Abstract: In a data transformation apparatus for transforming two arbitrary pieces of data of A input data and B input data, a first nonlinear transformation of the A input data is performed using a first key parameter, a transformed result is output, an XOR operation of the transformed result and the B input data is performed to output an XORed result as B intermediate data, and the B intermediate data is input to a next sub-transformation unit as B input data. On the other hand, the B input data is input to a next sub-transformation unit as A input data. A second nonlinear transformation of the B input data is performed using a second key parameter, the transformed result is output, an XOR operation of the transformed result and the B intermediate data is performed to output an XORed result as B intermediate data, and the B intermediate data is input to a next sub-transformation unit as B input data.

Abstract: A trusted rendering system for use in a system for controlling the distribution and use of digital works. A trusted rendering system facilitates the protection of rendered digital works which have been rendered on a system which controls the distribution and use of digital works through the use of dynamically generated watermark information that is embedded in the rendered output. The watermark data typically provides information relating to the owner of the digital work, the rights associated with the rendered copy of the digital work and when and where the digital work was rendered. This information will typically aid in deterring or preventing unauthorized copying of the rendered work to be made. The system for controlling distribution and use of digital works provides for attaching persistent usage rights to a digital work. Digital works are transferred between repositories which are used to request and grant access to digital works.

Abstract: An improved system, method, and computer program product is provided to manage userid/password combinations by utilizing a universally accessible Internet location. This site stores and manages an encrypted database containing the customers multiple userid and password combinations, and also acts as the repository and distribution center for the software used to access and manage the database by the customer. In one embodiment, these applications are designed to work seamlessly with the Internet connection-software (e.g. a set of buttons on a browsers tool bar). Encryption is used on both the client and/or server side to ensure security and integrity.

Abstract: Encryption of a key using another key that is unique and particular to a given client is disclosed. In one embodiment, a computer-implemented method determines a first key that is unique and particular to the client, without user intervention. In varying embodiments, this key can be one or more of: a processor identifier, a network card address, an IP address, a checksum of a component, a serial number of a hard disk drive, a number of cylinders of a hard disk drive, and a user name in a registry file. At least a second key that provides access to information, such as multimedia information, is encrypted with this first key. The second key as encrypted with the first key may be stored on a storage.

Abstract: A method for scheduling events between first and second video processing devices coupled together wherein each device having at least one event timer for storing a scheduled event. The method involves programming first event information into the first device, comparing the first event information to each event previously scheduled in the first device for determining conflicts therebetween, sending a message representing the first event information to the second device, comparing the first event information to each event previously scheduled in the second device for determining conflicts therebetween. A user may be provided with information regarding conflicts and may be notified that a password is required for the first event and the respective event timer is enabled in response to receiving the password entered into the first device.

Abstract: The invention relates to a process for scrambling video data in the MPEG2 video format as well as to a process for descrambling data scrambled according to the process of the invention. The scrambled video data are the coefficients AC and/or DC arising from the “discrete cosine transform” operation which are associated with at least one block of at least one image coded in INTRA mode. The invention applies to conditional access systems such as, for example, pay television systems.

Abstract: This invention protects the unauthorized copy of multimedia data, recorded on an information recording medium, by using electronic watermark information and key information. The electronic watermark information embedded in the multimedia data is extracted by an electronic watermark extraction unit on the decryption system side. A disk key is obtained using the electronic watermark information and a part master key. The multimedia data is decrypted using the resultant disk key.

Abstract: An anti-duplication control signal detection section detects an anti-duplication control signal added on a video signal S1 and supplies it to a system controller as a duplication prevention control information S2. A write control section of the system controller stops the duplication of the video signal in a disk if the anti-duplication control information is an information which indicates duplication inhibition. In this case, the video signal recorded in the disk is erased under the control from the erasing control section by the time the duplication prevention control corresponding to the anti-duplication control signal becomes active.

Abstract: A self-inverting enhanced CMEA encryption system suitable for use in wireless telephony. An unprocessed text message is introduced into the system and subjected to a first iteration of a CMEA process, using a first CMEA key to produce a first intermediate message, a first intermediate processed text message, a first intermediate ciphertext message or the like. The first intermediate processed text message is subjected to a further iteration of the CMEA process, using a second CMEA key, to produce a second intermediate processed text message. The second intermediate processed text message is subjected to a final iteration of the CMEA process, using the first CMEA key, to produce the final processed text message. Security may be additionally enhanced by subjecting each message to an input/output transformation before and after each iteration of the CMEA process.

Abstract: A method is provided for generating a pseudo-random sequence of integers, and the method is applied to the encryption of messages. The method uses a key K and a pair of prime numbers p and q, where q=2p+1. According to one aspect of the invention, a sequence of integers is formed. A sequence of bits is then formed from the sequence of integers, e.g., by selecting the least significant bit from each integer value. The sequence of bits is then used to encrypt a message using a selected encryption algorithm such as the XOR algorithm. Since prime numbers p and q can be selected to be larger than key K, the repeating period of the sequence of integers is larger than that permitted by the bit length of K.

Abstract: In a data transformation apparatus for transforming two arbitrary pieces of data of A input data and B input data, a first nonlinear transformation of the A input data is performed using a first key parameter, a transformed result is output, an XOR operation of the transformed result and the B input data is performed to output an XORed result as B intermediate data, and the B intermediate data is input to a next sub-transformation unit as B input data. On the other hand, the B input data is input to a next sub-transformation unit as A input data. A second nonlinear transformation of the B input data is performed using a second key parameter, the transformed result is output, an XOR operation of the transformed result and the B intermediate data is performed to output an XORed result as B intermediate data, and the B intermediate data is input to a next sub-transformation unit as B input data.

Abstract: In a device for descrambling scrambled digital data, the digital data are grouped into parallel combinations of bits before being descrambled. The combinations of bits are descrambled and then split back into a serial stream of bits.

Abstract: A VGA (or other component video signal) output, e.g. from a computer or DVD player, is protected so it is viewable on a VGA monitor. However, if the component video signal is converted to composite video (e.g. television) the resulting television picture is of substantially degraded quality, thereby inhibiting viewing and/or copying. This protects for instance copyrighted material in the VGA format from unauthorized use. The protection involves modifying the horizontal or vertical synchronization signals in the VGA video in such a way that there is no adverse affect on a typical VGA monitor. However, most or all VGA to television converters and/or television sets and VCR's suffer from loss of synchronization, resulting in an unviewable picture. Also, methods and circuits for defeating the copy protection are provided.

Abstract: A receiver/decoder is programed only to accept a current entitlement control message (EMM) if it has received at least a previous EMM of a previous calendar period. When this is received, it is used to check present rights in the receiver/decoder. The invention prevents an original subscriber from fraudulently obtaining rights by disconnecting a decoder (before an authorising message can update the decoder's memory to prevent decryption) and by reconnecting the decoder (so as to be mistaken for a new subscriber legitimately having those rights).

Abstract: A trusted time infrastructure system provides time stamps for electronic documents from a local source. The system comprises a trusted master clock, a trusted local clock, and a network operations center. The trusted master clock and network operations center are located within secure environments controlled by a trusted third party. The trusted local clock may be located in an insecure environment. The trusted master clock is certified to be synchronized with an accepted time standard, such as a national time server. The trusted local clock, which issues time stamps, is certified to be synchronized with the trusted master clock. Time stamps and certifications are signed by the issuing device using public key cryptography to enable subsequent authentication. The network operations center logs clock certifications and responds to requests for authentication of time stamps.

Abstract: A system for broadcasting data signals in a secure manner comprises means for encrypting the data signals using a first key, means for broadcasting the encrypted data signals to subscribers, means for decrypting the encrypted data signals at each of the subscribers using the first key, and means for encrypting the first key using a second key. The second key is different for each group of subscribers having a common interest in a type of programs. The system further comprises means for broadcasting the encrypted first key to all subscribers and means for decrypting the encrypted first key at each of the subscribers using the second key. The second key is a combination of a key common to all subscribers and a difference key which is unique per type of programs. Means are provided for encrypting the common key and for broadcasting the encrypted common key to all subscribers, the subscribers having means for decrypting the encrypted common key at each of the subscribers.

Abstract: In a method for providing a secure communication between two devices, a first device generates a random key (Ci) and transfers this key to a second device in a first message encrypted using a public key. The second device decrypts the first encrypted message by means of a corresponding secret key to obtain the random key (Ci) and this random key is used to encrypt and decrypt all transmissions between these devices. In a decoder for a pay TV system, comprising a conditional access module and a smart card, this method is applied to provide a secure communication between the control access module and the smart card and/or between the decoder and the conditional access module.

Abstract: An arrangement for providing secure transmission of information. The bulk of the information is transmitted over non-secure channels such as broadcast media which terminate on a plurality of receiving stations. However, a residue of data is transmitted over a protected channel, such as a point-to-point channel, established for example, by a telephone connection. Interception of a complete message, when only the bulk of the message is available, becomes very difficult. It becomes even more difficult if scrambling arrangements are used to select the particular bits of the data message that are transmitted over the secure channel. It becomes still more difficult, if the data transmitted over the secure channel, itself, alters the scrambling algorithm.

Abstract: A RSA encryption scheme includes a modulus in which at least one set of bits is of a predetermined configuration. The configuration may be selected to replicate the identity of the recipient or other information normally transmitted between the parties or may be information stored by the sender to allow only the balance of the modulus to be transmitted with the sender subsequently reconstructing the modulus.

Abstract: There is provided a computer system including a first operating process operating in a non-modified operating environment and having at least one user operating command which is normally employed only in a given mode in the first operating process, and at least one second operating process which does not include encryption, the improvement comprising: a trigger for enabling a user operating the first operating process to initiate the second operating process, the trigger comprising said at least one operating command used in a mode other than said given mode.