Abstract: Binary data representing a code word of an error-correcting code is used for calculating a syndrome, wherein a given portion of the binary data comprises k groups of data bits and represents a field element of the finite field GF(pk), p being an odd prime number, the field element comprising k coefficients in accordance with a polynomial basis representation, each group of data bits of the given portion representing a corresponding one of the k coefficients. The given portion, is stored in a first general purpose register and is processed such that the k groups of data bits of the given portion are processed in parallel; determining whether the syndrome is equal to zero; and detecting and correcting errors in the binary data if the syndrome is not equal to zero.

Abstract: When a mobile terminal (10), having a basic identity module (12) operative according to a first security standard, initiates a service access, the home network (30) determines whether the mobile terminal has an executable program (14) configured to interact with the basic identity module for emulating an identity module according to the second security standard. If it is concluded that the mobile terminal has such an executable program, a security algorithm is executed at the home network (30) to provide security data according to the second security standard. At least part of these security data are then transferred, transparently to a visited network (20), to the mobile terminal (10). On the mobile terminal side, the executable program (14) is executed for emulating an identity module according to the second security standard using at least part of the transferred security data as input.

Abstract: Binary data representing a code word of an error-correcting code is used for calculating a syndrome, wherein a given portion of the binary data comprises k groups of data bits and represents a field element of the finite field GF(pk), p being an odd prime number, the field element comprising k coefficients in accordance with a polynomial basis representation, each group of data bits of the given portion representing a corresponding one of the k coefficients. The given portion is stored in a first general purpose register and is processed such that the k groups of data bits of the given portion are processed in parallel; determining whether the syndrome is equal to zero; and detecting and correcting errors in the binary data if the syndrome is not equal to zero.

Abstract: A device (e.g., mobile device) and method are described herein that can protect data stored in a rewritable openly accessible memory from replay attacks by using an integrity key and an encryption key to en/decrypt the data, integrity protect the data via a MAC calculation, and verify the data.

Abstract: A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key.

Abstract: A method for establishing a security association between a client and a service node for the purpose of pushing information from the service node to the client, where the client and a key server share a base secret. The method comprises sending a request for generation and provision of a service key from the service node to a key server, the request identifying the client and the service node, generating a service key at the key server using the identities of the client and the service node, the base secret, and additional information, and sending the service key to the service node together with said additional information, forwarding said additional information from the service node to the client, and at the client, generating said service key using the received additional information and the base key. A similar approach may be used to provide p2p key management.

Abstract: A method and apparatus for processing binary data representing field elements of an odd-characteristic finite field GF(pk). Binary data representing at least a portion of a field element of an odd-characteristic finite field GF(pk) is stored in a register, p being an odd prime number. The field element includes k coefficients in accordance with a polynomial-basis representation. The binary data includes plural groups of data bits, wherein each group of data bits represents an associated one of the k coefficients. At least one operation on contents of the register such that the plural groups of data bits are processed in parallel.

Abstract: A challenge-response user-authentication procedure masks an authentication center's expected response (XRES) utilizing a masking function (ƒ) and by transmitting a random challenge and a masked expected response (XRES?) instead of the XRES to an intermediate party where the actual user authentication takes place. The intermediate party sends the random challenge to the user and recieves a user response (RES) from the user. The intermediate party then generates a masked user response (RES?) using the same masking function (ƒ) and verifies that RES? corresponds to XRES?.

Abstract: The present invention relates to establishing security within an ad hoc network. Such ad hoc networks do not have on-line connections to a particular server for getting desired public keys or certificates, thereby requiring them to create trust relations among their respective nodes wherein some of the nodes have a mutual trust relation to each other, thus constituting a trust group. When a particular candidate node desires to join the trust group, an X-node is identified, being a member of a trust group and having a trust relation with the candidate node. The X-node then certifies the candidate node and establishes and distributes trust relations between the members of the trust group and the candidate node.

Abstract: An encrypted/authenticated mobile application part (MAP) protocol message is sent between a first network element (42A) of a first telecommunications network (40A) and a second network element (42B) of a second telecommunications network (40B). The first network element uses a master security association to derive a connection-specific security association, and includes in the encrypted/authenticated MAP message a parameter obtained from the connection-specific security association. Upon receipt at the second network element, the master security association is used to derive a connection-specific security association for use by the second network element. The second network element uses the connection-specific security association to decrypt/decode the MAP message.

Abstract: A method is described herein for protecting multicast/broadcast traffic (e.g., mobile TV, multimedia) which is transmitted from a broadcast service provider via a mobile operator to one or more mobile devices. To protect the multicast/broadcast traffic, the method utilizes a broadcast key distribution and encryption architecture that is based in part on the existing GSM/UMTS authentication standards.

Abstract: A broker node is provided, acting as an intermediate administrator for all operators during service content distribution. A content provider has a single relation to the broker. This broker has in turn relations to a number of other operators. The content provider provides the communication content. A list of targeted users or subscribers is compiled by the broker. Preferably, the broker collects necessary subscriber attributes, such as position, device information and access properties, from the other operators. The communication content is preferably modified according to the collected attributes and the content can subsequently be delivered to the subscribers in a best possible way. The broker collects payment from the subscribers and reimburses the media content supplier. In a first aspect, the broker is a distributor and payment administrator for service content. In another aspect, the broker is a mediator of use of inter-operator relations to a third-party content provider.

Abstract: A cryptographic method is described. The method comprises storing binary data representing at least a portion of a field element of an odd-characteristic finite field GF(pk) in a register, p being an odd prime number, the field element comprising k coefficients in accordance with a polynomial-basis representation, the binary data comprising plural groups of data bits, wherein each group of data bits represents an associated one of the k coefficients and processing the binary data in accordance with a cryptographic algorithm such that the plural groups of data bits are processed in parallel. An apparatus comprising a memory and a processing unit coupled to the memory to carry out the method is also described.

Abstract: A basic idea according to the invention is to enhance or update the basic cryptographic security algorithms by an algorithm-specific modification of the security key information generated in the normal key agreement procedure of the mobile communication system. For communication with the mobile terminal, the network side normally selects an enhanced version of one of the basic cryptographic security algorithms supported by the mobile, and transmits information representative of the selected algorithm to the mobile terminal. The basic security key resulting from the key agreement procedure (AKA, 10) between the mobile terminal and the network is then modified (22) in dependence on the selected algorithm to generate an algorithm-specific security key. The basic security algorithm (24) is then applied with this algorithm-specific security key as key input to enhance security for protected communication in the mobile communications network.

Abstract: A method of facilitating the lawful interception of an IP session between two or more terminals 12,13, wherein said session uses encryption to secure traffic. The method comprises storing a key allocated to at least one of said terminals 12,13 or to at least one of the subscribers using one of the terminals 12,13, at the terminal 12,13 and at a node 5,8 within a network 1,6 through which said session is conducted, or a node coupled to that network. Prior to the creation of said session, a seed value is exchanged between the terminal 12,13 at which the key is stored and said node 5,8. The key and the seed value are used at both the terminal 12,13 and the node 5,8 to generate a pre-master key. The pre-master key becomes known to each of the terminals 12,13 involved in the IP session and to the network node 5,8. The pre-master key is used, directly or indirectly, to encrypt and decrypt traffic associated with said IP session.

Abstract: A method of authenticating a message (111) received via a transmission channel (108) using a Message Authentication Code (MAC).

Abstract: In a procedure for delivering streaming media, a Client (1) first requests the media from an Order Server (3). The Order Server authenticates the Client and sends a ticket to the Client. Then, the Client sends the ticket to a Streaming Server (5). The Streaming Server checks the ticket for validity and if found valid encrypts the streaming data using a standardized real-time protocol such as the SRTP and transmits the encrypted data to the Client. The Client receives the data and decrypts them. Copyrighted material adapted to streaming can be securely delivered to the Client. The robust protocol used is very well suited for in particular wireless clients and similar devices having a low capacity such as cellular telephones and PDAs.

Abstract: A method of processing binary data representing field elements of an odd-characteristic finite field GF(pk) is described. The method comprises storing binary data representing at least a portion of a field element of an odd-characteristic finite field GF(pk) in a register, p being an odd prime number, the field element comprising k coefficients in accordance with a polynomial-basis representation, the binary data comprising plural groups of data bits, wherein each group of data bits represents an associated one of the k coefficients. The method also comprises executing at least one operation on contents of the register such that the plural groups of data bits are processed in parallel. An apparatus comprising a memory and a processing unit coupled to the memory to carry out the method is also described.

Abstract: A challenge-response authentication procedure includes masking of the expected response (XRES) generated by an authentication center by means of a masking function (ƒ), and transmission of the masked expected response (XRES′), instead of the expected response itself, to an intermediate party at which the actual user authentication takes place. The intermediate party also receives a user response (RES) from the user and generates a masked user response (RES′) using the same masking function (ƒ) as the authentication center did. In order to authenticate the user, the intermediate party then verifies that the masked user response (RES′) corresponds to the masked expected response (XRES′) received from the authentication center. The above procedure enables the intermediate party to prove that user authentication has taken place, keeping in mind that only the legitimate user knows the response beforehand.

Abstract: The present invention relates to an arrangement, system and method for managing rights to streaming media using a management mechanism based on a content object and a rights object. In accordance with the invention the content object comprises means for initiation of the streaming media and the rights object comprises usage rules defining the rights to use said streaming media. The invention also relates to a method of delivering and protecting digital streaming media. The initiation may comprise a session description of the streaming media, a SDP description, a URL to said streaming media or a SMIL file. Preview and super-distribution are provided. The content object is delivered like a downloadable object in a rights management system for download, thereby reusing the mechanisms for rights management of said latter system for rights management in a system for transmission of streaming media.