Abstract: Use of a centralized control architecture in a network. Policy declaration, routing computation, and permission checks are managed by a logically centralized controller. By default, hosts on the network can only route to the network controller. Hosts and users must first authenticate themselves with the controller before they can request access to the network resources. The controller uses the first packet of each flow for connection setup. When a packet arrives at the controller, the controller decides whether the flow represented by that packet should be allowed. The switches use a simple flow table to forward packets under the direction of the controller. When a packet arrives that is not in the flow table, it is forwarded to the controller, along with information about which port the packet arrived on. When a packet arrives that is in the flow table, it is forwarded according to the controller's directive.

Abstract: An object of this ciphertext decryption rights delegation system is to enable conversion of PKE-system ciphertext into IBE-system encrypted ciphertext, and, in a delegation system with users using only an IBE system, of preventing restoration of the master-secret key generated by a PKG device (public key generation device) even when there is collusion attack between the ciphertext converter and a decryption rights delegatee. A ciphertext decryption rights delegation system realizes delegation of ciphertext decryption rights between a device used by a decryption rights delegator and a device used by a decryption rights delegatee. From the master-secret key stored in the PKG device which generates secret keys, a secret key of the IBE system and auxiliary information are generated, and a re-encryption key is generated based on this auxiliary information.

Abstract: Location systems and methods are implemented using a variety of arrangements and methods. Using one such system location information is provided in response to a utility-line arrangement propagating signals that represent a wireless radio-frequency (RF) communication originating from one or more remote transmitters. The system includes a receiver circuit communicatively coupled and responsive to the utility-line arrangement. The system also includes a signal-processing logic circuit, communicatively coupled and responsive to the utility-line arrangement. The signal processing logic circuit is arranged to derive location information from characteristics of the signals that are indicative of a location of the receiver circuit relative to the remote transmitters.

Abstract: The present invention relates to a method for traitor tracing. One embodiment of a method for determining at least one traced private key used by a decoder to decrypt an encrypted message includes defining an input ciphertext, the input ciphertext being associated with a tracing private key and having a sublinear size, calling the decoder on the input ciphertext, and associating the tracing private key with a set of traced private keys if the decoder is able to correctly decrypt the encrypted message in accordance with the input ciphertext, the set of traced private keys including at least one private key.

Abstract: A method and system for encrypting a first piece of information M to be sent by a sender [100] to a receiver [110] allows both sender and receiver to compute a secret message key using identity-based information and a bilinear map. In a one embodiment, the sender [100] computes an identity-based encryption key from an identifier ID associated with the receiver [110]. The identifier ID may include various types of information such as the receiver's e-mail address, a receiver credential, a message identifier, or a date. The sender uses a bilinear map and the encryption key to compute a secret message key gIDr, which is then used to encrypt a message M, producing ciphertext V to be sent from the sender [100] to the receiver [110] together with an element rP. An identity-based decryption key dID is computed by a private key generator [120] based on the ID associated with the receiver and a secret master key s.

Abstract: A method and system for securing network communications are provided. In a network a Secure Reverse Proxy (“SRP”) is placed among a server and a client where the client and SRP establish a secure connection using TLS protocol. Upon receiving a request from the client for a secure HTTP page, the SRP determines if the secure page is maintained in its cache. If the page is present, the SRP responds to the client by sending the requested secure HTTP page without contacting the server. If the page is not contained within the SRP's cache, the SRP establishes secure TLS connection with the server and forwards the request for the HTTP page. Receiving the HTTP page from the server, the SRP places it in its cache for future use. Having the page in its cache the SRP retrieves the page, encrypts it, and sends it to the requesting client. Subsequent requests for the same page do not involve the server enhancing the efficiency of network operations.

Abstract: A method and system for encrypting a first piece of information M to be sent by a sender [100] to a receiver [110] allows both sender and receiver to compute a secret message key using identity-based information and a bilinear map. In a one embodiment, the sender [100] computes an identity-based encryption key from an identifier ID associated with the receiver [110]. The identifier ID may include various types of information such as the receiver's e-mail address, a receiver credential, a message identifier, or a date. The sender uses a bilinear map and the encryption key to compute a secret message key gIDr, which is then used to encrypt a message M, producing ciphertext V to be sent from the sender [100] to the receiver [110] together with an element rP. An identity-based decryption key dID is computed by a private key generator [120] based on the ID associated with the receiver and a secret master key s.

Abstract: A useful method of verifying the integrity of a cryptosystem involves using erroneous outputs to obtain secret information. In certain signature schemes which use the Chinese Remainder Theorem, a correct signature of a message and an erroneous signature of the same message permit the modulus to be easily obtained. If the content of the message is known, such cryptosystems may be cracked with only an erroneous signature of the message. Certain other authorization schemes may be cracked by analyzing a number of erroneous outputs caused by a particular type of error called a “register fault.” A security expert or cryptosystem designer may intentionally induce a tamper proof device generate a faulty computation by subjecting the device, such as a smart card, to physical stress, such as certain types of radiation, atypical voltage levels, or a higher clock rate than the device was designed to accommodate. Cryptosystems should be impervious to the attacks described herein.

Abstract: Methods and apparatuses are provided for generating blind digital signatures using curve-based cryptography techniques. One exemplary method includes establishing parameter data for use with signature generating logic that encrypts data based on a Jacobian of at least one curve. Here, the parameter data causes the signature generating logic to select at least one Gap Diffie-Hellman (GDH) group of elements relating to the curve. The method also includes receiving first data that is to be blindly signed, determining private key data and corresponding public key data using the signature generating logic, and generating second data by signing the first data with the private key data using the signature generating logic. The second data includes the corresponding blind digital signature. In other implementations, the method may also include having additional logic, for example, in one or more other devices, determine if the blind digital signature is valid.

Abstract: Various methods and apparatuses are provided for generating and verifying digital signatures. In certain methods and apparatuses digital signature generating logic encrypts data based on a Jacobian of a curve, said Jacobian having a genus greater than one. The logic is configured by parameter data so as to select at least one Gap Diffie-Hellman (GDH) group of elements relating to the curve. The logic also determines private key data and corresponding public key data and signs the identified data with the private key data to create a corresponding digital signature. In other methods and apparatuses, the signature generating logic encrypts data based on a Weil pairing on a Jacobian of at least one super-singular curve having a genus greater than one.

Abstract: An apparatus and method are provided for client-side content processing such as filtering and caching of secure content sent using Transport Layer Security (TLS) or Secure Socket Layer (SSL) protocols. An appliance functions as a controlled man-in-the-middle on the client side to terminate, cache, switch, and modify secure client side content.

Abstract: A method and system for encrypting a first piece of information M to be sent by a sender [100] to a receiver [110] allows both sender and receiver to compute a secret message key using identity-based information and a bilinear map. In a one embodiment, the sender [100] computes an identity-based encryption key from an identifier ID associated with the receiver [110]. The identifier ID may include various types of information such as the receiver's e-mail address, a receiver credential, a message identifier, or a date. The sender uses a bilinear map and the encryption key to compute a secret message key gIDr, which is then used to encrypt a message M, producing ciphertext V to be sent from the sender [100] to the receiver [110] together with an element rP. An identity-based decryption key dID is computed by a private key generator [120] based on the ID associated with the receiver and a secret master key s.

Abstract: A word-oriented technique for generating a pseudo-random sequence, e.g., a keystream (17) for use in a stream cipher. Specifically, the technique utilizes two different arrays (653, 657) with each array having illustratively 256 32-bit elements. One array (653) contains a 256 element 32-bit S-box. An output stream generated by the S-box, i.e., St, is applied as one input to a first hash function. This hash function, in response to input St multiplied by a variable, C, provides the output keystream. S-box element St is then updated through a second hash function having, as its input, the current value of St multiplied by the variable C. The variable, C, initially a random variable, is itself updated, for use during a next iteration, through an additive combination, of its current value and a corresponding element in the second array (G), i.e., Gt. Both the S-box and G array can be initialized by, e.g., entirely filling each of these arrays with random 32-bit values.

Abstract: A method and apparatus are provided for protecting sensitive information within server or other computing environments. Numerous electronic requests addressed to a server system are received over network couplings and evaluated. The evaluation scans for sensitive information including credit card information and private user information. Upon detecting sensitive data, cryptographic operations are applied to the sensitive data. When the sensitive data is being transferred to the server system, the cryptographic operations encrypt the sensitive data prior to transfer among components of the server system. When sensitive data is being transferred from the server system, the cryptographic operations decrypt the sensitive data prior to transfer among the network couplings. The cryptographic operations also include hash, and keyed hash operations.

Abstract: Presented is a method and system for improving the efficiency of network security protections communication protocols such as Secure Socket Layer (“SSL”) using enhanced Rivest-Shamir-Adleman (“RSA”) encryption and decryption techniques. During the establishment of the initial handshake of SSL communications, where a client is coupled to a server, the server generates a RSA public/private key pair. The public key is formed using two distinct prime numbers. By reducing the size of these prime numbers and arriving at the decrypted message using the Chinese Remainder Theorem, the efficiency of establishing a secure communications session is increased. Likewise if during generation of the public key, the prime numbers possess a mathematical relationship to the public key such that the prime numbers are on the order of a third of the size of the public key then the efficiency of establishing the initial handshake is again improved.

Abstract: A method and system for efficiently conducting secure communications in a commuter network are provided. Secure communications in a network are typically of the Secure Socket Layer (“SSL”) and Transport Layer Security (“TLS”) formats. These formats require the server to decrypt numerous encrypted messages at the cost of efficiency and speed. By combining the encrypted messages into a batch and utilizing a Rivest-Shamir-Adleman (“RSA”) batch decryption algorithm, the efficiency of the decryption is improved. Methods for improving this process include replacing the required number of divisions and inversion with more efficient multiplication operations. Further computation savings are realized by reducing the number of exponentiations and structuring the batches of encrypted messages to contain balanced exponents.

Abstract: A method and system for securing network communications are provided. In a network a Secure Reverse Proxy (“SRP”) is placed among a server and a client where the client and SRP establish a secure connection using TLS protocol. Upon receiving a request from the client for a secure HTTP page, the SRP determines if the secure page is maintained in its cache. If the page is present, the SRP responds to the client by sending the requested secure HTTP page without contacting the server. If the page is not contained within the SRP's cache, the SRP establishes secure TLS connection with the server and forwards the request for the HTTP page. Receiving the HTTP page from the server, the SRP places it in its cache for future use. Having the page in its cache the SRP retrieves the page, encrypts it, and sends it to the requesting client. Subsequent requests for the same page do not involve the server enhancing the efficiency of network operations.

Abstract: A word-oriented technique for generating a pseudo-random sequence, e.g., a keystream (17) for use in a stream cipher. Specifically, the technique utilizes two different arrays (653, 657) with each array having illustratively 256 32-bit elements. One array (653) contains a 256 element 32-bit S-box. An output stream generated by the S-box, i.e., St, is applied as one input to a first hash function. This hash function, in response to input St multiplied by a variable, C, provides the output keystream. S-box element St is then updated through a second hash function having, as its input, the current value of St multiplied by the variable C. The variable, C, initially a random variable, is itself updated, for use during a next iteration, through an additive combination, of its current value and a corresponding element in the second array (G), i.e., Gt. Both the S-box and G array can be initialized by, e.g., entirely filling each of these arrays with random 32-bit values.

Abstract: A system enables a user to remove a file from a file system and from all backup tapes without ever mounting a single tape. When a file is backed up, it is first encrypted using a randomly generated key and then backed up. When the user wishes to remove the file from the backup tape, the key used to encrypt the file is deleted. Deleting the encryption key renders the data on the tape inaccessible. No one, including the file owner, can ever access the file again. The encrypt before-backup method is completely transparent to the user. Only the computer system's operating system knows which key was used to encrypt the file during backup. This ensures that when the operating system is instructed to delete the encryption key, the key is "lost" forever and thus the backed up files become unreadable. Unlike prior cryptographic file systems, the revoked backup files are inaccessible to both the user and others.