Plural Generators Patents (Class 380/47)
  • Patent number: 7697684
    Abstract: It is desired to share one circuit by an encryption unit 200 and a decryption unit 500. A normal data transformation unit (FL) 251 and an inverse data transformation unit (FL?1) 273 are located at point symmetry on a non-linear data transformation unit 220, and a normal data transformation unit (FL) 253 and an inverse data transformation unit (FL?1) 271 are located at point symmetry on the non-linear data transformation unit 220. Therefore, the encryption unit 200 and the decryption unit 500 can be configured using the same circuits.
    Type: Grant
    Filed: October 28, 2005
    Date of Patent: April 13, 2010
    Assignees: Mitsubishi Denki Kabushiki Kaisha, Nippon Telegraph and Telephone Corporation
    Inventors: Mitsuru Matsui, Toshio Tokita, Junko Nakajima, Masayuki Kanda, Shiho Moriai, Kazumaro Aoki
  • Patent number: 7694132
    Abstract: A system for communication of a message in which the message intended for a third computer is first encrypted by a first computer and is sent to a second computer. The second computer, acting as an intermediary, + decrypts the message and re-encrypts the message before sending the message to the third computer which again decrypts the message.
    Type: Grant
    Filed: August 10, 2005
    Date of Patent: April 6, 2010
    Inventor: Mark Ellery Ogram
  • Publication number: 20100031024
    Abstract: A digital signature is applied to digital data in real-time. The digital signature serves as a mark of authenticity assuring a recipient that the digital data did in fact originate from an indicated source. The digital signature may be applied to any digital data, including video signals, audio signals, electronic commerce information, data pertaining to land vehicles, marine vessels, aircraft, or any other data that can be transmitted and received in digital form.
    Type: Application
    Filed: March 16, 2007
    Publication date: February 4, 2010
    Applicant: VERIZON BUSINESS GLOBAL LLC
    Inventor: David Scott Hayes
  • Patent number: 7657612
    Abstract: An Extensible Mark-up Language (XML) schema is used to generate configuration settings files. A wireless configuration XML schema defines an XML file for configuring wireless network settings on a wireless device. A wide area network (WAN) configuration schema defines an XML file for configuring a WAN device. A local area network (LAN) configuration schema defines an XML file for configuring a LAN device. A broadband modem configuration schema defines an XML file for configuring a broadband modem device. A device configuration schema defines an XML file for reporting the configuration of a device.
    Type: Grant
    Filed: March 23, 2004
    Date of Patent: February 2, 2010
    Assignee: Microsoft Corporation
    Inventors: Scott Manchester, Dalen Abraham, Mohammad Shabbir Alam, Jean-Pierre Duplessis, Trevor W. Freeman, Bill Hanlon, Anton W. Krantz, Benjamin Nick
  • Publication number: 20090316910
    Abstract: A cryptographic key management method and device are provided by which cryptographic keys of multiple nodes can be managed easily and stably. A system includes at least one first node and a plurality of second nodes connected to the first node, and the first node individually generates and consumes a cryptographic key with each of the second nodes connected to the first node itself. A cryptographic key management device in such a system has a monitor that monitors the stored key amounts of cryptographic keys of the individual second nodes, stored at the first node, and a key management control section that performs key generation control on the first node, based on the stored key amounts.
    Type: Application
    Filed: June 10, 2008
    Publication date: December 24, 2009
    Applicant: NEC CORPORATION
    Inventors: Wakako Maeda, Akio Tajima, Akihiro Tanaka, Seigo Takahashi
  • Patent number: 7636439
    Abstract: Data to be encrypted is effectively encrypted by a data delivery system for encrypting the data to be encrypted with a transmitting apparatus and decrypting a cipher thereof with a receiving apparatus. In a configuration for encrypting and decrypting the data to be encrypted by using a random number sequence generated by a random number generating portion for generating the random number sequence uniquely decided from an input parameter, the transmitting apparatus generates the input parameter to perform encryption based on metadata of the data to be encrypted while the receiving apparatus generates the input parameter to perform cipher decryption based on the metadata embedded in the data to be encrypted.
    Type: Grant
    Filed: September 9, 2005
    Date of Patent: December 22, 2009
    Assignee: Hitachi Kokusai Electric, Inc.
    Inventors: Sumie Nakabayashi, Kazuhito Yaegashi, Munemitsu Kuwabara, Hirotake Usami
  • Patent number: 7636844
    Abstract: Exchanging data between a SIM device and an application executed in a trusted platform, wherein the data to be exchanged is secured from unauthorized access. In one embodiment, the exchanging data includes exchanging an encryption key via a trusted path within a computer system, and exchanging data encrypted with the encryption key, via an untrusted path with the computer system.
    Type: Grant
    Filed: November 17, 2003
    Date of Patent: December 22, 2009
    Assignee: Intel Corporation
    Inventor: Sundeep M. Bajikar
  • Patent number: 7636840
    Abstract: A method and system for secure communication and control in a fueling environment. In one aspect, the fueling environment with secure communication comprises a fuel dispenser and at least one node communicable coupled with the fuel dispenser. The fuel dispenser is operable to generate a first public key and a first private key associated with the fuel dispenser and publish the first public key within the fueling environment. The fuel dispenser is further operable to authenticate a particular one of the nodes using, at least in part, a second public key associated with the particular node and the first public and the first private keys. The fuel dispenser may then dynamically generate a run-time symmetric key using, at least in part, the first private key and the second public key and communicate data associated with the fueling environment to the authenticated node, with the data encrypted using the symmetric key.
    Type: Grant
    Filed: March 4, 2005
    Date of Patent: December 22, 2009
    Assignee: Dresser, Inc.
    Inventor: Weiming Tang
  • Patent number: 7634088
    Abstract: A radio communications system includes radio devices, and antenna and an array antenna. The radio devices communicate a prescribed signal via the antenna and the array antenna in a system of transmission and reception at a single frequency, such as time division duplex, as the array antenna changes the in directivity to form a plurality of directivities. The radio devices detect a plurality of received radio waves' strength to produce receive signal profiles, respectively, indicating a plurality of strength profiles. The radio devices multivalue strength of the receive signal profiles, respectively, and generate private keys having the multivalued plurality of values serving as a bit pattern.
    Type: Grant
    Filed: February 25, 2004
    Date of Patent: December 15, 2009
    Assignees: The Doshisha, Advanced Telecommunications Research Institute International
    Inventors: Hideichi Sasaoka, Tomoyuki Aono, Takashi Ohira
  • Patent number: 7634659
    Abstract: The roaming hardware paired encryption key generation coalesces a content variable with a network, or subnet, address to generate an encryption key. The source generates a content identification that is unique to the content being encryption and the network, or subnet, address is coalesced with the content indentification to generate a unique encryption key for the content being encrypted. The encrypted digital content is transmitted to the destination devices identified by the network, or subnet address, along with the content identification. At the destination, the destination devices regenerate the encryption by coalescing the content identification and the network, or subnet, address in the same manner as ciphertext is decrypted into plaintext.
    Type: Grant
    Filed: September 20, 2002
    Date of Patent: December 15, 2009
    Assignee: Cable Television Laboratories, Inc.
    Inventor: James W. Fahrny
  • Publication number: 20090274306
    Abstract: The invention relates to a method for a central key station (SS), for setting a new key (nK) in a cryptography module (KM) without a public key being stored in the cryptography module (KM), the authenticity of the new key (nK) being secured by a protocol. According to said method, the public key (KMpub) of the cryptography module is only transported in an encoded manner and only transmitted to key points (SS) that have access to the cryptography module (KM).
    Type: Application
    Filed: April 12, 2006
    Publication date: November 5, 2009
    Applicant: WINCOR NIXDORF INTERNATIONAL GMBH
    Inventor: Michael Nolte
  • Publication number: 20090262943
    Abstract: Key derivation algorithms are disclosed. In one key derivation application, a segment of the master key is hashed. Two numbers of derived from another segment of the master key. A universal hash function, using the two numbers, is applied to the result of the hash, from which bits are selected as the derived key. In another embodiment, an encoded counter is combined with segments of the master key. The result is then hashed, from which bits are selected as the derived key.
    Type: Application
    Filed: June 25, 2009
    Publication date: October 22, 2009
    Applicant: CMLA, INC.
    Inventors: Ivan Bjerre Damgaard, Torben Pryds Pedersen, Vincent Rijmen
  • Patent number: 7606361
    Abstract: Sending a message securely on an insecure channel. The message is encoded in the form of a singular matrix, and multiplied with a first non-singular matrix. The resulting first cipher data is sent to a receiver system. Receiver system multiplies the first cipher data with a second non-singular matrix and the resulting second cipher data is sent to the sender system. The sender system multiplies the second cipher data with the inverse of the first non-singular matrix, and the result is sent to the receiver system. The receiver system multiplies the received result with the inverse of the second non-singular matrix to recover the message.
    Type: Grant
    Filed: May 2, 2005
    Date of Patent: October 20, 2009
    Assignee: Oracle International Corporation
    Inventor: Venkata Naga Ravikiran Vedula
  • Publication number: 20090252324
    Abstract: A method and apparatus for providing a broadcast service in a communication system is provided. The method includes creating a seed key pair including a first key and a second key, transmitting the seed key pair to a terminal to which the broadcast service is to be provided, creating a certain number of encryption keys using the seed key pair, the certain number corresponding to a lifetime of the seed key pair, encrypting broadcast service data for the lifetime using the encryption keys, and broadcasting the encrypted broadcast service data.
    Type: Application
    Filed: April 3, 2009
    Publication date: October 8, 2009
    Applicant: SAMSUNG ELECTRONICS CO. LTD.
    Inventors: Sergey Nikolayevich SELEZNEV, Byung-Rae LEE, Sung-Oh HWANG, Kook-Heui LEE
  • Patent number: 7600121
    Abstract: To provide a secure, effective but simple message handling, a method is provided for transmitting an electrical message, from a first user having a first terminal to a second user having a second terminal. The method comprises the steps of: transmitting said email in an encrypted form by said first terminal, said encrypted e-mail being encrypted by means of a key generated by a first key generator using a seed, providing once said second user with said seed for generating a key with a second key generator provided in said second terminal, providing to and storing said seed in said second terminal, using said seed by said second terminal for generating a key each time an encrypted email from said first user to said second user is received, synchronizing a counting value in each terminal; and generating said key on the basis of said seed and a counting value in each terminal, independently of other terminal.
    Type: Grant
    Filed: September 13, 2004
    Date of Patent: October 6, 2009
    Assignee: Secured eMail Göteborg AB
    Inventor: Peter Davin
  • Patent number: 7581100
    Abstract: An interactive mutual authentication protocol, which does not allow shared secrets to pass through untrusted communication media, integrates an encryption key management system into the authentication protocol. The server provides ephemeral encryption keys in response to a request during a Session Random Key (SRK) initiation interval. SRK is provided for all sessions initiated in the SRK initiation interval. A set of ephemeral intermediate Data Random Keys (DRK) is associated with each request. A message carrying the SRK is sent to the requestor. A response from the requester includes a shared parameter encrypted using the SRK verifying receipt of the SRK. After verifying receipt of the SRK at the requester, at least one message is sent by the server carrying an encrypted version of one of said set of ephemeral intermediate DRK to be accepted as an encryption key for the session.
    Type: Grant
    Filed: September 2, 2003
    Date of Patent: August 25, 2009
    Assignee: Authernative, Inc.
    Inventor: Len L. Mizrah
  • Patent number: 7567672
    Abstract: In a cryptographic communication system, a prover is connected through a channel to a verifier. Elements a, b, c, d of a finite group are used as a public key and a parameter “x” as a private key, where “x” is a discrete logarithm of “b” to base “a”. The prover calculates e=a?b?, g=c?d? and h=c?d? (where ?=?+x(???) and ?, ? and ? are random values), and transmits e, g, h to the verifier, and shows that relations a??b??=e, c??d??=g, a??b??=e, and c??d??=h are established without transmitting random values ??, b?, ??, ??. The verifier determines whether the prover is capable of establishing such relations using the public key and e, g and h. The prover is said to establish a proof that “x” is not equal to discrete logarithm of “d” to base “c” only if the verifier simultaneously determines that the relations are established and g is not equal to h.
    Type: Grant
    Filed: November 24, 2004
    Date of Patent: July 28, 2009
    Assignee: NEC Corporation
    Inventor: Jun Furukawa
  • Patent number: 7561689
    Abstract: An apparatus is disclosed for generating keys having one of a number of key sizes. Memory sections of a memory element are adapted to store a portion of a key. The memory element has a size at least as large as a largest key size of a number of key sizes, the key having a size of one of the plurality of key sizes. Key generation logic is adapted to generate intermediate key results for the key by operating on values from the memory sections and from the intermediate key results. Key selection logic is adapted to route selected intermediate key results to selected ones of the memory sections. The control logic is adapted to determine the size of the key and, based at least partially on the size of the key, to select the selected intermediate key results and the selected ones of the memory sections. The selected intermediate key results comprise some or all of the key.
    Type: Grant
    Filed: June 17, 2004
    Date of Patent: July 14, 2009
    Assignee: Agere Systems Inc.
    Inventors: Prasad Avasarala, Amit Badole, Anil Narayan Nair, Rahul Vijay Wagh
  • Patent number: 7551737
    Abstract: A system and method for providing cryptographic keys which are usable in a network of connected computer nodes applying a signature scheme. The method employs: generating a random secret key usable in the network of connected computer nodes; generating an exponent interval I having a plurality of exponent elements, the exponent interval having a specified first random limit, wherein each element of the plurality of exponent elements of the exponent interval has a unique prime factor tat is larger than a given security parameter; and, providing a public key comprising an exponent-interval description including The first random limit, and a public key value derived from the random secret key, such That the random secret key and a selected exponent value from the plurality of exponent elements in the exponent interval I are usable for deriving a signature value on a message to be sent within The network to a second computer node for verification.
    Type: Grant
    Filed: March 25, 2004
    Date of Patent: June 23, 2009
    Assignee: International Business Machines Corporation
    Inventors: Jan Camenisch, Maciej A Koprowski
  • Publication number: 20090141899
    Abstract: A dual-mode wireless sensor network system including a local wireless sensor, a local event processing device, and a remote event processing device is provided. The local wireless senor detects and announces an abnormal event. The local event processing device and the remote event processing device receive the abnormal event announcement. When the local wireless senor detects the abnormal event, the local wireless sensor encrypts an abnormal event message related to the abnormal event with a regular mode key and transmits the encrypted abnormal event message to the local event processing device. When the local wireless sensor does not receive a response message from the local event processing device, the local wireless sensor encrypts the abnormal event message with a special mode key and transmits the encrypted abnormal event message to the remote event processing device. Thereby, the abnormal event can be successfully announced even with highly protected privacy.
    Type: Application
    Filed: February 27, 2008
    Publication date: June 4, 2009
    Applicant: INDUSTRIAL TECHNOLOGY RESEARCH INSTITUTE
    Inventors: Yi-Hsiung Huang, Lun-Chia Kuo
  • Patent number: 7542570
    Abstract: An information encrypting transmission and reception method in an information transmission and reception network composed of a plurality of senders and receivers having computers being connected and communicating each other via a web network and a data center having a server computer for receiving electronic key data of bit data formed by the senders and receivers and personal data such as address corresponding to each electronic key data to register the serer computer and certifying the senders and the receivers with each personal data.
    Type: Grant
    Filed: October 20, 2004
    Date of Patent: June 2, 2009
    Assignee: AESOP Corporation
    Inventor: Kiyoshi Iwata
  • Patent number: 7536014
    Abstract: A scrambling code generating apparatus of a downlink transmitter in a UMTS mobile communication system, which uses one primary scrambling code for separation of base stations and multiple secondary scrambling codes for channel separation. The apparatus includes a first m-sequence generator for generating a first m-sequence and a second m-sequence generator for generating a second m-sequence. A first summer adds the first and second m-sequences to generate the primary scrambling code. A plurality of first masking sections each shift the first m-sequence, and a plurality of second masking sections corresponding to the respective first masking sections each shifts the second m-sequence. A plurality of second summers each adds one of the first shifted m-sequences with the second m-sequence corresponding to the first m-sequence. The output of the second summers thus generates the multiple secondary scrambling codes.
    Type: Grant
    Filed: December 3, 2004
    Date of Patent: May 19, 2009
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jae-Yoel Kim, Hee-Won Kang
  • Publication number: 20090122981
    Abstract: A scramble key generation unit generates scramble keys (individual encryption keys) which are different from one another and which are for encrypting and decrypting distributing data, by subjecting a predetermined initial encryption key at least once to a unidirectional reverse replacement and at least once to a trapdoor-equipped unidirectional replacement. A time key generation unit generates a time key (master encryption key) for regenerating the scramble keys, by subjecting any of the scramble keys generated by the scramble key generation unit at least once to the unidirectional reverse replacement. Thus, it is possible to efficiently and flexibly generate the individual encryption keys for encrypting and decrypting the distribution data, and master encryption key capable of regenerating some of the individual encryption keys.
    Type: Application
    Filed: December 9, 2005
    Publication date: May 14, 2009
    Inventor: Yuichi Kaji
  • Publication number: 20090110193
    Abstract: A schryption of a text message is based on a schryption key for defining one or more aspects of an encryption and/or a decryption of the text message. For an encryption of the text message, the schryption key is derived from a user key in the form of an encryption key (e.g., a secret key or a public key), and the text message in the form of plaintext is encrypted as defined, at least partially, by the schryption key to thereby yield a ciphertext. For a decryption of the text message, the schryption key is derived from user key in the form of a decryption key (e.g., a secret key or a private key), and the text message in the form of a ciphertext is decrypted as defined, at least partially, by the schryption key to thereby yield a plaintext.
    Type: Application
    Filed: March 5, 2004
    Publication date: April 30, 2009
    Applicant: International Business Machines Corporation
    Inventor: Todd B. Schlomer
  • Patent number: 7526087
    Abstract: A random number generator. The random number generator includes a noise source, a circuit controlling random current consumption, and a circuit generating random bits. A noise voltage output from the noise source drives the circuit controlling random current consumption, which also generates a random control signal. The circuit generating random bits also includes a voltage-controlled oscillator, a plurality of frequency dividers, and a plurality of flip-flops. The voltage-controlled oscillator is controlled by both the noise voltage and the random control signal. The output of the voltage-controlled oscillator is input to the frequency dividers and the flip-flops to generate a random number.
    Type: Grant
    Filed: January 13, 2003
    Date of Patent: April 28, 2009
    Assignee: Industrial Technology Research Institute
    Inventor: Inng-Lane Sun
  • Patent number: 7502469
    Abstract: To generate a pseudo-random sequence of multi-carrier data symbols, a pseudo-random bit sequence is produced by repetitively generating a pseudo-random sequence of L bits, L being a first integer value. To create a multi-carrier data symbol, N bits are used, N being a second integer value. The pseudo-random bit sequence is subdivided into strings of N? bits, N? being a third integer value larger than N, and N bits out of each string of N? bits are used to generate a respective multi-carrier data symbol. N?-N bits out of each string of N? bits are left unused.
    Type: Grant
    Filed: October 28, 2005
    Date of Patent: March 10, 2009
    Assignee: Alcatel
    Inventor: Philippe Antoine
  • Patent number: 7493429
    Abstract: The present invention provides for trusted side-band communications between components in a computer system, so that use of the system bus may be avoided. Two components may be connected by means other than a bus (e.g., an infrared port, a wire, an unused pin, etc.), whereby these components may communicate without the use of the system bus. The non-bus communication channel may be referred to as “side-band.” The side-band channel may be used to communicate information that might identify the user's hardware (e.g., a public key) or other information that the user may not want to be easily intercepted by the public at large. Communication over the side-band channel may also be used to verify that the participants in a communication are within a defined positional relationship to each other.
    Type: Grant
    Filed: January 16, 2004
    Date of Patent: February 17, 2009
    Assignee: Microsoft Corporation
    Inventors: John E. Paff, Marcus Peinado, Thekkthalackal Varugis Kurien, Bryan Mark Willman, Paul England, Andrew John Thornton
  • Publication number: 20090037737
    Abstract: An Asynchronous Enhanced Shared Secret Provisioning Protocol (ESSPP) provides a novel method and system for adding devices to a network in a secure manner. A registration process is launched by at least one of two network devices together. These two devices then automatically register with each other. When two devices running Asynchronous ESSPP detect each other, they exchange identities and establish a key that can later be used by the devices to mutually authenticate each other and generate session encryption keys. An out-of-band examination of registration signatures generated at the two devices can be performed to help ensure that there was not a man-in-the-middle attacker involved in the key exchange.
    Type: Application
    Filed: October 6, 2008
    Publication date: February 5, 2009
    Applicant: MICROSOFT CORPORATION
    Inventor: Donald A. Zick
  • Patent number: 7457411
    Abstract: A system and method providing secure information. An encryption key is regenerated by performing byte addition of an encryption key, encrypted data, and a hash vector based upon an encryption key. A hash vector is hashed by scanning indexed bytes of an encryption key and using indices and associated values of indices of an encryption key as indices of two bytes in the hash vector to be swapped. An authentication key is regenerated by performing byte addition of an authentication key, an auxiliary key, and a hash vector based upon an authentication key.
    Type: Grant
    Filed: December 12, 2003
    Date of Patent: November 25, 2008
    Assignee: New Mexico Technical Research Foundation
    Inventor: Hamdy Soliman
  • Patent number: 7451316
    Abstract: A wireless station prepares to roam by pre-authenticating itself with a neighboring access point. The wireless station sends a rekey request, which can include an incremented rekey number. The wireless station receives a rekey response. The rekey response can include the incremented rekey number. Because the wireless station is pre-authenticated, after it roams it only needs to perform a two-way handshake with a new access point to establish secure communications with the new access point. The two-way handshake starts by the wireless station sending a reassociation request to the neighboring access point, the reassociation request comprising the incremented rekey number established during pre-authentication. The wireless station receives a reassociation response from the neighboring access point. To protect against replay attacks, the neighboring access point can verify the rekey number sent in the reassociation request matches the rekey number sent in the rekey response.
    Type: Grant
    Filed: July 15, 2004
    Date of Patent: November 11, 2008
    Inventors: David E. Halasz, Nancy Cam Winget, Robert C. Meier
  • Patent number: 7434054
    Abstract: An Asynchronous Enhanced Shared Secret Provisioning Protocol (ESSPP) provides a novel method and system for adding devices to a network in a secure manner. A registration process is launched by at least one of two network devices together. These two devices then automatically register with each other. When two devices running Asynchronous ESSPP detect each other, they exchange identities and establish a key that can later be used by the devices to mutually authenticate each other and generate session encryption keys. An out-of-band examination of registration signatures generated at the two devices can be performed to help ensure that there was not a man-in-the-middle attacker involved in the key exchange.
    Type: Grant
    Filed: March 31, 2004
    Date of Patent: October 7, 2008
    Assignee: Microsoft Corporation
    Inventor: Donald A. Zick
  • Publication number: 20080226066
    Abstract: A batch verification apparatus and method wherein, the method includes: generating a plurality of secret keys, a plurality of public keys corresponding to the plurality of secret keys, and a plurality of verification values corresponding to the plurality of public keys; calculating a first batch verification value based on the plurality of verification values; calculating a second batch verification value based on the plurality of secret keys and the plurality of verification values; comparing the first batch verification value and the second batch verification value; and determining that a batch of the received plurality of verification values is verified when the first batch verification value is equal to the second batch verification value.
    Type: Application
    Filed: August 3, 2007
    Publication date: September 18, 2008
    Applicant: Samsung Electronics Co., Ltd.
    Inventors: Jeong Hyun YI, Eunah Kim, Jung Hae Cheon
  • Patent number: 7418736
    Abstract: Security is provided in a network system. A message is received from a user, which message requires authentication of the user. An authentication message is sent indicating the identity of the user to an initial software security agent. The software security agent, on receipt of the authentication message, determines whether information relating to the user is stored on a security database associated with the software security agent, and, if so, the software security agent adds an authentication key to the authentication message. The authentication message is sent on to one or more further software security agents. The prior noted steps are repeated with the further software security agent(s) and, if user-related stored security information is found, adding an authentication key to the authentication message and sending the authentication message on to one or more further software security agents until the number of keys associated with the authentication message equals a predetermined number N.
    Type: Grant
    Filed: March 21, 2003
    Date of Patent: August 26, 2008
    Assignee: British Telecommunications PLC
    Inventor: Robert A Ghanea-Hercock
  • Patent number: 7406175
    Abstract: Disclosed is a key generator, which assures the security of a key by preventing a circuit designer and other persons from readily knowing the value of the key. Random number generator circuits (51, 52, 53 and so on) generate random numbers respectively in accordance with different clocks (CLK1, CLK2, CLK3, and so on). An arithmetic circuit (59) operates on the random numbers generated from the random number generator circuits (51, 52, 53 and so on) to generate an N-bit random number RA as the output from a random number generator (50). This N-bit random number is RA acquired via a key selector (43), and latched into a key register (45) in accordance with an acquisition enable signal EN from a timing monitoring counter (47), which is driven by a clock CLKA other than clocks CLK1, CLK2, CLK3, and so on, to obtain a hardware key, which is a unique secret key.
    Type: Grant
    Filed: April 17, 2003
    Date of Patent: July 29, 2008
    Assignee: Sony Corporation
    Inventors: Hiromi Matsuda, Eiichiro Morinaga, Masao Tanaka
  • Patent number: 7403619
    Abstract: The present invention relates to an interface module for a host (2) such as a digital television decoder, permitting the processing of information coming from the host (2) in a conditioned manner subject to a conditional access system (11), comprising authorization means (7) by which the user justifies his access rights.
    Type: Grant
    Filed: December 19, 2000
    Date of Patent: July 22, 2008
    Assignee: SmarDTV SA
    Inventor: Philippe Guenebaud
  • Patent number: 7386131
    Abstract: A digital certificate issuing system with intrusion tolerance ability and the issuing method thereof are disclosed. The system comprises an offline secret key distributor, at least one online task distributor, k online secret share calculators and m online secret share combiners.
    Type: Grant
    Filed: November 5, 2003
    Date of Patent: June 10, 2008
    Assignee: Graduate School of Chinese Academy of Sciences
    Inventors: Jiwu Jing, Dengguo Feng
  • Publication number: 20080118060
    Abstract: A method of decoding/encoding a content file is provided. The method of decoding a content file includes dividing an encoded content file into a plurality of data blocks, grouping the plurality of data blocks into a plurality of groups, generating a group content key for each of the plurality of groups, generating a plurality of block keys for the data blocks in each of the plurality of groups from the group content key generated for each of the plurality of groups, and decoding the plurality of data blocks using the plurality of block keys.
    Type: Application
    Filed: January 18, 2007
    Publication date: May 22, 2008
    Applicant: SAMSUNG ELECTRONCS CO., LTD.
    Inventors: Myung-Sun Kim, Hak-soo Ju, Ji-young Moon, Ju-hee Seo, Mi-hwa Park
  • Patent number: 7362863
    Abstract: A symmetric key cryptographic method is provided for short operations. The method includes batching a plurality of operation parameters (1503), and performing an operation according to a corresponding operation parameter (1505). The symmetric key cryptographic method is a Data Encryption Standard (DES) method. The short operations can be less than about 80 bytes. The short operations can be between 8 and 80 bytes. The method includes reading the batched parameters from a dynamic random access memory (1504), and transmitting each operation through a DES engine according to the operations parameter (1505).
    Type: Grant
    Filed: April 30, 2001
    Date of Patent: April 22, 2008
    Assignee: International Business Machines Corporation
    Inventors: Mark Lindemann, Ronald Perez, Sean William Smith
  • Patent number: 7362867
    Abstract: A scrambling code generating apparatus of a downlink transmitter in a UMTS mobile communication system, which uses one primary scrambling code for separation of base stations and multiple secondary scrambling codes for channel separation. The apparatus includes a first m-sequence generator for generating a first m-sequence and a second m-sequence generator for generating a second m-sequence. A first summer adds the first and second m-sequences to generate the primary scrambling code. A plurality of first masking sections each shift the first m-sequence, and a plurality of second masking sections corresponding to the respective first masking sections each shifts the second m-sequence. A plurality of second summers each adds one of the first shifted m-sequences with the second m-sequence corresponding to the first m-sequence. The output of the second summers thus generates the multiple secondary scrambling codes.
    Type: Grant
    Filed: July 7, 2000
    Date of Patent: April 22, 2008
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Jae-Yoel Kim, Hee-Won Kang
  • Patent number: 7350077
    Abstract: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.
    Type: Grant
    Filed: April 17, 2003
    Date of Patent: March 25, 2008
    Assignee: Cisco Technology, Inc.
    Inventors: Robert Meier, Richard D. Rebo, Victor J. Griswold, Douglas Smith, Nancy Cam Winget
  • Patent number: 7349545
    Abstract: A key agreement method for secure communication in a multiple access system is provided.
    Type: Grant
    Filed: March 26, 2001
    Date of Patent: March 25, 2008
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: A-jung Kim
  • Patent number: 7308104
    Abstract: Disclosed are a forward multiple scrambling code generating method and apparatus in a communication system. Each base station uses primary scrambling codes and an associated one of secondary scrambling code sets, each consisting of a plurality of secondary scrambling codes. When an n-th one of the primary scrambling codes is to be generated, an initial value of the scrambling code generator is set with a binary value of “n,” so that a desired primary scrambling code is generated using the initial value. When an n-th one of the secondary scrambling codes in an m-th one of the secondary scrambling code sets is to be generated, an initial value of the scrambling code generator is set with a value obtained by shifting the n-th primary scrambling code by m times, thereby generating a desired secondary scrambling code.
    Type: Grant
    Filed: August 15, 2000
    Date of Patent: December 11, 2007
    Assignee: LG Information & Communications, Ltd.
    Inventors: Ki Jun Kim, Young Jo Lee, Young Cho Kim
  • Patent number: 7280659
    Abstract: In a buffer and a state included in a pseudorandom number generating apparatus, the state has the configuration of assuming that the unit length of data processing is n, the state has a size of 3×n bits, and the buffer has a capacity of 32×n bits, and according to clock control, a state transformation section (state transformation function) for conducting a state alteration from time t to time t+1 uses a nonlinear function F (having an n-bit input and an n-bit output) twice, or two different nonlinear functions F and G respectively once. The state transformation section has such a configuration that a nonlinear function such as a round function of a block cipher sufficiently evaluated as to the cryptographic security and implementation.
    Type: Grant
    Filed: April 18, 2002
    Date of Patent: October 9, 2007
    Assignee: Hitachi, Ltd.
    Inventors: Dai Watanabe, Soichi Furuya, Kazuo Takaragi
  • Patent number: 7269736
    Abstract: First and second computing devices are selectively operatively coupled together. The first device provides data to the second device. The second device can be a portable computing device. The second device is configured to encrypt/decrypt the data, as needed by the first device. The second device maintains the cryptographic key data internally. As such, the first device, which, for example, may be a personal computer will only maintain the returned encrypted data following encryption and only temporarily use any returned decrypted data. Thus, by physically and operatively distributing the cryptographic processing/maintenance between the two devices, additional security is provided for protecting private data.
    Type: Grant
    Filed: February 28, 2001
    Date of Patent: September 11, 2007
    Assignee: Microsoft Corporation
    Inventors: Michael Howard, Jason Garms
  • Patent number: 7260215
    Abstract: A method and apparatus for secure distribution of information over a network, comprising: encrypting payload information using a first encryption key in a first data processor; sending the payload information encrypted using the first encryption key to a second data processor; encrypting the payload information encrypted using the first encryption key using a second encryption key in the second data processor; and sending the payload information encrypted using the first encryption key and the second encryption key to a third data processor, and generating a decryption key based on the first encryption key and on the second encryption key, such that the decryption key is operable to compute the payload information by decrypting the payload information encrypted using the first encryption key and the second encryption key.
    Type: Grant
    Filed: September 4, 2002
    Date of Patent: August 21, 2007
    Assignee: PortAuthority Technologies Inc.
    Inventors: Lidror Troyansky, Ofir Carny
  • Patent number: 7248691
    Abstract: A hashing structure including multiple sub-hashes is used to determine whether an input value matches one or more of multiple target values. These values can be of any form, such as security identifiers in an access control system. To make the determination, a hash key is obtained from the input value and multiple sub-hash indexes (one for each of the multiple sub-hashes) are generated based on the key. Values are identified from the multiple sub-hashes by indexing into the sub-hashes using respective ones of the sub-hash indexes. These values are then combined to generate a resultant hash value. Each of the multiple target values corresponds to one of multiple portions of the resultant hash value. If the portion corresponding to one of the target values has a particular value, then that target value is a likely match and is compared to the input value to determine if indeed the two match.
    Type: Grant
    Filed: October 31, 2000
    Date of Patent: July 24, 2007
    Assignee: Microsoft Corporation
    Inventors: Bhalchandra S. Pandit, Robert P. Reichel, Jeffrey B. Hamblin, Kedarnath A. Dubhashi
  • Patent number: 7248692
    Abstract: In a method of determining a pair of numbers comprising a first number and a second number, in which the first number may be a first key and the second number may be a second key of an encryption system and the second number is the multiplicative inverse with respect to a modulus of the first number, said modulus being equal to the product of a first prime number and a second prime number, the first number is selected first. Thereafter, a first sub-number for the second number is computed as a multiplicative inverse of the first number with respect to a first sub-modulus that is equal to the first prime number minus 1 divided by the greatest common divisor of the first prime number minus 1 and the second prime number minus 1. Then, a second sub-number for the second number is computed as multiplicative inverse of the first number with respect to a second sub-modulus that is equal to the second prime number minus 1, with said first sub-modulus and said second sub-modulus being relatively prime.
    Type: Grant
    Filed: May 30, 2003
    Date of Patent: July 24, 2007
    Assignee: Infineon Technologies AG
    Inventor: Jean-Pierre Seifert
  • Patent number: 7236593
    Abstract: An apparatus for encryption and decryption, capable of use in encryption and decryption of advanced encryption standard. Byte substitution operation and inverse byte substitution operation are to be combined. Byte substitution operation can be expressed as y=M*multiplicative_inverse(x)+c while inverse byte substitution operation can be expressed as x=multiplicative_inverse(M?1*(y+c)), wherein M and M?1 are inverse matrix of each other and c is a constant matrix. Since the two equations employ a look-up table, that is, multiplicative_inverse(x), the lookup tables for use in byte substitution and inverse byte substitution operations are to be combined according to the invention so as to lower hardware complexity of the implementation. In addition, main operations of column mixing operation and inverse column mixing operation are to be rearranged to combine the two operations in part, resulting in simplified hardware implementation.
    Type: Grant
    Filed: March 29, 2002
    Date of Patent: June 26, 2007
    Assignee: Industrial Technology Research Institute
    Inventors: Chih-Chung Lu, Shau-Yin Tseng
  • Patent number: 7227956
    Abstract: A signal transmitted from a first device to a second device is encrypted using an encryption key generated from a preceding part of the signal itself. The signal is decrypted in the second device using a decryption key generated from a preceding part of the received and decrypted signal. This encryption method provides effective privacy protection, because the encryption and decryption keys are constantly changing. Since the transmitted signal provides its own encryption and decryption keys, the method is inexpensive to implement, and can be used in systems such as packet transmission systems that transmit signals intermittently.
    Type: Grant
    Filed: January 24, 2006
    Date of Patent: June 5, 2007
    Assignee: Oki Electric Industry Co., Ltd.
    Inventor: Kazumi Onishi
  • Patent number: 7224796
    Abstract: In a buffer and a state included in a pseudorandom number generating apparatus, the state has the configuration of assuming that the unit length of data processing is n, the state has a size of 3×n bits, and the buffer has a capacity of 32×n bits, and according to clock control, a state transformation section (state transformation function) for conducting a state alteration from time t to time t+1 uses a nonlinear function F (having an n-bit input and an n-bit output) twice, or two different nonlinear functions F and G respectively once. The state transformation section has such a configuration that a nonlinear function such as a round function of a block cipher sufficiently evaluated as to the cryptographic security and implementation.
    Type: Grant
    Filed: January 16, 2002
    Date of Patent: May 29, 2007
    Assignee: Hitachi, Ltd.
    Inventors: Dai Watanabe, Soichi Furuya, Kazuo Takaragi