Abstract: A secure cryptographic rights unit for cryptographically regulating access to digital content includes an interface control processor and a specialized cryptographic unit that protects access to a memory. Rights keys, which allow access to content, are added by the cryptographic unit by transforming data received from the control processor and storing the result in the protected memory. The cryptographic unit then produces content decryption keys by using stored rights keys to transform other data received from the control processor. Because the control processor does not have the ability to directly access the protected memory, the security can remain effective even if the control processor is compromised. To prevent reverse engineering of the cryptographic transformations, the invention provides for an algorithm generator that uses random sources to produce algorithm definitions in machine-readable form. Because the generator itself does not contain any secrets, it can be submitted for open review.

Abstract: An optical disk includes a first area where data is recorded with pit pattern, a second information area where another data is recorded with marks which have a stripe-like configuration, and a guard band area formed between the first information area and the second information area. An address is written with pit pattern on the guard band area.

Abstract: Disclosed is an optical disk barcode forming method wherein, as information to be barcoded, position information for piracy prevention, which is a form of ID, is coded as a barcode and is recorded by laser trimming on a reflective film in a PCA area of an optical disk. When playing back the thus manufactured optical disk on a reproduction apparatus, the barcode data can be played back using the same optical pickup.

Abstract: A system and method for auditing network applications captures transmissions during a user session between a client and a server. An auditor capture filter captures each request from the client and each response by the server to each request. An auditor encryption module encrypts the captured requests and the captured responses with an encryption key and stores them in an auditor storage. The auditor encryption module also distributes portions of the encryption key to the client and the server. An auditor decryption module collects the portions of the encryption key from the client and the server and decrypts the encrypted requests and the encrypted responses. An auditor analyzer may then use the decrypted requests and the decrypted responses to recreate the user session to thereby analyze what transpired during the user session. In addition, the analyzer may also verify that a particular event occurred during the user session.

Abstract: A modular exponentiator is adapted to receive a first communicated signal and derive a second signal therefrom by computation of a modular exponentiation of the form be mod n based on the first signal. The modular exponentiator divides the modular exponentiation according to the Chinese remainder theorem into first and second portions respectively having modulus values p and q of approximately half of an original modulus value n of the modular exponentiation. Each portion of the modular exponentiation is factored into respective pluralities of smaller modular exponentiations having precalculated exponent values. The respective pluralities of smaller modular exponentiations are then multiplied together to provide respective intermediate products. The intermediate products are then recombined to yield the modular exponentiation result.

Abstract: An output bit sequences is derived from an initial bit sequence and this output bit sequence is used to encrypt an input bit sequence in a first mode of operation or not to so encrypt the input bit sequence in a second mode of operation. The mode of operation is switched automatically whenever the output bit sequence contains a predetermined trap bit sequence. As a result of this automatic switching between such encryption and no such encryption, unauthorized determination of secret codes is thwarted.

Abstract: Proprietary information such as programs and/or data are protected using a secure processing system that includes a memory such as an EPROM in which the proprietary information is stored in a first portion of the memory. The stored information is encrypted by an encryption algorithm unique to the proprietor of the information. The stored information is assigned an unique key that will enable the information to be decrypted if the unique algorithm is known. A second portion of the memory has the unique key stored therein, the unique key is encrypted with a master encryption algorithm and can only be obtained by using a master key with the master algorithm. A processing unit such as a Digital Signal Processor (DSP) has both the proprietor's unique algorithm, master algorithm and master key available to it.

Abstract: A cryptographic device and corresponding method for producing a cloaked watermark which is a private watermark having the functionality of a public watermark. In one embodiment, the cryptographic device comprises an internal memory and a processor contained in a package. The internal memory provides a region for storage of key information used at least to produce the cloaked watermark. The processor is coupled to the internal memory and is responsible for producing a cloaked watermark based on the key and for inserting the cloaked watermark into an outgoing data set.

Abstract: Methods and apparatuses are disclosed for improving DES and other cryptographic protocols against external monitoring attacks by reducing the amount (and signal-to-noise ratio) of useful information leaked during processing. An improved DES implementation of the invention instead uses two 56-bit keys (K1 and K2) and two 64-bit plaintext messages (M1 and M2), each associated with a permutation (i.e., K1P, K2P and M1P, M2P) such that K1P {K1} XOR K2P {K2} equals the “standard” DES key K, and M1P {M1} XOR M2P {M2} equals the “standard” message. During operation of the device, the tables are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements. The technique is implementable in cryptographic smartcards, tamper resistant chips, and secure processing systems of all kinds.

Abstract: A communication system (100) includes an infrastructure (150) and at least one vehicle (101), the vehicle including at least one vehicle system (103), and at least one user system (113). The infrastructure includes an application (155) which, in turn, is arranged to reprogram the vehicle system, the user system, or both.

Abstract: A method of hiding copyright related messages within digital data works is taught. The method relies on modifying data elements in the work according to certain rules which depend on the actual message itself. The information content of the message can be extracted through a comparison of measurable characteristics of defined portions of the modified work.

Abstract: The present encryption apparatus is provided with a plurality of conversion means connected in multiple steps, an intermediate-key generating means for performing linear or non-linear conversion for an intermediate-key and subsequently generating an initial-value of the intermediate-key, and an intermediate-key memory means for updating and storing the intermediate-key update information. The present encryption apparatus provides a ciphertext which is refractory to a chosen plaintext cryptanalysis in the evaluation of the key update information. The present apparatus is capable of high speed operation by parallel processing and is also capable of maintaining high speed operation by higher multiplication of the parallel operation even when the number of repetitive conversion is increased.

Abstract: A microcontroller communicating via a data path and an address path with a memory block containing encrypted contents, the microcontroller including the capability for detecting resets effectuated in the wake of an unauthorized attempt to gain access to the encrypted contents and the capability of evading such an unauthorized attempt.

Abstract: A system and method for data recovery is described. In one embodiment, an encrypting system encrypts a message or file using a secret key (KS) and attaches a key recovery field (KRF), including an access rule index (ARI) and KS, to the encrypted message or file. To access the encrypted message or file, a decrypting system must satisfactorily respond to a challenge issued by a key recovery center. The challenge is based on one or more access rules that are identified by the ARI included within the KRF.

Abstract: A method and apparatus for digital watermarking to resolve multiple claims of ownership is disclosed. According to one embodiment of the invention, a first watermark requiring the host data for detection is embedded into the host data. A second watermark is also embedded into the host data. According to another embodiment of the invention, a pseudo-random sequence acting as a watermark is generated based on two random keys. One of the two random keys is related to the author of the host data into which the watermark is to be embedded, whereas the other of the two random keys is dependent on the host data itself.

Abstract: An apparatus for implementing a game having a deterministic component and a non-deterministic component wherein a player uses the game through at least one player interface unit. Each player interface unit generates a player record indicating player-initiated events. A random number generator provides a series of pseudo-random numbers and a rules library stores indexed rules for one or more games. An interface registry stores mapping records where the mapping records are used to associate the player-initiated events to pre-selected rules in the rules library. A control means is coupled to the player interface to receive the output of the player interface unit, coupled to the interface registry, the rules library, and the random number generator.

Abstract: This disclosure describes systems and methods for processing voice data for secure transmission and secure receipt over a network, such as the Internet. The systems and methods include the processing of analog voice and digital information, including conversion of a voice signal into digital information (or of digital information into a voice signal) and transmission of digital information representing voice data over a network. The analog-to-digital conversion (and digital-to-analog conversion) includes coding and decoding digital information according to voice coding techniques and encrypting and decrypting digital information according to encryption techniques. The transmission of the digital information includes creation of a secure voice frame.

Abstract: An electronic shopping method is provided by both an apparatus 10 and an apparatus 30 to hold a key K(A, C) in common, and both the apparatus 30 and an apparatus 40 to hold a key K(B, C) in common. The apparatus 10 transmits a cipher text C1 which is obtained by enciphering a written order P of the products to be purchased using a key K, a cipher text C2 which is obtained by enciphering the key K using the key K(A, C), and authentication information C3 relating to a part P2 of the written order P to the apparatus 30 and the like. The apparatus 40 deciphers the key K on the basis of the cipher text C2, transmits a cipher text C4 which is obtained by enciphering the key K using the key K(B, C) to the apparatus 30.

Abstract: Authentication of image from digital cameras with GPS-derived time and location data is disclosed. With the wide-spread availability of today's desktop tools and imaging devices, unethical manipulation of digital image data is common, such that digital images are not ordinarily reliable and can be subject to trickery and forgery. In the past, imagery such as photographs and digital images were reliable enough to serve as documentary evidence in most cases, since a skilled craftsman was needed to modify the images and commit fraud. However, skilled craftsmen are no longer needed, and digital images can be modified by even a casual user. Moreover, time data and location data are not ordinarily included in digital images. According to the invention, a digital camera system documents the time, date and location where a digital image was taken, using GPS-derived data from a secure connection.

Abstract: The present invention has an object to overcome problems of a key recovery system using a conventional KRF system and to achieve efficient operation of the overall key recovery system. A key recovery system of the present invention includes check units 12a, 12b for checking whether a user has a recovery authorization for a common key KS, on the basis of a recovery condition RC specified by a recovery condition index RCI which is added to an encrypted message (encrypted message obtained by encrypting the common key KS with a public key KRCpub) supplied from a terminal (10a to 10d) of the user concerned, and a key recovery control unit 14 which is provided separately from the check units 12a, 12b and decrypts the encrypted message with a private key KRCpri paired with the public key KRCpub to recover the common key. The check unit 12a, 12b supplies the common key KS recovered in the key recovery control unit 14 to the user concerned only when the user has the recovery authorization.