Abstract: A cryptographic packet processing unit performing cryptographic operations on a data portion of a data packet based on control information included in a header of the data packet. The cryptographic packet processing unit comprises a cryptographic bus interface unit, a crypto-processing unit, and a control storage unit. The cryptographic bus interface unit is capable of (i) receiving the data packet and (ii) removing the control information from the data portion. Coupled to the cryptographic bus interface unit, the crypto-processing unit is capable of performing a cryptographic operation on the data portion under the control of the control storage unit, which contains the control information.

Abstract: The present encryption apparatus is provided with a plurality of conversion means connected in multiple steps, an intermediate-key generating means for performing linear or non-linear conversion for an intermediate-key and subsequently generating an initial-value of the intermediate-key, and an intermediate-key memory means for updating and storing the intermediate-key update information. The present encryption apparatus provides a ciphertext which is refractory to a chosen plaintext cryptanalysis in the evaluation of the key update information. The present apparatus is capable of high speed operation by parallel processing and is also capable of maintaining high speed operation by higher multiplication of the parallel operation even when the number of repetitive conversion is increased.

Abstract: A method and apparatus for identifying an applicant as a member of a group without explicitly listing all possible applicants. A test is defined which specifies the criteria for group membership. The test definition and an optional group identifier code are supplied to a criterion generator. The criterion generator generates an authenticated message based, at least in part, upon said test definition. The authenticated message is delivered to one or more criterion evaluators that verify the authenticated message. In one embodiment, once the authenticated message has been verified, the applicant for access to a resource presents a credential to the criterion evaluator. If the credential satisfies the test definition, the applicant is granted access to the specified resource and denied access if the credential does not satisfy the test definition.

Abstract: A method and apparatus are provided for compliance checking in a trust-management system A request r, a policy assertion (ƒ0, POLICY), and n−1 credential assertions (ƒ1, s1) , . . . , (ƒn−1, sn−1) are received, each credential assertion comprising a credential function ƒi and a credential source si. Each assertion may be monotonic, authentic, and locally bounded. An acceptance record set S is initialized to {(&Lgr;, &Lgr;, R)}, where A represents a distinguished null string, and R represents the request r. Each assertion (ƒi, si), where i represents the integers from n−1 to 0, is run and the result is added to the acceptance record set S. This is repeated mn times, where m represents a number greater than 1, and an acceptance is output if any of the results in the acceptance record set S comprise an acceptance record (0, POLICY, R).

Abstract: A distributed firewall is utilized in conjunction with a memory-mapped serial communications interface such as that defined by the IEEE 1394 specification to permit secure data transmission between selected nodes over the interface. The distributed firewall incorporates security managers in the selected nodes that are respectively configured to control access to their associated nodes, thereby restricting access to such nodes to only authorized entities. Furthermore, encrypted transmissions may be supported to restrict unauthorized viewing of data transmitted between the selected nodes over the interface. Implementation of the distributed firewall does not modify any critical specifications for the memory-mapped communications interface that would prevent the selected nodes from residing on the same interface as other nodes that adhere to such specifications but that do not support secure data transmission.

Abstract: Upon receiving a message {ID′i−1, X′i−1, m′i−1, Yi−1} from a signer (i−1), a signer i generates a random number ri, then calculates Xi=gri mod p using pieces of public information p, q and g, then sets X′i=(X′i−1, Xi), m′i=(m′i−1, mi), then calculates ei=fi(X′i, m′i), di=hi(X′i, m′i) with public one-way functions fi and hi, calculates yi=(yi−1+diri+eisi) mod q using a secret random number si, sets ID′i=(ID′i−1, IDi), and sends information {ID′i,X′i,m′i,y′i} to the next signer (i+1). A verifier calculates ei and di with the one-way functions fi and hi using X′L and m′L contained in received information {ID′L, X′L, m′L, yL}, and makes a check to see if gyL≡X1d1 ILe1 . . .

Abstract: An adaptive security system having a hierarchy of security servers. The security system maintains a primary security server for each task or process executing within a computing environment. An enforcement mechanism receives resource requests from the tasks and queries the corresponding primary security server which resolves the request based on a set of security associations. If the primary security server is unable to resolve the request, the enforcement mechanism queries a parent security server. Security servers are dynamically created and terminated in response to changing organizational policies. The present invention facilitates the dynamic creation and termination of security servers to adapt to organizational policy changes.

Abstract: A first trusted authority, such as an originating certification authority, that stores key history data, such as private decryption keys for one or more subscribers, includes a key history exportation engine operative to generate a security key history exportation packet. The security key history exportation packet contains at least encrypted security key history data uniquely associated with a subscriber. A second trusted authority, such as a destination certification authority, includes a security key history importation engine operative to decrypt the security key history exportation packet. The retrieved security key history data then is stored and made accessible through the second trust authority for later access by the subscriber. The second trusted authority serves as a new trust anchor instead of the first trust authority.

Abstract: A method, system, and computer program are disclosed to transport an encrypted key across multiple, diverse systems which provides the relevant and necessary information to guarantee a successful decryption of the key. The method prepares an ASN.1 encoding file at the sender which contains the key. The receiver performs the method to decode the ASN.1 encoded file. In this manner, only the data and the contents of the portable key need to be sent to guarantee successful decryption at the receiver.

Abstract: Disclosed is a method for designing public key cryptosystems against fault-based attacks in which secret information stored in a tamperfree device is revealed during the encryption/decryption or signature generation processes due to fault-based attacks. A new fault-resistant system which enables any fault existing in modular multiplications and exponential computations to be detected with a very high probability based on a coding approach. This method can be used to implement all cryptosystems whose basic operations are modular multiplications for resisting both memory and computational fault-based attacks with a very low computational overhead.