| Entries |
| Document | Title | Date |
|---|
| 20080260153 | Symmetric and asymmetric cryptography using shadow numbers - A method and an apparatus for enciphering and deciphering content with symmetric and asymmetric cryptography with the use of the shadow numbering system where two or more shadow values are used with two or more base values with a two side equation, on one side the value to encipher is multiplied with one of the shadow value then the modulus taken with the base value, to decipher the enciphered value is multiplied with the shadow value that didn't take part of the first equation then the modulus is taken with the base value, thus, deciphering the enciphered value. | 10-23-2008 |
| 20080285754 | Method, System and Securing Means for Data Archiving With Automatic Encryption and Decryption by Fragmentation of Keys - In the method for data archiving with automatic en- and decryption data ( | 11-20-2008 |
| 20080310633 | METHOD AND DEVICES FOR PROVIDING SECURE DATA BACKUP FROM A MOBILE COMMUNICATION DEVICE TO AN EXTERNAL COMPUTING DEVICE - A method and devices for providing secure data backup from a mobile communication device to an external computing device is described. In accordance with one example embodiment, there is provided a method of backing up data from a mobile communication device to an external computing device, the mobile communication device being connected to the external computing device for exchanging data with each other, the method comprising: receiving a request to backup one or more data items in a plurality of data items stored on the mobile communication device; encrypting a data item using an encryption key stored in memory of the mobile communication device; transferring the encrypted data item to the external computing device; and storing a backup file comprising the encrypted data item in the memory of the external computing device. A method of restoring backup data to a mobile communication device from an external computing device is also provided, as are mobile communication devices and computing devices configured for implementing the backup and restore operations. | 12-18-2008 |
| 20090010436 | DECIPHERABLE SEARCHABLE ENCRYPTION METHOD, SYSTEM FOR SUCH AN ENCRYPTION - A method for encrypting/decrypting a message includes the initial step of generating keys by the sub-steps of generating a public key; generating a decryption key; and generating a derivation key. For a first entity, the message is encrypted using the public key and a cipher. For a second entity, the cipher is decrypted to find the message. A trapdoor associated with said message is generated. The trapdoor corresponds to a derivative of the derivation key specific to the message. A test cipher is tested, using the trapdoor associated with the message, to determine if the test cipher is an encryption of the message using the public key. | 01-08-2009 |
| 20090016527 | METHOD OF ESTABLISHING A SESSION KEY AND UNITS FOR IMPLEMENTING THE METHOD - A method of establishing a session key K | 01-15-2009 |
| 20090041244 | Secure Access System and Method - In one embodiment, a storage device is provided that includes: a storage medium; and a storage engine, the storage engine being configured to generate a secure session key and to receive encrypted content and a corresponding encrypted content key from a host system, wherein the content key has been encrypted by the host system using the secure session key, the storage engine being further configured to decrypt the encrypted content key using the secure session key and to encrypt the decrypted content key with a first storage engine encryption key and to write the storage-engine-encrypted content key to the storage medium. | 02-12-2009 |
| 20090041245 | CONFIDENTIAL INFORMATION PROCESSING DEVICE,CONFIDENTIAL INFORMATION PROCESSING APPARATUS, AND CONFIDENTIAL INFORMATION PROCESSING METHOD - A confidential information processing device performs a cryptographic operation on first input data and second input data. A first cryptographic operation circuit includes: a first register for holding first information; and a first cryptographic operation unit. A first pseudo-cryptographic operation circuit includes a second register for holding second information. A first arbitration circuit causes the first cryptographic operation unit to perform the cryptographic operation on the first input data using the first information held in the first register, when a cryptographic operation request for the first input data is made to the first cryptographic operation circuit, and causes the first cryptographic operation unit to perform the cryptographic operation on the second input data using the second information held in the second register, when a cryptographic operation request for the second input data is made to the first pseudo-cryptographic operation circuit. | 02-12-2009 |
| 20090046858 | System and Method of Data Encryption and Data Access of a Set of Storage Devices via a Hardware Key - Systems and methods of storage device data encryption and data access via a hardware key are described here. One embodiment includes a hardware key to intercept a request sent from a host to a storage device to access data stored on one of a set of storage devices, wherein the data stored on the storage device has been encrypted. The hardware key is configured to be plugged into a port of the host and comprising a unit to control data access to the set of storage devices. The hardware key is to interpret the request and issue a command to the one of the set of storage devices, to access the encrypted data. The hardware key is to provide an encryption key to decipher the encrypted data from the one of the set of storage devices. | 02-19-2009 |
| 20090046859 | METHODS FOR THE GENERATION OF IDENTICAL SYMMETRICAL CRYPTOGRAPHIC KEYS - Methods and algorithms for generating identical symmetrical cryptographic keys. In a method for generating a symmetrical cryptographic key, a first profile is generated, the first profile comprising a series of data points collected over a first period of time. A start time of the first profile is identified and the first profile divided into a sequence of time-based segments, each time-based segment comprising at least one data point. A first symmetrical cryptographic key is calculated from the sequence of time-based segments, and the first symmetrical cryptographic key is stored for at least one of encrypting and decrypting data in cooperation with a second symmetrical cryptographic key substantially identical to the first symmetrical cryptographic key. | 02-19-2009 |
| 20090060187 | DEVICE CERTIFICATE BASED APPLIANCE CONFIGURATION - Embodiments of the present invention address deficiencies of the art in respect to configuring a computing appliance and provide a method, system and computer program product for device certificate based virtual appliance configuration. In one embodiment of the invention, a virtual appliance secure configuration method can be provided. The method can include mounting non-volatile storage to the virtual appliance, retrieving a device certificate from the mounted storage and extracting a signature from the device certificate, activating the virtual appliance in a network domain and acquiring an adapter address and unique identifier for the virtual appliance, and authenticating the signature with the adapter address and unique identifier to ensure a unique active instance of the virtual appliance. | 03-05-2009 |
| 20090060188 | DETERMINING SECURITY STATES USING BINARY OUTPUT SEQUENCES - A system for determining security associations using binary output sequences is described. In an example systematic embodiment, a first device is coupled over a network to a second device. Each device includes a processor and an indicator mechanism coupled to the processor. The indicator mechanism is configured to output a binary representation of a security state established between the devices to a user in perceivable proximity to at least one of the devices. A computer readable storage medium is coupled to the processor and includes executable instructions for the processor. The instructions when executed by the processor initiate a security transaction between the devices. The security transaction includes a protocol that uses one or more public keys to establish a security state between the devices. The indicator mechanism then outputs the binary representation to the user based on the established security state. | 03-05-2009 |
| 20090060189 | TERMINAL DEVICE, GROUP MANAGEMENT SERVER, NETWORK COMMUNICATION SYSTEM, AND METHOD FOR GENERATING ENCRYPTION KEY - A network communication system has terminal devices belonging to a group, the terminal devices generating, if there is a leaving terminal device leaving from the group, an updated group encryption key corresponding to a new group encryption key, from a deletion key corresponding to the leaving terminal device and a group encryption key, and, after the leaving terminal device leaves the group, communicating by using the updated group encryption key; and a group management server generating the updated group encryption key corresponding to the new group encryption key from the deletion key corresponding to the leaving terminal device and the group encryption key, and, after the leaving terminal device leaves the group, communicating by using the updated group encryption key. | 03-05-2009 |
| 20090116645 | FILE SHARING METHOD AND SYSTEM USING ENCRYPTION AND DECRYPTION - Disclosed is a file sharing method and system using encryption and decryption. A client hashes keywords related to files using a symmetric key algorithm, and encodes the hashed keywords. Then, the client encodes the files using the hashed keywords, and uploads to a file sharing server a ciphertext D including an encoded file m and the encoded keywords KW | 05-07-2009 |
| 20090116646 | Integrity protection of streamed content - The invention relates to a method, a system, an electronic device and a computer program for providing at least one content stream to an electronic device applying Digital Rights Management (DRM). In the method a master integrity key is obtained in a streaming node. An encrypted master integrity key is obtained in an electronic device. The encrypted master integrity key is decrypted in the electronic device. At least one session integrity key is formed in the streaming node and in the electronic device using at least the master integrity key and the integrity of at least one content stream is protected between the streaming node and the electronic device using the at least one session integrity key. | 05-07-2009 |
| 20090147957 | SECURE INTERNET TRANSACTION METHOD AND APPARATUS - This invention provides for a transaction card for use at a terminal and for initiating an internet transaction with a SSL protected server, wherein the card comprises a smartcard including an application arranged for extending an SSL connection from the said protected server into the smartcard and, further, the invention can provide for a related terminal, server and related transaction initiation and establishment methods, for extending the said SSL connection as noted above. | 06-11-2009 |
| 20090161869 | Method for distributing encrypted digital content - A method for distributing encrypted digital content is disclosed in the invention. Firstly, a digital content of a source is encrypted via a symmetric key encryption mechanism by using a first public key, so as to generate an encrypted digital content; the first public key is also encrypted to generate an encryption key at the source by using a second public key via an asymmetric key encryption mechanism provided from a destination, so that the encryption key may only be decrypted by using a private key compatible with the second public key at the destination. Therefore, no matter the encrypted digital content is distributed via secure or insecure routes, the ones who are not at the destination cannot access the digital content. | 06-25-2009 |
| 20090185685 | TRUST SESSION MANAGEMENT IN HOST-BASED AUTHENTICATION - In a distributed, multinode data processing environment, computationally more intense public key cryptography is used to establish computationally less challenging symmetric key cryptographic paths which are thus enabled for longer term communication interchanges and in particular for establishing a client's network identity. | 07-23-2009 |
| 20090208011 | METHOD, SYSTEM AND COMPUTER PRODUCT FOR SECURING PATIENT IDENTITY - A method for securing patient identity comprising accessing an electronic medical records database including patient data for a plurality of patients. Each patient in the electronic medical records database is assigned a unique patient identifier. Patient data for a first patient, including a first patient identifier, is retrieved from the electronic medical records database. The first patient is de-identified from the patient data. De-identifying includes the creation of a first encoded patient identifier responsive to the first patient identifier. The de-identifying results in de-identified first patient data and includes the replacement of the first patient identifier with the first encoded patient identifier. The de-identified first patient data is transmitted to a data warehouse system. The method further comprises identifying a second patient in response to receiving report data that includes a second encoded patient identifier from the data warehouse system. The identifying includes the creation of a second patient identifier responsive to the second encoded patient identifier. | 08-20-2009 |
| 20090238365 | METHOD AND SYSTEM TO PROVIDE FINE GRANULAR INTEGRITY TO DIGITAL DATA - A method and system to generate fine granular integrity to huge volumes of data in real time at a very low computational cost. The invention proposes a scalable system that can receive different digital data from multiple sources and generates integrity streams associated to the original data. This invention provides full guarantees for data integrity; the order of data logged cannot be altered and content cannot be modified added or deleted without detection. | 09-24-2009 |
| 20090257593 | METHOD AND APPARATUS FOR SECURE MESSAGING - A network-based method for secure messaging is performed by: receiving a message sent by a sender to a recipient with a store-and-forward protocol, at a network location. The received message is decrypted at the network location with the sender's encryption key. Then the decrypted message is encrypted at the network location with the recipient's encryption key, and forwarded from the network location for delivery to the recipient. | 10-15-2009 |
| 20090268909 | METHOD FOR OPERATING A WIRELESS SENSOR NETWORK - A method for operating a wireless sensor network, wherein the sensor network includes a multitude of distributed sensor nodes for sensing data within a pre-definable environment, and wherein the sensor nodes can exchange information via encrypted data transmissions over a radio Channel is—regarding the fact that during the operational phase of the network the Performance of changes in the network, in particular the composition of the sensor nodes that are integrated in the network, is allowed in a flexible way—characterized in that a subset of sensor nodes of the network is manipulated in order to establish a shared secret (x) by transferring a defined information to the sensor nodes of the subset over a secure out of band (OOB) Channel. | 10-29-2009 |
| 20090279699 | SOFTWARE DEFINED RADIO DEVICE, AND METHOD FOR RENEWING SOFTWARE, AND SOFTWARE DEFINED RADIO SYSTEM - A software defined radio device and a download server store a plurality of common keys in common key data. The download server arbitrarily determines a common key from the common key data and conveys information identifying the common key to be used to the software defined radio device. An authenticator of the software defined radio device identifies a common key from the common key data using the information identifying the common key, authenticates using the common key, and performs subsequent communications using the common key. When sending software, a hash value is attached for confirming the security. A device ID of the software defined radio device is also attached to data for confirming which software defined radio device receives the software. The software is securely downloaded by a common key encryption having smaller processing requirements than those of a public key encryption. | 11-12-2009 |
| 20090285394 | ENCRYPTION METHODS FOR SATELLITE RADIO BROADCASTING - According to the invention, a subscriber to a first satellite radio service can be provided with an option to receive, over their current receiver unit, supplemental content, such as a particular show or channel, which is otherwise only available within a relevant jurisdiction as part of a subscription package to subscribers of one or more other satellite radio services. Thus, without purchasing a full subscription to another service, the subscriber of the first satellite radio service may arrange to receive supplemental content that is otherwise only available as part of a subscription package, such as a basic or general subscription package, to subscription holders of one or more other services. The invention also provides methods of broadcasting and methods of configuring dedicated and interoperable satellite radio receiver units so that the supplemental content can be received by a subscriber. | 11-19-2009 |
| 20090310785 | ENHANCED MESSAGE SECURITY - A secure messaging system and method includes receiving an encrypted message, the message having been encrypted using a token of a corresponding pervasive device; wirelessly verifying the presence of the pervasive device; and, if the presence can be verified, decrypting the message using the token. The verification step can include the steps of establishing a wireless link with the pervasive device; and, querying the pervasive device over the wireless link. The establishing step can include the step of establishing a Bluetooth link with the pervasive device. Furthermore, the querying step can include the step of requesting geographic coordinates which locate the pervasive device. | 12-17-2009 |
| 20090323954 | INTERNET PROTOCOL TELEPHONY SECURITY ARCHITECTURE - A secure Internet Protocol (IP) telephony system, apparatus, and methods are disclosed. Communications over an IP telephony system can be secured by securing communications to and from a Cable Telephony Adapter (CTA). The system can include one or more CTAs, network servers, servers configured as signaling controllers, key distribution centers (KDC), and can include gateways that couple the IP telephony system to a Public Switched Telephone Network (PSTN). Each CTA can be configured as secure hardware and can be configured with multiple encryption keys that are used to communicate signaling or bearer channel communications. The KDC can be configured to periodically distribute symmetric encryption keys to secure communications between devices that have been provisioned to operate in the system and signaling controllers. The secure devices, such as the CTA, can communicate with other secure devices by establishing signaling and bearer channels that are encrypted with session specific symmetric keys derived from a symmetric key distributed by a signaling controller. | 12-31-2009 |
| 20100080387 | PORTABLE MEMORY AND A METHOD FOR ENCRYPTING THE SAME - The present invention provides a portable memory, comprising: a key storage unit for storing a register key for the portable memory; a key receiving unit for receiving a first key entered by a user and generating a second key based on the first key; an identification unit for comparing the second key with the register key to obtain a comparison result; a key generation unit for generating an encryption/decryption key if the comparison result indicates that the second key matches the register key; a chip for encrypting/decrypting a data stream exchanged between a computer and the portable memory by using the encryption/decryption key. The portable memory constitutes a system itself, and thus can perform encryption/decryption operations independent of external systems, resulting in a reduced cost. The present invention also provides a method of encrypting a portable memory. | 04-01-2010 |
| 20100091991 | CRYPTOGRAPHIC PROCESSING APPARATUS AND CRYPTOGRAPHIC PROCESSING METHOD, AND COMPUTER PROGRAM - A configuration that efficiently executes cryptographic processing to which a plurality of different F-functions are applied is provided. In a configuration that executes cryptographic processing by performing round operations to which different F-functions are selectively applied, a plurality of F-function correspondence tables, each corresponding to one of the F-functions, in which input values and output values or intermediate values are associated with each other are stored in a memory; in accordance with a prescribed cryptographic processing sequence, addresses corresponding to F-functions for the respective rounds are applied to read F-function correspondence tables from the memory; and output values or intermediate values for input values are acquired on the basis of reference to the tables to obtain data transformation results in accordance with the respective F-functions. | 04-15-2010 |
| 20100098253 | Broadcast Identity-Based Encryption - A public key (PK) dependent on a secret key is accessible to a sender entity ( | 04-22-2010 |
| 20100119070 | Method and System for Mixed Symmetric and Asymmetric Decryption of .ZIP Files - The present invention provides a method of integrating existing strong encryption methods into the processing of a .ZIP file to provide a highly secure data container which provides flexibility in the use of symmetric and asymmetric encryption technology. The present invention adapts the well established .ZIP file format to support higher levels of security and multiple methods of data encryption and key management, thereby producing a highly secure and flexible digital container for electronically storing and transferring confidential data. | 05-13-2010 |
| 20100128876 | METHOD OF DISTRIBUTING ENCODING/DECODING PROGRAM AND SYMMETRIC KEY IN SECURITY DOMAIN ENVIRONMENT AND DATA DIVIDER AND DATA INJECTOR THEREFOR - A method of distributing an encoding/decoding program and a symmetric key in a security domain environment, and a device divider and data injector therefor are provided. The method includes selecting, at a highest-level security domain, an encoding/decoding program and a symmetric key to be distributed to a plurality of lower-level security domains; dividing the selected encoding/decoding program and the symmetric key into pieces as many as the number of lower-level security domains; and distributing the divided encoding/decoding program pieces and the symmetric key pieces to devices belonging to the lower-level security domains. | 05-27-2010 |
| 20100189260 | CONVERSATION RIGHTS MANAGEMENT - Conversation rights for multi-modal communications are managed and enforced in an enhanced communication system. Through physical and/or software components, rights are assigned to a communication session and related components upon user request. Permitted participants of the session are provided access tools such as decryption keys. Restrictions based on the assigned conversation rights are extended to preserved recordings and associated documents of the communication session. | 07-29-2010 |
| 20100189261 | METHOD AND SYSTEM FOR EXTENDING ADVANCED ENCRYPTION STANDARD (AES) OPERATIONS FOR ENHANCED SECURITY - In a wireless communication system, a method and system for extending Advanced Encryption Standard (AES) operations for enhanced security are provided. In an AES encryption operation, an initial state may be modified by XORing with an initial modifier before a first processing round and a final state may be modified by XORing with a final modifier after a final processing round. The output of a MixColumns function performed during AES decryption operation rounds may be modified by XORing with a corresponding round modifier. In an AES decryption operation, an initial state may be modified by XORing with a decoded final modifier before a first processing round and a final state may be modified by XORing with a decoded initial modifier after a final processing round. The input of an InvMixColumns function performed during AES decryption operation rounds may be modified by XORing with a corresponding decoded round modifier. | 07-29-2010 |
| 20100272260 | METHODS AND APPARATUSES FOR KEY GENERATION, ENCRYPTION AND DECRYPTION IN BROADCAST ENCRYPTION - Methods and apparatuses for key generation, encryption and decryption in broadcast encryption. A public parameter and a primary key based on a first random number are generated. For each of leaf nodes in a binary tree, a right key set of the leaf node is calculated, the right key set including a right key of the leaf node and right keys of right brother nodes for all the nodes on a path from a root node to the leaf node. A left key set of the leaf node is calculated, the left key set including a left key of the leaf node and left keys of left brother nodes for all the nodes on the path. The sum of the second and third random numbers equals to the first random number. The second random number is different for different subscribers. | 10-28-2010 |
| 20100316219 | Systems and methods for simultaneous integrated multiencrypted rotating key communication - Systems and methods are provided for manual and/or automatic initiation of simultaneous multi-encrypted rotating key communication. Specifically, decryption of data between a first user and one more other users during a communication session may occur using a plurality of keys that rotate or change after an event has occurred, such as an amount of time has elapsed during the communication session or an amount of data has been transmitted during the communication session. The first user and the one or more other users may have a repository for the storage of the plurality of keys to use during the communication session. | 12-16-2010 |
| 20100329460 | METHOD AND APPARATUS FOR ASSURING ENHANCED SECURITY - Some embodiments provide a system to assure enhanced security, e.g., by assuring that information is not revealed over a covert channel. All communications between a source system and a destination system may pass through an intermediate system. In some embodiments, the intermediate system may perform an additional level of blinding to ensure that the source system does not covertly reveal information to the destination system. In some embodiments, the intermediate system may request the source system to perform a modification operation, and then check if the source system performed the modification operation. Examples of the modification operation include a blinding operation and a cryptographic hashing operation. | 12-30-2010 |
| 20110013774 | SIGNAL SECURITY IN A SATELLITE SIGNAL DISTRIBUTION ENVIRONMENT - Certain embodiments provide a set top box, comprising: a processing entity configured to obtain data for a channel stacking switch, to obtain a security data element and to formulate a message for the channel stacking switch by combining the security data element with the data; a communications interface configured to send the message to channel stacking switch. Other embodiments provide a channel stacking switch, comprising: a communication interface configured to receive a message from a set top box; a processing entity configured to determine whether or not the message is legitimate and to take an action that depends on whether or not the message is legitimate. Still further embodiments provide a satellite signal receiving system comprising a channel stacking switch and at least one set top box in secure communication with the channel stacking switch. | 01-20-2011 |
| 20110026711 | Asymmetric cryptography using shadow numbers - A method and an apparatus for enciphering and deciphering content with symmetric and asymmetric cryptography with the use of the shadow numbering system where two or more shadow values are used with two or more base values with a two side equation, on one side the value to encipher is multiplied with one of the shadow value then the modulus taken with the base value, to decipher the enciphered value is multiplied with the shadow value that didn't take part of the first equation then the modulus is taken with the base value, thus, deciphering the enciphered value. | 02-03-2011 |
| 20110033050 | TEIRED KEY COMMUNICATION SYSTEM AND METHOD IN SUPPORT OF CONTROLLED VENDOR MESSAGE PROCESSING - A computer-implemented system processes secure electronic documents from one or more content providers in accordance with subscriber instructions has a processor and modules operative within the processor. A monitoring module obtains a provider GUID, a subscriber GUID, and a transaction ID from public metadata associated with a transaction received from a particular content provider. A determination module determines any designees of the subscriber and contact information one or more of the subscriber and any designees. A transaction module distributes a transaction addressed to at least one of the subscriber and any designees. Each distributed transaction includes data that is used for management, tracking, and alerting. Also described is a station for constructing transactions for distribution to subscribers through such a system, and management of local-advertising to users of such a system. An end-to-end system and method are described. | 02-10-2011 |
| 20110069836 | OFF-LINE CONTENT DELIVERY SYSTEM WITH LAYERED ENCRYPTION - Systems and methods are described for over-encrypting symmetrically pre-encrypted content for off-line delivery to playback devices using portable media drives in accordance with embodiments of the invention. One embodiment of the method of the invention includes symmetrically pre-encrypting the content, receiving a request to issue content for playback on at least one playback device associated with a user account, where each playback device includes a processor containing a private key assigned to the playback device by a conditional access system, generating a content key and over-encrypting at least a portion of the symmetrically pre-encrypted content in response to the request, obtaining a public key for each playback device, encrypting a copy of the content key using the public key of each playback device associated with the user account, and delivering the over-encrypted content and the at least one encrypted copy of the content key to a playback device associated with the user account. | 03-24-2011 |
| 20110096926 | TECHNIQUES FOR DATA ENCRYPTION AND DECRYPTION - Techniques for securing data access are presented. A sender encrypts data into a first integer value. A first knot is selected along with first and second keys. The first knot, first integer value, first key, and second key are used to produce a final knot. The final knot is transmitted as a graphical image to a receiver over a network. The receiver uses the first knot, final knot, first key, and second key to derive the first integer value. The first integer value is decrypted to produce the original data that the sender intended to send securely to the receiver. | 04-28-2011 |
| 20110123025 | ELECTRONIC RENTAL SERVICE SYSTEM AND METHOD FOR DIGITAL CONTENT - A system for making digital content data available to an end user station ( | 05-26-2011 |
| 20110142237 | SYSTEMS AND METHODS FOR SECURE WATCHLISTING - A watchlisting module is configured to securely and efficiently create, modify, manage, and store a watchlist. The watchlisting module is configured to generate a watchlist consisting of watchlist entries. Each watchlist entry encapsulates information about an entity to be associated with the watchlist. The watchlist entry includes information about the entity including a unique identifier for the watchlist, a unique identifier of the watchlist entry, a unique identifier for the entity, and access control information for membership process related to the watchlist. The watchlist entry also includes a State Lock. Watchlisting module is configured to utilize the State Lock to secure and verify a watchlist entry. | 06-16-2011 |
| 20110170691 | PROTECTION OF A CIPHERING KEY AGAINST UNIDIRECTIONAL ATTACKS - A method for protecting a key implemented, by an electronic circuit, in a symmetrical algorithm for ciphering or deciphering a message, including the steps of: selecting in non-deterministic fashion a pair of different masks from a set of at least four different masks, the masks having the property of representing different bit combinations, at least by pairs of bits; executing the algorithm twice by applying, to the key or to the message, one of the masks of the selected pair at each execution; checking the consistency between the two executions. | 07-14-2011 |
| 20110176678 | MASKING OPERATION METHOD AND DEVICE FOR SYMMETRIC KEY ENCRYPTED SYSTEM - A masking operation method for a symmetric key encryption system includes, when at least two Substitution-boxes (S-boxes) are input, generating a masking S-box table for one S-box which was input; and performing an operation on one masking S-box by referring to the generated masking S-box table. Further, the masking operation method for the symmetric key encryption system includes performing an operation on a remaining masking S-box for a remaining S-box, which was input, by referring to the masking S-box table. | 07-21-2011 |
| 20110188656 | KEY MANAGEMENT IN A WIRELESS NETWORK USING PRIMARY AND SECONDARY KEYS - A primary key may be used for a first attempt by a remote node to decrypt incoming messages from a master. In the event the decrypt attempt fails at the remote node, a secondary key may then be used to attempt to decrypt the message. Initially, the primary and secondary keys may be the same. A field tool, such as a hand-held programming unit operated by a technician at a remote node location, may change the secondary key, but may not cause any change to the primary key. The secondary key may remain so changed until a new primary key is verified and/or authenticated and the secondary key is overwritten with the new primary key. The primary key may only be changed/set by the master via an encrypted request. A technician may not use a field tool to change a primary key. | 08-04-2011 |
| 20110228940 | REMOTE REGISTRATION FOR ENTERPRISE APPLICATIONS - A partner registration module can provide for an automatic registration of partners to a central server. An entire partner registration process can be automated from end to end, providing a unified process for registering partners. The partner registration module can be fully compatible with current registration agents and next generation registration agents. | 09-22-2011 |
| 20110305337 | SYSTEMS AND METHODS TO SECURE LAPTOPS OR PORTABLE COMPUTING DEVICES - A security system includes an appliance to be secured, including a processor and a first wireless transceiver for accessing a data network with a first power requirement; and a second wireless transceiver receiving power to operate even if the appliance is off, hibernates or sleeps, the second wireless transceiver operating at a second power requirement lower than the first power requirement, the second wireless transceiver communicating a signal indicating a security status of the appliance. | 12-15-2011 |
| 20110317837 | TWO INDICES MOVING IN OPPOSITE DIRECTIONS FOR CRYPTOGRAPHIC BIDIRECTIONAL COMMUNICATIONS USING A SHARED MASTER KEY - A master key may be used by each participant in a secure communication. Indeed, each participant may select and encryption key from a distinct end of the master key. To eliminate a necessity for the end points in the secure communication to maintain a master key corresponding to every possible correspondent, the participants may communicate through an encryption server. | 12-29-2011 |
| 20110317838 | METHOD FOR SECURE COMMUNICATION IN A NETWORK, A COMMUNICATION DEVICE, A NETWORK AND A COMPUTER PROGRAM THEREFOR - A method for securing communications between a first node (N | 12-29-2011 |
| 20120063597 | APPARATUS AND ASSOCIATED METHODOLOGY FOR MANAGING CONTENT CONTROL KEYS - A method of exchanging secret session keys in symmetric encryption communication includes storing random number tables in both the sending and receiving devices. The sending device then determines the secret session key utilizing the random number table, and transmits to the receiving device information for locating the secret session key within the random number table. Thus, the sending device shares the secret session key with the receiving device without actually transmitting the secret session key. The random number tables may be transmitted from one device to the other or be preinstalled in each device. Further, a common seed value may be used by each device to generate the random number table independently. | 03-15-2012 |
| 20120070001 | METHOD AND DEVICE FOR ARCHIVING A DOCUMENT - The method for archiving a document includes a step of encryption of the document with a symmetric key, a step of transmission of said encrypted document to an archiving operator, and a step of transmission of the symmetric encryption key of said document to an escrow operator distinct from the archiving operator. The method may also include a step of encrypting of the symmetric key with a key consisting of a dual key comprising asymmetric keys. Depending on whether it is applied to personal archiving or to document transmission, during the step of encryption with the asymmetric key, the asymmetric key is that of the user having transmitted said document or that of the recipient of the document. | 03-22-2012 |
| 20120076302 | Leakage-Resilient Garbled Circuit Generation Using Reduced Memory Hardware Token - A garbled circuit is generated for a client in a leakage-resilient manner with a reduced memory requirement. The garbled circuit is used for secure function evaluation between the client and a server. The garbled circuit is generated with a reduced storage requirement by obtaining a token from the server; querying the token gate-by-gate, wherein for each gate of the garbled circuit, the token generates new wire garblings and stores them with the client using a Stream Cipher and interacts with the leakage-protected area to generate a garbled table for the gate; and receiving the garbled circuit from the token. The token comprises a leakage-protected area. The Stream Cipher is leakage-resilient and can be a symmetric-key cryptographic primitive that has a secret key as an input and generates an unbounded stream of pseudorandom bits as an output. The number of evaluations of the Stream Cipher is kept to a substantial minimum. | 03-29-2012 |
| 20120106736 | METHODS AND APPARATUS FOR MIXING ENCRYPTED DATA WITH UNENCRYPTED DATA - Methods and apparatus for mixing encrypted data with unencrypted data are disclosed. A disclosed system receives data from a first media source, such as DVD-Audio content, and encrypts the data from the first media source using a key stream to form an encrypted data stream. The disclosed system may separate the encrypted data stream into a plurality of encrypted data streams and may combine the plurality of encrypted data streams with an unencrypted data stream associated with a second media source to form a mixed data stream. The mixed data stream is formed without decrypting the plurality of encrypted data streams and is transmitted to hardware or a hardware driver. | 05-03-2012 |
| 20120134497 | LOAD BALANCING HASH COMPUTATION FOR NETWORK SWITCHES - Techniques to load balance traffic in a communication network include a network switch or device having an interface to receive a data unit or packet. The network device includes a hash value generator configured to generate a symmetric key from an initial key that is based on the packet, and configured to generate a hash value based on the symmetric key and the packet. The hash value may be optionally modified to load balance egress traffic of the network device. The network device selects an egress link or port, such as by determining an index into an egress table based on the (modified) hash value. The techniques described herein allow packets or data units of a particular flow to travel in both directions along a same path through the communication network. | 05-31-2012 |
| 20120163598 | SESSION SECURE WEB CONTENT DELIVERY - Various embodiments herein include one or more of systems, methods, and software to provide session secure web content delivery. Some embodiments include initiating a session on a web server in response to a resource request received from a requestor and generating a session key that is in scope with regard to and during the session. Such embodiments may also include retrieving the requested resource, identifying and encrypting Uniform Resource Identifiers (URI's) included therein, and sending the requested resource including encrypted URI's to the requestor. Some embodiments may include receiving, within the scope of a session, a resource request including a URI having a cipher text. Such embodiments may then decrypt the cipher text utilizing a key of the session as the decryption key to obtain clear text. The cipher text of the URI may then be replaced with the clear text and the resource retrieved and sent to the requestor. | 06-28-2012 |
| 20120170743 | METHODS FOR ESTABLISHING A SECURE POINT-TO-POINT CALL ON A TRUNKED NETWORK - Methods for establishing secure point-to-point communications in a trunked radio system include receiving, at a trunking controller, a request from a source endpoint for a traffic channel for confidential communications between the source endpoint and a destination endpoint using a shared unique first symmetric key. The trunking controller provides keying material related to the symmetric key over the secured control channel to at least one of the source or destination endpoints and assigns a traffic channel. Moreover, in response to the request, the controller assigns a traffic channel. The keying material enables the unique first symmetric key to be securely established between the source and destination endpoints. | 07-05-2012 |
| 20120328102 | Apparatus, System and Method for Detecting a Loss of Key Stream Synchronization in a Communication System - An apparatus, system and method provides an out-of-synchronization detection by using a network layer checksum. A process operating at an upper layer verifies that a checksum embedded in a network layer header is correct before encrypting and transmitting a data packet containing the header and a payload. The data packet is received through a wireless communication channel at a receiver and decrypted. A calculated checksum is calculated on the received payload at the receiver and compared to the received checksum embedded in the header. A key stream used at the receiver for decrypting the received encrypted data packets is determined to be out of synchronization with a key stream used at the transmitter to encrypt the data packets if the calculated checksum is not equal to the network layer checksum. | 12-27-2012 |
| 20130010956 | METHODS FOR THE GENERATION OF IDENTICAL SYMMETRICAL CRYPTOGRAPHIC KEYS - Methods and algorithms for generating identical symmetrical cryptographic keys. In a method for generating a symmetrical cryptographic key, a first profile is generated, the first profile comprising a series of data points collected over a first period of time. A start time of the first profile is identified and the first profile divided into a sequence of time-based segments, each time-based segment comprising at least one data point. A first symmetrical cryptographic key is calculated from the sequence of time-based segments, and the first symmetrical cryptographic key is stored for at least one of encrypting and decrypting data in cooperation with a second symmetrical cryptographic key substantially identical to the first symmetrical cryptographic key. | 01-10-2013 |
| 20130028419 | SYSTEM AND A METHOD FOR USE IN A SYMMETRIC KEY CRYPTOGRAPHIC COMMUNICATIONS - The present invention relates to a system and a method for secured transmission/and storage of encrypted data in all the applicable modes of data storage. The method comprises the steps of providing the data, generating a password or a key by a user, encrypting the data by the password or the key for plural number of times resulting plurality of cipher texts, sending plurality of the cipher texts and the password or key, and decrypting the cipher text by the password or the key. The system comprises input device means for providing the data, input device means for generating a password by a user, processor means encrypting the data by the password or key for plural number of times resulting plurality of cipher texts, means for sending the plurality of cipher texts and the password and means for decrypting the cipher text by the password or key. | 01-31-2013 |
| 20130077789 | SYSTEMS AND METHODS FOR PREVENTING TRANSMITTED CRYPTOGRAPHIC PARAMETERS FROM COMPROMISING PRIVACY - A method for secure cryptographic communication comprises transmitting information that identifies a group key from a first device to a second device. The method further comprises, in the first device, using the group key to encrypt an input vector, transmitting the encrypted input vector, encrypting privacy-sensitive information using a device key, an encryption algorithm, and the input vector, and transmitting the encrypted privacy-sensitive information to the second device. | 03-28-2013 |
| 20130163758 | Methods and Apparatus for Key Delivery in HTTP Live Streaming - A key delivery mechanism that delivers keys to an OS platform (e.g., iOS platform) devices for decrypting encrypted HTTP live streaming data. An HTTPS URL for a stateless HTTPS service is included in the manifest for an encrypted HTTP live stream obtained by an application (e.g., a browser) on an OS platform device. The URL includes an encrypted key, for example as a query parameter value. The application passes the manifest to the OS. The OS contacts the HTTPS service to obtain the key using the URL indicated in the manifest. Since the encrypted key is a parameter of the URL, the encrypted key is provided to the HTTPS service along with information identifying the content. The HTTPS service decrypts the encrypted key and returns the decrypted key to the OS over HTTPS, thus eliminating the need for a database lookup at the HTTPS service. | 06-27-2013 |
| 20130182844 | TERMINAL APPARATUSES AND BASE STATION APPARATUS FOR TRANSMITTING OR RECEIVING A SIGNAL CONTAINING PREDETERMINED INFORMATION - When a first symmetric key table is received, a storage unit stores the received first symmetric key table that indicates a plurality of kinds of symmetric keys. The storage unit also stores beforehand a second symmetric key table in an area larger than an area where the first symmetric key table is usable. A determining unit determines whether or not a terminal apparatus is present within the area where the first symmetric key table is usable. When the terminal apparatus is determined to be present within the area, a verification unit generates a digital signature with a symmetric key contained in the first symmetric key table. When, on the other hand, the terminal apparatus is determined to be present outside the area, the verification unit generates the digital signature with a symmetric key contained in the second symmetric key table. | 07-18-2013 |
| 20130195272 | BASE STATION APPARATUS FOR TRANSMITTING OR RECEIVING A SIGNAL CONTAINING PREDETERMINED INFORMATION - A storage unit stores a symmetric key table that indicates a plurality of kinds of symmetric keys usable for the communications between terminal apparatuses. A MAC frame processing unit receives a packet broadcast from the terminal apparatus. A verification unit verifies the version of the symmetric key table containing a symmetric key by which to generate a digital signature appended to the received packet. A detector detects that the version of the symmetric key table verified is older than the version of the symmetric key table stored in the storage unit. When the number of detections is a predetermined number or above in a unit time, the MAC frame processing unit generate a packet that stores the symmetric key table stored in the storage unit. The MAC frame processing unit broadcasts the packet generated. | 08-01-2013 |
| 20130230171 | SYSTEMS, METHODS AND APPARATUSES FOR THE SECURE TRANSMISSION AND RESTRICTED USE OF MEDIA CONTENT - The systems, methods and apparatuses described herein permit encrypted media content to be displayed by an apparatus for a restricted time period. The apparatus may comprise a communication interface configured to couple to a controlling device to transmit a first nonce and to receive the encrypted media content and an association encryption envelope. The association encryption envelope may comprise at least a second nonce and a first time restriction expressed as a first time interval. The apparatus may further comprise a counter, a storage configured to store a value of the counter representing a time of when the first nonce is transmitted, and an engine configured to perform operations according to the first time restriction. | 09-05-2013 |
| 20140037092 | METHOD AND SYSTEM OF RECONSTRUCTING A SECRET CODE IN A VEHICLE FOR PERFORMING SECURE OPERATIONS - A method is provided for constructing a secret code in a processing unit when in communication with a portable security unit. Mutual authentication messages are exchanged between a linked portable security unit and processing unit. A first portion of the secret code is communicated to the processing unit. The processing unit combines the first portion and a second portion of the secret code stored in the non-volatile memory of the processing unit. The secret code is stored in a volatile memory of the processing unit. A secure operation is performed using the secret code. The portable security unit is de-linked from the processing unit. At least a portion of the secret code is deleted from the volatile memory of the processing unit. | 02-06-2014 |
| 20140105395 | LOCATION SERVICES FOR A WIRELESS DEVICE - In an example embodiment, a wireless device is operable to advertise a policy on the inclusion of the wireless device in a radio frequency map. For example, the wireless device map transmit a signal comprising a field in an extended capabilities information that indicates whether mapping of the wireless device is permissible. As another example, the wireless device may perform certain actions, such as changing media access control address, changing transmit power, and/or vary response times to prevent accurate mapping of the location of the wireless device. | 04-17-2014 |
| 20140153721 | APPARATUS AND METHOD FOR EMBEDDING SEARCHABLE INFORMATION, ENCRYPTION, TRANSMISSION, STORAGE AND RETRIEVAL - A cell phone is disclosed for acquiring information to be transmitted to a receiving facility and for transmitting such thereto. A capture device captures information from an external source. A processor is provided for associating with the captured information a representation of the date and time of the capture of the information, such that the representation of the date and time information in association with the captured information forms augmented captured information. The processor also places the augmented captured information in association with subscriber information in a transmission of the augmented captured information to a receiving facility requiring such subscriber information. A transmitter transmits the transmission including the augmented captured information and the subscriber information to the receiving facility. An encryptor encrypts the augmented captured information with a symmetrical encryption algorithm to provide encrypted augmented captured information in the transmission with the subscriber information. | 06-05-2014 |
| 20140177839 | SECURE APP-TO-APP COMMUNICATION - Secure application-to-application communication is disclosed. A shared encryption key may be used to encrypt data to be transferred from a first mobile application to a second mobile application. The encrypted data is provided to a shared storage location. The second mobile application is configured to retrieve the encrypted data from the shared storage location. | 06-26-2014 |
| 20140192983 | CRYPTOGRAPHIC SEQUENCING SYSTEM AND METHOD - A method is disclosed for intermixing a first stream of data and a second stream of data. An associated first secret key is expanded to form a first associated expanded secret key. An associated second secret key is expanded to form a second associated expanded secret key. The first stream of data and the second stream of data are intermixed to form a combined stream of data, which is ciphered. The combined stream of data is de-multiplexed after ciphering thereof and provided at an output port. | 07-10-2014 |
| 20140301550 | METHOD FOR RECOGNIZING A MANIPULATION OF A SENSOR AND/OR SENSOR DATA OF THE SENSOR - A method for data transmission between a sensor and an electronic control and/or regulating unit (ECU), the transmitted sensor data (x | 10-09-2014 |
| 20160014598 | CRYPTOGRAPHIC KEY EXCHANGE OVER AN ELECTROSTATIC CHANNEL | 01-14-2016 |
| 20160142912 | HEARING INSTRUMENT WITH AN AUTHENTICATION PROTOCOL - A hearing instrument includes: a radio for reception of a broadcasted signal having a message, at least a part of the message has been encrypted with a first key, wherein the first key has been encrypted with a second key; an authenticator configured for authentication of the message by decrypting the first key with a third key, and decrypting the at least a part of the message with the first key; and a processing unit for converting the message into an acoustic signal for transmission towards an eardrum of a user of the hearing instrument. | 05-19-2016 |
| 20160182478 | COMMUNICATION DEVICE AND SYSTEM, DATA PROCESSING METHOD AND METHOD FOR SECURE DATA EXCHANGE | 06-23-2016 |
