Abstract: The present invention prevents code breaking of an important text or data even if a plain text and a cipher text are wire-tapped. An identifier judgment circuit judges whether data (a plain message) created by a user contains an identifier such as “>”. If such an identifier is detected, the text or data specified by that identifier is supplied to a first encryption circuit, and the rest of the text or data is supplied to a second encryption circuit. The first encryption circuit enciphers the text or data using a first algorithm and supplies the enciphered data to a transmission circuit. The second encryption circuit enciphers the text or data using a second algorithm and supplies the enciphered data to the transmission circuit. The transmission circuit transmits the enciphered data through the Internet to another server.

Abstract: A secret communication and authentication scheme based on a public key cryptosystem in which a decryption speed is improved while maintaining a security level. In the RSA type secret communication, a plaintext is expressed in a form of a k-digit base n number and a ciphertext is obtained by applying a calculation using the first public key n and the second public key e to the base n number and transmitted. Then, from the received ciphertext, a lowest digit of the base n number is decrypted by using the first public key n and the second secret key d, upper digits of the base n number are sequentially decrypted by using a decrypted value of the lowest digit of the base n number at the receiver side, and the plaintext is recovered by using decrypted values of respective digits of the base n number. The Rabin type secret communication can also be realized by the similar scheme.

Abstract: A method is provided for an escrow cryptosystem that is overhead-free, does not require a cryptographic tamper-proof hardware implementation (i.e., can be done in software), is publicly verifiable, and cannot be used subliminally to enable a shadow public key system. A shadow public key system is an unescrowed public key system that is publicly displayed in a covert fashion. The keys generated by the method are auto-recoverable and auto-certifiable (abbrev. ARC). The ARC Cryptosystem is based on a key generation mechanism that outputs a public/private key pair, and a certificate of proof that the key was generated according to the algorithm. Each generated public/private key pair can be verified efficiently to be escrowed properly by anyone. The verification procedure does not use the private key. Hence, the general public has an efficient way of making sure that any given individual's private key is escrowed properly, and the trusted authorities will be able to access the private key if needed.

Abstract: A method of generating and verifying a digital signature by selecting an elliptic curve; selecting a point G; generating x and M; reducing x; generating a base tau expansion, in non-adjacent form, of the reduced x; multiplying G by the expansion; computing h=Hash(M); generating k; reducing k; generating a base tau expansion, in non-adjacent form, of the reduced k; multiplying G by the expansion of k to form K=(Kx,Ky); computing R=(Kx mod q); returning to the step of generating k if R=0, otherwise computing S=(k{circumflex over ( )}−1)(h+xR); returning to the step of generating k if S=0, otherwise transmitting y, q, M, R, and S; receiving y, q, M, R, and S; proceeding with the next step if 0<R<q and 0<S<q, otherwise not verifying the digital signature and stopping; forming h=Hash(M); computing f=((S{circumflex over ( )}−1) mod q), b=(hf mod q), and t=(Rf mod q); reducing b and t; generating a base tau expansion,

Abstract: The present invention is a Weight Verification Device (WVD) that stamps a weight transaction record with a digital signature so that transaction data may be verified at a later time. The WVD is an Application Specific Integrated Circuit (ASIC) device that is installed in a sealed digital weight indicator. When a vehicle is weighed using this digital weight indicator, a weight transaction record is stamped with a digital signature and stored in a computer. The WVD may be used to confirm that the inbound and outbound weights and the date and time are accurate, that the transaction data have not been tampered with, and that the transaction as a whole has not been modified in any way since the time the transaction record was created. The digital signature stored with the transaction data is based on a secure hash of the transaction data and a “private” key belonging to an inspector from the Weights and Measures Department or a designated representative.

Abstract: A method of cryptographic key exchange by two users agreeing on an elliptic curve of the form y2+xy=x3+ax2+1, where “a” is a member of a field F2, where the elliptic curve is defined over a field F2m, where m is an integer; agreeing on a point G as the base point of the elliptic curve, where the point G is of order q, and where q is an integer; generating a private integer xA by a first user; reducing xA by mod (&tgr;m−1) in the form of w+z&tgr; by the first user; generating a base tau expansion, in non-adjacent form, of the modular reduced xA by the first user; multiplying G by the base tau expansion of the modular reduced xA; transmitting the product to the second user; receiving, by the first user, a value yB from the second user that is based on a private integer xB of the second user, where the received value is computed in a similar manner as was the product transmitted to the second user; multiplying, by the first user, xA by the value received from the seco

Abstract: A multi-stage login procedure and system involves a first stage in which a login ID and a public key (encrypted) is transmitted from a client computer to a server computer and a key-exchange key (encrypted) is provided from the server computer to the client computer. In a second stage, a first split symmetric key and a server authentication string is generated and encrypted by the client computer and then transmitted to the server computer. In addition, the server computer generates a second split symmetric key and combines the same with the first split symmetric key to obtain a complete symmetric key for encrypting further communications from the server to the client computer. The server also generates a client authentication string, encrypts the same and transmits the encrypted string, the server authentication string (encrypted and incremented) and the second split symmetric key (encrypted) to the client computer.

Abstract: An authentication system is disclosed that includes at least one station and a host. Each station having a memory for storing a plurality of authentication items. An authentication control element, such as a key, is constructed from a part of the authentication items which is selected for each message. An authenticator authenticates the message substantially under the control of the authentication control element constructed for the message. The authenticated message is sent to the host. The host having a memory for storing the authentication items of each station. The authentication control element is determined from the received authenticated message. A verifier is used for, under control of the authentication control element, verifying the authenticity of the received message.