Abstract: A method of searching encrypted data includes generating with a client computing device a search index identifier corresponding to a search term in an encrypted search table and transmitting the search index identifier, a first single use key and a second single use key to a server. The method includes generating a set of decrypted data with the server for a set of data in an encrypted search table corresponding to the search index identifier using the first single use key to decrypt a first portion of the data and the second single use key to decrypt a second portion of the data. The method further includes identifying one or more encrypted files stored on the server that include the encrypted search term based on the decrypted data from the search table, and transmitting the encrypted files or encrypted file identifiers to the client computing device.

Abstract: A method of authenticating a device and a user comprises obtaining a device ID for the device, performing a biometric measurement of the user, obtaining helper data for the user, and generating a key from the biometric measurement and helper data. There is then generated a message comprising the key or a component derived from the key, which transmitted to a remote service, and at the service there is carried out the step of authenticating the device and the user with the message. In a preferred embodiment, the generating of the key further comprises generating the key from the device ID.

Abstract: In a counter mode encryption scheme, a sending device sends a first message including first cipher text and a first counter used to generate the first cipher text to a receiving device for decryption. The sending device subsequently generates a second counter for generating second cipher text. The sending device sends a second message including the second cipher text and intermediate state data corresponding to a change between the first counter second counter to the receiving device for decryption. The intermediate state data are represented by a smaller number of bits than the first counter. The method enables improved counter mode encrypted communication in networks that lose one or more intermediate messages between the first message and the second message.

Abstract: In a method of network communication that mitigates denial of service attacks, a server broadcasts cryptographic puzzles with certain time intervals, where each puzzle is only valid for the given time interval. A client receives the puzzle, generates a solution for the puzzle, and sends a network request to the server along with the solution of the puzzle. The server verifies the puzzle solution. If the puzzle solution is valid and received within a designated validity time period, then the server processes the request of the client. The server generates the puzzle and transmits the puzzle to the client before the client generates a request for services from the server.

Abstract: In a counter mode encryption scheme, a sending device sends a first message including first cipher text and a first counter used to generate the first cipher text to a receiving device for decryption. The sending device subsequently generates a second counter for generating second cipher text. The sending device sends a second message including the second cipher text and intermediate state data corresponding to a change between the first counter second counter to the receiving device for decryption. The intermediate state data are represented by a smaller number of bits than the first counter. The method enables improved counter mode encrypted communication in networks that lose one or more intermediate messages between the first message and the second message.

Abstract: A method for operating a computing system with a trusted processor include generating a secret cryptographic key based on a physically unclonable function in at least one hardware component in the trusted processor, generating a first public key and first private key using first secret cryptographic key, and executing instruction code corresponding to a first software program. The method further includes generating output data with the trusted processor during execution of the first software program, generating encrypted data corresponding to the output data using the first public key for at least a portion of the encryption, generating a signature of the encrypted data, and transmitting with an input/output (I/O) interface operatively connected to the trusted processor the encrypted data and the signature for storage in an untrusted memory.

Abstract: A location commissioning method for a lighting system, having several lighting arrangements, includes selecting an illuminated position, assigning the position a position id, measuring light at the position, deriving light data associated with each lighting arrangement from the measured light, associating the light data with the position id, determining light transfer data from the light data and current drive data for the lighting arrangements, and storing in a light effect setting array for the position id. A light effect setting method includes requesting a selected light effect at a selected position, receiving a position id and a target light effect setting associated with the position, deriving the associated initial light effect setting array, for example by retrieving a stored one, determining the drive data for obtaining the target light effect setting, via the light transfer data in the array.

Abstract: It is described a RFID device (231a, 231b, 231c, 331) comprising a data memory (236) and an electronic circuit arrangement (237, 238, 239, 247) coupled thereto. The electronic circuit arrangement has a first and a second operational configuration, wherein by receiving a control command (250a) the electronic circuit arrangement can be switched irreversibly from the first to the second configuration. The RFID device further comprises a communication interface (245) being coupled to the electronic circuit arrangement. In the first configuration the RFID device is adapted to communicate with a standard RFID reader (110) via the communication interface. In the second configuration the communication with the standard RFID reader is disabled and the RFID device is adapted to communicate with a readout-RFID device (370). The RFID device may be equipped with a secondary communication interface that can be used to communicate with the RFID device in a privacy-preserving manner.

Abstract: A location commissioning method for a lighting system, having several lighting arrangements, includes selecting an illuminated position, assigning the position a position id, measuring light at the position, deriving light data associated with each lighting arrangement from the measured light, associating the light data with the position id, determining light transfer data from the light data and current drive data for the lighting arrangements, and storing in a light effect setting array for the position id. A light effect setting method includes requesting a selected light effect at a selected position, receiving a position id and a target light effect setting associated with the position, deriving the associated initial light effect setting array, for example by retrieving a stored one, determining the drive data for obtaining the target light effect setting, via the light transfer data in the array.

Abstract: A method for controlling data access to and from an RFID device wherein the RFID reading device authenticates himself to the RFID device before the RFID device communicates with the RFID reading device. The RFID device is equipped with a physically uncloneable function, which is adapted to produce a unique but unpredictable response signal upon receiving a predefined challenging signal. During an enrolement of the RFID device, a first response signal is uniquely associated with a first challenging signal and is stored in a memory of the RFID device. The first challenging signal represents a password for opening further data communication with the RFID device. When a RFID reading device queries the RFID device with a second challenging signal, the RFID device compares a corresponding second response signal with the first response signal stored during enrollment and only if there is a match, responds with its identifier.

Abstract: A location commissioning method for a lighting system, having several lighting arrangements, includes selecting an illuminated position, assigning the position a position id, measuring light at the position, deriving light data associated with each lighting arrangement from the measured light, associating the light data with the position id, determining light transfer data from the light data and current drive data for the lighting arrangements, and storing in a light effect setting array for the position id. A light effect setting method includes requesting a selected light effect at a selected position, receiving a position id and a target light effect setting associated with the position, deriving the associated initial light effect setting array, for example by retrieving a stored one, determining the drive data for obtaining the target light effect setting, via the light transfer data in the array.

Abstract: A method of authenticating a device and a user comprises obtaining a device ID for the device, performing a biometric measurement of the user, obtaining helper data for the user, and generating a key from the biometric measurement and helper data. There is then generated a message comprising the key or a component derived from the key, which transmitted to a remote service, and at the service there is carried out the step of authenticating the device and the user with the message. In a preferred embodiment, the generating of the key further comprises generating the key from the device ID.

Abstract: A method of generating a response to a physically unclonable function, said response being uniquely representative of the identity of a device having challengeable memory, the memory comprising a plurality of logical locations each having at least two possible logical states, the method comprising applying a challenge signal to an input of said memory so as to cause each of said logical locations to enter one of said two possible logical states and thereby generate a response pattern of logical states, said response pattern being dependent on said physically unclonable function which is defined by, the physical characteristics of said memory, the method further comprising reading out said response pattern.

Abstract: A method of authenticating a device and a user comprises receiving a user input, generating a first key from the user input, performing a physical measurement of the device, obtaining helper data for the device, computing a second key from the physical measurement and the helper data, and performing an operation using the first and second keys. In a preferred embodiment, the method comprises performing a defined function on the first and second keys to obtain a third key. Additionally security can be provided by the step of receiving a user input comprising performing a biometric measurement of the user and the step of generating a first key from the user input comprises obtaining helper data for the user and computing the first key from the biometric measurement and the user helper data.

Abstract: An error detection device for an address decoder converting an input address to an associated output address out of a plurality of valid output addresses using a 1-out-of-n decoder, the error detection device including a regenerator for generating a regenerated address on the basis of the output address from the 1-out-of-n decoder, and a comparer for receiving the input address and the regenerated address and to output a signal, on the basis of a comparison of the input address and the regenerated address, which indicates an error in the conversion of the input address to the output address if the input address and the regenerated address do not match, and which indicates an error-free conversion of the input address to the output address if the input address equals the regenerated address.

Abstract: The present invention relates to a location commissioning method for a lighting system, which comprises several lighting arrangements. Thus, an illuminated position, of for example a room, is selected for the performing the commissioning, which is then associated with that position. This commissioning is called Luxissioning™. The position is assigned a position id, and the light at the position is measured. Light data associated with each one of the lighting arrangements is derived from the measured light, and the light data is associated with the position id. Light transfer data is determined on basis of the light data and current drive data for the lighting arrangements and stored in a light effect setting array for the position id. A light effect setting method is also present, where there is requested a selected light effect at a selected position. For each such request data comprising a position id and a target light effect setting associated with the position is received.

Abstract: The present invention relates to an electronic device, comprising a physical uncloneable function (PUF) module, and circuitry adapted to receive a cryptographic query (?) from an electronic unit, read, from the PUF module, data generated at a challenge of the PUF module, and generate a cryptographic response (?) based on the data, a random noise component comprised in the data, and the cryptographic query (?), thereby enabling authentication of the electronic device. An advantage with the invention is that it will not be necessary to include an additional random generator together with the electronic device, as the fuzzy output provided by the PUF module can be seen as already containing a random noise component. In some cryptographic schemes, the random noise provides for a possibility to reach a higher level of security and to minimize the possibility for a third party to find patterns in cryptographic responses generated during use of the electronic device.

Abstract: It is described a method for controlling data access to and from an RFID device (230). Thereby, an RFID reading device (210b) authenticates himself to the RFID device (230) before the RFID device (230) communicates with the RFID reading device (210b). The RFID device (230) is equipped with a physically uncloneable function (237), which is adapted to produce a unique but unpredictable response signal (R1, R2) upon receiving a predefined challenging signal (C1, C2). During an enrolment of the RFID device a first response signal (R1) being uniquely associated with a first challenging signal (C1) is stored in a memory (238) of the RFID device (230). The first challenging signal (C1) represents a password for opening further data communication with the RFID device (230).

Abstract: It is described a RFID device (231a, 231b, 231c, 331) comprising a data memory (236) and an electronic circuit arrangement (237, 238, 239, 247) coupled thereto. The electronic circuit arrangement has a first and a second operational configuration, wherein by receiving a control command (250a) the electronic circuit arrangement can be switched irreversibly from the first to the second configuration. The RFID device further comprises a communication interface (245) being coupled to the electronic circuit arrangement. In the first configuration the RFID device is adapted to communicate with a standard RFID reader (110) via the communication interface. In the second configuration the communication with the standard RFID reader is disabled and the RFID device is adapted to communicate with a readout-RFID device (370). The RFID device may be equipped with a secondary communication interface that can be used to communicate with the RFID device in a privacy-preserving manner.

Abstract: An error detection device for an address decoder converting an input address to an associated output address out of a plurality of valid output addresses using a 1-out-of-n decoder, the error detection device including a regenerator for generating a regenerated address on the basis of the output address from the 1-out-of-n decoder, and a comparer for receiving the input address and the regenerated address and to output a signal, on the basis of a comparison of the input address and the regenerated address, which indicates an error in the conversion of the input address to the output address if the input address and the regenerated address do not match, and which indicates an error-free conversion of the input address to the output address if the input address equals the regenerated address.