Abstract: The apparatus includes a photon pair source for generating a photon pair that contains a signal photon and an idler photon and correlates with the generating time, photon detectors for detecting a incidence of idler photons, a clock generator, a gate device controller for generating signals for opening or closing a gate device in a frequency lowering a specific number of times within a specified time defined by the clock, and a gate device for opening or closing the gate in response to the signals from the gate device controller.

Abstract: The invention is a cryptographic system using chaotic dynamics. A chaotic system is used to generate a public key and an adjustable back door from a private key. The public key is distributed and can be used in a public key encryption system. The invention can also be used for authentication purposes. The adjustable back door of the invention can be used in conjunction with the public key to derive the private key. The degree of difficulty involved in deriving the private key is dependent on the adjustable back door. That is the value of the back door can be adjusted to vary the difficulty involved in deriving the private key.

Abstract: Methods and apparatus for enhanced CMEA, or ECMEA, processing. A forward ECMEA and a reverse ECMEA process are provided. The forward ECMEA process decrypts text encrypted by the reverse ECMEA process and the reverse ECMEA process decrypts text encrypted by the forward ECMEA process. The forward ECMEA process employs a first transformation, an iteration of the CMEA process, and a second transformation. The reverse ECMEA process employs a first inverse transformation, an iteration of the CMEA process, and a second inverse transformation. The transformations and inverse transformations, and the iterations of the CMEA process, employ secret offsets to improve security. The transformations and the iteration of the CMEA process also employ an enhanced tbox function using an involutary lookup table.

Abstract: A method controllably encrypts data to be transmitted over a communication path between a data source and data receipt by passing data to be transported over the communication path through a first of respectively different encryption operators to produce a first encrypted data stream. This is then passed through a second selected one of respectively different data encryption operators to produce a compound encrypted output data stream that is an encryption of the first encrypted data stream.

Abstract: A Non-Volatile Memory circuit operating as an interface between a key loader and an encryption device. The Non-Volatile Memory circuit includes a microcontroller which stores a crypto key and checkword and a backup crypto key and checkword. The microcontroller is connected to the telemeter transmitter for a missile allowing the micrcontroller to turn off the transmitter during a key load which prevents transmission of the crypto key and checkword. When the microcontroller completes a load of the crypto key to the encryption device and upon a launch of the missile, software within the microcontroller erases the crypto key and checkword from an internal EEPROM. This prevents an enemy force from retrieving the crypto key and its corresponding checkword from the missile after launch.

Abstract: A data transmit/receive unit receives encrypted digital data distributed through an electronic music distribution system and records the digital data on a primary recording medium. Digital data have been encrypted in different encryption systems according to the distributers, and include attribute information indicating the encryption systems. The encryption system of digital data that has been extracted by a data extraction unit is judged by a judging unit and decrypted by an appropriate decryption unit. An inherent information obtaining unit obtains the identification information of a secondary recording medium or a playback apparatus according to whether the secondary recording medium can be removable from the playback apparatus. An encryption system designation unit selects one out of a plurality of encryption units according to the obtained identification information. The selected encryption unit creates a encryption key according to the identification information and encrypts the digital data.

Abstract: The encryption method disclosed is based on charting a path on a graph, where the graph is the encryption key. The plaintext expresses that path through a sequence of graph vertices, and the ciphertext expresses the same through a sequence of edges between these vertices. There are numerous ways to construct the graph to match a choice of plaintexts with a single ciphertext.

Abstract: The system includes a server coupled via a computer network to a client. Upon receiving a request for access, the server sends an authentication applet to the client. The authentication applet includes a user identification (ID) module for obtaining a user ID and a password module for obtaining a client password. The authentication applet also includes a response generator coupled to the password module for using the client password as a variable in an algorithm to compute a client response. The authentication applet further includes a communications module coupled to the response generator and to the user ID module for sending the client response and the user ID back to the server for verifying the response and authenticating the user. The client uses an applet engine to execute the applet. The server uses the user ID to retrieve user information, and uses the user information as a variable in an algorithm to generate a verification response.

Abstract: An information processing system providing archive/backup support with privacy assurances by encrypting data stored thereby. Data generated on a source system is encrypted, the key used thereby is separately encrypted, and both the encrypted data and encrypted key are transmitted to and maintained by a data repository system. The repository system receives only the encrypted data and key, while the source system retains the ability to recover the key and in turn, the data. The source system is therefore assured of privacy and integrity of the archived data by retaining access control yet is relieved of the physical management of the warehousing medium.

Abstract: A method and apparatus is disclosed that documents and authenticates cap removal data. According to a first aspect of the present invention, the apparatus measures a parameter indicative of the number of times that a cap has been removed by a user. The apparatus also encodes at least the parameter indicative of the cap removal data, thereby deriving encoded cap removal data. The apparatus outputs the encoded cap removal data to a user. According to a second aspect of the present invention, another apparatus receives the encoded cap removal data and decodes it to authenticate the cap removal data.

Abstract: A node device for providing secure communication services over a data network, such as the Internet or another public or private packet switched network, to multiple computers that are coupled through the node device and multiple other node devices. The node device includes a network communication interface for coupling the node device to the data network. The node device includes a data storage containing cryptographic information including information that is unique to the node device. The node device also includes a tunneling communication service coupled to the network interface configured to maintaining an encrypted communication tunnel with each of multiple other node devices using the cryptographic information. For example, the encrypted communication tunnels are implemented using the IPsec or PPTP protocols. The node device includes a routing database for holding routing data and a router coupled to the tunneling communication service and to the routing database.

Abstract: Methods, systems, and devices are provided for securely updating private keys, key pairs, passwords, and other confidential information in a distributed environment. A transaction is created including appropriate encrypted soft-token content, and then transmitted to a new location. Comparisons are made to determine whether the new soft-token content should be recognized as authentic and entered at the new location. Updates are accomplished without ever sending the plain text form of a key or a password across the wire between the distributed locations.

Abstract: A method and system of protecting content by ensuring a secure boot of a processor environment. A processor is coupled to a certification unit which may include a decryption engine and a one-way hash unit. The certification unit is employed to ensure that only certified software is permitted access to memory containing content and that only certified software may access a content bit stream such as may flow across a 1394 serial bus from a digital video disk player. By preventing access by uncertified software, the risk of a personal computer being used as an instrumentality of piracy is reduced.

Abstract: A method for ciphering multimedia includes the entering of an ciphering index in a definition data block of the multimedia data, this index pointing to an ciphering algorithm which is to be used. In response to the ciphering index in the definition data block one of a plurality of ciphering algorithms is selected. The multimedia data are ciphered using the selected ciphering algorithm. Various additional entries in the definition data block which is assigned to the multimedia data permit the clearing or enabling of a deciphering device, rapid access to a database of ciphered multimedia data and a customer- and data-specific use of the multimedia data while taking copyright aspects into account.

Abstract: The invention relates to a method of encrypting and decrypting information using a public key and a secret key. The invention is characterized in that the secret key consists of two very large primary numbers while the public key consists of the product of both primary numbers and a permutation polynomial.

Abstract: In a pay broadcasting system, data of a broadcast program is scrambled with a scramble key updated in a short period. The scramble key is encrypted with a first key assigned to the subscriber terminal. The first key is encrypted with a first master key set in the subscriber terminal. The security of a broadcast program stored for subsequent use in the subscriber terminal is enhanced as follows. A central station generates a second key-encrypted scramble key by encrypting the scramble key with a second key different from the first key and changeable in an interval shorter than a update interval of the first key; generates an encrypted second key by encrypting the second key with a second master key which has been commonly issued to subscriber terminals of the system; and broadcast the second key-encrypted scramble key and the encrypted second key together with the scrambled data of the program, the first key-encrypted scramble key and the encrypted first key in a multiplexed manner.

Abstract: A secure communication platform on an integrated circuit is a highly integrated security processor which incorporates a general purpose digital signal processor (DSP), along with a number of high performance cryptographic function elements, as well as a PCI and PCMCIA interface. The secure communications platform is integrated with an off-the-shelf DSP so that a vendor who is interested in digital signal processing could also receive built-in security functions which cooperate with the DSP. The integrated circuit includes a callable library of cryptographic commands and encryption algorithms. An encryption processor is included to perform key and data encryption, as well as a high performance hash processor and a public key accelerator.

Abstract: A secure communication platform on an integrated circuit is a highly integrated security processor which incorporates a general purpose digital signal processor (DSP), along with a number of high performance cryptographic function elements, as well as a PCI and PCMCIA interface. The secure communications platform is integrated with an off-the-shelf DSP so that a vendor who is interested in digital signal processing could also receive built-in security functions which cooperate with the DSP. The integrated circuit includes a callable library of cryptographic commands and encryption algorithms. An encryption processor is included to perform key and data encryption, as well as a high performance hash processor and a public key accelerator.

Abstract: A facsimile apparatus is provided with changeover means that makes it possible to pass signals through or to bypass a coder, which encrypts transmission information, and a decoder, which decodes encrypted information that has been received. Whether or not a facsimile apparatus belonging to another party has an encrypting/decoding processing function is verified by a pre-procedure signal. If the other party's apparatus possesses an encrypting/decoding processing function, control is performed in such a manner that encrypting/decoding processing is applied solely to an image signal and a training-check signal transmitted before transmission/reception of the image signal, and encrypting/decoding processing is not applied to a procedure signal which accompanies transmission reception transmission/reception of the image signal.

Abstract: Methods and apparatus for providing location certificates to certify the position or location of an object are disclosed. The position of the object is computed using radio signals and the secure transmission of the computed position is achieved using public key encryption techniques.