Abstract: A memory data scrambling system that can dynamically rescramble the contents of a memory while the system is in operation includes an application-specific integrated circuit (ASIC) that has an ASIC bus fabric, a double data rate (DDR) memory controller coupled to the ASIC bus fabric, a dynamic memory scrambler coupled to the DDR memory controller, the dynamic memory scrambler comprising a scrambler, a descrambler, a scrambler selection table, and a key generator and a DDR PHY coupled to the dynamic memory scrambler. The DDR PHY is coupled to an external DDR memory external to the ASIC. The dynamic memory scrambler includes a refresh timer that, upon expiration, causes data in a region of the DDR to be read, descrambled, rescrambled using a different scrambling key, and stored back into the region of the DDR in place of a DDR refresh.

Abstract: Embodiments monitor statistics from groups of devices and generate an alarm upon detecting a utilization imbalance that is beyond a threshold. Particular balance statistics are periodically sampled, over a timeframe, for a group of devices configured to have balanced utilization. The devices are ranked at every data collection timestamp based on the gathered device statistics. The numbers of times each device appears within each rank over the timeframe are tallied. The device/rank summations are collectively used as a probability distribution representing the probability of each device being ranked at each of the rankings in the future. Based on this probability distribution, an entropy value that represents a summary of the imbalance of the group of devices over the timeframe is derived. An imbalance alert is generated when one or more entropy values for a group of devices shows an imbalanced utilization of the devices going beyond an identified imbalance threshold.

Abstract: An electronic device may be configurable to operate in a scrambling mode and a non-scrambling mode while processing chat audio and microphone audio for a first player participating in an online multiplayer game via a game console. While operating in the non-scrambling mode, the electronic device may be configured to transmit the microphone audio to the game console without scrambling the microphone audio. While operating in the scrambling mode, the electronic device may be configured to scramble the microphone audio and transmit the scrambled microphone audio to the game console. The electronic device may be operable to select a scrambling key used to scramble the microphone audio based on a signal received by the electronic device that indicates a role of the player in the online multiplayer game. The role of the player may correspond to which of two or more opposing teams the first player is a member of in the online multiplayer game.

Abstract: An adaptive streaming server, a method, and a system are described herein that create a content stream to be delivered to one or more clients by segmenting the content into data structures which are stored in random access memory (volatile storage) rather than segmenting the content into segment files which are stored on a disk or database (non-volatile storage).

Abstract: Systems and methods for performing adaptive bitrate streaming using alternative streams of protected content in accordance with embodiments of the invention are described. One embodiment of the invention includes a processor, and memory containing a client application. In addition, the client application configures the processor to: request a top level index file identifying a plurality of alternative streams of protected content, where each of the alternative streams of protected content are encrypted using common cryptographic information; obtain the common cryptographic information; request portions of content from at least the plurality of alternative streams of protected content; access the protected content using the common cryptographic information; and playback the content.

Abstract: A system and method for realizing specific security features for a mobile device that may store sensitive and private data by providing secured communications to a paired remote device. In this respect, both the mobile device (which may be a mobile phone, for example) and the paired remote device (which may be a keychain, for example) include a SIM card that may have identification data stored therein. Once paired, the two devices may communicate encrypted security messages back and forth in order to implement various security measures to protect data and wireless communications. Such messages may be generated from initial information known only to each respective device such as a randomly generated offset number and a common time reference.

Abstract: A password authentication circuit includes a timer that measures first and second periods of a password authentication period, a control circuit that, in a first period, disables writing of a password received into a password register, in a predetermined period within a second period enables writing of a password received into the password register and outside the predetermined period within the second period disables writing of a password received into the password register; a password comparison unit that compares a password in the password register and a password expected value to perform authentication of the password; and a first period generation unit that controls variably the first period, a password last written into the password register in the predetermined period of the second period being made a target for authentication.

Abstract: A method, system, and media are provided for securely communicating data. One embodiment of the method includes encrypting a data stream by way of a first algorithm; creating at least two subsets of data from the data stream by extracting one or more data portions from the encrypted data stream, thereby leaving a remaining portion and an extracted portion; communicating the remaining portion to a destination by way of a first communications channel; encrypting the extracted portion utilizing a second algorithm; communicating the encrypted extracted portion to the destination by way of a second communications channel; and providing for recombining the remaining portion and the encrypted extracted portion to facilitate recovery of the encrypted data stream.

Abstract: In the computer data security field, a cryptographic hash function process embodied in a computer system and which is typically keyless, but is highly secure. The process is based on the type of chaos introduction exhibited by a game process such as the well known shuffling of a deck of playing cards. Computation of the hash value (digest) is the result of executing in a model (such as computer code or logic circuitry) a game algorithm that models the actual game such as a playing card shuffling algorithm using the message as an input to the algorithm, then executing the card shuffling algorithm on the input. A state (order) of the modeled deck of cards after a shuffle (or multiple shuffles) gives the hash digest value.

Abstract: A secure processing device may include an external memory storing encrypted data, and a processor cooperating with the external memory. The processor is configured to generate address requests for the encrypted data in the external memory, cache keystreams based upon an encryption key, and generate decrypted plaintext based upon the cached keystreams and the encrypted data requested from the external memory. For example, the processor may be further configured to predict a future address request, and the future address request may be associated with a cached keystream.

Abstract: The pseudorandom number generating system repeatedly performs simple transformation of a non-secure pseudorandom number sequence that may be generated quickly, and thus may quickly generate a highly secure pseudorandom number sequence having a long period. Furthermore, the encryption system and the decryption system do not generate a large encryption function difficult to be deciphered based on a shared key 122, but prepare multiple functions 126, which perform fast, different types of transformation, and select a combination of functions determined based on information of the shared key 122, and make the selected functions transform a text multiple times, thereby encrypt the text. Each of the functions is fast, and thus transformation by the entire combination is also fast. Furthermore, since the combination of functions and repetitive count can be changed, future improvement in specification is easy. Moreover, security is high since which functions are applied in what order is unknown.

Abstract: In an inventive method for encrypting a discrete signal consisting of successive samples the successive samples are subdivided into successive time blocks, and the successive time blocks are then encoded into encoded data blocks having a predetermined order. Subsequently, the predetermined order of the encoded data blocks is altered in accordance with a predetermined interchange specification. The underlying findings are that a very high level of security of the encryption may be achieved by introducing temporal discontinuity, and that the occurrence of errors in unauthorized processing of signals encoded in such a manner maybe prevented, and the compatibility with standard codings may be ensured by performing the alteration of the chronological order in accordance with a coding of the discrete signal, i.e. with regard to encoded data blocks into which an encoder encodes the discrete signal.

Abstract: There is provided a high-speed pipelined ARIA encryption apparatus. The high-speed pipelined ARIA encryption apparatus includes a round key generator for generating a plurality of round keys required for performing an encryption operation using a master key formed to have uniform bits, a plurality of round units whose number is in proportion to the number of times of round operations corresponding to the number of bit of an input value to receive the round keys and the input value and to perform the round operations, and a plurality of pipelined register provided between the round units to transmit the output value of a previous round unit as the input value of the next round unit. A plurality of round units are provided and pipelined registers are inserted between the round units so that it is possible to improve the performance of processing a large amount of data and to perform ARIA encryption at high speed.

Abstract: A method and system for securely communicating information via a low bandwidth channel uses encryption that adds comparatively little overhead to the size of the transmission. This method and system efficiently take advantage of the properties of public key cryptography, a shared secret, a traffic key from the shared secret, an abbreviated initialization vector, and an abbreviated whole message signature. The information and the whole message signature are encrypted using the traffic key with a stream cipher.

Abstract: A base station generates a unicast channel, a MBMS channel, and a pilot channel, that are multiplied by a scrambling code specific to a particular cell. The pilot channel is replicated as necessary. The unicast channel and the MBMS channel are time-multiplexed. For data in a unit transmission frame, a same frequency component is multiplied by a same scrambling code.

Abstract: A system includes a medium access control (MAC) module and a precise time protocol (PTP) module. The MAC module is configured to generate an identifier for a PTP frame, generate an encrypted PTP frame by encrypting the PTP frame, and output the identifier. The PTP module is configured to receive the identifier, identify the encrypted PTP frame based on the identifier in response to the encrypted PTP frame being output from the MAC module, and time stamp the encrypted PTP frame prior to the encrypted PTP frame being transmitted.

Abstract: A mobile terminal device, a wireless communication unit, a wireless communication system, and a wireless communication method by which 1:N communication can be realized at low power consumption and a CH occupation time can be shortened. After each terminal transmits an authorization request, it performs a carrier sense with the pattern corresponding to the transmission timing and waits for authorization response from a key unit (200). The key unit (200) transmits the authorization response at the timing when the carrier sense timings of a plurality of terminals which are authenticated in response to the authorization request from the terminal are coincident with each other. Accordingly, the key unit (200) performs transmission only to the authenticated terminals at one time, and 1:N communication can be realized at low power consumption.

Abstract: Enhancing a stream layer transmission for a MediaFLO™ mobile multimedia multicast system comprising a transmitter and a receiver. Code word (CW) computations are performed on a current channel being accessed by the receiver. A favorite channel that a user is statistically mostly likely to switch to on the receiver at any particular time is anticipated. The Overhead Information Symbols (OIS) for each favorite channel is periodically monitored. The receiver remains in a sleep mode while data bursts are received from non-favorite channels, and then wakes up during data bursts of the favorite channel. The same CW computations are performed on the favorite channel as were being performed on the current channel. A cyclic redundancy check (CRC) is performed once the CW computations are performed upon selecting the favorite channel.

Abstract: A security system, method and device for use in a network for providing a real-time stream are provided. A server updates security association of a terminal device by periodically providing a key stream. When the key stream for changing the security association of the terminal device is received from the server, the terminal device updates stored key stream information after identifying at least one changed field in the key stream and performs a security policy with the server using the updated key stream information. When a security setting operation is performed through a stream notification periodically provided from the server, an unnecessary waste of system resources can be reduced by updating only a specific changed field through the stream notification and reducing the load of generating a security association table.

Abstract: A unified broadcast encryption system divides a media key tree into S subtrees, divides digital content into segments, and converts some of the segments into variations; the number of segments and variations is q. The system subdivides each of the subtrees into q/|S| subdivided subtrees, assigns a key media variant to each of the subdivided subtrees, and generates a unified media key block (MKBu). The system decrypts digital content by obtaining required key media variants from the MKBu, using the key media variant to find an entry in a variant key table, decrypt a title key, and locate a variant number from the variant key table. The system uses the variant number to identify which of the variations may be decrypted by the title key and uses the title key to decrypt segments and variations.

Abstract: An information processing apparatus causes an encryption key data generating section to generate key data stored in a semiconductor memory by using encryption key source data read from the semiconductor memory and cipher generation data stored therein, and stores the key data in a temporary storage section. The information processing apparatus transmits data encrypted by an encryption circuit by using the key data. Upon receipt of the encrypted data, the semiconductor memory executes a command decrypted by a decryption circuit similarly using the key data. This achieves data communication only between the predetermined semiconductor memory and the information processing apparatus.

Abstract: Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive unclassified material by U.S. Government agencies and, as a consequence the de facto encryption standard for commercial applications worldwide. Performing concurrent error detection (CED) for protection of such a widely deployed algorithm is an issue of paramount importance. We present a low-cost CED method for AES. In this method, we make use of invariance properties of AES to detect errors. For the first time, the invariance properties of the AES, which are for the most part used to attack the algorithm, are being used to protect it from fault attacks. Our preliminary ASIC synthesis of this architecture resulted in an area overhead of 13.8% and a throughput degradation of 16.67%.

Abstract: In one embodiment, the present disclosure provides a method capable of processing a variety of different operations. A method according to one embodiment may include loading configuration data from a shared memory unit into a hardware configuration register, the hardware configuration register located within circuitry included within a hardware accelerator unit. The method may also include issuing a command set from a microengine to the hardware accelerator unit having the circuitry. The method may additionally include receiving the command set at the circuitry from the microengine, the command set configured to allow for the processing of a variety of different operations. The method may further include processing an appropriate operation based upon the configuration data loaded into the hardware configuration register. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.

Abstract: A communication device comprises a receiver configured to receive a notification of a cipher parameter used for encryption of data and a requested start time at which the encryption starts; and a correction unit configured to determine whether the cipher parameter needs to be corrected in response to the notification having been retransmitted based on the requested start time and an actual start time at which the encryption actually starts, and correct the cipher parameter.

Abstract: A method, apparatus and computer program product for transmitting data secures the data by adaptively transforming it and spreading the transformed data piecewise over plural transmission channels. The method, apparatus and computer program product may select low-cost channels preferentially to transmit greater amounts of the data; may disorder the data and transmit ordering information separately over a preferred channel of higher security; may conceal data in a lower-security channel by steganographic methods; and may conceal the sequence of the data by placing segments of it statically, for example, in a WWW website, while providing sequencing data on the preferred channel of higher security. A receiving method, apparatus and computer program product may also be provided for recovering information content from signals on the plural channels.

Abstract: A rijndael block cipher apparatus including an operational unit that efficiently performs a round operation for encrypting/decrypting a rijndael block cipher and an encryption/decryption method thereof are disclosed. The rijndael block cipher apparatus is mounted in a mobile terminal such as a cellular phone and a PDA or a smart card, which requires a high-rate and small-sized cipher processor, and can encrypt and decrypt important data that requires security at high speed and perform the round operation with respect to upper 64 bits and lower 64 bits which are divided from 128-bit input data. Thus, the cipher apparatus can reduce the time required for encryption/decryption of the rijndael block cipher and the size of the apparatus.

Abstract: In a wireless communication system, a method and system for implementing an FO function in a KASUMI algorithm for accelerating cryptography in GSM/GPRS/EDGE compliant handsets are provided. An efficient implementation of the FO function may comprise circuitry provided for a pipeline state machine, an FI function, a controller, a pipe register, and an XOR operation. Signals may be generated to control each round of FI processing and to indicate when each round is complete. The pipeline state machine may provide data input and subkey to the FI function for processing. A first and a second round FI processing outputs may be transferred to the pipe register. The second round output may be clocked from the pipe register to generate a portion of the FO function output and may also be XORed with a third round output of FI processing to generate the remaining portion of the FO function output.

Abstract: A multi-level data encryption and decryption system and a method thereof are provided. The method includes dividing a data into a plurality of sub-data blocks corresponding to a plurality of user levels. The method also includes generating an encryption key for each level according to a level generation key and a time key of the level and encrypting the sub-data block of each level by using the encryption key of the level, wherein the level generation key and the time key of a lower level are generated based on the same of an upper level, the time key is generated according to a time generation key and a time seed, and the time seed is periodically updated according to different encryption periods. Thereby, the number of keys to be managed by a user is reduced while the read rights of different users are managed with forward and backward data security.

Abstract: A unified broadcast encryption system divides a media key tree into S subtrees, divides digital content into segments, and converts some of the segments into variations; the number of segments and variations is q. The system subdivides each of the subtrees into q/|S| subdivided subtrees, assigns a key media variant to each of the subdivided subtrees, and generates a unified media key block (MKBu). The system decrypts digital content by obtaining required key media variants from the MKBu, using the key media variant to find an entry in a variant key table, decrypt a title key, and locate a variant number from the variant key table. The system uses the variant number to identify which of the variations may be decrypted by the title key and uses the title key to decrypt segments and variations.

Abstract: A process for distributing digital audio sequences according to a nominal flux format including a succession of fields, each of which includes at least one digital block clusterizing a selected number of coefficients corresponding to single audio elements that are digitally coded inside the flux and utilized by audio decoders that are able to play it to be able to decode it correctly, including a preparatory step including modifying at least one of the coefficients, and a transmission step including a primary flux in compliance with a nominal format including blocks that were modified during the preparatory step and by a route separated from the primary flux by an additional piece of digital information which allows reconstruction of the original flux starting with a calculation, on recipient equipment, as a function of the primary flux and of the additional information.

Abstract: A process for distributing digital video sequences in accordance with a nominal stream format including a succession of frames, each frame including at least one digital block regrouping a plurality of coefficients corresponding to simple, digitally coded visual elements is disclosed.

Abstract: An initialization vector (IV) is employed to decrypt a block of a stream that has been encrypted with Cypher Block Chaining (CBC) encryption, without requiring decryption of previous blocks within the stream. For example, a listener who accesses a distribution point to retrieve encrypted content authenticates himself to an application server that regulates access to encrypted content on the distribution point, and responsively receives a key. The listener then requests access to a reference point within the encrypted content stream somewhere after its beginning (e.g., using preview clips). The distribution point relates the reference point to a corresponding block of the encrypted stream, and identifies an IV previously used for encryption of that block. The distribution point provides the associated encrypted block of content and the IV to the listener to enable mid-stream rendering of the encrypted content, without requiring the listener to decrypt previous blocks within the encrypted stream.

Abstract: Methods and apparatus are provided for implementing a cryptography engine for cryptography processing. A variety of techniques are described. A cryptography engine such as a DES engine can be decoupled from surrounding logic by using asynchronous buffers. Bit-sliced design can be implemented by moving expansion and permutation logic out of the timing critical data path. An XOR function can be decomposed into functions that can be implemented more efficiently. A two-level multiplexer can be used to preserve a clock cycle during cryptography processing. Key scheduling can be pipelined to allow efficient round key generation.

Abstract: A method of authenticating a message (111) received via a transmission channel (108) using a Message Authentication Code (MAC). The message comprises a message body (114) and a tag (116) and the method comprises the steps of generating a second tag (115) according to a MAC function (112) on the basis of the received message body and a secret key (113), calculating a distance (117) between the received tag and generated second tag, and comparing (118) the calculated distance with a predetermined threshold value.

Abstract: In one embodiment, a computer-implemented method comprises receiving a data cipher operation. The method also comprises processing the data cipher operation. The processing of the operation includes generating a number of portions of ciphertext from plaintext, wherein a load operation associated with the generating of at least one portion of the ciphertext executes prior to a store operation associated with the generating of a prior portion of the ciphertext.

Abstract: A method for key verification through time varying item presentation based on a key hash result comprises generating a key hash result partially based on both a global identifier provided from a source and an estimated current time at that source. After generating the key hash result, a first time-varying item is produced using the key hash result as an index for a table lookup or generated based on Certain bit patterns forming the key hash result. Thereafter, the first time-varying item is presented for comparison with a second time-varying item being contemporaneously presented at the source. These computations are repeated, giving the impression of two views or instances of the same time-varying item. An attacker might be able to match one small portion of such a time sequence of presentations, by luck, but not any large portion of the sequence.

Abstract: An encryption apparatus for block data, comprises a first processing unit randomizing the block data in units of first portions obtained by dividing the block data, and a second processing unit diffusing the block data output from the first processing unit with respect to a second portion of the block data which is wider than the first portion. The first processing unit comprises first nonlinear processing units nonlinearly transforming the block data in units of the first portions. The second processing unit comprises a first linear diffusion processing unit linearly diffusing the second portion of the block data. At least one of the first nonlinear processing units comprises second nonlinear processing units nonlinearly transforming the block data in units of the first portions, and a second linear diffusion processing unit linearly diffusing the second portion of the block data.

Abstract: The present invention relates to an encryption method for encrypting information including a series of multiple unit blocks, one at a time, a decryption method for decrypting multiple encrypted unit blocks, one at a time, and a recording and reproducing apparatus that uses those methods. The seed of an encryption key for encrypting each unit block and the seed of an encryption key for decrypting each encrypted unit block, which are used by those methods and the recording and reproducing apparatus, are based on a unit block that is one or more unit blocks before the current unit block in a reproduction order or on information generated by encrypting one or more unit blocks before the current unit block. Alternatively, the seed of an encryption key for encrypting each unit block and the seed of an encryption key for decrypting each encrypted unit block are information based on an encryption key for encrypting a unit block before the current unit block in a reproduction order.

Abstract: Methods and apparatus are provided for implementing a cryptography engine for cryptography processing. A variety of techniques are described. A cryptography engine such as a DES engine can be decoupled from surrounding logic by using asynchronous buffers. Bit-sliced design can be implemented by moving expansion and permutation logic out of the timing critical data path. An XOR function can be decomposed into functions that can be implemented more efficiently. A two-level multiplexer can be used to preserve a clock cycle during cryptography processing. Key scheduling can be pipelined to allow efficient round key generation.

Abstract: A system for the insertion of microthreads in transmitted data is provided. The system includes a digital content system providing carrier data, such as sampled audio data. A microthread insertion system coupled to the digital content system generates a composite data sequence that includes the carrier data and microthread data, such as broadcast verification data. The microthread data is camouflaged using the carrier data, such as by including in the audio signal in a manner that allows it to be detected but which does not noticeably affect the audio signal for listeners.

Abstract: A cipher for enciphering and deciphering a signal includes a plurality of sequentially coupled cipher units, each cipher unit being operable to carry out a reversible operation on the signal. The couplings between cipher units can be randomly configured using a cipher code. The cipher code can be secretly shared between the encipher and decipher. A signal which is enciphered using this technique is thus deciphered using a randomly selected cipher circuit as described by the cipher code.

Abstract: In a network connected to a printer and a registration server, a network registration protocol for registering the printer on the network includes the steps of installing a secret unique identifier and public unique identifier in non-volatile memory in the printer and in a database of the registration server, before the printer is connected to the network; then, when the printer is connected to the network, authenticating the printer to the server by comparison of the secret unique identifiers installed in printer and server, using a secure transmission between the two over the network. Also a network registration signal for transmission over a network from a printer to a registration server to register the printer with the server, where the signal is transmitted at the first occasion the printer is connected to the network.

Abstract: A synchronous data-stream generator, suitable for use as a synchronous stream cipher providing copy right protection for audio/video data, generates a stream of output data items in synchronisation with a clock trigger. The data-stream generator comprises at least two parallel arranged subgenerators Mi, i?1, such as linear feedback shift registers. The output of the subgenerators Mi is combined forming the output data items of the data-stream generator. A control subgenerator C is used for generating a stream of control data items. Control means (150) comprises for at least one subgenerator Mi an associated number selector Si for, in dependence on the control data item of the control subgenerator C, selecting a number ni,j from a group Hi of different integer numbers. At least two numbers of the group Hi are larger than zero.

Abstract: Input signals are electronically watermarked using an uneven or non-uniform sampling rate. The uneven or non-uniform sampling may be pseudo-random. The uneven or non-uniform sampling meets the Nyquist criterion so that aliasing and loss of content are avoided. The resulting sampling pattern in the sampled data is detectable by a comparison with the original source data.

Abstract: An encrypting apparatus includes an encrypting operation section, a determining section and a control section. The encrypting operation section carries out an encrypting operation to a plaintext using intermediate data at each of a plurality of encrypting stages of the encrypting operation to produce a ciphertext. The encrypting operation section outputs encrypting stage data indicating an encrypting state at each of the plurality of processing stages. The determining section determines whether the encrypting operation at a next encrypting stage should be changed, based on the encrypting stage data at a current encrypting stage from the encrypting operation section. The control section changing the encrypting operation at the next encrypting stage when it is determined that the encrypting operation at the next encrypting stage should be changed.

Abstract: A system for the encryption and decryption of data employing cycle stealing to accelerate data processing operations. The cycle stealing is employed by using level sensitive latches in a microcode controller system for storing addresses and code words. The microcode controller system controls the data path hardware for executing the encryption/decryption operations.

Abstract: Techniques for securely and adaptively delivering multimedia content. It is assumed that a set of alternate access units for each time slot is obtained. Then, the encryption stream index of each access unit from the set of alternate access units of the previous time slot are obtained. An encryption stream index is then assigned to each access unit in the set of alternate access units in the current time slot, such that the encryption index increases over time. Thus, the invention overcomes the problem of encrypting a multimedia stream that may have multiple access units for each time slot by selecting the encryption index for each access unit such that the encryption index increases, regardless of which access unit the delivery system (e.g., server) selects for transmission.

Abstract: In an inventive method for encrypting a discrete signal consisting of successive samples the successive samples are subdivided into successive time blocks, and the successive time blocks are then encoded into encoded data blocks having a predetermined order. Subsequently, the predetermined order of the encoded data blocks is altered in accordance with a predetermined interchange specification. The underlying findings are that a very high level of security of the encryption may be achieved by introducing temporal discontinuity, and that the occurrence of errors in unauthorized processing of signals encoded in such a manner maybe prevented, and the compatibility with standard codings may be ensured by performing the alteration of the chronological order in accordance with a coding of the discrete signal, i.e. with regard to encoded data blocks into which an encoder encodes the discrete signal.

Abstract: A parallel processing system includes a plurality of stages operatively coupled in parallel and operating simultaneously. Each stage including a process unit generating a predetermined function and a buffer coupled via a slow output and a slow input ports to the process unit. The buffer also includes a fast input port and a fast output port. A controller drives the buffer to operate in a Slow Read Phase when data is written from the buffer into the process unit, a Slow Write Phase when data is written into the buffer from the process unit, a Fast Write Phase when data is written at a fast rate into the buffer and a Fast Read Phase when data is read from the buffer.

Abstract: A trusted time infrastructure system provides time stamps for electronic documents from a local source. The system comprises a trusted master clock, a trusted local clock, and a network operations center. The trusted master clock and network operations center are located within secure environments controlled by a trusted third party. The trusted local clock may be located in an insecure environment. The trusted master clock is certified to be synchronized with an accepted time standard, such as a national time server. The trusted local clock, which issues time stamps, is certified to be synchronized with the trusted master clock. Time stamps and certifications are signed by the issuing device using public key cryptography to enable subsequent authentication. The network operations center logs clock certifications and responds to requests for authentication of time stamps.