Abstract: A message to be signed and a base name point derived from a direct anonymous attestation (DAA) credential may be provided to a device. A signed version of the message and a public key value associated with the base name point may be received in response. Thereafter, the DAA credential may be determined to be valid based on the signed version of the message.

Abstract: Compliance to a policy about how to treat data in a computer network environment is ensured by checking that conditions in the policy are satisfied by the entity before access to the data is provided.

Abstract: One example discloses a data manager of a data collector (DCDM) executing on a virtual machine for managing sensitive data. The DCDM can have a conformance certificate that characterizes functionality of the DCDM. The DCDM can request sensitive data from a data subject, wherein the request for the sensitive data includes the conformance certificate. The DCDM can further receive, in response to the request, the sensitive data encrypted with an encrypted secret key. The secret key can be decrypt-able with a private key stored at a trusted platform module for the data collector (DCTPM).

Abstract: A digital signature method, a method for initializing a digital signature scheme, a system for digitally signing a message and a computer program product are described. At least the digital signature method involves a signer having a weak security parameter. The signer retrieves a cryptographic element from each of a plurality of computing entities. Each cryptographic element is a function of a commitment supplied by the signer and the commitment includes a cryptographic function of a weak security parameter provided by the signer. A strong cryptographic security parameter is generated using a plurality of said elements. A message is then signed according to the digital signature scheme using the strong cryptographic security parameter to generate a digital signature.

Abstract: Examples disclosed herein relate to estimating a quantity of exploitable security vulnerabilities in a release of an application. Examples include acquiring a source code analysis result representing a number of source code issues identified by source code analysis in a target release of an application. Examples further include estimating a quantity of exploitable security vulnerabilities contained in the target release of the application based on the source code analysis result and metrics for a plurality of historic releases of the application.

Abstract: A method includes generating a randomized base point and causing the randomized base point and a private key to be loaded into a signature engine device. The method also includes signing a message using the randomized base point and the private key as a base point as well as the private key in an elliptic curve cryptographic (ECC) signature.

Abstract: A method of extending an integrity measurement in a trusted device operating in an embedded trusted platform by using a set of policy commands to extend a list of Platform Configuration Registers (PCRs) for the device and the current values of the listed PCRs and an integrity value identifying the integrity measurement into a policy register, verify a signature over the integrity value extended into the policy register, and, if verification succeeds, extend a verification key of the trusted platform, plus an indication that it is a verification key, into the policy register, compare the integrity value extended into the policy register with a value stored in the trusted platform, and, if they are the same: extend the stored value, plus an indication that it is a stored value, into the policy register, and extend the integrity measurement in the trusted device if the value in the policy register matches a value stored with the integrity measurement.

Abstract: An authentication method of a first module by a second module includes the steps of generating a first random datum by the second module to be sent to the first module, generating a first number by the first module starting from the first datum and by way of a private key, and generating a second number by the second module to be compared with the first number, so as to authenticate the first module. The step of generating the second number is performed starting from public parameters and is independent of the step of generating the first number.

Abstract: Methods and apparatus for managing document workflow, including generating a nonce for providing participant access for a particular step of the document workflow, generating a first number of nonce elements, and assigning nonce elements to a plurality of participants of a step of the document workflow preceding the particular step in a one-to-one correspondence. The nonce is determinate from a number of the nonce elements that is greater than or equal to a second number and less than or equal to the first number.

Abstract: A message to be signed and a base name point derived from a direct anonymous attestation (DAA) credential may be provided to a device. A signed version of the message and a public key value associated with the base name point may be received in response. Thereafter, the DAA credential may be determined to be valid based on the signed version of the message.

Abstract: A workflow order is created for the object. Public parameters are received from a key generation center at a computer associated with an object master. A public key is generated at the computer system based on a user identifier and the public parameters, wherein the user identifier is comprised of user related information. The object is encrypted using the public key such that the object cannot be opened without the a private key, wherein the object is a composite document comprising multiple elements of documents of different formats, and wherein the private key is generated in response to a request from an authenticated user using the user identifier at the key generation center. Access to the multiple elements of the object is controlled based on workflow order.

Abstract: Compliance to a policy about how to treat data in a computer network environment is ensured by checking that conditions in the policy are satisfied by the entity before access to the data is provided.

Abstract: A method is described by which the possessor of a secret certified in a particular manner can prove to a party with which the possessor of a secret needs to interact that it does indeed possess a secret formed in the proper manner. In the context of trusted computing apparatus, this can be used to show that the secret has been provided by a legitimate manufacturer of such apparatus. A method and an architecture for revocation operable in this context is also described.

Abstract: A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor.

Abstract: Apparatus and methods of creating digital signatures include storing a credential received from an external issuing entity at a host device associated with a signature engine. After agreeing on a message with a verifying entity, the host device may transmit a version of the credential with a signature from the associated signature engine for the message to the verifying entity. The verifying entity may determine from the version of the credential and the digital signature whether the credential originated from a trusted issuing entity.

Abstract: Identifier-based signcryption methods and apparatus are disclosed both for signing and encrypting data, and for decrypting and verifying data. The signcryption methods use computable bilinear mappings and can be based, for example, on Weil or Tate pairings. A message sender associated with a first trusted authority carries out integrated signing/encryption processes to send a signed, encrypted message to an intended recipient associated with a second trusted authority. The recipient then carries out integrated decryption/verification processes to recover the original message and verify its origin.

Abstract: A document management system and method are disclosed herein. An example of the document management system includes a composite document generation module that generates a composite document and a secret seed that is associated with an owner or initiator of the composite document, and a key derivation module that derives, from the secret seed and using a key derivation function, at least one of a key for encryption, a key for decryption, a key for signature, or a key for verification for a participant of a workflow associated with the composite document.

Abstract: One example discloses a data manager of a data collector (DCDM) 8 executing on a virtual machine 6 for managing sensitive data. The DCDM 8 can have a conformance certificate that characterizes functionality of the DCDM 8. The DCDM 8 can request sensitive data from a data subject 16, wherein the request for the sensitive data includes the conformance certificate. The DCDM 8 can further receive, in response to the request, the sensitive data encrypted with an encrypted secret key. The secret key can be decrypt-able with a private key stored at a trusted platform module for the data collector (DCTPM) 12.

Abstract: A method includes generating a randomized base point and causing the randomized base point and a private key to be loaded into a signature engine device. The method also includes signing a message using the randomized base point and the private key as a base point as well as the private key in an elliptic curve cryptographic (ECC) signature.

Abstract: Data to be output to a removable storage medium is encrypted for sending to an output device by an encryption process based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a policy for allowing the output of the data. The trusted party provides a decryption key to the output device but only after being satisfied that the policy has been met. The decryption key is generated in dependence on the encryption key string and private data of the trusted party. The output device uses the decryption key in decrypting the data to be output. Embodiments are provided that involve multiple policies and trusted parties.