Abstract: Described herein is one or more implementations for allowing a user access to a unique data subset of a database.

Abstract: Described herein are one or more implementations that generate and encrypted content data structure package and/or data tree.

Abstract: Described herein are one or more data signal implementations having at least a database and a compressed key.

Abstract: An exclusive encryption system is established using multiple computing devices. The exclusive encryption system allows for the exclusion of certain plaintext (e.g., by one of the computing devices) and ciphertext (e.g., by another of the computing devices) while at the same time maintaining the privacy created by the encryption (e.g., so the other computing device cannot see the plaintext). The exclusive encryption system may be implemented as part of a serverless distributed file system with directory entries (e.g., file names or folder names) being the plaintext, or alternatively as part of other systems.

Abstract: An exclusive encryption system is established using multiple computing devices. The exclusive encryption system allows for the exclusion of certain plaintext (e.g., by one of the computing devices) and ciphertext (e.g., by another of the computing devices) while at the same time maintaining the privacy created by the encryption (e.g., so the other computing device cannot see the plaintext). The exclusive encryption system may be implemented as part of a serverless distributed file system with directory entries (e.g., file names or folder names) being the plaintext, or alternatively as part of other systems.

Abstract: An “audio challenger” operates by first defining a library of a finite number of discrete audio objects including spoken sounds, such as, for example, individual digits, letters, numbers, words, etc., or combinations of two or more digits, letters, numbers, or words. The spoken sounds are either automatically generated by a computer, or recorded from one or more actual spoken voices. Given this library of audio objects, the audio challenger automatically selects one or more audio objects from the library and concatenates the objects into an audio string that is then automatically processed to add one or more distortions to create a “challenge string.” The distorted challenge string is then presented to an unknown party for identification. If the unknown party correctly identifies the challenge string, then the unknown party is deemed to be a human operator. Otherwise, the unknown party is deemed to be another computer.

Abstract: Secure communication between a keyboard and a component, such as a piece of software running on a computer. A first initial value is known to both the keyboard and the component. The keyboard and the component exchange nonces. The keyboard and the component each compute a second initial value and a third initial value based on the nonces and the first initial value. Both the keyboard and the component perform the same computation, so that the keyboard and the component each have the same second and third initial values. The keyboard encrypts keystrokes destined for the component using CBC-3DES based on the key and the second initial value, and also creates a message authentication code for each keystroke using CBC-3DESMAC based on the key and the third initial value. The component decrypts and verifies the keystrokes using the key and the second and third initial values.

Abstract: This invention concerns a system and method for securely distributing subsetted fonts from a distributor to a client. The system includes a signing module to construct an authentication tree having leaves formed of glyphs, one or more intermediate levels of nodes computed as one-way functions of the glyphs, and a root computed as a one-way function of the nodes. The signing module digitally signs the root of the authentication tree using a private signing key unique to the font creator or distributor. The system has a subsetting module to construct a font subset file that contains selected glyphs and other data to be included in a font subset. The font subset file also holds the digitally signed root of the font authentication tree and one or more authentication values of the authentication tree that represents non-selected glyphs and data of the font that are not contained in the font subset. The font subset file is distributed to requesting clients.

Abstract: An online commerce system facilitates online commerce over a public network using an online commerce card. The "card" does not exist in physical form, but instead exists in digital form. It is assigned a customer account number that includes digits for a prefix number for bank-handling information, digits for a customer identification number, digits reserved for an embedded code number, and a digit for check sum. The bank also gives the customer a private key. During an online transaction, the customer computer retrieves the private key and customer account number from storage. The customer computer generates a code number as a function of the private key, customer-specific data (e.g, card-holder's name, account number, etc.) and transaction-specific data (e.g., transaction amount, merchant ID, goods ID, time, transaction date, etc.). The customer computer embeds the code number in the reserved digits of the customer account number to create a transaction number specific to the transaction.

Abstract: A system includes a portable information device and a computing unit, and is architected to enable the portable information device to identify its type and properties to the computing unit. The portable information device has a processor and a memory. The memory stores a device class tag which is indicative of a type of the portable information device. When communication is established between the portable information device and the computing unit, the portable information device sends an initial message which includes a result of a mathematical operation involving the device class tag. The mathematical operation renders it computationally difficult or infeasible to deduce the device class tag from the result so that the device class tag is not exposed from the portable information device. The result might be a hash value of the device class tag which is derived using a hashing function, or data that has been signed using the device class tag as a private signing key.

Abstract: This invention provides a computer-implemented method for performing a modular reduction operation "X mod M" and doing modular arithmetic on a computer. In a first stage of the method, the number X=<x.sub.k x.sub.k-1 . . . x.sub.1 x.sub.0 >, written in base .alpha., is reduced from k+1 blocks to an n+1 block integer Y that is equivalent to X modulo M. The stage one process is achieved via a reduce-and-compensate scheme that involves a series of simple multiply and add/subtract operations that are much faster than conventional techniques for performing the division remainder operation "X mod M." The reduction phase requires reducing the number X to an intermediate value that is equal to X mod .alpha..sup.k. The compensate phase requires adjustment by an amount sufficient to produce an incrementally reduced value X.sub.R which is equivalent to X modulo M. This compensate phase can be implemented by adding back a multiple of .alpha..sup.n+1 mod M, or by subtracting a multiple of M-(.alpha..sup.n+1 mod M).