Abstract: A method of evaluating a cryptosystem to determine whether the cryptosystem can withstand a fault analysis attack, the method includes the steps of providing a cryptosystem having an encrypting process to encrypt a plaintext into a ciphertext, introducing a fault into the encrypting process to generate a ciphertext with faults, and comparing the ciphertext with the ciphertext with faults in an attempt to recover a key of the cryptosystem.

Abstract: A method and apparatus for hiding cryptographic keys based on autocorrelation timing attacks is provided. The method and apparatus of the present invention utilize a autocorrelation timing attack to allow independent software entities to authenticate themselves without storing a private cryptographic key. This is accomplished by storing timing statistics related to the evaluation of an equation in the software entity rather than the cryptographic key itself. When the software entity authenticates itself, the cryptographic key is derived based on information provided by the timing statistics contained in the software entity.

Abstract: Improved methods and apparatus are provided for protecting public key schemes based on modular exponentiation (including RSA and Diffie-Hellman) from indirect cryptanalytic techniques such as timing and fault attacks. Known methods for making the implementation of number-theoretic schemes resistant to such attacks typically double their running time, whereas the novel methods and apparatus described in this patent add only negligible overhead. This improvement is particularly significant in smart card and software-based implementations, in which the modular exponentiation operation is quite slow, and doubling its time may be an unacceptable solution.

Abstract: The apparatus for generating a secure substitution-box immune to differential and linear cryptanalysises comprises a preprocessor for exchanging a location by the unit of bit while passing the input of 64 bits data to be protected; a parity checker for obtaining 56 bits key information by passing the input of the 64 bits key by byte unit; a key expander for repetitive operation for generating 48 bits information upon receiving the key information; a first to sixteenth operating portion for performing the 16 times of operation for one data from the preprocessor while mixing the data with an expanding key information from the key expander; and a postprocessor for generating an output signal of 64 bits data upon receiving an operated result from the first to sixteenth operating portion.

Abstract: A method of playing a game that has a puzzle and a conforming device. The puzzle includes ciphertext indicia and a number of designated spaces corresponding with the ciphertext for displaying a developing solution. The ciphertext is a message encrypted according to some substitutional and/or transpositional encipherment scheme. At each stage of solving, the ciphertext and developing solution show what has been correctly solved and what remains to be solved. The conforming device verifies the correctness of correct guesses and corrects incorrect guesses without prejudicing future guesses. There are manifold types of messages, encipherment schemes, developing solutions and conforming devices. Some puzzles and conforming devices are made by a computerized method. The game can be played by one player or several players in competition. It can be played using a game board or other apparatus or by using a computer with an interactive computer program. To solve a puzzle, a puzzle solver first forms a guess-pair.

Abstract: A Polymorphic Anti-Virus Module (PAM) (200) comprises a CPU emulator (210) for emulating the target program, a virus signature scanning module (250) for scanning decrypted virus code, and an emulation control module (220), including a static exclusion module (230), a dynamic exclusion module (240), instruction/interrupt usage profiles (224) for the mutation engines (162) of the known polymorphic viruses (150), size and target file types (226) for these viruses, and a table (228) having an entry for each known polymorphic virus (150). Prior to emulation, the static exclusion module (230) examines the gross characteristics of the target file for attributes that are inconsistent with the size/type data (226), and excludes polymorphic viruses (150) from the list (228) accordingly.

Abstract: In order to attain high speed and secure encryption, a communication apparatus comprises a random number generation circuit for sequentially generating random number sequences which assure difficulty in terms of amount of calculation in cryptoanalyzing the sequences based on output sequences while using a cryptographic key shared by partner stations as an initial value, and an encryption circuit for sequentially encrypting communication texts and outputting cryptograms in a transmitting station and sequentially cryptoanalyzing the cryptograms and outputting the same in a receiving station, faster than the sequential generation of the random numbers by the random number generation circuit.

Abstract: A game apparatus including a puzzle and a conforming device. The puzzle includes ciphertext indicia and a number of designated spaces corresponding with the ciphertext for displaying a developing solution. The ciphertext is a message encrypted according to some substitutional and/or transpositional encipherment scheme. At each stage of solving, the ciphertext and developing solution show what has been correctly solved and what remains to be solved. The conforming device verifies the correctness of correct guesses and corrects incorrect guesses without prejudicing future guesses. There are manifold types of messages, encipherment schemes, developing solutions and conforming devices. Some puzzles and conforming devices are made by a computerized method. The game can be played by one player or several players in competition. It can be played using a game board or other apparatus or by using a computer with an interactive computer program. To solve a puzzle, a puzzle solver first forms a guess-pair.

Abstract: A searching method determines, given a specified encryption method (or set of encryption methods) and a specified pattern (or set of patterns), whether a given text contains an encryption, with any key, of anything fitting the pattern or patterns. The procedure detects and locates patterns that are present within data that has been encrypted, provided that the encryption method is one of a variety of simple methods that are often employed by computer programs such as computer viruses. The method includes:1. applying an invariance transformation to the chosen pattern (or set of patterns) to be matched, to obtain a "reduced pattern";2. applying the same reduction to the encrypted data to obtain "reduced data";3. using standard string searching techniques to detect the existence of a match between the reduced pattern and the reduced data, thereby signalling the likely existence of the pattern in encrypted form within the encrypted data;4.

Abstract: A cryptographic system includes a conventional DES facility for encrypting data using a key of N (=56) bits. The user however need only supply a first key of n bits, which is passed to a key management system. The key management system generates a second key of length N-n bits, which is combined with the first key to produce a full-length key of N bits. This full-length key is then passed to the DES facility to allow data to be encrypted and saved in a data store in the conventional manner. The value of n can be controlled such that if the user forgets the first key, it can be located in a reasonable time on a simple trial and error basis, thereby allowing retrieval of the encrypted data.

Abstract: An improved method for password validation comprising the steps of identifying bad passwords having one or more characters; computing a frequency of occurrence of bad password characters; computing a probability of occurrence T of the bad password characters within the bad passwords based upon the computed frequency of occurrence; identifying a proposed password having one or more characters; and comparing the proposed password characters with the probability of occurrence T of the bad password characters. The method further comprises the steps of establishing a validation threshold and validating the proposed password based upon the correspondence between (i) a value, BAp, reflecting the relationship between the probability of occurrence T of bad password characters within bad passwords and the proposed password characters and (ii) an established validation threshold. A Markov model is use to compute the probability of occurrence. The present invention also includes an improved password validation system.

Abstract: Apparatus for transmitting data spread across at least a portion of the bandwidth of a cable television channel comprises a carrier signal oscillator, a frequency divider, a pseudorandom sequence generator and two exclusive OR gates. A first exclusive OR gate serves to spread a data signal across the pseudorandom noise sequence generator having a much higher chip rate than the bit rate of the data signal. The second exclusive OR gate modulates the spread spectrum data signal to a carrier frequency for transmission over the cable television channel. The apparatus may be applied for return path transmission in the 0-30 megahertz band which is high susceptible to interference noise and provides approximately a 20 dB signal to interference ratio advantage over known data coding and transmission schemes.