may be accomplished by performing modular exponentiation of an exponent in a cryptographic computation such that memory accesses are independent of the exponent bit pattern, thereby deterring timing attacks. | 10-07-2010 |

20100254531 | Method of Coding a Secret Formed by a Numerical Value - A method of coding a secret, a numerical value | 10-07-2010 |

20120140919 | DIGITAL CONTENT MANAGEMENT SYSTEM, DIGITAL WATERMARK EMBEDDING DEVICE, DIGITAL WATERMARK DETECTION DEVICE, PROGRAM, AND DIGITAL CONTENT MANAGEMENT METHOD - A digital content management system ( | 06-07-2012 |

20090290704 | METHOD FOR PROTECTING A CAP FILE FOR AN IC CARD - A method for protecting a CAP file including one or more applets to be installed in an IC Card, includes the applets encoding into the CAP file by a CAP file provider. The method also includes the CAP file downloading into the IC Card by a CAP file issuer, and storing an installation program inside the IC Card. The installation program extracts the applets from the CAP file and installs them in the IC Card, after the downloading. The CAP file provider encrypts the CAP file into a protected CAP file to avoid the applets being extracted before the downloading. The IC Card includes a decryption circuit for decrypting the protected CAP file downloaded into the IC Card. The installation of the applet is enabled by the decryption circuit. | 11-26-2009 |

20100111293 | ENCRYPTED FILE WITH HIDDEN CONTENTS - A method for storing data includes encrypting a first file ( | 05-06-2010 |

20110129083 | UNICODE-COMPATIBLE ENCIPHERMENT - Unicode character data is received for transcoding. The Unicode character data is transcoded to an intermediate value. The intermediate value is enciphered. The enciphered intermediate value is transcoded back to Unicode-compatible character data. The transcoding includes assembling character values from the Unicode character data into one or more blocks and representing the assembled character values in a compact form. | 06-02-2011 |

20090041230 | Mobile Client Device Driven Data Backup - Tasks associated with backing up the data of a mobile client device are performed predominantly by the mobile client device. A backup server functions as a server with limited functionality that merely stores backup data received from the mobile client device and retrieves the backup data under the request of the mobile client device. The mobile client device functions as a master device, and the backup server functions as a slave device. A backup program for performing tasks associated with the backup operation on the mobile client device may itself be stored as part of the backup data. | 02-12-2009 |

20090274294 | DATA COMPRESSION APPARATUS AND DATA DECOMPRESSION APPARATUS - In a first data compression process, a compressed code of an input symbol is generated in accordance with a compression dictionary selected on the basis of P symbols immediately preceding the input symbol, and a (P+1)K+1-th compressed code is encrypted to generate a compressed and encrypted code. Then, compressed and encrypted data comprising compressed and encrypted codes and other compressed codes is output. In a second data compression process, a bit string is added to the head of compression target data, and a compressed code of an input symbol is generated in accordance with a compression dictionary selected on the basis of a bit string or a symbol immediately preceding the input symbol. Then, a plurality of compressed codes are alternately output to different output destinations. | 11-05-2009 |

20090074180 | METHOD AND APPARATUS FOR PERFORMING ELLIPTIC CURVE ARITHMETIC - A method of performing a cryptographic operation on a point in an elliptic curve cryptosystem using an elliptic curve. The method comprises the steps of obtaining information that uniquely identifies the elliptic curve and performing computations on the point to obtain the result of the cryptographic operation. The computations use the information. The computations produce an incorrect result if the point is not on the elliptic curve. | 03-19-2009 |

20090074179 | Information security device and elliptic curve operating device - Resistance against simple power analysis is maintained while a smaller table is used. An IC card | 03-19-2009 |

20090323930 | HIGH-EFFICIENT ENCRYPTION AND DECRYPTION PROCESSING METHOD FOR IMPLEMENTING SMS4 ALGORITHM - An encrypting/decrypting processing method for implementing SMS4 algorithm in high efficiency is provided. After preparing constant array, input external data into register section, firstly make primary data conversion and then make secondary data conversion, finally repeat data conversion course until complete all specified data conversion courses and obtain processing result of circulating data encryption/decryption. And it solves the technical problems of data conversion in the background technique that number of circulating times is large and encrypting efficiency is low, simplifying the chip design, largely optimizing integrity of chip signal and being able to improve interference immunity of system and reduce system cost. | 12-31-2009 |

20090323929 | Computer-Readable Recording Medium Recording Program and Apparatus For Encryption/Decryption, Apparatus For Multiplication in Extension Field - There is provided a computer-readable recording medium recording a program for encryption/decryption, an apparatus for encryption/decryption, an apparatus for multiplication in an extension field, that enable to perform high speed multiplication processing, while allowing the selection of arbitrary key lengths. In multiplying two elements A={a | 12-31-2009 |

20110026705 | METHOD AND SYSTEM FOR PREVENTING COPY OF PLATFORM - A method and system for preventing copy of a platform are provided. A platform test apparatus includes a drive unit which drives a platform to cause the platform to move in a predetermined manner, at least one light source which emits light to the platform while the platform is driven so that the light is transmitted through a predetermined part of the platform, a sensor which senses the light transmitted through the platform, a calculation unit which calculates an absorption property of the platform based on a detected result of the sensor, a reading unit which reads absorption property information of the platform stored in an information storage unit of the platform, and a comparison unit which compares the absorption property calculated by the calculation unit with the absorption property information read by the reading unit to determine whether the platform is copied. | 02-03-2011 |

20090323927 | Mechanism for chained output feedback encryption - In one embodiment, a mechanism for chained output feedback encryption is disclosed. In one embodiment, a method includes generating a keystream at a block cipher encryption module with inputs of a key and the result of an exclusive-or (XOR) operation on two or more previous keystream outputs, and producing ciphertext by combining the generated keystream with plaintext. | 12-31-2009 |

20110033042 | Method for Generating a Temporally Threaded CMI Watermark - Disclosed is a method for generating a temporally threaded copyright management information watermark where fragile watermarks containing CMI are spread throughout a digital work temporally. In one embodiment of this invention, the copyright management information is divided into a multitude of copyright management information subparts; the copyright management subparts are applied to fragile sub-watermarks; and fragile watermarks are applied to temporally separated portions of the digital work. | 02-10-2011 |

20090316884 | DATA ENCRYPTION METHOD, ENCRYPTED DATA REPRODUCTION METHOD, ENCRYPTED DATA PRODUCTION DEVICE, ENCRYPTED DATA REPRODUCTION DEVICE, AND ENCRYPTED DATA STRUCTURE - An encrypted data production device ( | 12-24-2009 |

20130129080 | SYSTEM AND METHOD FOR AUTHENTICATING DATA WHILE MINIMIZING BANDWIDTH - Systems and methods for data authentication can comprise processing a first secret element to generate a first encrypted secret element, processing a second secret element to generate a non-secret element, and processing the first encrypted secret element and the non-secret element to generate an encrypted data block. | 05-23-2013 |

20110129084 | METHOD OF EXECUTING AN ALGORITHM FOR PROTECTING AN ELECTRONIC DEVICE BY AFFINE MASKING AND ASSOCIATED DEVICE - A method of executing an algorithm includes protecting an electronic device by affine masking. The electronic device executes operations on secret variables x, the secret variables x being binary vectors of a given size N other than zero. The method further includes replacing the secret variables x using an affine masking operation, by the following affine function: m(x)=R.x+r, where R is a random invertible binary matrix with N rows and N columns and r is a random binary vector of size N. | 06-02-2011 |

20100303229 | MODIFIED COUNTER MODE ENCRYPTION - A modified Counter Mode encryption technique encrypts data by receiving a seed value, generating a first value from an operation of the seed value and the plaintext; and encrypting the first value using a block encryption cipher to produce ciphertext. The operation may be an exclusive-or operation. The seed value may be a counter value based upon a position of the block of plaintext in a record of plaintext, where the length of the counter value is based upon the length of the block. The counter value may be generated by adding an initialization vector to a product of an index value and a multiplier value, where the multiplier value comprises a randomly-generated value, the index value is based upon the position of the block of plaintext in the record of plaintext, and the length of the initialization vector and the length of the multiplier value are based upon the length of the block. | 12-02-2010 |

20130136256 | BLOCK ENCRYPTION - Methods and systems for encrypting and decrypting data are described. In one embodiment, a computing system determines a first initialization vector (IV) from another IV and a sequence number of a block of information, and hashes the first IV to create a hash. The computing system then determines a first block from the first block of information and the first hash and enciphers the first block to generate a block of ciphertext. In another embodiment, the computing system deciphers the block of ciphertext to generate the first block, and determines the first IV from the other IV and a sequence number of a block of information. The computing system hashes the first IV to create a hash and determines a block of information corresponding to the first block of ciphertext from the first block and the hash. | 05-30-2013 |

20100310065 | SYSTEM AND APPARATUS FOR INTEGRATED VIDEO/IMAGE ENCODING/DECODING AND ENCRYPTION/DECRYPTION - An encryption-enabled entropy coder for a multimedia codec is disclosed. The entropy coder implements a randomized Huffman coding scheme without storing multiple sets of Huffman tables in a ROM. The entropy coder includes a ROM storing a single set of code tables, a table lookup section coupled to the ROM which converts symbols to original codewords and vice versa by performing table lookup, and a table randomizer section for converting original Huffman codewords to randomized Huffman codewords and vice versa using an isomorphic code generator algorithm. The table randomizer section performs the conversion based on a key hopping sequence generated by a pseudorandom bit generator using an encryption/decryption key. | 12-09-2010 |

20100310066 | APPARATUS AND A METHOD FOR CALCULATING A MULTIPLE OF A POINT AN ELLIPTIC CURVE - A device and a method for calculating a multiple of a point on an elliptic curve from the right to the left by repeated point doubling and point addition. Each point doubling is evaluated with an extended set of coordinates and each point addition is evaluated by taking as input a restricted set of the extended set of coordinates. The at least one coordinate of the extended set that is not part of the restricted set is stored in a memory between each iteration of the point doubling. This can enable speeding up the calculations as compared to prior art solutions. Also provided is a computer program product. | 12-09-2010 |

20110176672 | Method for Determining Functions Applied to Signals - Embodiments of the invention discloses a system and a method for determining a result of applying a function to signals including a first signal and a second signal, wherein the function is a polynomial function of the signals such that a monomial in the function includes the first signal having a power less than or equal to a first maximum power, and wherein the first signal is partitioned into a first subsignal and a second subsignal, comprising a processor for performing steps of the method, comprising the steps of acquiring a second signal and a second subsignal; acquiring a set of encrypted powers of the first subsignal, wherein the set of encrypted powers of the first subsignal includes homomorphically encrypted powers of the first subsignal; and determining an encrypted result of the function based on a second subsignal, the set of encrypted powers of the first subsignal, and the second signal. | 07-21-2011 |

20100322414 | TERNARY AND HIGHER MULTI-VALUE DIGITAL SCRAMBLERS/DESCRAMBLERS - Ternary (3-value) and higher, multi-value digital scramblers/descramblers in digital communications. The method and apparatus of the present invention includes the creation of ternary (3-value) and higher value truth tables that establish ternary and higher value scrambling functions which are its own descrambling functions. The invention directly codes by scrambling ternary and higher-value digital signals and directly decodes by descrambling with the same function. A disclosed application of the invention is the creation of composite ternary and higher-value scrambling devices and methods consisting of single scrambling devices or functions combined with ternary or higher value shift registers. Another disclosed application is the creation of ternary and higher-value spread spectrum digital signals. Another disclosed application is a composite ternary or higher value scrambling system, comprising an odd number of scrambling functions and the ability to be its own descrambler. | 12-23-2010 |

20100208883 | PROTECTION OF A MODULAR EXPONENTIATION CALCULATION PERFORMED BY AN INTEGRATED CIRCUIT - The invention concerns a method and a circuit for protecting a numerical quantity (d) contained in an integrated circuit ( | 08-19-2010 |

20100322411 | Encrypton Processor - An Encryption processor is disclosed comprising an S-box unit, a byte permutation unit, a MixColumns unit and a key expansion unit. In an embodiment the byte permutation unit comprises a data input terminal for receiving input data, two or more row processors, each row processor having an input coupled to the input terminal and an output, and a clock gating circuit for generating for each of the two or more row processors a gated clock signal. Furthermore, a clock gated key expansion unit is disclosed. By clock gating, the power consumption of the processor is reduced which extends the battery life time in battery powered devices. | 12-23-2010 |

20100329447 | ENCRYPTION APPARATUS, DECRYPTION APPARATUS, KEY GENERATION APPARATUS, AND PROGRAM - An encryption apparatus includes a plaintext embedding unit that embeds a message m as a coefficient of a three-variable plaintext polynomial m(x,y,t), an identification polynomial generating unit that generates a three-variable identification polynomial f(x,y,t), a polynomial generating unit that randomly generates three-variable polynomials r | 12-30-2010 |

20090067618 | Random number generator - Systems, methods, and other embodiments associated with random number generators are described. One system embodiment includes a random number generator logic that may produce an initial random number from a first set of three inputs. The system embodiment may receive the three inputs from sources including an internal counter entropy source (ICES), an internal arbitrary entropy source (IAES), and an external entropy source (EES). The system embodiment may generate a first random number from a first set of three inputs (e.g., value from ICES, value from IAES, value from EES) but may then generate subsequent random numbers from a different set of three inputs (e.g., value from ICES, value from IAES, previous random number). | 03-12-2009 |

20090067619 | Modular Multiplier - Modular multiplication of two elements X(t) and Y(t), over GF(2), where m is a field degree, may utilize field degree to determine, at least in part, the number of iterations. An extra shift operation may be employed when the number of iterations is reduced. Modular multiplication of two elements X(t) and Y(t), over GF(2), may include a shared reduction circuit utilized during multiplication and reduction. In addition, a modular multiplication of binary polynomials X(t) and Y(t), over GF(2), may utilize the Karatsuba algorithm, e.g., by recursively splitting up a multiplication into smaller operands determined according to the Karatsuba algorithm. | 03-12-2009 |

20090067620 | Cryptographic Hashing Device and Method - A device and a method of cryptographically hashing a message M, including the following steps: forming a sequence (M | 03-12-2009 |

20110243319 | Data Converter, Data Conversion Method, and Computer Program - A data conversion algorithm achieving efficient data diffusion is achieved. For example, in a configuration where a various processes are executed on two data segments which are resultants of dividing a rectangular matrix of data containing arranged one-byte data blocks into two parts to perform data conversion, efficient data scrambling with less operation cost is achieved by executing a linear conversion process on one of the data segments, an exclusive OR operation between the two data segments, a shift process on one of the data segments, and a swap process between the two data segments. Moreover, cryptographic processing with a high security level is achieved by including nonlinear conversion or key application operation on the data segments. | 10-06-2011 |

20110044450 | METHOD AND APPARATUS FOR PROCESSING F-FUNCTION IN SEED ENCRYPTION SYSTEM - An apparatus for processing an F-function in a SEED encryption system includes: an arithmetic operation masking conversion unit for converting a logical operation mask value obtained by performing a logical operation of a SEED F-function input value and a random mask value into an arithmetic operation mask value; and a masking G-function unit for taking the arithmetic operation mask value from the arithmetic operation masking conversion unit as an input and producing an arithmetic operation output. | 02-24-2011 |

20090141887 | METHOD AND APPARATUS FOR GENERIC MULTI-STAGE NESTED HASH PROCESSING - A generic multi-stage nested hash unit that provides support for generic, multi-stage nested hashes accelerates a wide range of security algorithms and protocols. The supported security algorithms and protocols include SSL v3 MAC, TLS PRF, and SSL v3 Key Material Generation. The hash unit allows the same code to be used to generate the MAC even when the MAC algorithms are different, for example, for SSL and TLS protocols. | 06-04-2009 |

20110026706 | CRYPTOGRAPHIC PROCESSING APPARATUS, CRYPTOGRAPHIC PROCESSING METHOD, AND COMPUTER PROGRAM THEREFOR - The invention realizes a high-security cryptographic processing apparatus that increases difficulty in analyzing its key and a method therefor. In Feistel-type common-key-block cryptographic processing that repeatedly executes an SPN-type F-function having the nonlinear conversion section and the linear conversion section over a plurality of rounds, Linear conversion processing of an F-function corresponding to each of the plurality of rounds is carried out by linear conversion processing that applies square MDS (Maximum Distance Separable) matrices. The invention uses a setting that arbitrary m column vectors included in inverse matrices of square MDS matrices being set up at least in consecutive even-numbered rounds and in consecutive odd-numbered rounds, respectively, constitute a square MDS matrix. This structure realizes cryptographic processing whereby resistance to linear cryptanalysis attacks in the common-key-block cipher is improved. | 02-03-2011 |

20090034715 | Systems and methods for encrypting data - Data encryption techniques are presented. According to an embodiment of a method, a cryptographic hash of unencrypted data for data block X−1 is generated, and a hash of an encryption key is generated. An initialization vector for data block X is generated using the cryptographic hash and the hash of the encryption key. Data block X−1 and data block X are logically contiguous and data block X−1 logically precedes data block X. Encryption data for data block X is generated from unencrypted data for data block X using the initialization vector. | 02-05-2009 |

20100172493 | METHOD AND DEVICE FOR PROCESSING DATA - The embodiments provides a method for processing data. According to the invention, an elliptic curve with an order m which corresponds to a product of a first cofactor c and a prime number q is provided, wherein the order (q−1) of the multiplicative group of the prime number q corresponds to a product of a second cofactor I and at least two prime divisors s | 07-08-2010 |

20100172494 | ENCRYPTING A PLAINTEXT MESSAGE WITH AUTHENTICAION - An encryption and authentication technique that achieves enhanced integrity verification through assured error-propagation using a multistage sequence of pseudorandom permutations. The present invention generates intermediate data-dependent cryptographic variables at each stage, which are systematically combined into feedback loops. The encryption technique also generates an authentication tag without any further steps that is N times longer than the block size where N is the number of pseudorandom permutations used in the encipherment of each block. The authentication tag provides a unique mapping to the plaintext for any number of plaintext blocks that is less than or equal to N. In addition to being a stand alone encryption algorithm, the disclosed technique is applicable to any mode that uses pseudorandom permutations such as, key dependent lookup tables, S-Boxes, and block ciphers such as RC5, TEA, and AES. | 07-08-2010 |

20110116623 | GENERATING GENUS 2 CURVES FROM INVARIANTS - One or more techniques and/or systems are disclosed for generating a genus 2 curve for use in cryptography. One or more invariant values used to generate the genus 2 curve are determined by evaluating one or more invariant functions on a Hilbert modular surface. The genus 2 curve is generated using the one or more invariant values to determine an equation describing the genus 2 curve. A group is generated from the genus 2 curve, and the group may be used for a cryptographic application. | 05-19-2011 |

20110116624 | SYSTEM AND METHOD FOR DATA OBFUSCATION BASED ON DISCRETE LOGARITHM PROPERTIES - Disclosed herein are systems, computer-implemented methods, and computer-readable storage media for obfuscating data based on a discrete logarithm. A system practicing the method identifies a clear value in source code, replaces the clear value in the source code with a transformed value based on the clear value and a discrete logarithm, and updates portions of the source code that refer to the clear value such that interactions with the transformed value provide a same result as interactions with the clear value. This discrete logarithm approach can be implemented in three variations. The first variation obfuscates some or all of the clear values in loops. The second variation obfuscates data in a process. The third variation obfuscates data pointers, including tables and arrays. The third variation also preserves the ability to use pointer arithmetic. | 05-19-2011 |

20110116626 | METHOD FOR PROCESSING DATA IN VARIOUS ENCODED DOMAINS - A method for processing data in various encoded domains, wherein the encoded domains exchange data by emulating the encodings or decodings, respectively, of other domains. | 05-19-2011 |

20110116625 | CRYPTOGRAPHIC SYSTEM - A cryptographic system comprises a white-box implementation of a function; an implementation of a cryptographic algorithm; and an implementation of a combining operation for establishing cryptographically processed data in dependence on an outcome of the function and in dependence on an outcome of the cryptographic algorithm. The combining operation comprises combining an outcome of the cryptographic algorithm with an outcome of the function. Alternatively, the combining operation comprises combining an outcome of the function with a received data element to obtain a combination outcome and applying the cryptographic algorithm to the combination outcome. | 05-19-2011 |

20120243679 | VERIFICATION DEVICE, SECRET INFORMATION RESTORATION DEVICE, VERIFICATION METHOD, PROGRAM, AND SECRET SHARING SYSTEM - A verification device, upon the input of any k items of shared information among n items of shared information and “t”: generates as subsets all combinations that select r items of shared information among the k items of shared information received as input where r satisfies r≧t+2; for each of the subsets, uses the cheater-identification information belonging to the subset to judge whether dishonest shared information is included in the subset; and based on the judgment results, generates and supplies as output a cheater set indicating dishonest shared information among the k items of shared information. | 09-27-2012 |

20110211689 | SYSTEM AND METHOD FOR VARIABLE LENGTH ENCRYPTION - Systems and methods for performing a secure transaction provided. In one embodiment, the method for encrypting data is provided, comprising: selecting clear text data; selecting a symbol set corresponding to the clear text data; encrypting the clear text data using a key, the encrypting comprising the operations of: defining a first portion and a second portion of the clear text data, encrypting the second portion using the key to generate an encryption mask, and encrypting the clear text data by applying the encryption mask to the first portion using a modulus operation while preserving the second portion as unencrypted, thereby resulting in encrypted data comprising an encrypted first portion and an unencrypted second portion; and wherein the encrypted data has the same format as the clear text data, has the same length as the clear text data, and uses the symbol set of the clear text data. | 09-01-2011 |

20090214025 | Method for Scalar Multiplication in Elliptic Curve Groups Over Prime Fields for Side-Channel Attack Resistant Cryptosystems - A method and device for transforming data with a secret parameter in an elliptic curve cryptosystem based on an elliptic curve defined over an underlying prime field, includes multiplying a point of the elliptic curve; representing the data to be transformed, by a scalar representing the secret parameter, wherein the multiplying includes performing at least one point addition operation and at least one point doubling operation on points of the elliptic curve; providing a representation in affine coordinates of the elliptic curve point to be multiplied and a representation in projective coordinates of intermediate elliptic curve points obtained during the multiplying; performing both the point addition operation and the point doubling operation by means of a sequence of elementary prime field operation types, the elementary prime field operation types including: a first type of prime field operations including field multiplication and field squaring of coordinates of the elliptic curve points and a second type of prime field operations including field addition, field doubling, and field subtraction of coordinates of the elliptic curve points. | 08-27-2009 |

20110211688 | DATA CONVERTER, DATA CONVERSION METHOD AND PROGRAM - A construction with an improved compression-function execution section is achieved. A data conversion process with use of a plurality of compression-function execution sections and through a plurality of process sequences in which divided data blocks constituting message data are processed in parallel is executed. Each of the plurality of compression-function execution sections performs a process with use of a message scheduling section which receives a corresponding divided data block of the message data to perform a message scheduling process, and a process with use of a chaining variable processing section which receives both of an output from the message scheduling section and an intermediate value as an output from a preceding processing section to generate output data whose number of bits is same as that of the intermediate value through compression of received data. The plurality of compression-function execution sections, respectively performing parallel processing commonly use one or both of the message scheduling section and the chaining variable processing section, and allow a single message scheduling section or a single chaining variable processing section to be utilized. Downsizing of a hardware configuration and simplification of processing steps are achieved by such a construction. | 09-01-2011 |

20090323928 | ITEM TRACING WITH SUPPLY CHAIN SECRECY USING RFID TAGS AND AN IDENTITY-BASED ENCRYPTION SCHEME - A method for tracing an item may include encrypting item information using an identity-based encryption scheme with a batch number for an item as an encryption key and communicating the encrypted item information for storage on a radio frequency identification (RFID) tag for attachment to the item. | 12-31-2009 |

20110085657 | Data Encryption to Provide Data Security and Memory Cell Bit Wear Leveling - Method and apparatus for encrypting and storing data to provide data security and memory cell bit wear leveling. In accordance with various embodiments, input data are provided for writing to a target page of memory in a storage array. A seed value is derived from a count value indicative of a number of times a write access has occurred on the target page of memory. A block encryption routine is applied to the input data using the seed value to generate encrypted output data that are thereafter written to the target page. | 04-14-2011 |

20100014659 | CRYPTOGRAPHIC PROCESSING APPARATUS AND CRYPTOGRAPHIC PROCESSING METHOD, AND COMPUTER PROGRAM - In extended Feistel type common key block cipher processing, a configuration is realized in which an encryption function and a decryption function are commonly used. In a cryptographic processing configuration to which an extended Feistel structure in which the number of data lines d is set to an integer satisfying d≧3 is applied, involution properties, that is, the application of a common function to encryption processing and decryption processing, can be achieved. With a configuration in which round keys are permuted or F-functions are permuted in the decryption processing, processing using a common function can be performed by setting swap functions for the encryption processing and the decryption processing to have the same processing style. | 01-21-2010 |

20100040225 | Fast Scalar Multiplication for Elliptic Curve Cryptosystems over Prime Fields - Fast scalar multiplication operations are disclosed for use in an elliptic curve cryptographic system The operations use binary representations of a secret key and points on an elliptic curve defined over a prime field expressed in a coordinate system (e.g., Jacobian coordinates). The operations can be based on a modified Montgomery ladder that uses modified Meloni addition formulas. The operations can be more efficient than a double-and-add operation, and can be more resistant to side-channel attacks by hackers. | 02-18-2010 |

20090147946 | APPARATUS FOR COMPUTING STREAMCIPHER TSC-4 - Provided is an apparatus for computing a T-function based Stream Cipher (TSC)-4 stream cipher. The apparatus includes: two T-function units; and a nonlinear filter for receiving bits output from the two T-function units and generating an 8-bit output sequence per clock. Each of the T-function units includes: a first register for storing an internal state value of the lower N bits; an N-bit internal state updater for updating the internal state value of the lower N-bits stored in the first register; an intermediate result register for storing an intermediate result value output from the N-bit internal state updater; a second register for storing an internal state value of the upper M bits; and an M-bit internal state updater for updating the internal state value of the upper M bits stored in the second register using the value stored in the intermediate result register. | 06-11-2009 |

20100183144 | Cipher processing apparatus - A cipher processing apparatus for arithmetic operations of an FO function and an FL function comprising: an FL function operating unit for generating a 2N-bit output based on a first extension key; a partial function operating unit for generating an N-bit output based on second and third extension keys; an N-bit intermediate register for storing an output of the partial operating unit; a 2N-bit first data register for storing data based on the output of the FL function operating unit; and a controller for making the partial function operating unit perform six cycles, inputting an output of the intermediate register to the FL function operating unit, and storing the data based on the output of the FL function operating unit in the first data register, in a first case in which the FL function uses a result of an arithmetic operation of the FO function. | 07-22-2010 |

20090323931 | Data Processing Hash Algorithm and Policy Management - Methods and associated systems for processing data are disclosed. A hashing function sequentially processes a hash key to generate a hash value. A policy management system processes packets according to defined policies. | 12-31-2009 |

20090214024 | Block cipher using multiplication over a finite field of even characteristic - An input block of data and a key that includes multiple sub-keys are received by a block cipher. A nonlinear substitution is performed on at least a portion of the data, wherein the nonlinear substitution is achieved by multiplying the portion of the data by one of the sub-keys over a finite field of even characteristic, modulo a fixed primitive polynomial. An output block of ciphertext is then generated. | 08-27-2009 |

20090034714 | Systems and methods for identity-based encryption and related cryptographic techniques - A method and system for encrypting a first piece of information M to be sent by a sender [ | 02-05-2009 |

20100054457 | SHARING A SECRET USING HYPERPLANES OVER GF(q) - A method and system distributes N shares of a secret among cooperating entities using hyperplanes over GF(q), such that the secret can be reconstructed from K of the N shares (where K≦N). In one embodiment, the method constructs a K-tuple that contains the secret and elements of GF(q), where q is a power m of an odd prime p. The method further multiplies the K-tuple by a matrix of size (N×K) to produce an N-tuple using arithmetic defined on GF(q). Thus, N shares of the secret are generated, with each of the N shares including a component of the N-tuple. | 03-04-2010 |

20100054460 | PROTECTION OF A CIPHERING ALGORITHM - A method for protecting the execution of a ciphering or deciphering algorithm against the introduction of a disturbance in a step implementing one or several first values obtained from second values supposed to be invariant and stored in a non-volatile memory in which, during an execution of the algorithm: a current signature of the first values is calculated; this current signature is combined with a reference signature previously stored in a non-volatile memory; and the result of this combination is taken into account at least in the step of the algorithm implementing said first values. | 03-04-2010 |

20100067686 | SHARED KEY BLOCK CIPHER APPARATUS, ITS METHOD, ITS PROGRAM AND RECORDING MEDIUM - There is provided a shared key block cipher apparatus, its method, its program, and a recording medium in which a block cipher having a large block size is constructed by combining highly secure cipher processing with high-speed cipher processing. In a block cipher having a large block size, a plain text is permutated using a universal hash function, one block of the result is ciphered by a block cipher having high safety, and an output obtained from a pseudo random number generator by inputting thereto a sum of the input and the output of the block cipher is added to a remaining block. Finally, a permutation using a universal hash function is applied. | 03-18-2010 |

20110176673 | Encrypting apparatus - An encrypting apparatus includes a digest part using a SHA-2 algorithm of which a basic unit of operation is 32*Y (Y=1 or 2) bits. The digest part includes a shift register including a series of registers, and a predetermined number of adders performing an addition operation based on data stored in the shift register. The shift register includes a (32*Y)/X-bit register, where X=2 | 07-21-2011 |

20090028325 | CIRCUIT ARRANGEMENT FOR AND METHOD OF PERFORMING AN INVERSION OPERATION IN A CRYPTOGRAPHIC CALCULATION - In order to further develop a circuit arrangement for as well as a method of performing an inversion operation in a cryptographic calculation, wherein only inversion modulo an odd number is allowed, it is proposed that the inversion operation is performed modulo at least one even number. | 01-29-2009 |

20110249813 | METHOD FOR EMBEDDING SECRET MESSAGE INTO PNG IMAGE - A method for embedding a secret message into a PNG image comprises steps: converting a secret message into a plurality of secret codes; converting the secret codes into a plurality of secret shares; using a mapping process to modify values of the secret shares to approach a full-transparent value of an alpha channel of a PNG image, and sequentially embedding the mapped secret shares into the alpha channel. As the secret shares with high-transparent values, they leave the RGB channels untouched. Thus, embedding the secret shares into the PNG image does not make difference in the appearances between the secret-carrying image and the original PNG image. Therefore, the present invention can transmit secret message securely and realize covert communication. | 10-13-2011 |

20110075837 | CRYPTOGRAPHIC APPARATUS AND METHOD - This cryptographic apparatus executes calculations according to an FI function including a first non-linear function S | 03-31-2011 |

20110075836 | METHOD AND APPARATUS FOR ELLIPTIC CURVE CRYPTOGRAPHIC PROCESSING - An apparatus includes a data storage to store a window table storing a table value with an index value mapped to the table value, the index value having same number of bits as a window width, the table value being a sum of a basic table value and a non-zero table correction value, the basic table value being obtained by multiplying a point G on an elliptic curve. An arithmetic processor generates the index value by reading from a scalar value at a bit position assigned to each bit of the window with the window being shifted, reads the table value from the window table according to the index value, and performs a doubling operation and an addition operation using the read table value. A corrector performs a correction on arithmetic results with a specific correction value responsive to the table correction value. | 03-31-2011 |

20110019815 | METHOD OF AUTHENTICATION USING A DECODING OF AN ERROR CORRECTING CODE ON THE BASIS OF A PUBLIC MATRIX - The invention relates to a cryptographic method of authentication using a decoding of an error correcting code on the basis of a public matrix, in which the public matrix is a quasi-cyclic matrix. The invention pertains also to a cryptographic device comprising computation means arranged so as to implement this method. The invention makes it possible to reduce the amount of public data to be stored in a cryptographic authentication method using a decoding of an error correcting code on the basis of a public matrix. | 01-27-2011 |

20100322412 | METHOD AND PROCESSING CIRCUIT FOR DEALING WITH GALOIS FIELD COMPUTATION - A method for dealing with Galois Field computation includes: providing an operating circuit which has at least a multiplicative inverse unit; and using the multiplicative inverse unit to execute at least a plurality of isomorphism maps for deriving a multiplicative inverse at a specific Galois Field corresponding to an input data, wherein the plurality of isomorphism maps include at least a change of basis. | 12-23-2010 |

20100260333 | PAIRING COMPUTATION DEVICE, PAIRING COMPUTATION METHOD AND RECORDING MEDIUM RECORDING PAIRING COMPUTATION PROGRAM - There is provided a pairing computation device, a pairing computation method and a recording medium recording a pairing computation program all enabling a pairing computation at high speed. In the case where the Ate pairing e(Q,P) is defined as in equation (1) and k is any one of even, a multiple of 3, a multiple of 4, and a multiple of 6, arithmetic operations of a rational function which is required to derive the Miller function f | 10-14-2010 |

20110249814 | DEVICE AND A METHOD FOR PERFORMING A CRYPTOGRAPHIC FUNCTION - The present invention provides a method and an apparatus for encrypting and decrypting digital information while imparting a high level of security on the encrypted digital information. A mixed-mode digital-analogue encryption and decryption technique is proposed, which minimises the probability of an unintended recipient of the thus encrypted information being able to decrypt the information using known reverse engineering techniques. | 10-13-2011 |

20100061547 | METHOD OF AND APPARATUS FOR THE REDUCTION OF A POLYNOMIAL IN A BINARY FINITE FIELD, IN PARTICULAR IN THE CONTEXT OF A CRYPTOGRAPHIC APPLICATION - A method of reducing a first data word corresponding to a polynomial C(x) and having a length of a maximum of 2n−1 to a second data word of a length of a maximum m which in a binary finite field GF(2 | 03-11-2010 |

20100054458 | SHARING A SECRET VIA LINEAR INTERPOLATION - A method and system distributes shares of a secret among cooperating entities using linear interpolation. In one embodiment, a linear equation is formed using the secret and random elements. The linear equation represents a K-dimensional secret hyperplane, where K is the number of shares to reconstruct the secret. Shares of the secrets are created, with each share containing a point on the secret hyperplane. The shares are then distributed to cooperating entities for secret sharing. | 03-04-2010 |

20090003588 | Counter Sealing Archives of Electronic Seals - The description generally provides for systems and methods for a mobile communication network. Archives of seals can be sealed to protect the integrity of the seals and facilitate validation in the event a sealing party's sealed registration document is revoked. A document can be sealed multiple times to nest seals within other seals. Specific evidentiary metadata can be included by the sealing party. A main document including or associated with other documents can be sealed as a collection of documents. The seal of the main document can include external references to the files included in the main document to verify the external files were not changed or altered. | 01-01-2009 |

20090022310 | CRYPTOGRAPHIC DEVICE AND METHOD FOR GENERATING PSEUDO-RANDOM NUMBERS - A cryptographic device and a cryptographic method of generating pseudo-random numbers. Initial data is divided into a plurality of words on b bits defined in a finite body GF(2 | 01-22-2009 |

20090022309 | METHOD OF PROVIDING TEXT REPRESENTATION OF A CRYPTOGRAPHIC VALUE - A method of representing crytographic values in text form is described. The text representation is formed from words selected from a vocabulary, which may include a collection of pseudowords. The text representations can be further transformed to a paragraph in an apparently grammatically correct form. | 01-22-2009 |

20090022308 | Primitives For Fast Secure Hash Functions And Stream Ciphers - Techniques are disclosed to enable efficient implementation of secure hash functions and/or stream ciphers. More specifically, a family of graphs is described that has relatively large girth, large claw, and/or rapid mixing properties. The graphs are suitable for construction of cryptographic primitives such as collision resistant hash functions and stream ciphers, which allow efficient software implementation. | 01-22-2009 |

20090285386 | Apparatus for Generating Elliptic Curve Cryptographic Parameter, Apparatus for Processing Elliptic Curve Cryptograph, Program for Generating Elliptic Curve Cryptographic Parameter, and Program for Processing Elliptic Cryptograph - A prime number generation unit | 11-19-2009 |

20120201374 | SYSTEMS AND METHODS FOR IMPLEMENTING BLOCK CIPHER ALGORITHMS ON ATTACKER-CONTROLLED SYSTEMS - Systems and methods for an implementation of block cipher algorithms (e.g., AES) use lookup tables to obscure key information, increasing difficulty of reverse engineering efforts. The implementation encodes round key information into a first plurality of tables (T1), which when used for lookup operations also complete SubBytes operations, and output state in an encoded format. A Shiftrows operation is performed arithmetically on the output state. A second plurality of tables (T2) are used to perform a polynomial multiplication portion of MixColumns operation, and an XOR portion of MixColumns is performed arithmetically on the columns. Encoding from the T1 tables is made to match a decoding built into the T2 tables. Subsets of the T1 tables use the same T2 tables, reducing a memory footprint for the T2 tables. Multiple AES keys can be embedded in different sets of T1 tables that encode for the same set of T2 tables. | 08-09-2012 |

20120201373 | Design of a Good General-Purpose Hash Function with Limited Resources - An apparatus comprising a plurality of stages that are coupled in series and configured to implement a hash function, wherein the stages comprise a plurality of XOR arrays and one or more Substitution-Boxes (S-Boxes) that comprise a plurality of parallel gates. Also disclosed is an apparatus comprising a plurality of XOR gates that are coupled in parallel, a plurality of input bits coupled to the XOR gates, and a plurality of output bits coupled to the XOR gates, wherein the XOR gates are configured to implement a linear mixing function of the input bits into the output bits as a stage of a non-cryptographic hash function. | 08-09-2012 |

20080285743 | Data Encryption Device and Data Encryption Method - A data encryption device that is capable of stopping power analysis attacks and reducing instances of speed drops and memory amount increases in encryption processing more effectively than in the past; the data encryption device performs a predetermined encryption, based on a key, on a plain text, and includes a random number generation unit ( | 11-20-2008 |

20100014655 | Method and apparatus for generating cryptographic key using biometric data - A method of securely storing and authenticating biometric data against attacks of a third party includes encoding input biometric data, and applying a one-way function to the encoded biometric data. A first exclusive OR operation is performed to the result of the one-way function and a selected secret key. The result of the first exclusive OR operation is encoded, and a second exclusive OR operation is performed to the encoded result of the first exclusive OR operation and the encoded biometric data. The result of the second exclusive OR operation is stored. In the same manner, the biometric data is authenticated. Accordingly, the biometric data can be securely stored against the attacks of a third party by processing and storing the biometric data according to a predetermined procedure. | 01-21-2010 |

20090003591 | Quantum Cryptographic Communication Method | 01-01-2009 |

20110255687 | DATA TRANSFORMATION SYSTEM USING CYCLIC GROUPS - An asymmetric (dual key) data obfuscation process, based on the well known ElGamal cryptosystem algorithm, and which uses multiplicative cyclic groups to transform (obfuscate) digital data for security purposes. In the present system the data need not be a member of the cyclic group, unlike in the ElGamal cryptosystem algorithm. Also, any one of several additional mathematical data transformations are further applied to the transformed data, thereby enhancing security of the transformed data. | 10-20-2011 |

20100284533 | METHOD AND DEVICE FOR GENERATING PSEUDORANDOM NUMBER, AND METHOD AND DEVICE FOR ENCRYPTION USING PSEUDORANDOM NUMBER - Provided are a method and apparatus for generating a pseudo-random number which is unpredictable and which has a small memory work area, and also a method and apparatus for encrypting data, for each predetermined amount, based on the generated pseudo-random number. A seed is divided into a predetermined number of blocks, new blocks are created by calculating an exclusive-OR of the blocks being different from each other, and the new blocks are merged to generate a new pseudo-random number. The data is encrypted for each determined amount based on the generated pseudo-random number. At this time, a pseudo-random number to be used for the succeeding encryption is generated by using as a seed a predetermined amount of random number of the pseudo-random number used for the preceding encryption of the predetermined amount of data. | 11-11-2010 |

20080253557 | Method and Device for Carrying Out a Cryptographic Calculation - A cryptographic calculation is carried out in an electronic component according to a specific cryptographic algorithm including at least one specified non-linear operation on blocks of data of k bits, k being a whole number of more than 2. Several blocks of masked intermediate data of j bits (b?m1,c?m2, ??n) are generated from an initial block of data of k bits (a), j being a whole number that is smaller than k. Then a non-linear operation S is applied to at least one of the masked intermediate data blocks of j bits (??n) with the aid of a substitution table ( | 10-16-2008 |

20080253558 | Polynomial-Based Key Distribution System and Method - The present invention relates to a system ( | 10-16-2008 |

20080253559 | Data Security Method, System and Storage Medium for Preventing a Desktop Search Tool from Exposing Encrypted Data - In a data security method for preventing a desktop search tool from exposing encrypted data, when a virtual secure disk receives a control instruction, it is first determined if the control instruction came from the desktop search tool. If not, tasks are performed on the virtual secure disk according to the control instruction. On the other hand, if yes, processing is ended to prevent the desktop search tool from indexing the virtual secure disk, thereby achieving the effects of ensuring data security and privacy. | 10-16-2008 |

20080205636 | METHOD AND APPARATUS FOR ENCODING AND DECODING DATA - A method and apparatus for turbo encoding with a contention-free interleaver is provided herein. During operation an input block of size K′ is received. The original input block and the interleaved input block are encoded to obtain a codeword block, wherein the original input block is interleaved using an interleaver of size K′ and a permutation π(i)=(f | 08-28-2008 |

20080205634 | METHOD, MODULE AND SYSTEM FOR PROVIDING CIPHER DATA - A method of providing cipher data during a period of time when output of a primary source of cipher data is unavailable is disclosed. The method comprises switching from a primary source of cipher data to an alternate source of cipher data at a beginning of the period of time; using the cipher data from the alternate source during the period of time; and switching back to the primary source at an end of the period of time. | 08-28-2008 |

20080205635 | APPARATUS, SYSTEM, AND METHOD FOR SELF-DESCRIBING HETEROGENEOUS MAGNETIC TAPE FORMATTING - An apparatus, system, and method are disclosed for self-describing, heterogeneous magnetic tape formatting. A detection module determines if data is to be encrypted when written to a magnetic tape in response to a host command and if the data is already encrypted. An encryption module encrypts the data if the data is to be encrypted and if the data is not already encrypted. A write module writes a reserved codeword followed by the data to the magnetic tape wherein the reserved codeword is configured as an encryption reserved codeword if the data is encrypted. If the data is not encrypted, the reserved codeword is configured as a clear reserved codeword. The encrypted and unencrypted data segments are intermixed on the magnetic tape. | 08-28-2008 |

20110164745 | Secure Compressive Sampling Using Codebook of Sampling Matrices - In one aspect, a compressive sampling encoder comprises matrix determination circuitry configured to determine a particular sampling matrix selected from a codebook comprising a plurality of sampling matrices. The compressive sampling encoder further comprises sampling circuitry coupled to the matrix determination circuitry and configured to apply the particular sampling matrix to a first signal to generate a second signal, and encryption circuitry configured to receive an identifier of the particular sampling matrix and to encrypt the identifier of the particular sampling matrix. The compressive sampling encoder provides at one or more outputs thereof the second signal and the encrypted identifier of the particular sampling matrix. Other aspects include a compressive sampling decoder, compressive sampling encoding and decoding methods, and associated computer program products. | 07-07-2011 |

20110033043 | TABLE MASKING FOR RESISTANCE TO POWER ANALYSIS ATTACKS - Tables are defined to permit output masking for table look-ups to be carried out to resist power analysis attacks on cryptographic operations. A set of individually defined random values is used to mask each entry in a substitution table, defining a masked substitution table. A mask table is also defined such that the values of each entry, masked with the corresponding random value, is the value of a fixed mask. The masked substitution tables and the mask tables may be used in cryptographic operations to permit the output of table look-ups to be masked, without directly using the fixed mask value in the computations of the cryptographic operations. | 02-10-2011 |

20100284532 | SYSTEMS FOR EMBEDDING INFORMATION IN DATA STRINGS - A data processing system is provided that includes applications, databases, encryption engines, and decryption engines. Encryption and decryption engines may be used to perform format-preserving encryption on data strings stored in a database. Applications may be used to embed information in data strings. Information may be embedded by using a character set that is larger than a character set being used by a data string. A data string may be converted into a larger character set, analogous to converting a number from a lower base to higher base. Such a conversion may shorten a data string, allowing information to be embedded as appended characters. | 11-11-2010 |

20100329449 | ADJUSTMENT-VALUE-ATTACHED BLOCK CIPHER APPARATUS, CIPHER GENERATION METHOD AND RECORDING MEDIUM - There is provided an adjustment-value-attached block cipher apparatus realizing block cipher processing that the amount of processing is small in adjustment-value-attached block cipher. The adjustment-value-attached block cipher apparatus includes: an encryption section performing encryption by a block cipher system; an input section accepting plaintext, an adjustment value and instruction information indicating first or second cipher processing; and a generator dividing the adjustment value into first and second adjustment values, encrypting the first adjustment value using the encryption section to generate cipher for offset, determining an offset value according to the cipher for offset and the second adjustment value, determining the sum of the offset value and the plaintext, and encrypting the sum using the encryption section to generate first ciphertext when the instruction information indicates the first cipher processing, and encrypting the plaintext using the encryption section to generate second ciphertext when the instruction information indicates the second cipher processing. | 12-30-2010 |

20100329448 | Method for Secure Evaluation of a Function Applied to Encrypted Signals - Embodiments of the invention describe a system and a method for determining securely a result of applying a function to a first encrypted signal and a second encrypted signal resulted from encrypting a first signal and a second signal respectively, The method expresses the function as a linear combination of homomorphic components, wherein a homomorphic component is an algebraic combination of the first signals and the second signal such that an encrypted result of the algebraic combination is suitable to be calculated directly from the first encrypted signal and the second encrypted signal using homomorphic properties. Next, the method determines encrypted results of the homomorphic components from the first encrypted signal and the second encrypted signal, and combines the encrypted results of the homomorphic components according to the linear combination to produce the encrypted result of the function. The method is executed by a plurality of processors. | 12-30-2010 |

20100329446 | LOGIC CIRCUIT AND METHOD FOR CALCULATING AN ENCRYPTED RESULT OPERAND - A logic circuit for calculating an encrypted dual-rail result operand from encrypted dual-rail input operands according to a combination rule includes inputs for receiving the input operands and an output for outputting the encrypted result operand. Each operand may comprise a first logic state or a second logic state. The logic circuit comprises a first logic stage connected between the inputs and an intermediate node and a second logic stage connected between the intermediate node and the output. The logic stages are formed to calculate the first or second logic state of the encrypted result operand from the input operands according to the combination rule and to maintain or change exactly once the logic state of the encrypted result operand, independently of an order of arrival of the encrypted input operands, depending on the combination rule, in order to impress the calculated first logic state or second logic state on the output. | 12-30-2010 |

20110261954 | Diffusion Oriented Method and Apparatus for Stream Cryptography - The present invention applies with a diffused mechanism, as such, a variable series of diffusion functions embedded within a diffusion-medium, to generate a maximum diffusion-cycle and nonlinear complexity; additionally, it performs in a serial process for simple design, further, in a parallel process for saving time, or even in a hardware architecture, to gain greater acceleration. FIG. | 10-27-2011 |

20110069834 | Method and system for a symmetric block cipher using a plurality of symmetric algorithms - A method and system for hybrid encryption wherein all of the round function variables including the encryption algorithm change for each round. This permits the generation of block sizes and key sizes of any length and use standard block sizes and key sizes for the respective symmetric algorithm for each round function. | 03-24-2011 |

20080219435 | Information transmitting apparatus, information transmitting method, and computer product - An information transmitting apparatus encrypts and transmits transmit data that includes contents for which transmission instruction has been received, an authentication code, and padding. The information transmitting apparatus includes a padding calculating unit that calculates a size of the padding based on an encrypting algorithm, a size of the authentication code and a size of the contents; a transmit-data size calculating unit that calculates a size of the transmit data from the size of the padding, the size of the authentication code, and the size of the contents; a generating unit that generates, using the size of the transmit data, a header that indicates a type of the transmit data and the size of the transmit data; an encrypting unit that encrypts the transmit data; and a transmitting unit that transmits the header and the encrypted transmit data. | 09-11-2008 |

20110019816 | ELECTRONIC DOCUMENT PROCESSING SYSTEM - An electronic document processing system | 01-27-2011 |

20110019814 | VARIABLE SIZED HASH OUTPUT GENERATION USING A SINGLE HASH AND MIXING FUNCTION - A system and circuit for generating a variable sized hash output using a single hash and mixing function are disclosed. In one embodiment, a system for generating a variable sized hash output data includes a hash function module for generating an N bit hash result data by processing an M bit input data. The system also includes a mixing function module including a plurality of logic gates which implement a set of reversible arithmetic functions for generating an N bit hash output data by processing the N bit hash result data using the set of reversible arithmetic functions, where a subset of the N bit hash output data is used as the variable sized hash output data, and a size of the subset of the N bit hash output data is less than N bits. | 01-27-2011 |

20110096923 | Block cipher - The method provided is for the encryption of data block by block, but unlike conventional methods like DES or AES, with a variable and substantially greater block length. The enciphering operations depend not only on the key, but also on the length of the plaintext blocks. The method meets the Strict Avalanche Criterion much better than conventional ciphers and blocks do not need to be padded. The method that additionally partitions outsized blocks executes the following steps: | 04-28-2011 |

20100215174 | RELIABLE ELLIPTIC CURVE CRYPTOGRAPHY COMPUTATION - A method for reliable computation of point additions and point multiplications in an elliptic curve cryptography (ECC) system. Two asymmetric operations are performed: one of the operations is of slightly higher complexity than a conventional ECC operation, and the other operation is of much lower complexity than the first operation. The complexity of the second operation is a function of the desired degree of reliability, or the desired probability of failure detection. The method validates a computation involving one or more points on a specified elliptic curve by selecting a second elliptic curve, deriving a third elliptic curve from the specified and selected curves, projecting points onto the derived curve, performing a computation on the derived curve involving the projected points, validating the computation on the selected curve, extracting from the computation on the derived curve a predicted result of the computation on the selected curve, and comparing the predicted result to the computation on the selected curve. A predicted result of the computation to be validated may then be extracted from the computation on the derived curve. The predicted result is compared to an actual result of a computation on the selected curve, and if the results match, the predicted result of the computation performed on the selected curve is validated. | 08-26-2010 |

20100215172 | SHARING A SECRET WITH MODULAR INVERSES - A method and system distributes N shares of a secret among cooperating entities by calculating the multiplicative inverses of the secret. In one embodiment, a distributor selects N distinct prime numbers and forms unique subsets of the prime numbers, with each subset containing K of the N prime numbers (N>=K), where K is a threshold number of shares necessary to reconstruct the secret. The distributor calculates a product of the prime numbers in each subset, and, for each subset, calculates the multiplicative inverse of the secret modulo the product. A total of N shares are generated, with each share containing the multiplicative inverses and one of the prime numbers. The N shares are distributed to the cooperating entities for secret sharing. | 08-26-2010 |

20100215173 | DATA SECURITY | 08-26-2010 |

20100166174 | Hash functions using elliptic curve cryptography - The hash functions using elliptic curve cryptography are hash functions that are produced using both an elliptic curve and a twist of the elliptic curve. Hash points are assigned values that either correspond to points on the elliptic curve or to points on the twist, depending upon whether the scalar value of the corresponding message block produces a quadratic residue or a quadratic non-residue when substituted as the x-value into the elliptic curve equation. The corresponding hash point x-coordinates are concatenated to form the hash bit string. The hash points may be doubled, and the hash functions may be applied to multimedia data by applying a media compression method to the message data before computing the hash points. | 07-01-2010 |

20100166175 | Cryptographic hash functions using elliptic polynomial cryptography - The cryptographic hash functions using of elliptic polynomial polynomials are based on the elliptic polynomial discrete logarithm problem, which is well known as a computationally hard problem. The hash functions are based on the elliptic polynomial equation in their generation, where different elliptic polynomials are used for different blocks of the same plain text. Particularly, the hash functions use an elliptic polynomial with more than one independent x-coordinate. More specifically, a set of elliptic polynomial points are used that satisfy an elliptic polynomial equation with more than one independent x-coordinate which is defined over a finite field F. | 07-01-2010 |

20100158242 | SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR GENERATING AND VERIFYING RANDOMIZED HASH VALUES - A system generates a randomized hash value and/or verifies data against a randomized hash value. A hashing circuit can respond to data by randomly selecting a hashing algorithm parameter among a defined set of different hashing algorithm parameters, and by applying a hashing algorithm that uses the selected hashing algorithm parameter to hash the received data to generate a randomized hash value. Another hashing circuit randomly selects a hashing algorithm among a defined set of different hashing algorithms, and applies the selected hashing algorithm to hash the received data to generate a randomized hash value. Another hashing circuit applies a hashing algorithm to hash received data to generate an intermediate hash value that occupies a defined memory space, and randomly selects a partial segment of the hash value from a segment of the defined memory space to generate a randomized hash value. | 06-24-2010 |

20100195820 | Processor Instructions for Improved AES Encryption and Decryption - Encrypting information involving the execution of a first instruction and a second instruction on a processor. The first instruction causes the processor to perform an AddRoundKey transformation followed by a ShiftRows transformation. The second instruction causes the processor to perform a ShiftRows transformation followed by a MixColumns transformation. These instructions are useful for performing AES encryption. The first and instructions also have inverse modes that may be used to perform AES decryption. | 08-05-2010 |

20100195822 | PROGRAM CONVERTER, ENCRYPTING DEVICE, AND ENCRYPTING METHOD - A program converter ( | 08-05-2010 |

20100195821 | APPARATUS FOR CALCULATING A RESULT OF A SCALAR MULTIPLICATION - An apparatus for calculating a result of a scalar multiplication of a reference number with a reference point on an elliptic curve comprises a point selector and a processor. The point selector is configured to select randomly or pseudo-randomly an auxiliary point on the elliptic curve. The processor is configured to calculate the result of the scalar multiplication with a double-and-always-add process using the auxiliary point. | 08-05-2010 |

20110051928 | TECHNIQUES TO STRENGTHEN ONE-TIME PAD ENCRYPTION - Apparati, methods, and computer-readable media for strengthening a one-time pad encryption system. A method embodiment of the present invention comprises the steps of encrypting plaintext ( | 03-03-2011 |

20110051927 | DEVICE FOR GENERATING A MESSAGE AUTHENTICATION CODE FOR AUTHENTICATING A MESSAGE - Device for generating a message authentication code for authenticating a message, wherein the message is divided in blocks (M) with a specified block length, the device comprising a generating unit for generating the message authentication code based on a message by using a block cipher algorithm, and an encrypting unit for performing an exclusive disjunction on the last block with a first key (K | 03-03-2011 |

20110182419 | ENCRYPTION ALGORITHM WITH RANDOMIZED BUFFER - A system obtains a key and first and second plaintext, where the first plaintext is identical to the second plaintext. The system uses the key to encrypt the first plaintext to a first ciphertext and the second plaintext to a second ciphertext using a same encryption algorithm, where the first ciphertext is different than the second ciphertext. | 07-28-2011 |

20090175442 | Digital Rights Management System Protecting Consumer Privacy - Technologies for a Consumer Privacy Digital Rights Management system based on stable partially blind signatures that enable a license server to provide licenses for delivery to users without knowing the corresponding digital contents that users access with the license. Therefore consumer privacy is protected during license acquisition. Further, if the client DRM module in the DRM system does not disclose any information about a user's digital content access, and the messages that the client DRM module sends out are in plain text enabling verification that the client DRM module is not disclosing such information, then consumer privacy is fully protected by the DRM system. | 07-09-2009 |

20090175441 | METHOD FOR PROTECTING DATA AGAINST DIFFERNTIAL FAULT ANALYSIS INVOLVED IN RIVEST, SHAMIR, AND ADLEMAN CRYPTOGRAPHY USING THE CHINESE REMAINDER THEOREM - Systems and methods for effectively protecting data against differential fault analysis involved in Rivest, Shamir, and Adleman (“RSA”) cryptography using the Chinese Remainder Theorem (“CRT”) are described herein. A CRT RSA component facilitates modular exponentiation of a received message, and a verification component reconstructs the received message. An exponentiation component performs a first modular exponentiation and a second modular exponentiation of the received message. A recombination component performs a recombination step utilizing CRT computation as a function of the first and second modular exponentiations. A modular exponentiation component performs first and second public exponent derivations as a function of a private exponent. The verification component can reconstructs the received message as a function of the first and second public exponent derivations. The verification component calculates the received message utilizing Chinese Remainder Theorem computation. | 07-09-2009 |

20110170684 | DETERMINATION OF PAIRINGS ON A CURVE USING AGGREGATED INVERSIONS - One or more techniques and/or systems are disclosed that provide for determining mathematical pairings for a curve for use in cryptography. A plurality of inversions used for determining the mathematical pairings for the curve are aggregated (e.g., into a single inversion in respective levels of a binary tree representation of elements of the computation). The mathematical pairings for the curve are determined in affine coordinates from a binary representation of a scalar read from right to left using the aggregated plurality of inversions. | 07-14-2011 |

20100027780 | Systems and methods for anonymizing personally identifiable information associated with epigenetic information - Methods and devices are described for anonymizing personally identifiable information associated with epigenetic information. | 02-04-2010 |

20110216900 | METHODS OF ENCRYPTION AND DECRYPTION AND ENCRYPTION SYSTEMS USING THE SAME - Provided is a decryption method of an encryption algorithm. In the decryption method, a secret key can be received. A plurality of Montgomery multiplications can be repeated on a cipher text until a modular exponentiation of the secret key. When the repeated Montgomery multiplications are performed, an order of the plurality of Montgomery multiplications or an order of operands can be arbitrarily changed. | 09-08-2011 |

20110216899 | ARITHMETIC OPERATION METHOD AND ARITHMETIC OPERATION DEVICE - In an arithmetic operation method and an arithmetic operation device arithmetic operations such as exponentiation or scalar multiplication can be performed at high speed. In the case where there exists a plurality of different elements Y and each element Y is represented by tuples in which a plurality of different elements X are combined with an operator, an arithmetic operation method for calculating each element Y by using an electronic computer, associates each element Y with the element X by setting each element X, sets temporary data having an index indicating whether or not each element Y has an identical element X for each element X, and represents each element Y by the temporary data combined with the operator. When there is a combination of temporary data which is common in plurality of elements Y in temporary data contained in each element Y, new temporary data is set by combining the common temporary data and each element Y consisting of each tuple is calculated using the new temporary data. | 09-08-2011 |

20100098242 | APPARATUS AND METHOD FOR EVALUATING A CIPHER STRUCTURE'S RESISTANCE TO CRYPTANALYSIS - Disclosed is a method for evaluating resistance to cryptanalysis of a cipher structure having a diffusion element including a linear transformation placed between differently-sized confusion elements at an input and an output of the diffusion element. A generalized minimum number of non-zero symbols at the diffusion element's input and output is determined. The diffusion element's input is divided into subset inputs, each having a size corresponding to the size of each confusion element at the diffusion element input. For each subset input, a subset number of non-zero symbols at the subset input and the diffusion element output is determined. Each subset number is summed to generate a summed subset number. The summed subset number is subtracted from the generalized minimum number to generate a worst-case number. An upper bound of a maximum differential characteristic probability is calculated and used to evaluate the cipher structure. | 04-22-2010 |

20090010423 | SYSTEMS AND METHODS FOR PROTECTING DATA SECRECY AND INTEGRITY - A technique for integrating message authentication with encryption and decryption is disclosed. Intermediate internal states of the decryption operation are used to generate a validation code that can be used to detect manipulation of the encrypted data. The technique is optimized with respect to processing time, execution space for code and runtime data, and buffer usage. The technique is generally applicable to a variety of block ciphers, including TEA, Rijndael, DES, RC5, and RC6. | 01-08-2009 |

20120307997 | ENCRYPTION DEVICE - According to an embodiment, an encryption device performs encryption processing using an encryption key and calculates encrypted data from plain data. The encryption device includes: a register; an input unit configured to receive plain data; a first partial encryption unit configured to calculate first intermediate data from the plain data; a second partial encryption unit configured to calculate (i+1)-th intermediate data based on i-th intermediate data and the encryption key; a first transform unit configured to: transform j-th intermediate data into j-th transformed data; and store the j-th transformed data in the register; and a second transform unit configured to transform the j-th transformed data into the j-th intermediate data; a third partial encryption unit configured to calculate encrypted data from the N-th intermediate data. The second partial encryption unit is configured to repeat processing to calculate (j+1)-th intermediate data while j is equal to from 1 to N−1. | 12-06-2012 |

20080267393 | AES DECRYPTION APPARATUS AND PROGRAM - When a matrix operation based on the specifications of inverse mixcolumn transformation InvMixColumns( ) of AES decryption is executed by the product of a first matrix Pb and a second matrix Pa, 16 coefficients pb | 10-30-2008 |

20090041229 | Elliptic Curve Point Transformations - In an elliptic curve cryptographic system, point coordinates in a first coordinate system are transformed into a second coordinate system. The transformed coordinates are processed by field operations, which have been modified for operating on the transformed point coordinates. In some implementations, the point coordinates are transformed using a linear transformation matrix having coefficients. The coefficients can be fixed, variable or random. In some implementations, the transformation matrix is invertible. | 02-12-2009 |

20120039462 | RSA SIGNATURE METHOD AND APPARATUS - A Revest, Shamir and Adleman (RSA) signature method includes: creating an initial hidden value using a private key and an RSA modular; converting a message to a hidden message by blinding the message using the initial hidden value and the RSA modular; obtaining a result value by performing double exponentiation on the hidden message, the initial hidden value, the RSA modular and the private key; and recovering a signature value using the result value. The RSA signature method further includes updating the initial hidden value with a new hidden value after the recovering. | 02-16-2012 |

20090202066 | SCRAMBLER, SCRAMBLE PROCESSING METHOD, AND PROGRAM - A multiplication value decision unit ( | 08-13-2009 |

20100086126 | ENCRYPTION DEVICE, DECRYPTION DEVICE, ENCRYPTION METHOD, AND INTEGRATED CIRCUIT - There has been a problem that the maximum number of logical steps increases and processing speed decreases when a masking method in which S-Box is implemented using an inverse element calculation in a composite field as a countermeasure for power analysis attack on an AES cipher. | 04-08-2010 |

20090185677 | SHORT MESSAGE ENCRYPTION - A method and system for securely communicating information via a low bandwidth channel uses encryption that adds comparatively little overhead to the size of the transmission. This method and system efficiently take advantage of the properties of public key cryptography, a shared secret, a traffic key from the shared secret, an abbreviated initialization vector, and an abbreviated whole message signature. The information and the whole message signature are encrypted using the traffic key with a stream cipher. | 07-23-2009 |

20100254530 | BLOCK CIPHER ALGORITHM BASED ENCRYPTION PROCESSING METHOD - A block cipher algorithm based encryption processing method comprises the following steps: external key registration, external data registration, key expansion, data encryption conversion, internal data registration, and data iteration processing, which solves the problems of the prior ciphering method based on block cipher algorithm, such as low ciphering efficiency and high implementation cost, and efficiently reduces the resource consumption under the premise of keeping the high efficiency of the prior art, thereby reducing the implementation cost of the device. When the number of the conversion component is 1, the resource consumption is only about 60 percent of the prior art; and when the number of the conversion component is 2, the resource consumption is only about 70 percent of the prior art. The present invention increases a sub-key registration unit, which can reduce the critical paths and increase the clock dominant frequency of the ciphering equipment during the implementation of integrated circuits, thereby improving the ciphering capacity of the inventive method. | 10-07-2010 |

20120039464 | Emergency call-based security algorithm negotiation method and apparatus - An emergency call-based security algorithm negotiation method and apparatus are disclosed. The method comprises the following steps: after receiving an attachment request from a User Equipment (UE) and determining that the attachment request is an emergency attachment request, a network side sets UE security capabilities to support a null algorithm only; or, the network side determines that the UE security capabilities included in the attachment request support the null algorithm only; performing Non-Access Stratum (NAS) and Access Stratum (AS) selection processing taking the null algorithm as a security algorithm for the user equipment. A mobility management entity (MME) and an evolved Node-B (eNB) can perform security negotiation directly on the basis that the user equipment only supports the null algorithm when the NAS and NA security negotiation is performed, so that the access efficiency and the call completing rate of emergency calls are improved. | 02-16-2012 |

20120039461 | EXPONENTIATION METHOD RESISTANT AGAINST SIDE-CHANNEL AND SAFE-ERROR ATTACKS - An exponentiation method resistant against side-channel attacks and safe-error attacks. Input to the method is g in a multiplicatively written group G and a /-digit exponent d with a radix m>1 and output is z=(d−1) is expressed as a series of (/−1) non-zero digits, d* | 02-16-2012 |

20120121082 | PRIVACY REGION MASKING DEVICE AND METHOD IN VEHICLE BLACK BOX - A privacy region-masking device of an automobile black box system includes a masking region configuration module for constructing a masking region on an internal image of a vehicle and a key management module for creating and managing a masking key which is used for masking the masking region on the internal image of the vehicle. The privacy region-masking device further includes a masking execution module for masking the masking region on the image using the masking key, thereby generating a masked image adaptable to protect the privacy of a passenger. | 05-17-2012 |

20120121079 | CIPHER INDEPENDENT INTERFACE FOR CRYPTOGRAPHIC HARDWARE SERVICE - Disclosed is a cipher independent cryptographic hardware service. Cipher independent transactions are received into input slots ( | 05-17-2012 |

20100246812 | Secure Similarity Verification Between Encrypted Signals - A method for verifying a similarity between a first signal and a second signal is described. The first and the second signals are encrypted homomorphically using a key. First, we acquire a set of error patterns determined by a similarity constraint. Then, each error pattern is homomorphically encrypted using the key and presented to a verifier in the setup phase. The verifier declares the first signal similar to the second signal, if any error pattern in the set of error patterns satisfies a homomorphic relationship between the first encrypted signal and the second encrypted signal. | 09-30-2010 |

20110081016 | SECURE DATA COMMUNICATION USING ELLIPTIC CURVE CRYPTOLOGY - A contactless device including an contactless communication interface configured to receive a challenge from a contactless reader and a controller configured to generate an enciphered response using elliptic curve cryptology. Moreover, the enciphered response includes the challenge enciphered with a private key stored in non-volatile memory of the contactless device and data can be integrated as part of the challenge and/or the enciphered response. | 04-07-2011 |

20120250855 | MIX-NET SYSTEM - Each participant apparatus ( | 10-04-2012 |

20110064215 | EXPONENT OBFUSCATION - A method of obfuscating an exponent is provided. The method comprises identifying a value λ for which it holds that λ>0 and x | 03-17-2011 |

20110091033 | CRYPTOGRAPHIC SYSTEM - A method of creating an encryption system for encrypting a plurality of plaintext words is provided. The method comprises associating ( | 04-21-2011 |

20110091032 | METHOD AND APPARATUS FOR INFORMATION REPRODUCTION - According to one embodiment, a content recording apparatus including, a key preparing section configured to prepare a key to encrypt an acquired stream, a file preparing section configured to add identification information to the acquired stream to prepare a file, a hash calculating section configured to calculate a hash value concerning the identification information added to the stream by the file preparing section, a key file preparing section configured to integrate the hash value calculated by the hash calculating section and the key prepared by the key preparing section to prepare a key file, and a writing section configured to write the key file prepared by the key file preparing section in the protected area of a recording medium. | 04-21-2011 |

20120045051 | PAIRING COMPUTATION DEVICE, PAIRING COMPUTATION METHOD AND RECORDING MEDIUM STORING PAIRING COMPUTATION PROGRAM - There is provided a pairing computation device provided with a CPU which computes pairing e (S, Q) with S∈G | 02-23-2012 |

20120045050 | Apparatus and method for block cipher process for insecure environments - Method and apparatus for increasing security of a cryptographic algorithm such as deciphering, enciphering, or a digital signature using a block type cipher such as AES implemented for instance in a “whitebox” model with the cipher key either known or unknown at the compilation time. This method is secure for use in entrusted environments, particularly for securing cryptographic keys. The look up tables characteristic of such algorithms are protected against attack here by making all such tables of the same size and indistinguishable, and further by masking the output values of such tables, typically where the tables carry out a permutation function or a logical exclusive OR operation. | 02-23-2012 |

20120002806 | Digital Signatures - Digital signature generation apparatus, comprising an envelope generator operable to generate an envelope representation, of only one polarity, of a sampled data segment, and operable for each of successive portions comprising a predetermined plurality of samples to provide a portion sum value as the sum the values of the samples in the portion, thereby to provide said envelope representation; a threshold value generator operable to determine a threshold value for each portion of the envelope representation; an event detector operable to detect, as an event, a transition of a portion sum value across the threshold value for the portion concerned; and a signature generator operable in response a detected event to generate a digital signature characteristic of the sampled data segment. | 01-05-2012 |

20120002807 | WHITE-BOX CRYPTOGRAPHIC SYSTEM WITH INPUT DEPENDENT ENCODINGS - A white-box cryptographic system is presented wherein at least one of its internal values is represented using an input dependent encoding. The system comprises a network of a plurality of basic blocks arranged for collectively performing a cryptographic operation. An encoder is arranged for encoding output data of a first one of the plurality of basic blocks into an encoder-output according to a selected one of a plurality of encoding schemes, said selection depending on an input-message to the system. A compensator is arranged for recoding intermediate data to compensate for the effect of the encoding according to a selected one of a plurality of recoding schemes. Using variable encodings instead of fixed encodings complicates reverse engineering the white-box cryptographic system. | 01-05-2012 |

20120002804 | ARCHITECTURE AND INSTRUCTION SET FOR IMPLEMENTING ADVANCED ENCRYPTION STANDARD (AES) - A flexible aes instruction for a general purpose processor is provided that performs aes encryption or decryption using n rounds, where n includes the standard aes set of rounds {10, 12, 14}. A parameter is provided to allow the type of aes round to be selected, that is, whether it is a “last round”. In addition to standard aes, the flexible aes instruction allows an AES-like cipher with 20 rounds to be specified or a “one round” pass. | 01-05-2012 |

20120002805 | Cryptographic Key Spilt Combiner Including a Biometric Input - A cryptographic key split combiner, which includes a number of key split generators for generating cryptographic key splits and a key split randomizer for randomizing the cryptographic key splits to produce a cryptographic key, and a process for forming cryptographic keys. Each of the key split generators generates key splits from seed data. The key split generators may include a random split generator for generating a random key split based on reference data. Other key split generators may include a token split generator for generating a token key split based on label data, a console split generator for generating a console key split based on maintenance data, and a biometric split generator for generating a biometric key split based on biometric data. All splits may further be based on static data, which may be updated, for example by modifying a prime number divisor of the static data. The label data may be read from a storage medium, and may include user authorization data. The resulting cryptographic key may be, for example, a stream of symbols, at least one symbol block, or a key matrix. | 01-05-2012 |

20120002803 | SELF RECONFIGURING VLSI ARCHITECTURES FOR UNKNOWN SECRET PHYSICAL FUNCTIONS BASED CRYPTO SECURITY SYSTEMS - This invention describes the use of the features of modern reconfigurable and self-reconfigurable VLSI technology to design highly secure unknown and secret physical functions for security applications. Several examples of sample implementation scenarios for self-generated secret hard-wired cipher- and/or hash functions architectures are shown. A designed, true-random, electronic mutation process autonomously activates the creation of such secret unknown functions in a self-reconfiguring VLSI architecture. It is also shown that such mutation processes can be designed to evolve dynamically in a non-predictive manner to come up with highly secure physical security mechanisms and protocols. This self-evolving property of such functions offers a great security quality which can enhance the security and identification resilience of electronic units to levels similar to those only available in biological systems with highly accurate DNA identification and secured history tracing of living entities. The invention shows also that such unknown physical functions can be used to implement highly secure cryptographic protocols which were not possible before the availability of self-reconfiguring VLSI technology. The invention description shows also how to make use of unknown tamper-proof and secret physical mapping as hash functions and ciphers even if the exact architecture is not known to anybody. A primitive identification scenario with its core protocol using an unknown secret cipher is also described, offering high security stability and resilience. | 01-05-2012 |

20090022307 | SYSTEMS AND METHODS FOR EFFICIENT GENERATION OF HASH VALUES OF VARYING BIT WIDTHS - A technique for producing a hashed output of an input message according to any number of hash algorithms (e.g. SHA-256, SHA-348, SHA-512) having varying bit widths is described. At least a portion of the input message is stored in a first group of registers each having a bit width equal to a first bit width (e.g. 32 bits). If the selected hash algorithm has a larger bit width (e.g. 64 bits), a remainder of the input message is stored in a second plurality of registers each having a bit width equal to the first bit width. The hashed output is then computed according to the selected hash algorithm. | 01-22-2009 |

20090016523 | Masking and Additive Decomposition Techniques for Cryptographic Field Operations - Masking and additive decomposition techniques are used to mask secret material used in field operations (e.g., point multiplication operations) performed by cryptographic processes (e.g., elliptic curve cryptographic processes). The masking and additive decomposition techniques help thwart “side-channel” attacks (e.g., power and electromagnetic analysis attacks). | 01-15-2009 |

20120207298 | APPARATUS AND METHOD FOR CALCULATING A RESULT IN A SCALAR MULTIPLICATION - An apparatus for calculating a result of a scalar multiplication of a reference number with a reference point on an elliptic curve includes a random number generator and processor. The random number generator generates a random bit. The processor calculates the result of the scalar multiplication based on a calculation algorithm using a first auxiliary variable storing a first interim result representing an integer multiple of the reference point or a coordinate of an integer multiple of the reference point and a second auxiliary variable storing a second interim result representing another integer multiple of the reference point or a coordinate of another integer multiple of the reference point. The processor swaps a value stored by the first auxiliary variable and a value stored by the second auxiliary variable during calculation of the result of the scalar multiplication, if a swap condition depending on the generated random bit is fulfilled. | 08-16-2012 |

20120008768 | MODE CONTROL ENGINE (MCE) FOR CONFIDENTIALITY AND OTHER MODES, CIRCUITS AND PROCESSES - An electronic data processing module ( | 01-12-2012 |

20120008767 | SYSTEM FOR ENCRYPTING AND DECRYPTING A PLAINTEXT MESSAGE WITH AUTHENTICATION - The described system and method provide for an encryption and authentication technique that achieves enhanced integrity verification through assured error-propagation using a multistage sequence of pseudorandom permutations. The method generates intermediate data-dependent cryptographic variables at each stage, which are systematically combined into feedback loops. The encryption technique also generates an authentication tag with minimal post processing that is the size of the state. The size of the state is dependent on the number of pseudorandom permutations and the size of the LFSR. The authentication tag provides a unique mapping to the plaintext for any number of plaintext blocks that is less than or equal the size of the state. In addition to being a stand alone encryption algorithm, the disclosed technique is applicable to any mode that uses pseudorandom permutations such as, key dependent lookup tables, S-Boxes, and block ciphers such as RC5, TEA, and AES. | 01-12-2012 |

20120008766 | SECURING A COMPONENT PRIOR TO MANUFACTURE OF A DEVICE - By securing a component within a product, before the component is delivered to the final device manufacturing facility, the device manufacturing process can be made provably secure. Additionally, the component may be tested for security and authenticity during manufacture and even later, as the device enters use by a consumer. | 01-12-2012 |

20090279694 | PRIVACY-PRESERVING SCALAR PRODUCT CALCULATION SYSTEM, PRIVACY-PRESERVING SCALAR PRODUCT CALCULATION METHOD AND CRYPTOGRAPHIC KEY SHARING SYSTEM - A privacy-preserving scalar product calculation system is provided. A first unit linearly transforms an n-dimensional vector Va into an n-dimensional vector based on a scalar value based on a random number W | 11-12-2009 |

20090207997 | ELLIPTIC CURVE CRYPTOSYSTEM APPARATUS, STORAGE MEDIUM STORING ELLIPTIC CURVE CRYPTOSYSTEM PROGRAM AND ELLIPTIC CURVE CRYPTOSYSTEM ARITHMETIC METHOD - A scalar multiplication can be performed on an elliptic curve cryptosystem at a high speed. P is set as an initial value of Q[0], and 2×P is set as an initial value of Q[1]. An elliptic curve doubling ECDBL of Q[d[i]] is performed, and an arithmetic result is stored in Q[2]. An elliptic curve addition ECADD of Q[0] and Q[1] is performed, and an arithmetic result is stored in Q[1]. Q[2−d[i]] is stored in Q[0]. Q[1+d[i]] is stored in Q[1]. The elliptic curve addition ECADD and the elliptic curve doubling ECDBL are concurrently performed in the respective processors. | 08-20-2009 |

20120057695 | CIRCUITS FOR MODULAR ARITHMETIC BASED ON THE COMPLEMENTATION OF CONTINUED FRACTIONS - A method for calculating a modular multiplication of integers a and b or polynomials a(x) and b(x) for a modulus N. The method including (i) calculating a supplemental product continued fraction c=(ab+jN)/t by supplementing particular numerators of a product fraction (ab)/t represented as a continued fraction, and (ii) calculating a second supplemental product continued fraction r=(cd+kN)/t from a previously calculated modular remainder d=R | 03-08-2012 |

20130010949 | METHOD AND SYSTEM FOR COMPRESSING AND ENCRYPTING DATA - A method and system for compressing and encrypting data. The method includes: receiving original data; performing a first compression of said original data to obtain a first compression result; and encrypting only a literal portion in the first compression result to obtain an encrypted first compression result. Embodiments of the present invention improve the efficiency of the process of compression +encryption to a great extent by means of encrypting only the literal portion of the compression result. | 01-10-2013 |

20120027201 | ENCRYPTION APPARATUS, DECRYPTION APPARATUS, ENCRYPTION METHOD, DECRYPTION METHOD, SECURITY METHOD, PROGRAM, AND RECORDING MEDIUM - Security against CCA is improved without providing space for just improving the security against CCA in a ciphertext space. In encryption processing, a first ciphertext C | 02-02-2012 |

20120027200 | FLEXIBLE INTERFACE FOR SECUREINPUT OF PIN CODE - The present invention concerns a system ( | 02-02-2012 |

20120027199 | SYSTEM AND METHOD FOR ENABLING ACCESS TO A PROTECTED HARDWARE RESOURCE - Systems and methods are disclosed for enabling access to a protected hardware resource. A hardware component includes at least one protected hardware resource. A unique hardware ID and a unique cryptographically secure or randomly generated enable value (EV) are integrated in the hardware component at the time of manufacturing. At run-time, special software generates or receives from an external source an enable register (ER) value and a comparison is made with the stored enable value. If the ER value and the EV match, access to the protected hardware resource is allowed. | 02-02-2012 |

20120027198 | System and method for cryptographic communications using permutation - The present invention discloses a system and method for cryptographic communications. It may significantly improve operation efficiency of existing symbol level encryption algorithms by permutating at symbol sequence level with significantly less computational requirements. The system includes a communications channel, at least one terminal with encoding device and at least one terminal with decoding device. A message comprising ordered symbols can be partitioned into ordered symbol sequences. Then the order of symbol sequences is permutated by the encoding device. The partition and permutation can be repeated recursively on the resultant symbol sequences to obtain the ciphertext. All the partition and permutating information are characterized by a secret key, used for decoding on the receiving terminal. It is required that the final resultant symbol sequences in the ciphertext should not disclose information confidentiality. The present invention can be also applied to secure distributed data storage. | 02-02-2012 |

20090136023 | Data Encryption Method Using Discrete Fractional Hadamard Transformation - A data encryption method using discrete fractional Hadamard transformation includes the steps of: providing a set of data; processing the data with discrete fractional Hadamard transformation to generate at least one Hadamard matrix, the Hadamard matrix having eigen vectors corresponding to eigen values; selecting order parameters from order vectors of the Hadamard matrix; designating the order parameters as a private key in data encryption. In an embodiment, a set of integers is designated to define numerators and denominators of fractions which represent the eigen values of the Hadamard matrix. | 05-28-2009 |

20090136022 | Method and Apparatus for Calculating a Polynomial Multiplication, In Particular for Elliptic Curve Cryptography - Safeguarding communication channels is required in particular in wireless networks. The use of encryption mechanisms in the form of software is limited by the required calculation and energy capacities of mobile terminals. Costs are of significance when using hardware solutions for cryptographic operations. The present invention provides an approach which simultaneously tackles all those points. It concerns a hardware accelerator for polynomial multiplication in extended Galois fields (GF), wherein the per se known Karatsuba method is iteratively applied in accordance with the invention. When using the invention the area requirement can be reduced for example from 6.2 mm | 05-28-2009 |

20120106732 | CRYPTOGRAPHIC COUNTERMEASURE METHOD BY DERIVING A SECRET DATA - A method of protecting a circuit from attacks aiming to discover secret data used during the execution of a cryptographic calculation by the circuit, by, executing a transformation calculation implementing a bijective transformation function, receiving as input a secret data, and supplying a transformed data, executing a cryptographic calculation receiving as input a data to process and the transformed data, and executing an inverse transformation calculation receiving as input the result of the cryptographic calculation, and supplying a result that the cryptographic calculation would have supplied if it had been applied to the data to process and directly to the secret data, the data to process belong to a stream of a multiplicity of data, the transformed data being supplied as input to the cryptographic calculation for all the data of the stream. | 05-03-2012 |

20120063592 | APPARATUS FOR ENCRYPTING DATA - An apparatus for encrypting data is provided. The apparatus has a means for symmetrically encrypting data and a means for encrypting the symmetrically encrypted data with the aid of a bit string. The bit string has a maximum entropy. The means for encrypting the symmetrically encrypted data is designed such that a section of the bit string is used for encryption and successive encryption operations are carried out with varying sections of the bit string while the bit string remains unchanged. | 03-15-2012 |

20120300922 | METHOD OF GENERATING A CORRESPONDENCE TABLE FOR A CRYPTOGRAPHIC WHITE BOX - A method is provided for generating a correspondence table suitable for use in a cryptographic processing method and comprising storing a plurality of input data and of output data in the table, each input datum being associated with at least one output datum in the table. For each input datum, at least one of the output data is obtained by applying a coding function to a first subsidiary datum and to an encrypted intermediate datum depending on the input datum. Also provided are a corresponding encryption method, a storage unit suitable for storing the correspondence table generated by the above generation method, a device for physically implementing such a correspondence table, a decryption device including such a storage unit, and a computer program product suitable for implementing the above generation method. | 11-29-2012 |

20120155634 | PAIRED CARRIER AND PIVOT STEGANOGRAPHIC OBJECTS FOR STATEFUL DATA LAYERING - A system, method and program product for utilizing a steganographic process to hide data element in a carrier object. A system is disclosed that includes: a pivot object generator that generates a pivot object having a key hidden therein, wherein the key is hidden in the pivot object based on an inputted salt; and a carrier object generator that generates a carrier object having a data element hidden therein using a steganographic hiding system, wherein the steganographic hiding system requires utilization of the key to extract the data element from the carrier object. | 06-21-2012 |

20120155633 | AUDIO CONTENT PROTECTION - In some embodiments an embedded processor is to participate in cryptographic key exchange with an audio software application, and a key exchange communication path is coupled between the audio software application and the embedded processor. Other embodiments are described and claimed. | 06-21-2012 |

20110081015 | Encryption System And Method - An encryption system can include a first port and a second port. A format translator can be coupled to the first port and the second port to translate a first header format of data received from the first port to a second header format of the second port. The format translator can translate the second header format of data received from the second port to the first header format. An encryptor can receive the data and encrypts the data received from the first port and decrypts the data received from the second port. | 04-07-2011 |

20100172490 | METHOD FOR THE SECURE DETERMINATION OF DATA - The aim of the embodiments is to provide a method for the secure processing of data, in which security is increased in relation to side channel attacks. To achieve this, operation codes for commanding co-processors are determined, for example for the bit-dependent transposition of register contents. The solution exploits the fact that as a result of the technical configuration for the co-processor, a shift of register contents, for example from register A to register B cannot be differentiated from the exterior from a shift from register A to register C. | 07-08-2010 |

20100172491 | Computing Isogenies Between Genus-2 Curves for Cryptography - This cryptographic curve generation technique provides a faster way of constructing a genus 2 curve. The technique provides a procedure to compute isogenies between genus 2 curves over finite fields. Instead of looping over possible roots, as is typically done when solving Igusa class polynomials, the technique only finds one root and then applies the isogenies to find the others. The technique computes a set of polynomials that define all isogenies. To do this, for a given root of an Igusa class polynomial over a finite field, the technique computes a value of a small modular function ƒ. To the value of this function ƒ, the technique applies an isogeny to find an isogenous ƒ-value. The technique then transforms the ƒ-value back into an Igusa value. Once the Igusa class polynomials are solved they can be used to generate a genus 2 curve which can be used in cryptographic applications. | 07-08-2010 |

20100172492 | METHOD FOR SCHEDULING ELLIPTIC CURVE CRYPTOGRAPHY COMPUTATION - A scheduling method for ECC computation processed in a plurality of arithmetic units comprises a coarse-grained scheduling step for systematically scheduling an ECC computation operation and a fine-grained scheduling step for refining the scheduled ECC computation operation. | 07-08-2010 |

20090060176 | PROGRAM CONVERTER, ENCRYPTING DEVICE, AND ENCRYPTING METHOD - A program converter ( | 03-05-2009 |

20090060175 | Embedding a secret in a bit string for safeguarding the secret - A method and system for embedding a secret in a bit string for safeguarding the secret. In one embodiment, the method comprises computing the length of the overall bit string as a function of q and t, where q and t are determined from the length of the secret. The method further comprises generating a plurality of information pieces based on q and t, the information pieces including a transformed secret and information for extracting the secret from the overall bit string. The method further comprises concatenating the plurality of information pieces to form the overall bit string. | 03-05-2009 |

20090060174 | COMPUTER-IMPLEMENTED METHOD AND SYSTEM FOR PROTECTING A SOFTWARE INSTALLATION AFTER CERTIFICATION - A computer-implemented system and method for protecting a software installation after certification are disclosed. The system includes components to determine if a cryptographic value of a digital content set matches with a stored cryptographic value of a validated digital content set, to determine if a cryptographic value of a validation rule set matches with a stored cryptographic value corresponding to a validation requirement, and to display a certification message if the cryptographic value of the digital content set matches with a stored cryptographic value of a validated digital content set and the cryptographic value of the validation rule set matches with a stored cryptographic value corresponding to a validation requirement. | 03-05-2009 |

20110103580 | COMPRESSING ENCRYPTED DATA WITHOUT THE ENCRYPTION KEY - A method, system and computer program product are disclosed for compressing encrypted data, wherein the data is encrypted by using a block encryption algorithm in a chained mode of operation, and the encrypted data is comprised of a set of N encrypted blocks, C | 05-05-2011 |

20110103579 | FORMAT PRESERVING ENCRYPTION SYSTEMS FOR DATA STRINGS WITH CONSTRAINTS - Format preserving encryption (FPE) cryptographic engines are provided for performing encryption and decryption on strings. A plaintext string may be converted to ciphertext by repeated application of a format preserving encryption cryptographic algorithm. Following each application of the format preserving cryptographic algorithm, the resulting version of the string may be analyzed to determine whether desired string constraints have been satisfied. If the string constraints have not been satisfied, further applications of the format preserving cryptographic algorithm may be performed. If the string constraints have been satisfied, the current version of the string may be used as an output for the cryptographic engine. | 05-05-2011 |

20110103578 | SYSTEMS AND METHODS FOR EFFICIENTLY CREATING DIGESTS OF DIGITAL DATA - Systems and methods efficiently process digests, hashes or other results by performing multiplicative functions in parallel with each other. In various embodiments, successive processing stages are provided, with each stage performing parallel multiplicative functions and also combining input terms to reduce the total number of terms that remain to be processed. By progressively combining the active terms into a smaller number of terms for subsequent processing, the time needed to process a result can be significantly reduced. | 05-05-2011 |

20120121080 | COMMUTATIVE ORDER-PRESERVING ENCRYPTION - In one general aspect, a method, including executing instructions recorded on a non-transitory computer-readable storage media using at least one processor, includes encrypting data using a commutative order-preserving encryption scheme. The commutative order-preserving encryption scheme includes a unique fixed key and a regular keyed cryptographic hash function, where the cryptographic hash function includes a domain greater than the unique fixed key. | 05-17-2012 |

20100091982 | DIFFERENTIAL POWER ANALYSIS - RESISTANT CRYPTOGRAPHIC PROCESSING - Information leaked from smart cards and other tamper resistant cryptographic devices can be statistically analyzed to determine keys or other secret data. A data collection and analysis system is configured with an analog-to-digital converter connected to measure the device's consumption of electrical power, or some other property of the target device, that varies during the device's processing. As the target device performs cryptographic operations, data from the A/D converter are recorded for each cryptographic operation. The stored data are then processed using statistical analysis, yielding the entire key, or partial information about the key that can be used to accelerate a brute force search or other attack. | 04-15-2010 |

20120314854 | System, Apparatus and Method for Decentralizing Attribute-Based Encryption Information - A method for secure transmission of a message encrypted under an attribute based encryption scheme is provided. A first and a second authority parameter may be received from one or more authorities. A policy is generated based on the parameters. The generated policy comprises a flexible access control structure. A ciphertext is constructed based on the policy. To decrypt the ciphertext, key components are received from one or more authorities, the key components associated with a decryptor identifier. A decryption key is generated based on the policy and the key components. A plaintext is generated by decrypting the ciphertext. | 12-13-2012 |

20100246810 | ADVANCED MULTI-CHANNEL WATERMARKING SYSTEM AND METHOD - A method, computer program product, and computing device for modifying a first channel portion of a digital media data file to include at least a first primary watermark. A second channel portion of the digital media data file is modified to include at least a first secondary watermark, wherein the first secondary watermark is the complement of the first primary watermark. | 09-30-2010 |

20100246809 | Information Processing System, Information Processing Method, and Information Processing Program - To provide an architecture information processing system having a small circuit size capable of reducing power consumption and cost, on which system a circuit simultaneously executing encryption processing and message authentication (falsification detection processing) can be mounted. An information processing system includes at least: a parameter storage section that retains an initialization vector used as a starting block of concatenation and an encryption key used for encryption; a one-way hash calculation section that executes a one-way hash calculation as a technique for realizing message authentication and functioning in place of the conventional common key block encryption (DES encryption) operation as an encryption operation section of a block encryption mode use section performing encryption processing and/or decryption processing as a CFB mode and/or an OFB mode; and a key overlay operation section that performs calculation for overlaying an encryption key retained in the parameter storage unit on data input to the encryption operation section. | 09-30-2010 |

20100246811 | SYSTEMS AND METHODS FOR INFORMATION SECURITY USING ONE-TIME PAD - A method of verifying a password and methods of encryption and decryption using a key generated from a one-time pad. In one embodiment, the method of verifying includes: (1) receiving a password attempt, (2) retrieving a pointer from memory, (3) searching a one-time pad based on the pointer to retrieve a password, (4) comparing the password attempt with the password and (5) generating a new pointer if the password attempt matches the password. | 09-30-2010 |

20100246813 | METHOD AND SYSTEM FOR ACCELERATING THE DETERMINISTIC ENCIPHERING OF DATA IN A SMALL DOMAIN - Conventional block ciphers that traffic in 128-bit block sizes are ill-suited for operating in small domains like credit card numbers. Some embodiments relate to techniques for constructing and speeding up practical and provably secure schemes for deterministically enciphering data from a small domain like credit card numbers using a conventional block cipher or other pseudorandom function. | 09-30-2010 |

20120128150 | PATTERN-FREE ENCRYPTION - A method is described for defining a reserved pattern of symbols, receiving in a crypto-module an input stream including sequential input symbols, applying a cipher to the input stream in the crypto-module so as to generate an intermediate stream including sequential output symbols corresponding respectively to the input symbols, and converting the intermediate stream to an output stream from the crypto-module by comparing successive groups of the input symbols and the corresponding output symbols to the reserved pattern and, upon finding a match to the reserved pattern in a given group, substituting the input symbols in the group into the intermediate stream in place of the corresponding output symbols. Related hardware and systems are also described. | 05-24-2012 |

20120128149 | APPARATUS AND METHOD FOR CALCULATING AN SHA-2 HASH FUNCTION IN A GENERAL PURPOSE PROCESSOR - Various systems, apparatuses, processes, and/or products may be used to calculate an SHA-2 hash function in a general-purpose processor. In some implementations, a system, apparatus, process, and/or product may include the ability to calculate at least one SHA-2 sigma function by using an execution unit adapted for performing a processor instruction, the execution unit including an integrated circuit primarily designed for calculating the SHA-2 sigma function(s), and calculating the SHA-2 hash function with general-purpose hardware processing components of the processor based on the sigma function(s). In certain implementations, the calculation of the SHA-2 sigma function(s) can be performed by the integrated circuit within a single instruction, allowing for a faster calculation of the SHA-2 hash function. | 05-24-2012 |

20120163587 | INTERGRATED CRYPTOGRAPHIC MODULE PROVIDING CONFIDENTIALITY AND INTEGRITY - An integrated cryptographic apparatus providing confidentiality and integrity includes an integrated cryptographic module including confidentiality and integrity. Further, the integrated cryptographic apparatus includes a hash function unit for detecting whether a message is modified by using the integrated cryptographic module. Furthermore, the integrated cryptographic apparatus includes a block cipher unit for constructing a data encryption algorithm by using the integrated cryptographic module. | 06-28-2012 |

20120163586 | ORDER-PRESERVING ENCRYPTION AND DECRYPTION APPARATUS AND METHOD THEREOF - An order-preserving encryption apparatus includes an initializer for setting a total space of a ciphertext with respect to a total space of a plaintext by considering security of the ciphertext, and setting a secret key for encryption and a pseudo-random number generator for generation of a pivot. Further, the order-preserving encryption apparatus includes a pivot generator for applying the secret key to the established pseudo-random number generator to generate a pivot for the plaintext to be encrypted. Further, the order-preserving encryption apparatus includes a ciphertext generator for generating information about size of a bit constituting the ciphertext by comparing the generated pivot and the plaintext; and a plaintext adjusting unit for adjusting a magnitude of the total plaintext space and a magnitude of the plaintext according to the ciphertext. | 06-28-2012 |

20120163585 | MASKING ADDITION OPERATION DEVICE FOR PREVENTION OF SIDE CHANNEL ATTACK - A masking addition operation apparatus for prevention of a side channel attack, includes a random value generation unit generating a first random value for a first input, second random value for a second input, and a summation random value. The masking addition operation apparatus includes an operation part performing an operation on the first and second random values, a previous carry input, and first and second masked random values generated based on the first and second random values. The masking addition operation apparatus includes a carry generator generating a carry input using a result of the operation part; and a summation bit generator generating a summation bit using the summation random value, the first and second random values, the previous carry input and the first and second masked random values. | 06-28-2012 |

20120163584 | Method and system for protecting a cryptography device - The method for protecting a cryptography circuit from attacks aiming to discover a secret datum (D | 06-28-2012 |

20120163583 | DIGITAL WATERMARK EMBEDDING DEVICE, COMPUTER-READABLE RECORDING MEDIUM, AND DIGITAL WATERMARK DETECTING DEVICE AND COMPUTER-READABLE RECORDING MEDIUM - An digital watermark embedding device including an interface unit configured to acquire content in a digital form and digital watermark information, the device includes, a codeword generating unit configured to generate a base codeword including a bit sequence including the digital watermark information; a shifting unit configured to generate a plurality of correcting codewords differing from one another by permutating an arrangement in the bit sequence included in the base codeword depending on a plurality of shift amounts, the plurality of shift amounts differing from one digital watermark information to another, under a predetermined permutation rule; and a watermark superimposing unit configured to embed the plurality of correcting codewords in the content. | 06-28-2012 |

20120163582 | DATA ENCODING AND DECODING APPARATUS AND METHOD THEREOF FOR VERIFYING DATA INTEGRITY - A data encoding apparatus for verifying data integrity by using a white box cipher includes: an encoding unit for encoding content by using a white box cipher table; and an arithmetic logic unit for performing an arithmetic logic operation on the white box cipher table and content information to output an encoded white box cipher table. The arithmetic logic operation is an exclusive OR operation. The content information is license information of the content or hash value of the license information of the content. | 06-28-2012 |

20100208886 | METHOD AND DEVICE FOR MANIPULATION-PROOF TRANSMISSION OF DATA - A method for the manipulation-proof transmission of data from a transmitter to a receiver, a test part being generated in the transmitter from the data using a secret key and communicated together with the data to the receiver, where a verification test part is generated from the received data using the same secret key and is compared to the received test part. Before the generation of the test part, the data are nonlinearly compressed using at least one feedback shift register. In addition, a device for the manipulation-proof transmission of data. | 08-19-2010 |

20100208885 | CRYPTOGRAPHIC PROCESSING AND PROCESSORS - A method of performing a cryptographic process on data, the cryptographic process treating a quantity of the data as an element of a Galois field GF(λ | 08-19-2010 |

20100208884 | Method and device for hashing onto points of an elliptic curve - Hashing onto elements of a group, in particular onto points of an elliptic curve. An input message is run through a “regular” hashing algorithm, such as e.g. SHA-1 and MD5, and used as a scalar in multiplication with an element of the group. The result is necessarily also an element of the group. An advantage is that the security of the hashing algorithm is the same as that of the underlying “regular” hashing algorithm. Also provided is a device. | 08-19-2010 |

20110182421 | ENCIPHERMENT OF DIGITAL SEQUENCES BY REVERSIBLE TRANSPOSITION METHODS - Methods for transposing elements of a sequence according to a rule, wherein the rule is derived from pseudo-noise or pseudo-noise like binary and non-binary sequences are disclosed. Sequences of transposed symbols can be recovered by applying a reversing rule. Sets of orthogonal hopping and transposition rules are created by applying transposition rules upon themselves. Sets of orthogonal hopping and transposition rules are also created from binary and non-binary Gold sequences. | 07-28-2011 |

20110182420 | ACCESS MANAGEMENT FOR CONNECTION-ACCOMPANYING DATA OF TELECOMMUNICATION CONNECTIONS - The invention relates to a method and a device for carrying out the method for the ability to regulate and control the storage and access of connection-accompanying data of a telecommunications connection. | 07-28-2011 |

20120213360 | PROGRAMMABLE CRYPTOGRAPHIC INTEGRATED CIRCUIT - This cryptographic integrated circuit | 08-23-2012 |

20120213359 | METHOD AND APPARATUS FOR SECURE ITERATIVE PROCESSING - Disclosed embodiments include methods and apparatuses for secure iterative processing of encrypted signals based on implementing a secure iterative processing protocol that avoids cipher blowup, and applying an iterative algorithm directly on the encrypted signals to generate an encrypted processed output signal. In a particular embodiment, the protocol comprises applying homomorphic linear processing, preparing and applying a resealing module to avoid cypher blowup, and homomorphically adapting the encrypted signals. Specific embodiments implement iterative adaptive filtering algorithms in the encrypted domain including non-collaborative secure filtering and two-party filtering based on homomorphic encryption, interactive secure protocols, garbed circuits, or a combination thereof. | 08-23-2012 |

20120213358 | Digital Random Number Generator Based on Digitally-Controlled Oscillators - A system for random number generation includes a digital oscillator circuit, which has a set of available configurations and is operative to generate a random number sequence in accordance with a current configuration selected from the set. The system further includes a randomization circuit, which is operative to produce a pseudo-random stream of values corresponding to the available configurations of the digital oscillator circuit, and to control the digital oscillator circuit to alternate among the available configurations in accordance with the pseudo-random stream of values. | 08-23-2012 |

20120134493 | CRYPTOGRAPHY BY PARAMETERIZING ON ELLIPTIC CURVE - A device is controlled by a controller on the basis of a password. A determination is made at the device or at the controller, on the basis of a random value r | 05-31-2012 |

20120134492 | Data Encryption and Decryption Method and Apparatus - This present application relates to data encryption and decryption technology, and especially relates to a data encryption and decryption method and apparatus. The described encryption method comprises: packeting plaintext data to be encrypted, randomly assigning an encryption function to each group of the plaintext data, encrypting each group of the plaintext data with the encryption function respectively, and arranging the encrypted data according to its corresponding position in the plaintext data to form a ciphertext. The encryption apparatus includes: packet module, encryption function random assignment module and encryption processing module. This application also provides a data decryption method and apparatus. This invention randomly assigns an encryption function to the plaintext to be encrypted, and uses the assigned encryption function to encrypt the plaintext data to arrange and form a ciphertext, greatly strengthening the security of data storage, and achieving the perfect secrecy of data. | 05-31-2012 |

20120134491 | Cloud Storage Data Encryption Method, Apparatus and System - This present application relates to the field of cloud storage security technology, and in particular, relates to a cloud storage data encryption method, apparatus and system. The method comprises: according to the amount of data X expected to be stored within the preset time, the proportion of local storage space R and the security level of data Z, calculating the size H of a random seed that should be generated; according to the amount Y of plaintext data every time, calculating the times u of random seed acquired; according to the times u, acquiring data from the generated random seed with the size of H for several times to generate a plaintext encryption bit identifier data string; by use of the data string, selecting more than one half of the plaintext data for encryption to form a ciphertext. This application also provides a cloud storage data encryption apparatus and system. This invention has reduced the amount of encrypted data to be stored without sacrifice in the degree of data security protection, thus greatly improves the cloud storage data encryption and decryption performance. | 05-31-2012 |

20120134490 | Selective Data Encryption and Decryption Method and Apparatus - This present application relates to the field of data encryption and decryption technology, and in particular, relates to a selective data encryption and decryption method and apparatus. The encryption method includes: generating a string of true random numbers 0, 1 of a predetermined length via the preset method as a random seed; acquiring data for several times from the random seed, and cascading the data acquired each time into a random string no shorter than the length of a plaintext; according to the random string, generating a plaintext encryption bit identifier random string; randomly selecting more than one half of plaintext data for encryption according to the plaintext encryption bit identifier random string; arranging the encrypted data and unencrypted data to form a ciphertext according to their positions of the plaintext. The encryption apparatus includes: true random number generation module, encryption bit identifier random string generation module, plaintext selectivity encryption module and ciphertext formation module. This application also provides a selective data decryption method and apparatus. This invention reduces the amount of data to be encrypted or decrypted, thus improves the data encryption and decryption performance. | 05-31-2012 |

20120170739 | METHOD OF DIVERSIFICATION OF A ROUND FUNCTION OF AN ENCRYPTION ALGORITHM - A method of diversification of an iterative function of an encryption algorithm. During an iteration at least one parameter other than an encryption key and an input message is modified. It is particularly advantageous that the encryption algorithm is the Advanced Encryption Standard. | 07-05-2012 |

20120170738 | Methods and Apparatus in Alternate Finite Field Based Coders and Decoders - Methods and apparatus for coding and decoding n-state symbols with n≧2 and n>2 and n>3 and n>4 are provided wherein at least one implementation of an addition over an alternate finite field GF(n) and an inverter defined by a multiplication over the alternate finite field GF(n) are provided. Encoders and decoders implementing a single n-state truth table that is a truth table of an addition over an alternate finite field GF(n) modified in accordance with at least one inverter defined by a multiplication over the alternate finite field GF(n) are also provided. Encoders include scramblers, Linear Feedback Shift Register (LFSR) based encoders, sequence generator based encoders, block coders, streaming cipher encoders, transposition encoders, hopping rule encoders, Feistel network based encoders, check symbol based encoders, Hamming coder, error correcting encoders, encipherment encoders, Elliptic Curve Coding encoders and all corresponding decoders. Systems applying encoders and decoders also are provided. | 07-05-2012 |

20120250854 | CRYPTOGRAPHY CIRCUIT PROTECTED AGAINST OBSERVATION ATTACKS, IN PARTICULAR OF A HIGH ORDER - A cryptography circuit protected against observation attacks comprises at least one register R providing a variable x masked by the mask m, the masked variable being encrypted by a first substitution box S in a cyclic manner. The circuit also comprises a mask register M delivering at each cycle a mask m | 10-04-2012 |

20120076293 | HYBRID MODE CRYPTOGRAPHIC METHOD AND SYSTEM WITH MESSAGE AUTHENTICATION - An encryption and authentication technique that achieves enhanced integrity verification through assured error-propagation using a multistage sequence of pseudorandom permutations. The method generates intermediate data-dependent cryptographic variables at each stage, which are systematically combined into feedback loops. The encryption technique also generates an authentication tag with minimal post processing that is the size of the state. | 03-29-2012 |

20090103716 | Information Processing Apparatus - A high-security cryptanalysis-resistant cryptographic processing apparatus and a cryptographic processing method are provided. A Feistel common key block cipher is produced by repeatedly performing an SPN-type F-function including a nonlinear transformation part and a linear transformation part over a plurality of rounds. In each round, a linear transformation process is performed according to an F-function using a matrix determined so as to satisfy a relatively loose constraint whereby high resistance to differential attacks and/or linear attacks is achieved. The relatively loose constraint allows an increase in the number of candidates for usable matrices, and it is possible to maintain the number of active S-boxes to a sufficiently large level. This makes it possible to increase the minimum number of active S-boxes, which is one of measures indicating the degree of robustness of ciphers, and thus it is possible to realize an algorithm of encrypting data in a highly secure manner so that high resistance to attacks is achieved. | 04-23-2009 |

20120314855 | Trapdoor One-Way Functions on Elliptic Curves and Their Application to Shorter Signatures and Asymmetric Encryption - A new trapdoor one-way function is provided. In a general sense, some quadratic algebraic integer z is used. One then finds a curve E and a rational map defining [z] on E. The rational map [z] is the trapdoor one-way function. A judicious selection of z will ensure that [z] can be efficiently computed, that it is difficult to invert, that determination of [z] from the rational functions defined by [z] is difficult, and knowledge of z allows one to invert [z] on a certain set of elliptic curve points. | 12-13-2012 |

20110096922 | IMAGE PROCESSING APPARATUS AND IMAGE PROCESSING METHOD - An object detection unit of a network camera detects an object including a human figure from image data. An event detection unit analyzes the image data based on a result of the object detection by the object detection unit. Based on a result of the image data analysis, an event detection unit determines to make identifiable to a client a human figure that should be monitored by the client and to apply masking to a human figure that should not be monitored by the client to make it unidentifiable to the client. | 04-28-2011 |

20100008496 | ENCRYPTION AND SIGNATURE SCHEMES USING MESSAGE MAPPINGS TO REDUCE THE MESSAGE SIZE - According to some embodiments of the invention, a message is processed before encryption so that the encryption method generates a short ciphertext. The message processing can be viewed as a mapping ( | 01-14-2010 |

20120224687 | Method and apparatus for optimizing Advanced Encryption Standard (AES) encryption and decryption in parallel modes of operation - The throughput of an encryption/decryption operation is increased in a system having a pipelined execution unit. Different independent encryptions (decryptions) of different data blocks may be performed in parallel by dispatching an AES round instruction in every cycle. | 09-06-2012 |

20090052655 | Method for Encryption and Decryption - It is described a method of encrypting digital information in a sender and decrypting said digital information in a receiver, where said sender and receiver agree on a block of a working key. First a sender generates a secret padding code. Said sender combines said digital information with the said secret padding code to produce a block of padded plaintext. Then, said sender computes encrypted information by applying a triangular encryption function. The sender transmits said encrypted information to said receiver, where the receiver decrypts said encrypted information received from said sender by applying a triangular decryption function, and then the receiver unpads said digital information by removing said secret padding code from the blocks of plaintext. | 02-26-2009 |

20120257742 | Efficient Implementation of Hash Algorithm on a Processor - An efficient implementation of SHA-512, and similarly SHA-384, on an ARM processor. The implementation maximizes reuse of the register values between iterations so as to minimize the need to load these values from memory. This is achieved by categorizing the iterations into even and odd ones such that the sequence of computation in the even iteration is reversed in the odd iteration and the register values at the end of one iteration are consumed at the beginning of the following one. | 10-11-2012 |

20120082307 | CRYPTOGRAPHY ON A ELLIPTICAL CURVE - A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y | 04-05-2012 |

20120082306 | Data Encryption and Input System - A method of encrypting and inputting data by creating a relationship between a predetermined indicator key and the data to be passed on is presented. In the preferred embodiment, one or more data encryption dials are presented, each with a compartmentalized ring containing numerical data values. At least one compartmentalized ring containing indicator keys is also positioned on the encryption dial which can be rotated into apposition with the numerical data values. When data values are entered, the interface uses the data value that is in apposition with the predetermined indicator key as the data value to be passed on to a data receiving system. Upon submission of the first data value, the positions of the indicator keys and numerical data values change randomly before allowing the user to use the encryption dials to submit the second data value. | 04-05-2012 |

20090214023 | Method for elliptic curve scalar multiplication - The method for elliptic curve scalar multiplication may provide several countermeasures to protect scalar multiplication of a private key k by a point P to produce the product kP from power analysis attacks. First, the private key, k, is partitioned into a plurality of key partitions, which are processed in a random order, the resulting points being accumulated to produce the scalar product kP. Second, in each partition, the encoding is randomly selected to occur in binary form or in Non-Adjacent Form (NAF), with the direction of bit inspection being randomly assigned between most-to-least and least-to-most. Third, in each partition, each zero in the key may randomly perform a dummy point addition operation in addition to the doubling operation. The method may be implemented in software, smart cards, circuits, processors, or application specific integrated circuits (ASICs) designed to carry out the method. | 08-27-2009 |

20110123020 | ENDECRYPTOR CAPABLE OF PERFORMING PARALLEL PROCESSING AND ENCRYPTION/DECRYPTION METHOD THEREOF - An encryption/decryption method of an endecryptor including a plurality of endecryption units supporting an XES mode with tweak and ciphertext streaming (XTS) includes dividing an input data stream into consecutive data units; inputting the divided data units to the endecryption units, respectively; and simultaneously processing the input data units at the respective endecryption units. According to the encryption/decryption method, parallel processing is performed to encrypt/decrypt data at higher speed. | 05-26-2011 |

20120237020 | METHODS FOR CUSTOMIZING A RIJNDAEL BLOCK CIPHER - A key variable loader receives a set of Rijndael parameters that were verified using a simulation computer, wherein the set of Rijndael parameters provide an input for implementing at least one step of the Rijndael block cipher and when used with a secret key allow a conversion between plain text and cipher text using the Rijndael block cipher. The key variable loader further stores the set of Rijndael parameters and subsequently provides the set of Rijndael parameters to a device having a customizable Rijndael block cipher, like a subscriber unit or a key management facility. | 09-20-2012 |

20120237021 | MULTI-DIMENSIONAL MONTGOMERY LADDERS FOR ELLIPTIC CURVES - An algorithm is provided having a matrix phase and point addition phase that permits computation of the combination of more than two point multiples. The algorithm has particular utility in elliptic curve cryptography (ECC) such as for computing scalar multiplications in, e.g. batch ECC operations, accelerating Lenstra's ECM factoring algorithm, exploiting expanded ECC certificates (which contain pre-computed multiples of a party's public key), incremental hashing based on elliptic curves, accelerating verification of ECDSA signatures, etc. | 09-20-2012 |

20110002459 | APPARATUS AND METHOD FOR TRANSMITTING AND RECEIVING DATA - Provided is an apparatus to transmit and receive data, and a method thereof. A data transmission apparatus may generate a first cryptogram and a second cryptogram by encrypting a message authentication code to be transmitted, using a plurality of encryption keys, and may transmit the generated first cryptogram and the second cryptogram to a data reception apparatus. | 01-06-2011 |

20090067617 | SECURE MODULAR EXPONENTIATION BY RANDOMIZATION OF EXPONENT SCANNING - Systems and/or methods that facilitate secure electronic communication of data are presented. A cryptographic component facilitates securing data associated with messages in accordance with a cryptographic protocol. The cryptographic component includes a randomized exponentiation component that facilitates decryption of data and generation of digital signatures by exponentiating exponents associated with messages. An exponent is divided into more than one subexponent at an exponent bit that corresponds to a random number. Exponentiation of the first subexponent can be performed based on a left-to-right-type of exponentiation algorithm, and exponentiation of the second subexponent can be performed based on a right-to-left square-and-multiply-type of exponentiation algorithm. The final value is based on the exponentiations of the subexponents and can be decrypted data or a digital signature, which can be provided as an output. | 03-12-2009 |

20120269341 | Method For Operating A Tachograph And Tachograph - A method for operating a tachograph having an application controller and a safety controller. A memory is associated with the application controller and a further memory is associated with the safety controller. An encrypted program code having at least one associated signature is made available to the safety controller. The encrypted program code is decrypted by means of the security controller and verified by the at least one signature. It is detected whether the decrypted program code (EPC) is intended for the application controller and/or for the security controller. Depending on what is detected, the program in the memory and/or the further program in the further memory is at least partially replaced by the decrypted program code and, depending on a result of the verification, the at least partially replaced program and/or the at least partially replaced further program is released for executing. | 10-25-2012 |

20120269340 | HIERARCHICAL ENCRYPTION/DECRYPTION DEVICE AND METHOD THEREOF - A hierarchical encryption device for decrypting a ciphertext and outputting a plaintext is disclosed in the invention, wherein the ciphertext comprises an encrypted block and a plurality of ciphertext blocks. The device comprises a first decryption unit, a generator and a second decryption unit. The second decryption unit is for decrypting the encrypted block by a secret key with a second decryption method to generate at least one index block and a plurality of confusion blocks. The generator is for generating a plurality of mask blocks according to the plurality of confusion blocks and the index block, wherein the number of the plurality of mask blocks is the same as that of the plurality of ciphertext blocks. The first decryption unit is for decrypting the plurality of ciphertext blocks by the plurality of mask blocks with a first decryption method to generate a plurality of plaintext blocks, wherein the number of the plurality of plaintext blocks is the same as that of the plurality of ciphertext blocks. | 10-25-2012 |

20100189252 | METHOD AND SYSTEM FOR PROCESSING OF IMAGES - XHD video is acquired from a camera fitted with an ultra-wide field-of-view lens such as a fish eye lens. The active picture portion of the images are divided into patterns each having a plurality of pixels. The patterns are assigned coordinate values and then reformatted into HD format using an encryption key which reorders the patterns. The images are processed in the HD format and then returned to XHD formation by applying the reverse reordering process under the control of the key. | 07-29-2010 |

20100189251 | Security Enhanced Data Platform - The security enhanced data platform is comprised of two primary subsystems and a host of supporting subsystems. The first primary subsystem is a document management system. A set of client side tools provides the user a way to specify classifications and compartments for selected areas of a document, and a way to save the document in the format required by the system in order to allow the system to enforce the rules and privileges dictated to the system. The second subsystem is a security enhanced database management system. In documents the system allows different user privilege requirements on the document as a whole as well as on pages, paragraphs, sentences, words, and/or letters of a word. A history of document changes is maintained to provide an audit trail after the fact of who did what changes, where those changes were made and when those changes were made. | 07-29-2010 |

20090080646 | Method And Architecture For Parallel Calculating Ghash Of Galois Counter Mode - Disclosed is a method and architecture for parallel calculating GHASH of Galois Counter Mode (GCM), which regards the additional authenticated data A and the ciphertext C defined in the GCM as a single data M with an input order of a sequence M | 03-26-2009 |

20100232601 | ELLIPTIC CURVE ARITHMETIC PROCESSING UNIT AND ELLIPTIC CURVE ARITHMETIC PROCESSING PROGRAM AND METHOD - An apparatus for executing cryptographic calculation on the basis of an elliptic point on an elliptic curve includes: a memory for storing a first value including a plurality of digits; and a processor for executing a process including: obtaining a second value representing a point on the elliptic curve; calculating output values by using a predetermined equation, each digit of the first value, and the second value; determining whether at least one of the second value and the output values indicates a point of infinity; terminating the calculation when at least one of the second value and the output values indicates the point at infinity; and completing calculation when both the second value and the output values do not indicate the point at infinity, so as to obtain a result of the cryptographic calculation. | 09-16-2010 |

20100232600 | Exclusive encryption system - An encryption system includes a plurality of encryption operations including individual encryption operations and group encryption operations available for application in the encryption of data. The plurality of encryption operations are selected from the group consisting of functional variance, functional alignment, mathematical offset, wide XOR function, short logical rotation, long logical rotation, functional order, and address encryption. The system includes at least one round of encryption composed of a first encryption operation and a second encryption operation. The first encryption operation is selected from the plurality of encryption operations acting upon input data to generate a first encrypted data set. The second encryption operation is selected from the plurality of encryption operations acting upon the first encrypted data set to generate a second encrypted data set. The first encryption operation and the second encryption operation are different. | 09-16-2010 |

20100232599 | Fault-resistant calculcations on elliptic curves - Means for checking the correctness of a cryptographic operation on an elliptic curve E(Z/pZ), including fault-resistant computation of Q=kP on elliptic curve E(Z/pZ). Elliptic curve Ê(Z/pr | 09-16-2010 |

20100232598 | INFORMATION RECORDING MEDIUM, INFORMATION RECORDING APPARATUS AND METHOD, AND COMPUTER PROGRAM - An information recording medium ( | 09-16-2010 |

20120321075 | FAULT-RESISTANT EXPONENTIATIONI ALGORITHM - A method for performing a m-ary right-to-left exponentiation using a base x, a secret exponent d and a modulus N, wherein m is a power of 2. A device having a processor and m+1 registers R[ | 12-20-2012 |

20120087491 | A METHOD AND A DEVICE FOR PERFORMING TORUS-BASED CRYPTOGRAPHY - At CRYPTO 2003, Rubin and Silverberg introduced the concept of torus-based cryptography over a finite field. The present invention extends their setting to the ring of integers modulo N, thus obtaining compact representations for cryptographic systems that base their security on the discrete logarithm problem and the factoring problem. This can result in small key sizes and substantial savings in memory and bandwidth. However, unlike the case of finite field, analogous trace-based compression methods cannot be adapted to accommodate the extended setting of the invention when the underlying systems require more than a mere exponentiation. The invention finds particular application in a torus-based implementation of the ACJT group signature scheme. Also provided is a processor. | 04-12-2012 |

20120087490 | Method And Arrangement For Protecting File-Based Information - The invention represents a method for creating a ciphertext block from a plaintext block consisting of more than one consecutive plaintext character strings (M | 04-12-2012 |

20120087489 | CRYPTOGRAPHIC PROCESSING APPARATUS AND CONTROL METHOD FOR CRYPTOGRAPHIC PROCESSING CIRCUIT - An aspect of the present invention is a cryptographic processing apparatus including a division unit that divides input data into multiple partial data items, the input data being one of plaintext and a round processing result; multiple data holding units that hold the partial data items, respectively; and a combining unit that combines the partial data items held in the multiple data holding units into a single round processing target data item to be subjected to round processing. The division unit selects a storage destination of each partial data item from among the data holding units, and stores each of the partial data items into the storage destination selected. The combining unit combines the partial data items into a round processing target item to reconstruct the input data according to the storage destination of each partial data item selected by the division unit. | 04-12-2012 |

20120087488 | CRYPTOGRAPHIC PROCESSOR WITH DYNAMIC UPDATE OF ENCRYPTION STATE - An efficient implementation of a cryptographic processor that dynamically updates the encryption state is described. The cryptographic processor can be implemented with a minimal number of gates, yet still perform cryptographic operations quickly. The cryptographic processor has an interface, a memory, a pseudorandom permutation block and control logic. The interface receives input data blocks and returns cryptographically processed data blocks. The memory is used to store an encryption state of the cryptographic processor. The pseudorandom permutation block transforms a portion of the encryption state that is modified for each input data block by at least the input data block and a previously transformed data block. The control logic routes data in the cryptographic processor to return cryptographically processed data blocks at the interface and update dynamically the encryption state stored in memory using the transformed data blocks from the pseudorandom permutation block. | 04-12-2012 |

20120328093 | PROCESSING CONTEXT INFORMATION - A method and system for generating contexts of targets to estimate a high-order context. The system includes: a detection device including: a sensor for detecting a target; module for extracting the target and a primary context of the target based on data detected by the sensor; and module for encrypting the primary context with a key corresponding to the target; a storage device for recording encrypted primary context from the detection device; and a processing device including: module for receiving the encrypted primary context from the storage device; module for receiving the key corresponding to the target involved in the encrypted primary context; module for decrypting the encrypted primary context using received key; and module for estimating a high-order context using the decrypted primary context; where the processing device further includes a module for requesting the detection device to delete information on a key corresponding to a specific target. | 12-27-2012 |

20120328091 | REVERSIBLE CIPHER - A cipher device having a number of data bits in an input register corresponding to a data unit element, a sudoku filter coupled with the input register, and a data selector coupled with the sudoku filter and the input register. A fob cipher device has a FPGA programmed to perform encrypting of a plaintext with a transposed Sudoku to form a first ciphertext and encrypting the first ciphertext with pseudorandom mixing bits to form a second ciphertext. A reversible encryption method includes encrypting plaintext with a transposed Sudoku forming a first ciphertext, encrypting the first ciphertext with pseudorandom mixing bits forming a second ciphertext, and outputting the plaintext-corresponding second ciphertext. | 12-27-2012 |

20120321074 | METHOD FOR CONVERSION OF A FIRST ENCRYPTION INTO A SECOND ENCRYPTION - A method for converting, by means of a conversion entity, a first digit into a second digit, the first cipher corresponding to the result of a symmetric probabilistic encryption of an plain message element using a first secret matrix parameterized by a random vector, the second digit corresponding to the result of a symmetric probabilistic encryption of the plain message element using a second secret matrix that is parameterized by the random vector, characterized in that the method includes a step of: calculating the second digit by encrypting the first digit using a secret conversion matrix which is a function of the first and second secret matrices, and which is parameterized by the random vector. | 12-20-2012 |

20090185678 | METHOD AND APPARATUS FOR COMPRESSION OF DATA ON STORAGE UNITS USING DEVICES INSIDE A STORAGE AREA NETWORK FABRIC - The capability to encrypt or compress the traffic over network links, thus improving the security of the link on the performance of the links, and the capability to encrypt/decrypt data stored on the storage devices without requiring specialized hosts or storage devices. In a first embodiment, traffic to be routed over a selected link needing encryption and/or compression is routed to hardware which performs the encryption and/or compression and returned for transmission over the link. A complementary unit at the second end of the link routes the received frames to complementary hardware to perform the decryption and/or decompression. The recovered frames are then routed to the target device in a normal fashion. In a variation of this first embodiment the hardware is developed using an FPGA. This allows simple selection of the desired feature or features present in the switch. The switch can be easily configured to perform encryption, compression or both, allowing great flexibility to a system administrator. In a second embodiment frames can be encrypted by a switch and then provided to the storage device in this encrypted manner. The frames from the storage device are decrypted before provision to the requesting host. By performing the encryption and decryption in the switch, conventional hosts and storage devices can be utilized. | 07-23-2009 |

20120328092 | PROCESSING CONTEXT INFORMATION - A system for generating contexts of targets to estimate a high-order context. The system includes: a detection device including: a sensor for detecting a target; module for extracting the target and a primary context of the target based on data detected by the sensor; and module for encrypting the primary context with a key corresponding to the target; a storage device for recording encrypted primary context from the detection device; and a processing device including: module for receiving the encrypted primary context from the storage device; module for receiving the key corresponding to the target involved in the encrypted primary context; module for decrypting the encrypted primary context using received key; and module for estimating a high-order context using the decrypted primary context; where the processing device further includes a module for requesting the detection device to delete information on a key corresponding to a specific target. | 12-27-2012 |

20120328094 | INTERFACE AND COMMUNICATION PROTOCOL FOR A MOBILE DEVICE WITH A SMART BATTERY - Various embodiments are described herein for a mobile communication device that utilizes a smart battery. The mobile device includes a main processor for controlling the operation of the mobile communication device. The smart battery is coupled to the main processor and provides supply power. The smart battery includes a battery processor for controlling the operation of the smart battery and communicating with the main processor, and a battery module having one or more batteries for providing the supply power. A battery interface is provided for coupling between the main processor and the battery processor for providing communication therebetween. The battery interface comprises a data communication line and protection circuitry for protecting the main processor from electrostatic discharge. A communication protocol is also provided for communication between the main processor and the battery processor. | 12-27-2012 |

20120328095 | IMAGE DECRYPTION APPARATUS AND IMAGE DECRYPTION METHOD - An image decryption apparatus includes: an interface unit that acquires an encrypted image; and a processor adapted to: specify a block not presenting unevenness in brightness and a block presenting unevenness in brightness, among a plurality of first blocks into which the encrypted image is divided, and generate a decrypted image by moving each pixel of the encrypted image, in accordance with a predetermined rule; select, from among the second blocks located near the block of interest in a plurality of second blocks into which the decrypted image is divided, at least one second block that is included in the block not presenting unevenness in brightness on the encrypted image prior to generation of the decrypted image, as a reference value calculation block; and correcting the value of each pixel included in the block of interest, using the values of pixels included in the reference value calculation block. | 12-27-2012 |

20120288086 | FINITE FIELD CRYPTOGRAPHIC ARITHMETIC RESISTANT TO FAULT ATTACKS - Various embodiments relate to a method for integrity protected calculation of a cryptographic function including: performing an operation c=a∘b in a cryptographic function f(x | 11-15-2012 |

20120288085 | PROCESSOR WITH ARCHITECTURE IMPLEMENTING THE ADVANCED ENCRYPTION STANDARD - Methods and apparatus are provided for implementing the advanced encryption standard. The apparatus comprises a first multiplexer receiving during a first cycle a data word, a substitution transformation of the data word and inverse substitution transformation of the data word to provide a first output. During the next cycle, a second multiplexer receives the first output, a mixed column transformation of the first output and an inverse mixed column transformation of the first output to provide a second output. Also in the next cycle, the second output is added to a round key to provide one round of an encoded or decoded digital word compliant with the advanced encryption standard with cycle-by-cycle throughput. The method comprises shifting a received data word and processing the shifted data word using a substitution transformation (encoding) or an inverse substitution transformation (decoding) during a first cycle in an advanced encryption standard unit of a processor. In the next cycle, the result from the first cycle is processed using a mixed column transformation (encoding) or an inverse mixed column transformation (decoding) and the result is added to a round key to provide one round compliant with the advanced encryption with cycle-by-cycle throughput. | 11-15-2012 |

20120288087 | CRYPTO ARRANGEMENT WITH MIXED ENDIAN - A method of sending or marshaling data from a device through a cryptographic unit in a software communications architecture (SCA), includes identifying an endian mode of the cryptographic unit, and determining if the data to be sent from the device has an endian mode that matches the endian mode of the cryptographic unit. If the endian modes match, the data is enabled to be sent through the cryptographic unit. If the endian modes do not match, the endian mode of the data is flipped and then the data is then enabled to be sent through the cryptographic unit. | 11-15-2012 |

20100202607 | Linear predictive coding implementation of digital watermarks - Z-transform calculations may be used to encode (and/or decode) carrier signal independent data (e.g., digital watermarks) to a digital sample stream. Deterministic and non-deterministic components of a digital sample stream signal may be analyzed for the purposes of encoding carrier signal independent data to the digital sample stream. The carrier signal independent data may be encoded in a manner such that it is restricted or concentrated primarily in the non-deterministic signal components of the carrier signal. The signal components can include a discrete series of digital samples and/or a discreet series of carrier frequency sub-bands of the carrier signal. Z-transform calculations may be used to measure a desirability of particular locations and a sample stream in which to encode the carrier signal independent data. | 08-12-2010 |

20100202606 | Two strings private key (symmetric) encryption and decryption method - Two strings encryption algorithm where a long and a short string are used. The byte values of the short string points to a location of the long string and the plaintext is aligned with the long string's location and encryption is performed using the long string's byte values and the plaintext the process is repeated for all bytes of the short string pointing to the long string and aligned a byte to encrypt with the long string. | 08-12-2010 |

20100202605 | METHOD OF OPTIMIZING COMBINATIONAL CIRCUITS - A method of simplifying a combinational circuit establishes an initial combinational circuit operable to calculate a set of target signals. A quantity of multiplication operations performed in a first portion of the initial combinational circuit is reduced to create a first, simplified combinational circuit. The first portion includes only multiplication operations and addition operations. A quantity of addition operations performed in a second portion of the first, simplified combinational circuit is reduced to create a second, simplified combinational circuit. The second portion includes only addition operations. Also, the second, simplified combinational circuit is operable to calculate the target signals using fewer operations than the initial combinational circuit. | 08-12-2010 |

20100177889 | IMAGE FORMING APPARATUS AND ENCRYPTION PROCESS CONTROL METHOD - An encryption process control technique is provided which can reduce the power consumption in an image forming apparatus including an exclusive circuit for an encryption process. The image forming apparatus includes: a first encryption processor mounted as hardware to perform a data encrypting process; a second encryption processor mounted as software to perform a data encrypting process; a process controller determining which of the first encryption processor and the second encryption processor should be used to perform a data encryption process; and a power supply restrictor stopping or decreasing a supply of power to the first encryption processor when the process controller determines that the second encryption processor is used to perform the encryption process. | 07-15-2010 |

20130016829 | Cryptographic Processing Apparatus and Cryptographic Processing Method, and Computer Program - There is provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased. In a Feistel type common key block encrypting process in which an SPN type F function having a nonlinear conversion section and a linear conversion section is repeatedly executed a plurality of rounds. The linear conversion process of an F function corresponding to each of the plurality of rounds is performed as a linear conversion process which employs an MDS (Maximum Distance Separable) matrix, and a linear conversion process is carried out which employs a different MDS matrix at least at each of consecutive odd number rounds and consecutive even number rounds. This structure makes it possible to increase the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encrypting function. | 01-17-2013 |

20130016828 | PROTECTION OF A MODULAR EXPONENTIATION CALCULATION BY MULTIPLICATION BY A RANDOM QUANTITYAANM Teglia; YannickAACI BelcodeneAACO FRAAGP Teglia; Yannick Belcodene FR - A method for protecting a calculation, by an electronic circuit, of a modular exponentiation of a digital quantity, wherein: a first variable is initialized with a random quantity; at least one second variable is initialized with a value which is a function of the digital quantity; at least for a bit at 1 of an exponent of the modular exponentiation, the first variable is updated by: a) the quotient of its content and a power of the random quantity; and b) the product of its content by that of the second variable; and once all the exponent bits have been processed, the content of the first variable is divided by the random quantity to provide the result of the modular exponentiation. | 01-17-2013 |

20130016827 | PROTECTION OF A CALCULATION ON AN ELLIPTIC CURVEAANM Teglia; YannickAACI BelcodeneAACO FRAAGP Teglia; Yannick Belcodene FR - A method for protecting a calculation on an elliptic curve, by an electronic circuit, wherein a point of an elliptic curve is multiplied by a digital quantity, comprising the steps of: initializing a first variable with a value which is a function of a random quantity; initializing at least a second variable with a value which is a function of the digital quantity; at least for a bit at 1 of the digital quantity, the first variable is updated by: a) subtracting a multiple of the random quantity; and b) adding the content of the second variable; and once all the bits of the digital quantity have been processed, subtracting from the first variable the product of the point to by the random quantity to provide the result. | 01-17-2013 |

20130016826 | PROTECTION OF A MODULAR EXPONENTIATION CALCULATION BY ADDITION OF A RANDOM QUANTITYAANM Teglia; YannickAACI BelcodeneAACO FRAAGP Teglia; Yannick Belcodene FR - A method for protecting a calculation, by an electronic circuit, of a modular exponentiation of a digital quantity, wherein: a first variable is initialized with a random quantity increased by once unit; a second variable is initialized with the product of the digital quantity by the random quantity; a third variable is initialized with the digital quantity; iteratively for all the bits at 1 of an exponent of the modular exponentiation, the first variable is updated by: a) multiplying its content by that of the third variable; and b) subtracting thereto the content of the second variable increased by the random quantity; and once all the bits of the exponent have been processed, the content of the first variable is decreased by the random quantity to provide the result of the modular exponentiation. | 01-17-2013 |

20130016825 | METHOD AND APPRATUS FOR ADVANCED ENCRYPTION STANDARDAANM Efrat; DvorAACI Rishon Le-ZionAACO ILAAGP Efrat; Dvor Rishon Le-Zion ILAANM Amir; EranAACI Givat AdaAACO ILAAGP Amir; Eran Givat Ada IL - A method for AES comprising performing AES on a provided state of data elements at the original locations of the data elements in the provided state without moving the data elements in the state, and an apparatus for performing the same. | 01-17-2013 |

20130016830 | POWER ANALYSIS ATTACK COUNTERMEASURE FOR THE ECDSA - Execution of the Elliptic Curve Digital Signature Algorithm (ECDSA) requires determination of a signature, which determination involves arithmetic operations. Some of the arithmetic operations employ a long term cryptographic key. It is the execution of these arithmetic operations that can make the execution of the ECDSA vulnerable to a power analysis attack. In particular, an attacker using a power analysis attack may determine the long term cryptographic key. By modifying the sequence of operations involved in the determination of the signature and the inputs to those operations, power analysis attacks may no longer be applied to determine the long term cryptographic key. | 01-17-2013 |

20110158400 | COOPERATIVE ENCODING OF DATA BY PLURALITIES OF PARTIES - Methods and apparatus include cooperatively encoding digital data between collaborating parties. By prior agreement, the parties take turns encoding portions of a given payload (e.g., document), until all portions have been encoded, thereby transforming the payload from a native encoding to a new, composite encoding. Choreography rules facilitate the process. Each party is free to use its own processing scheme. The use of a lookback or chaining step enables each party to impart a quality of informational entanglement to the output during its construction. By virtue of these features and attendant synergies, the resultant jointly encoded digital data enjoys certain novel cryptographic properties in addition to serving as a record of interaction between parties. To decode the data, the process is reversed. Third parties are optionally employed to mediate aspects of the process. Noise and padding, such as watermarks or copyrights, may be added variously to the encoded digital data. Encoding schemes include encryption or compression algorithms. | 06-30-2011 |

20120243678 | DATA PROTECTION USING DISTRIBUTED SECURITY KEY - For protecting data stored in an electronic device, an inner security key encrypting and decrypting data stored in the electronic device is encrypted with an outer security key. The outer security key is stored on an external memory to be coupled to the electronic device. The outer security key is generated from at least a unique identifier of the electronic device, a unique identifier of the external memory device, and a personal identification number. Additional constituents of the outer security key may be provided, e.g., an identifier of an auxiliary device to be coupled to the electronic device. | 09-27-2012 |

20080240425 | Data De-Identification By Obfuscation - Medical or other data is de-identified by obfuscation. Located instances are replaced. By replacing with values in a same format and level of generality, multiple possible identifications—the replacement values and the instances not located—are provided in the data, obfuscating the original identification. By replacing as a function of a probability, the resulting data set has different instances distributed in a way making identification of the actual or original instances not located by searching more difficult. | 10-02-2008 |

20080240424 | CRYPTOGRAPHIC SYSTEMS AND METHODS SUPPORTING MULTIPLE MODES - Cryptographic systems and methods that support multiple modes of operation, such as CBC, CTR and/or CCM modes. In one aspect, a method for encrypting data includes reading a plaintext data block from a memory, storing the plaintext data block in an input buffer, encrypting the plaintext data block in the input buffer using a first mode to generate a first ciphertext, storing the first ciphertext in an output buffer, encrypting the plaintext data block in the input buffer using a second mode to generate a second ciphertext. For example, in a CCM mode of operation wherein the first mode is a CTR (counter) mode and the second mode is a CBC (cipher block chaining) mode, the block of plaintext that is initially read from memory and stored in the data input register is applied to both the CTR and CBC modes, thereby reducing a number memory read operations as in conventional CCM modes. | 10-02-2008 |

20080240423 | SPEEDING UP GALOIS COUNTER MODE (GCM) COMPUTATIONS - Methods and apparatus to speed up Galois Counter Mode (GCM) computations are described. In one embodiment, a carry-less multiplication instruction may be used to perform operations corresponding to verification of an encrypted message in accordance with GCM. Other embodiments are also described. | 10-02-2008 |

20080240422 | Efficient advanced encryption standard (AES) Datapath using hybrid rijndael S-Box - The speed at which an AES decrypt operation may be performed in a general purpose processor is increased by providing a separate decrypt data path. The critical path delay of the aes decrypt path is reduced by combining multiply and inverse operations in the Inverse SubBytes transformation. A further decrease in critical path delay in the aes decrypt data path is provided by merging appropriate constants of the inverse mix-column transform into a map function. | 10-02-2008 |

20130170638 | SYSTEM FOR CHECKING ACCEPTANCE OF STRING BY AUTOMATON - A server having an automaton whose state transitions in accordance with received characters, determines whether the automaton has transitioned to a final state on the basis of the characters. The server receives a coding sequence from the client in the characters included in the string. The coding sequence elements corresponding to the characters are values encrypting a non-unity using a first encryption scheme having homomorphism, and whose elements not corresponding to the characters are values encrypting a unity using the first encrypting scheme. The server generates, in response to receiving the coding sequence, exchange data encrypting a subsequent state key corresponding to each of a plurality of previous states of the automaton on the basis of the coding sequence using the first encryption scheme; encrypts exchange data with the corresponding previous state key and sends the encrypted exchange data to the client. | 07-04-2013 |

20130170639 | Transmission of Data Including Conversion of Ternary Data to Binary Data - Binary data relating to a movable barrier operator is converted to ternary data. The ternary data is converted into corresponding binary information in a way not mirroring the first conversion method. In one approach, this second conversion converts each ternary trit into a corresponding binary pair. Initial binary bits correspond to, for example, fixed and/or non-fixed information. | 07-04-2013 |

20080226063 | SIMPLE UNIVERSAL HASH FOR PLAINTEXT AWARE ENCRYPTION - A simple universal hash apparatus and method include input means for inputting at least one of a plurality of Plaintext blocks into an integrity aware encryption scheme using at least one of two secret keys to obtain a plurality of Ciphertext blocks; Plaintext checksum means for computing a Plaintext checksum value from said plurality of Plaintext blocks; Ciphertext checksum means for processing said plurality of Ciphertext blocks and a third key to obtain a Ciphertext checksum; and combination means for combining said Plaintext checksum and said Ciphertext checksum to obtain the simple universal hash value. | 09-18-2008 |

20080226062 | Method for Secure Transmission of Data - A system and method concerns a secure transmission of a file fragmentable into a plurality of fragments, and comprises (a) initially fixing a global encryption key; (b) encrypting the fragmentable file based on said global key to form a first encrypted file; (c) encrypting the global key by means of an asymmetric encryption algorithm using a public key to obtain a global encrypted key; (d) inserting values representing the global encrypted key among the fragments of said encrypted file to form a second encrypted file; and (e) transmitting the second encrypted file. | 09-18-2008 |

20110274270 | CONTENT CONTAINING A STEGANOGRAPHICALLY ENCODED PROCESS IDENTIFIER - A method includes receiving graphic data and steganographically encoding machine-readable data in the graphic data. The machine-readable data identifies a computer implemented process that is to be invoked when the steganographic encoding is decoded and acted upon by a computing device. | 11-10-2011 |

20110274269 | ENCODING POINTS OF AN ELLIPTIC CURVE - The method comprises, in an electronic component, carrying out a cryptographic calculation that includes the step of obtaining points P on an elliptic curve following the equation Y | 11-10-2011 |

20110274268 | CRYPTOGRAPHIC ALGORITHM FAULT PROTECTIONS - The invention relates to a method for securing the execution of a cryptographic algorithm A against fault attacks. Given a cryptographic key K | 11-10-2011 |

20130142324 | DEVICE AND AUTHENTICATION METHOD THEREFOR - According to one embodiment, an authentication method includes generating, by the memory, first authentication information by calculating secret identification information with a memory session key in one-way function operation, transmitting encrypted secret identification information, a family key block, and the first authentication information to a host, and generating, by the host, second authentication information by calculating the secret identification information generated by decrypting the encrypted secret identification information with the host session key in one-way function operation. The method further includes comparing, by the host, the first authentication information with the second authentication information. | 06-06-2013 |

20130142323 | METHODS AND SYSTEMS FOR DERIVING A CRYPTOGRAPHIC FRAMEWORK - A cryptographic framework embodies modular methods for securing data, both at rest and in motion, via an extensible encryption method. Key derivation and synchronization methods are defined. Using a small set of initialization values (keys), a multi-dimensional geometric form from which two or more entities (participants) may derive the same discrete set of public and secret keys. Participants can initialize a random number generation method of practically infinite non-repeating length. Furthermore, the random number generator can be used as a One Time Pad synchronized between participants, without ever exchanging said One Time Pad. Furthermore, a method for ciphering and deciphering data including a method for splitting the encrypted data into multiple files or streams and for recombining the original data back. Finally, a method for extending the encryption to include a practically unlimited number of external authentication factors without negatively impacting encryption performance while simultaneously increasing cryptographic strength. | 06-06-2013 |

20130142328 | ENCRYPTION DEVICE, ENCRYPTION SYSTEM, ENCRYPTION METHOD, AND ENCRYPTION PROGRAM - The object is to enable cipher communication even when a cipher key in a one-time pad cipher (Vernam cipher) is running short. A one-time pad encrypting part encrypts communication data by the one-time pad cipher by sequentially using part of a one-time pad cipher key stored in a one-time pad cipher key storage part, to generate encrypted data. A block-encrypting part encrypts communication data by a block cipher by using a block-cipher key stored in a block-cipher key storage part, to generate encrypted data. An encryption control part controls whether the communication data is to be encrypted by the one-time pad encrypting part, or by the block-encrypting part, depending on a remaining bit count of the one-time pad cipher key stored in the one-time pad cipher key storage part. | 06-06-2013 |

20130142327 | ANTI-SPYING ENCRYPTED KEYBOARD - Disclosed is an anti-spying encrypted keyboard, particularly an anti-spying encrypted keyboard having an anti-spying detection protective system in multiple aspects. The anti-spying encrypted keyboard comprises a key panel and a main control board. The main control board includes a control circuit with self-destruct function. The control circuit is fixedly sealed on the back of the main control board by an anti-spying protective mechanism. The anti-spying protection mechanism is electrically connected with the control circuit. The anti-spying protection mechanism comprises: an anti-spying cover ( | 06-06-2013 |

20130142326 | PARALLEL ENCRYPTION/DECRYPTION - The present disclosure includes methods and devices for parallel encryption/decryption. In one or more embodiments, an encryption/decryption device includes an input logic circuit, an output logic circuit, and a number of encryption/decryption circuits arranged in parallel between the input logic circuit and the output logic circuit. For example, each encryption/decryption circuit can be capable of processing data at an encryption/decryption rate, and the number of encryption/decryption circuits can be equal to or greater than an interface throughput rate divided by the encryption/decryption rate. | 06-06-2013 |

20130142325 | MEMORY - According to one embodiment, a memory includes a first storage region capable of storing first key (NKey) information, and secret identification information (SecretID) unique to the authenticate, reading and writing data from and to the first storage region from an outside of the authenticatee being inhibited at least after the authenticatee is shipped. | 06-06-2013 |

20090052658 | DESCRAMBLING CIRCUIT, ERROR DETECTION CODE CALCULATING CIRCUIT AND SCRAMBLING CIRCUIT - A descrambling circuit includes three or more scramble value generators, each configured to generate a new scramble value by a formula at a state of shifting number of times different from each other by every eight bits based on a predetermined generator polynomial, a scramble value generated by the generator polynomial, and a descramble unit configured to descramble partially discontinuous scrambled input data by using the scramble values generated by the three or more scramble value generators. | 02-26-2009 |

20130094648 | Apparatus and Method for Producing a Bit Sequence - A method for reconstructing a physically unclonable function (PUF) A for use in an electronic appliance is provided. The method includes producing a checksum C, producing a defective PUF B and reconstructing the PUF A from the defective PUF B using an error correction algorithm. The algorithm produces a plurality of ambiguous results (A | 04-18-2013 |

20130114806 | METHOD FOR ENCRYPTING A MESSAGE THROUGH THE COMPUTATION OF MATHEMATICAL FUNCTIONS COMPRISING MODULAR MULTIPLICATIONS - An embodiment concerns a method for encrypting a message through a cryptographic algorithm including a computation of a mathematical function including the computation of one or more modular multiplications. Such a cryptographic algorithm has a respective module. The method, carried out with an electronic device, includes: | 05-09-2013 |

20130114805 | ENCRYPTION SYSTEM USING DISCRETE CHAOS FUNCTION - Provided is an encryption system, which includes: an encryption round calculation unit for encrypting a plain text; and a substitution unit provided at the encryption round calculation unit and having a plurality of S-boxes defined by a discrete chaos function using each of a plurality of key values as a parameter and performing a substitution calculation process to each of words of the plain text divided by the number of the plurality of key values. Since a discrete chaos function becomes a standard for an S-box design and an encryption calculation operation is performed by a plurality of S-boxes, the encryption system may be applied to a system having a small computational complexity. | 05-09-2013 |

20130101111 | METHOD FOR SCRAMBLING SHAPED DATA - A method includes, in a data storage device, receiving data having a particular proportion of zero values and one values and scrambling the data to generate scrambled data that has the particular proportion of zero values and one values. | 04-25-2013 |

20130101112 | METHOD AND APPARATUS FOR MINIMIZING DIFFERENTIAL POWER ATTACKS ON PROCESSORS - A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation. | 04-25-2013 |

20110268266 | CRYPTOGRAPHIC PROCESSING APPARATUS AND OPERATION METHOD - According to one embodiment, a cryptographic processing apparatus is provided with first to fifth units. The first unit mask-converts input data from first temporary mask into first fixed mask (an invariable value in a first linear operation). In an encryption, the third unit performs a nonlinear operation on the mask-converted data and outputs a first result masked with second fixed mask data (an invariable value in a second linear operation). The fourth unit performs the second linear operation and outputs a encryption result masked with second fixed mask data. In a decryption, the second unit performs the first linear operation on the mask-converted data and outputs a second result masked with the first fixed mask. The third unit performs the nonlinear operation and outputs a decryption result masked with the second fixed mask. In encryption/decryptions, the fifth unit converts the mask of the encryption/decryption results into second temporary mask. | 11-03-2011 |

20130129079 | System And Method For Decryption Of Content Including Disconnected Encryption Chains - Embodiments may include receiving a protected version of content including different encryption chains including encrypted blocks of content. The protected version of content may include decryption information for decrypting the encrypted chains; the decryption information may include initialization vectors that are distinct from the content. Embodiments may also include performing chained decryption on a particular sequence of data blocks including multiple encryption chains from the protected version of the content and at least some of the initialization vectors. Some of the initialization vectors may be positioned between the encryption chains within the particular sequence such that during the chained decryption the initialization vectors are decrypted in sequence with the data blocks of the encryption chains. The chained decryption may result in a sequence of decrypted data blocks including decrypted initialization vectors. Embodiments may include generating a decrypted version of the content by excluding the decrypted initialization vectors from that sequence. | 05-23-2013 |

20130129082 | DETECTION OF WATERMARKS IN SIGNALS - The invention provides for a method and a device for the detection of a watermark in a signal. A first signal is compared with two or more second signals. The second signal with the closest match contains the same watermark as in the first signal. Data indicative for the second signal with the closest match is output as an indication of the watermark in the first signal. The invention further provides for a head-end system that provides watermarked content from which the watermarks are detectable by the watermark detection device. | 05-23-2013 |

20130129081 | LOW-COMPLEXITY ELECTRONIC CIRCUIT PROTECTED BY CUSTOMIZED MASKING - A cryptography circuit protected by masking, said circuit including means for encrypting binary words using at least one key k | 05-23-2013 |

20080205637 | THRESHOLD SECRET SHARING APPARATUS, THRESHOLD SECRET SHARING SCHEME, SECRET INFORMATION DECRYPTION METHOD, AND PROGRAM FOR THE SAME - A threshold secret sharing apparatus, a threshold secret sharing scheme, a secret information recovery apparatus a secret information recovery method, and a program thereof are provided using XOR computation, thereby offering a general (k,n) threshold secret sharing scheme with high computation speed. Secret information K is divided into (n | 08-28-2008 |

20090034716 | TIME APPARATUS, ENCRYPTION APPARATUS, DECRYPTION APPARATUS, AND ENCRYPTION/DECRYPTION SYSTEM - A time apparatus subjects a plurality of IDs to extract algorism. Each of the plurality of IDs is configured from a bit sequence, and the bit sequence is formed by expressing a current time instant as a bit sequence and concatenating a few bits from the first of the bit sequence. The time apparatus produces a plurality of decryption keys obtained as a result of subjecting the plurality of specified IDs to the extract algorism. An encryption apparatus specifies a plurality of IDs. Each of the plurality of IDs is configured from a bit sequence, the bit sequence being formed by expressing the designated time instant as a bit sequence and concatenating a few bits from the first of the bit sequence. The encryption apparatus reads the encryption key and the plurality of IDs supplied from the time apparatus to encrypt same plaintext. The encryption apparatus produces plural pieces of ciphertext. A decryption apparatus selects one decryption key from the inputted plurality of decryption keys, and selects one ciphertext from the inputted plural pieces of ciphertext. The decryption section decrypts the selected ciphertext using the selected decryption key on the basis of an ID based encryption method. | 02-05-2009 |

20110228928 | SELECTION OF A LOOKUP TABLE WITH DATA MASKED WITH A COMBINATION OF AN ADDITIVE AND MULTIPLICATIVE MASK - Processing of masked data using multiple lookup tables (LUTs), or sub-tables, is described. For each input value, an appropriate sub-table provides an output value that is the result of a non-linear transformation (e.g., byte substitution) applied to the input value. An additive mask can be applied to the input data. A transformation can be applied to the masked input data to transform the additive mask into a multiplicative-additive mask. Selected bits of the masked input data and the bits in the additive component of the multiplicative-additive mask can be used in combination to select one of the sub-tables. | 09-22-2011 |

20110228927 | Cryptographic Method of Multilayer Diffusion in Multidimension - The invention provides a diffusion function working on a multidimensional diffusion-area (plaintext/ciphertext), in which a multidimensional medium is meanwhile overlapped to the diffusion-area; accordingly, repeating the diffusion function for at least one time thus brings about the multilayer effect. FIG. | 09-22-2011 |

20110249815 | METHOD OF IMPLEMENTING A BLOCK CIPHER ALGORITHM - A method is provided of implementing a block cipher algorithm by a device storing a fixed initialization datum, comprising, before execution of a first iteration of the algorithm in the course of a session, a step of determining a modified initialization datum by way of a determined function supplied as input with the fixed initialization datum and a state value specific to the session, the state value being stored in the device, said modified initialization datum being usable to implement the first iteration of the algorithm. | 10-13-2011 |

20130148802 | Method and System for High Throughput Blockwise Independent Encryption/Decryption - An encryption technique is disclosed for encrypting a plurality of data blocks of a data segment where the encryption selectively switches between a blockwise independent randomized (BIR) encryption mode and a cipher block chaining (CBC) encryption mode based on a configurable feedback stride. A corresponding decryption technique is also disclosed. | 06-13-2013 |

20090220070 | Video Watermarking - A method and system for watermarking video images including generating a watermark and embedding the generated watermark into video images by enforcing relationships between property values of selected sets of coefficients with a volume of video are described. The watermarks are thereby adaptively embedded in the volume of video. | 09-03-2009 |

20120275594 | Method and Apparatus for Performing Elliptic Curve Scalar Multiplication in a Manner that Counters Power Analysis Attacks - When multiplicative splitting is used to hide a scalar in an Elliptic Curve scalar Multiplication ECSM operation, the associated modular division operation employs the known Almost Montgomery Inversion algorithm. By including dummy operations in some of the branches of the main iteration loop of the Almost Montgomery Inversion algorithm, all branches of the algorithm may be viewed, from the perspective of a Power Analysis-based attack, as equivalent and, accordingly, devoid of information useful in determining the value of the scalar, which may be a cryptographic private key. | 11-01-2012 |

20120275593 | APPARATUS FOR PERFORMING A FAULT DETECTION OPERATION AND METHOD THEREOF - An apparatus for performing a fault detection operation may include a first-coordinate computing unit receiving a first point and a second point in a binary finite field, the first and second points established based on a basic point within a given elliptic curve, each of the first and second points including a first coordinate value and a second coordinate value, the first-coordinate computing unit performing a first addition operation on the first point and the second point to compute a third coordinate value and a second-coordinate computing unit performing a second addition operation on the first and second points to compute a fourth coordinate value, the first and second addition operations computed based on at least one of a difference between the first coordinate values of the first and second points and a difference between the second coordinate values of the first and second points. | 11-01-2012 |

20120275592 | DECOUPLING RIGHTS IN A DIGITAL CONTENT UNIT FROM DOWNLOAD - Systems and methods for enabling a user to obtain rights in a legitimate copy of a digital content unit without downloading the copy from a digital content store are provided. The systems and methods provide an encrypted copy of a digital content unit to a first user and transcript the encrypted copy to generate the legitimate copy to a second user. The encrypted copy is encrypted with a first encrypt key that may be associated with the first user and the legitimate copy is encrypted with a second encrypt key that may be associated with the second user. | 11-01-2012 |

20090086961 | MONTGOMERY MASKED MODULAR MULTIPLICATION PROCESS AND ASSOCIATED DEVICE - This invention concerns a Montgomery masked modular multiplication process and the associated device. The modular multiplication, in congruence n, includes at least a stage generating a pseudo-random number z and a stage adding to the result the product of the said number by n. The invention applies in particular to the securing of processors dedicated to cryptographic calculations. | 04-02-2009 |

20100310067 | Method and System for Providing Synchronous Running Encoding and Encryption - Aspects of the invention provide a method and system for coding information in a communication channel. More particularly, aspects of the invention provide an method and system for synchronous running encryption and/or encoding and corresponding decryption and decoding in a communication channel or link. Aspects of the method may include encoding and/or encrypting a first data using a first or second encoding table and/or a first or second encryption table. The method may indicate which one of the first or second encoding tables or which one of the first or second encryption tables were utilized for encoding and/or encrypting the said first data. The encoded and/or encrypted first data may subsequently be transferred downstream and decoded by synchronous decoder/decryptor using a corresponding decoding and/or decryption table. The corresponding decoding and/or decryption table may be determined based on the indicated first and/or second encoding and/or encrypting tables | 12-09-2010 |

20130156180 | Method And Device For Securing Block Ciphers Against Template Attacks - A method for securing a block cipher F, encrypted with a working key K | 06-20-2013 |

20120281826 | RESILIENT CRYPTOGRAPHIC SCHEME - A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key. | 11-08-2012 |

20130182836 | SECRET SHARING SYSTEM, SECRET SHARING APPARATUS, SECRET SHARING METHOD, SECRET SORTING METHOD, SECRET SHARING PROGRAM - A secret sharing system according to the present invention includes N secret sharing apparatuses. The secret sharing system according to the present invention includes fragment replacement means and reshare means. The fragment replacement means selects a number, smaller than N, of secret sharing apparatuses, generates a bijection π of {1, . . . , K}→{1, . . . , K}among the selected secret sharing apparatuses and designates a fragment a | 07-18-2013 |

20110311042 | ENCRYPTION METHOD - There is described a method of encrypting a set of 2D input data, preferably image data. The method comprises obtaining the hash value of a password and re-sizing the hash value to fir the size of the 2D input data. The re-sized data is transformed using an irreversible transform, and the output of the transform is then used to encode the 2D data. | 12-22-2011 |

20110311041 | CRYTOGRAPHICALLY TRANSFORMING DATA TEXT - In the field of cryptography there is a need to reduce the time taken to cryptographically transform data text while maintaining the low memory requirements associated with conventional square-and-multiply modular exponentiation. | 12-22-2011 |

20120020474 | RECORDING DEVICE, CONTROLLER, CONTROL METHOD OF RECORDING DEVICE - According to some embodiments, there is provided a recording device. The recording device includes: a recording medium having a plurality of sectors; a first writing module configured to write, on a first sector of the plurality of sectors, a first data encrypted using a first encryption key and first encryption key information indicative of the first encryption key; and a re-encrypting module configured to: read the first data from the recording medium; decrypt the first data using the first encryption key to generate decrypted first data; encrypt the decrypted first data using a second encryption key to generate encrypted second data; and write, on the first sector, the encrypted second data and second encryption key information indicative of the second encryption key. | 01-26-2012 |

20130195265 | STEGANOGRAPHIC METHOD AND DEVICE - An apparatus and method for encoding and decoding additional information into a stream of digitized samples in an integral manner. The information is encoded using special keys. The information is contained in the samples, not prepended or appended to the sample stream. The method makes it extremely difficult to find the information in the samples if the proper keys are not possessed by the decoder. The method does not cause a significant degradation to the sample stream. The method is used to establish ownership of copyrighted digital multimedia content and provide a disincentive to piracy of such material. | 08-01-2013 |

20120039463 | Fast Evaluation Of Many Polynomials With Small Coefficients On The Same Point - In one exemplary embodiment of the invention, a method for evaluating at point r one or more polynomials p | 02-16-2012 |

20130202104 | XZ-ELLIPTIC CURVE CRYPTOGRAPHY SYSTEM AND METHOD - The XZ-elliptic curve cryptography system and method provides a computerized method that allows for the encryption of messages through elliptic polynomial cryptography and, particularly, with the embedding of either a symmetric secret key or a public key in the message bit string. The method of performing XZ-elliptic polynomial cryptography is based on the elliptic polynomial discrete logarithm problem. It is well known that an elliptic polynomial discrete logarithm problem is a computationally “difficult” or “hard” problem. | 08-08-2013 |

20130202106 | Performing AES Encryption Or Decryption In Multiple Modes With A Single Instruction - A machine-readable medium may have stored thereon an instruction, which when executed by a machine causes the machine to perform a method. The method may include combining a first operand of the instruction and a second operand of the instruction to produce a result. The result may be encrypted using a key in accordance with an Advanced Encryption Standard (AES) algorithm to produce an encrypted result. The method may also include placing the encrypted result in a location of the first operand of the instruction. | 08-08-2013 |

20130202105 | ARITHMETIC DEVICE - According to an embodiment, an arithmetic device includes an arithmetic processing unit, an address generating unit, and a control unit. The arithmetic processing unit performs a plurality of arithmetic processing used in an encryption method. Based on an upper bit of the address of the first piece of data and based on an offset which is a value corresponding to a counter value and which is based on the address of the first piece of data, the address generating unit generates addresses of the memory device. The control unit controls the arithmetic processing unit in such a way that the arithmetic processing is done in a sequence determined in the encryption method, and that specifies an update of the counter value at a timing of modifying the type of data and at a timing of modifying data. | 08-08-2013 |

20120082305 | ILEXORE (Imaginary Length Enhanced XOR Encoding), is a data transformation process characterized by a series of steps which use a Carried Collateral Damage device which transforms the Vernam Cipher from a "two dimensional" cipher into a "three dimensional" cipher capable of possibly infinite levels of reversible data transformation using the same key - ILEXORE (Imaginary Length Enhanced XOR Encoding), is a data transformation process characterized by the use of a Carried Collateral Damage device which transforms the Vernam Cipher from a “two dimensional” cipher into a “three dimensional” cipher capable of possibly infinite levels of reversible data transformation using the same key, by dynamically biasing the state of a key so as to allow the selective creation of perfect, or imperfect, or randomized, or non-randomized universes of transformed data results and carried collateral states from which optimum results and states with desirable characteristics may be selected, possibly dynamically, for purposes of data encryption and data compression, | 04-05-2012 |

20120093309 | CRYPTOGRAPHY ON A SIMPLIFIED ELLIPTICAL CURVE - A cryptographic calculation includes obtaining a point P(X,Y) from a parameter t on an elliptical curve Y | 04-19-2012 |

20120093308 | APPARATUS AND METHOD FOR GENERATING RANDOM DATA - Provided are an apparatus and method for generating random data to be used when masking data to be ciphered. The apparatus for generating random data according to an exemplary embodiment of the present invention is an apparatus for generating a random function using a physically unclonable function (PUF) logic. The apparatus for generating random data logically operates first data and second data using two different types of logic gates, and inverts the logical operation values selected from the logically operated first data and second data every odd sequence and then, inputs them as the second data again, thereby making it possible to form the output data as the random data. The present invention is applied to a data encryption apparatus for encrypting data to prevent a side channel attack. | 04-19-2012 |

20130208886 | METHOD OF PREVENTING FAULT-INJECTION ATTACKS ON CHINESE REMAINDER THEOREM-RIVEST SHAMIR ADLEMAN CRYPTOGRAPHIC OPERATIONS AND RECORDING MEDIUM FOR STORING PROGRAM IMPLEMENTING THE SAME - Disclosed herein are a method of preventing fault-injection attacks on Chinese Remainder Theorem (CRT)-Rivest Shamir Adleman (RSA) cryptographic operations, and a recording medium for storing a program implementing the same. First, the method receives first and second primes, that is, different primes, and a randomly selected prime, that is, a random prime, which are used for CRT-RSA cryptographic operations. Thereafter, a cumulative value is calculated by performing an XOR (Exclusive OR) operation on the first prime, the second prime, and the random prime using a push function. Thereafter, the first prime, the second prime, and the random prime are loaded by performing an XOR operation on the cumulative value using a pop function corresponding to the push function. Finally, CRT-RSA operations are executed by computing modulo operations based on the first prime and the second prime. | 08-15-2013 |