Abstract: The invention is directed to a method for a software provider to enable a software-acquiring entity to arrive from an existent first signed piece of code at a second signed piece of code. Both pieces of code were generated at the software provider by use of a first software archive generator under use of generation instructions. The software provider provides to the software-acquiring entity a difference code that comprises the steps necessary to arrive from the first signed piece of code at the second signed piece of code. The difference code is combinable at the software-acquiring entity with the first signed piece of code by a second software archive generator to generate the second signed piece of code. The second software archive generator is therefor to be fed with those generation instructions that were used by the first software archive generator for the generation of both pieces of code.

Abstract: A method and apparatus for a third party authentication server is described. The method includes receiving a record ID for a user, and a one-time key generated by the server and encrypted with a user's public key by the server. The method further includes receiving the user's authentication data from the client, and determining if the user's authentication data matches the record ID. If the authentication data matches the record ID, decrypting the one-time key with the user's private key, and returning the decrypted one-time key to the client.

Abstract: For transporting packets between an access interface of a subscriber installation and a concentrating router of a shared network the access interface carries out control operations on streams of packets transmitted to the concentrating router, within the framework of a contract between the subscriber and a manager of the shared network. After having carried out the control operations concerning a packet to be transmitted, the access interface transmits this packet to the concentrating router with a signature based on a secret shared with the concentrating router, authenticating that the packet has been subjected to the control operations.

Abstract: A system and method are presented for assuring electronic documents containing active content. Aspects of the system and method are directed to storing a copy of input data called by the active content in a first invocation of the electronic document, then, on subsequent invocations of the electronic document, using the stored copy of the input data instead of calling for input data from the computing environment. In this way, the output from the subsequent invocations of the electronic document are the same as the output from the first invocation of the electronic document.

Abstract: Content material is protected with a variety of watermarking processes. Different subsets of the protected content material are submitted to different watermarking processes. At the rendering device, a watermark detector is configured to detect one or more different watermarks. Only if the particular watermark(s) that the rendering device is configured to detect is removed from the protected content material will the rendering device permit the rendering of the protected material. If the particular watermark(s) that the rendering device is configured to detect is unpredictable, or if the particular segment that is protected by a particular watermark is undetectable, a wholesale removal of specific watermarks from the watermarked material will neither be efficient nor economically viable.

Abstract: A device renders content on a medium by obtaining a table from the medium, obtaining a device key (DK) of the device and an index value of such (DK), indexing into an entry of the table based on the obtained index value, selecting an encrypted secret from the indexed-into entry, applying the obtained device key (DK) to the selected encrypted secret to expose the secret, and applying the exposed secret to render the content.

Abstract: The disclosure describes methods for using digital watermarking to authenticate digital media signals, such as images, audio and video signals. It also describes techniques for using embedded watermarks to repair altered parts of a media signal when alteration is detected. Alteration is detected using hashes, digital watermarks, and a combination of hashes and digital watermarks.

Abstract: Disclosed is a method of loading data into a data processing device. The method comprises receiving a payload data item by the data processing device; performing a cryptographic authentication process to ensure the authenticity of the payload data item; storing the authenticated received payload data item in the data processing device; and integrity protecting the stored payload data item. The cryptographic authentication process comprises calculating an audit hash value of at least the received data item. Integrity protecting further comprises calculating a reference message authentication code value of at least the audit hash value using a secret key stored in the data processing device as an input.

Abstract: Hash function constructions from expander graphs are described. In one aspect, an expander graph is walked to compute a hash function. The expander graph is walked using respective subsets of an input message. A label of a last vertex walked is an output of the hash function.

Abstract: A system performs an electronic surveillance in a packet-switched network. The system includes a first card (300), a second card (400), and an electronic surveillance device (120). The first card (300) stores first data identifying a first operational mode and second data identifying a time period. The second card (400) stores activation information. The electronic surveillance device (120) reads the first card (300) and conditions itself for operating in the first operational mode for the specified time period. The electronic surveillance device (120) also reads the second card (400) and performs a packet capture operation in accordance with the first operational mode for the specified time period in response to reading the second card (400).

Abstract: A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent during integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.

Abstract: A method of remotely managing a firewall has been developed. The method includes receiving a control data packet at the firewall from a remote location. Next, the control data packet is analyzed to determine if the control data packet is authorized to access the firewall. Finally, an authorized control data packet is allowed to control the firewall.

Abstract: By a program process, CPU 31 embeds a watermark data into a waveform data stored in wave memory 41a. The program includes a step for detecting a characterizing part (attack part and loop part) of a waveform data that represents a waveform of a musical tone where the characterizing part represents characteristics of the musical tone, and a step for embedding a watermark data into a part of the waveform data excluding the detected characterizing part. Further, CPU 31 can also extract the watermark data by a program process including a step for detecting the characterizing part and a step for extracting the watermark data embedded in a part excluding the detected characterizing part. Thus, from waveform data including a watermark data, natural musical tones can be reproduced without deteriorating the characteristics of the musical tones at the time of reproduction.

Abstract: Cryptographic systems and methods are provided in which authentication operations, digital signature operations, and encryption operations may be performed. Authentication operations may be performed using authentication information. The authentication information may be constructed using a symmetric authentication key or a public/private pair of authentication keys. Users may digitally sign data using private signing keys. Corresponding public signing keys may be used to verify user signatures. Identity-based-encryption (IBE) arrangements may be used for encrypting messages using the identity of a recipient. IBE-encrypted messages may be decrypted using appropriate IBE private keys. A smart card, universal serial bus key, or other security device having a tamper-proof enclosure may use the authentication information to obtain secret key information. Information such as IBE private key information, private signature key information, and authentication information may be stored in the tamper-proof enclosure.

Abstract: Methods and apparatus for data authentication with multiple keys are disclosed. An example apparatus to authenticate data disclosed herein comprises a key verifier to verify a first key by comparing a test composite key value and a reference composite key value, wherein the test composite key value is generated from a first key value corresponding to the first key and a second key value corresponding to a second key, and a data verifier to verify the data using the first key when the key verifier determines that verification of the first key was successful, wherein verification is successful when the test composite key value substantially matches the reference composite key value.

Abstract: A computer-based method for scanning data using string filtering includes compressing a data string using a hashing algorithm to obtain a data-string signature, and then determining that the data-string signature matches a known data-string signatures stored in a lookup table if the signature is determined to have a match in the lookup table.

Abstract: A method is provided for secure communication between a transmitter and a receiver. The transmitter comprises a non-volatile memory for storing a first portion of a count value, where the count value is updated after an elapse of a period of time. The transmitter comprises a volatile memory for storing a second portion of the count value. In response to receipt of a transmit request, the transmitter sets a use indicator corresponding to the first portion of the count value. Upon elapse of the period of time, the second portion of the count value is updated. The first portion of the count value is updated if the second portion of the count value overflows and if the use indicator corresponding to the first portion set. A message authentication code is generated based on at least the count value. A message transmitted to the receiver comprises at least the message authentication code.

Abstract: We present a mathematical construct which provides a cryptographic protocol to (verifiably shuffle) a sequence of (k) modular integers, and discuss its application to secure, universally verifiable, multi-authority election schemes. The output of the shuffle operation is another sequence of (k) modular integers, each of which is the same secret power of a corresponding input element, but the order of elements in the output is kept secret. Though it is a trivial matter for the “shuffler” (who chooses the permutation of the elements to be applied) to compute the output from the input, the construction is important because it provides a linear size proof of correctness for the output sequence (i.e. a proof that it is of the form claimed) that can be checked by one or more arbitrary verifiers. The protocol is shown to be honest-verifier zeroknowledge in a special case, and is computational zeroknowledge in general.

Abstract: A system for secure transfer of encrypted data involves a sender client (36), a recipient client (38), a main server (40), and a key server (42). The sender client (36) receives instructions from a first user identifying transfer data and a recipient identifier, creates an encoding key, encodes the transfer data using the key, and communicates the key and the recipient identifier to a main server (40). The main server (40) communicates the key and the recipient identifier to the key server (42), which associates the recipient identifier with a secure package identifier and communicates the secure package identifier to the main server (40), which communicates the secure package identifier to the sender client (36).

Abstract: A system comprises a first operating environment and a second operating environment. The first and second operating environments exchange information in encrypted form using a shared encryption key (K3). The first and second operating environments cooperate to change said encryption key K3 using another shared encryption key (K4). The encryption key K4 is changed upon the encryption key K3 being changed.

Abstract: A method for securing an electronic document (22) comprising attaching a biometric characteristic (20) and the electronic document (22) to form a biometric characteristic-document combination and encrypting the biometric characteristic-document combination to form an encrypted data package (24).

Abstract: A system and method for providing end-to-end security of content over a heterogeneous distribution chain is provided. A content owner provides content to an aggregator that receives the content and processes the content. The processing may involve decrypting the content and associating at least one of a unique fingerprint and a watermark to the decrypted content. The unique fingerprint and a watermark to the decrypted content provide identifying characteristics to the content. Additional content-based fingerprints may be used to monitor quality of consumer experience for Video and Audio. The content may be sent in a decrypted state to a client or in an encrypted state. When the content is encrypted the aggregator wraps and encrypts the content with a signature such that an end-to-end flow of the content may be determined. Application Level encryption is used to provide network/distribution medium transparency as well as persistent encryption.

Abstract: A system (126-129) detects transmission of potentially malicious packets. The system (126-129) receives packets and generates hash values corresponding to each of the packets. The system (126-129) may then compare the generated hash values to hash values corresponding to prior packets. The system (126-129) determines that one of the packets is a potentially malicious packet when the generated hash value corresponding to the one packet matches one of the hash values corresponding to one of the prior packets and the one prior packet was received within a predetermined amount of time of the one packet. The system (126-129) may also facilitate the tracing of the path taken by a potentially malicious packet. In this case, the system (126-129) may receive a message that identifies a potentially malicious packet, generate hash values from the potentially malicious packet, and determine whether one or more of the generated hash values match hash values corresponding to previously-received packets.

Abstract: A simple scheme is provided for server storage of private keys and certificates in a secure manner, thus solving the difficult problems of roaming certificates. A user can access his private keys and certificates from anywhere in the network. Despite that the server stores the user's private keys, the server must not be able to impersonate the user on a network or sign messages for the user. A scheme for truly secure transactions is also provided.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques for establishing trust in an electronic document. An electronic document is received. State dependent content in the electronic document is identified. The state dependent content is content that is renderable to have a several appearances. The electronic document is presented to a user, which includes disclosing the presence of any identified state dependent content in the electronic document.

Abstract: A method and system is directed to providing policies for handling authenticated messages, such as email, and the like, by combining Public Key encryption and the Internet Domain Name System (the “DNS”). The policies include system, user, statistics, new domain, unverified domain, and third party. A domain owner may validate that an email originates from an authorized sender within their domain by using a private key component to digitally sign email outbound from its domain. Employing a public key component, along with a selector, an email recipient may check the validity of the signature, and thus determine that the email originated from a sender authorized by the domain owner. In one embodiment, the public key component used to verify an email signature may be “advertised” or otherwise made available via a TXT record in the DNS.

Abstract: A false alteration detecting method using an electronic watermark method of fragile type by number theoretic transform.

Abstract: A method and device if or recording an information signal with first copy protection information to a storage medium includes recording according to first copy rules identified by the first copy protection information. The first copy protection information identifying the first copy rules is detected, and at least second copy protection information is recorded according to the detected first copy rules. The first and second copy protection information identify a legality message to be interpreted by reader. Screening information is recorded in a safe way on the storage medium to identify that the first copy protection message has been read.

Abstract: A first information processing unit stores identification information into a storage module, stores an encrypted contents signal into a mass storage unit, and supplies the encrypted contents signal and identification information to a second information processing unit through a communication section. In a receiving unit of the first information processing unit, log information generated by a purchase processing module is stored into the storage module every time the contents key is decoded, and the log information is transmitted at predetermined timing to a key management center through the transmission section. The second information processing unit receives the encrypted contents signal and the identification information through a communication section, and causes a contents processing section to decode the encrypted contents signal and to append the identification information thereto.

Abstract: A method, apparatus, and computer implemented instructions for processing a request in a data processing system. The request is received. In response to a first hash value being present within the request, the first hash value is compared to a second hash value that was computed locally, wherein the second hash value represents a current policy configuration for assigning a quality of service. In response to a match between the first hash value and the second hash value, other information in the request is used to establish a quality of service for packets associated with the request.

Abstract: A method, apparatus, and computer instructions for authorizing execution of an application on the data processing system. A request is received to execute the application, wherein the request originates from a remote data processing system and wherein the request includes a digital certificate and the application. The digital certificate is verified in response to receiving the request. Responsive to verifying the digital certificate, a digital digest is calculated for the application to form a calculated digital digest. The calculated digital digest is compared with a set of digital digests from a trusted source. The application is executed if a match between the calculated digital digest and set of digital digests occurs.

Abstract: A system and method for aggregating and providing subscriber medical record information to medical units. The system includes an ICE medical record server that stores a plurality of medical records of respective subscribers. When a subscriber is being attended by a medical unit, the medical unit using a communication device sends an identification number to the server. In response, the server sends the subscriber's medical record to the communication device. The communication device may populate a medical form with the information and display it for use in diagnosing and treating the subscriber. The medical unit may annotate the medical form to document the on-going emergency, and upload it to a professional medical record server, which may provide the information to a medical facility to which the subscriber will be transported.

Abstract: Detection of watermarks in digital content by a system having a recording device and a playback device may be accomplished in such as a way as to improve the interoperability of the recording and playback devices. In one embodiment, a recording device having a first watermark detection component of a first sensitivity for detecting the watermark in digital content, interoperates with a playback device having a second watermark detection component of a second sensitivity for detecting the watermark in a digital content recording made by the recording device; such that the first sensitivity is more sensitive than the second sensitivity.

Abstract: Software intrusion is proactively detected using a dynamically evolving audit log wherein log entries are generated in the audit log and key values are evolved based upon a one-way function depending on both the previous log entry and the previous key. The audit log with the generated log entries and the final key value is transmitted to a clearinghouse that detects software intrusion by analyzing these values. In an effort to reduce the size of the log to be transmitted, the log entries are assigned identical values, thereby only needing to transmit one log entry and the last key value to the clearinghouse.

Abstract: Further increases in the difficulty of importing to a secure domain digital content including watermarks which impose a degree of difficulty on illicit importing to the secure domain of the digital content is disclosed. Further increases in the degree of difficulty are necessary because the degree of difficulty associated with the watermarks is capable of being illicitly overcome by dividing the digital content being imported into segments that are so short that the watermarks cannot be reliably detected. In a recorder, recording is prevented by determining that adjacent activations of start and stop keys are such that the digital content has been so divided. In a playback unit, playback is prevented by determining that recorded sections are so short that the watermarks therein cannot be reliably detected.

Abstract: A game management center linked to at least one remote game terminal, sends the terminals to which it is linked, a message containing a game identifier and a question. The response from a player entered via a remote game terminal is transmitted in a form blinded with the aid of a secret to the game management center so as to guarantee the anonymity of the player. If the blinded response message is received before the instant of broadcasting of the response, the game management center sends an acknowledgement of receipt to said game terminal. The response in answer to the question is subsequently broadcast to all the remote game terminals. If the player has given the right answer, the terminal must, to claim its prize, send a message containing the acknowledgement of receipt and an item proving that it is in possession of the secret used to blind the response.

Abstract: Techniques are disclosed to enable efficient implementation of secure hash functions and/or stream ciphers. More specifically, a family of graphs is described that has relatively large girth, large claw, and/or rapid mixing properties. The graphs are suitable for construction of cryptographic primitives such as collision resistant hash functions and stream ciphers, which allow efficient software implementation.

Abstract: Method of verifying authenticity of goods uses combination codes that have a random portion and a non-random portion that includes at least a secret portion that is encrypted. The combination codes are encrypted and may be applied to goods and checked to determine authenticity of goods; the secret portion may be encrypted with a public key and can be decrypted, for example, using a corresponding private key. The authenticity may include whether or not a tax or duty has been paid. The checking may include checking, e.g., viewing the non-random portion of the decrypted combination code to determine whether it is the same as the non-random portion used to compose the combination code.

Abstract: A method and apparatus for dynamically applying digital watermarks. Requested content is sent to a security module of a user device. A digital watermark is dynamically determined based at least on instance information about a rendering engine of the user device. The digital watermark is then rendered with the content using the rendering engine of the user device.

Abstract: First and second computing devices are selectively operatively coupled together. The first device provides data to the second device. The second device can be a portable computing device. The second device is configured to encrypt/decrypt the data, as needed by the first device. The second device maintains the cryptographic key data internally. As such, the first device, which, for example, may be a personal computer will only maintain the returned encrypted data following encryption and only temporarily use any returned decrypted data. Thus, by physically and operatively distributing the cryptographic processing/maintenance between the two devices, additional security is provided for protecting private data.

Abstract: An additional data useful for the management of copies of a document for an image forming apparatus is embedded in a hard copy of the document. The additional data is embedded in an inherent image of a document as discrete dots arranged in a prescribed format. Preferably, the size of each of said discrete dots is not so large as to be recognized easily with naked eyes. The additional data can be embedded in unit of blocks. Further, the density of the discrete dots is different from the density adjacent to the discrete dots. The image data for embedding an additional data can be obtained by reading a document, or by receiving data sent from a computer or read from a floppy disk. An additional data embedded in a hard copy can be extracted from the image data on the hard copy. Further, the production of a copy according to the image data can be controlled according to the extracted additional data.

Abstract: A method and apparatus (200) for embedding a watermark in an information signal bit-stream are described. The method comprises receiving a portion of an information signal bit-stream (MPEG2). A first copy of the received portion is stored in a first buffer (220). A second copy of the received portion is watermarked, and the resulting watermarked signal stored in a second buffer (240). At predetermined intervals, a check is performed to determine if the bit-rate of the received portion has been changed by being watermarked. If the check determines the bit-rate has changed, the first copy of the received portion from the first buffer is output. Otherwise the watermarked signal from the second buffer is output.

Abstract: A digital content rendering apparatus. A request is made to render stored digital content. The request is processed by a repository coupled to a rendering engine to permit rendering only for authorized request.

Abstract: A method in a system for transferring accounting information, a system for transferring accounting information, a method in a terminal, a terminal, a method in an Extensible Authentication Protocol (EAP) service authorization server, an EAP service authorization server, a computer program, an Extensible Authentication Protocol response (EAP-response) packet, wherein the method: meters data related to a service used by at least one terminal, provides the metered data as accounting information to at least one Extensible Authentication Protocol (EAP) service authorization server, sends, by means of an Extensible Authentication Protocol request (EAP-request), a service authorization request from the at least one EAP service authorization server to the at least one terminal, digitally signs accounting information, in the at least one terminal, includes, at the at least one terminal, the digitally signed accounting information in an Extensible Authentication Protocol response (EAP-response), and sends the digitally

Abstract: Computation environments are protected from bogus or rogue load modules, executables, and other data elements through use of digital signatures, seals, and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules and/or other items to verify that their corresponding specifications are accurate and complete, and then digitally signs them based on a tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys), allowing one tamper resistance work factor environment to protect itself against load modules from another tamper resistance work factor environment. The verifying authority can provide an application intended for insecure environments with a credential having multiple elements covering different parts of the application.

Abstract: Method of invisibly embedding and hiding data into a text document by modifying selected invisible attributes of invisible characters on a plurality of inter-word intervals, comprising the steps of selecting (10) at least one attribute that is invisible on the space characters used as inter-word intervals, transforming (14) the document into a canonical form by setting on all inter-word intervals the values of the selected attribute to the same default value, encoding (18) the data to be embedded and hidden into the document as an ordered set of values corresponding to the different values of the selected attribute, selecting (20) a set of inter-word intervals among all inter-word intervals corresponding to a set of space characters and replacing (22) on each space character of this set of space characters, default attribute values by the corresponding encoded data.

Abstract: A digital video camera includes an image sensor capable of producing a frame of video data representing an image viewed by the sensor, an image memory for storing video data such as previously recorded frame data in a video frame location of the image memory, a read circuit for fetching the previously recorded frame data, an encryption circuit having an encryption key input connected to receive the previously recorded frame data from the read circuit as an encryption key, an un-encrypted data input connected to receive the frame of video data from the image sensor and an encrypted data output port, and a write circuit for writing a frame of encrypted video data received from the encrypted data output port of the encryption circuit to the memory and overwriting the video frame location storing the previously recorded frame data.

Abstract: Apparatus, methods, and articles of manufacture consistent with the present invention provide a check validation scheme wherein a payor's signature is digitized, encrypted and embedded on the front of the check using glyphs. When the payor seeks to convert a blank check into a negotiable instrument, the user fills out the check and signs it. When the check is presented to a bank for payment, a teller using a decoding device, decodes and decrypts the digitized signature such that a human-readable image of the digitized signature can be seen on a screen for comparison with the payor's scripted signature. If the two signatures are identical, the check is honored.

Abstract: A secure method and system of digital data transmission between a sender and a receiver, including a phase of receiver authentication by a symmetrical authentication key sharing algorithm with no transmission of the key, a phase of data watermarking by using the authentication key as the watermarking key, and a phase of transmission of the watermarked data.

Abstract: A security system including a token and a host system. The token includes volatile random access memory for storing security data for use during a step of secure authentication, an interface for providing communication with a host system when coupled thereto, and a processor. The processor performs the steps of authenticating a host system and the token, providing secure information to the host system upon authentication therewith, and re-authenticating the host system and the token in response to receipt of the secure information after a reset of the token has occurred.