Abstract: A method of applying an authentication image to an article is presented. The method comprises obtaining a digitized version of the authentication image, encoding the digitized version of the authentication image to produce an encoded latent image, and printing the encoded latent image on a printable surface of the article using a transmittent printing medium.

Abstract: Images are steganographically marked with codes that can be used, e.g., by reference to a remote registry, to identify the image proprietors. Some embodiments pre-mark blank emulsion film or paper products with such codes, so that images formed thereon can be traced back to their proprietors. A variety of other embodiments and technologies are also disclosed.

Abstract: A method, system, and computer program product for dynamically adjusting the encryption level based on the geographic location of a software program are disclosed. The method includes an initial step of determining a geographic location associated with the software program. An encryption level is selected based upon the determined geographic location. The software program is then executed utilizing the selected encryption level. In one embodiment, determining the geographic location is achieved by determining the geographic location of a computer system on which the software program will be executed, preferably through the use of a Global Positioning System. The Global Positioning System may comprise an I/O device of the computer system on which the software executes. In one embodiment, the selected encryption level may be overridden by a Smart Card or other secure device connected to the computer system. In one embodiment, the available encryption levels include, at a minimum, a U.S.

Abstract: A method and system for providing a hash and a complement of the hash for an item in a computer system are disclosed. The method and system include providing a plurality of components from the item. The plurality of components include a first component and a last component. Each of the plurality of components includes a particular number of bits. The method and system also include cascading the plurality of components through at least one XOR to provide a plurality of resultants. The plurality of resultants includes a first resultant and a final resultant. The final resultant includes only the last component. The first resultant includes an XOR of the first component and remaining cascaded components of the plurality of components. The method and system also include applying an invertible hash function and an invertible hash function complement to at least the first resultant to provide the hash. The complement of the hash includes the plurality of resultants except the first resultant.

Abstract: The invention relates to securing of information utilising optical imaging technologies and more specifically to phase encryption and decryption of images. An image is encrypted into a mask having a plurality of mask resolution elements (Xm, Ym) by encoding the image using e.g. a phase mask with an encoded phase value ? (Xm, Ym) and an encoded amplitude value a (Xm, Ym), and by further encrypting the mask (using e.g. a spatial light modulator) by addition of an encrypting phase value ?c (Xm, Ym) to the encoded phase value ? (Xm, Ym) and by multiplication of an encrypting amplitude value ac (Xm, Ym) with the encoded phase value a (Xm, Ym).

Abstract: A content usage control system comprises a copyright holder system, content server, license server and user system. The ACL setting section of the copyright holder system sets a license ACL expressed as a structure by a combination of logic sums and logic products of a plurality of partial licenses for the content, based on the user ID and a plurality of physical element IDs including media used in the user system, and stores the license ACL in an access control list. The license server controls the usage of the content by the user utilizing the access control list.

Abstract: It is an object of the present invention to provide a method and an apparatus for generating a safe normal form elliptic curve transformable to a Montgomery type elliptic curve as well as to provide an elliptic curve cryptosystem and a storage medium therefor. To achieve the above object, conditions concerning a curve order are extracted from criteria for transformability of a normal form elliptic curve to a Montgomery type elliptic curve and are given in a curve parameter generator incorporating a transformability judgement unit. Furthermore, to generate a curve having a cofactor of 4, the condition whether a curve order is divisible by 8 is given.

Abstract: A method of testing a randomizer having at least one source of probabilistic data and a device for mixing the probabilistic data to form random data, where the probabilistic data includes at least two states, by receiving a probability of occurrence of each of the at least two states in the probabilistic data; squaring each probability of occurrence; generating a row vector a of the results of the last step; receiving a probability of transition between each of the at least two states in the probabilistic data; squaring the transition probabilities; generating a matrix B of the results of the last step; generating a column vector c having entries equal in number to the at least two states in the probabilistic data, where each entry is 1; computing S(P)=a(B{circumflex over ( )}(L−1))c for each at least one source of probabilistic data, where L is a number of outputs of probabilistic data processed by the randomizer to produce m bits of output; if the at least one source of probabilistic data is gr

Abstract: A system and method for determining winner is capable of keep all of the voting contents secret with permitting only determination of winning or losing, and further permitting the third party to verify the determination. The system generally includes voter sub-systems for voting a voting value indicative of a selected event among a finite number of events, and a management sub-system for identifying at least one voter sub-system voted a winning value determined among the finite number of events as a winner. The voter sub-system includes encrypting parameter obtaining means for obtaining an encrypting parameter depending upon the voting value, encryption processing means for generating a cryptographic voting data by performing encrypting process on the basis of the encrypting parameter obtained by the encrypting parameter obtaining means, and transmitting means for transmitting the cryptographic voting data generated by the cryptography processing means.

Abstract: A reproduction apparatus (e.g., photo kiosk) includes a lens for imaging a customer-provided original onto an opto-electronic detector for producing image data, and a reproduction system for producing a copy therefrom. Images that are to be resistant against copying on such apparatuses can be printed on photographic emulsion medium having a subliminal marking. The marking can be detected from visible-light scan data corresponding to the medium, yet such marking is inconspicuous upon human inspection. The apparatus passes the scan data to a processor that looks for evidence of such a marking. If found, the processor issues a signal that interrupts a usual reproduction-making process of the apparatus. The system is useful, e.g., to prevent unauthorized copying of professional photographs, such as wedding portraits.

Abstract: A source of MPEG2 video data is connected with a dedicated AV device or personal computer by means of an IEEE 1394 interface. A transmission unit in the source has an IEEE 1394 encryption unit and a sending I/F unit. A reception unit varies between the dedicated AV unit and the personal computer. In the reception unit of the dedicated AV device, a receiving I/F unit and a decryptor are integrally incorporated into one semiconductor chip and an MPEG2 decoder is incorporated into one semiconductor chip. In the reception unit of the personal computer, the receiving I/F unit is formed of one semiconductor chip, and the decryptor connected to the I/F unit through a bus, and the MPEG2 decoder are formed of one semiconductor chip. Thus, data before decryption will not appear on the bus, which prevents MPEG2 video data from being taken out of the computer for illegal copying purposes.

Abstract: A capacitance sensor usable as a fingerprint sensor is provided in which a timing controller (16) provides such a switching control as to first cause a switch (SA) in a sensor cell (100−k) to turn on to set the potential at a sense electrode to a reference potential and then a switch SB to turn on after the switch (SA) is turned off, whereby charge is stored from the sensor cell (100−k) into a reference capacitance Cf1 of a sensing circuit (13−k), the sensitivity of sensing the capacitance is raised by increasing the number of times the charge storage is repeated and only signal components are extracted by reducing noise components by averaging.

Abstract: The secrecy security of coded data can be improved markedly by making it possible to freely vary, within a plurality of natural numbers, the values as the result of coding and decoding operations by a converter using a feedback coding method. As a digital information secrecy security system, the proposed coding method employs a feedback coding method, wherein a Latin square composed of a plurality of natural numbers is used for operation in a converter component of coder and decoder. An initial value IV is set for each of coder and decoder. A preceding coded signal is used as a feedback signal and a feedforward signal for enabling natural numbers to be used as the result of coding, thereby markedly improving the secrecy security of coded signal.

Abstract: The present invention relates to a highly secure personal identification related document. In one implementation, the highly secure personal identification related document is achieved by having an area which contains machine readable information and also having a printed region having embedded data in the image printed thereon.

Abstract: Instead of immediately encrypting a plain text, a n-bit plain text is first converted to a m-bit of expanded plain text in order to limit the weight of the plain text to w, and that expanded plain text is then encrypted. By first converting the plain text to the expanded plain text wherein the weight has been limited, a smaller modulus can be used, and therefore the rate (or encryption efficiency) rises.

Abstract: Encryption and decryption methods for 3-dimensional shape data, especially copyrighted data, useful for detecting unauthorized use or piracy of a 3-dimensional object's shape represented by the 3-dimensional shape data are provided. An alteration is added to 3-dimensional shape data representing a 3-dimensional object by using an encryption key. The encrypted data, having been altered, are distributed. The 3-dimensional object represented by the encrypted data is distorted and different from the original 3-dimensional object. The recipient of the encrypted data can obtain the original 3-dimensional shape data by reversing the alteration of the encrypted data by using a decryption key.

Abstract: A method and circuit for preventing external access to secure data of an integrated circuit while supporting DFT is disclosed. In accordance with the method the integrated circuit is automatically placed into the test mode at integrated circuit power-up from a power-down state. At power up, secure data is other than present within a secure data-path of the integrated circuit. Access is provided to the secure data path via a second data path coupled with the first secure data-path. Via the access path, data other than secure data is provided to the integrated circuit, the data for performing test functions of the integrated circuit operating in the test mode. Once data other than secure data is provided to first secure data path, the test mode is terminated and access via other than the secure ports is disabled. The test mode is only re-entered by powering down the integrated circuit and re-initialising it.

Abstract: It is said that all things in our universe are linked and even a small disturbance at one point will reverberate and affect all other constituent elements. This statement may be refuted in the real world, but is becoming valid in the virtual world where most activities can be watched by others linked to the Web. One solution used to stop internet intruders from reading messages, credit cards and files is encryption. Encryption is the altering of original information using various techniques and transmitting that data for decryption. A problem with file encryption is that a hacker who is able to access an encrypted file will get enough indication the file is encrypted to trigger his curiosity to discover the real information. If a file is intercepted by a skilled hacker all the effort to encrypt the file is useless. * Data needs to be transmitted in such a way that it prevents others from reading it directly.

Abstract: The invention relates to an apparatus and method for enhancing the security of selected information associated with a negotiable document, such as the monetary value of a cheque. In the invention, one or more security features are printed or applied onto the cheque. One such security feature is an encrypted control code. The preferred embodiment employs a secret key cryptographic scheme to encrypt the monetary value and thereby generate a first control code which is printed on the cheque. When the cheque is presented for payment, a validator, such as bank or cheque clearing house, employs a verification system having a copy of the encryption key to read the monetary value from the cheque and re-encrypt it according to said scheme to generate a second control code. The cheque is not honored if the first and second control codes are not identical. Another security feature is a security image, composed, for instance, from a foreground image of the monetary value superimposed over a background motif image.

Abstract: Digital data is provided with a time stamp of an internal time signal of an internal clock. The internal time signal is validated by receiving and evaluating an internal broadcast or a cable signal of an external time source, from which a standard time can be derived, comparing the standard time with the internal time signal of the internal clock, and time stamping the digital data. The digital data is time stamped only if a time difference between the internal and external time signals lies within a given tolerance range. Finally, the time-stamped digital data is encrypted.

Abstract: Data areas AR1 and AR2, lead-in areas LIN1 and LIN2, and lead-out areas LOUT1 and LOUT2 are provided on a disc. For example, in case of encrypting and recording data into the data area AR2, copyright management information R2 and key information K2 are recorded into the lead-out area LOUT2. Only information in a Q channel of a subcode is recorded in the lead-out area and this area is filled with dummy data. A position of the lead-out is obtained from TOC information. The fact that a light spot has entered the lead-out area can be judged from the information in the Q channel. The copyright management information and key information are recorded by using the lead-out area. The lead-out area is not rewritten or accessed by an ordinary CD player, so that the copyright management information and the key information can be safely held.

Abstract: A fluid separation conduit cartridge that is operative to encrypt, decrypt, transmit and receive information is disclosed. The conduit cartridge encrypts information sent to an analytical system or an operating facility in communication with the conduit cartridge and can decrypt encrypted information received from an analytical system or an operating facility in communication with the conduit cartridge.

Abstract: A method and circuit for preventing external access to secure data of an integrated circuit while supporting DFT is disclosed. In accordance with the method the integrated circuit is automatically placed into the test mode at integrated circuit power-up from a power-down state. At power up, secure data is other than present within a secure data-path of the integrated circuit. Access is provided to the secure data path via a second data path coupled with the first secure data-path. Via the access path, data other than secure data is provided to the integrated circuit, the data for performing test functions of the integrated circuit operating in the test mode. Once data other than secure data is provided to first secure data path, the test mode is terminated and access via other than the secure ports is disabled. The test mode is only re-entered by powering down the integrated circuit and re-initializing it.

Abstract: A telephone disconnect system having a current-sensitive relay which automatically operates to electrically connect the telephone lines to the telephone network when the cradle switch of the telephone is closed, and which automatically operates to electrically disconnect the telephone lines from the telephone network when the cradle switch is open thus providing protection against the use of a cradled telephone as a clandestine listening device.

Abstract: A digital watermarking method receives multimedia data, such as images or audio, in compressed or uncompressed form, and extracts a digital watermark while counteracting geometric distortions. To counteract geometric distortion, a watermark reading process translates the data before extracting the digital watermark. The reading process operates on compressed data such as JPEG or MPEG images, which are comprised of compressed blocks of image data.

Abstract: Technology is now available permitting consumers to make amateur- or even professional-grade copies of photographs. For wedding and portrait photographers, in particular, the business of making duplications is fundamental to their livelihoods. The threat of such copying is felt strongly. To redress these concerns, a machine-readable marking is provided on emulsion films, photographic papers, and the like. The marking encodes digital information, yet is essentially imperceptible to the human eye. A photographic duplication kiosk can be constructed to read this embedded information and, if warranted by the embedded information, to disable the kiosk's copying function. An exemplary embodiment pre-exposes the photographic product with a spatial domain representation of the embedded data, and may include rotationally symmetric one- or two-dimensional patters. Numerous other implementations are similarly practical.

Abstract: A kernel mode protection circuit includes a processor, a program counter, a kernel program fetch supervisor circuit, a kernel data fetch supervisor circuit, a program memory, a data memory, a flip-flop circuit and two AND circuits. The data memory includes two user memories, protected registers and random access memory (RAM). The program memory includes two user memories and a kernel read only memory (ROM). The circuit may operate in either a user mode (kernel ROM is not accessible) or a kernel mode (kernel ROM is accessible). When in the kernel mode the kernel RAM and certain protected registers are accessible only by a secure kernel. The kernel mode control circuit will reset the processor should a security violation occur, such as attempting to access the kernel RAM while in the user mode.

Abstract: Secure transmission of data is provided between a plurality of computer systems over a public communication system, such as the Internet. Secure transmission of data is provided from a customer computer system to a merchant computer system, and for the further secure transmission of payment information regarding a payment instrument from the merchant computer system to a payment gateway computer system. The payment gateway system formats transaction information appropriately and transmits the transaction to the particular host legacy system. The host legacy system evaluates the payment information and returns a level of authorization of credit to the gateway which packages the information to form a secure transaction which is transmitted to the merchant which is in turn communicated to the customer by the merchant. The merchant can then determine whether to accept the payment instrument tendered or deny credit and require another payment instrument.

Abstract: Cryptographic methods are disclosed, which allow a prover party, who holds a number of secrets, to demonstrate satisfiable formulas of propositional logic, wherein the atomic propositions are linear relations between the secrets. The demonstration reveals no more information than is contained in the formula itself. Some implementations allow an unlimited number of such demonstrations to be made, without revealing any additional information about the secrets, whereas other implementations ensure that the secrets, or some of the secrets, will be revealed, if a demonstration is performed more than a predetermined number of times. The demonstrations may be zero-knowledge proofs, or signed proofs.

Abstract: The present invention is an apparatus for generating random bits from a computer system. The apparatus comprises a rotating storage device operating within the computer system. A rotational latency of the rotating storage device is associated with the computer system accessing information from the storage device with the rotational latency causing the accessing of the information to have an entropy. An extraction mechanism extracts random bits derived from entropy of the rotational latency of the storage device.

Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection.

Abstract: A quantum state or qubit is transmitted from a sender to receiver using a quantum teleportation. For this purpose, first, second and third photons are successively produced from a laser source. The first photon is modified in polarization according to encoded information to be sent. The second and third photons are mutually quantum-mechanically correlated and shared by the sender and receiver, respectively. The sender measures the polarized states of the coincidentally appearing first and second photons and transmits measurement outcomes to the receiver via classical communication. The receiver recovers information of the first photon from the third photon based on his measurement and the measurement outcomes transmitted by the sender.

Abstract: A method and device are provided for controlling access to data. Portions of the data are protected and rules concerning access rights to the data are determined. Access to the protected portions of the data is prevented, other than in a non-useable form; and users are provided access to the data only in accordance with the rules as enforced by a mechanism protected by tamper detection. A method is also provided for distributing data for subsequent controlled use of those data. The method includes protecting portions of the data; preventing access to the protected portions of the data other than in a non-useable form; determining rules concerning access rights to the data; protecting the rules; and providing a package including: the protected portions of the data and the protected rules. A user is provided controlled access to the distributed data only in accordance with the rules as enforced by a mechanism protected by tamper protection.

Abstract: The invention relates to methods and apparatuses for acquiring a physical measurement, and for creating a cryptographic certification of that measurement, such that its value and time can be verified by a party that was not necessarily present at the measurement. The certified measurement may also include corroborative information for associating the actual physical measurement process with the certified measurement. Such corroborative information may reflect the internal or external state of the measurement certification device, as well as witness identifiers of any persons that may have been present at the measurement acquisition and certification. The certification may include a signal receiver to receive timing signals from a satellite or other external source. The external timing signals may be used to generate the time included in the certified measurement, or could be used to determine the location of the measurement certification device for inclusion in the certified measurement.

Abstract: In a digital information system for realizing the sale of information or the like having a commercial value in the form of a digital signal, and an audio processor, and signal processor suitably used with the system, when a digital signal is received/delivered, a digital signal source is connected directly to a player for receiving and storing a specified information, which is reproduced by the player independently. A voice interval of a digital audio signal is processed to realize the slow and fast playback. The system includes a data compressor and a data extender of simple configuration. The value of the digital signal received/delivered can be exhibited directly. A selling system is constructed easily, and the player is simple in configuration and easy to operate by anyone.

Abstract: A system and method for data recovery is described. In one embodiment, an encrypting system encrypts a message or file using a secret key (KS) and attaches a key recovery field (KRF), including an access rule index (ARI) and KS, to the encrypted message or file. To access the encrypted message or file, a decrypting system must satisfactorily respond to a challenge issued by a key recovery center. The challenge is based on one or more access rules that are identified by the ARI included within the KRF.

Abstract: The circuit uses a current sensing device that is controlled by the telephone line current. The telephone lines are connected to the contacts of a push-button switch, and a diode bridge is connected across contacts of the switch. Further, the circuit has a DC slow-release relay that is located across the output of the diode bridge. The telephone lines are also connected to the relay contacts of the DC slow release relay. A capacitor is placed across the telephone lines, and another capacitor is placed between the diode bridge and one of the relay contacts of the DC slow-release relay. The two capacitors act to shunt any radio frequencies that occur in the circuit as a result of an attempt to obtain information by RF saturation techniques.

Abstract: The machine involves code wheels in cascade or in a maze with random or mixed circuits which operate a printing device to print the cipher conjugate of the letter on an operated key when the keyboard is connected to one end of the code wheel maze, and to print the plain conjugate of the letter in cipher when a key bearing such letter is operated with the keyboard connected to the other end of the code wheel maze. The printer is connected to the end of the code wheel maze opposite the end to which the keyboard is connected in both cases.

Abstract: A system for enabling verified or verifiable communications while maintaining anonymity, in which a common public parameter, such as a prime number, and a registered signature are changed, respectively, by a specifier and a signer to provide a digital signature which accompanies a message sent from the signer to a verifier.

Abstract: An application which requests cryptographic services from various service elements within an international cryptography framework is identified through a certificate to protect against the misuse of a granted level of cryptography. A cryptographic unit, one of the framework core elements, builds several certification schemes for application objects. One or more methods are provided that establish a degree of binding between an application code image and issued certificates using the framework elements. Within the framework, the application is assured of the integrity of the cryptographic unit from which it is receiving services. One or more mechanisms are provided which allow the application to validate that the cryptographic unit has not been replaced or tampered with.

Abstract: The cryptographic system automatically and continuously changes the cipher equivalents representing plaintext characters so as to prevent any periodicity in the relationship. The system has a series of juxtaposed, rotatable, connection changing mechanisms to provide a large number of alternative paths for the passage of an electric current corresponding to a message character. Further, the system has parts for the irregular and permutative displacements of the members of a set of circuit changing mechanisms to thwart cryptanalysis. The juxtaposed cipher commutators are controlled by cam wheels of different diameters.

Abstract: A computer network security system provides generation of a certificate revocation list (CRL) upon each revocation. The entire certificate revocation list may be published on demand, or only the portion that has changed. The computer network security system provides on-demand publishing of data identifying revoked certificates, such as revocation and expiration data, in response to receipt of revocation request data. The computer network security system stores the on-demand published data for analysis by one or more network nodes, such as a client, to determine whether a certificate is valid. The network nodes include certificate revocation list cache memory that may be selectively activated/deactivated, to effect storage/non-storage of the data identifying the revoked certificates.

Abstract: Disclosed is an optical disk barcode forming method wherein, as information to be barcoded, position information for piracy prevention, which is a form of ID, is coded as a barcode and is recorded by laser trimming on a reflective film in a PCA area of an optical disk. When playing back the thus manufactured optical disk on a reproduction apparatus, the barcode data can be played back using the same optical pickup.

Abstract: A system and method for enabling sensitive authentication information to be under the control of the service provider and transmitting only non-sensitive authentication information to the AC, and for providing a secure technique for generating sensitive authentication information and for securely transmitting to and storing the information in the mobile system (MS) and a storage device controlled by the service provider. The present invention utilizes a secure authentication center (SAC) and a secure A-key management system (SAMS) to perform authentication. The present invention automatically and securely generates and programs an MS and SAMS with the sensitive authentication information while significantly reducing the risk of misappropriation of the sensitive authentication information.

Abstract: Technology is now available permitting consumers to make amateur- or even professional-grade copies of photographs. For wedding and portrait photographers, in particular, the business of making duplications is fundamental to their livelihoods. The threat of such copying is felt strongly. To redress these concerns, a machine-readable marking is provided on emulsion films, photographic papers, and the like. The marking encodes digital information, yet is essentially imperceptible to the human eye. A photographic duplication kiosk can be constructed to read this embedded information and, if warranted by the embedded information, to disable the kiosk's copying function. An exemplary embodiment pre-exposes the photographic product with a spatial domain representation of the embedded data, and may include rotationally symmetric one- or two-dimensional patterns. Numerous other implementations are similarly practical.

Abstract: A method of evaluating a cryptosystem to determine whether the cryptosystem can withstand a fault analysis attack, the method includes the steps of providing a cryptosystem having an encrypting process to encrypt a plaintext into a ciphertext, introducing a fault into the encrypting process to generate a ciphertext with faults, and comparing the ciphertext with the ciphertext with faults in an attempt to recover a key of the cryptosystem.

Abstract: The crytographic system automatically and continuously changes the cipher equivalents representing plaintext characters so as to prevent any periodicity in the relationship. The system has a series of juxtaposed, rotatable, connection changing mechanisms to provide a large number of alternative paths for the passage of an electric current corresponding to a message character. Further, the system has parts for the irregular and permutative displacements of the members of a set of circuit changing mechanisms to thwart cryptanalysis.

Abstract: An encoding technique of the invention protects software programs and hardware designs from being copied, tampered with, and its functions from being exposed. The software programs and hardware designs (collectively called programs) thus encoded still remain executable. The encoding technique employs the concept of complexity of programs and produces proximity inversion in terms of functions contained in the programs, while preserving the behaviors. Various embodiments are possible to achieve this encoding which includes, for example, cascading and intertwining of blocks of the programs.

Abstract: An intelligent agent and its client communicate using a selector known by both parties to generate and interpret messages and thereby effectively disguise confidential information transmitted in the messages from third parties. Moreover, a neural network is used to implement the decision logic and/or the message disguising functions of an agent such that the logic employed in such functions is not readily reverse compiled or scanned by third parties.

Abstract: An apparatus and method for concealing data bursts in an analog scrambler using audio repetition. What otherwise would be periodic data bursts appearing at the audio output are replaced with samples from audio portions of the multiplexed signal. Preferably the replaced audio samples come from immediately past portions of the audio of the signal. The data bursts are therefore effectively concealed from the audio output which improves on the degradation of audio otherwise caused by the data bursts that are mixed in periodically with the audio portions of the signal.