Abstract: Apparatus and method for scalable content protection. For example, one embodiment of an apparatus comprises: cryptographic management circuitry to securely store one or more keys associated with one or more media apps/applications; a plurality of processing engines, each processing engine comprising circuitry to process media content of the one or more media apps/applications; and a scheduler to schedule processing of the media content by the processing engines; wherein the cryptographic management circuitry is to restore a first cryptographic state including a first key associated with a first media app/application and/or first media content responsive to a request to process the first media content on a first processing engine.

Abstract: Disclosed herein is a key rotation scheme for a DRM system in a DASH-based media content service. A DASH encoder generates media decryption keys and provides a key list including the media decryption keys to a CP manager. Each media decryption key is identified by a key identifier (KID). The CP manager delivers the key list to a license server. The license server creates ECLs based on the key list, and delivers an ECL list including ECLs to the CP manager. Each ECL is identified by KID and includes an encrypted media decryption key and an encrypted KID. The CP manager generates a pssh box in which the ECL list is inserted into a data field, and delivers the pssh box to the DASH encoder. The DASH encoder delivers the pssh box to a client device, with the pssh box being included in a DASH MPD or media segment.

Abstract: Systems and techniques for implementing secure devices using entropy multiplexing are described herein. An entropy-multiplexing (EM) tree containing a plurality of tree depths may be accessed. A first message may be transmitted to a set of neighbor devices. At least a portion of the first message may be encrypted using a first seed value generated using a first tree depth of the plurality of tree depths and a first clock value of a device. A response may be received from a neighbor device of the set of neighbor devices. The response may include a second message. The second message may be encrypted using a second seed value generated using a second tree depth of the plurality of tree depths and a second clock value. The second message may be decrypted using a third seed value generated using the second tree depth and a third clock value of the device.

Abstract: A method, a system, and a computer program product for managing an electronic mail in a communication network. Recursive parameters are provided in a command list of a communication protocol associated with the electronic mail. The command list is partitioned into of command sub-lists using the recursive parameters.

Abstract: System, computer readable medium and method for decryption. The method may include receiving, by a third computerized system and from a fourth computerized system, a first encrypted file entity key and signed access metadata. The first encrypted file entity key is created by encrypting a file entity key by a first computerized system using an encryption key of a second computerized system. The signed access metadata is signed by the file entity key. The encrypted file entity is created by encrypting a file entity by the first computerized system using the file entity key. Sending, by the third computerized system, the signed access metadata and the first encrypted file entity key to the second computerized system. Receiving a response from the second computerized system. Determining, based on the response from the second computerized system, whether to facilitate a decryption of the encrypted file entity by the fourth computerized entity.

Abstract: A solid-state imaging device and a camera system are disclosed. The solid-state imaging device includes a pixel unit and a pixel signal readout circuit. The pixel signal readout circuit includes a plurality of comparators disposed to correspond to a pixel column array, and a plurality of counters. Each counter includes a first amplifier, a second amplifier, and a mirror circuit to from a current mirror in parallel with the second amplifier. The first amplifier includes differential transistors, initializing switches connected between gates and collectors of the differential transistors, and first and second capacitors connected to each of the gates of the differential transistors. The second amplifier includes an initializing switch and a third capacitor. The mirror circuit includes a gate input transistor whose gate is inputted with a voltage sampled by the first amplifier or a voltage sampled by the second amplifier.

Abstract: A transmitting apparatus comprises an initialization vector generating unit for generating an initialization vector, an encryption unit for initializing a stream encryption module using the generated initialization vector and performing stream encryption on stream data using the initialized stream encryption module, an encryption packet generating unit for generating an encryption packet containing encrypted stream-encrypted data, an initialization packet generating unit for generating an initialization packet containing an initialization vector and time information indicating when a next initialization vector subsequent to the initialization vector will be sent, and a transmission unit for transmitting the initialization packet and the encryption packet by broadcast/multicast.

Abstract: A system and method for Dedicated Short-Range Communication (DSRC) between beacons and onboard units of a road toll system, wherein the beacons have a system-wide key and the onboard units have only individual keys, which are respectively formed from the system-wide key on the basis of a derivation code specific to the onboard units, wherein upon a communication from the onboard unit the derivation code is transmitted to the beacon in order to enable the beacon to emulate the individual key to encrypt/decrypt the communication with the onboard unit and/or for access to data stored in the onboard unit, and wherein upon communications with consecutive beacons the onboard unit transmits varying derivation codes.

Abstract: An approach is provided for relaying media and creating new content from the media via a social network. Audio content is caused to be received from one of a plurality of devices. The one device is associated with a member of a first list of contacts. New audio content is generated based on the received audio content. The new audio content is caused, at least in part, to be transmitted to another one of the devices. The other one device is associated with a member of a second list of contacts.

Abstract: A cryptographic method is provided of a type with public key over a non-supersingular elliptic curve E, determined by the simplified Weirstrass equation y2=x3+a·x2+b over a finite field GF(3n), with n being an integer greater than or equal to 1. The method includes associating an element t of said finite field with a point P? of the elliptic field. The step of associating includes: obtaining a pre-determined quadratic non-residue ? on GF(3n); obtaining a pre-determined point P=(zP, yP) belonging to a conic C defined by the following equation: a·?·z2?y2+b =0; obtaining a point Q=(zQ, yQ), distinct from the point P belonging to the conic C and a straight line D defined by the following equation: y=t·z+yP?t·zP; obtaining the element ? of GF(3n) verifying the following linear equation over GF(3): ??·?=(?2·zQ)/a; and associating, with the element t of the finite field, the point P? of the elliptic curve, for which the coordinates are defined by the pair (?·zQ/?, yQ).

Abstract: Methods and apparatuses for minimizing co-channel interference in communications systems are disclosed. A method in accordance with the present invention comprises shifting a characteristic of the first signal with respect to a like characteristic of the second signal to mitigate co-channel interference, and transmitting the first signal and the second signal over different channels of the communication system.

Abstract: In an elliptic curve cryptographic system, point coordinates in a first coordinate system are transformed into a second coordinate system. The transformed coordinates are processed by field operations, which have been modified for operating on the transformed point coordinates. In some implementations, the point coordinates are transformed using a linear transformation matrix having coefficients. The coefficients can be fixed, variable or random. In some implementations, the transformation matrix is invertible.

Abstract: The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node.

Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.

Abstract: A system and method providing for appending of a note or instruction to the contents of an email such that the note or instructions is only appended to emails of selected recipients of a group of recipients, with only the email going to the other recipients of the group of recipients is provided.

Abstract: A signal transmission apparatus includes: a serial-to-parallel conversion unit serial-to-parallel converting HD-SDI format serial digital video signals of Link A containing CH1, CH3, CH5, and CH7, and Link B containing CH2, CH4, CH6, and CH8; a scrambler rewriting a specified timing reference signal among data of horizontal lines in converted Link A into a predetermined value, applying scrambling to only specified data, performing encoding, and outputting at least up to several bits of data following an error detection code; an extracting unit extracting RGB bits only from specified data among data of horizontal lines in converted Link B; an 8-bit/10-bit encoder subjecting the extracted RGB bits of the Link B to 8-bit/10-bit encoding; a multiplexing unit multiplexing scrambled parallel digital data of the Link A and encoded parallel digital data of the Link B; and a serial digital data generating unit generating serial digital data from the parallel digital data.

Abstract: Secure communication of information is effected from a first party to a second party when the first party knows its own global location and the global location of the second party, and employs what essentially is an undiscoverable code signal that is broadcast to, and received by, both the first and the second parties. The first party securely communicates information to the second party by modifying the code signal with the information that is to be communicated and sends the modified code signal to the second party. Illustratively, the code signal is related to the Y component of a GPS signal.

Abstract: A secure computing device (14) includes a secure processing section (30) having a tamper detection circuit (58) and a monotonic counter (68). The tamper detection circuit (58) detects an event which suggests that the trust associated with the secure processing section (30) may have been compromised. When such an event is detected, a security breach is declared and trusted software (38) is disabled. After a security breach is declared, the monotonic counter (68) may be reclaimed. The monotonic counter (68) provides a monotonic count value (70) that includes an LSB portion (80) and an MSB portion (82). The LSB portion (80) is obtained from a binary counter (72). The MSB portion (82) is obtained from a register (84) of independent one-time-programmable bits. The monotonic counter (68) is reclaimed by programming one of the one-time programmable bits to guarantee that future counting of the monotonic counter will be monotonic relative to all past counting.

Abstract: Rather than downloading each content document on demand from the publisher location to the user site, at the publisher location, each content document is encrypted and then multiple encrypted documents are assembled into a distribution archive that is itself encrypted with a scheduled key. The distribution archive is then downloaded into a content server at the user site. When the content server receives the distribution archive, it decrypts the archive file and unpacks the encrypted documents. The scheduled key used to decrypt an archive file is included with an archive file that was sent previously to the user site in accordance with the subscription service. The scheduled key to decrypt the first archive file sent to the user is sent from the publisher to the user over a communication channel different from the communication channel used to send the archive file from the publisher to the user.

Abstract: An apparatus for copy protection in a cable broadcast receiver and method thereof, by which digital broadcast contents can be protected from being copied.

Abstract: A hardware Secure Processing Unit (SPU) is described that can perform both security functions and other information appliance functions using the same set of hardware resources. Because the additional hardware required to support security functions is a relatively small fraction of the overall device hardware, this type of SPU can be competitive with ordinary non-secure CPUs or microcontrollers that perform the same functions. A set of minimal initialization and management hardware and software is added to, e.g., a standard CPU/microcontroller. The additional hardware and/or software creates an SPU environment and performs the functions needed to virtualize the SPU's hardware resources so that they can be shared between security functions and other functions performed by the same CPU.

Abstract: A data processing device of the invention has an ID creator unit (300) which adds ID information which is set by a CPU and the number of sectors, and outputs a result of the addition as ID information; a scramble SEED value table (103) which produces an initial scramble SEED value, by using the ID information which is outputted from the ID creator unit (300); a normal scramble filter (104) which produces a scramble SEED value (402) for data to be transferred; a frame jumping scramble filter (301) which holds a scramble SEED value of a jumping destination (401) in preparation for jumping; and a selector (105) which selects one of the scramble SEED value (401) and the scramble SEED value (402) and outputs the selected value to the normal scramble filter (104). Accordingly, the data processing device can perform a scrambling process and a de-scrambling process, without depending on the reliability of the data being transferred.

Abstract: Sequence numbers for data packets to be transmitted using bearers having bearer identifiers in a communications system are generated, wherein the sequence numbers are generated independently for each of the bearers used for transmitting the data packets. Last generated sequence numbers for each of the bearers identifiers are stored and held in a memory. When a sequence number for a data packet to be transmitted using a bearer out of the bearers which has been used before is to be generated the memory is checked on a last generated sequence number for the bearer with a previously used bearer identifier and the sequence number is generated in accordance therewith.

Abstract: This invention relates to the methods of coordinating and tracking product and service demonstrations. An event coordinator directs event operators to conduct a product or service demonstration event. The event coordinator provides event operators with cards, such as debit cards, credit cards, or smart cards, to purchase items needed for the demonstration. The event operator contacts a card administration system to activate the card. The card administration system verifies that the provided card ID and event ID are valid, and associates an authorized budget of the demonstration event with the card. The event operator then purchases items with the card, and conducts demonstrations. Event data is provided to the parties involved in the demonstration such as a product manufacturer or service provider, the event coordinator, a staffing agency, the event operator, and a retail store.

Abstract: A method, system and computer program product for computing a message authentication code for data in storage of a computing environment. An instruction specifies a unit of storage for which an authentication code is to be computed. An computing operation computes an authentication code for the unit of storage. A register is used for providing a cryptographic key for use in the computing to the authentication code. Further, the register may be used in a chaining operation.

Abstract: An apparatus (213) and corresponding methods (FIG. 7) to facilitate maintaining crypto synchronization while processing communication signals in a communication unit includes a vocoder (215) configured to convert input audio band signals to vocoder output frames; a crypto processor (217) configured to encrypt the vocoder output frames to provide encrypted output frames; and a synchronizer (219) configured to substitute in a predetermined manner synchronization information corresponding to an encryption state of the crypto processor for a portion of the encrypted data in a portion of the encrypted output frames to provide resultant output synchronization frames suitable for synchronizing a decryption process at a target communication unit.

Abstract: Enhancements to a video anticopying process that causes an abnormally low amplitude video signal to be recorded on an illegal copy. The enhancements in one version introduce into the overscan portion of the television picture, just prior to the horizontal or vertical sync signals but in active video, a negative going waveform that appears to the television receiver or videotape recorder to be a sync signal, thereby causing an early horizontal or vertical retrace. One version provides (in the right overscan portion of the picture), a checker pattern of alternating gray and black areas which causes the TV set on which the illegal copy is played to horizontally retrace earlier than normal in selected lines with a consequential horizontal shift of the picture information on those lines. This substantially degrades picture viewability. In another version a gray pattern at the bottom overscan portion of the picture causes vertical picture instability.

Abstract: The present application generally relates to apparatuses such as television signal processing apparatus that process radio frequency signals. More specifically, the present application is particularly useful in integrated circuits that must combine circuitry operating in a synchronous-sampling mode that must be adapted for use with a fixed rate sampling mode application. According to an exemplary embodiment, the television signal processing apparatus comprises a source of a fixed rate digital signal, signal processing circuitry operating in a synchronous-sampling mode wherein the signal processing circuitry comprises a signal representing a symbol rate, and an interpolator for processing the fixed rate digital signal to yield samples at the symbol rate.

Abstract: A method consistent with certain embodiments, of processing a received encrypted frame signal, wherein the received encrypted frame signal is indicative that a specific video frame is encrypted, involves receiving a video signal including the received encrypted frame signal; wherein the received video signal comprises a received bit stream; synthesizing the received encrypted frame signal to produce a synthesized encrypted frame signal that is in synchronization with the received encrypted frame signal; determining if a sink wireless receiver is locked to the received bit stream, and if so, passing the received encrypted frame signal to the sink device; and if the sink wireless receiver is not locked to the received bit stream, passing the synthesized encrypted frame signal to the sink device. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

Abstract: An encryption system (1) and a method for encrypting and decrypting sensitive data during a data interchange between at least two electronic appliances communicating with one another. The encryption system (1) has a data stream module (2) for providing a synchronous data stream as raw material for key generation, a data module (5) for preparing the data for the encryption/decryption, a key generator (6) to which an agreed information portion of the data stream from the data stream module (2) is supplied, an encryption/decryption unit (7) which is connected to the data module (5) and to the key generator (6) and which encrypts/decrypts the sensitive data using a keyword, and an output unit (7) for forwarding the encrypted/decrypted data, the key generator (6) taking the data stream supplied to it and producing a respective keyword for each message which is to be encrypted/decrypted simultaneously on the appliances communicating with one another.

Abstract: A sending apparatus generates a first initial vector, a second initial vector, and an encryption key in response to a pseudo random number. Original information is encrypted into cipher information in response to the encryption key and the second initial vector. The cipher information and the first initial vector are transmitted from the sending apparatus to a receiving apparatus. The receiving apparatus generates a first initial vector, a second initial vector, and an encryption key in response to a pseudo random number equal to that in the sending apparatus. The cipher information is decrypted back to the original information in response to the generated encryption key and the generated second initial vector. The receiving apparatus compares the received first initial vector and the generated first initial vector to check whether or not encryption/decryption-related synchronization between the sending apparatus and the receiving apparatus is normally maintained.

Abstract: A method of synchronizing the operation of a two-way QKD system by sending a sync signal (SC) in only one direction, namely from one QKD station (ALICE) to the other QKD station (BOB). The one-way transmission greatly reduces the amount of light scattering as compared to two-way sync signal transmission. The method includes phase-locking the sync signal at BOB and dithering the timing of the quantum signals so as to operate the QKD system in three different operating states. The number of detected quantum signals is counted for each state for a given number of detector gating signals. The QKD system is then operated in the state associated with the greatest number of detected quantum signals. This method is rapidly repeated during the operation of the QKD system to compensate for timing errors to maintain the system at or near its optimum operating state.

Abstract: A hardware Secure Processing Unit (SPU) is described that can perform both security functions and other information appliance functions using the same set of hardware resources. Because the additional hardware required to support security functions is a relatively small fraction of the overall device hardware, this type of SPU can be competitive with ordinary non-secure CPUs or microcontrollers that perform the same functions. A set of minimal initialization and management hardware and software is added to, e.g., a standard CPU/microcontroller. The additional hardware and/or software creates an SPU environment and performs the functions needed to virtualize the SPU's hardware resources so that they can be shared between security functions and other functions performed by the same CPU.

Abstract: Methods and apparatus are provided for a cryptography accelerator to efficiently perform authentication and encryption operations. A data sequence is received at a cryptography accelerator. An encrypted authentication code and an encrypted data sequence is provided efficiently upon performing single pass authentication and encryption operations on the data sequence.

Abstract: A method, system and computer program product for computing a message authentication code for data in storage of a computing environment. An instruction specifies a unit of storage for which an authentication code is to be computed. An computing operation computes an authentication code for the unit of storage. A register is used for providing a cryptographic key for use in the computing to the authentication code. Further, the register may be used in a chaining operation.

Abstract: Disclosed is a signal processor including a serial-to-parallel converter inputting serial digital video signals for n channels and converting the serial digital video signals for respective channels into parallel digital video signals. The signal processor further includes a frame-synchronization scrambler scrambling predetermined bits of the parallel digital video signals and storing the initial values in the auxiliary data section as auxiliary data; and a self-synchronization scrambler scrambling the parallel digital data for respective channels; and a multiplexer multiplexing the parallel digital data for respective channels.

Abstract: Rather than downloading each content document on demand from the publisher location to the user site, at the publisher location, each content document is encrypted and then multiple encrypted documents are assembled into a distribution archive that is itself encrypted with a scheduled key. The distribution archive is then downloaded into a content server at the user site. When the content server receives the distribution archive, it decrypts the archive file and unpacks the encrypted documents. The scheduled key used to decrypt an archive file is included with an archive file that was sent previously to the user site in accordance with the subscription service. The scheduled key to decrypt the first archive file sent to the user is sent from the publisher to the user over a communication channel different from the communication channel used to send the archive file from the publisher to the user.

Abstract: End-to-end authentication capability based on public-key certificates is combined with the Session Initiation Protocol (SIP) to allow a SIP node that receives a SIP request message to authenticate the sender of request. The SIP request message is sent with a digital signature generated with a private key of the sender and may include a certificate of the sender. The SIP request message may also be encrypted with a public key of the recipient. After receiving the SIP request, the receiving SIP node obtains a certificate of the sender and authenticates the sender based on the digital signature. The digital signature may be included in an Authorization header of the SIP request, or in a multipart message body constructed according to the S/MIME standard.

Abstract: An electronic asset system mints a stick of electronic assets that can be spent by the user with multiple vendors. Assets sticks are issued anonymously or non-anonymously in a way without requiring dedication to a particular vendor, hence allowing the user to spend one or more assets from the stick with different vendors. The auditor randomly audit samples of the spent assets to detect whether the assets have been fraudulently used. The electronic asset system employs tamper-resistant electronic wallets constructed as dedicated hardware devices, or as devices with secure-processor architecture. The electronic asset system also facilitates handling of electronic coupons in a manner that enforces compliance between the user and the vendor. The user and vendor each maintain a stick of corresponding coupons with pointers to the most recent and oldest coupons available for expenditure.

Abstract: The system checks whether authorization exists for at least two data processing devices to exchange data with one another. In the preferred embodiment, both data processing devices are of identical design. Check data are simultaneously produced, in response to a trigger signal, in both data processing devices. The check data are compared with one another in the data processing device to which a control function has been allocated.

Abstract: A method and system for managing electronic distribution of digital movies to commercial exhibitors at warp speed is made ultra secure by utilizing synchronized and concurrent digitally bifurcated data transmissions via both satellite up-links/downlinks and compressed digital data sent and retrieved from secure restrictive sites on the world wide web. All transmitted data received is interlocking and co-dependent upon each other for functional deciphered translation thereby considerably reducing the odds of piracy over present methods.

Abstract: A method for initiating a security and billing feature request at the beginning or during an active telephone call. The telephone subscriber can select one of a plurality of security levels that may be required to ensure privacy during a call. Since each level of security is based on a different encryption and authentication algorithm, the levels of security can be incrementally priced. Thus, selecting an algorithm which is deemed to be very secure can be billed to the subscriber at a higher rate than an algorithm that is deemed to be less secure.