Abstract: A method for authentication of a computing device so that shares of a secret may be delivered, over a network that uses a communications protocol which does not require use of an address, and on which an authentication server is listening, comprising the steps of dividing the secret into a first share and a second share, or more; destroying the secret; transmitting the second share, together with a unique identifier, out of band to a pre-designated location; erasing the second share from the computing device; storing the first share at the computing device; broadcasting the unique identifier over the network; accepting a request over the network from an authentication server to initiate an authentication protocol; responding to the request; receiving the second share from the authentication server; and reconstructing the secret using the received second share and the stored first share.

Abstract: A method for encryption and sealing of a plaintext file by hashing the plaintext file to produce a plaintext hash, encrypting the plaintext file to produce ciphertext, hashing the ciphertext to produce a ciphertext hash, hashing the plaintext hash and the ciphertext hash to produce a result hash, and sealing the ciphertext together with the result hash. This provides verification for non-repudiation and protects against undetected malware corrupting the plaintext or ciphertext files.

Abstract: A method for secure remote authentication of a computing device over a network that uses a communications protocol which does not require use of an address, and on which one or more authentication servers are listening, comprising the steps of broadcasting a unique identifier over the network; accepting a request over the network from one of the one or more authorization servers to initiate an authentication protocol; responding to the request; receiving data necessary to complete a boot process; and completing a boot process using the received data.

Abstract: A portable encryption device with logon access controlled by an encryption key, with an on board cryptographic processor for reconstituting the encryption key from a plurality of secrets generated by a secret sharing algorithm, optionally shrouded with external secrets using an invertible transform resistant to quantum computing attacks. Another embodiment provides file decryption controlled by a file encryption key, with the on board cryptographic processor reconstituting the file encryption key from a version of the file encryption key which has been shrouded with a network authorization code. A method for encryption of a plaintext file by hashing, compressing, and encrypting the plaintext file, hashing the ciphertext, hashing the plaintext hash and the ciphertext hash, and sealing the ciphertext together with the resulting hash. A portable encryption device for performing the method is also disclosed.

Abstract: An integrated circuit (IC) card interface device with multiple modes of operation allows communications with numerous IC cards, including smart cards. An interface device according to the present invention can be used several different ways, including: connected to a host device (such as a person computer); in a standalone configuration; and as a flexible platform upon which future applications can be based, since it can be easily reprogrammed and upgraded. Programming mode enables the host device or the smart card itself to update or upgrade the programs available within the interface device. When being updated or upgraded, the source of the programming can be from a host device or from the smart card, adding further flexibility to the use of such an interface device.

Abstract: A method and system for deploying a suite of advanced cryptographic algorithms that includes: providing a legacy cryptographic interface that is associated with a legacy operating system and a legacy application, and supports a suite of legacy cryptographic algorithms; providing a suite of advanced cryptographic algorithms that includes one or more of an advanced asymmetric key algorithm, an advanced symmetric key algorithm, and/or an advanced hash function; providing an advanced cryptographic interface that is independent of the legacy operating system and the legacy application, backwards compatible with the legacy cryptographic interface, and capable of supporting the suite of advanced cryptographic algorithms; and transparently and automatically substituting the suite of advanced cryptographic algorithms for the legacy cryptographic algorithms through the invocation of the advanced cryptographic interface at the time of an initial performance of encrypting, hashing, digitally signing the hash of, decrypti

Abstract: A method provides a protected region of a data storage device associated with a computational device, where data in the protected region is primarily protected by preventing access without proper access authorization. The method comprises the steps of providing, in an unprotected region of the data storage device, a first operating system and associated operating system data; monitoring operating system data accessed by the computational device until a predetermined functionality becomes available; storing, in the protected region, the monitored operating system data; providing, in the protected region, a second operating system; transferring control of the computational device from the first operating system to the second operating system; storing data in the protected region; and preventing access to the stored data in the protected region without access authorization.

Abstract: The invention establishes a protected volume on a data storage device associated with a computational device by allowing an operating system of the computational device to boot up to a point (the volume conversion crossover point) at which predetermined functionality of the operating system becomes available, then establishing the protected volume. A copy of the operating system data (cleartext operating system data) that is accessed during boot up prior to the volume conversion crossover point (which can be known by monitoring and recording access to operating system data during boot-up) is stored in an unprotected region of the data storage device. A copy of the cleartext operating system data is also stored in the protected volume. After the protected volume is established, the computational device is reset, causing the operating system to boot up again.

Abstract: A licensing attribute certificate enables a trusted computing base to enforce access to a computing resource by a computer application. The licensing attribute certificate can contain enforcement data which limits the use of the computing resource. The licensing attribute certificate can also contain information allowing for the tracking of licensing data about the use of the computing resource. The use of a licensing attribute certificate to enforce access to a computing resource can allow products to be fielded which have their capability limited to a specific subset of functions. The enforcement data, the licensing data, and the data limiting the application to a specific subset of functions are cryptographically bound to the computing resource using a licensing attribute certificate according to the invention. Prior to allowing access to the computing resource by the computer application, a trusted computing base strongly authenticates that usage via the licensing attribute certificate.

Abstract: The invention enables a cryptographic device to be easily, securely and/or irreversibly customized to provide specified cryptographic functionality. For example, the invention can enable easy and secure modification (expansion, reduction or changing) of application code (which interacts with code stored on a cryptographic device) via the exposure of, for example, the mathematical primitive operations available on the cryptographic device. In particular, the invention can enable modification of available cryptographic operations at a relatively high level of programming abstraction, thus enabling such modification to be accomplished relatively easily. Further, the invention can enable the modification to be accomplished in a manner that does not necessitate or allow access by the application developer to other operations of the cryptographic device, thus providing security for the proprietary code and/or cryptographic keys of other persons or entities that may be present on the cryptographic device.

Abstract: A licensing attribute certificate enables a trusted computing base to enforce access to a computing resource by a computer application. The licensing attribute certificate can contain enforcement data which limits the use of the computing resource. The licensing attribute certificate can also contain information allowing for the tracking of licensing data about the use of the computing resource. The use of a licensing attribute certificate to enforce access to a computing resource can allow products to be fielded which have their capability limited to a specific subset of functions. The enforcement data, the licensing data, and the data limiting the application to a specific subset of functions are cryptographically bound to the computing resource using a licensing attribute certificate according to the invention. Prior to allowing access to the computing resource by the computer application, a trusted computing base strongly authenticates that usage via the licensing attribute certificate.

Abstract: A programmable policy module (PPM) allows a user to configure specific policy elements available from a software application, in order to meet a particular assurance level. The policy will then be enforced by the PPM to meet a target set of policy requirements. In one embodiment, the PPM provides the linkage between the certificate policy identified in an X.509 certificate extension, and the execution of a module that enforces the specific policy elements during the process of digital certificate registration. The PPM can execute at the Registration Authority (RA) in a Public Key Infrastructure (PKI), and can permit enforcement of the policy elements in the Certificate Policy (CP) which governs the operations of the RA.

Abstract: A compact key input apparatus interface includes a resistive element and a number of key contacts on the resistive element. The keys of a key input apparatus are disposed to provide electrical contact between a voltage source and the resistive element at a particular contact point when a corresponding key is depressed, such that a path from the voltage source to ground is made through the resistive element. The keys are arranged along the length of the resistive element so that the depression of any key provides a different conductive path to ground and therefore a different magnitude of current through the conductive path. A corresponding sense voltage measured at a sampling point provides a single-line input to a key decoder, which determines which key is depressed based on the level of the sense voltage.

Abstract: The invention mediates use of a computer resource by multiple events that seek to use the computer resource at the same time. In particular, the invention mediates such use by events that seek to use the computer resource at times that are not known until access to the computer resource is sought. Advantageously, the invention enables mediation of the use of a computer resource when typical operating system functionality provided for that purpose is ineffective. The invention allows work initiated by an event granted access to a resource to be completed by a different, interrupting event.

Abstract: The invention provides additional protection for data stored in a data storage device situated within a secure environment by using active erasure to erase the stored data when an intrusion into the secure environment is detected. Active erasure effects erasure of data in a data storage device much more rapidly than passive erasure, so that the erasure of data cannot be prevented by a tamperer before the data is erased. Active erasure also enables data to be rapidly erased without requiring use of a processor (and, in some cases, additional devices) to effect the erasure or other destruction of data, which use is relatively complex and expensive, can be disabled in some situations, and cannot guarantee destruction of data in situations in which insufficient power may be available to operate the processor. The invention has particular utility when used with a volatile data storage device that is situated within a secure environment and connected to a power supply.

Abstract: The invention enables a peripheral device to communicate with a host computing device to enable one or more security operations to be performed by the peripheral device on data stored within the host computing device, data provided from the host computing device to the peripheral device (which can then be, for example, stored in the peripheral device or transmitted to yet another device), or data retrieved by the host computing device from the peripheral device (e.g., data that has been stored in the peripheral device, transmitted to the peripheral device from another device or input to the peripheral device by a person). In particular, the peripheral device can be adapted to enable, in a single integral peripheral device, performance of one or more security operations on data, and a defined interaction with a host computing device that has not previously been integrated with security operations in a single integral device. The defined interactions can provide a variety of types of functionality (e.g.

Abstract: The invention enables a modular, typically portable, device to communicate with a host computing device to enable one or more security operations to be performed by the modular device on data stored within the host computing device, data provided from the host computing device to the modular device (which can then be, for example, stored in the modular device or transmitted to yet another device), or data retrieved by the host computing device from the modular device (e.g., data that has been stored in the modular device, transmitted to the modular device from another device or input to the modular device by a person). In particular, the modular device can include a security module that is adapted to enable performance of one or more security operations on data, and a target module that is adapted to enable a defined interaction with a host computing device. The target module can be embodied by any of a variety of modules having different types of functionality (e.g.

Abstract: The system and method of the present invention provides the support of high density removable media, such as CD-ROM or MO, to be used as a distributed media for storing data where access thereto is securely restricted. Through this system and method, the secure periodic distribution of several different sets of data information to the end user is achieved with access control selectively performed by at the user's site through communication with the billing/access center. User billing is based on the purchase of the decryption access codes as indicated by the access code attributes encoded on the media. Access code availability is further controlled by selectively providing for updates of decryption access codes.