Abstract: A method and apparatus of encrypting optical images and storing these images in memory using random phase encoding is presented. The encryption technique uses random phase encoding in both the input plane and the Fourier plane. Each image is encrypted and can be read out by a unique code or a universal code. The image to be encrypted is first multiplied by a random phase function. The Fourier transform of the product of the image and the random phase function is then multiplied by another random phase function in the Fourier domain. Taking the inverse Fourier transform, an encrypted image in the output plane is obtained. Each encrypted image can be stored in optical memory. The encryption process of the present invention can be done optically or electronically with one or two dimensional functions for encryption. Further, the image can be phase encoded (optically or digitally) prior to the encryption process, with a phase reading technique employed to obtain the original decrypted image.

Abstract: In a method for implementing traceable electronic cash, a user US sends a bank BK a product N of prime numbers P and Q, a prime number L and his real name ID.sub.U, and the bank BK generates a pseudonym I corresponding to the real name ID.sub.U and keeps the correspondence between the real name ID.sub.U and the pseudonym I secret. The bank BK uses a signature function .OMEGA.=D.sub.eB (N,L,I) to attach a signature to information composed of the above-mentioned N, L and I and sends the user US the signed information .OMEGA. as information containing a license B. The user US generates authentication information X from the N and a random number R and sends the bank BK information Z obtained by performing blind signature preprocessing on information (X,B) with a function F.sub.eC and has the information Z signed by the bank BK with a signature function D.sub.eC (Z) to obtain electronic cash C.

Abstract: A method is disclosed for establishing trusted communications with associations for communications between users on an Internet Protocol based computer network. The method entails the first user determining the Internet Protocol (IP) address of a second user on the computer network through the use of Address Resolution Protocol (ARP) and Reverse Address Resolution Protocol (RARP). The first user then determining the accessability of the second user on the computer network. The users exchange security related information needed to complete the establishment of a trusted association. The trusted association is maintained during all communications between the first user and the second user.

Abstract: A programming apparatus that authenticates the contents of driver licenses having both human recognizable information and machine readable information is disclosed. The contents of the driver licenses are verified without encountering any human error. The verified contents of the driver licenses may be transferred to a remote computer for other identification purposes such as preordained organ donors or possible criminal prosecution.

Abstract: A cryptographic process is for protection against fraud. An allocation of a secret key K is made to a card and to an application and an input value R is defined. The card and application calculate the modulo 2 scalar product of binary vectors constituted by words of R and words of K. The application checks whether the result obtained by the card is in agreement with its own result. An exemplary application is low cost cards.

Abstract: Apparatus and a method for generating a digital synthesized Gaussian noise-like waveform that may be used to modulate and demodulate communication data. The present invention uses a seed input that addresses a read only memory look-up table, for example, containing digital samples having Gaussian statistics. A sequence generator generates a pair of pseudo-random sequences in response to the seed input that address the read only memory to look up and output a pair of pseudo-random Gaussian samples that are used to generate the Gaussian noise-like waveform. A processor converts the pair of pseudo-random Gaussian samples into corresponding analog I and Q signals, and a modulator 33 modulates the analog I and Q signals to generate a modulated output signal having the Gaussian noise-like waveform.

Abstract: A method and apparatus for descrambling data that is characterized by shift registers that realize an operation of generating polynomial and that have a ring-shaped structure that realizes plural and continuous operation. The method and apparatus further includes an initial value setting means for setting initial values in m shift registers; after setting the initial values, shifting the initial values while synchronizing the initial values with input clocks, and outputting the exclusive OR of data which is input while being synchronized with clocks and the lowermost latch outputs. Scrambled data with a byte is treated as a unit by using an exclusive OR circuit block.

Abstract: In order to give restriction to use of apparatus by children or minor persons or the like, a password is previously registered and when the power switch is turned on, a user inputs the password from the second remote controller. The controller controls the apparatus to turn on the image input switch SW only when the inputted password is matched with the registered password. Moreover, the controller displays, when the predetermined period has passed from initiation of image display, a warning for health of eyes on the liquid crystal display means and continues image display only when the will for continuous display such as repeated input of the password is indicated.

Abstract: An electronic signature is generated in a predetermined manner and attached to a transferable unit of write data, to facilitate authenticating the write data before allowing the write data to be written into a protected non-volatile storage. The write data is authenticated using a collection of secured authentication functions. Additionally, the actual writing of the authenticated write data into the protected non-volatile storage is performed by a secured copy utility.

Abstract: A form of authentication is provided wherein a trusted third party signs a certificate to identify the author of a program and to secure its integrity. The program code is encapsulated or otherwise associated with the certificate and an access control list (ACL). The access control list describes the permissions and resources required by the code. An enforcement mechanism which allocates system permissions and resources in accordance with the ACL. In a preferred embodiment, a code production system communicates with a certification agency, which is a trusted third party. The certification agency issues a certificate for the code and a certificate for the access list of that code. Once the certificate is issued it is not possible for any party to modify the code or access list without invalidating the certificate. The code and its ACL, along with their certificates are stored on a server.

Abstract: A 6-digit decimal input value A and a previously prepared 6-digit decimal extension fixed value L are substituted in an extension function f, thereby extending the input value A to a 12-digit decimal value f(A,L). This extended value f(A,L) is bit-agitated with a bit agitation key R. Further, a value C obtained by the bit agitation processing is substituted in a reduction function g, thereby obtaining a 6-digit decimal output value B. Thus, the input value A is extended by the extension processing to be thereafter subjected to the bit agitation processing, whereby safety of secret information can be improved without increasing the number of digits of the input value A. Further, the value obtained by the bit agitation is thereafter reduced, whereby the output value B can be reduced to a number of digits which is applicable to the human memory. Thus, a bit agitator is obtained which is safer than a conventional one and has an excellent user interface.

Abstract: The integrity of a group of secure processing elements in a communication system is ensured with a validation scheme. Member elements are checked by adjacent members to determine whether a member has been tampered with or operatively removed from a group. If a member is found to be untrustworthy, propagation of group characteristic information to that member will be halted. The group characteristic information defines the group, and is required by each group member in order to function. The untrustworthy member is therefore effectively exiled from the group. An efficient network topology minimizes inter-member message traffic while maintaining group robustness.

Abstract: A copyright control system for performing access control to copyright digital information. The copyright control system is equipped with an encryption/decryption hardware 11 which accepts encrypted copyright digital information from an option hardware 6 or an FDD unit 3 through a sub-data bus 23. The encryption/decryption hardware 11 decrypts the encrypted digital information using a decryption key obtained from a copyright control center for primary utilization of the encrypted digital information and inputted from an CPU 1.

Abstract: The present invention provides a subscriber registration and authentication method which secures high safety and by which necessary circuit scale is small.

Abstract: In this system parties have network access to a network secure communications gateway which stores the current encryption/decryption algorithms and keys for parties registered with the network secure communications gateway. For party A to send an encrypted message to party B, party A encrypts the message using party A's secret key and encryption algorithm, copies of which are stored at the network gateway Party A sends the encrypted message, addressed to party B, initially to the gateway. The gateway decrypts the message, using party A's secret key and algorithm, and then encrypts the decrypted message using party B's secret key and algorithm. Finally, the gateway forwards the re-encrypted message to party B, where B decodes it using B's secret key and algorithm. The secure communications gateway periodically changes client keys (or algorithms and keys) to provide additional system security.

Abstract: Methods and apparatus are disclosed for providing secure session key distribution using a smart circuit card or other intelligent device. First and second hosts communicate with each other and with a server over a communication network. The first host initiates the session key distribution process by transmitting a session identifier to the server. The first host uses a first smart card storing the first host secret key to generate a first message in the form of a random bit stream which is transmitted to the second host. The server generates a second message as a function of the server secret key and the session identifier, and transmits it to the first host. The second host uses a second smart card storing the second host secret key to generate a third message as a function of the second host secret key and the first message, and transmits the third message to the first host.

Abstract: The method generally includes the steps of receiving (201) a message (100) comprising a message indicator (101) and a plurality of encrypted blocks (103 through 111). When at least one block of the plurality of encrypted blocks is received with error, a second message is transmitted (215), which second message requests a retransmission of the at least one block. Upon receiving the retransmission of the at least one block without error, a keystream is generated (219) from the message indicator and the at least one block is decrypted using the keystream.

Abstract: A system and method in which a transponder (14) is operable to transmit an original user account balance to an interrogator (12), which in turn calculates a revised user account balance and transmits the revised user account balance to the transponder (14). In one embodiment of the invention, the transponder (14) is further operable to transmit a verification user account balance back to the interrogator (12), which then compares verification user account balance to the revised user account balance that was earlier calculated and stored in an interrogator memory.

Abstract: The present invention relates to an electronic module used for secure transactions. More specifically, the electronic module is capable of passing encrypted information back and forth between a service provider's equipment via a secure, encrypted technique so that money and other valuable data can be securely passed electronically. The module is capable of being programmed, keeping track of real time, recording transactions for later review, and creating encryption key pairs.

Abstract: A code mechanism is provided in an integrated circuit for identifying the integrated circuit such as by serial number or for use in enabling the circuit and equipment housing the circuit. Fuses, antifuses, and programmable field effect transistors are used in an array for establishing a code. The code can be established by loading a register through the array and then reading the register. Alternatively,the contents of the register can be compared with a code provided by a user to enable the circuit. In another embodiment, a ROM is loaded with a table of encryption keys, and a user addresses the ROM by loading an address in a register or in a RAM.