Abstract: Provided is a software update apparatus including an install module group (130) composed of a plurality of install modules. Each of the install modules receives, from an external server (200), a replacement protection control module (121) for updating a protection control module (120) having a function of verifying whether a predetermined application has been tampered with. Each of the install modules simultaneously running is verified, by at least another one of the install modules simultaneously running, as to whether the install module has a possibility of performing malicious operations.

Abstract: A method and system for authentication between electronic devices with reduced user intervention is provided. An authentication process for electronic devices (e.g., CE devices) establishes ownership for secure communication, with reduced user involvement. Device ownership trust establishment allows secured/authenticated communication between electronic devices. The process binds a device to an owner such that the authentication only verifies the authenticity of a device, and verifies the ownership of the device to ensure authentication. This ensures that a device is a valid device that has not been tampered with, and ensures a device has a trusted owner. Ownership binding to a device can be verified and established by trusted third parties without user intervention.

Abstract: A cryptographic method for a cryptographic system may include receiving a basic point on an elliptic curve and a scalar k; initializing primary variables with the basic point; iterating through a plurality of operations using a repetitive operation variable; identifying a fault, in one or more of setting secondary variables corresponding to the primary variables, resetting the primary and secondary variables, and calculating a scalar product in a multiplier of the cryptographic system, the identifying of the fault using the primary and secondary variables based on a portion of the scalar k, the fault identified by one of determining that values of at least two of the secondary variables are different and determining that at least one of the secondary variables is different from at least one of the primary variables; and outputting the scalar product if there is no fault identified.

Abstract: A system is provided comprising a computer system, a configuration database, and a dynamic network interfaces application that receives a message from a network access component containing a request to authenticate a client device accessing a network service, determines that a policy requires the client device to be associated with a virtual local area network to access the network service, and authenticates the client device for association with the virtual local area network. The dynamic network interfaces application also searches the configuration database for configuration information to provision the virtual local area network, assigns the configuration information to the client device, the network access component, and a firewall component, and sends a reply containing the configuration information to the network access component and the firewall component in response to the request, wherein the configuration information comprises settings to provision the virtual local area network.

Abstract: A content server apparatus (10) includes: a unique information holding unit (103) which holds unique information of an on-vehicle player apparatus (20), a content obtaining unit (101) which obtains a content from outside, an encrypting unit (104) which encrypts the obtained content, prior to a transmission request from the on-vehicle player apparatus (20), onto an encrypted content using the unique information, a storing unit (105) which stores the encrypted content, and a transmitting unit (107) which transmits the stored encrypted content in response to the transmission request from the on-vehicle player apparatus (20). The on-vehicle player apparatus includes a storage medium (208) which stores the received encrypted content, and a decrypting unit (209) which decrypts the stored encrypted content in response to a reproduction request given from outside.

Abstract: The conventional data transmitting/receiving system has problems: that a correct measurement cannot be performed because a measurement result is an addition of a verification processing time and a transmission time; that an authentication processing which is necessary for a transmission time measurement processing needs to be separately required; and that an unnecessary key exchange processing is executed.

Abstract: Mutual authentication systems and methods are described that comprise an authenticating server that is available across a network and capable of authenticating a user based on credentials provided by the user. An embeddable object provided by the authenticating server and containing a passphrase that identifies the server to the user. A credentials entry mechanism identifies the user to the authenticating server. A user device displays an Outer Page that can request authentication. The authenticating server verifies the source of the request and provides the passphrase to the user device. The display of the passphrase confirms the identity of the authenticating server to the user. The source of the request can be verified using a secure cookie. The embeddable object can be provided in a second page and can prevent display of the passphrase if user input is not directed to the second page.

Abstract: An apparatus is described for recording an optical record carrier (40). The apparatus is arranged for recording a visually detectable pattern (LBL) at the record carrier in a ring shaped zone (RP). The apparatus is further arranged to record data (Data1, Data2) and a primary data organizing system (FS) wherein the data is organized. The primary data organizing system (FS) does not refer to a physical address within the ring shaped zone. The apparatus is further arranged for recording at least part of the data (Data2) or the primary data organizing system on the record carrier at an area peripherally arranged with respect to the ring shaped zone.

Abstract: A virtual machine can be implemented by anyone because the interface and other information necessary for implementation are publicly available. Therefore, it is possible that by implementing the virtual machine illegitimately, programs run thereon on will be made to operate illegitimately instead of legitimately. A program compares secret information held by the virtual machine with verification information held by the program itself. The program thereby verifies whether the virtual machine that runs the program is implemented legitimately, and is able to reject an illegitimate virtual machine.

Abstract: A method and system for determining the level of allowed communication between devices. By addition of one or more tamper-resistant proximity check server(s), round-trip time measurements to estimate the distance between the communication devices are performed in order to determine the amount of communication allowed between these devices. In one embodiment, a single tamper-resistant proximity server computes the distance between communication devices that are implemented as trusted applications on open platforms.

Abstract: Videos are received and indexed based on fingerprints generated for the videos, using lookup keys which correspond to sub portions of the reference fingerprints. Specifically, a set of lookup keys is selected such that the number of reference fingerprints such that the clumping associated with the associated each of the lookup keys is minimized. Clumping occurs when a number of reference identifiers associated with a lookup key exceeds a maximum value.

Abstract: A memory device for storing a plurality of macroblocks may include a plurality of memory banks. Each macroblock may include m*n pixel data, wherein m is a positive integer, and wherein n also is a positive integer. The plurality of memory banks is adapted to store the pixel data, and wherein each memory bank is sized to store rows of m pixel data. An image processing system may include: a memory adapted to store a plurality of macroblocks; and a video codec. The memory may include a plurality of memory banks. Each memory bank may be sized to store rows of m pixel data. The video codec may be adapted to encode pixel data read from the memory. The video codec also may be adapted to decode the pixel data read from the memory.

Abstract: Disclosed is a method for generating a Short Term Key Message (STKM) for protection of a broadcast service being broadcasted to a terminal in a mobile broadcast system. The method includes transmitting, by a Broadcast Service Subscription Management (BSM) for managing subscription information, at least one key information for authentication of the broadcast service to a Broadcast Service Distribution/Adaptation (BSD/A) for transmitting the broadcast service, generating, by the BSD/A, a Traffic Encryption Key (TEK) for deciphering of the broadcast service in the terminal and inserting the TEK into a partially created STKM, and performing, by the BSD/A, Message Authentication Code (MAC) processing on the TEK-inserted STKM using the at least one key information, thereby generating a completed STKM.

Abstract: A quantum key distribution protocol is provided that reduces the maximum value of the leaked information amount over the same distance when an adversary makes a photon number splitting attack more than the reduction by the BB84 protocol and the SARG protocol, by making use of the advantages of the BB84 protocol and the SARG protocol. By properly proportioning the existing BB84 protocol and the SARG protocol in accordance with the rate determined by the communication distance between the sender and the receiver of the coherent light, a protocol that is more robust against photon number splitting attack than the known existing protocols can be realized, and long distance quantum key distribution, which was not possible until now, becomes possible.

Abstract: An apparatus and method for implementing a secure quantum cryptography system using two non-orthogonal states. For each qubit, the to emitter station prepares a quantum system in one of two non-orthogonal quantum states in the time-basis to code bit values. Intra- and inter-qubit interference is then used to reveal eavesdropping attempts. Witness states are used to help reveal attacks performed across the quantum system separation.

Abstract: A computer implemented method, apparatus, and computer program product for authenticating a user to a network. In response to receiving a request from a user to access a protected resource, the process sends a unique bit sequence into a network connection utilized by the user. Next, the process authenticates the user to access the protected resource in response to receiving a verification that the unique bit sequence was received by an access point that authenticated the user when the user logged on to the network.