Abstract: A method for performing a m-ary right-to-left exponentiation using a base x, a secret exponent d and a modulus N, wherein m is a power of 2.

Abstract: The present invention concerns a method and a device for encrypting an encoded scalable enhancement frame sent by an emitter to a receiver, the enhancement frame comprising a plurality of complementary streams ordered in term of quality level, each complementary stream corresponding to a combination of more than one scalability type, where a complementary stream of a lower quality level corresponds to a lower quality on each scalability type, comprising at the level of the emitter the steps of generating a key per complementary stream for encrypting said complementary stream in such a way that all scalability types can be either simultaneously or individually used, said keys being generated in such a way that only the keys of the complementary streams of quality levels lower than the quality level of a complementary stream can be obtained from the key of said complementary stream, and sending the key of a complementary stream corresponding to a required quality level to the receiver, the key permitting a rece

Abstract: An encryption chaining mode takes plaintext block N, generates encryption key N by combining, preferably by XOR, encryption key N-1 and plaintext block N-1 and encrypts plaintext block N using an encryption algorithm with encryption key N to output ciphertext block N. Encryption key for the first plaitnext block is generated by XOR-ing a random Initialization vector and a random intialization key K. In a preferred embodiment, initialization key K is subkeys resulting form a key schedule algorithm and encryption key N-1 is only one of the subkeys. Encryption key for the first plaintext block is generated by XOR-ing a random Initialization vector and one subkey resulting form a key schedule algorithm. Also provided is a corresponding decryption method, an encryption device, a decryption device.

Abstract: There are times when a first user may wish to distribute an excerpt of a protected digital content to a second user, for example for criticism. The protected digital content is divided into a plurality of parts, each part being encrypted using a control word specific for the part, wherein each control word can be generated from a master control word for the protected digital content. A device belonging to the first user selects the parts of the excerpt; generates the control words for the selected parts from the master control word; generates a license for the selected parts, the license comprising the control words for the selected parts; and transmits the selected parts and the license to the receiver of the second user. Also provided is the device of the first user.

Abstract: The present invention relates to the generation of n control words for encryption of a content item. A device obtains a first key Kstart and a second key Kend; generates the n control words using the formula: CWi=h1 i(Kstart) ?h2 n-i(KEnd), i=0 . . . n?1, wherein CWi denotes 5 control word i, h1 and h2 denote one-way functions, and ? denotes a combination operation; and outputs the n generated control words. The least one one-way function is preferably a hash function and the combination operation is preferably XOR.

Abstract: A method of diversification of an iterative function of an encryption algorithm. During an iteration at least one parameter other than an encryption key and an input message is modified. It is particularly advantageous that the encryption algorithm is the Advanced Encryption Standard.

Abstract: To authenticate a digital medium for a given title, an authentication server selects a number of challenges corresponding to the title from an authentication database, clears an error counter and sends the challenges sequentially to an authentication application in a media reader in which the digital medium is inserted. Upon reception of a response, it is verified if the answer is correct. If this is the case, then the next challenge is sent; otherwise, it is first verified if a correct answer was mandatory and if so, it is deduced that the digital medium is not genuine. If an incorrect may be accepted, then the error counter is incremented and the next challenge is sent. When there are no more challenges to send, it is verified if the error counter is above an acceptable limit. If so, the digital medium is deemed as not genuine. The invention may be used to allow an owner of a digital medium to access further information or content.

Abstract: A method of generating a segment key KSmt from a given basic key KmT and a given modification key K?MT in a key space with M*T keys. The basic key KMT is split into two parts LmT, RmT onto which a one-way function is applied M?m and T?t times, respectively, and the results are combined again to form a target basic key. A one-way function is applied to the modification key K?MT a number of times that corresponds to a distance value z between the given basic key and the segment key; in one preferred embodiment z=(M?m)+(T?t). This result is XOR-ed with the target basic key to obtain the segment key KSmtAlso provided is a device.

Abstract: A method for distributing content in a content distribution system is disclosed which comprises the steps of: encrypting at a Content Packager a content using a content encryption key to generate an encrypted content; sending the content encryption key to a Licensing Authority; receiving from the Licensing Authority a distribution key containing an encryption of the content decryption key (Kc) for a given set of authorized devices; creating a secure link between the content encryption key (Kc) and the content protected by this content encryption key using a signature of the content; and distributing the encrypted content together with the signature of the content. A method for receiving content distributed according to the above-mentioned method in a device able to play back the content is also disclosed where the content signature is checked before any play back of the content.

Abstract: An encryption chaining mode takes plaintext block N, generates encryption key N by combining, preferably by XOR, encryption key N?1 and plaintext block N?1 and encrypts plaintext block N using an encryption algorithm with encryption key N to output ciphertext block N. Encryption key for the first plaintext block is generated by XOR-ing a random Initialization vector and a random initialization key K. In a preferred embodiment, initialization key K is subkeys resulting from a key schedule algorithm and encryption key N?1 is only one of the subkeys. Encryption key for the first plaintext block is generated by XOR-ing a random Initialization vector and one subkey resulting from a key schedule algorithm. Also provided is a corresponding decryption method, an encryption device, a decryption device.

Abstract: A method of encrypting compiled computer code instructions to be decrypted instruction by instruction during execution. The computer code instructions are encrypted using a chaining mode so that an encrypted instruction depends on the values of the instruction, the value of the preceding instruction and a pseudo-random number. As it may happen that the instruction can be arrived at from more than one preceding instruction, at least one of the preceding instructions is associated with a random number compensator for use during decryption of the encrypted instruction, so that the decryption of the encrypted instruction yields the same result regardless of which the preceding instruction was. Also provided are an encryption device, a decryption device and method, and a digital support medium storing encrypted compiled computer code instructions.

Abstract: The present invention concerns a method and a device for encrypting an encoded scalable enhancement frame sent by an emitter to a receiver, the enhancement frame comprising a plurality of complementary streams ordered in term of quality level, each complementary stream corresponding to a combination of more than one scalability type, where a complementary stream of a lower quality level corresponds to a lower quality on each scalability type, comprising at the level of the emitter the steps of generating a key per complementary stream for encrypting said complementary stream in such a way that all scalability types can be either simultaneously or individually used, said keys being generated in such a way that only the keys of the complementary streams of quality levels lower than the quality level of a complementary stream can be obtained from the key of said complementary stream, and sending the key of a complementary stream corresponding to a required quality level to the receiver, the key permitting a rece

Abstract: In order to provide a secure measurement of Round Trip Time (RTT), the calculation of RTT and the authentication data are separated. A device A sends a message to device B to start the method. Both devices generate a random number and device A waits for device B to finish. Device A sends its random number to B, which answers with its own random number, and device A calculates the RTT. If the RTT is below a certain limit, device A then requires authentication data, which is calculated by device B and sent to device A that verifies the authentication data. The RTT can thus be securely calculated regardless of the calculating resources of device B. Alternate embodiments, a system and devices are also provided.

Abstract: A method for discovering emulated clients. A verifier sends a cryptographic challenge C to a client and preferably starts a timer. The client uses a deterministic key search algorithm to find the correct key and returns the result as a number of tries needed. The verifier then stops the timer if this was started and verifies that the result is correct and preferably that the response was timely. Also provided is a verifier.