Abstract: New devices (101) are added to an existing domain by obtaining domain information (e.g., domain name and private domain password) from devices (101) already in the domain that preferably are in close proximity. Once the domain information has been transferred from the device already in the domain to the device being added to the domain, the device being added to the domain contacts a key issuer (105) to complete its registration into the domain. The key issuer returns a DRM domain private key (206) as well as a DRM certificate (202). Both are utilized by the device to obtain and render digital content (204).

Abstract: A portable electronic device (110) contains an application revocation list (ARL) in memory (135) comprising at least one application identifier (AI) uniquely identifying an application. The portable electronic device also contains an application list memory (133) for storing at least application identifiers for trusted applications in the device. A processor (120) operatively connected to the memory determines whether an application identifier on the application revocation list matches an application identifier on the portable electronic device, and, if so, processes a revocation of the application. The application revocation list can be wirelessly updated. Application software in a portable electronic device can thus subsequently be revoked through operation of this application revocation list. A remote server (140) makes application revocation lists available to portable electronic devices over a network such as a cellular system.

Abstract: Authentication is performed to a confidence level (CL) desired by a verifier (220). A prover (210) picks and sends certain same size, square matrices to the verifier (220). A random request bit is sent (234) from the verifier (220) to the prover (210) after the receipt of a certain square matrix. Depending on the request bit, calculations are made (244, 264) by the verifier (220) to determine if the matrices sent from the prover are verifiable. The prover (210) is iteratively authenticated by the verifier (220). Iterations are continued until (320) a count of the iterations (IL) reaches a number sufficient to achieve the desired confidence level (CL). After a delay, more iterations can achieve a higher confidence level by building on previous result of authentication without having to begin at zero. During this delay, the verifier (220) can perform tasks in reliance on the result of authentication. Digital logic can perform the authentication.

Abstract: A communications device (300) enabled to support both external voice communications functionality (301) (or other external communications of interest and choice) and other functionality (302) has at least a first and second mode of operation (304 and 305). The first mode of operation permits essentially all functionality while the second mode of operation precludes at least much of the other functionality in favor of preserving the viability of at least some of the external communications functionality. A selector (306) can select a given mode of operation based, at least in part, on a trigger 307 comprising, for example, a user input and/or detection of a condition of concern.

Abstract: A method and apparatus is provided for authenticating a component (450) for use in a device (100). The device (100) has a predetermined challenge and a predetermined response associated with the predetermined challenge stored in a memory (122). The method detects whether the component (450) has been coupled to the device (100). If the component (450) has been detected (206), the predetermined challenge is provided to the component (208). The device (450) then determines whether a component response has been received from the component within a predetermined response time (210). If a component response is received within the predetermined response time (210), it is compared to the predetermined response (212). The component is disabled (214) if either the component response is not received within the predetermined response time (210) or the component response is received within the predetermined response time (210) but the component response is not equivalent to the predetermined response (212).

Abstract: New devices (101) are added to an existing domain by obtaining domain information (e.g., domain name and private domain password) from devices (101) already in the domain that preferably are in close proximity. Once the domain information has been transferred from the device already in the domain to the device being added to the domain, the device being added to the domain contacts a key issuer (105) to complete its registration into the domain. The key issuer returns a DRM domain private key (206) as well as a DRM certificate (202). Both are utilized by the device to obtain and render digital content (204).

Abstract: Devices (101) are assigned a unique, unalterable, identification or serial number (313) that acts as the devices “electronic” biometric. Any certificate (302) created by a key issuer will contain the device's assigned DRM public key and the device's electronic biometric data. When a consumer wishes to purchase new content (304) from a content provider (103), the consumer will send the DRM certificate containing its DRM public key and the biometric. The rights issuer will then create a license (306) that assigns the content in such a way that only a device with the particular biometric and DRM private key is allowed to render the content.

Abstract: A method of authenticating digital content of a digital object. Content is divided into portions or chunks. A chunk hash of each chunk is calculated to provide chunk hashes that are stored as entries in a hash table. The chunk hash entries of the hash table are in turn hashed to create an overall hash of the hash table. Verification of the content first includes determining whether a recalculated overall hash of the hash table matches the previously calculated overall hash of the hash table. If the recalculated overall hash does match, this indicates that the hash table is authenticated and that the authenticity of the individual chunks can be verified. Verification of the authenticity of an individual chunk, which may be performed concurrently with the processing of the individual chunk, allows the content of the digital object to be incrementally rendered, chunk by chunk, resulting in a much faster and efficient rendering of the verified digital content.

Abstract: A domain-based digital rights management (DRM) method and system. A domain has one or more communication devices, such as user devices that share a common cryptographic key of the domain. There may be a plurality of domains in a digital rights management environment and the domains may additionally be overlapping. A domain authority, in combination with a digital rights management module of a communication device, operates to selectively register and unregister the communication device to the one or more domains and to control access to encrypted digital content information.

Abstract: An apparatus and method for preventing information leakage attacks on a microelectronic assembly is described for performing a cryptographic algorithm by transforming a first function, used by the cryptographic algorithm, into a second function. The method includes receiving (1102) a masked input data having n number of bits that is masked with an input mask, wherein n is a first predetermined integer. The method also includes processing (1104) the masked input data using a second function based on a predetermined masking scheme, and producing (1106) a masked output data having m number of bits that is masked with an output mask, wherein m is a second predetermined integer.

Abstract: An electronic wallet includes memory for storing at least a balance corresponding to an account in a financial institution, and a selective call receiver for receiving a wireless message transmitted from a remote transmitter, the wireless message including financial information relating to the balance for confirming a financial transaction with the financial institution. A controller, coupled to the memory and to the receiver, can update the balance in the memory in response to the wireless message.communication system enters financial transactions into the communication system from one of a plurality of associated portable data devices, and updates the financial transactions from the communication system to the one and to at least a second of the plurality of associated portable data devices via wireless message communication from at least one remote transmitter.

Abstract: A cellular system employs a subaudible signalling control protocol. The protocol includes transmitting supervisory related signals between the radiotelephone and one of the cell sites at a first subaudible digital bit rate, and transmitting data messages between the radiotelephone and said one of the cell sites at a second subaudible digital bit rate. Additionally, the system employs specific protocols involving alert, hand-off and call disconnect which accommodate the subaudible signalling, yet provide significant integrity and reliability advantages over previously known protocols.