Abstract: In a cryptographic system, the unlocking of secret keys on a user system is audited and correlated with other events that typically occur after the secret key is used to perform a cryptographic operation. Audit evidence of secret key cryptographic operations is recorded for later review and/or analysis, for use as stored evidence of unauthorized activity and/or for use in refuting false claims of repudiation of authorized activity. Some systems might also provide users with user activity reports that can alert a user to suspicious or unauthorized activity using that user's access.

Abstract: A user can securely enter a shared secret such as a pass code code, pass code or combination of symbols, in a generic computing environment, and deliver it securely to the recipient via an arbitrary network. As an example of such environment, pass code codes protecting an ATM card often need to be communicated to a bank's validation system. The pass code can be entered via a Web interface and delivered over the Internet via third-party network operators while never being exposed to intermediaries.