Abstract: A mobile computing scheme capable of carrying out a proper packet transfer according to a current location of the mobile computer by accounting for the network operating policy. A mobile computer carries out a prescribed communication processing according to recognition results as to whether the mobile computer is located inside or outside the home network at which a mobile computer management device of the mobile computer is provided, and whether or not there exists a packet processing device which has a packet transmitted by at least one of the mobile computer and a correspondent computer as an encryption and authentication processing target.

Abstract: A digital certificate is formed from a digitized representation of a unique biological feature of a registrant, for example, the registrant's chromosomal DNA. The digital representation is signed with the registrant's private encryption key and transmitted to a certificate authority. The registrant's identity is verified at a remote registration terminal. When the registrant's identity has been verified the certificate authority forms the certificate by encrypting the digital signature with the certificate authority's own encrypting key. The certificate is also held in a publicly available directory. The certificate is used to authenticate an electronic document by appending the certificate to the electronic document. The document and the certificate are then transmitted to a receiving terminal. The identity of the transmitting party can be verified by inspecting the certificate.

Abstract: The present invention includes a method and computer program for determining possible configurations of a racing vehicle Four-Link assembly. A user of the computer program is prompted for measurements of the Four-Link assembly bracket apertures relative to the garage floor. The measurements are entered into the computer program to produce reference points for the vehicle. The computer program then permits a calculation of lines comprised of the relevant Four-Link assembly bracket apertures and an interpolation of points on each line representing a possible Four-Link configuration. The computer program then renders either a video display and/or a printout of the possible Four-Link configurations and the intersect points of the lines created by the interpolated lines representing Four-Link configurations.

Abstract: This invention concerns a cashcard system for purchasing laundry services wherein the user is issued with a cashcard and a personal identification number. Each of the laundry facilities is provided with a terminal having means for verifying the user, means for verifying the card, means for updating the card with an amount requested by the user, means for saving the card identification and the amount revalued to the card and means for storing and forwarding at a later time the amounts revalued to the cards for credit verification by a central computer remote to the terminal. In addition, the terminal in verifying the card compares the card to a previously rejected cards before updating the card with a new amount requested.

Abstract: An apparatus, system and method for secure code-downloading and information exchange, in the full generality of complex code dependencies while considering the implications of mutual distrust and hot-swapping. Included are secure techniques wherein an authority signs code from another party upon which that authority depends in order to establish that a trusted execution environment, is being preserved. Trusted code is employed to ensure that proprietary data is destroyed, disabled, and/or made unreadable, when a change causes the trusted execution environment to cease holding to a certain security level. A carefully constructed key structure is employed to ensure that communications allegedly from particular code in a particular environment can be authenticated as such. Authenticity of code that decides the authenticity of public-key signatures, and/or the authenticity of other code is cared for. In particular, the loading code that performs these tasks may itself be reloadable.

Abstract: Data is recorded on an optical disk. In a prescribed region of the disk, an identifier is provided for indicating whether a barcode-like mark is present or not on the disk. The identifier and the barcode-mark are in different locations on the disk. A control area, in which physical feature information regarding the disk is recorded, is included in the prescribed region.

Abstract: A token 12 creates utilization history information and sends the information to an information processing unit 11 and simultaneously creates an verification value and stores the value in a utilization-value holding unit 21. The information processing unit 11 records the utilization history information in a history holding unit 16. On receiving a verification-value output request from the information processing unit 11, the token 12 provides the verification value with a signature and outputs the combination of the verification value and the signature. The information processing unit sends to a recovery unit 13 the verification value with the signature as well as the utilization history information. The recovery unit 13 verifies the signature and also the utilization history on the basis of the verification value further.

Abstract: A transmission apparatus 100 includes a secret key storage unit 103 that stores three secret keys K1, K2 and K3, a secret key selection unit 104 that selects one secret key Ks from the secret keys, a message generation unit 106 for generating a message M used as a carrier for indicating a secret key, an encryption module 105 for generating a cryptogram Ca by encrypting the generated message M using the secret key Ks, an encryption module 107 for generating a cryptogram Cm by encrypting the message M using the message M itself as the secret key, and two transmission units 111 and 112 for transmitting the cryptograms Ca and Cm to the reception apparatus 200 to indicate the selected secret key Ks.

Abstract: A computer device includes a processor for processing an object code containing a plurality of instruction words. It further includes a memory for storing a plurality of pseudoinstruction words respectively corresponding to the plurality of instruction words. Preferably, the number of bits of each of the plurality of pseudoinstruction words is less than that of each of the plurality of instruction words. Finally, the computer device includes an instruction word converter for converting the pseudoinstruction word read out from the memory into an instruction word of the object code, and for outputting the instruction word obtained by the conversion to the processor.

Abstract: In the process of compressing and encrypting data, without increase of a processing time, a cipher capability is secured against the latest cryptanalysis such as differential and linear cryptanalyses. The differential and linear cryptanalyses are executed to collect plural pair of plaintext and cryptosystem for the same key and perform the statistical operation for estimating the key. An I/O process is executed to receive plaintext data and generate a random number. Then, an operation is executed to generate a different key for each data on the random number and set the key to a work key. The encrypted intermediate result or the pre-encrypted result is fed back for frequently changing the work key. These series of operations makes it possible to protect the ciphertext from the differential and the linear cryptanalyses.

Abstract: A security system (10) for users (50) to employ applications (12) as either publishing applications (24) or subscribing applications (26), for communicating messages (16) on computer networks. Each application (12) includes a client (28) which obtains from the user (50) a user ID (52) and a password (54), for authentication to a broker (30). The messages (16) are each assigned a subject (18) having a security policy (20), which includes an access control list (70) and a quality of protection (72). The access control list (70) may specify who may publish, who may subscribe, and who may ask for guaranteed delivery of messages (16) on the associated subject (18). Similarly, the quality of protection (72) may specify whether such messages (16) are privacy, integrity, or nonrepudiation protected, and whether they are to be audited. The broker (30) then employs the security policy (20) to control publishing and subscribing of the messages (16) and to provide the requested security protections.

Abstract: The invention relates to an encryption key management system and method of securely communicating data. First and second communicating devices are provided with a first and second identical sequences or databases of encryption keys. A pointer is set in both the first and second sequences at the same encryption key. Data from the first communicating device is encrypted using an encryption key adjacent the pointer in the first sequence of encryption keys. The encrypted data is then transmitted from the first communicating device and received by the second communicating device. The second communicating device decrypts the encrypted data received using an encryption key adjacent the pointer in the second sequence of encryption keys. After encrypting and/or decrypting data segments, the pointers in both the first and second sequences of encryption keys are incremented or moved in preparation for the next data segment or communication.

Abstract: A system and method for certified transmission of an electronic document, as verified by the generation of a certification indicia. Three embodiments of the system and method are disclosed, providing for the certified transmission of a document through an independent certification device or for direct transmission from a sender to a recipient. Furthermore, the resulting certification indicia may be generated by an independent certification device or by a portable processor at the sender or receiver's location.

Abstract: A security system for an information storage medium is so structured that only file data including secret individual information is encrypted by an encryptor/decryptor circuit. Known file management data is written in a memory device in plain text. This encrypting device prevents any third person from reading the secret information without unnecessary encryption of non-secret data to realize an enhanced security function.

Abstract: An optical head device adapted to be optically coupled to an optical disk includes a light-source laser and an objective lens optically coupled thereto. This lens receives an output light of the light source, and causes it to be projected onto the optical disk to form a focused spot thereon. Photodetectors are optically coupled to the lens in one optical path so that they are responsive to a light component which is reflected from the optical disk toward the photodetectors by way of the objective lens. A beam-shaping prism is located between the lens and a group of the light source and the photodetectors in the optical path. When the laser output light travels toward the lens, the prism reshapes the light into a predetermined isotropic beam profile. When the reflected light from the optical disk propagates reversely along the same optical path to enter the beam-shaping prism, this prism permits such an incident light to pass through itself toward the photodetectors.

Abstract: A system and method for transmitting encrypted documents from a document server to a client computer across network allows a user to select and view fewer than all of the sections of the document so that not all of the encrypted document need be transmitted. An encryption module and encryption key generator allows the document server to generate encryption information for each encrypted section of the secure document and store that information in a key file on the client computer. A decryption module on the client computer accesses the key file to decrypt for viewing the selected document sections transmitted from the server.

Abstract: A system for enabling verified or verifiable communications while maintaining anonymity, in which a common public parameter, such as a prime number, and a registered signature are changed, respectively, by a specifier and a signer to provide a digital signature which accompanies a message sent from the signer to a verifier.

Abstract: In an encrypted transmission system composed of one transmission apparatus 10 and twenty-eight reception apparatuses A1-G4 that are classified into seven groups A-G, two secret key exclusively selected out of a total of fourteen secret keys are distributed beforehand to each group. The transmission apparatus 10 encrypts the same message M using one of the two secret keys distributed to each group and sends each group a message M encrypted with one of the group's secret keys. The reception apparatuses each decrypt the received cryptogram separately using each of the secret keys assigned to the of group to which each reception apparatus belongs, judge whether either of the two decryption results conforms to a predetermined rule, and specify the correct decryption result.

Abstract: In a public key cryptosystem employing the El-Gamal algorithm, secret fresh random numbers are generated at a server and private keys of users, as encrypted with a symmetric algorithm by using individual user identifying keys determined by hashing the users' respective passphrases or biometric information (fingerprint, voiceprint, retina scan, or face scan) are maintained in a store accessible to the server, and the fresh random numbers and encrypted private keys are transmitted to the user equipment when needed via a network which is not secure. In order to prevent an attacker from discovering the random numbers or employing formerly used random numbers in a block replay attack, an interchange in the nature of a challenge response protocol is employed which passes at least one secret fresh random number from the server to the user equipment while also authenticating the user to the server.

Abstract: The present invention is directed to a system and method for regenerating secret keys by escrowing only one private value in a Diffie-Hellman exchange where a public number is exchanged between the two participants according to the equation:Y=g.sup.X mod p,where Y is the Diffie-Hellman public number, X is the Diffie-Hellman private number, g is the generator, and p is the prime. The public value for each communication session is controlled after the escrow of the private value, and the secret keys are regenerated from the escrowed private value and the controlled public values. The escrowed private value is transmitted to the escrow center with full proof of security and authenticity and, if desired, this private value can be changed and re-sent to the escrow center.