Abstract: A method for electronically storing and retrieving at a later date a true copy of a document stored on a remote storage device comprises: sending a document in electronic format from a document owner's computing device to a store entity for storing the document; generating a digest of the document while the document is at the store entity by applying a hash function to the document; signing the digest electronically with a key while said document is at the store entity; generating a receipt that includes the digest and the key; sending the receipt to the document owner; and verifying, at the document owner's computing device, that the received receipt corresponds to the document sent from the owner's computing device.

Abstract: Techniques for generating a portion of a split private key are provided. A first symmetric key and a second symmetric key different than the first symmetric key are generated at a first location. The generated second symmetric key and a first one of multiple factors for generating the private key portion encrypted with the generated first symmetric key are transmitted. Then, at a second network location, the symmetric keys are again generated. The encrypted first factor is received at the second network location subsequent to a user authentication based upon the second symmetric key generated at the second network location. The received encrypted first factor is then decrypted with the first symmetric key generated at the second network location, the decrypted first factor usable to generate the portion of the split private key of the asymmetric key pair.

Abstract: A method and system for preventing replay-type attacks on a vehicle communications system that sends short message service (SMS) messages between a call center and a fleet of vehicles. The method uses separate sequence counters maintained at the call center and at each of the vehicles in the fleet to help prevent or at least minimize the effects of unauthorized third party interference; such as replay-type attacks. Each wireless message is embedded with a sequence counter that is provided by the sender and is compared by the recipient with a separate sequence counter for purposes of validation. Some optional features that can be used in conjunction with the sequence counters include a tolerance window feature, a consecutive message feature, and a proximity feature, to name but a few.

Abstract: A set of equipment for secure direct information transfer over the Internet contains information transmitting terminal devices for collaborating with an information forwarding network, taking part in the information traffic. The individual information transmitting terminal devices are equipped with a sender partial unit, a receiver partial unit and a storage partial unit comprising an ID-register containing a device identification signal, a C-register for storing a coding key and a D-register for storing a decoding key. The C-register containing the coding key is connected to the sender partial unit, and a coding key and a collaborating decoding key are allocated to each individual information transmitting terminal device.

Abstract: A processor on a delegator receives an input upon which an expensive function is to be evaluated. The delegator incorporates the input into a request to perform a task that is different from evaluating the function. When the task is performed, it provides a secondary result that is observable by the delegator. The secondary result is different from an answer to the expensive function and can be verified by the delegator with less computational expense than evaluation of the expensive function. The task can be performed by the server only after the server has verifiably evaluated the function based on the input. Request data, that is indicative of the request to perform a task with the input incorporated therein is transmitted to the server for performance of the task. The delegator then receives a returned result from the server indicative of the server performing the task.

Abstract: A communication device including a communication connection establishing circuit configured to establish an ad hoc network communication connection between the communication device, a second communication device and a third communication device, a generating circuit configured to generate encryption parameters to be used by the second communication device and the third communication device for encrypting and decrypting data transmitted between the second communication device and the third communication device via the communication connection when the first communication device has left the communication connection, a signaling circuit configured to signal the encryption parameters to the second communication device and the third communication device, and a disconnection circuit configured to remove the communication device from the communication connection.

Abstract: A method of sharing keys among a plurality of conditional access (CA) vendors having differing CA systems used at a distribution headend involves receiving a CA Value contribution from each of the plurality of CA vendors at the headend; hashing the CA Values from each of the plurality of CA vendors together using a hashing function to produce an output control word; and at an encrypter at the headend, using the output control word as a content key, wherein the content key is used as an encryption key to encrypt content provided to a plurality of receivers that decrypt the content using any of the conditional access systems. This abstract is not to be considered limiting, since other embodiments may deviate from the features described in this abstract.

Abstract: Methods and apparatus are provided to allow Internet Key Exchange (IKE) phase 1 keying materials to be periodically refreshed in a secure manner without requiring user interaction. A client and server perform authentication and key exchange during set up of a secure connection. A token is passed to the client by the server during or after the initial user authentication phase. The token is stored both at the client and at the server. Instead of requiring user credentials, the token can be used to securely prove the identity of the client.

Abstract: An apparatus and method for managing the distribution and expansion of public keys held by a group or array of systems in white lists. The addition of a new system to the array entails a manual input to authorize the introduction of the new system to one trusted system in the array. After the introduction the new system is trusted by the one member and the white list of the one member is loaded into the white list of the new system. The new system then requests joining each of the other systems in the array. For each system in the array asked by the new system, the systems in the array ask if any other systems in the array already trust the new member. In response, a system of the array that trusts the new system responds by sending its white list (containing the public key of the new system) to the requesting system. Eventually the public key of the new system is in the white lists of all the systems in the array.

Abstract: An inventive system and method for intrusion-tolerant group management for a network is presented. The method comprises a client broadcasting a message request to controllers and validating the rekey messages received from the controllers, and controllers validating the client's broadcast message request and broadcasting proposals, collecting proposals, constructing threshold-signed proofs, updating the view umber, performing the client's message request, generating the rekey based on the valid proposals and transmitting the rekey to the client. Simultaneously, controllers send reconciliation messages to all controllers, based on which the membership state is updated. The client updates a shared key when a predetermined number of valid rekey messages are received. The controllers can communicate via a byzantine fault-tolerant agreement. The client can use its public key to decrypt the rekey and perform validation. The client's message request can be a join or a leave.

Abstract: A communication system and a timing control method are proposed that optimize timing in a sender and thereby enable information to be stably transmitted at the right timing. Under instructions from a timing controller in a receiver, the timing of driving a phase modulator in a sender is shifted by one step after another, and the then amount of clock shift and result of interference are monitored at the receiver and stored in a memory. The optimum timing is determined based on the stored data. Thus, a clock for driving the phase modulator in the sender can be set at the right timing. This is equivalent to compensating for group velocity dispersion due to wavelength dispersion that occurs when an optical signal channel and a clock signal channel are transmitted by wavelength division multiplexing transmission.

Abstract: In the telemedical system securely sharing encryption keys for enabling secure exchange of the encrypted biological data between the measurement terminal and the server to prevent the data from being stolen by the malicious third party, a service key is transferred to the second adapter attached to a measurement terminal from the server via the first adapter attached to the management apparatus. First, the first adapter attached to the management apparatus receives the service key from the server. Next, the first adapter is temporarily detached from the management apparatus and is attached to the measurement terminal to store the symmetric key. The first adapter is detached from the measurement terminal, and is attached to the management apparatus again. The service key received in the first adapter is encrypted using the symmetric key, and the encrypted key is transmitted to the second adapter attached to the measurement terminal.

Abstract: Intercepting a secure communication session includes distributing a key from a key distribution point to establish a secure communication session between a first endpoint and a second endpoint. A secure channel is established between the key distribution point and an intercepting point. The intercepting endpoint may be determined to be authorized to intercept the secure communication session. The key is provided to the intercepting endpoint only if the intercepting endpoint is authorized to intercept the secure communication session, where the key provides the intercepting endpoint with access to intercept the secure communication session.

Abstract: A method is disclosed for enabling stateless server-based pre-shared secrets. Based on a local key that is not known to a client, a server encrypts the client's state information. The client's state information may include, for example, the client's authentication credentials, the client's authorization characteristics, and a shared secret key that the client uses to derive session keys. By any of a variety of mechanisms, the encrypted client state information is provided to the client. The server may free memory that stored the client's state information. When the server needs the client's state information, the client sends, to the server, the encrypted state information that the client stored. The server decrypts the client state information using the local key. Because each client stores that client's own state information in encrypted form, the server does not need to store any client's state information permanently.

Abstract: Stateless hardware security modules facilitate securing data transfers between devices in a data communication system. The stateless hardware security module may communicate with other devices via a secure communication channel to securely transfer information between the client device and another device. As a result, sensitive information such as cryptographic keys and data may be securely routed between the client device and another device. The stateless hardware security module may support a limited set of key management operations to facilitate routing of information between the client device and another device. However, the stateless hardware security module does not need to maintain state information for the keys it maintains and/or uses. As a result, the stateless hardware security module may be advantageously integrated into a variety of client devices.

Abstract: Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency and security in secure gateway-to-secure gateway network communication. Embodiments provide systems and methods for generating a sender secure gateway private identity, obtaining a receiver secure gateway public identity, generating an encryption key using the sender secure gateway private identity and the receiver secure gateway public identity, encrypting a data packet using the encryption key, and sending the encrypted data packet to a receiver secure gateway. Embodiments also provide systems and methods for generating a receiver secure gateway private identity, obtaining a sender secure gateway public identity, generating a decryption key using the receiver secure gateway private identity and the sender secure gateway public identity, receiving an encrypted data packet from a sender secure gateway, and decrypting the data packet using the decryption key.

Abstract: The present invention discloses an apparatus and method for defining and enforcing rules of transition between two security domains, e.g., a transport domain and a persistent security domain. In turn, a border guard, e.g., a security device, is provided between these two domains that enforce rules for transition between the two security domains. This novel approach of defining a transport domain and a persistent security domain simplifies the classification of the digital content and its movement through the system. Namely, the border guard once established between the two systems can enforce DRM rules associated with how contents are moved between the two domains.

Abstract: This disclosure relates to pairing of a different cryptographic key with each pointer in a data structure to form a crypto-pointer. The cryptographic key is used to encrypt the contents of all data stored at the physical location on the storage device indicated by the pointer. Preferably the only data accessible in an unencrypted form is contained in cells that are reachable from root-set crypto-pointers. Once the crypto-pointer associated with a particular memory cell is deleted, normally by overwriting or explicitly zeroing the crypto-pointer, the contents of the memory cell become inaccessible because the data stored at that cell is in encrypted form (cipher text) and the crypto-pointer that included the cryptographic key for decrypting the cipher text has been deleted from the system.

Abstract: A method for updating a key in an active state is disclosed according to the embodiments of the present invention. The method includes steps of: initiating a key update by a user equipment in the active state or a network side when a pre-defined condition is met; updating the key by the network side and the user equipment, and negotiating an activation time of the new keys. An apparatus for updating a key in an active state is also disclosed according to the present invention. With the present invention, the user equipment in an active state and the network side may actively initiate the key update procedure in different cases, thereby solving the problem concerning the key update for a session in an active state.

Abstract: The invention includes a method for encrypting and transmitting a message M from a first location to a second location. Random numbers P and Q are initially selected, each of them being either a prime or a non-prime number. P and Q are both furnished to a sender and a recipient at the first and second locations, respectively. A client at the first location generates an encrypted message E, which is the remainder left when a modulus operator divides a first quantity, equal to M multiplied by P to the i power, where i is a selected number, by a second quantity equal to (PQ?1). A tuple comprising E and i is transmitted from the first location to the second location, and a second data processing system at the second location to determines the message M from E, i and Q.

Abstract: A server, e.g., a client (105, 107, 109), receives a request for a digital signature to be applied to digital information, obtains a representation of the information, determines a designation of key pair(s) to be applied thereto; and transmits a request for the digital signature to a front end server (103a, 103b). The front end server determines one or more of whether the client is authentic and authorized, the user identifier is authentic, and the user identifier is permitted to make the request. If so, the front end server transmits a request to generate a digital signature to a back end server (101). The back end server determines one or more of whether the front end server is authentic and the designated key pair correspond to the requesting front end server. If so, the back end server generates the digital signature based on the information and the key pair(s).

Abstract: In one embodiment, a method is provided that may include encrypting, based least in part upon at least one key, one or more respective portions of input data to generate one or more respective portions of output data to be stored in one or more locations in storage. The method of this embodiment also may include generating, based at least in part upon the one or more respective portions of the output data, check data to be stored in the storage, and/or selecting the one or more locations in the storage so as to permit the one or more respective portions of the output data to be distributed among two or more storage devices comprised in the storage. Many modifications, variations, and alternatives are possible without departing from this embodiment.

Abstract: A system comprises a first operating environment and a second operating environment. The first and second operating environments exchange information in encrypted form using a shared encryption key (K3). The first and second operating environments cooperate to change the encryption key K3 using another shared encryption key (K4). The encryption key K4 is changed upon the encryption key K3 being changed.

Abstract: Method and apparatus for secure transmissions. Each user is provided a registration key. A long-time updated broadcast key is encrypted using the registration key and provided periodically to a user. A short-time updated key is encrypted using the broadcast key and provided periodically to a user. Broadcasts are then encrypted using the short-time key, wherein the user decrypts the broadcast message using the short-time key.

Abstract: A virtual security coprocessor is created in a first processing system. The virtual security coprocessor is then transferred to a second processing system, for use by the second processing system. For instance, the second processing system may use the virtual security coprocessor to provide attestation for the second processing system. In an alternative embodiment, a virtual security coprocessor from a first processing system is received at a second processing system. After receiving the virtual security coprocessor from the first processing system, the second processing system uses the virtual security coprocessor. Other embodiments are described and claimed.

Abstract: A method and system to increase the security of messages transmitted over an otherwise unsecured network. A secure channel is established in a normal manner over the network. A demodularization module on the sender sends a demodularization method to the intended receiver over the secure channel. The sender encodes a message definition and message data separately consistent with the demodularization method. The message definition and message key is sent over the secure channel as one transmission and the message data with the message key is sent as separate transmissions over the secure channel. Other embodiments are also described and claimed.

Abstract: A transmitting/receiving system includes a transmitting apparatus that transmits, to another apparatus, first encrypted data obtained by encrypting stream data including consecutive unit data items in accordance with a first encryption technique prescribing that, when the stream data is encrypted for each item, keys used for encrypting the items are updated, and a receiving apparatus that receives and decrypts the first data from the transmitting apparatus in accordance with a first decryption technique. The transmitting apparatus includes an encryptor that outputs second encrypted data obtained by generating data including a predetermined number of keys, and encrypting the data in accordance with a second encryption technique, a transmitter that transmits the second data from the encryptor to the receiving apparatus.

Abstract: According to one embodiment, a method is disclosed. The method includes generating a link key at a secure component within a first personal area network device and injecting the link key into a protocol stack component database within the first device. The link key may further be transmitted to a second device. Other embodiments are described and claimed.

Abstract: A system for providing digital rights management (DRM) license is provided. The system includes a sink system requesting a license for content, a source system generating and providing a first rights token including binding information related to the license, in accordance with the request, and a rights mediator generating a second rights token that is usable in the sink system on the basis of the first rights token and transmitting the generated second rights token to the sink system. The sink system provides the license for the content on the basis of the second rights token. The first rights token includes binding information of principals that indicates use subjects related to the license, and binding information of principals that indicates use objects related to the license.

Abstract: A system and method for controlling data communications between a server and a client device, such as a mobile device. Embodiments relate generally to a technique where stop data is provided to the client device. This stop data can be transmitted (e.g. by the client device) to the server. When processed by the server, the stop data indicates to the server that at least some of the encrypted data received by the client device from the server was not decrypted using the second key (e.g. as may be the case when the second key has been deleted). Upon receiving the stop data, the server may, for example, withhold the transmission of data encrypted with the first key to the client device until the second key is restored on the client device. In one embodiment, the stop data is provided to the client device in an encoded (e.g. encrypted) form.

Abstract: A method of autocalibrating the timing of the laser in a quantum key distribution (QKD) system is disclosed. The laser generates photon signals in response to a laser gating signals from a controller. The method includes first performing a laser gate scan to establish the optimum laser gating signal arrival time corresponding to an optimum bit-error rate when exchanging photon signals between encoding stations of the QKD system. Once the optimum laser gating signal arrival time is determined, the laser gate scan is terminated and laser gate dithering is initiated. Laser gate dithering involves varying the arrival time of the laser gating signal around the optimum value of the arrival time. Laser gate dithering provides minor adjustments to the laser gating signal arrival time to ensure that the system operates at or near the optimum bit-error rate.

Abstract: The invention relates to a method, a system, an electronic device and a computer program for providing at least one content stream to an electronic device applying Digital Rights Management (DRM). In the method a master integrity key is obtained in a streaming node. An encrypted master integrity key is obtained in an electronic device. The encrypted master integrity key is decrypted in the electronic device. At least one session integrity key is formed in the streaming node and in the electronic device using at least the master integrity key and the integrity of at least one content stream is protected between the streaming node and the electronic device using the at least one session integrity key.

Abstract: Implementations of methods of sharing data in a supply chain, the data corresponding to an item having a tag associated therewith, include generating data corresponding to the item, generating a data reference, encrypting the data using an encryption key to provide encrypted data, transmitting the encrypted data over a network for storage in a database based on the data reference, writing the data reference and the encryption key to the tag, and transferring the item to a successor in the supply chain. Implementations include retrieving information electronically stored on the tag, the information comprising a data reference and an encryption key, transmitting a data request over a network for retrieving encrypted data from a database, the data request comprising the data reference, receiving the encrypted data from the database, and decrypting the encrypted data using the encryption key to provide decrypted data.

Abstract: Techniques for two-way authentication between two communication endpoints (e.g., two devices) using a one-way out-of-band (OOB) channel are presented. Here, in embodiments, both communication endpoints may be securely authenticated as long as the one-way OOB channel is tamper-proof. Embodiments of the invention do not require the one-way OOB channel to be private to ensure that both endpoints are securely authenticated. Since providing a two-way or private OOB channel adds to the cost of a platform, embodiments of the invention provide for a simple and secure method for two-way authentication that uses only a non-private one-way OOB channel and thus helping to reduce platform cost. Other embodiments may be described and claimed.

Abstract: A method and system for embedding a secret in a bit string for safeguarding the secret. In one embodiment, the method comprises computing the length of the overall bit string as a function of q and t, where q and t are determined from the length of the secret. The method further comprises generating a plurality of information pieces based on q and t, the information pieces including a transformed secret and information for extracting the secret from the overall bit string. The method further comprises concatenating the plurality of information pieces to form the overall bit string.

Abstract: A virtual security coprocessor is created in a first processing system. The virtual security coprocessor is then transferred to a second processing system, for use by the second processing system. For instance, the second processing system may use the virtual security coprocessor to provide attestation for the second processing system. In an alternative embodiment, a virtual security coprocessor from a first processing system is received at a second processing system. After receiving the virtual security coprocessor from the first processing system, the second processing system uses the virtual security coprocessor. Other embodiments are described and claimed.

Abstract: A QKD system (10) having two QKD stations (Alice and Bob) optically coupled by an optical fiber link (FL), wherein Bob includes a variable timing delay arranged between Bob's controller (CB) and modulator (MB) or detector unit (40). A set-up and calibration procedure is performed wherein delay DL2 is adjusted until the timings for the modulator and detector unit (TSB and TS42, respectively) are established. Delay DL2 is then fixed so that the detector unit and modulator operate in a common timing mode that is not changed if the synchronization signal is changed. The timing TSS of the synchronization (sync) signals (SS) sent from Alice to Bob is adjusted to arrive at optimum system performance. Once the QKD system is in operation, because the sync signal can drift, the sync signal timing TSS is dithered maintain optimum QKD system performance.

Abstract: A method for content access control operative to enable authorized devices to access protected content and to prevent unauthorized devices from accessing protected content, the method comprising: providing a plurality of authorized devices; dividing the plurality of authorized devices into a plurality of groups, each of the plurality of authorized devices being comprised in at least one of the plurality of groups, no two devices of the plurality of authorized devices being comprised in exactly the same groups; determining whether at least one device of the plurality of authorized devices is to be prevented from having access to the protected content and, if at least one device is to be prevented, removing all groups comprising the at least one device from the plurality of groups, thus producing a set of remaining groups; and determining an authorized set comprising groups from the set of remaining groups, such that each device of the plurality of authorized devices which was not determined, in the determining

Abstract: A method and system of securing content is described, the method including establishing communication between a secure module source and a content rendering device, loading a dynamically generated pseudo-unique secure module to the content rendering device from the secure module source, establishing communication between the secure module source and the dynamically generated pseudo-unique secure module, and transferring a decryption key from the secure module source to the dynamically generated pseudo-unique secure module, thereby enabling decryption of encrypted content, the encrypted content being encrypted according to the decryption key. Related methods and apparatus are also described.

Abstract: System and methods for initializing secure communications with lightweight devices are described herein. In one embodiment, the method includes enabling a device manager to securely communicate with a lightweight device, the method comprising receiving encrypted data from the device manager, wherein the device manager received the encrypted data from the lightweight device. In the embodiment, the method also includes decrypting the encrypted data to produce access information, wherein the access information enables the device manager to securely communicate with the lightweight device. In the embodiment, the method also includes securely transmitting the access information to the device manager.

Abstract: A method for generating encryption keys and for exchanging the parameters making it possible to generate the keys in a network comprising n entities X wishing to exchange data, the method includes the steps: the n entities elect a common array generator (GM(?)), at least one of the entities X communicates these values (?i) via several different routing paths Ci, plus a reference random number NX, NY, each entity X, Y generates an array Ts, each entity X, Y composes a secret key based on the generated array (Ts) and based on several values indexed by several pairs ((i,j); (k,l); . . . ; (o,p)) of said array in order to create its secret value, the random number of a first entity X is returned to a second entity Y, one of the n entities X, Y at least compares the consistency of the two values NX after decryption with its own key KXs.

Abstract: Embodiments described herein are generally directed to methods and devices in which computing devices, and mobile devices in particular, establish a shared encryption key for a device group comprising at least three mobile devices. In accordance with one example embodiment, a public key of a mobile device is computed using a shared password as performed in accordance with authentication acts of a password-authenticated key exchange protocol, and transmitted to at least one other mobile device of the group. A public value is computed as a function of a mobile device private key and of a public key of at least one other mobile device of the device group, in accordance with a group key establishment protocol. The public values of the mobile devices of the device group are used to compute a shared encryption key.

Abstract: An apparatus and a method for managing identity data are disclosed, which can recover lost or deleted ID data stored in a user terminal and prevent a malicious user to plagiarize a user's ID. The apparatus includes a user ID management device (1), a back-up server (2) and a website system (3). The user ID management device (1) installed in a user's terminal allows ID data to be used on a website. The user ID management device (1) includes an ID management unit (10), a data storing unit (12), a back-up requesting unit (14) and a recovery requesting unit (16). A back-up server (2) backs up and stored ID data from the user ID management device (1). The back-up server includes a data storing unit (20), a back-up processing unit (22), a recovery processing unit (24), a suspension receiving unit (26) and a suspension requesting unit (28). A website system (3) includes a user account management unit (30), a suspension processing unit (32) and a recovery processing unit (34).

Abstract: A key handshake method in a wireless local area network (LAN) capable of performing authentication between two wirelessly connected stations by exchanging keys once is provided. Because the security key for authentication can be exchanged by one 4-way handshake between an authenticator and a supplicant in a wireless LAN, an authentication delay can be prevented.

Abstract: Embodiments of the invention discloses a system and a method for determining an encrypted edit distance as an encryption of a minimum cost of transformation of a first sequence into a second sequence based on an insertion cost, a deletion cost, and a substitution cost. The method determines recursively a current element of the matrix as an encryption of a minimum of a first element, a second element, and a third element to produce the dynamic programming solution, wherein the first element represents the insertion cost, the second element represents the deletion cost, and the third element represents the substitution costs, and wherein the current element, the first element, the second element, and the third element are homomorphically encrypted with a public key; and selects the dynamic programming solution as the encrypted edit distance, wherein steps of the method are performed by a first processor and a second processor.

Abstract: A data providing system is provided which includes: a storage section which stores an encoded file obtained by encoding a data file to be distributed with a predetermined common key and an encoded information file obtained by encoding an information data file including information on the common key with a private key different from the common key; and a file transfer section which transfers the encoded file and the encoded information file from the storage section to external electronic device.

Abstract: An information processing apparatus includes an equipment means equipped on a predetermined portion of a living body and has a storage means which a first biological identification data associated with the predetermined portion of the living body, and a communication means which is held by the equipment means and transmits the first biological identification data to a communication target to which the predetermined position equipped with the equipment means is brought close. A biological authentication means which performs biological authentication, based on the first biological identification data and on a second biological identification data, said second biological identification data being extracted from biological information detected by a biological sensor.

Abstract: This invention involves tracking and backing all the information that a user generates on its computer devices (including embedded devices) in real time. The local user server records all user actions and gestures (via various means that include TV cameras). All of this information (user actions and saved files in a computer) is then sent to a remote server via the Internet. This remote server has a virtual map of all the embedded devices on a computer that the person uses. The remote server immediately starts to interpret the user's actions (including user gestures). In one implementation, the invention stores user actions that are related to data generation (e.g. actions that called some links where data is stored, or executed some programs that generated data). In another variant the remote server generates and downloads the same files that are downloaded on the local user computer devices.

Abstract: Systems, methods, and technologies for configuring a conventional smart card and a client machine, and for performing a smart card authorization using the configured smart card and client. Further, the combination of methods provides for mutual authentication—authentication of the client to the user, and authentication of the user to the client. The authentication methods include presenting a specified token to the user sufficient to authenticate the client to the user and thus protect the user-provided PIN. Security is strengthened by using an integrity key based on approved client system configurations. Security is further strengthened by calculating a PIN? value based on a user-specified PIN and a modifier and using the PIN? value for unlocking the smart card.

Abstract: In a secure electronic payment system, authentication data based on a payment account (e.g., a credit card account) is sent from an authentication server, through a user's Web browser, to a merchant's computer. The merchant's computer sends the authentication data to a computer operated by the issuer of the payment account, either through a payment organization computer or through an acquirer computer operated by the merchant's acquirer. The issuer's computer verifies the authorization request message, thereby generating an authorization response message. The authorization response message is forwarded to the merchant's computer, either through the payment organization computer or through the acquirer computer. If the authorization response message indicates that the verification was successful, the transaction is completed.