Abstract: A device receives a password from a user, obtains a public key for a cryptographic algorithm for the device, obtains a password verifier by applying a one-way function to a combination of a unique identifier, the password and the public key, generates the certificate comprising the unique identifier, the public key and the password verifier, signs the certificate using a private key corresponding to the public key thereby obtaining a self-signed certificate, and outputs the self-signed certificate. Also provided is the device.

Abstract: A device receives a password from a user, obtains a public key for a cryptographic algorithm for the device, obtains a password verifier by applying a one-way function to a combination of a unique identifier, the password and the public key, generates the certificate comprising the unique identifier, the public key and the password verifier, signs the certificate using a private key corresponding to the public key thereby obtaining a self-signed certificate, and outputs the self-signed certificate. Also provided is the device.

Abstract: The present invention concerns a method in a network including at least a first device and a second device, where the sending of a packet by two devices simultaneously generates a collision. The method includes the steps of emitting by the first device a packet comprising a first part, and a second part including at least an identification of a source and a destination of the packet, receiving the first part of the packet by the second device; and in the case of the second device detecting a collision during the reception of the second part of the packet, issuing a packet indicating collision detection by the second device.

Abstract: A device for generating an encrypted master key. The device comprises at least one input interface configured to receive a receiver identifier, a service provider identifier and a master key for the service provider; a memory configured to store a secret of the device; a processor configured to: process the receiver identifier using the secret to obtain a root key, process the service provider identifier using the root key to obtain a top key and process the master key using the top key to obtain an encrypted master key; and an output interface configured to output the encrypted master key. Also provided is a method for providing an encrypted master key to a receiver. An advantage is that the device can enable a new service provider to provide services to a receiver using an already deployed smartcard.

Abstract: Methods for associating a first and a second device. Each device broadcasts an identity, the first device stores new identities and counts them. Upon user instruction and if there just one new identity, the first device sends a request for association to the second device that acknowledges this. The second device then sends, upon user instruction, a confirmation to the first device that verifies that the confirmation was sent by the second device and acknowledges this. The method is particularly suitable for use on devices that are unable to display identities of other devices.

Abstract: A device receives a password from a user, obtains a public key for a cryptographic algorithm for the device, obtains a password verifier by applying a one-way function to a combination of a unique identifier, the password and the public key, generates the certificate comprising the unique identifier, the public key and the password verifier, signs the certificate using a private key corresponding to the public key thereby obtaining a self-signed certificate, and outputs the self-signed certificate. Also provided is the device.

Abstract: A device for generating an encrypted master key. The device comprises at least one input interface configured to receive a receiver identifier, a service provider identifier and a master key for the service provider; a memory configured to store a secret of the device; a processor configured to: process the receiver identifier using the secret to obtain a root key, process the service provider identifier using the root key to obtain a top key and process the master key using the top key to obtain an encrypted master key; and an output interface configured to output the encrypted master key. Also provided is a method for providing an encrypted master key to a receiver. An advantage is that the device can enable a new service provider to provide services to a receiver using an already deployed smartcard.

Abstract: A method for marking a series of images such as a film for identification. A copy of the film is associated with a series of pseudorandom values that correspond to fields of a virtual grid covering an image. A visible mark is put into the field corresponding to the first pseudo-random value in M consecutive images followed by a number N of unmarked images (N 0) before repeating this using the next pseudo-random value. The visible marks are advantageously quite small so as to keep user disturbance to a minimum, but they may also be quite visible. Also provided is a marking apparatus.

Abstract: A network, advantageously a home network, comprises a number of user devices, for example personal computers, game consoles and smartphones, each having an estimator application, preferably voluntarily installed by the user. The network further comprises a network device that acts as an interface between the network and an external network. The estimator applications measure the network traffic for its user device, while the network device in parallel generates an independent measurement of the network consumption. The measurements are then compared. If the difference between the sum of the measurements from the estimator applications and the measurement of the network device is below a fixed threshold, it is assumed that the measurements are valid for the considered measurement time interval. Otherwise, the difference is an indication that at least one estimation was incorrect.

Abstract: The invention relates to a method for burning digital data onto a blank disk by a client device, the digital data being transmitted to the client device by a remote content server. The following steps are carried out by the client device for burning digital data onto a blank disk: establishing a secure authenticated channel with the content server; receiving the digital data transmitted by the content server; verifying the existence of the secure authenticated channel and authorizing the burning of the digital data received only during the existence of the secure authenticated channel; and burning onto the blank disk the digital data received.

Abstract: A method for controlling distribution of licenses, a license being for an excerpt of a content item, the content item comprising a set of continuous units, each excerpt comprising a subset of the set of continuous units, A device receives an identifier of a receiver of a license, and the license or a request to generate the license, the license or the request to generate the license comprising a content identifier and at least one indicator of the units covered by the license; retrieves stored information regarding licenses previously delivered to the receiver; compares a limit value for the content item with the stored information combined with information from the license or the request to generate the license; and allows the receiver access to the license only if the limit value is not exceeded by the stored information combined with information from the license or the request to generate the license Also provided is the device.

Abstract: A method of detecting whether a computer file has been copied, the computer file comprising a software program and having an inode number. The inode number of the computer file is retrieved by the software program. From the computer file, a stored inode number is read, the stored inode number being the inode number of a file system from which the computer file should not be copied. The retrieved inode number and the read inode number are compared and it is determined that the computer file has been copied if the retrieved inode number does not match the read inode number. Also provided are a method of enabling detection of the copying of a computer file, and devices and software program products corresponding to the methods.

Abstract: Exchange of Digital Rights Management protected content between two devices without the need for a third party. Each user marks a license as unusable and the devices the trade licenses. A user then instructs the device to import the received license. The device verifies that a license has been rendered unusable and only then erases the unusable license and enables the device to use the new license. The content associated with a license may be traded before or after the license exchange, and may also be downloaded from a third party. Also provided is a device for exchanging licenses.

Abstract: A method for introducing devices with simple user interfaces into a network community. A user pushes a button on a first device that listens for messages from central points for two seconds and, if no such message is received, becomes a central point and starts sending broadcast ID messages. The user the pushes a button on a second device to be insert, which after interaction with the central point enters a selected state. Noticing this on the user interface of the second device, the user pushes the button on the first device again, and after further communication between the devices, they enter an associated state, which can be verified on the user interface of the first device. Also provided is a first device.

Abstract: A network, advantageously a home network, comprises a number of user devices, for example personal computers, game consoles and smartphones, each having an estimator application, preferably voluntarily installed by the user. The network further comprises a network device that acts as an interface between the network and an external network. The estimator applications measure the network traffic for its user device, while the network device in parallel generates an independent measurement of the network consumption. The measurements are then compared. If the difference between the sum of the measurements from the estimator applications and the measurement of the network device is below a fixed threshold, it is assumed that the measurements are valid for the considered measurement time interval. Otherwise, the difference is an indication that at least one estimation was incorrect.

Abstract: A system for distribution of a content item in a network, particularly a peer-to-peer network. A requesting node sends a request for the content item. An access requirement value for the content item is compared to a counter value for the requesting node to determine if the requesting node may download the content item from a sharing node. The counter value is advantageously linked to the requesting node's habit of sharing content items. The access requirement value, which preferably is not only linked to the size of the content item, is modified for at least one content item in the network, either following a time rule or when the content is downloaded. In this way it can be ensured that initial downloaders are likely to share the content item and that the content then gets more accessible to other nodes.

Abstract: A method and device for device association. A user enters login and password on a first device that searches for reachable devices. The first device asks the reachable devices if they know the login, preferably by sending a salted hash of the login. The devices that know the login respond positively and the first device lists the responding devices. The first device then successively performs Secure Remote Authentication (SRP) with each device on the list until an authentication succeeds or there are no further devices on the list. The SRP authentication makes sure that the first device knows the login and that the other device knows a password verifier without transmitting any knowledge that allows recuperation of this info by an eavesdropper. The authenticated devices then establish a secure channel over which a community secret key is transferred, and the first device also calculates and stores the password verifier.

Abstract: A method for performing at least one evolution operation in a dynamic, evolutive community of devices in a network comprising at least a first device. The method comprises a step of sending at least one message over the network from the first device to a second device, wherein the first device continues the method without acknowledgement of the at least one message from the second device. The method is suitable for execution on clockless devices. A device for performing the method is also claimed.

Abstract: A method of detecting whether a computer file has been copied, the computer file comprising a software program and having an inode number. The inode number of the computer file is retrieved by the software program. From the computer file, a stored inode number is read, the stored inode number being the inode number of a file system from which the computer file should not be copied. The retrieved inode number and the read inode number are compared and it is determined that the computer file has been copied if the retrieved inode number does not match the read inode number. Also provided are a method of enabling detection of the copying of a computer file, and devices and software program products corresponding to the methods.

Abstract: A system for distribution of a content item in a network, particularly a peer-to-peer network. A requesting node sends a request for the content item. An access requirement value for the content item is compared to a counter value for the requesting node to determine if the requesting node may download the content item from a sharing node. The counter value is advantageously linked to the requesting node's habit of sharing content items. The access requirement value, which preferably is not only linked to the size of the content item, is modified for at least one content item in the network, either following a time rule or when the content is downloaded. In this way it can be ensured that initial downloaders are likely to share the content item and that the content then gets more accessible to other nodes. Also provided are a sharing node, a server and a method.