Abstract: A content usage control system comprises a copyright holder system, content server, license server and user system. The ACL setting section of the copyright holder system sets a license ACL expressed as a structure by a combination of logic sums and logic products of a plurality of partial licenses for the content, based on the user ID and a plurality of physical element IDs including media used in the user system, and stores the license ACL in an access control list. The license server controls the usage of the content by the user utilizing the access control list.

Abstract: A method for recoding data on an optical medium such as DVD. The method includes receiving main data from a data source, determining a plurality of data frame values in response to the main data, inverting at least one selected bit in at least one of the data frame values to generate a plurality of encoded data frames, scrambling the encoded data frames by a feedback shift register to generate scrambled data frames, generating ECC values in response to the scrambled data frames, adding the ECC values to the scrambled data frames to generate an ECC block, rearranging the ECC block to generate a plurality of recording frames, encoding the recording frame by an eight-to-sixteen modulation (ESM) encoder to generate code words, adding sync values to the code words to generate a plurality of physical sectors, and recording the physical sectors on the optical medium. There is a complementary method for reading and decoding data from an optical medium.

Abstract: A trusted path device is described which may be used stand alone or may be retrofitted to a users untrusted computer console or workstation so that an untrusted data input may be displayed on an untrusted display and verified by the user, following which the trusted data can be output to an untrusted or trusted device or network. The output may be encrypted or not, by means of an encryption device which may or may not use a ‘one time pad’ key provided from a structured array of retrievable “one time pad” keys having associated uniquely there with, a serial number which itself need not be encrypted but with which the input data and encrypted output data are uniquely associated. Sufficient “one time pad” keys are provided on a commonly available and physically manageable medium so as to allow much simplified key management procedures while still maintaining high levels of correctness and effectiveness of the encryption processes.

Abstract: The invention relates to an apparatus and method for enhancing the security of selected information associated with a negotiable document, such as the monetary value of a cheque. In the invention, one or more security features are printed or applied onto the cheque. One such security feature is an encrypted control code. The preferred embodiment employs a secret key cryptographic scheme to encrypt the monetary value and thereby generate a first control code which is printed on the check. When the check is presented for payment, a validator, such as bank or cheque clearing house, employs a verification system having a copy of the encryption key to read the monetary value from the cheque and re-encrypt it according to said scheme to generate a second control code. The cheque is not honored if the first and second control codes are not identical. Another security feature is a security image, composed, for instance, from a foreground image of the monetary value superimposed over a background motif image.

Abstract: Systems and methods provide encryption and decryption using wavelet transforms over finite fields. The wavelet encryption system and wavelet decryption system include one or more filters that receive a set of wavelet coefficients as input. The wavelet coefficients are then utilized by the wavelet encryption system to cause the filters to encrypt plaintext into cyphertext. The cyphertext is then decrypted by a wavelet decryption system, which is operable to reconstruct the original plaintext using wavelet transforms that reverse the effect of the wavelet encryption system.

Abstract: The invention relates to a method and device for adding or extracting a secondary information signal to/from a runlength-limited code sequence. A polarity of a runlength at a first predetermined position of the runlength-limited code sequence is detected and a parameter reflecting the degree of freedom that is present in the runlength-limited channel code, e.g. the selection of a merging bit pattern in the CD-standard, is set on the basis of the detected polarity so as to obtain a predetermined polarity of a runlength at a subsequent second predetermined position of the runlength-limited code sequence. The predetermined polarity then corresponds to a binary value of the secondary information. Thus, a side-channel with a small capacity is provided, which is positioned very close to the physical channel such that the secondary information is hard to be detected from the EFM bit stream. Therefore, the side-channel can be used as a hidden channel for copy protection purposes.

Abstract: Upon embedding additional information in image information, since an image region in which the additional information can be embedded is limited, the information size that can be embedded is often limited, and all pieces of additional information cannot be embedded. Before the additional information is embedded in the image information, distribution information of pixel values is obtained by scanning the image information, and the information size that can be embedded is detected and displayed on the basis of the obtained distribution information of pixel values.

Abstract: In one aspect of the invention, the frames of a thread stack that associated with the misbehaving code are popped from the thread stack. Exception handling code is allowed to execute for trusted code by popping the trusted code frame via processing an exception, but exception handling is not allowed to execute for untrusted code. In a second aspect, frames are popped on all thread stacks of all threads that are associated with the misbehaving code. Threads are generally deemed to be associated with the misbehaving code when the threads share a same object or the same resources as the thread that is associated with the misbehaving code.

Abstract: A watermarking method and device to embed a digitized watermark into a digital image file in the transformation domain is disclosed. In the watermarking technology of this invention, the digitized watermark is first error corrected to enhance its robustness. The digital image file to be embedded with the digitized watermark is first processed such that capacity of each element of the digital image file is calculated. The capacity of an element of the digital image file represents the highest value of tolerance for an element of the watermark to be added to the said element of the digital image file. Elements of the digital image file to which watermark elements may be added are selected and their addresses are recorded. The selected elements are then modulated so that they are suited to be embedded with elements of the digital watermark. After modulation the digitized watermark is embedded into the digital file by distributing the modulated elements of the watermark into the selected addresses.

Abstract: Operation of a logic circuit for performing a desired logic function is scrambled. Logic gates and/or transistors are provided in the logic circuit so that the logic function is performed in at least two different ways. The way in which the logic function is performed is determined by the value of a function selection signal applied to the logic circuit. The function selection signal is random and is applied to the logic circuit, and the function selection signal is refreshed at determined instants for scrambling operation of the logic circuit. For identical data applied at the input of the logic circuit and for different values of the function selection signal, the polarities of certain internal nodes of the logic circuit and/or the current consumption of the logic circuit are not identical.

Abstract: This system relates to a secure encryption/decryption protocol for elevator displays and controls. The protocol uses an algorithm to scramble information before transmission and reassemble it after transmission. The system uses at least one block of data assembled into unencrypted N-bits of information. An encryption device encodes the data into at least one block of encrypted M-bits of information. A data encryption mask provides an encryption routine which also includes scrambling the data.

Abstract: The present invention provides methods and apparatus that reverse the notion of the attack process in using intentional image distortion techniques as a means of indelibly marking an original image. It also provides for imparting and removing intentional image distortion to further obscure an embedded invisible watermark. It further provides means for hiding a watermark embedded into a watermarked image. It also provides for imparting distortion on an reference image to form a single level or multilevel caricature of the entire (or part of) the reference image.

Abstract: In a computer network, documents are produced, the document is hashed to produce a fingerprint, and the fingerprint is encrypted to sign the document then the document signature is transmitted from the user system to a secure computer system. The secure computer system creates a time stamp including the document signature and a digital time. The secure system signs the time stamp to verify its origin. The time stamp and notary's signature are transmitted from the secure system to the user's system. The user has access to the notary's public key which is used for determining whether the time stamp is authentic. Then, if the document is revised, the revised document is hashed and the hash is combined with an indication that the revision is related to the original document. The indication could be a hash of the original document, the original document signature, the notary's time stamp for the original document, or the notary's signature for the original document.

Abstract: Method and apparatus for scrambling a high definition television signal to discourage unauthorized recording of same. While recording per se is not prevented, the resulting recorded signal is rendered unusable due to an induced “wobble” between the active video and the associated sync pulses. The scrambled television signal is readily viewable on a compliant high definition television set which descrambles the HDTV signal using an encoded indication of the amount of wobble accompanying the HDTV signal. Also provided is a special interface to prevent unauthorized persons from using the indication of the amount of wobble so as to defeat the scrambling. Also provided are method and apparatus for defeating the scrambling method and hence allowing recording of the scrambled video signal.

Abstract: A signal reproducing apparatus in which unauthorized decoding or copying is rendered difficult. The apparatus is configured for reproducing ciphered data from a disc-shaped record medium 101 on which there are recorded data ciphered by at least one encryption operation and the key storage site information specifying the arraying site for at least one key information item used for deciphering the ciphered data. The apparatus includes a reproducing head device 12 for reading out the ciphered data and the key storage site information from the record medium 101, a TOC decoder 219, a CPU 224 and a digital signal processing circuit 220 for decoding the ciphered data using the key information stored on the site designated based on the key storage site information.

Abstract: A method and apparatus are described for inserting a watermark in the compressed domain. The watermark inserted does not require a reference. An overall watermarking system incorporating the invention combines cleartext, bitstream, and integrated watermarking. In a perceptual coder, the data enters a filterbank, where it is processed into multiple separate coefficients. A rate/distortion control module uses noise threshold information from a perceptual coder, together with bit-count information from a noiseless coder, to compute scale factors. The coefficients are multiplied by the scale factors and quantized, then noiseless coded and then output for further processing/transmission. The invention supports three embodiments for inserting a mark into the bitstream imperceptibly. It is assumed that some set of scale factor bands have been selected, into which mark data will be inserted. In one embodiment, a set of multipliers {xi=2Ni: i&egr;M} is chosen.

Abstract: A method for embedding a digital identification code in a digital recording, and tracking and cataloging the encoded digital recording. The digital signal and the code are received during broadcasts and transmissions. The receiving means has a monitoring means able to recognize and read the embedded code. The monitoring means then records several data, such as time, dates and duration and origin of the broadcasts or transmission. Such data can be retrieved in an easy to read form, thus enabling the end-user to identify the broadcast and transmitted works together with the parameters required to produce accurate royalty reports.

Abstract: Image or audio content data is encoded to steganographically convey plural bit auxiliary data. The content data is thereafter subjected to lossy compression/decompression, and the auxiliary data can still be recovered and used, e.g., to control associated audio or video equipment.

Abstract: When a spectrally spread additional information signal, obtained by spectrum spreading additional information such as an anti-duplication control signal or copyright information, is superimposed on a video signal, the level of the spectrally spread additional information signal is controlled according to the scatter of pixel values in each block comprising plural pixels. The sensitivity of detecting additional information from the spectrally spread additional information signal is therefore improved, and the visual effect of the spectrally spread additional information signal on a reproduced image is suppressed.

Abstract: To dynamically embed information with a digital content taken into account a digital information embedding device includes an input block receiving an image, a feature value parsing block detecting a feature value of at least a partial area of the input image, and an information embedding block modifying the area, based on the detected feature value. A feature value detected can be referred to to modify an area. This allows a content of an image to be considered in embedding digital information.

Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection.

Abstract: Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm.

Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection.

Abstract: A secure client/server system allows remote access to a database system without allowing unauthorized users to access data stored within the database system. A server receives a request for data from a client located at a remote location. The server translates the request for data into an appropriate query or queries. The queries are used by the server to retrieve data from databases associated with the server. If the requested data resides in a plurality of databases that utilize different protocols, the server submits a plurality of queries which are respectively compatible with the databases. Furthermore, if some of the information requested by the request for data is located in a remote database, the server creates a second request for data and transmits the second request for data to a remote server associated with the appropriate database. The remote server translates the second request for data into a second query and retrieves the requested data from the remote server with the second query.

Abstract: A method and system of read-ahead caching for use in a DVD player utilizing CSS titles is disclosed. The caching system is a host-based read-ahead caching system that utilizes a threaded architecture for caching. One thread is dedicated to retrieving data from the cache and a second thread is dedicated to reading data from the cache. The producer thread is intelligent enough to cache only within a title boundary, thus preventing costly re-authentication steps.

Abstract: A method and apparatus for performing bi-directional data transfer operations over a global computer network are provided. This is accomplished by extracting data from a database stored on a first computer system connected to the global network, transmitting the data extracted from the database to a second computer system connected to the global computer network, receiving on the first computer system data transmitted from the second computer system, and merging the data received from the second computer system into the database stored on the first computer system. These operations are performed in a substantially contemporaneous manner. Unlike prior art techniques, in which data transfers are performed in batch off-line, embodiments of the invention allow for secure data transfer operations to be performed on-line in real-time.

Abstract: A multicast message transmission device and a message receiving protocol device for guaranteeing a fair message delivery time for a multicast message. At the receiving protocol device, a release time of the received multicast message is set to a prescribed time specified to all receiving protocol devices of the same multicast group, and the received multicast message is stored until the release time, and then released to a corresponding upper level device. At the transmission device, each receiving protocol device is authenticated, and then the encrypted multicast messages are transmitted to the receiving protocol devices, while a prescribed decryption key corresponding to the encryption key of the encrypted multicast message is distributed the authenticated receiving protocol devices prior to transmissions of the multicast messages.

Abstract: A method is disclosed for establishing trusted communications with associations for communications between users on an Internet Protocol based computer network. The method entails the first user's SNIU determining the Internet Protocol (IP) address of a second user's SNIU on the computer network through the use of custom and ICMP Echo Request and Reply messages. The user's SNIUs exchange security related information needed to complete the establishment of a trusted association. The trusted association is maintained during all communications between the first user and the second user.

Abstract: A method and system for accelerating an integral evaluation program using the Monte Carlo evaluation by sequence generation program without disclosing the internal workings and functionality of the programs. More specifically, the present invention uses a sequence generation program to generate a point in a sequence. An integral evaluation program calculates the integrand at that point and passes the result to the sequence generation program. Based on this sample, the sequence generation program generates further points in the sequence based on the integrand but without revealing specific information about the sequence. The sequence is used by the integral evaluation program to solve the integral without revealing the details of the sequence generation program.

Abstract: A server communicates bidirectionally with a gateway over a first communication link, over which service requests flow to the server for one or more merchants and/or consumers. Service requests are associated with a particular merchant based on storefront visited by a consumer or credentials presented by a merchant. Service requests result in merchant specific transactions that are transmitted to the gateway for further processing on existing host applications.

Abstract: The machine involves code wheels in cascade or in a maze with random or mixed circuits which operate a printing device to print the cipher conjugate of the letter on an operated key when the keyboard is connected to one end of the code wheel maze, and to print the plain conjugate of the letter in cipher when a key bearing such letter is operated with the keyboard connected to the other end of the code wheel maze. The printer is connected to the end of the code wheel maze opposite the end to which the keyboard is connected in both cases.

Abstract: A mobile computing scheme capable of carrying out a proper packet transfer according to a current location of the mobile computer by accounting for the network operating policy. A mobile computer carries out a prescribed communication processing according to recognition results as to whether the mobile computer is located inside or outside the home network at which a mobile computer management device of the mobile computer is provided, and whether or not there exists a packet processing device which has a packet transmitted by at least one of the mobile computer and a correspondent computer as an encryption and authentication processing target.

Abstract: The invention relates to an encryption key management system and method of securely communicating data. First and second communicating devices are provided with a first and second identical sequences or databases of encryption keys. A pointer is set in both the first and second sequences at the same encryption key. Data from the first communicating device is encrypted using an encryption key adjacent the pointer in the first sequence of encryption keys. The encrypted data is then transmitted from the first communicating device and received by the second communicating device. The second communicating device decrypts the encrypted data received using an encryption key adjacent the pointer in the second sequence of encryption keys. After encrypting and/or decrypting data segments, the pointers in both the first and second sequences of encryption keys are incremented or moved in preparation for the next data segment or communication.

Abstract: Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority--which may be a trusted independent third party--tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)--allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment.

Abstract: A security system for an information storage medium is so structured that only file data including secret individual information is encrypted by an encryptor/decryptor circuit. Known file management data is written in a memory device in plain text. This encrypting device prevents any third person from reading the secret information without unnecessary encryption of non-secret data to realize an enhanced security function.

Abstract: An interactive bi-directional telecommunication method using a handheld low power user device to access a host computer server along a telecommunication path, and to command the host computer server to transmit audio and/or visual reports to the user device. A system for host computer ordering of consumer products and services using the telecommunications method and handheld low power user device.

Abstract: The following describes an apparatus for and method of providing a secure method of downloading a program into a processor (101) from a device (103) external to the processor (101). The program may be encrypted (207) prior to its entry into the external device (103). The program may also have authentication information added (203 and 207) to it. Authentication information may be provided on an unencrypted and/or an encrypted program. The processor (101) decrypts (307) and/or successfully authenticates (311) the program before allowing the program to be executed by the processor (101).

Abstract: Computer systems may be provided with additional performance for demanding applications while adding little additional hardware. For example, a slave device for a host computer system combines an embedded programmable controller with non-volatile memory, local RAM, and interface logic. The host computer system treats the slave device as if it would be a hierarchical memory system such as a conventional disk drive on which it may store and retrieve files. Additionally, the host computer system may program the controller to perform operations on stored information, including image processing and/or data compression. The non-volatile memory may include a disk drive, writable CD-ROM, optical drive, or non-volatile solid state memory.

Abstract: The cryptographic system automatically and continuously changes the cipher equivalents representing plaintext characters so as to prevent any periodicity in the relationship. The system has a series of juxtaposed, rotatable, connection changing mechanisms to provide a large number of alternative paths for the passage of an electric current corresponding to a message character. Further, the system has parts for the irregular and permutative displacements of the members of a set of circuit changing mechanisms to thwart cryptanalysis. The juxtaposed cipher commutators are controlled by cam wheels of different diameters.

Abstract: An electronic watermarking scheme is proposed that can significantly increase the security of copy protection mechanisms. The watermarking methods works at high level in the hierarchy of the (MPEG) source signal. This ensures that the watermark is easily detectable, but difficult to erase without significant transcoding effort. Such transcoding is considered a difficult and expensive task that may furthermore lead to loss of quality or increase in bit rate.

Abstract: An agent is permanently resident in a server as software for the purpose of cryptographic processing. In addition, another agent that is described in mobile code and contains a program for the purpose of cryptographic processing is also stored in the server. When data that are to be sent and received between the server and a client are encrypted, the agent that is described in mobile code is sent from the server to the client. When the client receives data that were encrypted in the server, it reproduces those data by decryption using the received agent.

Abstract: A state synchronized cipher text scrambler is disclosed. The state synchronized cipher text scrambler enables multiple data streams to be scrambled in parallel in such a way that the data streams are uncorrelated with respect to each other and there is a large fixed delay relationship between the scrambler bits over the multiple streams. This enables a receiver to correctly identify the ordering of the multiple data streams with respect to each other automatically, correct for any polarity or wire-swap misconnections and align the received multiple data streams despite differential delays between the data streams.

Abstract: Measuring device, particularly for fuel pumps in service stations, comprising a pulser equipped with a microprocessor unit and an electronic head equipped with a microprocessor unit, in which device the pulser and the electronic head are connected and mutually communicate information and data correlated to the supply; the information and the data are encrypted by means of an algorithm loaded in said microprocessor units and are sent to the electronic head from the pulser together with the measurement values of each supply, in order to allow the verification and the validation of the transmitted data.

Abstract: An electronic system with security functionality that optimizes performance of the electronic system during cryptographic operations. In one embodiment, the electronic system includes a chipset having circuitry to perform bulk cryptographic operations and a circuitry physically removed from the chipset to control and manage operations of the chipset.

Abstract: A software application is modified in a defined manner to prevent it being executable by a processor until the modified software application is decoded. Preferably, a sum of all of the bytes comprising a header of the software application (sufficiently small in size to be referred to as an "applet") is determined. In this embodiment, applet includes pseudo-code (p-code). Only the least most significant byte of the sum is used as a variable for modifying the p-code of the applet. Preferably, the variable is added to each byte of the p-code, except that only the first byte of a multi-byte p-code is thus modified. Alternatively, a different logical operator can be employed such as a subtract, AND, XOR, etc. for modifying the p-code. The modified program is then transferred to a portable pager that is also capable of maintaining personal information and executing small software applications.

Abstract: A programmable crypto processing system (10) includes several processing resources (14, 16, 26) implemented on a single ULSI die. The processing system is both key and algorithm agile allowing for simultaneous execution of a variety of cryptographic programs through the use of background staging of the next program and context (key and state) during execution of a current program. The programmable crypto processing system includes a programmable crypto processor (17) for processing data units in accordance with a channel program, a crypto controller (11) for identifying a channel program, two interface processors (13, 15) for asynchronously receiving and transferring data units from and from an external host. Data units identify a particular channel program, and are processed in a selected processing engine in accordance the identified channel program.

Abstract: The crytographic system automatically and continuously changes the cipher equivalents representing plaintext characters so as to prevent any periodicity in the relationship. The system has a series of juxtaposed, rotatable, connection changing mechanisms to provide a large number of alternative paths for the passage of an electric current corresponding to a message character. Further, the system has parts for the irregular and permutative displacements of the members of a set of circuit changing mechanisms to thwart cryptanalysis.

Abstract: A computer implemented method provides access to processes and data using strengthened password. During an initialization phase, an access code is stored in a memory of a computer system. The access code is an application of a one-way hash function to a concatenation of a password and a password supplement. The size of the password supplement is a fixed number of bits. During operation of the system, a user enters a password, and the one-way hash function is applied to concatenations of the password and possible values having the size of the password supplement to yield trial access codes. Access is granted when one of the trial access codes is identical to the stored access code.

Abstract: A radio communication system supplied by a battery, comprising at least one emitter and a receiver. The receiver operates in an intermittent manner between an active mode and a stand-by mode. The receiver has a frequency of intermittent operation such that the time in the active mode is the shortest possible time. The emitter emits at least one short field to the receiver, this field comprising minimum information for the initialization of a communication such that the time for stabilization of the receiver is compatible with the time in the active mode.

Abstract: A method is disclosed for communicating a key recovery block from a sender to a non-enabled receiver, without the danger of throwing the receiver into an indeterminant state, and without modifying the receiver. The method uses an unmodified communications protocol that has a standard method to receive and acknowledge arbitrary data. The sender sends a message using the standard method for arbitrary data, and includes in the message the key recovery block. The receiver responds with a standard acknowledgment message. The method thereby enables an entity coupled to the link, to monitor the key recovery block, even though the receiver is not enabled to process it.