Abstract: A communication system comprises a content provider system configured to receive a content request indicating content and a device identifier, determine a first key based on the device identifier, process the content using the first key to modify the content from an unprotected state to a protected state, and transfer the content in the protected state. The communication system further comprises an end user system configured to receive the content in the protected state and process the content with a second key to modify the content from the protected state to an unprotected state wherein the second key is internally hard coded to the end user system.

Abstract: Methods and apparatus to speed up Galois Counter Mode (GCM) computations are described. In one embodiment, a carry-less multiplication instruction may be used to perform operations corresponding to verification of an encrypted message in accordance with GCM. Other embodiments are also described.

Abstract: A system to contribute to creating a substring of a string may include a communication unit and a processing unit. The communication unit may be configured to receive an encrypted representation of a second share of the string. The string may be identical to the second share of the string combined with a first share of the string. The communication unit may be configured to send a rearranged representation of the encrypted representation of the second share of the string to a further system. The processing unit may be configured to rearrange a representation of the encrypted representation of the second share of the string using a first share of a start value of the substring. The start value may be identical to the first share of the start value added to a second share of the start value.

Abstract: The present disclosure relates to a countermeasure method in an integrated circuit comprising at least one first logic circuit and at least one first input register supplying the first logic circuit with a datum, the method comprising steps of introducing a random datum into each first input register of the first logic circuit and of the first logic circuit reading the random datum in each first input register, then of introducing a datum to be processed into each first input register, and of the first logic circuit processing the datum in each first input register.

Abstract: An encryption processing apparatus and method in which the difficulty of encryption analysis based on power analysis can be increased considerably are provided. By dividing an original encryption processing sequence into a plurality of groups and by mixing the processing sequence by setting dummies as necessary, several hundreds to several thousands of types of different mixed encryption processing sequences can be set, and a sequence selected from a large number of these settable sequences is performed. According to this configuration, consumption power variations which are completely different from consumption power variations caused by a regular process possessed by the original encryption processing sequence can be generated, and thus the difficulty of encryption analysis based on power analysis can be increased considerably.

Abstract: A system and method for automatically updating a digital certificate prompts a user of a client computer to update a current digital certificate if a period of validity of the current digital certificate elapses or is about to elapse, and creates a new digital certificate if the current digital certificate needs to be updated. The system and method further deletes the current digital certificate, and loads the new digital certificate into a storage system of the client computer.

Abstract: The invention provides a method for ciphering and transmitting data, to be used by a communication device being arranged to transmit data through a first data port (241, 2002) according to a first transmission protocol, and to form ciphered exploiting a ciphering algorithm being fed with a first set of ciphering parameters, comprising a ciphering parameter CP5; said device being further arranged to transmit data through a second data port (242, 2003) according to an alternative transmission protocol, said method comprising the steps of: defining an alternative ciphering parameter, ACP, having a bit length equal to the bit length of CP5, forming a second set of ciphering parameters by substituting said CP5 with said ACP in said first set of ciphering parameters, forming ciphered data by subjecting the data to said ciphering algorithm being fed with said second set of ciphering parameters, transmitting said ciphered data through said second data port (242, 2003).

Abstract: Provided is a cryptographic device implementing an S-Box of an encryption algorithm using a many-to-one binary function. The cryptographic device includes: arrays of first logic gates including I first logic gates which each receive 2 bits of an input signal; 2N second logic gates which each receive corresponding J bits from among I bits output from the arrays of the first logic gates; and L third logic gates which each receive K bits from among 2N bits output from the second logic gates, wherein there is a many-to-one correspondence between the N bits of the input signal and the K bits input to each of the third logic gates, and wherein the N, I, J, K, and L are positive integers. Because a signal output from each array includes only one active bit, current is always consumed constantly to prevent internal data from leaking out to a hacker.

Abstract: A flexible aes instruction for a general purpose processor is provided that performs aes encryption or decryption using n rounds, where n includes the standard aes set of rounds {10, 12, 14}. A parameter is provided to allow the type of aes round to be selected, that is, whether it is a “last round”. In addition to standard aes, the flexible aes instruction allows an AES-like cipher with 20 rounds to be specified or a “one round” pass.

Abstract: An electronic document comparison system and method converts a test file into a compressed file having a specific format. A public key of the CA certificate of a user is obtained and a random key is generated using a random function. Furthermore, the compressed file is symmetrically encrypted using the random key, and the random key is asymmetrically encrypted using the public key to generate an asymmetric encryption key. A header of the compressed file is attached with the asymmetric encryption key and data length of the asymmetric encryption key.

Abstract: The secure method for cryptographic computation comprises processing of an input datum (D) by a cryptographic computation tool involving at least one encryption key (K) and at least one generated item of secret information, so as to provide an output datum (DC). The generation of the said at least one item of secret information (ST) comprises processing of the said input datum by at least one operator (OPS) having at least one secret characteristic.

Abstract: Messages are encrypted/decrypted according to a modified triple wrap procedure in which the messages are encrypted/decrypted in three encryption/decryption operations and are processed in three additional operations using first, second, third, fourth, fifth, and sixth keys.

Abstract: An apparatus and method for implementing a secure quantum cryptography system using two non-orthogonal states. For each qubit, the to emitter station prepares a quantum system in one of two non-orthogonal quantum states in the time-basis to code bit values. Intra- and inter-qubit interference is then used to reveal eavesdropping attempts. Witness states are used to help reveal attacks performed across the quantum system separation.

Abstract: A method of generating a call sign. A method of generating a call sign comprising determining a distinguished qualifier, finding a distinguished salt, and hashing the distinguished salt with the distinguished qualifier.

Abstract: According to one embodiment of the invention, the descrambler IC comprises a local memory to store a unique key and a plurality of process blocks. A first process block performs cryptographic operations on a first mating key generator using the unique key in order to produce a first key. A second process block uses the first key to perform cryptographic operations on a second mating key generator in order to produce a second key. Using the first key and the second key, a third process block decrypts a first encrypted descrambling key in order to recover a first descrambling key and a fourth process block decrypts a second encrypted descrambling key to recover a second descrambling key. The descrambler IC includes a descrambler to descramble the scrambled digital content using both the first descrambling key and the second descrambling key in order to produce digital content in a clear format.

Abstract: Provided are a method, system, and article of manufacture in which a non-reversible signature of a symmetric cryptographic key is computed, wherein the symmetric cryptographic key is used to symmetrically encrypt data at rest in a storage device. The non-reversible signature is stored in association with the symmetrically encrypted data at rest in the storage device. The non-reversible signature is used to determine validity of a cryptographic key provided by a host for accessing the symmetrically encrypted data at rest in the storage device.

Abstract: According to an embodiment of the invention, a method includes receiving a radio resource control message for which a response message is required to be transmitted to a network access node; performing at least one procedure specified by the radio resource control message; and transmitting the response message using network radio resources that are received in a non-solicited manner from the network access node. According to another embodiment of the invention an apparatus includes a controller configured to operate with a radio frequency receiver and a radio frequency transmitter. The controller is further configured to transmit a radio resource control message for which a response message is required to be received from a user equipment, and to specify to the user equipment in an un-solicited manner those network radio resources to be used by the user equipment for transmitting the response message.

Abstract: An electronic circuit for cryptographic processing, comprising a first combinatorial logical circuit, arranged to perform a first set of logical operations on input data and to produce output data, the output data having a functional relation to the input data, further comprising at least a second combinatorial logical circuit, arranged to perform a second set of logical operations on the same input data and to produce output data, the output data having an identical functional relation to the input data, wherein the first set of logical operations is different from the second set of logical operations, and wherein the electronic circuit is arranged to dynamically select one combinatorial logical circuit, of a set comprising at least the first combinatorial logical circuit and the second combinatorial logical circuit, for performing logical operations on the input data and producing output data.

Abstract: Pseudorandom numbers may be generated from input seeds using expander graphs. Expander graphs are a collection of vertices that are interconnected via edges. Generally, a walk around an expander graph is determined responsive to an input seed, and a pseudorandom number is produced based on vertex names. Specifically, a next edge, which is one of multiple edges emanating from a current vertex, is selected responsive to an extracted seed chunk. The next edge is traversed to reach a next vertex. The name of the next vertex is ascertained and used as a portion of the pseudorandom number being produced by the walk around the expander graph.

Abstract: An apparatus for protecting an RSA calculation of an output based on input values by means of the Chinese remainder theorem, the apparatus comprising for a first determining device adapted to determine a first security parameter based on the input values, a computing device adapted to compute a control value based on the first security parameter and the input values, a calculating device adapted to calculate a modified input parameters based on the input values and the first security parameter, for a performing device adapted to perform the RSA calculation based on the modified input values to obtain a single modified output, and for a second determining device adapted to determine whether the single modified output is in a predetermined relation to the control value and applying a countermeasure in case the predetermined relation is not fulfilled.

Abstract: A system for encrypting and decrypting data formed of a number of bytes using the ARCFOUR encryption algorithm is disclosed. The system includes a system bus and an encryption accelerator arranged to execute the encryption algorithm coupled to the system bus. A system memory coupled to the system bus arranged to store a secret key array associated with the data and a central processing unit coupled to the system bus wherein encryption accelerator uses substantially no central processing unit resources to execute the encryption algorithm.

Abstract: A method for producing a certificate, the certificate including data, the method including choosing a seed s, the seed s including a result of applying a function H to the data, generating a key pair (E,D), such that E=F(s,t), F being a publicly known function, and including s and t in the certificate. Related methods, and certificates produced by the various methods, are also described.

Abstract: A secure approach for sending a original message from a sender to a receiver. The sender may encrypt the original message by performing an XOR (or XNOR) operation of the original message and a first random message (same size as original message) on a bit by basis to generate a second message. The receiver may also perform an XOR of the second message with a locally generated second random message. The resulting message is sent to the sender system. The sender system may again perform XOR operation of the received message and the first random message, and send the resulting message to receiver. The receiver may perform XOR operation on the received output to generate the original message sent by the sender. Other technologies such as digital signatures and key pairs (public key infrastructure) may be used in each communication between the sender and receiver to further enhance security.

Abstract: A method for reducing the memory requirements of executing ciphering processes is disclosed which utilizes sequential key extraction and ciphering. By providing a base key for extracting therefrom multiple first sequential security keys; each key is sequentially extracted and employed. During the process overwriting of each sequential security key occurs with the next subsequently extracted sequential security key. In this manner memory requirements are lowered, power consumption reduced which are important in mobile applications.

Abstract: A method for masking several identical functional processes manipulating digital data, including dividing the functional processes into steps at the end of each of which the process can be interrupted with the storage of at least one intermediary result, and successively executing the steps of at least two processes and selecting, at each step end, the process of the next step according to the result of a non-deterministic drawing of a number.

Abstract: Cryptographic systems and methods that support multiple modes of operation, such as CBC, CTR and/or CCM modes. In one aspect, a method for encrypting data includes reading a plaintext data block from a memory, storing the plaintext data block in an input buffer, encrypting the plaintext data block in the input buffer using a first mode to generate a first ciphertext, storing the first ciphertext in an output buffer, encrypting the plaintext data block in the input buffer using a second mode to generate a second ciphertext. For example, in a CCM mode of operation wherein the first mode is a CTR (counter) mode and the second mode is a CBC (cipher block chaining) mode, the block of plaintext that is initially read from memory and stored in the data input register is applied to both the CTR and CBC modes, thereby reducing a number memory read operations as in conventional CCM modes.

Abstract: One embodiment is a system adapted to encrypt one or more packets of plaintext data in cipher-block chaining (CBC) mode. The system includes a plurality of digital logic components connected in series, where respective components are operative to process one or more rounds of a block cipher algorithm. A plurality of N bit registers are respectively coupled to the plurality of digital logic components. An XOR component receives blocks of plaintext data and blocks of ciphertext data, and XORs blocks of plaintext data for respective plaintext packets with previously encrypted blocks of ciphertext data for those plaintext packets. The XOR component iteratively feeds the XOR'd blocks of data into a first of the plurality of the digital logic components. In addition, a circuit component is operative to selectively pass blocks of ciphertext data fed back from an output of a final logic component to the XOR component.

Abstract: An information management apparatus includes a management unit for managing the type of integrated circuit chip and the type of command to be executed by the integrated circuit chip in such a manner as to correspond to each other; an information obtaining unit for obtaining information on the type of the integrated circuit chip to be controlled; and a command generation unit for generating a command of the type corresponding to the type of the integrated circuit chip to be controlled, the type of the integrated circuit chip being obtained by the information obtaining unit, from among a plurality of different types of commands corresponding to the command requested from a server and for transmitting the generated command to the server.

Abstract: Embodiments include a system, wherein a server provides a cryptographic function F to an execution device in an obfuscated form. The function F composes output of a plurality of the mapping tables Ti (0?i?n; n?1) using an Abelian group operator. A processor chooses tables O and C such that C[x] O[x]=0, x Di and creates tables T?i, 0?i?m; n?m?n+1, where for 0?i?n, each Table T?i represents the respective corresponding table Ti and at least one table T?o1, 0?o1?n, being formed through an Abelian composition of To1 and O, and at least one table T?c1, 0?c1?m, c1?oj; being formed through an Abelian composition that includes C.

Abstract: It is desired to share one circuit by an encryption unit 200 and a decryption unit 500. A normal data transformation unit (FL) 251 and an inverse data transformation unit (FL?1) 273 are located at point symmetry on a non-linear data transformation unit 220, and a normal data transformation unit (FL) 253 and an inverse data transformation unit (FL?1) 271 are located at point symmetry on the non-linear data transformation unit 220. Therefore, the encryption unit 200 and the decryption unit 500 can be configured using the same circuits.

Abstract: Group key management in a mobile ad-hoc network (MANET) may be provided. Each network node associated with the MANET may comprise a group distribution key and a list of authorized member nodes from which a group key manager may be elected. The group key manager may periodically issue a new group key to be used in protecting communications among the network nodes. A compromised node may be excluded from receiving updated group keys and thus isolated from the MANET.

Abstract: Some embodiments of the present invention provide a processor, which includes a set of general-purpose registers and at least one execution unit. Each general-purpose register in the set of general-purpose registers is at least 64 bits wide, and the execution unit supports one or more Data Encryption Standard (DES) instructions. Specifically, the execution unit may support a permutation-rotation instruction for performing DES permutation operations and DES rotation operations. The execution unit may also support a round instruction to perform a DES round operation. Since the DES instructions use general-purpose registers instead of special-purpose registers to perform DES-specific operations, the processor's circuit complexity and area are reduced. Furthermore, in some embodiments, since the DES instructions require at most two operands, the number of bits required to specify the location of the operands are reduced, thereby enabling a larger number of instructions to be supported by the processor.

Abstract: Some embodiments provide a system to assure enhanced security, e.g., by assuring that information is not revealed over a covert channel. All communications between a source system and a destination system may pass through an intermediate system. In some embodiments, the intermediate system may perform an additional level of blinding to ensure that the source system does not covertly reveal information to the destination system. In some embodiments, the intermediate system may request the source system to perform a modification operation, and then check if the source system performed the modification operation. Examples of the modification operation include a blinding operation and a cryptographic hashing operation.

Abstract: A system comprises reception of input data of a Galois field GF(2k), mapping of the input data to a composite Galois field GF(2nm), where k=nm, inputting of the mapped input data to an Advanced Encryption Standard round function, performance of two or more iterations of the Advanced Encryption Standard round function in the composite Galois field GF(2nm), reception of output data of a last of the two or more iterations of the Advanced Encryption Standard round function, and mapping of the output data to the Galois field GF(2k).

Abstract: A cryptographic processor includes: first and second round function operation circuits, each of which executes cryptographic processing; and a control circuit configured to operate the first and second round function operation circuits by randomly switching between a parallel operation mode used to operate the first and second round function operation circuits in parallel and a serial operation mode used to operate the first and second round function operation circuits in series.

Abstract: The invention relates to a method of sharing a strong secret F between two parties (A, B) previously sharing a weak secret F, this method of sharing combining a symmetric algorithm and an asymmetric algorithm, and consisting in using a fixed exponent e of small size, and in encrypting not the exponent e, but the modulus n, by means of the weak secret f.

Abstract: A programmable encryption approach involves the use of a downloadable decryptor. According to an example embodiment of the present invention, an FPGA device includes a microcontroller for configuring logic circuitry on the FPGA device. A memory register is implemented for storing encryption key data and a message authentication code (MAC). When the FPGA device is to be configured using a configuration bitstream, a MAC is calculated for a decryptor and sent to the microcontroller along with an encryption key. The microcontroller stores the encryption key and MAC in a register to which access is limited. When the decryptor is downloaded to the microprocessor, a MAC is calculated on the downloaded decryptor and compared with the stored MAC. If the calculated MAC matches the stored MAC, the decryptor is allowed to access the key.

Abstract: A system for storing encrypted data comprises a processor and a memory. The processor is configured to receive an encrypted segment. The encrypted segment is determined by breaking a data stream, a data block, or a data file into one or more segments and encrypting each of the one or more segments. The processor is further configured to determine whether the encrypted segment has been previously stored, and in the event that the encrypted segment has not been previously stored, store the encrypted segment. The memory is coupled to the processor and configured to provide the processor with instructions.

Abstract: A deterministic blinding method for cipher algorithms that employ key-mixing and substitution (S-box) operations uses a masking table constructed with a true mask and a plurality of dummy masks corresponding to every possible S-box input. Each mask is applied in the key-mixing operation (e.g., bitwise XOR) to the cipher key or to round subkeys to generate true and dummy keys or subkeys that are applied to the data blocks within the overall cipher algorithm or within individual cipher rounds. The mask values prevent side-channel statistical analyses from determining the true from the dummy keys or subkeys. The true mask is identifiable to the cipher but not by external observers.

Abstract: A method for transmitting a handover security context of a first access point, when an access terminal from a service cell of a first access point is connected to a packet access router, to a service cell of a second access point connected to the packet access router, is provided. The handover security context transmitting method includes confirming whether a handover confirmation message transmitted from the access terminal has a security context therein; when the handover confirmation message has a security context therein, confirming whether the security context has security-related information therein; when the security context has security-related information therein, confirming whether the security context has a traffic-related key or a pairwise master key; and transmitting an information instruction message including the security related information confirmed in the security context, the security-related information, the traffic-related key, and the pairwise master key through the PAR to the second AP.

Abstract: An encryption system and a method for automatically changing an encryption key. The key is changed in response to an amount of data that has been encrypted. When the amount of data encrypted with a first key reaches or exceeds a byte count threshold, the first key is deactivated and a new key is generated and used for subsequent data encryption.

Abstract: An encryption apparatus (14) includes an integrated circuit (34) having a secure processing section (30). A plaintext reset epoch key (154) is stored in the secure processing section (30) and configured to have a short life. A plaintext master key (160) is stored in the secure processing section (30) and configured to have a long life. A multiplicity of active keys (172) are generated, encrypted using a weaker but faster cryptographic algorithm (68) and the reset epoch key (154), then stored in a high-capacity key magazine (86) portion of unsecured memory (16, 18, 28). Some keys and data are also encrypted using a stronger but slower cryptographic algorithm (70) and the master key (160), then stored in unsecured memory (16, 18, 28). Keys (272, 372) may be converted between weaker, faster encryption and stronger, slower encryption.

Abstract: Secure outsourced aggregation of data using one-way chains is discussed in this application. Each input data source such as a sensor generates a Verifiable Synopsis (“VS”) which includes sensor data, an Inflation Free Proof (“IFP”) generated using a cryptographic function and a Self-Authenticating Value (“SEAL”) chain generated using a one-way function. An aggregator takes a plurality VSs from multiple data sources and aggregates them together into one. Maximum value, top-k, count, count distinct, sum, average, and other aggregate functions may be used. Folded VS provides a concise proof that no value greater than the maximum value was reported by a sensor, thus providing a check against deflation of sensor data. Similarly, the cryptographic function of the IFP provides a mechanism to prevent inflation of the sensor data. Thus it becomes possible at a portal to verify that aggregated data has not been inflated or deflated by the aggregator.

Abstract: An encryption processing apparatus for performing a scalar multiplication of kP+lQ based on two points P and Q on an elliptic curve and scalar values k and l or a scalar multiplication of kD1+lD2 based on divisors D1 and D2 and scalar values k and l may include a scalar value controller configured to generate joint regular form of (k, l), k=<kn, . . . k0> and l=<ln, . . . l0>, which are set so that all the bits of the scalar values k and l are represented by 0, +1, or ?1, and the combination (ki, li) of bits at positions corresponding to the scalar values k and l is set to satisfy (ki, li)=(0, ±1) or (±1, 0); and a computation execution section configured to perform a process for computing a scalar multiplication of kP+lQ or kD1+lD2.

Abstract: A vehicle central lock antitheft method and system includes a central lock system which is connected by radio with a remote controller for identity verification using rolling codes (S101, S102), wherein the central lock system chooses a security state (S103) and transmits the security state to an engine management system according to the verification result, the ignition IG status and the door switch status signal indicating opening or closing of the door (S104). The engine management system receives the security state transmitted by the central lock system and verifies the identity of the central lock system by code matching (S106); security identification between the engine management system and the central lock system is carried out by bidirectional encryption communication (S107). The engine management system then decides whether or not to lock the engine according to the result of the security identification.

Abstract: A symmetric key cryptographic method is provided for short operations. The method includes batching a plurality of operation parameters (1503), and performing an operation according to a corresponding operation parameter (1505). The symmetric key cryptographic method is a Data Encryption Standard (DES) method. The short operations can be less than about 80 bytes. The short operations can be between 8 and 80 bytes. The method includes reading the batched parameters from a dynamic random access memory (1504), and transmitting each operation through a DES engine according to the operations parameter (1505).

Abstract: It is desired to share one circuit by an encryption unit 200 and a decryption unit 500. A normal data transformation unit (FL) 251 and an inverse data transformation unit (FL?1) 273 are located at point symmetry on a non-linear data transformation unit 220, and a normal data transformation unit (FL) 253 and an inverse data transformation unit (FL?1) 271 are located at point symmetry on the non-linear data transformation unit 220. Therefore, the encryption unit 200 and the decryption unit 500 can be configured using the same circuits.

Abstract: A method of protecting secret key integrity in a hardware cryptographic system includes first obtaining an encryption result and corresponding checksum of known data using the secret key, saving those results, then masking the secret key and storing the masked key. When the masked key is to be used in a cryptographic application, the method checks key integrity against fault attacks by decrypting the prior encryption results using the masked key. If upon comparison, the decryption result equals valid data, then the key's use in the cryptographic system can proceed. Otherwise, all data relating to the masked key is wiped from the system and fault injection is flagged.

Abstract: A video encryption/decryption scheme is provided allowing an originator of video content to encrypt the video content using a session key, wherein the encrypted content and an encrypted form of the session key are provided to a destination. The session key is encrypted using a long term key value, and the long term key value itself is encrypted using shared secret information that is only stored in the main memory of the originator and destination's systems. The long term key is encrypted, typically by a third party, and provided to the originator and destination systems for encrypting/decrypting the session key. The third party also provides a pass phrase file, which the originator and destination systems can use as input with shared secret information to a certain cryptographic hashing algorithm to encrypt/decrypt the long term key.

Abstract: The present solution provides systems and methods for generating DNS queries that are more resistant to being compromised by attackers. To generate the transaction identifier, the DNS resolver uses a cryptographic hash function. The inputs to the hash function may include a predetermined random number, the destination IP address of the name server to be queried, and the domain name to be queried. Because of the inclusion of the name server's IP address in the formula, queries for the same domain name to different name servers may have different transaction identifiers, preventing an attacker from observing a query and predicting the identifiers for other queries. Additional entropy may be provided for generating transaction identifiers by including the port number of the name server and/or a portion of the domain name as inputs to the hash function.