Key Sequence Signal Combined With Data Signal Patents (Class 380/43)
  • Patent number: 7095850
    Abstract: An encryption method and apparatus that provides forward secrecy, by updating the key using a one-way function after each encryption. By providing forward secrecy within a cipher, rather than through a key management system, forward secrecy may be added to cryptographic systems and protocols by using the cipher within an existing framework. A random-access key updating method can efficiently generate one or more future keys in any order. Embodiments are applicable to forward secret ciphers that are used to protect protocols with unreliable transport, to ciphers that are used in multicast or other group settings, and to protection of packets using the IPSec protocols.
    Type: Grant
    Filed: October 17, 2001
    Date of Patent: August 22, 2006
    Assignee: Cisco Technology, Inc.
    Inventor: David McGrew
  • Patent number: 7080257
    Abstract: Oblivious checking of a digital good is performed by identifying a plurality of key instructions within a function of a digital good. Each key instruction is an instruction that possibly modifies a register or a flag. An extra instruction is then inserted into the function for each of the key instructions. The extra instructions each correspond to one of the key instructions and modify a register in a deterministic fashion based on the corresponding key instruction. A set of inputs to the function are then identified that result in different valid computation paths in the function being taken. A checksum for the function is then generated by using a mapping function which maps the contents of the register to the set of inputs.
    Type: Grant
    Filed: August 30, 2000
    Date of Patent: July 18, 2006
    Assignee: Microsoft Corporation
    Inventors: Mariusz H. Jakubowski, Ramarathnam Venkatesan
  • Patent number: 7076538
    Abstract: A method and system are disclosed for substituting an anonymous Universal Unique Identifier (UUID) for a computer system's real UUID in order to disguise an identity of the computer system to an application which is requesting a UUID for the client computer system. A storage device is established in the computer system. The storage device includes a primary and a second location. A UUID stored in the primary location is used as a UUID for the computer system. An anonymous UUID is generated. The anonymous UUID does not identify any particular computer system. The anonymous UUID is stored in the primary location within the storage device, and the real UUID is backed up by moving it into the secondary location. Thereafter, the anonymous UUID is provided in response to requests for the computer system's UUID.
    Type: Grant
    Filed: January 12, 2001
    Date of Patent: July 11, 2006
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Daryl Carvis Cromer, Richard Alan Dayan, Eric Richard Kern, Randall Scott Springfield, Joseph Wayne Freeman, Robert Duane Johnson, Brandon Jon Ellison
  • Patent number: 7076651
    Abstract: A system and method for highly secure data communication. Embodiments of the invention may include encrypting data a first time, packetizing the data, encrypting the data a second time and transmitting the data. Encryption may occur at a data link layer and an Internet Protocol layer. Packetized, twice encrypted data may be transmitted over a network, such as, for example, the Internet. The system may include a first computer system containing data for transmission, a first interface device that receives data from the first computer system, a second interface device that receives data from the first interface device, and a second computer system that receives data from the second interface device.
    Type: Grant
    Filed: April 24, 2001
    Date of Patent: July 11, 2006
    Assignee: Safenet, Inc.
    Inventor: John C. Droge
  • Patent number: 7050583
    Abstract: A method of producing a stream of digital data. The method includes determining a plurality of portions within the stream of digital data, such that a portion of the stream of digital data is encrypted with an encryption key that is capable of being decrypted by a decryption key and the portion including therein another decryption key capable of decrypting a subsequent portion of the stream of digital data, and the subsequent portion of the stream of digital data is encrypted with another encryption key that is capable of being decrypted by the another decryption key. The method also includes transmitting the stream of digital data, including the portion and the subsequent portion.
    Type: Grant
    Filed: March 29, 2001
    Date of Patent: May 23, 2006
    Assignee: Etreppid Technologies, LLC
    Inventor: Dennis L. Montgomery
  • Patent number: 7043017
    Abstract: A symmetric key stream processor 60 that encrypts and decrypts text in accordance with the RC4 algorithm has a main processing block 62 and a host interface 64. The main processing block 62 includes an Sbox memory 78 implemented with a synchronous dual-port RAM and an encryption logic block 80 with a finite state machine. The dual port memory architecture is used for efficiency during permutation and message processing.
    Type: Grant
    Filed: September 13, 2001
    Date of Patent: May 9, 2006
    Assignee: Freescale Semiconductor, Inc.
    Inventors: Richard J. Swindlehurst, Joel D. Feldman
  • Patent number: 7039185
    Abstract: A closed system meter that secures the link between the accounting device and printer utilizing a Linear Feedback Shift Register (LFSR) based stream encryption is provided. The accounting device includes an LFSR that comprises a plurality of stages, with one or more taps that are passed through a logic gate to provide a “feedback” signal to the input of the LFSR, to generate a pseudo-random pattern output. Preferably, a Shrinking Key Generator (SKG) is utilized to further ensure privacy of the data. The output data from the accounting unit is encrypted utilizing the output from the LFSR and sent to the printing device. The printing device includes a similar LFSR, which is utilized to decrypt the output data from the accounting unit and enable printing.
    Type: Grant
    Filed: October 3, 2001
    Date of Patent: May 2, 2006
    Assignee: Pitney Bowes Inc.
    Inventors: Matthew J. Campagna, Frederick W. Ryan, Jr.
  • Patent number: 7023992
    Abstract: In a data multiplexing device which multiplexes and transmits the transport stream packets of program data consisting of a plurality of data elements constructed in the form of transport stream packets, a program distribution system, a program transmission system, a pay broadcast system, a program transmission method, a conditional access system, and a data reception device according to the present invention, by generating a scramble key Ks corresponding to one or more data elements among the plurality of data elements constituting a program and by scrambling each data element, an audience can subscribe for each data element.
    Type: Grant
    Filed: August 9, 1999
    Date of Patent: April 4, 2006
    Assignee: Sony Corporation
    Inventors: Tatsuya Kubota, Norio Wakatsuki
  • Patent number: 7020780
    Abstract: Plural program information and a BCA (Burst Cutting Area) number of the optical disc 100 is previously recorded in the optical disc 100. A drive ID is stored in the nonvolatile memory 104a of the reproduction apparatus 104. A user of the reproduction apparatus 104 notifies the BCA number, the drive ID, and a number of preferred program information to the software house (software supplier) 110 on the condition that the user pays for the reproduction of the preferred program information recorded in the optical disc 100. The software house 110 notifies a cipher key to the reproduction apparatus 104 or the user. A title key is calculated in the reproduction apparatus 104 in accordance with the BCA number, the drive ID, and the cipher key. The preferred information recorded in the optical disc 100 is permitted to be reproduced by using the title key.
    Type: Grant
    Filed: May 31, 2000
    Date of Patent: March 28, 2006
    Assignee: JVC Victor Co. of Japan, Ltd.
    Inventor: Masaki Mochizuki
  • Patent number: 7016498
    Abstract: To encrypt a digital object, a key ID is selected for the digital object, and a function ƒ( ) having an input and an output is selected. The selected key ID is then employed as the input to the function ƒ( ), and the output of such function ƒ( ) is employed as the key (KD) for the digital object: ƒ(key ID) key (KD). The digital object is then according to such key (KD), and the encrypted digital object is distributed.
    Type: Grant
    Filed: November 5, 2004
    Date of Patent: March 21, 2006
    Assignee: Microsoft Corporation
    Inventors: Marcus Peinado, Ramarathnam Venkatesan
  • Patent number: 7006629
    Abstract: A method and system for processing a data set. More particularly, the present invention provides a method and system for encrypting or decrypting a data set so that the data set remains entirely in the ASCII printable range. The method and system of the present invention allow a key of any length to be selected. Once selected, the key is formatted to the length of the data set and then masked so that predetermined bits are set to zero. An exclusively-OR result is then formed with the data set and the masked key to yield an encrypted data set.
    Type: Grant
    Filed: December 19, 2000
    Date of Patent: February 28, 2006
    Assignee: International Business Machines Corporation
    Inventor: Douglas G. Murray
  • Patent number: 7006627
    Abstract: A data encryption/decryption circuit is presented that can be implemented in a field programmable gate array. First and second logic components are provided which are controlled by first and second control signal to direct data between memory and a data processing core (e.g., a DES or TDES processing core). In a ECB mode of operation, the logic components simply pass the data from the memory to the data processing core and from the data processing core to the memory. In CBC mode, the data from the memory is XORed with data from the appropriate data processing core in the first logic component during an encryption operation, and in the second logic component during a decryption operation.
    Type: Grant
    Filed: September 28, 2001
    Date of Patent: February 28, 2006
    Assignee: Tarari, Inc.
    Inventor: Bedros Hanounik
  • Patent number: 7006634
    Abstract: A system for the encryption and decryption of data employing dual ported RAM for key storage to accelerate data processing operations. The on-chip key storage includes a dual-ported memory device which allows keys to be loaded into memory simultaneous with keys being read out of memory. Thus, an encryption or decryption algorithm can proceed while keys are being loaded into memory.
    Type: Grant
    Filed: September 28, 2000
    Date of Patent: February 28, 2006
    Assignee: Cisco Technology, Inc.
    Inventor: Kenneth W. Batcher
  • Patent number: 7003107
    Abstract: In one embodiment, a hybrid stream cipher operating within a computing device. The hybrid stream cipher comprises at least two software routines. A first routine is responsible for dividing incoming plain text into variable-sized blocks. A second software routine is for converting the plain text into cipher text based on an encryption key, an internal identifier and perhaps a percentage of random data value.
    Type: Grant
    Filed: May 22, 2001
    Date of Patent: February 21, 2006
    Assignee: MainStream Encryption
    Inventor: Viswanath Ananth
  • Patent number: 7000119
    Abstract: A method and apparatus are described for protecting critical computer software and/or data with a large amount of obscuring instructions and or data to the extent that observing and understanding the obscured instructions and/or data is not humanly feasible. In a preferred method of obscuring software, a bank of obscuring instructions is prepared, a large number of obscuring instructions are selected from the bank and injected in the software code to be protected and a static image of the obscured sequence of code is encrypted and/or compressed. At execution, the obscured instructions are executed one at a time to make run time tracing a labor intensive process.
    Type: Grant
    Filed: April 20, 2000
    Date of Patent: February 14, 2006
    Assignee: RealNetworks, Inc.
    Inventors: Zheng Jia, Ji Shen
  • Patent number: 6996072
    Abstract: A technique for connecting a dialed B-party number to a data object is described. The connecting of a B-party number to a specific data object, hereafter referred to as phonepage, will allow an A-party direct access to information that a B-party wishes to display to a calling party. The phonepage resides in a memory in a telecommunications network, or in a memory in a data-communications network connected thereto. The phonepage may have a similar appearance to an Internet web page, but may also take other appearances. The displaying of tile phonepage may be made dependent upon the capabilities of the A-party user equipment.
    Type: Grant
    Filed: August 23, 2000
    Date of Patent: February 7, 2006
    Assignee: The Phonepages of Sweden AB
    Inventor: Per Ake Minborg
  • Patent number: 6977909
    Abstract: A technique for connecting a dialed B-party number to a data object is described. The connecting of a B-party number to a specific data object, hereafter referred to as phonepage, will allow an A-party direct access to information that a B-party wishes to display to a calling party. The phonepage resides in a memory in a telecommunications network, or in a memory in a data-communications network connected thereto. The phonepage may have a similar appearance to an Internet web page, but may also take other appearances. The displaying of the phonepage may be made dependent upon the capabilities of the A-party user equipment.
    Type: Grant
    Filed: July 18, 2001
    Date of Patent: December 20, 2005
    Assignee: Phonepages of Sweden, Inc.
    Inventor: Per-Åke Minborg
  • Patent number: 6973187
    Abstract: A block encryption method and schemes (modes of operation) that provide both data confidentiality and integrity with a single cryptographic primitive and a single processing pass over the input plaintext string by using a non-cryptographic Manipulation Detection Code function for secure data communication over insecure channels and for secure data storage on insecure media. The present invention allows, in a further aspect, software and hardware implementations, and use in high-performance and low-power applications, and low-power, low-cost hardware devices. The block encryption method and schemes of this invention allow, in yet a further aspect, encryption and decryption in parallel or pipelined manners in addition to sequential operation. In a yet further aspect, the block encryption method and schemes of this invention are suitable for real-time applications.
    Type: Grant
    Filed: January 18, 2001
    Date of Patent: December 6, 2005
    Assignee: VDG, Inc.
    Inventors: Virgil Dorin Gligor, Pompiliu Donescu
  • Patent number: 6954740
    Abstract: Architecture for central e-commerce authorization and verification using multiple Keys/Pins storage and central action verification means. Action Verification is provided between Action Initiating Party (12) and a central Verification Authority (16), wherein action includes a transaction, message, command, approval, identification request, financial transaction and data transmittal. Wherein action is authorized and initiated by an Entity (14) which can be an individual, company, vendor or other organization, which authorizes by giving a PIN, the execution, processing or delivering of an action. The action can be requested and/or transmitted and/or delivered electronically or mechanically. Verification information is stored in a Verification Authority system, accessed by Entities and the Action Initiating parties. The Entity stores in the Verification Authority sets of Personal Identification Numbers (PINS/Keys), and as a verification option, personal data parameters.
    Type: Grant
    Filed: February 26, 2001
    Date of Patent: October 11, 2005
    Inventor: Albert Israel Talker
  • Patent number: 6952822
    Abstract: The installation method makes possible the installation of new programs, while maintaining security, in a system LSI device. The installation method comprises a step for receiving the signature data 7 of a program 6, a step for checking for interference with other already installed programs on the basis of said signature data 7, and a step for authorizing the installation of programs with which there is no interference. A declaration of signature data is elicited from a program being installed; a check for interference among programs is performed based on this, authentication is performed, and the installation of interfering programs is prevented or the installation of programs with which there is no interference is executed. It therefore becomes possible to install new programs while protecting high-security programs.
    Type: Grant
    Filed: February 1, 2001
    Date of Patent: October 4, 2005
    Assignee: Fujitsu Limited
    Inventors: Tomomi Shiobara, Yusuke Kawasaki, Shigeru Hashimoto
  • Patent number: 6950517
    Abstract: Methods and apparatus are presented herein for encrypting and authentication data, such that some of data can be transmitted in the clear but still be authenticated by the sender. A set of cleartext positions and/or a set of ciphertext positions are used to specify which data blocks will be used to generate an input checksum value and an output checksum value. These checksums are then used to generate an authentication tag.
    Type: Grant
    Filed: July 24, 2002
    Date of Patent: September 27, 2005
    Assignee: Qualcomm, Inc.
    Inventors: Philip Michael Hawkes, Gregory G. Rose
  • Patent number: 6951029
    Abstract: In an information delivery system, a security device (SD) manages an access to information (INF). The security device (SD) is capable of providing a pointer (PO) which indicates a location (LO) from which additional data (ADA) may be obtained. The additional data (ADA) may be a description of the information (INF) which is offered. For example, in a pay TV system, the information (INF) may be a particular movie of which the description is “James Bond, Dr. No, action category, 12 year and older, broadcast April 19, at 20H30.” In that case, the pointer (PO) may be used to inform a subscriber that his security device (SD) allows him to watch this particular movie. However, the additional data (ADA) contained in the location (LO) indicated by the pointer (PO), may also be software for various purposes such as, for example, playing games or configuring a receiver (REC) which co-operates with the security device (SD).
    Type: Grant
    Filed: May 5, 1997
    Date of Patent: September 27, 2005
    Assignee: Koninklijke Philips Electronics N.V.
    Inventors: Franciscus L. A. J. Kamperman, Frank Bosveld
  • Patent number: 6947558
    Abstract: A stream cipher is provided with one or more data bit generators to generate a first, second and third set of data bits. The stream cipher is further provided with a combiner function having a network of shuffle units to combine the third set of data bits, using the first and second sets of data bits as first input data bits and control signals respectively of the network of shuffle units. In one embodiment, the shuffle units are binary shuffle units and they are serially coupled to one another.
    Type: Grant
    Filed: August 29, 1999
    Date of Patent: September 20, 2005
    Assignee: Intel Corporation
    Inventors: Gary L. Graunke, David A. Lee, Robert W. Faber
  • Patent number: 6947556
    Abstract: Methods, systems and computer program products are provided which provide for controlling access to digital data in a file by encrypting the data with a first key, encrypting the first key with a second personal key generated from a password/passphrase associated with the file and further encrypting the encrypted first key with a control key which is managed by the system. In certain embodiments, user authentication may also be provided by issuing a ticket which is utilized to create, access and administer the files in the system.
    Type: Grant
    Filed: August 21, 2000
    Date of Patent: September 20, 2005
    Assignee: International Business Machines Corporation
    Inventors: Stephen Michael Matyas, Jr., Mohammad Peyravian, Allen Leonid Roginsky, Nevenko Zunic
  • Patent number: 6931128
    Abstract: A security key, such as an encryption key, is generated so as to make it more difficult for eavesdroppers to identify the key. Specifically, a cryptographically secure random number generator generates a random bit sequence that is included in a seed. This random seed is provided along with a negotiated master secret to a key generation module. The key generation module may implement a pseudo random function that is in accordance with the Transport Layer Security (TLS) protocol or the Wireless Transport Layer Security (WTLS) protocol. This key may then be used to encrypt a plain text message to form an encrypted data packet. The encrypted data packet also includes the random seed in unencrypted form. The encrypted data packet may be transmitted over a public network to a recipient with reduced risk of eavesdropping.
    Type: Grant
    Filed: January 16, 2001
    Date of Patent: August 16, 2005
    Assignee: Microsoft Corporation
    Inventor: Paul Cador Roberts
  • Patent number: 6931132
    Abstract: A secure wireless local or metropolitan area network and data communications device therefor are provided, where the device transmits plain text in an encrypted message including cipher text and an initialization vector. The device may include a seed generator for performing a one-way algorithm using a secret key, a device address, and a changing reference value for generating a seed. Further, a random initialization vector (IV) generator may be included for generating a random IV, and a key encryptor may generate a key sequence based upon the seed and the random IV. Additionally, a logic circuit may be included for generating cipher text based upon the key sequence and plain text, and a wireless communications device may be connected to the logic circuit and the random IV generator for wirelessly transmitting the encrypted message.
    Type: Grant
    Filed: May 10, 2002
    Date of Patent: August 16, 2005
    Assignee: Harris Corporation
    Inventors: Thomas Jay Billhartz, Frank Joseph Fleming
  • Patent number: 6912284
    Abstract: A self-authenticating apparatus for effecting secure communication of a binary signal. In the encipherment apparatus, key is generated as a function of plain text summed with a pseudorandom linear sequence. The decipherment apparatus performs a reverse function in an autokey mode. Incoming cipher text is summed with generated key to create a plain text stream. As in the encipherment device, key is generated as a function of the resulting plain text summed with a pseudorandom linear sequence.
    Type: Grant
    Filed: June 13, 1983
    Date of Patent: June 28, 2005
    Assignee: The United States of America as represented by the National Security Agency
    Inventor: Thomas E. Palmatier
  • Patent number: 6912658
    Abstract: A method of data hiding includes providing a message (68), providing an encrypting sequence (86), and generating an encrypted message (72) based on the message and the encrypting sequence. A carrier signal (66) that conveys information unrelated to the encrypted message is provided, and the encrypted message is embedded (78) into the carrier signal by performing an exclusive-OR of the encrypted message with a first portion of the carrier signal.
    Type: Grant
    Filed: August 21, 1998
    Date of Patent: June 28, 2005
    Assignee: Purdue Research Foundation
    Inventors: Jordan J. Glogau, Edward J. Delp, III, Raymond B. Wolfgang, Eugene Ted Lin
  • Patent number: 6886098
    Abstract: Systems, methods and a modulated data signal are described herein that provide an efficient way to derive a single key from which a user can extract virtually any number of data encryption keys. A database is logically divided into segments and a small prime number is associated with each segment. An encryption key is derived for each segment in the database and a key set is determined for distributing a data subset to a user. Each segment is encrypted with the corresponding encryption key. A single key is derived using the prime numbers associated with the data segments and the single key, the encrypted database, and a small amount of public information is provided to the user. The user utilizes this information to extract the encryption key set from the single key. One implementation utilizes a tree structure to significantly reduce the number of modular exponentiations that must be calculated when extracting the encryption keys.
    Type: Grant
    Filed: August 12, 2000
    Date of Patent: April 26, 2005
    Assignee: Microsoft Corporation
    Inventor: Josh D. Benaloh
  • Patent number: 6876746
    Abstract: Buffers, or registers, are used at one or more places between processing stages in a device for decrypting a data stream. The device has multiple processing stages arranged in a circular manner so that data is repeatedly passed from a prior stage to a next stage, and from a last stage back to a first stage, until processing is completed. The use of one or more registers at one or more positions allows data to be stored so that the stream associated with the stored data can effectively be suspended. This allows data from another stream to be processed while the suspended stream is in a wait state.
    Type: Grant
    Filed: May 15, 2001
    Date of Patent: April 5, 2005
    Assignees: Sony Corporation, Sony Electronics Inc.
    Inventor: Steve Pham
  • Patent number: 6862354
    Abstract: A stream cipher encryption method and apparatus that can efficiently seek to arbitrary location in a keystream, and a method of generating an arbitrary segment of keystream.
    Type: Grant
    Filed: September 29, 2000
    Date of Patent: March 1, 2005
    Assignee: Cisco Technology, Inc.
    Inventors: David A. McGrew, Scott R. Fluhrer
  • Patent number: 6819764
    Abstract: There is provided a data processor wherein a plain text is encrypted to a cipher text by using a encryption key and/or a cipher text is decrypted to a plain text by using a decryption key, which device is constructed of a plurality of key conversion functions fk sequentially connected, which each are an involution type, and which conduct key conversion processing and output extended keys based on the key for encryption or decryption, or key conversion results, a key conversion section in which the key conversion results are sequentially transferred between the key conversion functions in the order or the reverse order, a plurality of round functions fr sequentially connected, which are an involution type, and which conducts encryption and/or decryption by using extended keys, and a data randomize section in which processing results in the round functions fr are sequentially transferred between the round functions fr in the order or the reverse order.
    Type: Grant
    Filed: August 24, 1999
    Date of Patent: November 16, 2004
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hideo Shimizu, Fumihiko Sano
  • Patent number: 6816596
    Abstract: To encrypt a digital object, a key ID is selected for the digital object, and a function ƒ( ) having an input and an output is selected. The selected key ID is then employed as the input to the function ƒ( ), and the output of such function ƒ( ) is employed as the key (KD) for the digital object: ƒ(key ID)→key (KD). The digital object is then encrypted according to such key (KD), and the encrypted digital object is distributed.
    Type: Grant
    Filed: March 15, 2000
    Date of Patent: November 9, 2004
    Assignee: Microsoft Corporation
    Inventors: Marcus Peinado, Ramarathnam Venkatesan
  • Publication number: 20040202322
    Abstract: Protection of digital content using a specific application of block cipher cryptography is described. The digital content is encrypted using an encryption key and a calculated initialization vector. The digital content includes a plurality of strides of data and each stride includes a string of data to be encrypted and a block of data to be encrypted. The calculated initialization vector to be used to encrypt the block of data is derived from the string of data in the stride to be encrypted. Furthermore, the initialization vector is calculated by performing an exclusive disjunction function on a seed value and the string of data for each stride.
    Type: Application
    Filed: September 29, 2003
    Publication date: October 14, 2004
    Inventors: Pierre Chavanne, John Hwa, Lakshmana Pamarthy, Carl Quinn, Ralph Hill, Eric Swenson, Motomasa Futagami, Atsushi Mituszawa
  • Publication number: 20040190714
    Abstract: A device is provided that combines data protection for stored data with ease of use in cases where data encrypted using a public key is received and stored.
    Type: Application
    Filed: September 3, 2003
    Publication date: September 30, 2004
    Applicant: Fuji Xerox Co., Ltd.
    Inventors: Takanori Masui, Tatsuhiko Yokohama, Masanori Satake
  • Patent number: 6792108
    Abstract: For stream or block ciphers, a sequence generator using a quasi-crystal function is used to prepare an encryption or decryption pad. Various techniques for generating purely aperiodic sequences using quasi-crystal functions are available, including geometric, algebraic and symbolic substitution. The aperiodic sequence is generated using minimal processing power, and generation may continue for extended periods of time in the case of long messages or extended period encryption of a data transmission channel.
    Type: Grant
    Filed: June 8, 1999
    Date of Patent: September 14, 2004
    Assignee: Universite de Montrëal
    Inventors: Jiri Patera, Edita Pelantova, Zuzana Masakova
  • Publication number: 20040165722
    Abstract: Frame-based information is transmitted through a transmission medium, whilst assigning payload information of a particular frame to one or more transmission packets and encrypting the payload information of such frame through a frame encryption key. Each transmission packet is provided with individual streamcipher-based synchronization information for in combination with the frame decryption key enabling decrypting of an associated encrypted transmission packet. In particular, the streamcipher-based synchronization information is transmitted as being redundantly included in a second transmission packet that is next to the first transmission packet that originates the individual streamcipher-based synchronization information in question. Thereby, the streamcipher-based synchronization information can operate as seed information for decrypting the second transmission packet.
    Type: Application
    Filed: December 22, 2003
    Publication date: August 26, 2004
    Inventors: Bartholomeus Johannes Van Rijnsoever, Cornelis Leonardus Maria Van Pul
  • Patent number: 6778587
    Abstract: A system and method for embedding information into digital media and later detecting the embedded information using a unique spread spectrum modulation technique. In general, the present invention removes interference caused by an original signal from the detection process thereby eliminating a major source of detection error. The interference caused by the original signal is removed by using the encoder knowledge about the original signal and modulating the energy of the embedded mark to compensate for the original signal interference. The present invention also includes a novel redundant bit representation technique causes a resulting average over a large sample to tend to zero, thereby reducing the vulnerability of the present invention to malicious collusion attacks.
    Type: Grant
    Filed: September 1, 2000
    Date of Patent: August 17, 2004
    Assignee: Microsoft Corporation
    Inventors: Henrique S. Malvar, Dinei A. Florencio
  • Patent number: 6772343
    Abstract: There is provided a data processor in which a plain text or a cipher text is segmented into two or more small blocks, the small blocks are each data-processed one small block as a unit to transform to a new small blocks and then the new small blocks are encrypted or decrypted. The data processor comprises transformation means F for transforming small blocks with keys, mutual action means for causing a mutual action to a pair of a small block which has been transformed by the transformation means and another small block, chaining means for chaining small blocks. With the data processor, even when a block length in encryption is short, high transmission efficiency can be enjoyed and Feistel type cryptosystem can be realized while preventing reduction in a degree of security due to shortness of a block length.
    Type: Grant
    Filed: August 24, 1999
    Date of Patent: August 3, 2004
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Hideo Shimizu, Fumihiko Sano
  • Patent number: 6766024
    Abstract: A system for decrypting an encrypted message comprises first and second decryption devices, the first decryption device having a higher security than the second decryption device. The system further comprises means for dividing the encrypted message into blocks, and means for providing at least the first block of the message to the first decryption device and for providing a plurality of further blocks of this message to the second decryption device. An output of the first decryption device is used as input of the second decryption device. The second decryption device operates according to a block chaining method for decrypting the plurality of further blocks.
    Type: Grant
    Filed: August 31, 1999
    Date of Patent: July 20, 2004
    Assignee: Mindport B.V.
    Inventor: Simon Paul Ashley Rix
  • Patent number: 6754824
    Abstract: A telecommunications system and method is disclosed for implementing a message authentication code (MAC) for transmitted digital information signals. Digital information signals typically include an error detecting code, such as a Cyclic Redundancy Check (CRC) code, to ensure reliable delivery of the information. In order to verify the identity of the sending node, the CRC code can be modulated by a sequence known only to the participating nodes. Thus, the CRC code not only provides an error detecting function, but also serves as a message authentication code.
    Type: Grant
    Filed: October 8, 1999
    Date of Patent: June 22, 2004
    Assignee: Telefonaktiebolaget L M Ericsson (Publ)
    Inventors: Joakim Persson, Ben Smeets
  • Publication number: 20040071291
    Abstract: A secured method of cryptographic computation to generate output data from input data and from a secret key includes a derived key scheduling step to provide a derived key from the secret key according to a known key scheduling operation. The method also includes a masking step, performed before the derived key scheduling step, to mask the secret key so that the derived scheduled key is different at each implementation of the method. The present method and component can be used in transfer type applications, such as bank type applications.
    Type: Application
    Filed: December 5, 2003
    Publication date: April 15, 2004
    Inventors: Fabrice Romain, Yannick Teglia
  • Patent number: 6707914
    Abstract: Within a communications system, first and second end stations coupled to a network participate in a communications session with one another using the network. Each end station includes an encryptor having at least a first linear feedback shift register (LFSR) and at least an associated first interconnect mask of a length not longer than the length of the first LFSR. At a particular one of the end stations, the encryptor generates an output sequence using the first LFSR and the first interconnect mask. An interconnect mask table contains polynomials that each correspond to an available interconnect mask. The end station receives a session key specifying the first interconnect mask. The end station uses the output sequence of the encryptor to encrypt an information stream during the session. In one particular embodiment, the network includes a local area network (LAN) that supports Internet Protocol (IP) and the end stations use real time protocol (RTP) to communicate audio information streams.
    Type: Grant
    Filed: November 29, 1999
    Date of Patent: March 16, 2004
    Assignee: Cisco Technology, Inc.
    Inventor: Robert T. Bell
  • Patent number: 6683958
    Abstract: Apparatus and methods are provided for embedding or embedding digital data into an analog host or cover signal. A distributed signal feature of the cover signal in a particular domain (time, frequency or space) is calculated and compared with a set of predefined quantization values corresponding to an information symbol to be encoded. The amount of change required to modify the signal feature to the determined target quantization value is calculated and the cover signal is modified accordingly to so change the feature value over a predefined interval. Information symbols are extracted by the opposite process. In one embodiment, the predefined value is a short term autocorrelation value of the cover signal.
    Type: Grant
    Filed: July 29, 2002
    Date of Patent: January 27, 2004
    Assignee: Verance Corporation
    Inventor: Rade Petrovic
  • Publication number: 20030231766
    Abstract: According to some embodiments, a shared control and information bit can represent either an encryption key position selection or a new encryption key value.
    Type: Application
    Filed: May 30, 2002
    Publication date: December 18, 2003
    Inventor: Bedros Hanounik
  • Publication number: 20030202658
    Abstract: An advanced encryption system (AES) architecture includes a maximum parallel encryption module which implements one round of the AES algorithm in one clock cycle, and a maximum parallel key scheduling module which generates sub-keys in one clock cycle in parallel with the encryption module, thereby permitting feedback modes of operation to be used without adversely affecting AES throughput. A controller controls the operation of the encryption and key scheduling modules such that one round is completed per clock cycle. The controller is preferably part of a hierarchical distributed control scheme comprising communicating finite state machines (FSMs). The architecture also preferably includes asynchronous input and output buffers.
    Type: Application
    Filed: April 24, 2002
    Publication date: October 30, 2003
    Applicant: G-PLUS, INC.
    Inventor: Ingrid Verbauwhede
  • Publication number: 20030198345
    Abstract: An encryption/decryption method and apparatus may comprise performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages; holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width; encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width; decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits
    Type: Application
    Filed: April 15, 2002
    Publication date: October 23, 2003
    Inventor: Darrel J. Van Buer
  • Patent number: 6615353
    Abstract: A user authentication method and system which maintains reliable security using a low cost storage medium in place of cryptocards, wherein the system comprises control equipment and an operating section connected to the control equipment, and wherein the method comprises the steps of the operating section reading a storage medium that stores specific parameters, creating a user authenticaly code using a specific function from the specific parameters and other parameters provided by the control equipment, and supplying the created user authentication code to the control equipment, wherein the user authentication code sent from the operating section is compared with another code computed using a specific function generated by the control equipment, and when both codes are found to coincide, the control equipment causes information to be interchanged between the control equipment and the operating section. Advantageously, the invention method provides reliable security combined with low cost.
    Type: Grant
    Filed: July 17, 1998
    Date of Patent: September 2, 2003
    Assignee: Yokogawa Digital Computer Corporation
    Inventor: Masahiro Hashiguchi
  • Publication number: 20030138099
    Abstract: For encrypting a string of data elements from a first value range, a respective data element is combined with a key element by a first computing operation. The resulting combination result may lie outside the first value range. From the combination result, an encrypted data element is then derived by a second computing operation that maps onto a second value range, for example printable 1-byte characters. Decryption is accomplished by combining the encrypted data element with the key element using an inverse computing operation to the second computing operation executed iteratively until a result of an iteration step lies within the first value range.
    Type: Application
    Filed: December 20, 2002
    Publication date: July 24, 2003
    Applicant: Siemens Aktiengesellschaft
    Inventor: Herbert Schmidt
  • Patent number: 6560338
    Abstract: A method and an apparatus for generating encryption stream ciphers are based on a recurrence relation designed to operate over finite fields larger than GF(2). A non-linear output can be obtained by using one or a combination of non-linear processes to form an output function. The recurrence relation and the output function can be selected to have distinct pair distances such that, as the shift register is shifted, no identical pair of elements of the shift register are used twice in either the recurrence relation or the output function. Under these conditions, the recurrence relation and the output function also can be chosen to optimize cryptographic security or computational efficiency. Moreover, it is another object of the present invention to provide a method of assuring that the delay that results for the encryption process does not exceed predetermined bounds.
    Type: Grant
    Filed: February 8, 1999
    Date of Patent: May 6, 2003
    Assignee: Qualcomm Incorporated
    Inventors: Gregory G. Rose, Roy Franklin Quick, Jr.