Abstract: A system and method implemented in an interactive television system for restricting or controlling the access rights of interactive television applications and carousels. The system broadcasts modules from a broadcast station to a plurality of receiving stations, which execute applications containing the modules. In one embodiment, the applications utilize a credential consisting of a producer identification number (ID) and an application ID for each of the grantor and grantee applications, an expiration date, a set of permission data, a producer certificate and a signature. An application requesting access and a carousel granting access may be identified by respective producer and application IDs. The credential utilizes public key encryption to ensure the integrity of the credential. The producer and application IDs may be replaced with wildcards so that rights may be granted to a group of producers or applications.

Abstract: Secure electronic transactions using a trusted intermediary with non-repudiation of receipt and contents of message. A system of, and method for, securely transmitting a package from a sender to a recipient, via an intermediary, are described, as is a novel data arrangement, stored in a computer-readable medium. A sender encrypts the message to form an encrypted inner envelope. A waybill is formed that among other things identifies the recipient as the destination and includes information indicating various levels of services desired, e.g., electronic notarization. The waybill and inner envelope are used to form an encrypted outer envelope that is addressed to a trusted intermediary. The intermediary receives the package and decrypts the outer envelope. It is unable to decrypt the inner envelope, due to the keys employed during encryption. The service information is processed, and the package is used to form a second package addressed to the recipient.

Abstract: Objects such as master keys or object protection keys that are kept in a protected environment of a crypto module are securely transferred between modules by means of transport keys. The transport keys are generated by public key procedures and are inaccessible outside the modules. Master keys are encrypted under the transport key within the protected environment of the source module, transmitted in encrypted form to the target module, and decrypted with the transport key within the protected environment of the target module. Object protection keys that are encrypted under a first master key kept in the protected environment of the source module are decrypted with the first master within the protected environment of the source module before being encrypted under the transport key. The object protection keys are encrypted under a second master key within the protected environment of the target module after being decrypted with the transport key.

Abstract: A method and apparatus for protecting software objects from external modification is described. A cryptographic seal protects the object at the object level and also supports secure inter-object communication. A software object (101) is packaged in a crypto seal (103), which provides a cryptographic code hasher (105) for performing a cryptographic form of hashing on the code of object (101), a crypto seal communications authenticator (107) which authenticates communications received by object (101), a crypto seal encryptor (108) which encrypts communications sent by the object (101), a challenge manager (106) which causes the cryptographic code hasher (105) to perform its hashing function on the code of object (101) periodically and on demand when a challenge message is received, and a communications interface (109) which controls inter-object communication. A system (100) which employs crypto sealed objects includes a crypto seal coordinator (119).

Abstract: A method and apparatus for creating communities of trust within a secure communications system is accomplished by allowing end-users to obtain arbitrary lists of trusted public keys from other end-users and from associated authorities. Once an arbitrary list has been obtained by an end-user, the end-user determines whether it was obtained in a manner consistent with a security policy of the secured community. The security policy may enable an end-user to receive trusted public keys from other end-users, from associated authorities only, to receive public keys of associated authorities, other end users, or any combination thereof. When the arbitrary lists of trusted keys are obtained in a manner consistent with the security policy, the end-user adds keys of the arbitrary lists to a trusted key list. When a security-related operation is to be performed (e.g.

Abstract: In a telecommunications system, data having a higher sensitivity and data having a lower sensitivity are identified within a data set. The data having a higher sensitivity is encrypted to produce encrypted sensitive data. Thereafter, the data having a lower sensitivity and the encrypted sensitive data are encrypted to produce an encrypted data set. The encrypted data set is then transferred from a sending unit to a receiving unit. Decryption information may be appended to the encrypted sensitive data before the data having a lower sensitivity and the encrypted sensitive data are encrypted to produce an encrypted data set. The decryption information may include an algorithm identifier, a key identifier, and receiver response instructions. At the receiving unit, the data set is decrypted to recover the data having lower sensitivity. A second decryption of the encrypted sensitive information recovers the data having a higher sensitivity.

Abstract: A data structure and method are disclosed for encapsulating a message with a verifiable message ID and a verifiable identification of message interpretation information. The encapsulated message includes a message set and a data generated message identifier. The message set includes a message body that contains the content of a message and a data generated interpretation identifier that verifiably identifies an interpretation file that may be used to interpret the message body. The data generated message identifier is a hash function of the message set that includes the message body and the data generated interpretation identifier. The data generated message identifier is determined such that the data generated message identifier verifiably identifies the message set.

Abstract: A client receives a remote installation service (RIS) activated by a browser through the Internet, and notifies an RIS server of a software number corresponding to an icon pointed to and clicked by a pointing device on a home page. The RIS server provides various services such as software distribution, online shopping, communications service, transaction service, etc. according to the information.

Abstract: The capabilities of a cryptographic module are controlled by a crypto configuration control (CCC) register that is initialized by one or more self-signed commands that are preformulated and signed with the digital signature key of the crypto module itself. The crypto module accepts a self-signed command only if the self-signature can be validated using the signature verification key of the module. In one implementation, the final configuration is determined by a single self-signed command. In another implementation, a first self-signed command is used to create an temporary configuration that allows one or more initialization authorities to issue additional commands fixing the final configuration. The self-signed commands are maintained separately from the crypto module and are distributed to the end user either physically or electronically.

Abstract: A method and apparatus for updating the password status of one or more servers in a client/server environment utilizes multiple passwords associated with a client process, including a current password and one or more non-current passwords. Each password has associated therewith a key and a key identifier. If upon an attempted access, a server process challenges the client process with a non-current key identifier, the client process provides the corresponding key associated with the non-current password. Once access to the server is achieved, the key identifier associated with the current password is supplied to the server process by the client process. In a networked server environment, the updated server process may provide the updated key identifier to other server processes which have knowledge of the client profile.

Abstract: A process is provided that allows an exportable SSL client to negotiate an encrypted session using strong encryption with a server if the server is allowed to use strong encryption. With this process, the SSL client is normally limited to export strength encryption. But, when it is communicating with an approved server, it is able to expand the available set of encryption algorithms to include stronger algorithms/key lengths. The process involves performing an SSL handshake twice. The process begins when a client, i.e. a user, wants to establish a session with a server. The client first initiates a network connection to the server. The first handshake between an export client and an approved server results in an SSL session that uses export strength encryption. This establishes a connection using an exportable cipher suite. The client examines the server's certificate obtained as part of the first handshake.

Abstract: A transmission/reception system includes a transmitter for transmitting pay information, and a plurality of receivers. The transmitter includes a service center for editing contents to be transmitted, and a transmitting station for receiving the contents from the service center and transmitting same. The plurality of receivers each include a mounting portion in which a storage element may be removably mounted. The storage element pre-stores charging information for permitting reception of the pay information and is sold at a predetermined cost. Each receiver determines whether it is allowed to receive and reproduce the pay information in accordance with the charging information stored in the storage element mounted in the mounting portion. When the storage element is purchased, the cost is remitted or electronically sent to one of the service center and an account of said service center. Another part of the cost is remitted to one of the transmitting station and an account of the transmitting station.

Abstract: The invention relates to a conditional access system making it possible for a service provider to supply his services solely to users having acquired entitlements to these services.The services supplied by a service provider consist of an item scrambled by control words. To keep these control words secret, they are supplied in messages (MEC) after having been encrypted with an encryption algorithm with key K.According to the invention, one and the same message (MEC) contains the same control word (Cwi) encrypted several times, each encryption (E(Cwi)Kj) of the control word depending on a different encryption key (Kj).The invention applies to any type of conditional access system, be this system either of "off-line" or "on-line" type.

Abstract: A key management method, an encryption system, and a sharing digital signature system are provided, which are designed to hierarchically manage the degrees of contribution of members to a digital signature operation and the like so as to be suitably used for a group having a hierarchical structure. In an information communication system including a plurality of information processing apparatuses connected to each other through a communication line, a first member (11a) holding a secret key K and a plurality of second members (11b-11d) holding pieces of partial information K.sub.1i (i=1, 2, . . . ) generated by secret sharing of the secret key K are provided. The first member can use the secret key K as a key for the information communication system, but the second members can obtain a key for the information communication system only by collecting a predetermined number t.sub.1 or more of pieces of partial information K.sub.1i.

Abstract: Apparatus and a method are described for providing for multiple secure functions in a host or wireless radiotelephone. Access to the functionality of the radiotelephone is provided by means of a smart card or security token features contained therein. The determination of the secure function which is accessed is determined by encrypted credential information carried in the smart card. The smart card may be used for numerous applications, but is particularly useful in conjunction with radiotelephone devices having a plurality of secure communication levels. The radiotelephone device will activate the secure levels based on the security level algorithm carried in the smart card.

Abstract: Apparatus and a method are described for providing a security token. The security token may be used for numerous applications, but is particularly useful in conjunction with radiotelephone devices having secure functions. In accordance with the invention the user must insert a PIN and utter sounds. The radiotelephone device will activate the secure functions only if the PIN is correct and the sounds uttered are authenticated against voice feature vectors stores it the token.

Abstract: A communication system, which includes an origination space, a communications channel, and a destination space associated with the origination space via the communications channel. The origination space includes an encryption engine for generating an output symbol O.sub.t based on an input symbol I.sub.t and means for receiving an encrypt key, an encrypt text/key relation, and the input symbol. The destination space includes a decryption engine for generating a decrypted symbol I'.sub.t based on the output symbol received from the origination space via the communications channel and means for receiving a decrypt key and a decrypt text/key relation. The encrypt text/key relation controls the encryption engine such that O.sub.t =.alpha..sub.N (t)+.pi..sub.N [.alpha..sub.N-1 (t)+.pi..sub.N-1 [.alpha..sub.N-2 (t)+ . . . +.pi..sub.2 [.alpha..sub.1 (t)+.pi..sub.1 [I.sub.t +.alpha..sub.0 (t)]] . . . ]], mod W, where .alpha..sub.N, .alpha..sub.N-1, . . . , .alpha..sub.1, .alpha..sub.

Abstract: A pseudorandom number sequence generator comprises a bidirectional shift register arranged to be loaded with a multi-bit sequence. The shift register is responsive to an ith clock pulse and an ith direction control bit for shifting the multi-bit sequence in one of two directions, delivering an ith output bit and receiving an ith input bit. The multi-bit sequence successively defines one of nodes of an Eulerian graph connected by branches. A feedback circuit is connected to the shift register for converting a set of input data to a set of output data. The input data comprises a multi-bit sequence stored in the shift register in response to an (i+1)th clock pulse, the ith output bit and the ith direction control bit and the output data comprises an (i+1)th input bit and an (i+1)th direction control bit.

Abstract: A system and method facilitates a fair exchange of time-independent information goods between a first party's computer and a second party's computer over a network, such as the Internet. The first party's computer creates a digital contract proposal concerning the exchange of information goods. The first party's computer digitally signs the contract proposal and stipulates a condition which, when satisfied by the second party, will create a valid contract. The first party's computer then transmits the signed contract proposal over the network to the second party's computer. The second party has one of two options: (1) satisfy the condition in the contract proposal to create a valid contract and return the valid contract to the first party, or (2) store the signed contract proposal without satisfying the condition and supply the information goods to the first party.

Abstract: In a cryptographic communications system, a method and apparatus for allowing a sender of encrypted data to demonstrate to a receiver its ability to correctly generate key recovery information that is transmitted along with the encrypted data and from which law enforcement agents or others may recover the original encryption key. Initially, the sender generates a key pair comprising a private signature key and a corresponding public verification key and sends the latter to a key recovery validation service (KRVS). Upon a satisfactory demonstration by the sender of its ability to correctly generate key recovery information, the KRVS generates a certificate certifying the public verification key and the ability of the sender to correctly generate key recovery information. The sender uses its private signature key to generate a digital signature on the key recovery information, which is sent along with the key recovery information and encrypted data to the receiver.