Abstract: A facility is described for analyzing access control configurations. In various embodiments, the facility comprises an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between principals and resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report.

Abstract: A method and apparatus are disclosed for using a single credential request (e.g., registered public key or ECQV certificate) to obtain a plurality of credentials in a secure digital communication system having a plurality of trusted certificate authority CA entities and one or more subscriber entities A. In this way, entity A can be provisioned onto multiple PKI networks by leveraging a single registered public key or implicit certificate as a credential request to one or more CA entities to obtain additional credentials, where each additional credential can be used to derive additional public key-private key pairs for the entity A.

Abstract: A workpiece carrier for supporting a plurality of workpieces, the workpiece carrier comprising a supporting body including a plurality of workpiece support elements, each for supporting a workpiece and providing for individual positioning of the same, the workpiece support elements each including at least one biasing element for applying a biasing force to an edge of the respective workpiece, at least one first cam for acting on an edge of the respective workpiece at a first location against the bias of the at least one biasing element, and at least one second cam for acting on an edge of the respective workpiece at a second location against the bias of the at least one biasing element, wherein the at least one first cam and the at least one second cam are operable such as to enable the position of the respective workpiece to be set relative to the supporting body.

Abstract: A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.

Abstract: A method for hindering a cold boot attack on a user equipment (UE) is provided. The method includes, in response to detection of the cold boot attack, executing prioritized security procedures. A user equipment (UE) is also provided that includes a processor configured to execute prioritized security procedures responsive to detection of a cold boot attack.

Abstract: Techniques are disclosed for utilizing a block Montgomery machine designed only to operate at a fixed block length to perform operations using non-block length (flexible)moduli. In one embodiment, a new modulus n? is obtained having a block length equal to the fixed block length of the Montgomery machine or a multiple thereof. At least one modular additive operation is performed with the new modulus n?, and at least one modular multiplicative operation is performed with the non-block length modulus n. In this way, the result of the at least one additive operation is sufficiently reduced when a carry stems from the additive operation.

Abstract: There are disclosed systems and methods for authenticating a mobile device by a network and/or for generating one or more keys that can be used for securely transmitting data between the mobile device and the network. In one embodiment, the following operations are performed by a mobile device: (i) the mobile device participates in at least a portion of a key agreement protocol with a network to compute a secret value; (ii) the mobile device obtains a response value derived from the secret value; and (iii) the mobile device sends the response value to a verification entity for use in authenticating the mobile device. There are also disclosed systems and methods for authenticating a network by a mobile device.

Abstract: A cryptographic module and a computing device implemented method for securing data using a cryptographic module is provided. The cryptographic module may include an input component for receiving a password, an output component for outputting data to the computing device, a random number generator for generating a random number and a module processor operative to generate at least one cryptographic key using the generated random number, and to record an association between the received password linking the received password with the at least one cryptographic key in a data store accessible to the cryptographic module.

Abstract: The necklace clasp fastener for a string of beads consists of a male bead member, and a female bead member, that do not have any visible loop or eyelets for assembling and holding a string of beads together when the male and female bead members are snapped together. The resulting bead configured clasp is almost undetectable from the outside of the beaded necklace which creates an unbroken, unified string of beads for a much more aesthetic and beautiful piece of jewelry. The improved clasp of the invention provides a safety feature to guard against breakage. The two parts are designed to snap together with enough force to hold the necklace on the wearer under normal wear and use. If, however, the necklace catches on to something, the clasp will release easily from the wearer instead of breaking the necklace, and releasing the beads all over the place.

Abstract: There are disclosed systems and methods for computing an exponentiatied message. In one embodiment blinding is maintained during the application of a Chinese Remainder Theorem (CRT) algorithm and then removed subsequent to the completion of the CRT algorithm. In another embodiment, fault injection attacks, such as the gcd attack, can be inhibited by applying and retaining blinding during the application of the CRT algorithm to yield a blinded exponentiation value, and then subsequently removing the blinding in a manner that causes an error injected into the CRT computation to cascade into the exponent of the value used to unblind the blinded exponentiated value.

Abstract: A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.

Abstract: A system and method are described that provide an alternative way in which to produce a Montgomery reduction from below by storing a new precomputed value used to substantially replace the ? and n values used in Montgomery reduction with a single value. By modifying the Montgomery reduction mechanism in this way, the number of multiplications and registers required to effect the Montgomery reduction can be reduced. To avoid having to store both ? and n, a modified reduction value or a logical shift or signed version of such a value can be used in place of ? and n for the bulk of the low-order reduction.

Abstract: An authentication device is used to authenticate a component to a product using a secret key. The life cycle of the authentication device is controlled by selective deletion of the secret key. An attestation message is sent by the authentication device upon deletion of the secret key. Authentication devices from faulty components or over supply of the authentication devices ma}? be rendered inoperable and audited.

Abstract: A potential bias in the generation of a private key is avoided by selecting the key and comparing it against the system parameters. If a predetermined condition is attained it is accepted. If not it is rejected and a new key is generated.

Abstract: A facility is described for analyzing access control configurations. In various embodiments, the facility comprises an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between principals and resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report.

Abstract: A method and apparatus are disclosed for using a single credential request (e.g., registered public key or ECQV certificate) to obtain a plurality of credentials in a secure digital communication system having a plurality of trusted certificate authority CA entities and one or more subscriber entities A. In this way, entity A can be provisioned onto multiple PKI networks by leveraging a single registered public key or implicit certificate as a credential request to one or more CA entities to obtain additional credentials, where each additional credential can be used to derive additional public key-private key pairs for the entity A.

Abstract: Methods and systems for squaring a binary finite field element are described. In some aspects, a data processing apparatus includes registers and processor logic. A first register stores a sequence of binary values that define a binary finite field element input. The processor logic accesses input components from the first register according to intervals in the sequence. Each input component includes a binary value from each interval in the sequence. In some cases, the intervals are periodic and the binary finite field element corresponds to a sum of phase-shifted input components. The processor logic generates output components based on the input components. The processor logic generates a square of the binary finite field element in the second register based on the output components. The number of input components can be selected, for example, to balance costs of additional processing time against benefits associated with reduced processing hardware.

Abstract: Methods, systems, and computer programs for managing authentication data for an authentication device are disclosed. An authentication device may be included, for example, in a mobile device battery so that the battery can be authenticated by a mobile device. In some implementations, encrypted certificate data are stored on an authentication device. The encrypted certificate data are accessed, and unencrypted certificate data are generated by decrypting the encrypted certificate data. The unencrypted certificate data are stored on the authentication device. The unencrypted certificate data enable the authentication device to provide a valid reply message, for example, in response to receiving an interrogation message from an interrogation device. In some implementations, the reply message includes the unencrypted certificate data and a response value generated by the authentication device based on a secret value.

Abstract: An efficient implementation of SHA-512, and similarly SHA-384, on an ARM processor. The implementation maximizes reuse of the register values between iterations so as to minimize the need to load these values from memory. This is achieved by categorizing the iterations into even and odd ones such that the sequence of computation in the even iteration is reversed in the odd iteration and the register values at the end of one iteration are consumed at the beginning of the following one.

Abstract: Methods, systems, and computer programs for interrogating an authentication device are disclosed. For example, a mobile device can include an interrogator module that interrogates an authentication module in a mobile device accessory, for example, upon installation of the mobile device accessory. In some implementations, challenge-response pairs and a challenge-response distribution are stored in a memory of an interrogator module. The challenge-response distribution defines selection probabilities for the challenge values. In some instances, the interrogator module receives an authentication request from an authentication module, and in response to the authentication request, the interrogator module selects an initial challenge value according to the challenge-response distribution. The interrogator module sends the authentication module an interrogation message that includes the initial challenge value.