Abstract: The security method is associated with an authentication method comprising steps of obtaining a calculated result from a random number subjected to a secret key algorithm, the security method includes steps of calculating a test result from a reference random number subjected to the secret key algorithm, of comparing the test result with a reference result, and of ensuring that the calculated result is transmitted only when the test result is identical to the reference result.

Abstract: A crypt key system for decrypting encrypted data for use, by a permit key including a decryption key, comprising a database/charging center, a broadcasting station, a receiving device and a communication device. The permit key is supplied to the broadcasting station in advance from the database/charging center. The permit key is broadcast from the broadcasting station. The receiving device receives the permit key via the broadcast. A request for use is executed to the database/charging center via the communication device. The database/charging center transmits the encrypted data via a communication line to the communication device and charges a fee. The communication device decrypts the encrypted data with the permit key received by the receiving device.

Abstract: The present invention provides a process for managing data copyright in the case when a primary user produces new data by editing a plurality of original data which have been supplied from data broadcasting, a recording medium or a database, and supplies the new data to a secondary user. A public-key and a private-key of the primary user, and a first secret-key and a second secret-key of the original data, each of which is controlled by a copyright management center, and an edit program are used. The primary user, who is supplied a plurality of original data encrypted by each first secret-key thereof, decrypts the plurality of original data by each of the secret-keys and produces new data using the edit program. The primary user re-encrypts the new data by the second secret-key of each original data, respectively. The re-encrypted data is supplied to the secondary-user, together with editing process data which includes a digital signature generated using the private-key.

Abstract: A system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.

Abstract: A process is described in which a user enters ID and password information at a network client computer terminal. This information is combined with an asymmetric key stored in a persistent storage directly accessible to the client's computer terminal. This "combined" information is communicated through a communication network to one or more server computers for authentication of the client. A similar identification and authentication process may be used to authenticate the server computer. Upon authentication of the client, the server provides the client computer with three symmetric keys, in encrypted format. The first key is for encrypting and decrypting persistent information associated with the client computer's control program. The second key is used to encrypt and decrypt persistent information associated with the login ID. The third key is used to encrypt and decrypt communication between the client computer and the server computer.

Abstract: An automatic toll adjusting system enables a user to voluntarily select a toll payment system with use of a storage medium carried by each user and storing adjustment information necessary for toll adjusting therein. Information is exchanged with the storage medium in radio communication at a first predetermined frequency at a toll adjusting gate employing a first toll payment system to automatically adjust a toll in the first toll payment system. At a toll adjusting gate employing a second toll payment system, information is exchanged with the storage medium in radio communication at a second predetermined frequency to automatically adjust a toll in the second toll payment system. This system is applicable to a system for automatically adjusting a fee or charge such as a toll for a toll road.

Abstract: Systems and methods for editing broadcast programming signals which allow a user to compile a proprietary signal tailored to the user's individual preferences are provided. Systems of the present invention include a receiver for receiving a broadcast programming signal in any broadcast format, a database memory having identification signals stored therein, a comparator for comparing portions of the broadcast signal with the identification signal in order to select those portions of the broadcast programming signal to be recorded, a data processor, and a compression buffer for storage of the selected broadcast programming signals.

Abstract: An encoding technique of the invention protects software programs and hardware designs from being copied, tampered with, and its functions from being exposed. The software programs and hardware designs (collectively called programs) thus encoded still remain executable. The encoding technique employs the concept of complexity of programs and produces proximity inversion in terms of functions contained in the programs, while preserving the behaviors. Various embodiments are possible to achieve this encoding which includes, for example, cascading and intertwining of blocks of the programs.

Abstract: The present invention consists of a method and apparatus for authenticating an electronic document. In one embodiment of the invention, a party wishing to digitally sign an electronic document (the "client") stores the unsigned electronic document, and the client's public and private keys, on transportable storage media such as a floppy disk. The client conveys the storage media to an authorized electronic document authenticator. An authorized electronic document authenticator is an individual or enterprise that has access to the apparatus of the present invention or that has been authorized to use the method of the present invention. The client presents identity documents to the authenticator to verify the client's identity. The client digitally signs the electronic document in the presence of the authenticator. The authenticator verifies the digital signature using the public key provided by the client.

Abstract: A transmitted signal is enciphered or concealed to thereby prevent interference, even when data indicative of the receiver terminal is made public because of the use of a common access channel. In the transmitter, in a random-number bit adder 6, a random-number .alpha. (digital signal) generated by a random-number generator 5 is inserted into a transmitting data signal DA generated by a transmitting data generator 1, and the resultant is outputted as a signal (DA, .alpha.). An encipherment processor 2 enciphers the signal (DA, .alpha.) and outputs it as a signal (DA, .alpha.)'. In the receiver, this signal (DA, .alpha.)' is deciphered into (DA, .alpha.), and the random-bits .varies. are removed from (DA, .alpha.) to restore the signal DA.

Abstract: A cryptography system improves the decryption speed in the RSA algorithm by taking advantage of certain subgroups of Z.sub.n *. The cryptography system employs a new family of trapdoor permutations based on exponentiation in subgroups of Z.sub.n *.

Abstract: A method and system is provided for improved electronic voting. The system optionally allows paper type ballots to be utilized. A plurality of cryptographic routines are utilized in a distributed data processing system to maximize the privacy of both the voter's identity and the content of completed ballots. An authentication server is utilized to interact with a voter to issue electronic ballots and receive completed electronic ballots in a manner which determines the authenticity of the identification of the voter, while maintaining the content of the completed ballot confidential. The distributed data processing system further includes a results server which tabulates the content of completed ballots in a manner which maintains the identity of the voters associated with the particular ballots confidential.

Abstract: A device and method is provided using a split processor based architecture to provide physical security of information by implementing a required protocol before releasing information. The information is used as a key to a cryptographic algorithm. A chaotic cryptographic algorithm is also provided including a key space employing six parameters of a Lorentzian system of equations.

Abstract: An IC memory card having an interface circuit complying with PC card standard and a memory comprises a password check circuit for comparing a password input from an external computer with a predetermined password and one or both of a data decipherment circuit for deciphering enciphered data stored in the memory if the passwords coincide with each other and a data encipherment circuit for enciphering data input from the external computer if the passwords coincide with each other.

Abstract: A system for dealing in an original data content and an edited data content. A data content is handled as an object, and the data content is edited by editing a data content, functioning as an object, in accordance with an edit program. The edited data content is expressed by the original data content and the editing scenario which describes editing detail by the edit program. Only the encrypted editing scenario is dealt in. Upon receipt of the encrypted editing scenario, a user decrypts the encrypted editing scenario using a crypt key obtained from a key management center, and obtains the original data content from the database in accordance with the editing scenario and re-constitutes the edited data content. In case there is the one who wishes sale of the editing scenario, its utilization right is sold by auction.

Abstract: A method and system for authenticating an authorized user of a remote terminal attempting to interconnect with a computer network over a wireless modem is provided. An encrypted wireless communication channel is established between a remote terminal and a network server for facilitating the authentication process. An authorized user presents an authentication card containing credentials including a user identifier and an authentication encryption key to a remote terminal. The remote terminal establishes a wireless communication channel with a network server which provides a firewall between unauthenticated users and a computer network. The network server and the remote terminal then exchange encrypted information thus verifying the authenticity of each party. The remote terminal and the network server each independently generate a data encryption key for use in establishing a secure encrypted wireless communication channel therebetween.

Abstract: A data copyright management system comprises a database for storing original data, a key control center for managing crypt keys, copyright management center for managing data copyrights, and a communication network for connecting these sections. Data supplied from the database to users is encrypted and distributed. The users decrypts the encrypted data by crypt keys obtained from the key control center or copyright management center. To supply data to users, there are the following two methods: a one-way supplying of encrypted data to users by means of broadcasting or the like; and two-way supplying of encrypted data to users corresponding to users' requests. A crypt key system used for encrypting data uses a secret-key cryptosystem, a public-key cryptosystem or a cryptosystem combining a secret-key and a public-key and further uses a copyright control program to control data copyrights.

Abstract: A personal computer having a security function, a security method therefor, and methods of installing and detaching a security device are provided. In the security method, a password is dispersedly stored in the personal computer and a hard disk is booted only when the password input by a user is valid and the boot data of a security device is the same as that of the hard disk. When recording a file on a floppy disk, the file is processed with an encryption function and an encryption table. Also, the file stored in the floppy disk is read using a decoding table. Further, when installing the security device, a partition is removed so as to prevent the hard disk from being used without any security device. Therefore, the password cannot be read by an unauthorized user and the hard disk cannot be booted without any security device. Also, due to the encrypting and decoding processes, a file copied without permission cannot be read by another personal computer.

Abstract: A secure video content processor ("SVCP") which receives encrypted digital video information and converts it into analog information for a monitor while preventing unauthorized access to the intermediate unencrypted digital data. The SVCP uses hardware envelopes to prevent unauthorized access to the decrypted digital stream. When a need arises to transmit digital data outside the hardware envelope, the digital data is encrypted and then decrypted when it re-enters a hardware protected section of circuitry.

Abstract: Computer-implemented methodology is described which allows any user to access a "network client" machine (e.g., PC, ATM machine, cell phone, or the like) which is connected to a network but which does not know the authentication of the user. With only the user's password, the client machine is able to initiate a communication session with a server and identify the user to the server as the person who the server truly expects. The method allows both the client and the server to each identify the other as authentic (not a middle man or imposter)--that is, without compromise in security along the communication link. In this manner, the user can access information from the true server in a secure manner and bring that information down to the local client, for instance, for use in a JAVA application.