Abstract: A pseudorandom number generation circuit 2 whose generation timings of pseudorandom numbers vary randomly is disclosed. The pseudorandom number generation circuit 2 includes a clock generation circuit 4 which generates four kinds of clocks, a selection signal generation circuit 8 which generates selection signals randomly, a selection circuit 6 which selects either one of the four kinds of clocks based on the selection signals, and a linear feedback shift register (LFSR) 10 which carries out shift operation based on the clock selected by the selection circuit 6. The LFSR 10 generates a pseudorandom number in response to the selected clocks. Since the selection of the clock is carried out randomly by the selection signal generation circuit 8, the generation timings of the pseudorandom numbers generated by the LFSR 10 are also random.

Abstract: The invention provides an enciphering apparatus and method, a deciphering apparatus and method and an information processing apparatus and method by which illegal copying can be prevented with certainty. Data enciphered by a 1394 interface of a DVD player is transmitted to a personal computer and a magneto-optical disk apparatus through a 1394 bus. In the magneto-optical disk apparatus with which a change to a function is not open to a user, the received data is deciphered by a 1394 interface. In contrast, in the personal computer with which a change to a function is open to a user, the enciphered data is deciphered using a time variable key by a 1394 interface, and a result of the decipherment is further deciphered using a session key by an application section.

Abstract: A data encryption/decryption apparatus is disclosed which includes a controller coupled to an array of random data, an encryptor/decryptor and a plurality of encryption/decryption algorithms. The array of random data and the plurality of encryption/decryption algorithms are stored on an electronically readable media. The data encryption/decryption apparatus can encrypt and decrypt data, video, audio. The electronically readable media includes random access memory, read only memory, magnetic media, optical media, magneto-optical media, CDROM, digital video disk (DVD), hard disk, a remote computer memory storage location accessible via an electronic network such as a telephone system or a computer network, or any other electronically readable media method. The controller is responsive to a key code input to the controller. The controller determines a first computed address in the array of random data and a control data length.

Abstract: A security apparatus including a number input device (302), an address register (312) responsive to the number input device, an encryption schema memory (316) addressable by the address register to produce an output code and a relative address code, and address incrementing logic (310) responsive the relative address code and operative to increment the address register. The apparatus also preferably includes a PIN register (304) coupled to the number input device, a public code register (306) coupled to the number input device, and merging logic (308) merging outputs of the PIN register and the public code register to be input to the address register. The apparatus also preferably includes an output shift register operative to shift out the output code of the encryption schema memory. The encryption schema memory can be read only memory, writeable memory, or both.

Abstract: An enhancement to the use of a tbox function for CMEA encryption. Offsets are generated for application of the tbox function to a message, using secret values and previously encrypted message octets. The offsets are used to permute the message for application of the tbox function. For the first message of a call, the previously encrypted message octets are replaced by an initialization value. In a system employing a single iteration of CMEA encryption, first and second offsets are generated. In a system employing two iterations of CMEA encryption, first, second, third and fourth offsets are generated, with the first and second offsets being used in the first iteration of CMEA encryption and the third and fourth offsets being used in the second iteration of CMEA encryption.

Abstract: A rolling code producing method is provided which may be employed in a keyless entry system for automotive vehicles designed to compare a rolling code derived in a receiver installed in the vehicle and a rolling code derived in a portable transmitter to allow authorized access to the vehicle if both the rolling codes match. The rolling code producing method includes producing different rolling codes, in sequence, using an initial code variable according to a given algorithm and changing the initial code variable in response to insertion of an initial code variable memory card carried by a vehicle operator into the receiver.

Abstract: Multiple transform utilization and applications for secure digital watermarking. In one embodiment of the present invention, digital blocks in digital information to be protected are transformed into the frequency domain using a fast Fourier transform. A plurality of frequencies and associated amplitudes are identified for each of the transformed digital blocks and a subset of the identified amplitudes is selected for each of the digital blocks using a primary mask from a key. Message information is selected from a message using a transformation table generated with a convolution mask. The chosen message information is encoded into each of the transformed digital blocks by altering the selected amplitudes based on the selected message information.

Abstract: A rolling code transmitter is useful in a security system for providing secure encrypted RF transmission comprising an interleaved trinary bit fixed code and rolling code. A receiver demodulates the encrypted RF transmission and recovers the fixed code and rolling code. Upon comparison of the fixed and rolling codes with stored codes and determining that the signal has emanated from an authorized transmitter, a signal is generated to actuate an electric motor to open or close a movable barrier.

Abstract: The configuration procedure for an access code and for a security code is provided, comprising: providing references retaining element file that records the base checkerboard-like substrate, checkerboard-like substrates and the color substrates as a graphical image with a hierarchical layered structure arranged on the base substrate, assigning the digital elements to both the x- and the y-axes of the base substrate, assigning the digital elements assigned to the references retaining element on the base substrate perpendicular to the selected two retaining element to the selected two retaining element of the checkerboard-like substrate, configuring code based on the assigned digital elements and the prescribed priority order of the first and areal codes and at the time of the code configuration, recording the location of the retaining element, coaxially rotating the checkerboard-like substrates and color substrates with respect to base checkerboard-like substrate, whereby a new code is configured based on the

Abstract: A user sets n=0, his mail account A and password S, then computes V.sub.0 =E(A,S), W.sub.0 =E(A,V.sub.0), V.sub.1 =E(A,A.sym.1), W.sub.1 =E(A,V.sub.1) and M.sub.0 =E(W.sub.1, V.sub.0), and initially registers W.sub.0, W.sub.1, M.sub.0 and A by e-mail in a mail server. At a visiting site the user sends a service request and A to the mail server form an arbitrary terminal connected to the Internet, and the mail server reads out the authentication session number n corresponding to the identifier A and sends it back to the user. The user computes V.sub.n-1 =E(A,S.sym.(n-1)), V.sub.n+1 =E(A,S.sym.(n+1)), W.sub.n+1 =E(A,V.sub.n+1). V.sub.n =E(A,S.sym.n) and M.sub.n =E(W.sub.n+1, V.sub.n) and sends V.sub.n-1, W.sub.n+1 and M.sub.n to the mail server. The mail server computes E(A,V.sub.n-1) and E(W.sub.n, V.sub.n-1) and if they agree with preregistered W.sub.n-1 and M.sub.n-1, respectively, the mail server accepts the user as valid and sends a mail message of the user.

Abstract: The security method is associated with an authentication method comprising steps of obtaining a calculated result from a random number subjected to a secret key algorithm, the security method includes steps of calculating a test result from a reference random number subjected to the secret key algorithm, of comparing the test result with a reference result, and of ensuring that the calculated result is transmitted only when the test result is identical to the reference result.

Abstract: An encryption system and method utilizes a bit stream, called a "master signature", which is divided into bytes with each byte being assigned a byte address. A portion of the master signature, called an "access signature" is randomly selected to encode the message to be transmitted. Both a sender and a receiver have the same access signature. The particular portion of the access signature to be used to encrypt and decrypt a message is identified at the sender by identifying the address of the first byte in this portion of the access signature and the number of bytes sequentially related to this first byte which together with the first byte will be used to encode the message to be transmitted. This information is sent to the receiver. Thus, using this information, the sender can encrypt and the receiver can decrypt the message using the same portion of the access signature.

Abstract: A method and system allows encryption services can be added to an existing wireless two-way alphanumeric pager network by providing a pager proxy which is arranged to receive an encrypted message from a sending pager and re-packages it for re-transmission to the destination pager. The sending pager encrypts the message using a session key, and encrypts the session key so that it can only be recovered by a secret key of the pager proxy. The pager proxy, upon recovery of the session key, decrypts the message, generates a new session key, re-encrypts the message, and encrypts the new session key so that it can only be recovered by a secret key of the destination pager. Encryption of the session key can either be carried out by shared secret key encryption or encryption of the session key by a public key corresponding to a private key of the pager proxy or destination pager.

Abstract: A method and apparatus for a unique digital signature is provided. According to one aspect of the invention, a unique digital signature comprises an adapted digital signature and a service id. The adapted digital signature provides temporary or restricted privileges for a particular electronic service. In one embodiment, the electronic service is electronic message forwarding. In another embodiment, the electronic service is electronic media delivery. An authentication log file is maintained for recording status information concerning unique digital signatures.

Abstract: A method and system for authenticating between a user or client and a network access entity such as a server or another client using an IC card. The method includes a step of executing an initial authentication using the IC card when the user first communicates with the network access entity, a step of commonly holding authentication information in both the user and the network access entity if the initial authentication achieves success, and a step of executing a re-authentication using the commonly held authentication information without using the IC card when the user communicates again with the same network access entity within a predetermined period of time after the last authentication.

Abstract: Both of a user side and a protect side such as a programmer of an application programmer need not handle a large number of inherent information such as authentication keys. An access ticket generation device generates an access ticket from user unique identifying information and access rights authentication feature information. As unique security characteristic information, there is used a secret key of an elliptic curve encryption or an ElGamal encryption. A proof data generation device receives the access ticket, converts authentication data received from a proof data verification device into proof data by use of the access ticket and the user unique identifying information, and returns the resultant proof data to the proof data verification device. The proof data generation device or the proof data verification device decrypts the above-mentioned encryption.

Abstract: The present invention provides a signing apparatus used for signing by a user on usage information of a source provided in a format made available by the use of key information. The apparatus includes a unit for generating the usage information which is to be signed, a unit for performing a first computation by utilizing the key information which has been encrypted and the usage information, a unit for performing a second computation by utilizing a user's private key and a result of the first computation. The apparatus further includes a unit for performing a third computation by utilizing a result of the second computation, and thereby generating the key information which has been decrypted and a result of the computation performed on the usage information by utilizing the user's private key. The apparatus further includes a unit for making the source available by utilizing the decrypted key information.

Abstract: A call contact platform (CCP) is provisioned with handles that belong to call recipients. Each recipient can have any number of handles in the CCP and each handle is associated with conditions under which a call employing the handle may be established. Specifically, when a party supplies a handle to a telecommunication network (previously given to the party by the call recipient), the network contacts the CCP and interacts with it as required in conformance with stored instructions. If appropriate, the CCP instructs the telecommunication network to establish a connection. A recipient can also give a party a handle that includes a message, where the handle is not prestored in the CCP. After the network contacts the CCP, the party provides the message, the CCP extracts instructions from the message, or retrieves instructions with the help of the message, and, as before, causes the telecommunication network to establish a connection, if appropriate.

Abstract: A method and system are provided for secure document delivery over a wide area network, such as the Internet. A sender directs a Delivery Server to retrieve an intended recipient's public key. The Delivery Server dynamically queries a certificate authority and retrieves the public key. The public key is transmitted from the Delivery Server to the sender. The sender encrypts the document using a secret key and then encrypts the secret key using the public key. Both encrypted document and encrypted secret key are uploaded to the Delivery Server, and transmitted to the intended recipient. The intended recipient then uses the private key associated with the public key to decrypt the secret key, and uses the secret key to decrypt the document. In an alternative, equally preferred embodiment of the invention, the sender uses the public key to encrypt the document. In yet another embodiment, the server transmits the document to the Delivery Server for encryption.

Abstract: A secure electronic monetary transaction system (SEMTS) provides absolute security for electronic financial transactions. These transactions can be of any kind provided they are numeric in content and of known length. The SEMTS encrypts and decrypts source numeric data using a private, numeric key known only by both parties in the transaction. The secure distribution of these keys will be under the same methods that the financial institutions use to distribute the original source data such as credit cards, account numbers, etc. The system uses nine simple, open formulas for translating source numbers into encrypted cipher numbers. These formulas return every possible value, except the input value, and are completely dependent on the key. Because there are no hidden parts, the architecture of the SEMTS is completely available to anyone in the public sector. This open architecture makes stealing the cipher numbers worthless. The only way to break a number is to know the key.