Abstract: An architecture for authenticating packets is provided that includes: an input 322 operable to receive a packet, the packet comprising at least one of a transport, session and presentation header portion and a transport agent 312 operable to compute a first message authentication code based on at least some of the contents of the packet and compare the first message authentication code with a second message authentication code in the at least one of a transport, session, and presentation header portion to authenticate the packet.

Abstract: A system 100 for providing credentials to a computational component in a distributed processing network is provided. The system 100 includes: (a) a plurality of crypto-tokens 150a-n, each crypto-token 150a-n comprising a unique identifier, optionally a digital certificate comprising a unique public key and the unique identifier, and a private key corresponding to the public key; (b) a provisioning system 100 comprising a certificate authority 104 operable to generate the plurality of crypto-tokens 150a-n; and (c) a computational component 128 comprising a drive operable to receive and communicate with a selected crypto-token 150. The computational component 128 uses the digital certificate and private key in any of the crypto-tokens 150a-n to establish a secured communication session with the provisioning system 100. Before the establishing operation, any of the plurality of crypto-tokens 150a-n can be engaged with the computational component 128 to establish the secure communication session.

Abstract: A packet-switched communications device in an enterprise network is provided. The packet-switched communications device has a corresponding unique identifier, such as an address or extension. The device includes a processor operable to (a) establish a secure communications session with a key generating agent in the enterprise network; (b) provide, to the key generating agent through the session, the unique identifier of the communications device; and (c) receive, from the key generating agent through the session, a secret key and a key identifier. An application server authenticates the packet switched device using the secret key. After authentication is successful, secure communications is established between the packet switched device and the application server.

Abstract: The present invention provides a method, system, and device for producing cryptographic keys. More specifically, the cryptographic keys may be produced such that they have an effective key size and an apparent key size that differs from the effective key size. Generally, the effective key size is not restricted by export regulations and the apparent key size may be restricted by export regulations.

Abstract: The present efficient packet encryption method decreases the computation time to encrypt and decrypt successive packets of plaintext data. An S-vector is generated and the S-vector is used to encrypt successive packets of plaintext, thus reducing the per packet encryption/decryption time. The formula for encrypting successive packets includes use of the packet sequence number with a third variable injected to eliminate the predictability of the variables, thus making the present efficient packet encryption method more secure. A fourth variable is injected into the calculations to generate an encryption stream that does not repeat as frequently to provide additional security from hackers. For encrypting a packet having a long payload of plaintext, a packet byte sequence number is used to generate an encryption stream that is less likely to repeat within a particular packet.

Abstract: An architecture for authenticating packets is provided that includes: an input 322 operable to receive a packet, the packet comprising at least one of a transport, session and presentation header portion and a transport agent 312 operable to compute a first message authentication code based on at least some of the contents of the packet and compare the first message authentication code with a second message authentication code in the at least one of a transport, session, and presentation header portion to authenticate the packet.

Abstract: The present efficient packet encryption method decreases the computation time to encrypt and decrypt successive packets of plaintext data. An S-vector is generated and the S-vector is used to encrypt successive packets of plaintext, thus reducing the per packet encryption/decryption time. The formula for encrypting successive packets includes use of the packet sequence number with a third variable injected to eliminate the predictability of the variables, thus making the present efficient packet encryption method more secure. A fourth variable is injected into the calculations to generate an encryption stream that does not repeat as frequently to provide additional security from hackers. For encrypting a packet having a long payload of plaintext, a packet byte sequence number is used to generate an encryption stream that is less likely to repeat within a particular packet.

Abstract: A secure data authentication apparatus for authenticating the source of a software file for use on a computer system having a secure processing device. The secure data authentication apparatus further authenticating an owner of the software file and authenticates that the owner of the software file is the owner of the computer system that the software file is being installed on. The software file comprising a first source signature and a unique owner signature. The secure processing device generating a second source signature and a second owner signature, wherein if the first and second source signatures match and first and second owner signatures match, the computer system operates accepts the software file as being authenticated for the owners use and from the source represented by the first source signature.

Abstract: In an integrated voice and multimedia communications system (FIG. 1), an end-user is given explicit control over which audio access mechanism he wishes to use regardless of whether a call is a multimedia or a voice call. The end-user's voice terminal (101) is equipped with a PC-Audio control button (127). When the user originates or receives a call, a multimedia PBX (102) automatically connects audio to the voice terminal's handset (124) regardless of whether the call is a multimedia or a voice call. If the user then presses the PC-Audio button, the PBX transfers audio to the audio subsystem (112-114) of the multimedia terminal (100), an LED (128) associated with the button is lit, and the user may cradle the handset without disconnecting the call. If the handset is subsequently lifted, audio is reconnected to the handset and the LED is extinguished. If the button is pressed while its LED is lit, the call is disconnected.