Abstract: In a method for the transition from a first masked representation of a value to be kept secret to a second masked representation of the value, according to a first aspect of the invention at least one previously calculated table with a plurality of entries is used, and the calculation is carried out depending on at least one veiling parameter, in order to prevent the value to be kept secret from being spied out. According to a second aspect of the invention, at least one comparison table is used, which, for each table index, provides the result of a comparison between a value dependent on the table index and a value dependent on at least one masking value. A computer program product and a device have corresponding features. The invention provides a technique for protecting the transition between masked representations of a value from being spied out, wherein the masked representations are based on different masking rules.

Abstract: A device for determining an inverse of an initial value related to a modulus, comprising a unit configured to process an iterative algorithm in a plurality of iterations, wherein an iteration includes two modular reductions and has, as an iteration loop result, values obtained by an iteration loop of an extended Euclidean algorithm.

Abstract: A key recovery request for a device is received at a key recovery service and a particular one-time recovery credential in a sequence of multiple one-time recovery credentials is identified. In the sequence of multiple one-time recovery credentials, previous one-time recovery credentials in the sequence are indeterminable given subsequent one-time recovery credentials in the sequence. A recovery key associated with the device is also identified. The particular one-time recovery credential in the sequence is generated based on the recovery key, and is returned in response to the key recovery request. The particular one-time recovery credential can then be used by the device to decrypt encrypted data stored on a storage media of the device.

Abstract: A system for encrypting data comprising a computer configured to encrypt a plurality of data entries using at least one encryption algorithm and a system memory, wherein the computer is configured to use different keys with the encryption algorithm(s) for each data entry and the system is configured to store in the system memory or transmit for storage in an external memory the encrypted data corresponding to each entry along with an identifier corresponding to at least part of the key used to encrypt that entry, such that when decrypting a data entry in the system or external memory the associated identifier can be used to locate at least part of the correct key.

Abstract: A storage device has a storage medium, a set of credentials stored on the storage medium, and a controller. The controller within the storage device is coupled to the storage medium, and adapted to identify security status of the storage device. The controller is adapted to alter one or more credentials of the set of credentials responsive to the security status.

Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.

Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.

Abstract: Embodiments of the present invention provide a method and system, in a network storage system, for a remote key manager performing cryptographic operations upon a failure of a protected key manager, using a hardware encryption key (key) automatically migrated from the protected key manager. During initialization, the protected and remote key managers authenticate the communication channel (e.g. trustee link) between each other. A new key generated by dedicated hardware of the protected key manager is used by the protected key manager to perform cryptographic operations on data of a storage server. The remote key manager then requests and obtains the new key from the protected key manager across the trustee link. Upon a failure of the protected key manager, the remote key manager performs cryptographic operations on data of the storage server using the migrated key, ensuring accessibility and security of such data.

Abstract: The subject matter disclosed herein relates to a method and/or system for enabling access to media content using different digital rights management formats.

Abstract: A method and apparatus are disclosed for managing components of a secret key according to a secret sharing scheme. The disclosed secret sharing scheme divides a secret value, R, into n secret components (R1, R2, . . . , Rn) and one super component, S, in such a way that R can be computed from (i) any k or more R1 components (k<n); or (ii) S and any one component of Rl. The secret components (R1 ,R2, . . . , Rn) are distributed to a number of authorized users. A multiple threshold secret sharing scheme assigns various users in a group into one of a number of classes. Each user class has a corresponding threshold level that indicates the number of users that must come together with their assigned components to obtain access to the shared secret. The multiple threshold scheme divides the secret into n components each having an assigned threshold level (i.e., the number of such components that are required to obtain the secret).

Abstract: A method and system for distributing a secret to a plurality of computing systems. In one embodiment, the method determines the number (n) of shares to generate and a threshold number (k) of the shares from which the secret can be reconstructed. The method further chooses n coprime random bit strings in any one of general rings as moduli, the general rings including one or more non-integer rings. The secret is then embedded in a bit string which is at least one bit longer than the product of any k?1 moduli and at least one bit shorter than the product of any k moduli. The method further computes shares of the bit string for distribution to n computing systems, each share including one of the moduli and a corresponding remainder.

Abstract: Secure information is managed for each host or machine in an electronic environment using a series of key identifiers that each represent one or more secure keys, passwords, or other secure information. Applications and services needing access to the secure information can specify the key identifier, for example, and the secure information currently associated with that identifier can be determined without any change to the code or manual input or exposure of the secure information on the respective device. Functionality such as encryption key management and rotation are inaccessible and transparent to the user. In a networked or distributed environment, the key identifiers can be associated with host classes such that at startup any host in a class can obtain the necessary secure information. Updates and key rotation can be performed in a similar fashion by pushing updates to host classes transparent to a user, application, or service.

Abstract: A system and method for effectively supporting data transfer procedures includes a source device that registers with an account server to participate in a data backup service. The source device then encrypts and stores user data onto a datacenter. The source device later may request a data transfer task from a vendor. The datacenter responsively transfers the encrypted user data to a vendor server, and an escrow server generates and sends a temporary key to the vendor server. A destination device may then utilize the temporary key to decrypt and securely store the user data onto the destination device.

Abstract: A user private key is stored in a database of the user terminal. A user public key and user information are stored in the user management DB. The encryption/decryption unit encrypts an authority private key specific to a first authority given to a user, by using a user public key associated with user information to indicate a user. The secret sharing unit shares in secret an authority private key into two or more shared authority private keys. The encryption/decryption unit encrypts the shared authority private keys, by using an authority public key specific to each of second authorities to manage the first authority in a shared manner. The authority management DB stores the encrypted authority private key and authority public key in association with the first authority, and stores the encrypted shared authority private keys in association with the second authorities.

Abstract: A replicated decentralized storage system comprises a plurality of servers that locally store disk images for locally running virtual machines as well as disk images, for failover purposes, for remotely running virtual machines. To ensure that disk images stored for failover purposes are properly replicated upon an update of the disk image on the server running the virtual machine, a hash of a unique value known only to the server running the virtual machine is used to verify the origin of update operations that have been transmitted by the server to the other servers storing replications of the disk image for failover purposes. If verified, the update operations are added to such failover disk images. To enable the replicated decentralized system to recover from a failure of the primary server, the master secret is subdivided into parts and distributed to other servers in the cluster.

Abstract: A software distribution method (300) with security add-on is proposed. Particularly, any software package to be deployed to selected target endpoints is encrypted (312-315) with a symmetric key (generated dynamically). The symmetric key is in turn encrypted (318-321) with a public key of each target endpoint. A multi-segment software package (embedding the encrypted software package and the encrypted symmetric keys) is then deployed (324-336, 360) to all the target endpoints. In this way, each target endpoint can decrypt (343-348) the encrypted symmetric key with a corresponding private key; it is then possible to decrypt (363-366) the encrypted software package with the symmetric key so obtained. As a result, the endpoint is able to apply (369) the decrypted software package. Therefore, the application of the software package can be restricted to the desired target endpoints only.

Abstract: Controlling access to disseminated messages includes implementing one or more key management policies that specify how various encryption keys are maintained and in particular, when encryption keys are made inaccessible. Deleting a particular key renders inaccessible all copies of messages, known or unknown, associated with the particular key, regardless of the location of the associated messages. A message may be directly or indirectly associated with a deleted key. Any number of levels of indirection are possible and either situation makes the message unrecoverable. The approach is applicable to any type of data in any format and the invention is not limited to any type of data or any type of data format.

Abstract: A method for decrypting the encrypted messages sent by a transmission device to a first electronic device associated with a first trusted authority and to a second electronic device (ME). In one embodiment, first and second tokens are generated and exchanged, respectively, by the first and second electronic devices, which then generate a joint decryption key in order to decrypt the encrypted message.

Abstract: An ambulatory repeater for use in automated patient care is presented. A local memory store includes a cryptographic key, sensitive information, and physiological measures. The cryptographic key is uniquely assigned to the implantable medical device prior to implant of the implantable medical device into a patient. The sensitive information is preencrypted under the cryptographic key and physiological measures are measured by the implantable medical device. An authentication module is in receipt of the cryptographic key. A permissions module confirms authorization of an external data processing device against the cryptographic key. A decryption module decrypts the sensitive information with the cryptographic key into decrypted information. A processor is operatively coupled to the local memory store. A communications module exchanges the decrypted information and the physiological measures with the external data processing device over a wireless interface contingent upon the authorization confirmation.

Abstract: Methods and systems for providing a secure SSL certificate escrow service comprise: providing a secure upload webpage for a private key holder to upload an encrypted copy of a private key; receiving the encrypted copy of the private key from the private key holder via the secure upload webpage; storing the encrypted copy of the private key in memory; providing a secure decryption webpage for the private key holder to enable the private key escrow service to decrypt the private key; receiving an instruction to decrypt the private key from the private key holder through the secure decryption webpage; and decrypting the private key in response to the instruction to decrypt the private key.

Abstract: Techniques for generating a portion of a split private key are provided. A first symmetric key and a second symmetric key different than the first symmetric key are generated at a first location. The generated second symmetric key and a first one of multiple factors for generating the private key portion encrypted with the generated first symmetric key are transmitted. Then, at a second network location, the symmetric keys are again generated. The encrypted first factor is received at the second network location subsequent to a user authentication based upon the second symmetric key generated at the second network location. The received encrypted first factor is then decrypted with the first symmetric key generated at the second network location, the decrypted first factor usable to generate the portion of the split private key of the asymmetric key pair.

Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.

Abstract: A set of equipment for secure direct information transfer over the Internet contains information transmitting terminal devices for collaborating with an information forwarding network, taking part in the information traffic. The individual information transmitting terminal devices are equipped with a sender partial unit, a receiver partial unit and a storage partial unit comprising an ID-register containing a device identification signal, a C-register for storing a coding key and a D-register for storing a decoding key. The C-register containing the coding key is connected to the sender partial unit, and a coding key and a collaborating decoding key are allocated to each individual information transmitting terminal device.

Abstract: Encrypting data on an originating computer and prevent access to this data if the computer is stolen or otherwise unauthorized for use. Access to the encrypted data is granted based on the originating computer's ability to successfully send the data encryption keys, via an electronic connection, to a remote computer and have the remote computer decrypt the encryption keys and transmit them back to the he originating computer. When originating computer receives the decrypt encryption keys, it can then successfully decrypt the encrypted hard drive using the encryption key provided by the remote computer.

Abstract: A method and a system for unlocking a storage device that has become locked or cannot be unlocked are disclosed. A hint is generated from a key by removing bits and adding bits. A position of removed bits, a position of added bits, the number of removed bits and the number of added bits are stored and known securely. When the key cannot unlock a storage device corresponding to the key, the position of removed bits, the position of added bits, the number of removed bits (N) and the number of added bits are retrieved. Then, the added bits are removed in the hint. Each possible N bits are placed in the hint at the position of removed bits to generate 2N possible keys. Then, each of 2N possible key are tried to unlock the storage device.

Abstract: A Digital Rights Management (DRM) system provides a lightweight layering of encryption and decryption of keys that allows efficient use of different cryptographic techniques to effect the secure delivery of multimedia content. Asymmetric cryptography, where a public key is used to encrypt information that can only be decrypted by a matched private key, is used by the DRM system to deliver symmetric keys securely.

Abstract: An apparatus and method for managing the distribution and expansion of public keys held by a group or array of systems in white lists. The addition of a new system to the array entails a manual input to authorize the introduction of the new system to one trusted system in the array. After the introduction the new system is trusted by the one member and the white list of the one member is loaded into the white list of the new system. The new system then requests joining each of the other systems in the array. For each system in the array asked by the new system, the systems in the array ask if any other systems in the array already trust the new member. In response, a system of the array that trusts the new system responds by sending its white list (containing the public key of the new system) to the requesting system. Eventually the public key of the new system is in the white lists of all the systems in the array.

Abstract: The present invention is a method, system and apparatus for the encryption of a credential store by using a lockbox mechanism. In a credential store encryption method, a lockbox for a credential store can be retrieved and an encryption key can be selected from among a list of encryption keys in the lockbox. The lockbox can be a local lockbox and the local lockbox can be retrieved from an unencrypted region of the credential store. In any case, subsequent to the retrieval of the lockbox, the credential store can be decrypted with the selected encryption key.

Abstract: A system and method for effectively supporting data transfer procedures includes a source device that registers with an account server to participate in a data backup service. The source device then encrypts and stores user data onto a datacenter. The source device later may request a data transfer task from a vendor. The datacenter responsively transfers the encrypted user data to a vendor server, and an escrow server generates and sends a temporary key to the vendor server. A destination device may then utilize the temporary key to decrypt and securely store the user data onto the destination device.

Abstract: A system and method in which authentication data, such as a password, which is sent to a server/firewall as part of an authentication request, for example a logon request, is received at the server/firewall in a plurality of messages at a plurality of logical ports from the user, thus improving protection against replay attacks. In one embodiment, a plurality of user authentication data parts is obtained from a remote user device as part of an authentication request, the plurality of user authentication data parts is assembled into user authentication data; the authenticity of the authentication request is checked using the user authentication data; and communication with the remote user device is enabled if the authentication request data is determined to be authentic.

Abstract: A system and method for authorizing administrative operations in a computer is provided. The computer initiates the split knowledge protocol upon an attempt by an administrator to invoke the operations. The administrator identifies a predetermined number of entities designated to authorize the operation. The computer creates a bit sequence and splits the bit sequence into a number of segments equal to the predetermined number of entities. Each entity thereafter decrypts a respective element to essentially authorize invocation of the operations. In response, the computer processes the decrypted segments to re-create the bit sequence. As an added level of security, the computer coma) pares the re-created bit sequence with the originally created sequence and, if they match, performs the operations.

Abstract: An encryption apparatus (14) includes a secure processing system (12) in the form of an integrated circuit. The secure processing system (12) includes an on-chip secure memory system (30). The secure memory system (30) includes a non-volatile, read-only, permanent key register (62) in which a permanent cryptographic key (64) is stored. The secure memory system (30) also includes a non-volatile, read-write, erasable key register (56) in which an erasable cryptographic key (60) is stored. Symmetric cryptographic operations take place in an encryption engine (46) using an operating cryptographic key (68) formed by combining (96) the permanent and erasable keys (64, 60). A tamper detection circuit (70) detects tampering and erases the erasable key (60) when a tamper event is detected.

Abstract: Techniques for validating and sharing secrets are presented. A secret is divided into a plurality of parts. Each part is represented by a unique value. Each value is distributed to a unique user that shares in the secret. The secret is recreated when each user presents each user's unique value. Each unique value is then used to recreate its corresponding part of the key and when all parts are present and validated, the secret is reproduced.

Abstract: Systems and methods are described herein for enabling users to select from available secure service providers (each having a Trusted Service Manager (“TSM”)) for provisioning applications and services on a secure element installed on a device of the user. The device includes a service provider selector (“SPS”) module that provides a user interface for selecting the secure service provider. In one embodiment, the SPS communicates with a key escrow service that maintains cryptographic keys for the secure element and distributes the keys to the user selected secure service provider. The key escrow service also revokes the keys from deselected secure service providers. In another embodiment, the SPS communicates with a central TSM that provisions applications and service on behalf of the user selected secure service provider. The central TSM serves as a proxy between the secure service providers and the secure element.

Abstract: A random number generator uses the output of a true random generator to alter the behavior of a pseudo-random number generator. The alteration is performed by a mixing logic that builds a random seed for the pseudo-random number generator and includes a generator of an alteration signal, the generation of which exploits the random instant of arrival of the bits outgoing from the true random generator. The alteration signal is obtained by processing the seed by means of the pseudo-random sequence.

Abstract: Stateless hardware security modules facilitate securing data transfers between devices in a data communication system. The stateless hardware security module may communicate with other devices via a secure communication channel to securely transfer information between the client device and another device. As a result, sensitive information such as cryptographic keys and data may be securely routed between the client device and another device. The stateless hardware security module may support a limited set of key management operations to facilitate routing of information between the client device and another device. However, the stateless hardware security module does not need to maintain state information for the keys it maintains and/or uses. As a result, the stateless hardware security module may be advantageously integrated into a variety of client devices.

Abstract: A robust computational secret sharing scheme that provides for the efficient distribution and subsequent recovery of a private data is disclosed. A cryptographic key may be randomly generated and then shared using a secret sharing algorithm to generate a collection of key shares. The private data may be encrypted using the key, resulting in a ciphertext. The ciphertext may then be broken into ciphertext fragments using an Information Dispersal Algorithm. Each key share and a corresponding ciphertext fragment are provided as input to a committal method of a probabilistic commitment scheme, resulting in a committal value and a decommittal value. The share for the robust computational secret sharing scheme may be obtained by combining the key share, the ciphertext fragment, the decommittal value, and the vector of committal values.

Abstract: A method of delivering electronic mail messages upon requests and managing public-secret key pairs of public key cryptography in an electronic message system. A sending party sends an intend-to-deliver associated with an electronic mail message to an intended receiving party. The intended receiving party responds with a request-for-mail-content to request for the electronic mail message if the intended receiving party determines to do so. The sending party will not deliver the electronic mail message to the intended receiving party if the intended receiving party does not send the request-for-mail-content. A host computer is assigned with a unique name that is registered with authoritative organizations and can be used for establishing a connection to the host computer. The host computer provides the public keys of its account holders to the public. The initial public key of an account holder is certified by the host computer using an account password.

Abstract: An apparatus and a method for validating encrypted archive keys is described. In one embodiment, a passphrase is received. An archive key is recovered with the passphrase. A Message Authentication Code (MAC) value is computed with the recovered archive key. The computed MAC value is compared with a MAC value stored in an archive to determine the validity of the passphrase. The stored MAC value is originally computed with an original passphrase using the archive key as a MAC key.

Abstract: A system and method which protects a data processing system against encryption key errors by providing redundant encryption keys stored in different locations, and providing the software with the ability to select an alternate redundant key if there is any possibility that the encryption key being used may be corrupted. In the preferred embodiment, a memory control module in the data processing device is configured to accommodate the storage of multiple (for example up to four or more) independent password/key pairs, and the control module duplicates a password key at the time of creation. The redundant passwords and encryption keys are forced into different memory slots for later retrieval if necessary. The probability of redundant keys being corrupted simultaneously is infinitesimal, so the system and method of the invention ensures that there is always an uncorrupted encryption key available.

Abstract: A system for securely storing application keys is comprised of a database system, a peripheral hardware security module and cryptographic keys, wherein cryptographic keys comprise application keys, intermediate keys and a master key. Application keys are grouped according to characteristic and are associated with a particular intermediate key, which is utilized to scramble and descramble application keys within the associated group. Intermediate keys are associated with the master key, which is utilized to scramble and descramble the intermediate keys. Scrambling and descrambling of keys is performed within the peripheral hardware security module.

Abstract: A method and an apparatus for maintaining a key information area in a file system are provided, which can provide effective maintenance to the key information area in the file system used by a storage device, and be applied to maintaining various file systems. The method for maintaining a key information area in a file system comprises the following steps: backing up the key information area confirmed by a user in the file system when the file system used by a storage device is hooked for the first time, and creating a device list as a backup index, wherein the device list is stored in an external storage device; and obtaining corresponding backup information to recover the key information area when the storage device is started exceptionally due to destroy of the key information area.

Abstract: A system and method are described supporting secure implementations of 3DES and other strong cryptographic algorithms. A secure key block having control, key, and hash fields safely stores or transmits keys in insecure or hostile environments. The control field provides attribute information such as the manner of using a key, the algorithm to be implemented, the mode of use, and the exportability of the key. A hash algorithm is applied across the key and control for generating a hash field that cryptographically ties the control and key fields together. Improved security is provided because tampering with any portion of the key block results in an invalid key block. The work factor associated with any manner of attack is sufficient to maintain a high level of security consistent with the large keys and strong cryptographic algorithms supported.

Abstract: A server, e.g., a client (105, 107, 109), receives a request for a digital signature to be applied to digital information, obtains a representation of the information, determines a designation of key pair(s) to be applied thereto; and transmits a request for the digital signature to a front end server (103a, 103b). The front end server determines one or more of whether the client is authentic and authorized, the user identifier is authentic, and the user identifier is permitted to make the request. If so, the front end server transmits a request to generate a digital signature to a back end server (101). The back end server determines one or more of whether the front end server is authentic and the designated key pair correspond to the requesting front end server. If so, the back end server generates the digital signature based on the information and the key pair(s).

Abstract: In situations, such as disasters, where the physical protection of data may be compromised, algorithmic protection of such data can be increased in anticipation of the disaster. An off-site mechanism can send a disaster preparation script to computing devices expected to be affected, resulting in the deletion of decryption keys from those computing devices. Once the disaster passes, the off-site mechanism, upon receiving confirmation of the physical integrity of the computing devices, can return one or more decryption keys to the computing devices, enabling access algorithmically protected data. The off-site mechanism can also optionally provide access information that can be used to obtain access to the algorithmically protected data via at least one returned decryption key.

Abstract: Provided are a method, system, and article of manufacture for rekeying encryption keys for removable storage media. A rekey request is received for a coupled removable storage media, wherein encryption on the coupled removable storage media uses a first key and wherein the rekey request indicates a second key. The first key and the second key are accessed in response to the rekey request. The first key is used to perform decryption for the coupled removable storage media and the second key is used to perform encryption for the coupled removable storage media.

Abstract: A system and method for the retrieval and transfer of encrypted content from a failed set-top box by a content transcription device. When content is recorded to the storage device of a set-top box, the content is encrypted with a content instance key. This content instance key is encrypted with the public key of the set-top box and a duplicate of the content instance key is encrypted by another public key other than the public key of the set-top. In the event the set-top fails, the encrypted content on the storage device may be retrieved from the storage device by decrypting the duplicate content instance key with the private key that corresponds with the public key that encrypted the duplicate of the content instance key.

Abstract: Method and apparatus for secure transmissions. Each user is provided a registration key. A long-time updated broadcast key is encrypted using the registration key and provided periodically to a user. A short-time updated key is encrypted using the broadcast key and provided periodically to a user. Broadcasts are then encrypted using the short-time key, wherein the user decrypts the broadcast message using the short-time key.

Abstract: The present invention relates to a sensor network having node architecture for performing trust management of neighboring sensor nodes, and to an adaptive method for performing trust management of neighboring sensor nodes for monitoring security in the sensor network. The sensor network includes a base station and a plurality of sensor nodes for reporting sensed information packets to the base station through radiofrequency signals relayed by other sensor nodes. A judge sensor node may have a trust estimator in its node architecture to evaluate trustworthiness of a neighboring suspect sensor node by determining a personal reference and receiving personal references from jury sensor nodes. Based on the trustworthiness of the suspect, the judge may modify a route for transmitting packets to the base station.

Abstract: The secure backup system is in a mobile telecommunication network and has at least one mobile station with data, a backup entity for storing a backup file of the data, and cryptographic means for encrypting and decrypting the data. The cryptographic means contains a decryption key consisting of at least a first key part, a second key part and a key recreation key part. The key parts are stored in different entities.