| Class / Patent application number | Description | Number of patent applications / Date published |
|---|
| 380282000 | By public key method | 56 |
| 20080219451 | METHOD AND SYSTEM FOR MUTUAL AUTHENTICATION BETWEEN MOBILE AND HOST DEVICES - Provided are a method and a system for mutual authentication between mobile and host devices. The mobile device stores a first secret key and is connected to the host device. The method includes generating a second secret key using the first secret key and first data that is received from the host device and is encrypted using a predetermined method. The method further includes transmitting second data that is encrypted using a predetermined method, to the host device to induce generation of a media key; performing an operation on the second secret key and transmitting a generated operation value to the host device; and performing mutual authentication between the mobile device and the host device. | 09-11-2008 |
| 20080226083 | KEY CALCULATION METHOD AND KEY AGREEMENT METHOD USING THE SAME - A key calculation method and a shared key generation method, the key calculation method including: generating two keys to perform a key calculation; calculating a first value based on coefficients having an identical coefficient value among coefficients included in each of the two keys; and performing a coordinates operation or an exponentiation operation based on the first value, wherein the calculating of the first value is performed with respect to each of coefficient values included in the two keys, excluding 0. | 09-18-2008 |
| 20080292105 | LIGHTWEIGHT KEY DISTRIBUTION AND MANAGEMENT METHOD FOR SENSOR NETWORKS - A lightweight security framework is disclosed that combines PKI with symmetric key cryptography to exploit the system asymmetry in hierarchical sensor networks. The framework provides protocols for public key exchange, session and group key generation, pair-wise key generation, and network resource protection in a low-cost security architecture. The security framework shifts much of the security-related computational load off of the resource-constrained sensor nodes and on to resource-rich base station nodes. The method is based on the generation and management of two kinds of symmetric keys from a set of bootstrapping asymmetric keys on each node. | 11-27-2008 |
| 20090022325 | ACCESS CONTROL PROTOCOL FOR EMBEDDED DEVICES - The client requests from the authentication and authorization server a capability for accessing the target server. The authentication and authorization server sends client a capability (cap | 01-22-2009 |
| 20090041253 | SYSTEM AND METHOD FOR PRIVACY PRESERVING QUERY VERIFICATION - The present invention relates to a method for proving the correctness of a query result produced by a data publisher while preserving the privacy of the query result. The method comprises delivering a public key of a public key/private key pair from a data owner to a client and delivering data and cryptographic metadata to at least one data publisher, wherein the metadata is associated both with the data and the public key of the public key/private key pair. The method further comprises receiving a query from the client, returning a query result and a verification object from the data publisher to the client in response to the query, and verifying the correctness of the query result, wherein the correctness of the query result is verified utilizing the verification object and the public key. | 02-12-2009 |
| 20090086980 | ENABLING A SECURE OEM PLATFORM FEATURE IN A COMPUTING ENVIRONMENT - A platform feature licensing module (e.g., a USB Smart Card Token) securely stores and communicates a platform feature enabling license, corresponding to a selectable platform feature, to an authenticated platform. The module includes a secure microcontroller, a secure communication port, and secure non-volatile memory in which is stored the platform feature enabling license. The module is configured to securely communicate with, and to authenticate the identity of the platform, via an integrated embedded controller embedded into the platform. The integrated embedded controller enables the selectable platform feature in response to a platform feature enabling license received from the platform feature licensing module. The integrated embedded controller and platform feature licensing module communicate securely using a predetermined public-key cryptography technique, with each having a PKI-based key pair to provide authentication and cryptographic services. | 04-02-2009 |
| 20090129600 | APPARATUS AND METHOD FOR A DIRECT ANONYMOUS ATTESTATION SCHEME FROM SHORT-GROUP SIGNATURES - An apparatus and method is provided for a direct anonymous attestation scheme from short-group signatures. The method may include the creation of a group public/private key pair for a trusted membership group defined by an issuer; and assigning a cryptographic pair that is combined with a unique private member value to form a private membership key. A trusted member device generates the unique private member value during a join procedure of a trusted membership group. In one embodiment, the private member value of the private membership key is unknown to the issuer. A member may sign a message with the private membership key to form a short-group digital signature that is verified using a public key of the trusted membership group to maintain anonymity of trusted member devices. A size of the private membership key may be reduced to enable storage within a trusted platform module. Other embodiments are described and claimed. | 05-21-2009 |
| 20090154709 | MIGRATION OF COMPUTER SECRETS - Described is a technology by which computer data secrets sealed by a trusted platform module (TPM) or like device may be securely migrated from a physical source computing machine to a physically different destination machine. For example, migration of TPM secrets allows migration of a virtual machine from one physical machine to another. A destination machine receives a set of data sealed at a source machine. The set of data includes a migration key and a secret sealed by the migration key. The destination machine performs attestation with a key server to attest that the destination machine is entitled to access the sealed secret, via credentials, known good configuration and/or other policy compliance. The key server unseals the migration key, and provides a returned key (e.g., the migration key or a session key) to the destination machine for unsealing the secrets. | 06-18-2009 |
| 20090161877 | Method, system, and computer program product for encryption key management in a secure processor vault - A method for encryption key management including accepting authenticated unencrypted data into a processor of a server computing device that is configured as a private key secure processor vault, the operation of which is isolated from other components of the server computing device thereby preventing unauthorized access to the processor and the data contents therein; encrypting the authenticated unencrypted data based on an existing private key stored in the processor thereby converting it to encrypted data; and transmitting the encrypted data out of the processor. A system and computer program product is also provided. | 06-25-2009 |
| 20090232315 | UNIFIED AND PERSISTENT SYSTEM AND METHOD FOR AUTOMATIC CONFIGURATION OF ENCRYPTION - A system and method for database security provides, a database security method that receives an encryption property from an application and receives information relating to a database server. The method then requests security access to a database server using the strongest encryption algorithm server may support. If this request gets turned down, then the method determines the strongest encryption algorithm the server actually supports using the information the database server sent back and calculates the encryption keys. The method then caches the encryption algorithm along with the encryption keys in a persistent storage. For subsequent connections, the method checks the persistent storage first and retrieves the encryption algorithm and encryption keys from the persistent storage if the cache values are available, and sends the cached value to database server. By doing this, the database driver doesn't need to synchronize the encryption algorithm with server and calculate the encryption keys again. | 09-17-2009 |
| 20090257597 | Protocol for Protecting Third Party Cryptographic Keys - A protocol is provided that permits a third-party key issuing entity to have its issued keys protected by an unrelated key protecting entity. In at least some embodiments, a trusted key protecting entity is injected, in a sense, in a conversation between the third-party key issuing entity and a client to which one or more keys are distributed. The trusted key protecting entity is able to apply various protections which, in at least some embodiments are unknown to the key issuing entity, to a distributed key which can then be used by the client to access protected content. | 10-15-2009 |
| 20090268915 | Secure Creation and Management of Device Ownership Keys - Secure creation and management of device ownership keys. TPM ownership keys are generated by cryptographically combining manufacturer information with device specific information. Ownership keys are established in the TPM containing device. The manufacturer retains necessary information to reconstruct the ownership key if needed. | 10-29-2009 |
| 20090296942 | CONCEPT FOR SECURING AND VALIDATING CLIENT-SIDE STORAGE AND DISTRIBUTION OF ASYNCHRONOUS INCLUDES IN AN APPLICATION SERVER ENVIRONMENT - The ability to leverage a publish/subscribe functionality in an application server environment has allowed the storage of cached entries to be stored over multiple clients rather than on a single application server, freeing up valuable resources. However, in this arrangement it is not possible for the originating server to validate shared content originating from client-side storage. The present invention provides a system and method for securing and validating content from asynchronous include request utilizing public key cryptography and hashing functions. | 12-03-2009 |
| 20090310789 | Extended Data Signing - Various embodiments enable so-called extended data to be added to a signed digital certificate without having a private key of a Certification Authority available. In at least some embodiments, a digital certificate can be issued and signed off line by the Certification Authority, and then later extended data can be added and signed using another key, whose public key was earlier embedded and signed in the certificate. | 12-17-2009 |
| 20100067702 | KEY GENERATION DEVICE, ENCRYPTION DEVICE, RECEPTION DEVICE, KEY GENERATION METHOD, KEY PROCESSING METHOD, AND PROGRAM - A key generation device according to the present invention hierarchically constructs a Y-ary tree structure where n reception devices are assigned to leaves, and forms subgroups where individual intermediate nodes existing between the leaves and a root of the Y-ary tree structure are defined as parent nodes. By providing new parameters to the individual intermediate parameters, the subgroups can be formed flexibly. In a case where no excluded customer exists or the number of excluded customers is small, the size of a header to be delivered and the calculation amount of an operation that a customer needs to perform can be reduced. | 03-18-2010 |
| 20100128879 | FLEXIBLE MANAGEMENT OF SECURITY FOR MULTI-USER ENVIRONMENTS - One embodiment is a method including computing or storing an access control polynomial. Further embodiments include systems and computer readable media including an access control polynomial. Further embodiments, forms, objects, features, advantages, aspects, and benefits shall become apparent from the following description and drawings. | 05-27-2010 |
| 20100150353 | SECURE METHOD AND APPARATUS TO VERIFY PERSONAL IDENTITY OVER A NETWORK - The present application provides an apparatus and method for verifying a user, via captured biometric characteristics of the user, who is interacting online. The captured biometrics are guaranteed to be captured in real-time, and avoids the possibility of providing biometrics that were previously captured, by sending to the user a time-sensitive challenge and requiring the user to provide the requested biometric information within a predetermined time period. Therefore, the present invention is best positioned for environments where trusted identification of a user is needed online to facilitate secure transactions. | 06-17-2010 |
| 20100158254 | DISTRIBUTED ACCESS CONTROL FOR DOCUMENT CENTRIC COLLABORATIONS - Document collaboration may be implemented by executing an access interest specification phase. The access interest specification phase may include receiving access requests from collaboration participants for access to a document instance, the access requests specified using a document schema of the document instance and referencing at least one schema portion for access to a corresponding document instance portion based thereon, determining a common access interest group of the collaboration participants, based on the access requests, access credentials of the collaboration participants, and on an access control policy specified in terms of the access credentials, and providing a control data block to the participants of the common access interest group including information for generating a common secret key that is common to the participants of the common access interest group. The document collaboration may further be implemented by executing a collaboration phase. The collaboration phase execution may include encrypting the document instance portion using the access control policy, and providing access to the document instance for access to the document instance portion by an accessing participant of the common access interest group, the access including decryption of the document instance portion using the common secret key. | 06-24-2010 |
| 20100172503 | METHOD OF GENERATING A PUBLIC KEY FOR AN ELECTRONIC DEVICE AND ELECTRNIC DEVICE - A method for generating a public key for an electronic device is provided, wherein the method comprises generating a public key | 07-08-2010 |
| 20100215181 | METHOD FOR IMPORTING RIGHTS OBJECT AND RIGHTS ISSUER - A method for importing or moving a rights object (RO) is provided, which includes the following steps. A rights issuer (RI) receives a request message of importing or moving an RO to a target device, the request message including key information encapsulated by a public key of the target device; the RI generates the RO according to the request message, the RO including the key information encapsulated by the public key of the target device; and the RI provides the RO for the target device. An RI is also provided. In the present invention, the key information encapsulated by the public key of the target device is provided for the RI, and the real key is hidden from the RI, such that the un-trust RI cannot generate the illegal RO for other devices except the target device, thereby enhancing the security of importing or moving the RO through the RI. | 08-26-2010 |
| 20100290627 | KEY MANAGEMENT SERVER, TERMINAL, KEY SHARING SYSTEM, KEY DELIVERY PROGRAM, KEY RECEPTION PROGRAM, KEY DELIVERY METHOD, AND KEY RECEPTION METHOD - In distribution and sharing of a cipher key to be used when performing encrypted communication among a plurality of terminals, to share a cipher key without the need for each terminal to constantly hold and manage a large number of keys. Also, to shorten the time needed to start terminal-to-terminal encrypted communication. Also, to improve the portability of the terminal. A key management server | 11-18-2010 |
| 20100310078 | SYSTEM FOR USER-CENTRIC IDENTITY MANAGEMENT AND METHOD THEREOF - A user terminal for a user-centric identity management system includes: a browser that requests a service to the service provider server and receives a service parameter in which a plurality of selectable protocol parameters corresponding to the service are recorded from the service provider server; an interaction unit that selects any one protocol parameter among the plurality of protocol parameters by receiving the service parameter through the browser; and a service processing unit that performs a service protocol with the service provider server on the basis of the protocol parameter selected through the interaction unit, and receives token information required to receive the service from the service provider server and transfers the token information to the browser. | 12-09-2010 |
| 20110038483 | SYSTEMS AND METHODS FOR SECURE MANAGEMENT OF PRESENCE INFORMATION FOR COMMUNICATION SERVICES - Systems and methods are provided for managing user information comprising presence information, wherein authentication of requesting parties is based on public-private key pair encryption and key Domain Name Service (kDNS) infrastructure. Thus, a response to a request for presence information may be dependent on the authentication status of the requesting party. Presence information stored on a presence server or other network element may be stored or updated upon receiving a request from a user which includes the requestors identify, and is signed with the private key of the requestor. After authentication of a user having a registered unique identifier and an associated public key, presence information may be stored or updated, in either encrypted or unencrypted form. Presence information is preferably stored with user specified policy information for managing access to the presence information by other users, e.g. what information may be shared with anonymous or unauthenticated other users, or with other specific authorized users, or authorized user groups. Advantageously, all communications between communication parties and network elements of the system are encrypted. A scalable and distributed system and method is provided for managing exchange of dynamic information, such as presence information, between users of communications and network services, with improved reliability, security, and personalization. Systems and methods are particularly applicable for securely managing exchange of presence information and other information for multiparty communications service and for peer-to-peer network services. | 02-17-2011 |
| 20110085667 | VARIOUS METHODS AND APPARATUSES FOR SECURING AN APPLICATION CONTAINER - A method, apparatus, and system for securing internet applications including a first internet application hosted on a source server and stored on a physical storage medium of the source server. The internet application is served across a network onto a client machine and contains code scripted to temporarily install on the client machine. The internet application shell container contains code scripted for a user interface to solicit sensitive data from a user of the client machine and a dual encryption security system including. A security communication manager employs an encrypted protocol where the identity of both a sender and a receiver of the transmitted data are both authenticated and the authentication between the client and source server is bilateral. Additionally, the security communication manager transmits the solicited sensitive data from the user interface by cooperating with the encryption engine. The systems and methods can identity theft and fraudulent activity. | 04-14-2011 |
| 20110103589 | KEY DISTRIBUTING METHOD, PUBLIC KEY OF KEY DISTRIBUTION CENTRE ONLINE UPDATING METHOD AND DEVICE - A key distributing method, a public key of key distribution centre online updating method, a key distribution centre, a communication entity and a key management system. The system includes: communication entities, a carrying device, a key distribution centre and a database, wherein the carrying device carries or transports the information during the key distributing course and the public key online updating course, the database stores whether each communication entity registered secret service; the database connects with the key distribution centre, the key distribution centre connects with the carrying device, and the carrying device connects with each communication entity. Using the cipher technology of public key, a key distribution system is provided based on principle of three-element peer authentication (TePA). The system safely distributes the communication key to each pair entities to enable keys have PFS attribute, reduces the key management complexity of the system, and realizes online updating of the public key of the trusted third party i.e. key distribution centre. | 05-05-2011 |
| 20110142242 | QUANTUM PUBLIC KEY ENCRYPTION SYSTEM, KEY GENERATION APPARATUS, ENCRYPTION APPARATUS, DECRYPTION APPARATUS, KEY GENERATION METHOD, ENCRYPTION METHOD, AND DECRYPTION METHOD - Provided is a key generation apparatus that generates, based on a generated random number, quantum gates U | 06-16-2011 |
| 20110158412 | INFORMATION DISCLOSURE APPARATUS - An information tray creation apparatus generates a pair of an encryption key and a decoding key, encrypts disclosure information using the encryption key, and generates encrypted disclosure information. Next, the information tray creation apparatus encrypts a decoding key using a public key of a disclosure destination, and generates decoding key information. The information tray creation apparatus adds a pair of the disclosure destination and the decoding key information to disclosure destination information in an information tray as one record. The information tray creation apparatus then adds pairs of disclosure destinations and decoding key information to the disclosure destination information in the information tray for all information destinations. | 06-30-2011 |
| 20110164753 | Digital Rights Management For Media Streams - This document describes techniques and apparatuses enabling application of digital rights management (DRM) to media streams. In one embodiment, three license levels are used to protect numerous television channels without undue use of computing resources. | 07-07-2011 |
| 20110194698 | Key Sharing System - When each apparatus generates session information needed for calculating a session key used in a simultaneous communication, an encrypting apparatus and a key processing apparatus according to the present invention causes each piece of session information to include a value dependent upon a private key unique to each apparatus, which is assigned to each apparatus in advance. Therefore, this provides protection against spoofing attempt by a member within a group. | 08-11-2011 |
| 20110211700 | DEVICE AND METHOD FOR SECURITY KEY EXCHANGE AND SYSTEM PERTAINING TO SAME - The present invention relates to a device and method that enable a security key to be shared using security key exchange between two terminals, and a system that supports the same. To achieve the above, an in-house generated public key is divided into two, said two public keys that have been divided are delivered to counterpart devices via different pathways, and the two public keys delivered from counterpart devices are used to predict the public key of the counterpart device. In addition, said predicted public key is verified, and said verified public key is used to form a master key. Subsequently, said generated master key is verified, and said master key that has been verified is used to exchange data with the counterpart device. | 09-01-2011 |
| 20110235806 | Key distribution system - The key distribution system comprises a terminal ( | 09-29-2011 |
| 20120008786 | APPARATUS AND METHODS FOR CONTENT DELIVERY AND MESSAGE EXCHANGE ACROSS MULTIPLE CONTENT DELIVERY NETWORKS - Methods and apparatus for providing protected content to subscribers of a managed (e.g., MSO) network via a content source accessible via an internetwork such as the Internet. In one embodiment, a user accesses a service provider portal (e.g., website), and requests content. The service provider determines whether the requesting user is permitted to access the content, and what rights or restrictions are associated with the user. This includes authenticating the user as a subscriber of the MSO, and determining the subscriber's subscription level. In another embodiment, a user's account with the MSO and service provider may be federated, thus a given user will have MSO-specific information regarding its identity (such as login information, GUID, etc.) and is able to perform a single sign on to request and receive content. | 01-12-2012 |
| 20120183144 | KEY MANAGEMENT SYSTEM AND METHODS FOR DISTRIBUTED SOFTWARE - A key management system for distributed software applications includes a communication network and one or more software applications coupled to the communication network. The one or more software applications include an identification code that identifies each software application and a registration module that requests a key pair from a key pair provider, the key pair including a public key and a private key. The system also includes a management console coupled to at least some of the one or more software applications via the communication network and that is configured to store the public key associated with a first software application of the one or more software applications and to provide the public key associated with the first software application to a second software application of the one or more software applications upon receiving a subscription request for the first software application from the second software application. | 07-19-2012 |
| 20120230494 | Accelerated Verification of Digital Signatures and Public Keys - Accelerated computation of combinations of group operations in a finite field is provided by arranging for at least one of the operands to have a relatively small bit length. In a elliptic curve group, verification that a value representative of a point R corresponds the sum of two other points uG and vG is obtained by deriving integers w,z of reduced bit length and so that v=w/z. The verification equality R=uG+vQ may then be computed as −zR+(uz mod n) G+wQ=O with z and w of reduced bit length. This is beneficial in digital signature verification where increased verification can be attained. | 09-13-2012 |
| 20120250867 | INFORMATION PROCESSING APPARATUS AND PROGRAM PRODUCT - According to one embodiment, an information processing apparatus, which is connected to an external apparatus, includes a device key storage unit, a creating unit, a calculating unit, a communication unit, and a key calculating unit. The device key storage unit stores therein a device key. The creating unit creates a media key from the device key and a media key block. The calculating unit calculates first output information on the basis of first inherent information inherent to the information processing apparatus and public information. The communication unit transmits the first output information to the external apparatus and receives second output information calculated by the external apparatus from the external apparatus. The key calculating unit calculates a shared key shared between the information processing apparatus and the external apparatus on the basis of the media key, the first inherent information, and the second output information. | 10-04-2012 |
| 20120250868 | MIX-NET SYSTEM - Each participant apparatus ( | 10-04-2012 |
| 20120257757 | DEVICE AND METHOD FOR SECURING A NEGOTIATION OF AT LEAST ONE CRYPTOGRAPHIC KEY BETWEEN UNITS - A private key and a public key are provided during manufacture of a device and are stored in the device. At least one cryptographic key is subsequently negotiated, the negotiation being security-protected as a function of the generated private key and/or the public key. This method can find application in building automation. | 10-11-2012 |
| 20120257758 | STRENGTHENED PUBLIC KEY PROTOCOL - A method of determining the integrity of a message exchanged between a pair of correspondents. The message is secured by embodying the message in a function of a public key derived from a private key selected by one of the correspondents. The method comprises first obtaining the public key. The public key is then subjected to at least one mathematical test to determine whether the public key satisfies predefined mathematical characteristics. Messages utilizing the public key are accepted if the public key satisfies the predefined mathematical characteristics. | 10-11-2012 |
| 20120275601 | CRYPTOGRAPHIC COMMUNICATION APPARATUS AND CRYPTOGRAPHIC COMMUNICATION SYSTEM - There is provided a cryptographic communication apparatus for conducting a key exchange procedure with another cryptographic communication apparatus that shares a password. The apparatus includes a first encryption unit that encrypts information that is based on a first random number using a public key of the another apparatus, a second encryption unit that encrypts the information that is based on the first random number encrypted by the first encryption unit using the password, a third encryption unit that encrypts information that is based on a second random number using the first random number, and transmits a first signal and a second signal to the another apparatus, the first signal including the information that is based on the first random number encrypted by the second encryption unit, and the second signal including information that is based on the second random number encrypted by the third encryption unit. | 11-01-2012 |
| 20120288096 | SECURITY KEY DISTRIBUTION IN A CLUSTER - Provided are techniques for the fast and reliable distribution of security keys within a cluster of computing devices, or computers. One embodiment provides a method for secure distribution of encryption keys, comprising generating a symmetric key for the encryption of communication among a plurality of nodes of a cluster of nodes; encrypting the symmetric key with a plurality of public keys, each public key corresponding to a particular node of the plurality of modes, to generate a plurality of encrypted symmetric keys; storing the plurality of encrypted symmetric keys in a central repository; and distributing the encrypted symmetric keys to the nodes such that each particular node receives an encrypted symmetric key corresponding to a corresponding public key of the particular node. | 11-15-2012 |
| 20120300940 | DYNAMIC KEY MANAGEMENT - Apparatus, systems, and methods may operate to receive a public key associated with a public/private key pair at a key distribution handler, after a new workload and an associated key agent are created within a network of nodes. The associated key agent may be used to generate the key pair. Additional activity may include distributing, by the key distribution handler, the public key to other key agents associated with permitted workloads operating in the network. The public key may be used to overwrite or delete prior public keys for an authenticated workload identity associated with the new workload. Additional apparatus, systems, and methods are disclosed. | 11-29-2012 |
| 20120308012 | IDENTITY-BASED ENCRYPTION METHOD AND APPARATUS - An identity-based encryption method and apparatus is provided. A terminal generates identification including version information and an EUI-64 address generated using a media access control (MAC) address, a 16-bit short address, or an address including a 16-bit short address and a prefix of a router to which the terminal belongs, transmits the identification to a key server, and then receives a private key using the identification as a public key. | 12-06-2012 |
| 20120321088 | Method And System For The Accelerated Decryption Of Cryptographically Protected User Data Units - A method and system for accelerated decryption of a cryptographically protected user data unit, wherein a transmitter initially generates a cryptographic key that is provided with a related key identification. The transmitter then performs asymmetrical encryption of the generated cryptographic key using a public cryptographic key and encryption of at least one user data unit using the generated cryptographic key. The encrypted user data unit, the asymmetrically encrypted cryptographic key and the related key identification of the cryptographic key are transported to a receiver that decrypts the received asymmetrically encrypted key using a private key, if verification of the received related key identification of the cryptographic key indicates the cryptographic key is not present in a decrypted state in the receiver. The receiver then decrypts the received cryptographically encrypted user data unit using the cryptographic key in the receiver or with the cryptographic key decrypted using the private key. | 12-20-2012 |
| 20120321089 | Method and System for Confidentially Providing Software Components - A method and system for confidentially providing a software component which is encrypted using a secret cryptographic key of a software component manufacturer, and the key is then encrypted using a first cryptographic system key, wherein the encrypted software component and the encrypted key are transported by the software component manufacturer to a destination system device. After decrypting the transported encrypted key using a second cryptographic system key, the transported encrypted software component is decrypted using the decrypted key, wherein the decrypted software component is provided for execution on the destination system device. The method can be used to protect source codes or object codes of a developed software component from access by a third party and still allows for processing using standard tools. | 12-20-2012 |
| 20130195274 | COMMISSION INFORMATION GENERATOR FOR MAKING PROCESSES ON COMMUNICATION PERFORMED BY ANOTHER COMPUTER - In a communicator in a communication system, a commission information generator for generating a commission parameter to make a process on a communication between communicators performed by another computer includes a first memory for storing a secret key and an encrypter for generating N number of the commission parameters, where N is a natural number, from a first to an N-th commission parameter. The encrypter regards a j-th shared key, where j is a positive integer equal to or less than N, out of the N number of shared keys as key information, encrypts a bit sequence representation of j-th partial information, associated with the j-th shared key, out of N pieces of partial information, and thereby generates a j-th commissioned parameter. | 08-01-2013 |
| 20130336488 | HOST DEVICE - The host device being configured to receive, from a key issuer who issued the medium device key (Kmd_i) and the medium device key certificate, a host device key (Khd_i) and a host device certificate (Certhost), the host device being configured to execute authentication with the information recording device using the host device key (Khd_i) and the host device certificate (Certhost), the host device being configured to receive second controller identification information (IDcntr) from the information recording device, the second controller identification information being generated by executing a one-way function calculation based on the controller key (Kc) and the first controller identification information (IDcu), and the host device being configured to decrypt the encrypted content data stored in the information recording device, in response to reception of the second controller identification information (IDcntr) from the information recording device. | 12-19-2013 |
| 20140064491 | METHOD OF PERFORMING XZ-ELLIPTIC CURVE CRYPTOGRAPHY FOR USE WITH NETWORK SECURTIY PROTOCOLS - The method of performing XZ-elliptic curve cryptography for use with network security protocols provides a computerized method that allows for the encryption of messages through elliptic polynomial cryptography and, particularly, with the embedding of either a symmetric secret key or a public key in the message bit string. The method of performing XZ-elliptic polynomial cryptography is based on the elliptic polynomial discrete logarithm problem. It is well known that an elliptic polynomial discrete logarithm problem is a computationally “difficult” or “hard” problem. | 03-06-2014 |
| 20140105403 | METHOD AND APPARATUS FOR PUBLIC-KEY CRYPTOGRAPHY BASED ON ERROR CORRECTING CODES - Methods and apparatus for generating a private-public key pair, for encrypting a message for transmission through an unsecure communication medium ( | 04-17-2014 |
| 20140247943 | Secure Configuration of a Headless Networking Device - The secure configuration of a headless networking device is described. A label associated with the headless networking device is scanned and a public key is determined. scanning a label associated with a networking device. A configuration process is initiated for the networking device using the public key associated with the networking device that was determined based on the scanned label. | 09-04-2014 |
| 20140270179 | METHOD AND SYSTEM FOR KEY GENERATION, BACKUP, AND MIGRATION BASED ON TRUSTED COMPUTING - The present invention relates to the field of computer technologies and discloses a method and a system for key generation, backup, and migration based on trusted computing, including: receiving a key generation request input by a user; controlling a trusted platform module to generate a platform migratable key, encrypting the platform migratable key by using a public key of a root key of the trusted platform module, and storing a cipher-text key of the platform migratable key; controlling the trusted platform module to generate a user migratable key, encrypting the user migratable key by using a public key of the platform migratable key, and storing a cipher-text key of the user migratable key; and controlling the trusted platform module to generate a binding key of the user, encrypting the binding key by using a public key of the user migratable key, and storing a cipher-text key of the binding key. | 09-18-2014 |
| 20140270180 | Distributed Storage Network and Method for Storing and Retrieving Encryption Keys - A method begins by a distributed storage (DS) managing unit receiving an encryption key to store. The method continues by determining an encryption method and encrypting the encryption key with the determined encryption method to produce an encrypted key. The method continues by encoding and slicing the encrypted key to produce a set of data slices; and storing the set of data slices in DSN memory. A method to retrieve the stored encryption key begins with receiving a retrieve encryption key request from a requester and continues with retrieving an encrypted key and then determining a decryption method. The method continues by decrypting the encrypted key with the determined decryption method to produce the encryption key and sending the encryption key to the requestor to decrypt one or more portions of the encrypted data. | 09-18-2014 |
| 20140355763 | METHOD AND APPARATUS FOR GENERATION AND DISTRIBUTING A GROUP KEY IN WIRELESS DOCKING - Provided is a communication method using a group key for security of a wireless docking-based service, the communication method including grouping peripheral devices for each wireless docking-based service in association with the peripheral devices and generating a group key that is effective for a time being predetermined for each group and delivering the group key of the group to clients of the group. | 12-04-2014 |
| 20140369501 | Demand Based Encryption and Key Generation and Distribution Systems and Methods - Systems and methods providing a key management platform that generates and distributes demand-based encryption and decryption keys are described. | 12-18-2014 |
| 20150365239 | METHOD AND SYSTEM FOR PROVIDING ENCRYPTED DATA FOR SEARCHING OF INFORMATION THEREIN AND A METHOD AND SYSTEM FOR SEARCHING OF INFORMATION ON ENCRYPTED DATA - A method for providing encrypted data for searching of information includes generating a number of distinct key triples each comprising a public key, a corresponding secret key, and a corresponding evaluation key based on searchable information and files to be searched. Information indicating whether the searchable information is included within the files is encrypted with a key of the generated key triples. The secret keys are merged to obtain a single secret key for an entirety of the searchable information within respective ones of the files for each of the files. The encrypted information is provided with the merged secret keys for each of the files as encrypted data for searching of information within the files. The generating of the distinct key triples and the encrypting of the information are performed based on a multikey homomorphic encryption scheme. | 12-17-2015 |
| 20150381356 | QUORUM-BASED VIRTUAL MACHINE SECURITY - Technologies related to quorum-based Virtual Machine (VM) security are generally described. In some examples, VM data, such as a VM payload or other VM data, may be quorum-encrypted, such that a quorum of decryption keys may be used to decrypt the data. Decryption keys may be distributed among multiple VMs, with different decryption keys provided to different VMs, so that single VMs may not decrypt the VM data without decryption keys held by other VMs. To decrypt its data, a VM may assemble a quorum of decryption keys by requesting decryption keys held by other operational VMs, and the VM may then decrypt its data using the assembled quorum of decryption keys. The VM may be prevented from decrypting its data without a sufficient quorum of other operational VMs. | 12-31-2015 |
| 20170238173 | COMMUNICATION APPARATUS METHOD FOR CONTROLLING COMMUNICATION APPARATUS AND PROGRAM | 08-17-2017 |
