Abstract: An encryption technique allowing use of classic Y-00 scheme performed using classic physical random numbers instead of quantum fluctuation in electrical communication and data storage in recording media, including a first modulation step for multilevel-modulating input data by associating with specific state pairs determined by physical random numbers, a second modulation step for outputting the output of the first step by irregularly associating with another signal by physical random numbers, and a channel coding step for channel-coding the output of the second step into desired codeword and outputting it as encrypted data, wherein the decoded signal obtained by channel-decoding the encrypted data can be discriminated which of specific state pairs the signal corresponds to and demodulated into the input data, and output by the first modulation by state pairs other than the specific state pairs and the second modulation by a physical random number different from the physical random number.

Abstract: A communication system includes a transmitter having a signal generator for generating a signal for transmitting data, a transmission delay unit for repeatedly delaying the signal from the signal generator for a predetermined delay time within a symbol period and generating corresponding delayed signals, and a selector for selectively providing one of the delayed signals from the transmission delay unit to an antenna; and a receiver having a reception delay unit for receiving the signal from the transmitter and delaying the signal as long as the delay time of the transmission delay unit, and a data judgment block for discriminating data bits of the signal from the transmitter by comparing the signal from the transmitter with the delayed signal from the reception delay unit. According to the communication system, the delay time can be accurately adjusted even if the delay line is shortened, and the data bits of the communication signal can be accurately judged in the receiver side.

Abstract: An information processing apparatus decrypts, using meta data, encrypted data obtained by encrypting stream data including successive frames according to an encryption method in which, when the stream data is sequentially encrypted on a frame-by-frame basis, a key used for encrypting each frame is updated according to a predetermined rule. The meta data includes the plurality of keys used for encrypting the stream data and update information for identifying update timings of the keys. The apparatus includes a decrypter for acquiring the encrypted data and decrypting each frame using the key used for encrypting the frame and a meta data acquirer for acquiring the meta data and delivering one of the keys corresponding to the frame to the decrypter in accordance with the update information. The meta data acquirer includes a corrector for detecting an error in the update information and correcting the update information if an error has occurred.

Abstract: A method of symmetric key encryption involves using a composition of transformations leading to an enhanced homophonic substitution, wherein the mapping of characters varies depending on the sequence of characters in the message text. In carrying out the method, encryption keys are first generated. Then, a polyalphabetic substitution is performed, which involves XOR'ing (e.g., a Boolean logical exclusive OR operation/calculation) the plaintext data elements with the generated keys. Next, the storage format is changed, from big-endian to little-endian or vice versa, and the data is stored in one or more square matrices. Finally, enhanced homophonic substitution is performed, meaning that for each element, the subset to which the element can be mapped to in the co-domain is the entire co-domain itself, thus providing the largest possible subset for the given co-domain. In other words, any given element in the domain can be mapped to any of the elements of the co-domain.

Abstract: A mobile terminal includes a near-field communication device capable of performing near-field wireless communication with an external device, and a controller configured to instruct the external device or the near-field communication device to execute a command. The near-field communication device has a storage unit, a first mutual authentication unit for authenticating the controller and for requesting the controller to authenticate the near-field communication device, a first communication key setting unit for setting a first communication key, a second mutual authentication unit for authenticating the external device and for requesting the external device to authenticate the near-field communication device, and a second communication key setting unit for setting a second communication key.

Abstract: A communications system in which a sending computer encrypts a message using a key associated with the computer which is to receive the message; and the receiving computer uses a key associated with the sending computer in the decryption process. The sending computer is equipped with a set of keys and each key within the set may be used for the encryption process, depending on the destination of the message; and the receiving computer chooses its key based on who the sending computer is.

Abstract: A method for re-encrypting encrypted data in a secure storage file system, including obtaining selected data to re-encrypt from the secure storage file system using a user data access record and the encrypted data, decrypting the selected data using a symmetric key, re-encrypting the selected data using a new symmetric key to obtain new encrypted data, encrypting the new symmetric key using a public key to obtain a new encrypted symmetric key, storing the new encrypted data and the new encrypted symmetric key if the public key is associated with a file system user having read permission, and storing an encrypted hash data if the file system user has write permission.

Abstract: A method and apparatus are provided for simply and securely limiting a number of times that contents can be accessed using a hash chain. The apparatus limiting a number of times contents are accessed by a user terminal includes a hash chain generator receiving information indicating selected contents by the user terminal and information indicating how many times (n) the user terminal has authority to access the selected contents and generating a hash chain including n hash values derived from a seed value, and a contents access manager deleting the hash values one by one from the hash chain whenever the user terminal accesses the selected contents such that the number of times the contents can be accessed by the user terminal is decreased by the number of deleted hash values.

Abstract: An efficient symmetrical-cryptographic method for using a fast but insecure host to perform encryption/decryption based on a secret key in a secure, but slow hardware token, such as a smartcard or similar device, without revealing the secret key to the host, and such that the ciphertext and plaintext are exactly the same size. The present method is suitable for use in Digital Rights Management and Software Rights Management applications which require precise interchangeability of ciphertext and plaintext in pre-allocated areas of data storage.

Abstract: A method of validating a consumable authentication chip is provided having the steps of: numerously calling a trusted chip's test function with an incorrect value to generate an invalid response or not generate the response thereby invalidating the consumable chip; if generated, in the trusted chip, generating a secret random number, calculating its signature and symmetrically encrypting the number/signature using a first secret key; calling the consumable chip's read function with the encrypted number/signature to symmetrically decrypt the encrypted number/signature using the first key, calculate the decrypted number's signature, compare the signatures, and if they match, symmetrically encrypt the decrypted random number and a data message using a second secret key; calling the trusted chip's test function with the message and the encrypted number/message to symmetrically encrypt the number and message using the second key, compare the encrypted numbers/messages, validate the consumable chip if they match, a

Abstract: A method and apparatus for a signal encryption device constructed to perform synchronous stream cipher encryption for a sequence of input words with restricted codes. The encryption device includes a keystream generator for producing a sequence of pseudorandom words from a key, and an adder that is used to sum the output of the keystream generator and the input words. A lookup table of size substantially twice the number of possible input words provides encrypted codes excluding restricted codes from the summed signal. A signal encryption and decryption system is constructed by including a second keystream generator for producing a second sequence of pseudorandom words from the key, and a second adder to produce a second summed signal from the output of the second keystream generator and the encrypted codes. A corresponding lookup table provides decrypted codes excluding restricted codes from the second summed signal.

Abstract: A method to transmit commands across a gaming network is implemented with digitally signed messages. The command messages are generated upon a triggering event, such as the winning of a bonus. The messages are digitally signed by the transmitting node and transmitted to the subservient device. When the subservient device receives the message, it verifies the signature and executes the command. If the signature does not verify, the subservient device may raise an alarm.

Abstract: Aspects of the invention provide a method and system for coding information in a communication channel. More particularly, aspects of the invention provide an method and system for synchronous running encryption and/or encoding and corresponding decryption and decoding in a communication channel or link. Aspects of the method may include encoding and/or encrypting a first data using a first or second encoding table and/or a first or second encryption table. The method may indicate which one of the first or second encoding tables or which one of the first or second encryption tables were utilized for encoding and/or encrypting the said first data. The encoded and/or encrypted first data may subsequently be transferred downstream and decoded by synchronous decoder/decryptor using a corresponding decoding and/or decryption table. The corresponding decoding and/or decryption table may be determined based on the indicated first and/or second encoding and/or encrypting tables.

Abstract: An authentication method and system in a communication system are provided. An MS, a BS and an AAA server acquire a first MSK by a first EAP authentication for the MS in an EAP-in-EAP scheme. After the first EAP authentication, they acquire a second MSK by a second EAP authentication for the MS in the EAP-in-EAP scheme.

Abstract: The present invention is directed to a three-phase encryption method and a three-phase decryption method, and an apparatus implementing the three-phase encryption method and/or the three-phase decryption method. To encrypt a message according to the three-phase encryption method, a content of a message is converted from a first form M to a second form M?; the content of the message is separated according to a spacing pattern; and the content of the message is scrambled according to a scrambling pattern. To decrypt the message encrypted using the three-phase encryption method, the scrambling and spacing patterns are reversed, and the content of the message is converted from the second form M? to the first form M.

Abstract: In a method for generation of a secret session key for cryptographically securing a communication channel between a first communication partner and a second communication partner, the first communication partner generates at least one first key parameter, receives at least one second key parameter generated by the second communication partner, and generates the secret session key using the first key parameter and the second key parameter. The first communication partner generates, stores and communicates to the second communication partner a first random number, receives from the second communication partner a sent-back random number, compares the sent-back random number with the stored random number, and releases the generated secret session key for use given the presence of a predeterminable correlation between the sent-back first random number and the stored random number.

Abstract: It takes time for an encryption data communication system to transfer encrypted data, because negotiations of security parameters are necessary prior to communications in order to protect security and integrity of a SIP message or public key cryptography is required to be used for an encryption process, a decryption process., an digital signature process and an digital digital signature verification process each time a SIP message is transmitted/received. When a SIP message is transferred between two entities, the message is encrypted by shared information if the information is being shared between the entities, or the message is encrypted by the public key of the transmission destination entity if the shared information is not being shared. The encrypted message contains shared information to be used for the transmission destination entity of the encrypted data to encrypt or decrypt the message, during communications after the encrypted data is generated.

Abstract: An apparatus (213) and corresponding methods (FIG. 7) to facilitate maintaining crypto synchronization while processing communication signals in a communication unit includes a vocoder (215) configured to convert input audio band signals to vocoder output frames; a crypto processor (217) configured to encrypt the vocoder output frames to provide encrypted output frames; and a synchronizer (219) configured to substitute in a predetermined manner synchronization information corresponding to an encryption state of the crypto processor for a portion of the encrypted data in a portion of the encrypted output frames to provide resultant output synchronization frames suitable for synchronizing a decryption process at a target communication unit.

Abstract: The disclosed embodiments provide for methods and apparatus for encrypting media using a current media encryption key (MEK), requesting a new MEK, and receiving the new MEK. The method further provides for transitioning from the current MEK to the new MEK and continuing to encrypt the media using the new MEK. In another embodiment, the method provides for decrypting media during an ongoing media communication session, the method provides for receiving encrypted media, and decrypting the encrypted media using a current MEK. The method further provides for requesting a new MEK before the current MEK expires based on its associated expiration time, receiving the new MEK, and continuing to decrypt the encrypted media based on a received MEK indication flag (MIF) that indicates whether the encrypted media is encrypted using the current MEK or the new MEK.

Abstract: An apparatus includes a key mixing circuit, an input circuit, and a decapsulation circuit. The key mixing circuit generates N Wired Equivalent Privacy (WEP) seeds, N?1, each based on a predetermined temporal key, a transmitter MAC address, and a predetermined start value for a Temporal Key Integrity Protocol (TKIP) Sequence Count (TSC). The input circuit receives a message including the transmitter MAC address and the predetermined start value. The key mixing circuit generates the N WEP seeds based on the message. The input circuit receives N encapsulated MAC Payload Data Units (MPDUs) each including the transmitter MAC address and one of N values for the TSC, greater than or equal to the predetermined start value. The decapsulation circuit decapsulates the N encapsulated MPDUs using one of the N WEP seeds generated based on the value for the TSC in the respective one of the N encapsulated MPDUs.

Abstract: A system for communication of a message in which the message intended for a third computer is first encrypted by a first computer and is sent to a second computer. The second computer, acting as an intermediary, + decrypts the message and re-encrypts the message before sending the message to the third computer which again decrypts the message.

Abstract: An apparatus and method for unifying multiple radio frequency identifications (RFIDs) are provided. The apparatus includes: a data arithmetic operator collecting RFIDs, storing the collected RFIDs, and repeatedly performing the collection and storage when a time out event occurs; a hash arithmetic operator concatenating the RFIDs, hashing the concatenated RFIDs, and outputting a hashed single value; a random number generator generating a random number used as an encryption factor to public-key-encrypt the single value; an RFID tag processor controlling locking/unlocking of the RFID tags; a public key arithmetic operator public-key-encrypting the single value using a predetermined public key and the random number as encryption factors and outputting a cipher text; and a radio frequency communicator converting the cipher text into a radio signal and sending the radio signal to a radio section. Information transmitted to a radio section is a cipher text obtained by public-key-encrypting the single value.

Abstract: An arrangement is provided for performing MD5 digesting. The arrangement includes apparatuses and methods that pipeline the MD5 digesting process to produce a 128 bit digest for an input message of any arbitrary length.

Abstract: An apparatus, system and method provides an out-of-synchronization detection by using a network layer checksum. A process operating at an upper layer verifies that a checksum embedded in a network layer header is correct before encrypting and transmitting a data packet containing the header and a payload. The data packet is received through a wireless communication channel at a receiver and decrypted. A calculated checksum is calculated on the received payload at the receiver and compared to the received checksum embedded in the header. A key stream used at the receiver for decrypting the received encrypted data packets is determined to be out of synchronization with a key stream used at the transmitter to encrypt the data packets if the calculated checksum is not equal to the network layer checksum.

Abstract: Techniques for securely and adaptively delivering multimedia content are disclosed in which a set of alternate access units for each time slot is obtained. Then, the encryption stream index of each access unit from the set of alternate access units of the previous time slot are obtained. An encryption stream index is then assigned to each access unit in the set of alternate access units in the current time slot, such that the encryption index increases over time. Thus, the invention overcomes the problem of encrypting a multimedia stream that may have multiple access units for each time slot by selecting the encryption index for each access unit such that the encryption index increases, regardless of which access unit the delivery system (e.g., server) selects for transmission.

Abstract: A technique is provided for filtering noise in digital image data, particularly random point or spike noise. Image data may be rank order filtered and absolute differences between ordered values computed to create a mask. Blending is performed based upon a likelihood that individual pixels are or exhibit spike noise. The rank order filtered values may be used directly for blending, or the original image may be shrunk and then expanded to provide a rapid and computationally efficient spike noise reduction alternative.

Abstract: Techniques for securely and adaptively delivering multimedia content. It is assumed that a set of alternate access units for each time slot is obtained. Then, the encryption stream index of each access unit from the set of alternate access units of the previous time slot are obtained. An encryption stream index is then assigned to each access unit in the set of alternate access units in the current time slot, such that the encryption index increases over time. Thus, the invention overcomes the problem of encrypting a multimedia stream that may have multiple access units for each time slot by selecting the encryption index for each access unit such that the encryption index increases, regardless of which access unit the delivery system (e.g., server) selects for transmission.

Abstract: To provide a secure, effective but simple message handling, a method is provided for transmitting an electrical message, from a first user having a first terminal to a second user having a second terminal. The method comprises the steps of: transmitting said email in an encrypted form by said first terminal, said encrypted e-mail being encrypted by means of a key generated by a first key generator using a seed, providing once said second user with said seed for generating a key with a second key generator provided in said second terminal, providing to and storing said seed in said second terminal, using said seed by said second terminal for generating a key each time an encrypted email from said first user to said second user is received, synchronizing a counting value in each terminal; and generating said key on the basis of said seed and a counting value in each terminal, independently of other terminal.

Abstract: A one-way stabilized QKD system (10) that utilizes a control signal (CS) and a quantum signal (QS) that travel the same path through the system from a first QKD station (Alice) to a second QKD station (Bob). The control signal is detected at Bob and used to stabilize Bob's side of the interferometer against phase variations. The system also includes a polarization control stage (200) that controls (e.g., scrambles) the polarization of the photons entering Bob. The combination of the polarization control and the active phase stabilization of the interferometer at Bob's end allows for the stable operation of the interferometer when used as part of a one-way QKD system.

Abstract: An apparatus for generating a 2D spreading code and method for the same are proposed. The apparatus for generating the 2D spreading code includes a column counter, a row counter, a codeword selector, and a logic unit. The logic unit performs logic operations on the output of the column counter, the row counter, and the codeword selector to generate the 2D spreading code of desired order designated by the codeword selector. The 2D spreading code includes 4 2×2 initial matrixes for generating 4i codes for 4i users in the ith order. The apparatus for generating the 2D spreading code according to the present invention is advantageously used in OFDM system to increase the number of subscribers with reduced interference.

Abstract: Detecting loss of stream cipher synchronization between a transmitter and a receiver in a video processing system may be achieved by receiving, by the receiver, an encrypted video frame from the transmitter, obtaining an encrypted value for a selected pixel in the encrypted video frame, decrypting the encrypted pixel value using a first portion of the receiver's current key stream, re-encrypting the pixel value using a second portion of the receiver's current key stream, sending the re-encrypted pixel value from the receiver to the transmitter, obtaining, by the transmitter, a plaintext value for the selected pixel from a corresponding original video frame and encrypting the plaintext pixel value using a second portion of the transmitter's current key stream, and comparing the re-encrypted pixel value received from the receiver with the encrypted pixel value generated by the transmitter and detecting a loss of cipher synchronization when the values do not match.

Abstract: In a method and apparatus for synchronizing the receiver and the emitter in an autocompensating quantum cryptography system it is allowed to one of the stations (for example the emitter) to define the timing of all its operations (for example the application of a signal onto the modulator used to encode the values of the bits) as a function of a time reference. This time reference can either be transmitted using a channel from the other station (for example the receiver). It can also consist of a time reference synchronized with that of the other station through using information transmitted along a channel and a synchronization unit. Preferably a time reference unit is provided at each station. One of these time reference units functions as a master, while the other one function as a slave. The slave is synchronized with the master using information transmitted over a communication channel by a synchronization unit.

Abstract: Systems, methods, and data structures for transparently embedding non-compliant data in a data stream are described. One method includes embedding random encryption/decryption information into an MEPG multimedia, video, or audio stream transparently to an MPEG decoder in an ISO/MPEG 13818-1 compliant system to control access. The invention works for variable length data streams and involves a PES header. Spare bytes, stuffing bytes, or additional bytes as defined in the MPEG specification for PES headers are used to store key information by a computer capable of modifying the original data stream. There is no need for a parallel data stream for the key information because the key information is transparently inserted directly into the data stream. Additional information is embedded into the data stream that can be used for encryption/decryption without having to modify other components in a playback system.

Abstract: A system for the encryption and decryption of data employing dual ported RAM for key storage to accelerate data processing operations. The on-chip key storage includes a dual-ported memory device which allows keys to be loaded into memory simultaneous with keys being read out of memory. Thus, an encryption or decryption algorithm can proceed while keys are being loaded into memory.

Abstract: Selectively obfuscating, or obscuring, a portion or portions of information in a multi-party transmission. A user participating in a multi-party exchange signals a communication device (or proxy) that he will provide private information that is to be perceptible only to a subset of the other participants. This user also identifies that subset, preferably by providing a group identifier for a group in which that subset of participants are members. The communication device transmits a member-specific descriptor comprising an encrypted version of a group key, and uses this group key to encrypt the private information that is to be perceptible only to the subset. Device-specific characteristics of participant devices are used, in addition to user-provided data (such as a user's log-on identifier and/or password), as input to create cryptographic key information.

Abstract: A reception intensity measuring unit measures a reception intensity of a radio wave received by a radio reception unit under control of a connection control unit. When it is judged that the reception intensity of the received radio wave is larger than a reception intensity set in advance, the reception intensity measuring unit controls a transmission intensity changing unit to lower a transmission intensity of a radio wave to be transmitted from a radio transmission unit. When the transmission intensity of the radio wave to be transmitted from the radio transmission unit is lowered by the transmission intensity changing unit, an authentication processing unit executes authentication processing with another apparatus via the radio reception unit and the radio transmission unit and controls an authentication data registering unit to register authentication data, which is obtained as a result of the authentication processing, in a memory.

Abstract: Authentication of cellular telephone device by providing a first one-time pad cryptological table to a security server which has multiple sequenced One Time Pad value entries including a previous use indicator initialized as “unused”, and providing a second one-time pad cryptological table to an authentic device initially synchronized with the first table. A cloned copy of the second table is stored in an inauthentic cellular telephone device, these third table being initially synchronized with the second table. The authentic device selects an unused entry in the second table and transmits it to the server when requesting service. If the received entry matches a next sequential unused entry in the first table, the server grants service, and both server and authentic device mark that entry as used. If the received entry does not match a sequentially next unused entry in the first table, service is denied to the requesting device.

Abstract: A method includes receiving an authentication request from a mobile station (401) and determining whether to forward the request to an authentication agent. When it is determined to forward the request, the request is forwarded to the authentication agent (107). A random number and a random seed are received from the authentication agent (107). The random number and the random seed are forwarded to the mobile station (401). A response to the random number and the random seed from the mobile station (401) is received and forwarded to the authentication agent (107). The authentication agent (107) compares the response with an expected response. When the authentication agent (107) authenticates the mobile station (401), a derived cipher key is received from the authentication agent (107).

Abstract: Detecting loss of stream cipher synchronization between a transmitter and a receiver in a video processing system may be achieved by receiving, by the receiver, an encrypted video frame from the transmitter, obtaining an encrypted value for a selected pixel in the encrypted video frame, decrypting the encrypted pixel value using a first portion of the receiver's current key stream, re-encrypting the pixel value using a second portion of the receiver's current key stream, sending the re-encrypted pixel value from the receiver to the transmitter, obtaining, by the transmitter, a plaintext value for the selected pixel from a corresponding original video frame and encrypting the plaintext pixel value using a second portion of the transmitter's current key stream, and comparing the re-encrypted pixel value received from the receiver with the encrypted pixel value generated by the transmitter and detecting a loss of cipher synchronization when the values do not match.

Abstract: An encryption system (1) and a method for encrypting and decrypting sensitive data during a data interchange between at least two electronic appliances communicating with one another. The encryption system (1) has a data stream module (2) for providing a synchronous data stream as raw material for key generation, a data module (5) for preparing the data for the encryption/decryption, a key generator (6) to which an agreed information portion of the data stream from the data stream module (2) is supplied, an encryption/decryption unit (7) which is connected to the data module (5) and to the key generator (6) and which encrypts/decrypts the sensitive data using a keyword, and an output unit (7) for forwarding the encrypted/decrypted data, the key generator (6) taking the data stream supplied to it and producing a respective keyword for each message which is to be encrypted/decrypted simultaneously on the appliances communicating with one another.

Abstract: A method of electronically signing a document includes initializing a user, including generating an asymmetric key pair including a private signing key and a public signing key, and storing the private signing key and the public signing key; and providing an electronic signature, including receiving document data corresponding to at least one selected portion of the document, binding the stored private signing key and the document data to create an electronic signature, and providing the electronic signature for a recipient.

Abstract: The present invention allows the user (author or creator) of a document to specify that certain portions of a document be selected for encryption while other portions of the document remain displayed as created. In addition, each encrypted section could have multiple encryption keys such that some viewers can review certain parts of the document while other viewers will not have that same access. The user could employ a standard word processing editor technique to highlight (or swipe) portions of a document that the user desires to be encrypted. The highlighted portion would then be ‘tagged’ with a surrounding attribute indicating to the word processor that this highlighted portion of the document is to be encrypted. The highlighted sections would also have encryption keys associated with the highlighted and encrypted section. Any one of the encryption keys for that section would decrypt that section. With proper authorization, any encrypted portion of a document would be displayed as part of the document.

Abstract: The apparatus and method for scrambling high-rate data is disclosed. The apparatus includes a first storing unit for storing a transport stream (TS) inputted from an external device; a common key (CK) generating unit for generating a CK by receiving a control word (CW) from an external conditional access system (CAS); a key scheduling unit for generating predetermined number of keys (KK)s by receiving the CK from the CK generating unit; a plurality of enciphering units for enciphering the TS transmitted from the first storing unit based on the predetermined number of KKs and the CK; a second storing unit for storing the TS enciphered by the enciphering units and outputting the enciphered TS; and a controlling unit for controlling the multiple enciphering units.

Abstract: A sending apparatus generates a first initial vector, a second initial vector, and an encryption key in response to a pseudo random number. Original information is encrypted into cipher information in response to the encryption key and the second initial vector. The cipher information and the first initial vector are transmitted from the sending apparatus to a receiving apparatus. The receiving apparatus generates a first initial vector, a second initial vector, and an encryption key in response to a pseudo random number equal to that in the sending apparatus. The cipher information is decrypted back to the original information in response to the generated encryption key and the generated second initial vector. The receiving apparatus compares the received first initial vector and the generated first initial vector to check whether or not encryption/decryption-related synchronization between the sending apparatus and the receiving apparatus is normally maintained.

Abstract: Method and system for encrypting streamed data employing fast set-up single use keys and self-synchronization. A transmitting handset produces a bitstream of voice data containing the session key and encrypted by an encryption signal based upon the session key. A receiving handset decrypts the incoming bitstream using the encryption signal and recognizes the session key, thereby establishing synchronization. The session key is derived from a seed by applying a first function to the seed. Following the call, the session key is converted into a new seed by application of a second function and the new seed is stored for use in the next call.

Abstract: A method of rights management in a first device connected to digital data content, said first device comprising a right for accessing said digital data content and available state information for reflecting the state of use of said digital data content, said method comprising the steps of: —receiving by said first device a request for a state information from a second device; —comparing the content of said request with said available state information; —selecting said requested state information in said available state information according to the result of said comparing step; —transferring said requested state information to said second device via a communication channel; and—duplicating said fight to said second device.

Abstract: A method and apparatus that uses tha dynamics of chaotic system for the remote generation of a digital key, for use in any encryption algorithm. After initialization, the dynamics of a chaotic system are allowed to generate the 0 and 1 bits of a key bistream. An initialization bistream is transmitted, using conventional transmission technologies, to an identical chaotic system. This chaotic system is driven into synchrony and allow to generate a key bitsream, which is identical to the other bitstream because the chaotic systems have been sychronized.

Abstract: Provided is a method of preventing digital content stored in a universal serial bus (USB) mass storage (UMS) device from being distributed without restriction. In the method, registration data is encrypted in order to allow a UMS device to decrypt and use digital content using time information only within a predetermined term of validity. Accordingly, even if encrypted registration data of a UMS device is disclosed, it is possible to make it difficult for unauthorized devices to store the registration data, thereby preventing content of the UMS device from being distributed without restriction.

Abstract: The aim of this invention is to propose a flexible solution to the risk represented by the interception of data by an unauthorized party during the transmission of said data between a broadcast center and a specialized decryption/decompression circuit such as is used in a Pay-TV decoder. This aim is achieved by a data transmission method involving a broadcast center or diffusion center, a management center and a multimedia unit, the latter comprising at least one unique key and a security module having a transport key.

Abstract: A logical tree structure and method for managing membership in a multicast group provides scalability and security from internal attacks. The structure defines key groups and subgroups, with each subgroup having a subgroup manager. Dual encryption allows the sender of the multicast data to manage distribution of a first set of encryption keys whereas the individual subgroup managers manage the distribution of a second set of encryption keys. The two key sets allow the sender to delegate much of the group management responsibilities without compromising security because a key from each set is required to access the multicast data. Security is further maintained via a method in which subgroup managers can be either member subgroup managers or participant subgroup managers. Access to both keys is provided to member subgroup managers whereas access to only one key is provided to participant subgroup managers.