Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.

Abstract: A resilient hashing system leverages a fast, non-cryptographic hash/checksum function that has good diffusion properties while remaining reasonably efficient on modern central processing units (CPUs). The hash function uses random secret data so that hash keys for particular data are difficult to predict. Due to its internal structure, well-chosen random secret data is difficult for an attacker to counter without having access to the direct output of the hash function. At every stage of the block function, there are at least two operations that can be performed in parallel, increasing performance on modern superscalar CPUs. Thus, the resilient hashing system provides a hash table and checksum that can be used in Internet-facing or other vulnerable sources of input data to manage performance in the face of malicious attacks.

Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.

Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.

Abstract: A resilient hashing system leverages a fast, non-cryptographic hash/checksum function that has good diffusion properties while remaining reasonably efficient on modern central processing units (CPUs). The hash function uses random secret data so that hash keys for particular data are difficult to predict. Due to its internal structure, well-chosen random secret data is difficult for an attacker to counter without having access to the direct output of the hash function. At every stage of the block function, there are at least two operations that can be performed in parallel, increasing performance on modern superscalar CPUs. Thus, the resilient hashing system provides a hash table and checksum that can be used in Internet-facing or other vulnerable sources of input data to manage performance in the face of malicious attacks.

Abstract: An RSA message signature can be verified by verifying that se mod n=F(m, n). If a value K, defined as K=se div n is computed in advance and provided as an input to the computing device verifying the signature, the signature verification can be significantly faster. To avoid transmission of, and mathematical operations on, large values of K, which can themselves be inefficient, the RSA public exponent e can be selected to be relatively small, such as e=2 or e=3. K is based on publicly available information and can be calculated by the computing device signing the message, or by an intermediate computing device, and transmitted to the device verifying the signature without impacting security.

Abstract: An RSA message signature can be verified by verifying that se mod n=F(m, n). If a value K, defined as K=se div n is computed in advance and provided as an input to the computing device verifying the signature, the signature verification can be significantly faster. To avoid transmission of, and mathematical operations on, large values of K, which can themselves be inefficient, the RSA public exponent e can be selected to be relatively small, such as e=2 or e=3. K is based on publicly available information and can be calculated by the computing device signing the message, or by an intermediate computing device, and transmitted to the device verifying the signature without impacting security.

Abstract: Executable instructions designed to provide faster cryptographic processing, fixed-timing memory access, and dedicated memory usage are implementable on an x86 CPU utilizing XMM registers. The instructions can be utilized to implement cryptographic processing in accordance with the Advanced Encryption Standard (AES). To encrypt, a single instruction performs nonlinear transformation, rotation, and linear transformation. Another single instruction used during encryption performs nonlinear transformation and rotation. New instructions also are implemented to perform decryption. The instructions implemented to perform decryption perform the mathematical inverse functions of their counterparts used for encryption.

Abstract: An access control system applies contents-based policies to data that is being transferred. This transfer can be between different computers, different operating systems on a single computer, different applications within on the same operating system, or different parts of the same operating system, for example. Data is scanned at a scan engine associated with a security reference monitor (SRM) as the data is being transmitted, on-the-fly. The data is forwarded directly to the recipient, so the data is not stored at the SRM. The data is encrypted at the SRM as it comes by, and the key is revealed to the recipient if it is subsequently determined that the transfer is allowed.

Abstract: Encryption is provided with additional diffusion components to construct a block cipher with a large and variable block size. The cipher incorporates an encryption system or algorithm such that the cipher is at least as secure as the encryption system or algorithm. Additional components of the cipher provide improved diffusion. This combination ensures that the cipher is at least as strong as the encryption algorithm, and at the same time it provides additional security properties due to its improved diffusion.

Abstract: A transactional sealed storage system enables data to be accessed according to transactional properties and also enables access to the data to be restricted to secured applications. The transactional properties according to which the data may be accessed may include, for example, at least some levels of atomicity, consistency, isolation, and durability. The access to the data may be restricted by, for example, employing a double layer security policy that involves encrypting the data and also authenticating any application that requests access to the encrypted data.

Abstract: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.

Abstract: A system has a local client application (10) and a communications stack (20, 14) by which the local application can communicate with remote peer applications on other systems. The communications stack includes a transport entity (14) for providing transport services, and a transport-independent, session-level security entity (20) logically positioned above the transport entity and visible to the local application. The security entity has a key-exchange handshake protocol engine (24) for conducting a handshake with a peer security entity (30) associated with a particular remote application (12) with which the local application (10) wishes to communicate, this handshake involving the exchange of key-related data for use in generating session keys. The security entity (20) also has a secure channel engine (25) for enabling messages to be passed between the local application and the target remote application with authentication and/or encryption.

Abstract: Disclosed is a multi-purpose transaction card system comprising an issuer, one or more cards, one or more terminals, and optionally one or more acquires, communicating using a variety of cryptographic confidentiality and authentication methods. Cards authenticate messages using public key based cryptographic without themselves performing the extensive computations usually associated with such cryptography. Integrity of complex transaction sequences and plural card storage updates are maintained even under intentionally generated interruptions and/or modifications of data transmitted between card and terminal. Cards do not reveal any information to the terminal which is not directly necessary for the transaction or any information to which the terminal should not have access, though externally measurable aspects of its behavior. Transaction types supported include those suitable for off-line credit cards, in which the “open to buy” is maintained on the card.

Abstract: Disclosed is a multi-purpose transaction card system comprising an issuer, one or more cards, one or more terminals, and optionally one or more acquires, communicating using a variety of cryptographic confidentiality and authentication methods. Cards authenticate messages using public key based cryptographic without themselves performing the extensive computations usually associated with such cryptography. Integrity of complex transaction sequences and plural card storage updates are maintained even under intentionally generated interruptions and/or modifications of data transmitted between card and terminal. Cards do not reveal any information to the terminal which is not directly necessary for the transaction or any information to which the terminal should not have access, though externally measurable aspects of its behavior. Transaction types supported include those suitable for off-line credit cards, in which the “open to buy” is maintained on the card.

Abstract: Disclosed is a multi-purpose transaction card system comprising an issuer, one or more cards, one or more terminals, and optionally one or more acquires, communicating using a variety of cryptographic confidentiality and authentication methods. Cards authenticate messages using public key based cryptographic without themselves performing the extensive computations usually associated with such cryptography. Integrity of complex transaction sequences and plural card storage updates are maintained, even under intentionally generated interruptions and/or modifications of data transmitted between card and terminal. Cards do not reveal any information to the terminal which is not directly necessary for the transaction or any information to which the terminal should not have access, though externally measurable aspects of its behavior. Transaction types supported include those suitable for off-line credit cards, in which the “open to buy” is maintained on the card.

Abstract: A system has a local client application (10) and a communications stack (20, 14) by which the local application can communicate with remote peer applications on other systems. The communications stack includes a transport entity (14) for providing transport services, and a transport-independent, session-level security entity (20) logically positioned above the transport entity and visible to the local application. The security entity has a key-exchange handshake protocol engine (24) for conducting a handshake with a peer security entity (30) associated with a particular remote application (12) with which the local application (10) wishes to communicate, this handshake involving the exchange of key-related data for use in generating session keys. The security entity (20) also has a secure channel engine (25) for enabling messages to be passed between the local application and the target remote application with authentication and/or encryption.