Class / Patent application number | Description | Number of patent applications / Date published |
380283000 | User-to-user key distributed over data link (i.e., no center) | 74 |
20080199013 | NETWORK SET-UP DEVICE - A network device adapted to communicate with other devices over a network, the device being arranged to, when the device is connected to a physical data carrier, automatically store a representation of a security key on the data carrier, and to provide at least one service over the network only to other devices making use of the security key. | 08-21-2008 |
20080219452 | WIRELESS DEVICE AND KEY EXCHANGE METHOD THEREOF - A wireless device ( | 09-11-2008 |
20080232599 | CONTENT DISTRIBUTING METHOD, COMPUTER-READABLE RECORDING MEDIUM RECORDED WITH PROGRAM FOR MAKING COMPUTER EXECUTE CONTENT DISTRIBUTING METHOD AND RELAY DEVICE - Content data is distributed by distributing enciphered content data from a higher (upper) distribution source through a relay node to a lower information processing device; obtaining a decoding key data for decoding by the lower information device content data associated with a viewing/listening area managed by the relay node; and distributing the decoding key data to the lower information processing device. | 09-25-2008 |
20080298596 | IMAGE ENCRYPTION/DECRYPTION SYSTEM - When decrypting an image of a part of a document that is encrypted and therefore illegible, a user uses a decryption apparatus | 12-04-2008 |
20080310639 | COMMUNICATION APPARATUS, COMMUNICATION SYSTEM, AND COMMUNICATION METHOD - A communication apparatus stores, in a memory, secret data shared with a first terminal, transmits a first connection request message to the first terminal, receives (a) a transfer instruction message which is transmitted from the first terminal in response to the first connection request message, includes address information of a second terminal, and instructs transfer of a connection request to the second terminal, and (b) an encrypted message which is encrypted by using a public key of the second terminal or a shared key shared between the first terminal and the second terminal, transmits the encrypted message together with a second connection request message whose destination is the address information, receives a response message to the second connection request message and a decryption result of the encrypted message, and starts, when the decryption result equals the secret data, a communication with the second terminal. | 12-18-2008 |
20090161878 | ENCRYPTION COMMUNICATION APPARATUS AND METHOD FOR CONTROLLING TRANSFER PERIOD OF KEY RESYNCHRONIZATION INFORMATION - An apparatus and method for controlling a packet transfer period of key resynchronization information in an encryption communication system are provided. The encryption communication apparatus includes a receiving means that computes a packet loss ratio and a network transfer delay time through a received packet when the packet is received and generates network status report information for a packet size and a packet transfer period of key resynchronization information using the packet loss ratio and the network transfer delay time, and a transmitting means that transmits a packet of the key resynchronization information in the transfer period by controlling the packet size and the packet transfer period of the key resynchronization information according to the network status report information received from the receiving means when data is input. | 06-25-2009 |
20090190765 | ANCHOR POINT-BASED DIGITAL CONTENT PROTECTION WITH AN ESCROW ANCHOR POINT - Digital rights management (DRM) can be effectively implemented through use of an anchor point and binding records in a user domain and backed up through use of an escrow anchor point and an escrow binding record in an anchor point based digital rights management system. An escrow binding record provides additional functionality and reliability to a DRM system by allowing a user to use of digital content even after an access device has been lost or compromised. | 07-30-2009 |
20090214044 | DATA ARCHIVING TECHNIQUE FOR ENCRYPTED DATA - Systems and methods for decryption and encryption for data being archived at archive storage systems. The system includes an archive storage coupled to host and client computers and optionally to a network attached storage. The data arriving at the archive storage may contain encrypted data. The encrypted data may be decrypted at the archive storage, at the host computer or at the network attached storage coupled to the archive storage. Indexing information is added to the decrypted data. The data is subsequently re-encrypted before being archived. Encryption key information may be obtained from a key manager or an encryption key may be generated by a host computer or a client computer. | 08-27-2009 |
20090252331 | METHOD OF SECURING TYPED CONVERSATION USING ENCRYPTION KEYS IN A VIRTUAL WORLD - The present invention is directed to a method of securing typed conversations using encryption keys when interfacing in a public environment established in a Virtual World, in a Massively Multiplayer Online Role-Playing Game (MMORPG). | 10-08-2009 |
20100008510 | Method And System For Secure Download Of Firmware - Firmware is securely downloaded from a host to an information storage device using an encryption key generated by the information storage device. The encryption key is generated in response to a firmware download request by the host. The host encrypts the firmware image with the encryption key and downloads the encrypted firmware image to the information storage device. The information storage device receives the encrypted firmware image, decrypts the firmware image, and updates its firmware with this firmware image. | 01-14-2010 |
20100014678 | Cryptographic system using chaotic dynamics - The invention is a cryptographic system using chaotic dynamics. A chaotic system is used to generate a public key and an adjustable back door from a private key. The public key is distributed and can be used in a public key encryption system. The invention can also be used for authentication purposes. The adjustable back door of the invention can be used in conjunction with the public key to derive the private key. The degree of difficulty involved in deriving the private key is dependent on the adjustable back door. That is the value of the back door can be adjusted to vary the difficulty involved in deriving the private key. | 01-21-2010 |
20100054480 | SHARING A SECRET USING POLYNOMIALS OVER POLYNOMIALS - A method and system distributes N shares of a secret among cooperating entities by representing the secret as a secret polynomial, and forming a splitting polynomial with the secret polynomial as one or more of the coefficients. In one embodiment, the method represents the secret as a secret polynomial over GF(q), where q is a prime number or a power of a prime number. A splitting polynomial of degree (K−1) over GF(q | 03-04-2010 |
20100067703 | Simulcrypt key sharing with hashed keys - A method of sharing keys among a plurality of conditional access (CA) vendors having differing CA systems used at a distribution headend involves receiving a CA Value contribution from each of the plurality of CA vendors at the headend; hashing the CA Values from each of the plurality of CA vendors together using a hashing function to produce an output control word; and at an encrypter at the headend, using the output control word as a content key, wherein the content key is used as an encryption key to encrypt content provided to a plurality of receivers that decrypt the content using any of the conditional access systems. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract. | 03-18-2010 |
20100104105 | DIGITAL CINEMA ASSET MANAGEMENT SYSTEM - A repository is created and maintained that receives and stores a plurality of attributes associated with digital components resident at a display complex and associated with particular digital cinema systems within that display complex. These attributes can be accessed by clients which thereafter use that data to securely convey digital content to a particular digital cinema system. Each display complex collects attributes associated with the digital cinema systems resident at the complex and pushes the data to a service module hosted on a server on a wide area network. Upon receiving the attributes corresponding to each digital component of each cinema system, the server conveys the data to a repository for storage. Thereafter, responsive to a request from a client, data needed to securely convey content to a digital cinema system is retrieved from the repository and conveyed to the requesting client. | 04-29-2010 |
20100111309 | ENCRYPTION KEY MANAGEMENT SYSTEM AND METHODS THEREOF - During execution of BIOS at an information handling system, a processor communicates with the storage controller via a command line protocol (CLP) communications channel. Via the channel, the processor obtains identification information for storage devices associated with the storage controller. The processor communicates the identification information to a key management client, which obtains encryption keys based on the identification information from a key management server. The processor receives the encryption keys, and communicates them to the storage controller via the CLP communications channel. The CLP communications channel thus provides a convenient and flexible interface for communication of security information prior to execution of an operating system. | 05-06-2010 |
20100189264 | METHODS AND APPARATUS RELATED TO ADDRESS GENERATION, COMMUNICATION AND/OR VALIDATION - Methods and apparatus for generating, communicating, and/or using sets of addresses corresponding to a communications device are described. A first communications device generates, from a public key and a random number, both a first address and a second address. The generated address pair is communicated to a second communications device along with proof of ownership information regarding the address pair via an address signaling message such as a binding update message. The second communications device processes the received address signaling message and determines address pair validity and/or address pair ownership information. The first address may be associated with a first network, e.g., an unsecure WAN network, while the second address may be associated with a second network, e.g., a secure peer to peer network. Decisions on switching between using the first address to using the second address may be based on address validity and/or address ownership determinations. | 07-29-2010 |
20100260339 | Apparatus And Method For Enabling A Transfer of Data - Secure data transfer apparatus comprising a first device to be mounted in a housing in a predetermined normal configuration for normal operation wherein secure data transfer takes place between the first device and a second device in the housing, the first device including a detector configured to detect when the first device is placed in a predetermined initialization configuration different from the normal configuration and to enable an initialization data transfer between the devices for permitting normal operation to occur thereafter in said normal configuration. | 10-14-2010 |
20100278345 | METHOD AND APPARATUS FOR PROXIMITY BASED PAIRING OF MOBILE DEVICES - A method and an apparatus that establish a first communication channel or pair with a target device in proximity to a source device are described. A pairing message is sent to the target device in proximity to the source device over the first communication channel from the source device. A secret and an identifier associated with an application are included in the pairing message. In response to receiving the secret back from the target device for a second communication channel, pairing data of the application are sent to the target device over the second communication channel. | 11-04-2010 |
20100284540 | RESILIENT CRYPTOGRAPHIC SCHEME - A system and method are provided for enabling a symmetric key to be derived, the method comprising: obtaining a plurality of key parts, wherein the plurality of key parts when combined equal the symmetric key; encrypting a first of the key parts using a first cryptographic algorithm to generate a first encrypted value; encrypting one or more remaining key parts of the plurality of key parts using respective cryptographic algorithms to generate one or more additional encrypted values, wherein each key part encrypted is encrypted using a different cryptographic algorithm; and providing the first encrypted value and the one or more additional encrypted values to an other entity to enable the other entity to derive the symmetric key. | 11-11-2010 |
20110013776 | Securing Network Traffic by Distributing Policies in a Hierarchy Over Secure Tunnels - A technique for securing message traffic in a data network using a protocol such as IPsec, and more particularly various methods for distributing security policies among peer entities in a network while minimizing the passing and storage of detailed policy or key information except at the lowest levels of a hierarchy. | 01-20-2011 |
20110019826 | METHOD OF INSTALLING A WIRELESS NETWORK - A method of method of installing a wireless communications network configures a client device to connect wirelessly to an access point arranged to provide a wireless communications network. The method comprises running an installation program on the client device for configuring the client device to attach to the wireless communications network. The installation program is automatically provided with wireless network configuration information comprising at least a wireless network identifier which identifies traffic using the wireless communications network. The automatic provision of the wireless network configuration information formation comprising said wireless network identifier is implemented by connecting an installation device comprising non-volatile memory which stores said information, and configuring said installation program to utilise the information stored on said installation device. The wireless network configuration information stored on said installation device corresponds to the wireless network configuration of said access point and both the installation device and the access point were configured with the wireless network configuration information prior to said installation device being connected to any client terminal arranged to connect to said access point. | 01-27-2011 |
20110064226 | SPLIT-KEY KEY-AGREEMENT PROTOCOL - This invention relates to a method for generating a shared secret value between entities in a data communication system, one or more of the entities having a plurality of members for participation in the communication system, each member having a long term private key and a corresponding long term public key. The method comprises the steps of generating a short term private and a corresponding short term public key for each of the members; exchanging short term public keys of the members within an entity. For each member then computing an intra-entity shared key by mathematically combining the short term public keys of each the members computing an intra-entity public key by mathematically combining its short-term private key, the long term private key and the intra-entity shared key. Next, each entity combines intra-entity public keys to derive a group short-term S | 03-17-2011 |
20110091040 | METHOD FOR PERSONALIZING A SAFETY ELEMENT OF A MOBILE TERMINAL DEVICE - The invention relates to a method for personalizing a security element (SE) of a mobile end device (EG), in particular in the form of a smart card chip of a communication end device. The invention comprises the pre-personalizing of the security element (SE) within the framework of its production process and the final personalizing of the security element (SE) upon the first-time use of the end device (EG) by a user (N), wherein a communication link is established between the end device (EG) and a trust center (TC) of a communication network operator. Within the framework of the pre-personalization of the security element (SE), a master key (MK) unique to the security element (SE) is ascertained and transmitted to the trust center (TC). Within the frame-work of the final personalization of the security element (SE), personal data of the user are transmitted upon the first-time use of the end device (EG) to the trust center (TC) and linked there with the master key (MK) to form a modified master key (MK). The security element (SE) is personalized with the modified master key (MK). | 04-21-2011 |
20110176682 | INTEGRITY PROTECTED SMART CARD TRANSACTION - Systems, methods, and technologies for configuring a conventional smart card and a client machine, and for performing a smart card authorization using the configured smart card and client. Further, the combination of methods provides for mutual authentication—authentication of the client to the user, and authentication of the user to the client. The authentication methods include presenting a specified token to the user sufficient to authenticate the client to the user and thus protect the user-provided PIN. Security is strengthened by using an integrity key based on approved client system configurations. Security is further strengthened by calculating a PIN′ value based on a user-specified PIN and a modifier and using the PIN′ value for unlocking the smart card. | 07-21-2011 |
20110211701 | METHOD FOR EXCHANGING KEYS BY INDEXATION IN A MULTIPATH NETWORK - A method for generating encryption keys and for exchanging the parameters making it possible to generate the keys in a network comprising n entities X wishing to exchange data, the method includes the steps: the n entities elect a common array generator (G | 09-01-2011 |
20120027213 | Method And Apparatus For Remotely Provisioning Software-Based Security Coprocessors - A virtual security coprocessor is created in a first processing system. The virtual security coprocessor is then transferred to a second processing system, for use by the second processing system. For instance, the second processing system may use the virtual security coprocessor to provide attestation for the second processing system. In an alternative embodiment, a virtual security coprocessor from a first processing system is received at a second processing system. After receiving the virtual security coprocessor from the first processing system, the second processing system uses the virtual security coprocessor. Other embodiments are described and claimed. | 02-02-2012 |
20120070003 | USE OF A PRIVATE KEY TO ENCRYPT AND DECRYPT A MESSAGE - The invention includes a method for encrypting and transmitting a message M from a first location to a second location. Random numbers P and Q are initially selected, each of them being either a prime or a non-prime number. P and Q are both furnished to a sender and a recipient at the first and second locations, respectively. A client at the first location generates an encrypted message E, which is the remainder left when a modulus operator divides a first quantity, equal to M multiplied by P to the i power, where i is a selected number, by a second quantity equal to (PQ−1). A tuple comprising E and i is transmitted from the first location to the second location, and a second data processing system at the second location to determines the message M from E, i and Q. | 03-22-2012 |
20130089207 | ANCHOR POINT FOR DIGITAL CONTENT PROTECTION - Digital rights management (DRM) can be implemented through use of an anchor point based digital rights management system. In one embodiment, a device may comprise an anchor point circuit including a memory and a processor. The processor may be configured to receive a title key from a digital content provider, the title key used to encrypt a digital property to produce an encrypted digital property. The processor may be further configured to generate a binding key, encrypt the title key with the binding key to produce a title pre-key, and store the binding key in the memory. In another embodiment a system may comprise an interface configured to communicate with a content provider, and an anchor point circuit configured to bind a digital property received from the content provider to the anchor point circuit such that the digital property can only be used in conjunction with the anchor point circuit. | 04-11-2013 |
20140321651 | DISTRIBUTION OF KEYS FOR ENCRYPTION/DECRYPTION - Methods of encryption and decryption are described which use a key associated with an event to encrypt/decrypt data associated with the event. The method of encryption comprises identifying a key associated with an event and encrypting data using the identified key. The encrypted data is then published along with details of the event. | 10-30-2014 |
20150124970 | KEY NEGOTIATION METHOD AND APPARATUS ACCORDING TO SM2 KEY EXCHANGE PROTOCOL - The invention relates to the technical field of information, and disclosed in the present invention are a key negotiation method and apparatus according to the SM2 key exchange protocol. The method is implemented as follows: two negotiation parties both calculate a parameter W according to the minimum positive integer value in the permissible values of X which enable an inequality n≦2 | 05-07-2015 |
20150365823 | TECHNIQUE OF PAIRING IN A WIRELESS NETWORK - The invention relates to a technique of pairing a device ( | 12-17-2015 |
20160029213 | METHOD AND SYSTEM TO ENABLE SECURE COMMUNICATION FOR INTER-ENB TRANSMISSION - The embodiments herein provide a method and system for creating a secure connection for a User Equipment (UE) in a wireless network including a UE, carrier aggregated with at least one first serving frequency served by a first eNB and at least one second serving frequency served by a second eNB. A unique non-repetitive security base key associated with the second eNB is generated using a freshness parameter and security key associated with the first eNB. The use of a different freshness parameter for each security base key derivation avoids key stream repetition. Further, a user plane encryption key is derived based on the generated unique non-repetitive security base key associated with the second eNB for encrypting data transfer over at least one data radio bearer. | 01-28-2016 |
20160149878 | PROTECTING USER IDENTITY AND PERSONAL INFORMATION BY SHARING A SECRET BETWEEN PERSONAL IOT DEVICES - A wearable device provides protection for personal identity information by fragmenting a key needed to release the personal identity information among members of a body area network of wearable devices. A shared secret algorithm is used to allow unlocking the personal identity information with fragmental keys from less than all of the wearable devices in the body area network. The wearable devices may also provide protection for other personal user data by employing a disconnect and erase protocol that causes wearable devices to drop connections with an external personal data space and erase locally stored personal information if a life pulse from a connectivity root device is not received within a configurable predefined period. | 05-26-2016 |
20160197901 | ENCRYPTED GROUP COMMUNICATION METHOD | 07-07-2016 |
20170237559 | EFFICIENT QUANTUM KEY MANAGEMENT | 08-17-2017 |
20190149323 | Generating a Key for Use as a Shared Secret | 05-16-2019 |
380284000 | Using master key (e.g., key-encrypting-key) | 16 |
20090262943 | KEY DERIVATION FUNCTIONS TO ENHANCE SECURITY - Key derivation algorithms are disclosed. In one key derivation application, a segment of the master key is hashed. Two numbers of derived from another segment of the master key. A universal hash function, using the two numbers, is applied to the result of the hash, from which bits are selected as the derived key. In another embodiment, an encoded counter is combined with segments of the master key. The result is then hashed, from which bits are selected as the derived key. | 10-22-2009 |
20090316911 | Apparatus and method for transmitting a plurality of key data - An apparatus and method for transmitting a plurality of key data. When a Short-Term Key Message (STKM) is received, a mobile equipment transmits the received STKM to a smart card. The smart card determines whether there are a plurality of key data in the STKM, detects the plurality of key data when there are the plurality of key data, generates individual information for identifying each of the plurality of detected key data, generates a response message having the plurality of detected key data and the generated individual information, and transmits the response message to the mobile equipment. Therefore, a plurality of key data can be included and transmitted in one message. | 12-24-2009 |
20090323971 | Protecting independent vendor encryption keys with a common primary encryption key - Apparatus, systems and methods for protection of independent vendor encryption keys with a common primary encryption key are disclosed including an apparatus including memory to store a plurality of encrypted vendor keys, memory to store a primary key; and cipher logic to use the primary key to decrypt an encrypted vendor key of the plurality of encrypted vendor keys to provide an effective key. Other implementations are disclosed. | 12-31-2009 |
20090323972 | PRIVACY-PRESERVING LOCATION TRACKING FOR DEVICES - A privacy-preserving device-tracking system and method to assist in the recovery of lost or stolen Internet-connected mobile devices. The function of such a system seem contradictory, since it is desirable to hide a device's legitimately-visited locations from third-party services and other parties to achieve location privacy, while still enabling recovery of the device's location(s) after it goes missing by tracking the device to determine its location. An exemplary embodiment uses a DHT for storing encrypted location information and other forensic information in connection with indices that are successively determined based on initial pseudorandom seed information (i.e., state) that is retained by the owner of the device. Using the seed information, the software can determine indices mapped to location information stored after the device went missing, enabling the device to be located. Numerous extensions are discussed for the basic exemplary design that increase its suitability for particular deployment environments. | 12-31-2009 |
20100054481 | Scalable Distributed Data Structure with Recoverable Encryption - Embodiments of the present invention store application data and associated encryption key(s) on at least k+1 remote servers using LH* addressing. At least k+1 buckets are created on separate remote servers. At least k+1 key shares are generated for each of at least one encryption key. Each encryption key has a unique key number. Each key share is stored in a different key share record. Each of the key share records is stored in a different bucket using LH* addressing. Encrypted application data is generated by encrypting the application data with the encryption key(s). The encrypted application data is stored in encrypted data record(s). Each of the encrypted data records is stored in a different bucket among the buckets using LH* addressing. | 03-04-2010 |
20100067704 | KEY MANAGEMENT SYSTEM - In a transmitter, data is encrypted by use of a data key, the data key is encrypted based on a first modification key, and the first modification key is encrypted based on a second modification key such that the first and second modification keys are different keys. The encrypted data, the encrypted data key, and the encrypted first modification key are transmitted to a receiver. In the receiver, the encrypted first modification key, the encrypted data key, and the encrypted data are received from the transmitter. The encrypted first modification key is decrypted based on the second modification key, the encrypted data key is decrypted based on the decrypted first modification key, and the encrypted data is decrypted by use of the decrypted data key. | 03-18-2010 |
20100166189 | Key Management Apparatus and Key Management Method - According to one embodiment, a key management apparatus comprises a decrypting module configured to read a first media unique key and an encrypted content key corresponding to a selected content from a first information storage medium and to decrypt the encrypted content key with the first media unique key in order to obtain a content key in a plain version, an encryption module configured to read a second media unique key from a second information storage medium and to encrypt the content key in the plain version with the second media unique key in order to obtain an encrypted content key for the second medium, and a write module configured to write the encrypted content key for the second medium to a user data area of the second medium. | 07-01-2010 |
20110026716 | Method And System For On-Screen Authentication Using Secret Visual Message - A method of authenticating a user includes providing a user key to an authentication authority, providing a transmission message from the authentication authority in response to the user key, providing a secret message using the transmission message, displaying the secret message to the user using a display screen, and providing a user response to the authentication authority in response to the user observing the secret message. | 02-03-2011 |
20110091041 | METHOD AND APPARATUS FOR PROCESSING RIGHTS OBJECT - A method and apparatus for processing a Rights Object (RO) are provided. A method for upgrading the RO includes: acquiring, by a Digital Rights Management (DRM) Agent, RO related information of the RO that requires updating from a Secure Removable Media (SRM) Agent; providing, by the DRM Agent, the RO related information to a Rights Issuer (RI), and obtaining a new RO from the RI; and interacting, by the DRM Agent, with the SRM Agent to upgrade the RO that requires updating on the SRM by means of the new RO. According to the embodiments of the present invention, the DRM Agent acquires RO related information which is stored on the SRM and does not have Move rights, and interacts with the RI to move the RO out from the SRM, so as to move the RO without the Move rights out from the SRM, thus extending an application of the RO without the Move rights. | 04-21-2011 |
20110129089 | METHOD AND APPARATUS FOR PARTIALLY ENCODING/DECODING DATA FOR COMMITMENT SERVICE AND METHOD OF USING ENCODED DATA - Disclosed herein is a method and apparatus for partially encoding/decoding data for a commitment service and a method of using encoded data. The apparatus includes an encoding/decoding module for encoding/decoding a database to be committed to a server using a private key of the user, obtained by accessing a key storage unit through a key management module which manages information about the private key of the user, stored in the key storage unit, and also encoding/decoding an SQL query required to use a DB committed to the server. The encoding/decoding module partially encodes/decodes one or more of table names, field names, and attribute values of the DB. In the present invention, the table names, field names, and field attribute values of the DB are partially encoded while the existing structure of the DB is maintained, and the partially encoded DB is committed to the server. | 06-02-2011 |
20140301554 | KEY INSULATION METHOD AND DEVICE - Embodiments of the present invention provide a key insulation method and device. The key insulation method includes: randomly selecting a first parameter s from Z* | 10-09-2014 |
20150312033 | NON ALTERABLE STRUCTURE INCLUDING CRYPTOGRAPHIC MATERIAL - The present invention relates to a method to build a non-alterable structure and to such a non-alterable structure including data relative to a set of cryptographic material generated randomly or derived from a secret key linked to a business use, the non-alterable structure being intended to be transferred from a first entity to a second entity, the entities sharing at least an encryption/decryption key and a signature key, the structure comprising at least business data relative to the intended use of cryptographic material, an encrypted protection key encrypted with the encryption key, an encrypted set of cryptographic material encrypted with the protection key, a signature of the set of cryptographic material, the protection key and the data relative to the intended use of cryptographic material signed with the signature key. | 10-29-2015 |
20150334560 | MTC KEY MANAGEMENT FOR KEY DERIVATION AT BOTH UE AND NETWORK - There is provided a new IWF SMC procedure for establishing security association between an MTC UE ( | 11-19-2015 |
20160005411 | VERSATILE MUSIC DISTRIBUTION - Methods and devices are described whereby a representation of an original PCM signal may be reversibly degraded in a controlled manner and information losslessly embedded to produce a streamable PCM signal, which provides a controlled audio quality when played on standard players and conditional access to a lossless presentation of the original PCM signal. Using such techniques allows control over the level of degradation of the signal and also flexibility in the type information of information embedded. Some methods require a song key, which is employed in one or both of the degrading and embedding steps and for creating a token. These methods may further require a user key, which is used to encrypt the song key before creating the token. | 01-07-2016 |
20170237557 | Extending Data Over Cable Service Interface Specification (DOCSIS) Provisioning of Ethernet Passive Optical Network (EPON) (DPoE) to EPON over Coax (EPoC) Multicast Key Management | 08-17-2017 |
20170237566 | Multiply-Encrypting Data Requiring Multiple Keys for Decryption | 08-17-2017 |
380285000 | By public key method | 22 |
20080205656 | System and method for effectively protecting electronic content information - A system and method for effectively protecting electronic content information includes a channel setup module that coordinates a channel setup procedure to create a secure communications channel between a content drive and a display module. A source DRM module transmits a special content key from the content drive to the display module over the secure communications channel. A content playback module then initiates a content playback procedure for utilizing the electronic content. The source DRM module responsively encrypts the electronic content with the content key. The channel setup module and the content playback module are unable to access or utilize the content key. A destination DRM module then receives the electronic content over the secure communications channel and utilizes the content key to decrypt the electronic content. | 08-28-2008 |
20090022326 | QKD system with common-mode dithering - A QKD system ( | 01-22-2009 |
20090034743 | Method for Communicating Entitlement Data From a Server, Related Server, Client Systems and Computer Program Product - A server communicates a set of entitlement data representative of the entitlement of a client to access corresponding contents data by using a set of keys and a non-invertible cryptographic function. The cryptographic function is applied to a set of candidate bit strings using the set of keys to find a selected bit string that produces the set of entitlement data as a result of the application of the non-invertible cryptographic function by using the keys in the set. The server and the client share the cryptographic function as well as the set of keys (or the selected bit string). The server transmits to the client the selected bit string (or the set of keys). In either case, the client is thus in a position to apply the cryptographic function to the selected string of bits by using the set of keys, thereby reconstructing the set of entitlement data. | 02-05-2009 |
20090086981 | Methods and Apparatus for Batch Bound Authentication - A processing system may include a processing unit and nonvolatile storage responsive to the processing unit. The nonvolatile storage may include a candidate boot code module and an authentication code module. The processing unit may be configured to execute code from the authentication code module before executing code from the candidate boot code module. The authentication code module may have instructions which, when executed by the processing unit, cause the processing unit to read a processor identifier from the processing unit and determine whether the processor belongs to a predetermined set of processors associated with a specific vendor, based at least in part on the identifier, before executing any instructions from the candidate boot code module. The processing system may also test authenticity of the candidate boot code module before executing any instructions from the candidate boot code module. Other embodiments are described and claimed. | 04-02-2009 |
20090092256 | PROGRAM CONTROL APPARATUS, METHOD AND PROGRAM - An activation restriction confirmation processing unit concatenates the basic portion of the name of an activation-restricted program and constituent information indicating a destination, specifies the activation-restricted program that is to be an expansion program of a basic program, and determines whether this activation-restricted program is included in a group of expansion programs. If it is included, the activation-restricted program is loaded. If loading succeeds, then signature data included in this program is read out. The signature data is decrypted using a public key, and confirmation information obtained by decryption is checked against information that is the result of concatenating the identification information of the expansion program and the constituent information indicating the destination. If there is a match, then this activation-restricted program is installed. If there is a non-match, then processing is suspended. | 04-09-2009 |
20090202081 | KEY DELIVERY SYSTEM AND METHOD - A method for delivering a key is disclosed. The method includes encrypting a first key using a second uniquely derived key to form an encrypted first key, and providing the encrypted first key to a transaction device. The transaction device contains the second uniquely derived key. | 08-13-2009 |
20090274306 | Method for Key Administration for Cryptography Modules - The invention relates to a method for a central key station (SS), for setting a new key (nK) in a cryptography module (KM) without a public key being stored in the cryptography module (KM), the authenticity of the new key (nK) being secured by a protocol. According to said method, the public key (KMpub) of the cryptography module is only transported in an encoded manner and only transmitted to key points (SS) that have access to the cryptography module (KM). | 11-05-2009 |
20100067705 | DIGITAL RIGHTS MANAGEMENT ENGINE SYSTEMS AND METHODS - Systems and methods are described for performing digital rights management. In one embodiment, a digital rights management engine is provided that evaluates license associated with protected content to determine if a requested access or other use of the content is authorized. In some embodiments, the licenses contain control programs that are executable by the digital rights management engine. | 03-18-2010 |
20100067706 | IMAGE ENCRYPTING DEVICE, IMAGE DECRYPTING DEVICE AND METHOD - An encrypting device generates an encrypted image by converting an image of a specified region in an input image with an encryption key, by embedding information obtained by encrypting the encryption key with a public key pairing with the private key of a destination, and by performing pixel value conversion. Then, the encrypted image is transmitted to the destination as a printed matter or via a network. A decrypting device converts the encrypted image in the form of print data or electronic data into an image, and inputs it. Next, the decrypting device extracts a decryption key (the encryption key) from the image of the encryption region by executing a process reverse to that of the encrypting device for the encryption region of the converted encrypted image. Then, the decrypting device decrypts the original image of the encrypted region by using the decryption key, and restores the entire encrypted image. | 03-18-2010 |
20100189265 | KEY TERMINAL APPARATUS, CRYPTO-PROCESSING LSI, UNIQUE KEY GENERATION METHOD, AND CONTENT SYSTEM - A key terminal apparatus includes a crypto-processing LSI that performs predetermined crypto-processing. Unique information identifying the crypto-processing LSI is embedded in the crypto-processing LSI. A predetermined master key corresponding to a predetermined key is embedded in the crypto-processing LSI. The crypto-processing LSI (a) receives an encrypted manufacturer key from the manufacturer key storage unit, (b) decrypts the encrypted manufacturer key using the predetermined master key to generate a manufacturer key, (c) generates a unique manufacturer key identical to the predetermined unique manufacturer key, based on the unique information embedded in the crypto-processing LSI and the generated manufacturer key, and (d) decrypts the received encrypted device key using the generated identical unique manufacturer key to generate a predetermined device key. | 07-29-2010 |
20100266131 | Natural action heuristics for management of network devices - A method of managing devices in a dispersed data storage network is disclosed. A device list is maintained including entries for every device in the dispersed data storage network. Each entry lists a public key, a network address, and hardware identifier for the corresponding device. On startup each device sends a request to join the network. The request includes the device's public key, network address, and hardware identifier. The request is compared with the device list, and, based on the comparison, and, in some cases, administrator action, the request is granted or denied. | 10-21-2010 |
20110110525 | Fully homomorphic encryption method based on a bootstrappable encryption scheme, computer program and apparatus - A method includes encrypting information in accordance with an encryption scheme that uses a public key; encrypting a plurality of instances of a secret key, each being encrypted using at least one additional instance of the public key; sending the encrypted information and the plurality of encrypted instances of the secret key to a destination; receiving an encrypted result from the destination; and decrypting the encrypted result. A further method includes receiving a plurality of encrypted secret keys and information descriptive of a function to be performed on data; converting the information to a circuit configured to perform the function on the data; and applying the data to inputs of the circuit and evaluating the data using, in turn, the plurality of encrypted secret keys. | 05-12-2011 |
20110129090 | Method for Distributing Cryptographic Keys in a Communication Network - A method making it possible to distribute elements for generating one or more cryptographic keys between at least two users A and B in a network implementing a routing protocol, characterized in that:
| 06-02-2011 |
20120008787 | LIGHTWEIGHT KEY DISTRIBUTION AND MANAGEMENT METHOD FOR SENSOR NETWORKS - A lightweight security framework is disclosed that combines PKI with symmetric key cryptography to exploit the system asymmetry in hierarchical sensor networks. The framework provides protocols for public key exchange, session and group key generation, pair-wise key generation, and network resource protection in a low-cost security architecture. The security framework shifts much of the security-related computational load off of the resource-constrained sensor nodes and on to resource-rich base station nodes. The method is based on the generation and management of two kinds of symmetric keys from a set of bootstrapping asymmetric keys on each node. | 01-12-2012 |
20120183145 | RECEIVER NON-REPUDIATION VIA A SECURE DEVICE - Techniques for assuring a receiver's non repudiation of a communication are provided via cooperation with a secure device. A secure device operates within a local environment of a receiver and exchanges certificates with a sender via the receiver. The sender encrypts data in a communication with the receiver. Separately, the sender sends an encrypted version of a decryption key to the receiver. The receiver presents the encrypted version of the key to the secure device and the secure device supplies the decryption key for use by the receiver to decrypt the previously sent encrypted data. | 07-19-2012 |
20120328106 | GENERATING SECURE DEVICE SECRET KEY - Methods, devices, systems and computer program products are provided to facilitate cryptographically secure retrieval of secret information that is embedded in a device. The embedded secret information can include a random number that is not custom-designed for any specific requestor of the secret information. Upon receiving a request for the embedded secret information, an encrypted secret is provided to the requestor that enables the recovery of the embedded secret information by only the requestor. Moreover, a need for maintenance of a database of the embedded secret information and the associated requestors is eliminated. | 12-27-2012 |
20130322632 | DIFFERENTIAL CLIENT-SIDE ENCRYPTION OF INFORMATION ORIGINATING FROM A CLIENT - A method may include allocating a number of public keys, where each respective public key is allocated to a respective entity of a number of entities; storing a number of private keys, where each respective private corresponds to a respective public key; storing one or more decryption algorithms, where each respective decryption algorithm is configured to decrypt data previously encrypted using at least one encryption algorithm of the encryption algorithms. Each respective encryption algorithm may be configured to encrypt data using at least one public key. Each respective decryption algorithm may be configured to decrypt data using at least one private key. The method may include receiving encrypted data, where the encrypted data is encrypted using a first public key and a first encryption algorithm, and the encrypted data is provided over a network. | 12-05-2013 |
20130336489 | INFORMATION RECORDING DEVICE - A data storage unit may store an encrypted medium device key Enc (Kcu, Kmd_i), and a medium device key certificate (Certmedia). | 12-19-2013 |
20150341172 | KEY SHARING NETWORK DEVICE AND CONFIGURATION THEREOF - A method of configuring a network device for key sharing, the method comprising obtaining ( | 11-26-2015 |
20150382189 | KEY EXCHANGE METHOD AND APPARATUS - Embodiments of the present invention disclose a key exchange method and apparatus, which relate to the communications field, and can enable user equipments establishing a D2D link to share a set of keys, and further, information security can be achieved when a user equipment transmits service data or a signaling message through a Ud interface. A specific solution is that: a network device acquires a first key, and sends a message including the first key to a second user equipment, so that the second user equipment uses, when communicating with a first user equipment by using a D2D link, the first key to protect transmitted information. The present invention is applicable to an exchange process of keys for protecting data on a D2D link. | 12-31-2015 |
20160056957 | AUTONOMOUS AND SEAMLESS KEY DISTRIBUTION MECHANISM - A satellite system comprises first and second devices, one of the first and second devices being a satellite and the other one of the first and second devices being a device arranged to send signals to the satellite and/or receive signals from the satellite. A session key can be distributed in the satellite system by obtaining the session key at the first device, protecting the session key at the first device, based on a private key of the first device and a public key of the second device, and transmitting the protected session key from the first device to the second device. The second device can receive the protected session key from the first device and obtain the session key from the protected session key based on a public key of the first device and a private key of the second device. Replay detection information can be transmitted with the protected session key, for determining whether the session key has been transmitted previously. The protected session key can be transmitted by inserting a predetermined number of bytes of the protected session key into each frame of a data stream, for example a telemetry (TM) data stream as defined in the Consultative Committee for Space Data Systems (CCSDS) TM protocol. Validity information can be transmitted with the protected session key, defining a period in which the session key is valid. The protected session key can be transmitted bonded to a command message, for example a telecommand (TC) as defined in the CCSDS TC protocol. | 02-25-2016 |
20160156465 | ATTRIBUTE BASED ENCRYPTION USING LATTICES | 06-02-2016 |