Abstract: Secret random data is distributed to a plurality of devices to provision them with new one-time pad data for use in interacting with apparatus holding the same one-time pad data. This distribution is effected by provisioning a first device with a block of secret random data that is, or will become, available to the apparatus. Part of the secret random data is then distributed from the first device to one or more other devices in a hierarchical distribution pattern headed by the first device. Each device, other than those at the bottom of the distribution hierarchy, retains part of the secret random data it receives and passes on the remainder. Each device uses that part of the secret random data it has retained to provide the device with new one-time pad data. A method is also provided for tracking service usage based on the distributed one-time pad data.

Abstract: A fantasy sports gaming system and method that uses a multi-tiered promotion and relegation pyramid model structure to reward winners and losers of head to head fantasy sports game league competitions. The promotion and relegation model provides for the league championship winners to compete in a head to head competition for an annual grand championship trophy, accolades, cash rewards and bragging rights.

Abstract: A quantum key distribution (QKD) system is provided that makes use of a quantum signal of polarized photons and comprises a QKD device and complimentary QKD apparatus. The QKD device has a QKD subsystem comprising one of a QKD transmitter and receiver for inter-working with a complimentary QKD receiver or transmitter of said apparatus. The device also has an alignment subsystem arranged to wirelessly interact with the QKD apparatus to enable generation of user feedback and/or adjustment signals for use in aligning the QKD transmitter and receiver such that the QKD transmitter is pointing at the QKD receiver and the polarization axes of the QKD transmitter and receiver are aligned.

Abstract: A device stores one-time pad data for use in carrying out various tasks. In order to preserve the ability to carry out important tasks that require the use of one-time data, use of the one-time pad data held by the device is controlled such that an amount of this one-time pad data is only usable by a predetermined set of important tasks comprising at least a replenishment task for replenishing the device with one-time pad data.

Abstract: To nullify any malicious code potentially contained within a data file, a transformation engine randomly selects a transformation from a number of available file transformations each arranged to alter the bit pattern of a file to which it is applied while still enabling manifestation of at least some of the file's semantic content to a user. The selected transformation is then applied to the data file to produce a transformed file. Preferably, the transformation engine runs in a dedicated virtual machine of a computing platform.

Abstract: A method of verifying the authenticity of a product includes reading data from a data storage device which forms part of the packaging of the product, determining from the data an identity code for the data storage device, a random first identifier allocated to the data storage device by the product manufacturer and a digital signature of a parameter which is based on at least a second identifier not derivable from the data, communicating with the product manufacturer or an entity associated therewith using the random first identifier as a reference, receiving from the product manufacturer or the entity associated therewith the second identifier, and verifying the digital signature using the second identifier.

Abstract: A cryptographic method and apparatus is provided in which an identifier-based encryption process is used to encrypt a message with an identifier string that specifies conditions to be checked by a trusted entity before providing a decrypted form of the encrypted message, or enabling its decryption. A further trusted entity is used to verify the identity of the message sender as indicated by a further identifier string, and to provide the sender with a secret key that the sender uses to generate complimentary signature components. These signature components are sent along with the encrypted message and are used, along with other data including the first identifier string and a public key of the further trusted entity, to authenticate the identity of the message sender.

Abstract: Cryptographic methods are known that involve the computation of a non-degenerate bilinear mapping of first and second elements one of which comprises a secret of a first entity. For a mapping implemented as, for example, a Tate pairing, the mapping is computable by applying a predetermined function to the first and second elements and then exponentiating the result with a known exponent. Improvements in respect of computational loading, size of output, and security are enabled for the first party by arranging for the first entity to carry out only part of the mapping, a second entity being used to complete computation of the mapping. Cryptographic applications using these improvements are also disclosed.

Abstract: A quantum key distribution (QKD) method involves the sending of random data from a QKD transmitter to a QKD receiver over a quantum signal channel, and the QKD transmitter and receiver respectively processing the data transmitted and received over the quantum signal channel in order to seek to derive a common random data set. This processing is effected with the aid of messages exchanged between QKD transmitter and receiver over an insecure classical communication channel. The processing concludes with a check, effected by an exchange of authenticated messages over the classical communication channel, that the QKD transmitter and receiver have derived the same random data set. At least some of the other messages exchanged during processing are exchanged without authentication and integrity checking. A QKD transmitter and QKD receiver are also disclosed.

Abstract: A processing arrangement of a data communication apparatus is arranged to derive an ordered plurality of modulo-2 summations of respective selections of data bits of a binary data set. The data communication apparatus may either be transmitting apparatus with the processing arrangement serving to determine a target syndrome for subsequent use in error correction, or receiving apparatus with the data processing arrangement being arranged to effect error correction of received data. The processing arrangement effects its selections of bits from the binary data set in accordance with the interconnection of nodes in a logical network of nodes and edges that together define at least a continuum (70) of cells covering a finite toroid. The structuring provided to bit selection by this continuum (70) can be offset by randomness provided by other structures (90) of the network and by the random association of bits of the binary data set with the nodes of the continuum.

Abstract: A cryptographic method and apparatus is provided in which a first party receives and modifies a public key for which there exists a corresponding private key held by a second party. The public key is modified by exponentiating at least one element of the received public key using as exponent a hash of a string that comprises information concerning at least one action to be taken by the second party. The string is made available to the second party to enable the latter to modify its private key to compliment the modified public key. In a preferred embodiment, the method and apparatus are applied to the use of the ElGamal encryption/decryption scheme, with the second party acting as a trusted authority that only releases the decrypted message to a third party if the latter satisfies an identity condition specified in the string.

Abstract: A distributed data processing system includes individual data processing units that automatically communicate with a centralised data management unit in response to information objects being received or accessed by the data processing units. Data associated with information objects is communicated to the data management unit, thereby facilitating the automatic management of the information objects within the system.

Abstract: An indicator signal monitoring process receives the sequential transmission of an indicator signal that is repeatedly broadcast by a primary intended recipient of attributable security interest messages. A recipient offline determination process determines that the primary intended recipient is offline whenever the indicator signal is not received for a defined failure period.

Abstract: A secure transaction method is provided for publicly-accessible transaction terminals. The method uses quantum key distribution (QKD) between a hand-portable QKD device and a complimentary QKD apparatus incorporated the transaction terminal. After the QKD device has been brought up to the transaction terminal, the QKD device and the complimentary QKD apparatus of the terminal are is used to provide the device and terminal with new secret shared random material. The new secret shared random material is then used to establish a secure classical communication channel between the device and transaction terminal for conducting a transaction. An ATM terminal and POS terminal that use quantum key distribution are also disclosed.

Abstract: A physical object comprises one or more memory circuits adapted to be read wirelessly by a reader device attached to or incorporated within the physical object. Data in the memory circuit is protected from access by an unauthorised reader. Data in the memory circuit is also adapted to identify an authorised bearer of the physical object. Moreover, data in the memory circuit is adapted to allow access to a specified asset or assets by the authorised bearer.

Abstract: The invention provides a heavy duty rim assembly (10) for use with a moulded or cast non-inflatable tyre, a wheel (100) including such a rim assembly and tyre (102), a mould (200) for such a tyre, and a method of manufacturing such a wheel. The rim assembly includes a nave (12) for mounting on a vehicle axle, a hollow barrel (14) around the nave, and a plurality of key members (16) around the barrel. The key members, in use, provide for effective bonding and keying of the rim assembly with the non-inflatable tyre. The key members define a belt (46) around the barrel, the belt being at least substantially concentric with and spaced apart from the barrel. The key members define holes (36) therethrough for tyre material to extend through in a completed wheel.

Abstract: A security method and apparatus is provided in which a trusted authority is arranged to read in identity data from a memory device presented by an individual. This identity data comprises both biometric data of a specific individual ,and additional identity data concerning the same individual. The trusted authority uses the biometric data as a biometric reference for comparison with biometric characteristics of the individual presenting the memory card in order to determine whether the latter is the individual represented by the biometric data. The trusted authority uses the additional identity data or matching data, together with private data of the trusted authority, to generate a decryption key. This decryption key is apt to decrypt data encrypted using both an encryption key string comprising the additional identity data of the specific individual and public data of the trusted authority.

Abstract: A first party has a first and a second cryptographic key. A second party has a third and a fourth cryptographic key, the fourth cryptographic key being derived from the first and third cryptographic keys thereby providing an association between the parties. To enable a third party to verify the existence of an association between the first and second parties, the second party generates a number that in association with the second cryptographic key, the third cryptographic key and the fourth cryptographic key define a first cryptographic parameter, a second cryptographic parameter and a third cryptographic parameter respectively. By using these parameters and the second and third cryptographic keys, the third party can verify if the first and second parties are associated.

Abstract: A tamper evident security lock includes a tamper evident security system to indicate whether the tamper evident security lock has been improperly accessed. The tamper evident security system includes a tamper evident security module that invokes different sets of logic to generate a sequence of characters displayable through a viewing window incorporated into the tamper evident security lock. The tamper evident security system may also include a processor activatable by an actuator in communication with a shackle or other component of the tamper evident security lock. The shackle works in conjunction with the actuator to activate the processor, and when the processor is activated, the tamper evident security system generates the sequence of characters. The sequence of characters may change each time the processor is activated so that a person authorized to unlock the tamper evident security lock can identify whether the tamper evident security lock was improperly accessed.

Abstract: First data to be sent by a first party to a second party is encrypted using an encryption key string formed using at least a hash value generated using second data and a secret, shared with a trusted party, that serves as identification of the first party. The second data comprises, for example, one or more conditions that serve as identifiers of the second party, and a hash-value element generated by hashing the first data. The encrypted first data and the encryption key string is made available to the second party which forwards the encryption key string to the trusted party with a request for the corresponding decryption key. The trusted party carries out at least one check on the basis of data contained in the encryption key string and, if this at least one check is satisfactory, provides a decryption key to the second party.