Abstract: In a general aspect, digital certificates are generated. In some aspects, a method includes accessing a primary root certificate of a root certificate authority of a PKI system. The primary root certificate includes a first public key based on a first cryptosystem and a first signature generated with a private key that corresponds to the first public key. A secondary crypto-agile root certificate is generated. The secondary crypto-agile root certificate includes the first public key of the root certificate authority, a second public key of the root certificate authority that is based on a second cryptosystem, a second signature of the root certificate authority that is created with a second private key that corresponds to the second public key, and a third signature of the root certificate authority that is generated with the first private key. The secondary crypto-agile root certificate is propagated to subordinate entities in the PKI system.

Abstract: In a general aspect, a multiple-entity root of trust is constructed and maintained for use in a cryptography system. In some aspects, a genesis data block includes genesis block data entries representing respective member entities of a root of trust consortium. A genesis block is generated by digitally signing the genesis data block. The genesis block is provided for use by end entities as a root of trust in a cryptography system. In some aspects, a hash of an existing block of a chain is obtained, and a data block comprising a data entry is generated. The data entry identifies an action by one or more member entities of the root of trust consortium. A new block of the chain is generated by digitally signing a combination of the data block and the hash of the existing block. The new block is provided for use by end entities as the root of trust in the cryptography system.

Abstract: In a general aspect, a multiple-entity root of trust is constructed and maintained for use in a cryptography system. In some aspects, a genesis data block includes genesis block data entries representing respective member entities of a root of trust consortium. A genesis block is generated by digitally signing the genesis data block. The genesis block is provided for use by end entities as a root of trust in a cryptography system. In some aspects, a hash of an existing block of a chain is obtained, and a data block comprising a data entry is generated. The data entry identifies an action by one or more member entities of the root of trust consortium. A new block of the chain is generated by digitally signing a combination of the data block and the hash of the existing block. The new block is provided for use by end entities as the root of trust in the cryptography system.

Abstract: A system and method is disclosed for securely binding an arbitrary program to an authorized instance of a generic execution platform. Once the binding process occurs, the protected software application will not exhibit correct behavior unless run on the execution platform to which it is bound. The system and method withstands repeated attacks which tamper with the software application and the execution platform. The system and method present a mechanism to bind a program, P, to any un-trusted execution platform, E, which contains a Trusted Signing Authority (TSA). The TSA may take many alternate forms including a trusted platform module, secure processor, kernel driver, and hardened software agents.

Abstract: In a general aspect, a conversion scheme is used with a cryptographic system. In some aspects, a pad bit vector is generated based on a size of a message bit vector, and a record bit vector is generated based on the pad bit vector. The record bit vector indicates the size of the pad bit vector. The record bit vector, the message bit vector, and the pad bit vector are combined to yield a first bit vector. A hash function is applied to the first bit vector, and an encryption function is applied to a portion of the first bit vector. A ciphertext is generated based on the output of the hash function and the output of the encryption function.

Abstract: Backing up and restoring a multi-user relational database management system is described. A first unique backup file name is created, based on a user-specified name, for a first backup file associated with a relational database management system that provides multi-user access to at least one database. A second unique backup file name is created, based on the user-specified name, for a second backup file associated with the relational database management system. A request is received to restore a database to a state associated with a point in time. The first backup file and the second backup file are recovered based on the point in time and the user-specified name. The first backup file and the second backup file are restored to the database.

Abstract: A digital signature generation (DSG) process which provides resistance against white box attackers is disclosed. This is done by applying specially selected data transformations to the inputs, outputs and internal parameters of the algorithm. In particular, the signatory's private key does not appear in the clear in our protected implementation. Our new white box implementation produces signatures that are compatible with signatures created by conventional implementations; thus our solution facilitates interoperability and can be used as a drop-in replacement for conventional implementations. In particular, we describe transformations to the key (d) and the generator domain parameter (usually denoted G or g) of the digital signature generation processes, such that embodiments of the invention can produce signed messages which appear to a verifier as if the key (d) was used, without actually ever using the key (d).

Abstract: A system and method is disclosed for securely binding an arbitrary program to an authorized instance of a generic execution platform. Once the binding process occurs, the protected software application will not exhibit correct behavior unless run on the execution platform to which it is bound. The system and method withstands repeated attacks which tamper with the software application and the execution platform. The system and method present a mechanism to bind a program, P, to any un-trusted execution platform, E, which contains a Trusted Signing Authority (TSA). The TSA may take many alternate forms including a trusted platform module, secure processor, kernel driver, and hardened software agents.

Abstract: A digital signature generation (DSG) process which provides resistance against white box attackers is disclosed. This is done by applying specially selected data transformations to the inputs, outputs and internal parameters of the algorithm. In particular, the signatory's private key does not appear in the clear in our protected implementation. Our new white box implementation produces signatures that are compatible with signatures created by conventional implementations; thus our solution facilitates interoperability and can be used as a drop-in replacement for conventional implementations. In particular, we describe transformations to the key (d) and the generator domain parameter (usually denoted G or g) of the digital signature generation processes, such that embodiments of the invention can produce signed messages which appear to a verifier as if the key (d) was used, without actually ever using the key (d).