Abstract: A method and system for secure access from a local device to a remote server computer are disclosed. At the local device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote server computer, the security software obtaining a personal identification number (PIN) of a user, and the UID of the local device. The PIN, the UID and the security software are forwarded to the remote server computer for generating a credential code, including encrypting the credential code. At the local device, the credential code is obtained from the remote server computer, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote server computer are retrieved.

Abstract: A communication network employing a method and system for secure access from a security device at a local network location to a remote network location are disclosed. At the security device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote network location, the security software obtaining a personal identification number (PIN) of a user, and the UID of the security device. The PIN, the UID and the private security software are forwarded to the remote network location for generating a credential code, including encrypting the credential code. At the security device, the credential code is obtained from the remote network location, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote network location are retrieved.

Abstract: Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.

Abstract: Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.

Abstract: A cryptographic method and system. A plurality of ciphers is identified in a message received by a recipient, such message encrypting a digital asset. A private key associated with the recipient is obtained. The private key corresponds to a public key associated with the recipient. The method includes solving for x in the equation: [(f0(R0?1 N?0 mod S)+P?+f?(Rn?1 N?n mod S))/(h0(R0?1 N?0 mod S)+Q?+h?(Rn?1 N?n mod S))]*h(x)?f(x)=0 mod p, where (i) P?, Q?, N?0, and N?n correspond to the ciphers in the received message; (ii) R0, Rn and S are data elements of the private key; (iii) f(·) is a polynomial function defined by coefficients f0, f1, . . . f? that are also data elements of the private key; and (iv) h( ) is a polynomial function defined by coefficients h0, h1, . . . h? that are also data elements of the private key. The value of x is assigned to the digital asset, which is then stored in non-transitory memory or packaged in a message sent over the data network.

Abstract: Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.

Abstract: A digital communication method over an optical channel. Bob modulates a coherent optical signal with a random envelope phase ?r, known to him and not to Alice, and transmits the modulated coherent optical signal (envelope) over the optical channel to Alice. Alice further modulates the envelope with a key phase ?k, based on a secret key and a selected modulation scheme, to create a cipher envelope, and sends the cipher envelope towards Bob along the optical channel. Bob then demodulates a received version of the cipher envelope by removing the random envelope phase ?r (known to Bob) and then measures the phase of the resulting demodulated coherent optical signal with the coherent detector to extract, to within a certain margin of error, the key phase ?k, from which Alice's secret key can be decoded. Bob then uses the secret key for encrypting messages sent to Alice over any digital network.

Abstract: A computer-implemented method, which comprises: receiving an input message comprising N-bit input segments, N being an integer greater than one; converting the N-bit input segments into corresponding N-bit output segments using a 2N-by-2N one-to-one mapping stored in a non-transitory storage medium; and generating an output message comprising the N-bit output segments. Also, a computer-implemented method for a recipient to validate a message received from a sender, the message including a first part and a second part. This method comprises receiving a token from a witnessing entity; obtaining a first data element by joint processing of the first part of the message and the token; obtaining a second data element by joint processing of the second part of the message using a key associated with the sender; and validating the message by comparing the first and second data elements.

Abstract: A communication network employing a method and system for secure access from a security device at a local network location to a remote network location are disclosed. At the security device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote network location, the security software obtaining a personal identification number (PIN) of a user, and the UID of the security device. The PIN, the UID and the private security software are forwarded to the remote network location for generating a credential code, including encrypting the credential code. At the security device, the credential code is obtained from the remote network location, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote network location are retrieved.

Abstract: A digital communication method over an optical channel. Bob modulates a coherent optical signal with a random envelope phase ?r, known to him and not to Alice, and transmits the modulated coherent optical signal (envelope) over the optical channel to Alice. Alice further modulates the envelope with a key phase ?k, based on a secret key and a selected modulation scheme, to create a cipher envelope, and sends the cipher envelope towards Bob along the optical channel. Bob then demodulates a received version of the cipher envelope by removing the random envelope phase ?r (known to Bob) and then measures the phase of the resulting demodulated coherent optical signal with the coherent detector to extract, to within a certain margin of error, the key phase ?k, from which Alice's secret key can be decoded. Bob then uses the secret key for encrypting messages sent to Alice over any digital network.

Abstract: A computer-implemented method, which comprises: receiving an input message comprising N-bit input segments, N being an integer greater than one; converting the N-bit input segments into corresponding N-bit output segments using a 2N-by-2N one-to-one mapping stored in a non-transitory storage medium; and generating an output message comprising the N-bit output segments. Also, a computer-implemented method for a recipient to validate a message received from a sender, the message including a first part and a second part. This method comprises receiving a token from a witnessing entity; obtaining a first data element by joint processing of the first part of the message and the token; obtaining a second data element by joint processing of the second part of the message using a key associated with the sender; and validating the message by comparing the first and second data elements.

Abstract: Method and system for secure access from a security device at a local network location to a remote network location are disclosed. At the security device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote network location, the security software obtaining a personal identification number (PIN) of a user, and the UID of the security device. The PIN, the UID and the private security software are forwarded to the remote network location for generating a credential code, including encrypting the credential code. At the security device, the credential code is obtained from the remote network location, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote network location are retrieved.

Abstract: A robust header compression (ROHC) controller provides for service flow processing of a ROHC channel in a WiMAX wireless communication system. The ROHC controller controls the negotiations of the MS ROHC capabilities during its registration and the negotiations of the ROHC channel parameters during ROHC enabled service flow setup; the MS ROHC capabilities including ROHC compression and decompression capabilities and ROHC channel and feedback strategies; the channel parameter negotiation covers the ROHC profile set and feedback channel information in addition to the 16e/12D standard. The ROHC controller receives a service flow request for a ROHC enabled service flow, wherein the request includes a QoS profile.

Abstract: A data communication system, in which a sender obtains a set of base data elements; generates a first and a second key from (i) the set of base data elements and (ii) sets of first and second entanglement data elements, the first and second keys comprised of a respective first and second public component and a respective first and second private component. A recipient generates first and second ciphers by encoding a digital message using the first and second public components; and sends the first and second ciphers towards the sender apparatus. The sender then extracts the digital message based on the first and second ciphers, the first and second private components, and the sets of first and second entanglement data elements. The private components are not derivable from the public components or from the ciphers irrespective of computing power. A method of digital signing and verification is also described.

Abstract: A robust header compression (ROHC) controller provides for service flow processing of a ROHC channel in a WiMAX wireless communication system. The ROHC controller controls the negotiations of the MS ROHC capabilities during its registration and the negotiations of the ROHC channel parameters during ROHC enabled service flow setup; the MS ROHC capabilities including ROHC compression and decompression capabilities and ROHC channel and feedback strategies; the channel parameter negotiation covers the ROHC profile set and feedback channel information in addition to the 16e/12D standard. The ROHC controller receives a service flow request for a ROHC enabled service flow, wherein the request includes a QoS profile.

Abstract: A robust header compression (ROHC) controller provides for service flow processing of a ROHC channel in a WiMAX wireless communication system. The ROHC controller controls the negotiations of the MS ROHC capabilities during its registration and the negotiations of the ROHC channel parameters during ROHC enabled service flow setup; the MS ROHC capabilities including ROHC compression and decompression capabilities and ROHC channel and feedback strategies; the channel parameter negotiation covers the ROHC profile set and feedback channel information in addition to the 16e/12D standard. The ROHC controller receives a service flow request for a ROHC enabled service flow, wherein the request includes a QoS profile.

Abstract: Method and system for secure access from a security device at a local network location to a remote network location are disclosed. At the security device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote network location, the security software obtaining a personal identification number (PIN) of a user, and the UID of the security device. The PIN, the UID and the private security software are forwarded to the remote network location for generating a credential code, including encrypting the credential code. At the security device, the credential code is obtained from the remote network location, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote network location are retrieved.

Abstract: A communication system, comprising a first apparatus and a second apparatus. A processing entity of the first apparatus is configured for: obtaining a first bit stream; subdividing it into a plurality of N-bit input segments; for each of the input segments, determining an input index as a value represented by the N bits of a particular input segment, determining an output index based on the input index and a mapping between 2N possible input indexes and 2N possible output indexes, and setting bits of a corresponding N-bit output segment so as to represent the value of the output index; and causing transmission of a second bit stream formed using each corresponding first output segment to the second apparatus, where a similar operation is performed to recover the N-bit first input segments.

Abstract: A robust header compression (ROHC) controller provides for service flow processing of a ROHC channel in a WiMAX wireless communication system. The ROHC controller controls the negotiations of the MS ROHC capabilities during its registration and the negotiations of the ROHC channel parameters during ROHC enabled service flow setup; the MS ROHC capabilities including ROHC compression and decompression capabilities and ROHC channel and feedback strategies; the channel parameter negotiation covers the ROHC profile set and feedback channel information in addition to the 16e/12D standard. The ROHC controller receives a service flow request for a ROHC enabled service flow, wherein the request includes a QoS profile.

Abstract: Method and system for secure access from a security device at a local network location to a remote network location are disclosed. At the security device having a unique identifier (UID), processor, and memory, a security software is obtained from a remote network location, the security software obtaining a personal identification number (PIN) of a user, and the UID of the security device. The PIN, the UID and the private security software are forwarded to the remote network location for generating a credential code, including encrypting the credential code. At the security device, the credential code is obtained from the remote network location, and authenticity of the PIN and the UID is verified, without communicating over a network, including decrypting the credential code. Upon verifying the authenticity of the PIN and the UID, access credentials to the remote network location are retrieved.