Abstract: A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor.

Abstract: A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor.

Abstract: A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor.

Abstract: A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor.

Abstract: A secure information storage system in which a directory stores identifying titles and pointers to areas of a memory storing respective messages. To protect the messages against unauthorized changes, a MAC (message authentication code) is calculated for them in known manner and stored in a register in a secure unit. This involves processing the whole of each message every time the MAC is checked or, if a message has been changed, a fresh MAC has to be calculated. To avoid this, a separate MAC is calculated for each message and stored in the directory, and a global MAC is calculated for the individual MAC's (treating them as if they were a message) and stored in a secure register. To check a stored message, the global MAC is recalculated (thus verifying the MAC of the message), and the MAC of the message is recalculated (thus verifying the message). If the message is changed, its new MAC and a new global MAC are calculated. The system can be extended to a hierarchy of sub-global MAC's.

Abstract: A secure communication system wherein encrypted messages are passed between selected pairs of user terminals in a secure messaging system. A link is first established between the two terminals of the pair, one terminal sending a request to a key distribution center (KDC), which then provides encrypting keys to both terminals so they can communicate with each other. (Messages involving the KDC are themselves protected by encryption). The keys sent out by the KDC are key transporting keys, which are used by the terminals solely to transport data transporting keys between each other. The data transporting keys are used to transport (encrypt) the actual messages, and for security are changed after a usage count is reached; a fresh data transporting key is then generated and transferred under the key transporting key. This minimizes the load on the KDC. A hierarchy or key transporting keys can be used. The KDC (but not the user terminals) maintains a log to enable recover after a system failure.

Abstract: A secure messaging system with several terminals and many system (control) messages transmitted between the various terminals. These messages can deliberate, accidentally change sequence, or be deleted or duplicated. To protect the system against this, an acknowledgement is sent for every message received (except a simple acknowledgement), and each station stores copies of the messages it has sent, deleting them only when acknowledged. When a new message is to be sent or a non-receipt of acknowledgement time-out occurs, a packet is sent with all previous messages in store prefixed to the new message, so the receiving station cannot act on the new message before receiving and acting on the previous messages. There are known means for ignoring duplicated messages. Preferably there is chained serial authentication of the messages in the packet so that even if one is garbled, they can be acted on up to that point.