Message Digest Travels With Message Patents (Class 713/181)
-
Patent number: 7900062Abstract: Processing load on an executing device for conducting playback is high during the playback of contents since the executing device performs verification of the contents validity in parallel with the contents playback, and therefore the executing device has to be equipped with a highly efficient processor. The present invention reduces the processing load involved in the verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on the DVD. In addition, the present invention is capable of improving the accuracy of detecting unauthorized contents to some extent by randomly selecting a predetermined number of encrypted units every time the verification is performed.Type: GrantFiled: July 26, 2007Date of Patent: March 1, 2011Assignee: Panasonic CorporationInventors: Masao Nonaka, Yuichi Futa, Toshihisa Nakano, Kaoru Yokota, Motoji Ohmori, Masaya Miyazaki, Masaya Yamamoto, Kaoru Murase, Senichi Onoda
-
Patent number: 7894608Abstract: A secure approach for sending a original message from a sender to a receiver. The sender may encrypt the original message by performing an XOR (or XNOR) operation of the original message and a first random message (same size as original message) on a bit by basis to generate a second message. The receiver may also perform an XOR of the second message with a locally generated second random message. The resulting message is sent to the sender system. The sender system may again perform XOR operation of the received message and the first random message, and send the resulting message to receiver. The receiver may perform XOR operation on the received output to generate the original message sent by the sender. Other technologies such as digital signatures and key pairs (public key infrastructure) may be used in each communication between the sender and receiver to further enhance security.Type: GrantFiled: August 4, 2008Date of Patent: February 22, 2011Assignee: International Business Machines CorporationInventor: Devi Prashanth
-
Publication number: 20110040978Abstract: Sending signed e-mail messages. An output data stream is created for streaming a signed e-mail message, and streamed attachment data is read. In response to receiving a portion of the read streamed attachment data, the received portion of the attachment data is digested to generate a digest value, and the received portion of the attachment data is sent to a mail server via the output data stream. The received portion of the attachment data is smaller than the size of the attachment data. The digest value is updated as additional portions of the streamed attachment data are received and digested. In response to sending all attachment data to the mail server, a signer generates the signature data by signing the digest value using a signer's private key, and the generated signature data is sent to the mail server via the output stream.Type: ApplicationFiled: August 14, 2009Publication date: February 17, 2011Applicant: CANON KABUSHIKI KAISHAInventor: Yeongtau Louis Tsao
-
Publication number: 20110040977Abstract: The present method is directed, in the computer data security field, to cryptographic sponge and hash function processes which are embodied in a computer system and are typically keyless, but highly secure. The processes are based on the type of randomness exhibited by manipulation of the well known three dimensional Rubik's cube puzzle. Computation of the hash or sponge value (digest) is the result of executing in a model (such as computer code or logic circuitry) an algorithm modeling such a puzzle using the message as an input to the cube puzzle algorithm, then executing the cube puzzle algorithm. A state of the modeled cube puzzle (the final cube puzzle arrangement) after execution gives the sponge or hash digest value of the message.Type: ApplicationFiled: August 11, 2009Publication date: February 17, 2011Applicant: Apple Inc.Inventors: Augustin J. FARRUGIA, Benoit Chevallier-Mames, Mathieu Ciet
-
Publication number: 20110035597Abstract: An efficient solution for secure implementation of indirect addressing (IA) is described. IA may be used, for example, in networks of which the routing algorithms are not capable of multicast but also contain very constrained devices that, although requiring multicast, are not capable of repeated unicast. This ID is useful in wireless networks containing low-power low-cost devices.Type: ApplicationFiled: October 20, 2010Publication date: February 10, 2011Applicant: KONINKLIJKE PHILIPS ELECTRONICS N.V.Inventor: Thomas Andreas Maria Kevenaar
-
Publication number: 20110029780Abstract: Systems and methods are provided for managing the transfer of electronic files. In one embodiment, a sender transfers an encrypted version of a file (such as a digitally encoded audio track, movie, document, or the like) to someone who wishes to receive it. The receiver computes a hash of the encrypted file, and sends it to a trusted third party. The trusted third party compares the hash that was computed by the receiver with another hash computed by the sender. If the two hashes match, the third party sends the file decryption key to the receiver. In some embodiments, the receiver may also send the third party payment information so that the sender, the content owner, and/or the third party can be paid for their role in the transaction. In a preferred embodiment, the payment information is only sent to, and/or used by, the third party once the third party has confirmed to the satisfaction of the receiver that the encrypted file in the receiver's possession will decrypt correctly.Type: ApplicationFiled: September 30, 2010Publication date: February 3, 2011Applicant: Intertrust Technologies Corp.Inventors: Binyamin Pinkas, Tomas Sander, William G. Home
-
Patent number: 7882349Abstract: Method for detecting an attack on a broadcast key shared between an access point and its wireless clients. Upon detection of the attack, actions are implemented to react to the attack as defined in one or more security policies. Detection of the attack is achieved by examining both a link message integrity check and an infrastructure management frame protection (IMFP) message integrity check contained in a broadcast management frame.Type: GrantFiled: December 6, 2005Date of Patent: February 1, 2011Assignee: Cisco Technology, Inc.Inventors: Nancy Cam-Winget, Mark Krischer, Robert B. O'Hara, Jr.
-
Patent number: 7873831Abstract: A signature system with a mechanism to identify element(s) of a signed document includes a sender having a signature module with a digest generator. The digest generator generates digests for identifying selected elements of the document. The resulting “identifying” digests are then used in generating a signature in which the sender signs the digests rather than the original elements. The receiver can then process the signature and use these digests to distinguish between elements, as needed.Type: GrantFiled: February 26, 2004Date of Patent: January 18, 2011Assignee: Microsoft CorporationInventors: Vijay K. Gajjala, Giovanni M. Della-Libera, Vaithialingam B. Balayoghan, Tomasz Janczuk
-
Publication number: 20110007895Abstract: In accordance with a broad aspect, a method is provided to securely configure a computing device. A configuration indication is received into the computing device, including receiving a digital signature generated based on the configuration indication. Generation of the digital signature accounts for a unique identifier nominally associated with the computing device. The received configuration indication may be verified to be authentic including processing the unique identifier, the received configuration indication and the received digital signature. The computing device may be operated or interoperated with in accordance with the received configuration indication. In one example, a service interoperates with the computing device. The configuration indication and digital signature may be provided from the computing device to the service, and the service may interoperate with the computing device in accordance with the configuration indication and the digital signature.Type: ApplicationFiled: September 9, 2010Publication date: January 13, 2011Inventors: Christopher R. Wysocki, Alan Ward
-
Patent number: 7870391Abstract: A mobile communication terminal having a function of managing multimedia data is provided, including: a main memory including a multimedia database storing the multimedia data; a signal processor converting the multimedia data stored in the main memory into data of a format suitable to be output to a display of the mobile communication terminal; a back_end chip which processes the multimedia data outputted from the signal processor, stores digest information of multimedia data upon occurrence of an update event of the multimedia data, and provides the stored digest information upon receiving a signal of requesting the digest information to be synchronized; and a front_end chip including a controller which requests the digest information stored in the back_end chip, compares and synchronizes the digest information offered from the back_end chip and digest information stored in advance in the front_end chip.Type: GrantFiled: December 9, 2005Date of Patent: January 11, 2011Assignee: Pantech & Curitel Communications, Inc.Inventors: Jung-mook Kang, Su-hyun Yim
-
Patent number: 7869445Abstract: A communication system includes a source node for transmitting data and general nodes that function as relay nodes for relaying the data or destination nodes for receiving the data. Data encoding is performed in each node of the communication system. The source node is linked to the general nodes by one or more independent paths. The number of independent paths from the source node to each of the general nodes is counted. A tap-proof index is calculated based on the maximum number of independent paths and the size of a set of elements formed by the encoded data. The security level against tapping is determined according to the value of the tap-proof index.Type: GrantFiled: February 14, 2008Date of Patent: January 11, 2011Assignee: Mitsubishi Electric CorporationInventor: Haruko Kawahigashi
-
Publication number: 20110004746Abstract: A chip mountable on a customer replaceable unit monitoring memory (CRUM) unit used in an image forming job includes a central processing unit (CPU) with its own operating system (OS), which operates separately from an OS of the image forming apparatus, to perform authentication communication with a main body of the image forming apparatus using the OS of the CPU. The security of a unit on which the chip is mounted can thereby be reinforced and random changes of data of the unit can be prevented.Type: ApplicationFiled: September 24, 2010Publication date: January 6, 2011Applicant: Samsung Electronics Co., LtdInventors: Jae-sung LEE, Yoon-tae Lee, Won-il Cho
-
Patent number: 7861077Abstract: A secure user authentication system, operable over a client-server communications network to authenticate a system user. The system includes an application server which includes a site which is able to be enabled, and an authentication server, which is able to enable the application server site. The authentication server includes a core database, and receives and stores user authentication-enabling data in the core database. The system further includes a client, and a client program which is able to be actuated in the client. The client program includes the user authentication-enabling data. Upon actuation, the client program automatically directly connects to the authentication server, and sends the client authentication-enabling data to the authentication server, for secure user authentication by the authentication server.Type: GrantFiled: October 6, 2006Date of Patent: December 28, 2010Assignee: Multiple Shift Key, Inc.Inventor: Raymond J. Gallagher, III
-
Patent number: 7859412Abstract: A module monitoring system and related method includes a plurality of nodes and a server component. Each node of the plurality of nodes is in operative communication with a network and with at least one RFID attached to a module. Each node of the plurality of nodes is a node type and at least two nodes of the plurality of nodes are different node types. A node of the at least two nodes is a printer-based node and is associated with a printing machine. The node associated with the printing machine is also in operative communication with a local RFID tag attached to a corresponding module. The server component includes a network interface and an analysis component. The network interface is in operative communication with the network and communicates with the at least two nodes utilizing the network.Type: GrantFiled: June 16, 2008Date of Patent: December 28, 2010Assignee: Xerox CorporationInventors: Pravin N. Kothari, Mark Steven Amico, Paul Allen Hosier, Khan Lutful Kabir
-
Patent number: 7861083Abstract: A security system in which wireless transmitting security devices use a hybrid or dual encoding methodology, wherein a first part of a data message is encoded in a return-to-zero (RZ) format and a second part of the data message is encoded in a non-return-to-zero (NRZ) format, thereby increasing error detection and correction. In a first aspect of the invention, status information is included in the first part of the message and redundant status information is included in the second part of the message. In a second aspect of the invention, message sequence information is included in the second part of the message to avoid processing of stale or out-of-sequence messages.Type: GrantFiled: January 23, 2009Date of Patent: December 28, 2010Assignee: Honeywell International IncInventor: Thomas Schmit
-
Patent number: 7856557Abstract: A method of authentication of data to be sent in a digital transmission system, the data being organized in a series of at least three files, involving generating a first authentication value for at least one first file, storing said first authentication value in a second file, generating a second authentication value for said second file, storing said second authentication value in a third file, and transmitting said first, second, and third files to a receiver.Type: GrantFiled: January 26, 2007Date of Patent: December 21, 2010Assignee: THOMSON Licensing S.A.Inventor: Jean-Bernard G. M. Beuque
-
Publication number: 20100318804Abstract: The present invention relates specifically to a modified digital signature algorithm together with a polynomial-based hash function, in which the last step of the calculation of the final hash value, the exponentiation, is omitted. Such a modification eliminates some of the potential attacks to which a basic hash function algorithm is susceptible. It further introduces several flexibilities to a digital signature scheme. For example, hashing and MAC-ing procedures omit an exponentiations step, whereby the security of data is increased as the possibility of successful attack is diminished. Furthermore, the present invention may be implemented either by way of hardware or software. It may also be capable of generating a digital signature for any set of parameters extracted from a message. Generation of a digital signature may occur without the step of a hashing or MAC-ing procedure.Type: ApplicationFiled: June 12, 2008Publication date: December 16, 2010Inventor: Nikolajs Volkovs
-
Patent number: 7853799Abstract: A programmable encryption approach involves the use of a downloadable decryptor. According to an example embodiment of the present invention, an FPGA device includes a microcontroller for configuring logic circuitry on the FPGA device. A memory register is implemented for storing encryption key data and a message authentication code (MAC). When the FPGA device is to be configured using a configuration bitstream, a MAC is calculated for a decryptor and sent to the microcontroller along with an encryption key. The microcontroller stores the encryption key and MAC in a register to which access is limited. When the decryptor is downloaded to the microprocessor, a MAC is calculated on the downloaded decryptor and compared with the stored MAC. If the calculated MAC matches the stored MAC, the decryptor is allowed to access the key.Type: GrantFiled: June 24, 2004Date of Patent: December 14, 2010Assignee: Xilinx, Inc.Inventor: Stephen M. Trimberger
-
Patent number: 7853796Abstract: Computer software or integrated circuit for performing a secure hashing method including one or more of the following: representing an initial sequence of bits as a specially constructed set of polynomials; transformation of this set by masking; partitioning the transformed set of polynomials into a plurality of classes; forming the bit string during the (separated) partitioning; for each of the plurality of classes, factoring each of the polynomials and so as to define a set of irreducible polynomials and collecting these factors in registers defined for each of the plurality of classes; wrapping the values of the registers from the plurality of classes by means of an enumeration; organizing the enumerations and the bit strings into a knapsack; and performing an exponentiation in a group to obtain the hash value or the MAC value.Type: GrantFiled: May 9, 2007Date of Patent: December 14, 2010Inventors: Nikolajs Volkovs, Vijaya Kumar Murty
-
Patent number: 7849318Abstract: A secret string is established so as to be known only to a client computing system and a server computing system. A non-encrypted version of a message, a message counter value, and first hash value are received by the server computing system from the client computing system. The first hash value, based on a content of the message, the message counter value, and the secret string, is generated at the client computing system using a first hash algorithm. Using the first hash algorithm, the server generates second hash value based on the content of the received message, the received message counter value, and the secret string. The server computing system accepts the received non-encrypted version of the message as authentic upon determining that the received message counter value is greater than a previously received message counter value and that the second hash value matches the first hash value.Type: GrantFiled: June 19, 2007Date of Patent: December 7, 2010Assignee: Yahoo! Inc.Inventors: Kai Zhang, Linlong Jiang
-
Patent number: 7844819Abstract: Since there is a possibility that an application downloaded to a terminal performs an invalid operation, an operation of the downloaded application is very much restricted, and the application can not use local resources of the terminal. With the use of information for authenticating the application, which is held in a tamper resistant region of an authentication module, authentication for the application downloaded to a download section of the terminal is performed to confirm its source or whether or not it has been tampered with. Only an authenticated application is permitted to use the local resources of the terminal or the authentication module, so that an invalid application is prevented from using the local resources. Furthermore, there is no need to make the terminal have the tamper resistant region, manufacturing costs of the terminal can be held at a low level.Type: GrantFiled: November 26, 2002Date of Patent: November 30, 2010Assignee: Panasonic CorporationInventor: Atsushi Minemura
-
Patent number: 7844832Abstract: A system and method for authenticating the source of, protecting the contents of, and ensuring the integrity of information. The information may be any digital information which can be stored in a computer file. The information is encapsulated in a computer file which also includes the biometrically verified identity of the person who packaged the information. The contents of the computer file are encrypted, and a unique message digest value is generated and stored in a secure central database. The message digest value functions as the digital signature of the encrypted information, and is used to ensure the integrity of the information.Type: GrantFiled: November 29, 2006Date of Patent: November 30, 2010Inventors: Ron L. Nation, Rodney P. Meli, William T. Garner
-
Publication number: 20100299528Abstract: The present invention proposes a solution to prevent a program flow in a processing unit from being modified with respect to an intended program flow, thereby ensuring that important steps such as verifying or authenticating are not bypassed. The invention is particularly aimed at security modules within receiver/decoders in a pay-TV system and involves performing a set of predetermined operations during the processing of entitlement management messages and/or entitlement control messages, said operations being redundant with respect to the normal processing of said messages while leading to the calculation of keys which can then be used to verify that the intended program flow has been respected.Type: ApplicationFiled: May 24, 2010Publication date: November 25, 2010Applicant: NAGRAVISION S.A.Inventor: Dominique Le Floch
-
Publication number: 20100299529Abstract: A method for securing communication between members. The method includes a first member obtaining a secret. An n-bit generator executing on the first member generates a message digest using the first secret. The first member extracts algorithm selector bits and an encryption key from the message digest, and selects an encryption algorithm identified by the algorithm selector bits. The method further includes the first member encrypting a communication using the encryption algorithm and the encryption key to obtain an encrypted communication, and the first member sending, to a second member of the group, the first encrypted communication.Type: ApplicationFiled: March 25, 2010Publication date: November 25, 2010Applicant: PACID TECHNOLOGIES, LLCInventor: Guy Fielder
-
Patent number: 7840814Abstract: A method for managing an original executable code downloaded into a reprogrammable computer on-board system such as a microprocessor card. The code includes a cryptographic signature and is executable by the microprocessor once the validity of the signature has been checked. Off the card, a modified executable code corresponding to the original code and adapted to a pre-defined specific use is identified. A software component is calculated, which when applied to the original code, enables the modified code to be reconstructed. The software component is signed, and the signed original code and the signed software component are downloaded into the card. On the card, the signature of the original code and the software component are checked, and the software component is applied to the original code in order to reconstruct the modified code for the execution of the same by the microprocessor.Type: GrantFiled: April 2, 2004Date of Patent: November 23, 2010Assignee: Gemalto SAInventors: Alexandre Benoit, Ludovic Rousseau
-
Patent number: 7840637Abstract: An example embodiment of a includes a Home Page, a Web Presence Tool Page, and a Product and Community Forum which is created and maintained by a Hosting Provider. The Home Page may be made accessible to Hosting Customers and Partners and is an ideal location for placement of ads since all members of the Web Hosting Community are funneled through this Web page. The Web Presence Tool Page may display information generated by a Partner regarding the Partner's application which may be viewed by the Hosting Customers. The Product and Community Forum may allow the Hosting Customers to share information regarding all the applications with other Hosting Customers.Type: GrantFiled: February 21, 2007Date of Patent: November 23, 2010Assignee: The Go Daddy Group, Inc.Inventors: Warren Adelman, Michael Chadwick
-
Publication number: 20100293385Abstract: A system and method for authenticating an HTTP message. A relying party may respond to a request from a requester by sending an HTTP message with authentication specifications to the requester. The requester responds with a new request that adheres to a scheme specified by the relying party. A framework allows for a security token to be located in an HTTP header or a message body, with various options such as fragmenting the token available. An option allows for cryptographically binding the security token to the body of a message. An authentication framework provides for an implementation by an HTTP stack or by an application.Type: ApplicationFiled: May 14, 2009Publication date: November 18, 2010Applicant: Microsoft CorporationInventors: Arun K. Nanda, Hervey Wilson
-
Patent number: 7836310Abstract: An improved system and approaches for protecting passwords are disclosed. A file security system for an organization operates to protect the files of the organization and thus prevents or limits users from accessing some or all of the files (e.g., documents) associated with the organization. According to one aspect, a password entered by a user is used, provided it is authenticated, to obtain a respective authentication string (a relatively longer string of numbers or characters). The retrieved authentication string is then used to enable the user to enter the file security system and/or to access secured files therein. According to another aspect, user passwords are not stored in the file security system to avoid security breaches due to unauthorized capture of user passwords.Type: GrantFiled: November 1, 2002Date of Patent: November 16, 2010Inventor: Yevgeniy Gutnik
-
Publication number: 20100287380Abstract: A writing area security system (10) includes a CPU (34), a flash memory (64), and a memory controller (62). The memory controller (62), when receiving a read command of data stored in the flash memory (64) from the CPU (34), performs a parity check on the data. The memory controller (62) outputs the data to the CPU (34) only when the parity of the read data is correct.Type: ApplicationFiled: September 4, 2007Publication date: November 11, 2010Applicant: NINTENDO CO., LTD.Inventors: Shinji Kurimoto, Masashi Seiki
-
Patent number: 7831039Abstract: Circuitry for encrypting at least a part of an input data flow and generating a tag based on the input data flow with the same ciphering algorithm and the same key including a first ciphering branch arranged to encrypt the at least part of the input data; a second ciphering branch arranged to generate the tag; and a single key schedule unit arranged to receive the key, to generate at least one sub-key based on the key and to provide the at least one sub-key to the first and second ciphering branches.Type: GrantFiled: June 7, 2006Date of Patent: November 9, 2010Assignees: STMicroelectronics S.r.l., STMicroelectronics Inc.Inventors: Guido Bertoni, Jefferson E. Owen
-
Patent number: 7832013Abstract: A method for analyzing a security grade of an information property, and more particularly, a method by which a security grade (a risk degree in security) is analyzed objectively and quantitatively such that risk degree management of an information property can be efficiently performed, is provided. The method for analyzing a security grade of an information property includes: selecting an information property as an object of security grade analysis, among information properties for which risk degree analysis and importance evaluation in managerial, physical, and technological aspects are performed; calculating the property risk degree of the selected property based on the weighted mean of risk degrees and importance evaluation; and mapping the weighted mean of the risk degree and the importance on a 2-dimensional plane having the X-axis indicating the weighted mean of a risk degree and the Y-axis indicating importance, and based on the appearing result, determining the priority of a safeguard.Type: GrantFiled: March 17, 2005Date of Patent: November 9, 2010Assignee: Electronics and Telecommunications Research InstituteInventors: Won Joo Park, Youn Seo Jeong, Dong Il Seo
-
Publication number: 20100281263Abstract: A recording device for recording one or more of a plurality of subcontents recorded on a first recording medium, onto a second recording medium, the first recording medium having further recorded thereon digest values of the subcontents, and a medium signature generated based on the digest values of the subcontents, the plurality of subcontents constituting one content, the recording device comprising: a subcontent acquisition unit operable to select and acquire one or more of subcontents permitted to be copied; an excluded digest value acquisition unit operable to acquire excluded digest values from the first recording medium, the excluded digest values being digest values of nonselected subcontents; a signature acquisition unit operable to acquire the medium signature from the first recording medium; and a write unit operable to write, onto the second recording medium, (i) the one or more selected subcontents, (ii) the excluded digest values, and (iii) the medium signature.Type: ApplicationFiled: February 7, 2008Publication date: November 4, 2010Inventors: Sanzo Ugawa, Masaya Yamamoto, Shunji Harada, Toshihisa Nakano
-
Publication number: 20100275031Abstract: This method securely transmits data from a secure control system [110] located on an isolated computer network [100] to a separate computer [210] outside the isolated control network [100]. The method includes several features designed to minimize the risk of outside cyber attack on the control system [110] while ensuring that the data is transmitted correctly and promptly. The system uses a non-routable unidirectional physical data link [300]. Messages [400] are redundantly transmitted to computer [210] without acknowledgement along with checksums [430,450]. The checksum information is used to validate that the message header [420] and the message data [440] have been received correctly. Redundant information contained in repeated message data blocks [440] is discarded after the transmitted message [400] is correctly received and decoded. An ordered transmission sequence is used to minimize the message delay if an individual message [400] was not received correctly on its first transmission.Type: ApplicationFiled: April 22, 2010Publication date: October 28, 2010Inventor: Allan G. Ferry
-
Publication number: 20100275030Abstract: A method for electronically storing and retrieving at a later date a true copy of a document stored on a remote storage device comprises: sending a document in electronic format from a document owner's computing device to a store entity for storing the document; generating a digest of the document while the document is at the store entity by applying a hash function to the document; signing the digest electronically with a key while said document is at the store entity; generating a receipt that includes the digest and the key; sending the receipt to the document owner; and verifying, at the document owner's computing device, that the received receipt corresponds to the document sent from the owner's computing device.Type: ApplicationFiled: April 22, 2009Publication date: October 28, 2010Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventor: John G. Rooney
-
Publication number: 20100268960Abstract: A method for encrypting data includes receiving a block of plaintext for a data set at one or more computers, acquiring a cryptographic key for the data set, generating an initialization vector for the block of plaintext based on the block of plaintext, and encrypting the block of plaintext using the cryptographic key and the initialization vector.Type: ApplicationFiled: April 17, 2009Publication date: October 21, 2010Applicant: SUN MICROSYSTEMS, INC.Inventors: Darren James Moffat, James P. Hughes
-
Publication number: 20100268938Abstract: A sentinel value is combined with a data segment, and encrypted. A digest of the encrypted combined data segment is calculated, and used in conjunction with an encryption key to generate a masked key. This masked key is then appended to the encrypted combined data segment and transmitted to an encoder. When the data segment is retrieved, the original encryption key can be recovered and used to decrypt the data segment. The sentinel value can then be extracted from the data segment and checked for integrity. The data segment can then be delivered, discarded, flagged, or otherwise handled based on the integrity of the sentinel value.Type: ApplicationFiled: April 14, 2010Publication date: October 21, 2010Applicant: CLEVERSAFE, INC.Inventor: JASON K. RESCH
-
Patent number: 7818579Abstract: An information processor has an information dispersing function, a dividing unit for dividing a first data (DT0) into n pieces of disperse information, and executing secret sharing scheme capable of restoring the first data (DT0) by using arbitrary k pieces (1<k<n) of disperse information out of the n pieces of disperse information, a first storage control unit for storing the arbitrary k pieces of disperse information generated by the dividing unit into plurality of portable recording devices, an editing unit for reconstructing the first data (DT0) by using the k pieces of disperse information stored in the plurality of recording devices and editing the restored first data (DT0), a difference generating unit, after the dividing unit divides a second data which is post-data (DT1) originated in the restored first data into n pieces of post-edit disperse information, for calculating the difference between post-edit disperse information corresponding to the recording device and pre-edit disperse informatioType: GrantFiled: May 7, 2007Date of Patent: October 19, 2010Assignee: Fujitsu LimitedInventors: Naoki Nishiguchi, Kouichi Yasaki
-
Patent number: 7818812Abstract: A universally known and accepted unique item that is independently identifiable and difficult to counterfeit is used as an authenticator item. The identity of this item is included in an authorization calculation which can only be accomplished by an authorizing authority. The authenticator can be a serial numbered item such as a currency bill or note. The document may be created anywhere in plain paper, electronic or other forms. Creation may be by any of an issuing authority, an agent, a bearer and even the buyer. The document's authenticity may be verified without communication back to the issuing authority. The invention allows cancellation to prevent negotiation of an electronic document regardless of how many copies are extant in computers or other form merely by defacing or destroying the associated authenticator.Type: GrantFiled: January 22, 2008Date of Patent: October 19, 2010Assignee: International Business Machines CorporationInventor: David Alan Kra
-
Patent number: 7813507Abstract: A method and system for creating random cryptographic keys in hardware is described. One or more bits are generated via one or more random bit circuits. Each random bit circuit includes a sensing device coupled to a first device and a second device to compare the first device against the second device and to generate a random bit from a random state value. The generated bits from the random bit circuits are read, and a cryptographic key may then be computed based on the generated bits.Type: GrantFiled: April 21, 2005Date of Patent: October 12, 2010Assignee: Intel CorporationInventors: Ernie Brickell, Rachael Parker
-
Patent number: 7814329Abstract: A method and apparatus for performing MAC security (MACSec) operations. In one embodiment, the apparatus comprises a plurality of discrete elements coupled together to perform MAC security processing, the plurality of discrete elements able to operate on distinct packets related to MAC security simultaneously, and wherein each of the plurality of discrete elements is in an independently controlled power domain that enters a reduced power consumption state independently of other discrete elements in the plurality of discrete elements when not in use.Type: GrantFiled: April 7, 2006Date of Patent: October 12, 2010Assignee: Marvell International Ltd.Inventors: Guy T. Hutchison, Awais B. Nemat
-
Publication number: 20100250950Abstract: A communication apparatus includes: a first storage unit storing a received electronic mail; a verification unit executing a first verification about an electronic signature attached to the received electronic mail; a printing unit printing the received electronic mail if a verification result of the first verification is positive; a deletion unit deleting the printed electronic mail from the first storage unit; and a storage control unit controlling a second storage unit to store the mail information about the received electronic mail in the second storage unit if the verification result of the first verification is negative. The verification unit again executes the first verification about a specific electronic signature attached to a specific electronic mail which mail information is stored in the second storage unit. The printing unit prints the specific electronic mail if a verification result by again executing the first verification about the specific electronic signature is positive.Type: ApplicationFiled: March 19, 2010Publication date: September 30, 2010Applicant: BROTHER KOGYO KABUSHIKI KAISHAInventor: Shohei Tsujimoto
-
Patent number: 7805614Abstract: A method for secure identity processing using biometrics is provided. A public key and a unique serial number are received from a BIOTOKEN. A random number is generated. The random number and the unique serial number are transmitted to the BIOTOKEN. A serial number received from the BIOTOKEN is compared with the unique serial number and if there is a match, an encrypted symmetric key, transmitted by the BIOTOKEN, is decrypted using the public key. An encrypted random number and encrypted biometric data associated with a user are decrypted using the decrypted symmetric key. The decrypted random number is compared with the transmitted random number, if there is a match, the decrypted biometric data is validated and the received serial number and the public key are transmitted to a certification authority if the biometric data is validated. An authentication certificate associated with the BIOTOKEN is issued by the certification authority.Type: GrantFiled: March 31, 2005Date of Patent: September 28, 2010Assignee: Northrop Grumman CorporationInventors: Kenneth W. Aull, William Gravell, James B. Rekas
-
Patent number: 7802106Abstract: A method of guaranteeing the integrity of at least one computer software program transmitted by a transmitter to a decoder which is equipped with an encryption/decryption module via a long-distance information transmission network. The inventive method includes inserting (at 52) a supplementary piece of information into a message containing the information necessary for the decoder to decrypt the information signals transmitted by the transmitter, the supplementary information enabling the encryption/decryption module to verify that it has effectively received each computer software program transmitted.Type: GrantFiled: December 3, 2003Date of Patent: September 21, 2010Assignee: Logiways FranceInventor: Christian Benardeau
-
Patent number: 7800499Abstract: In various embodiments, a method for signing tags associated with objects includes receiving a first identifier associated with a tag. A first signature is generated for the tag based on the identifier and a public key. The first identifier and the first signature are then stored in the tag.Type: GrantFiled: June 5, 2007Date of Patent: September 21, 2010Assignee: Oracle International CorporationInventor: Samuelson Rehman
-
Patent number: 7802102Abstract: The present invention provides a method for transferring encrypted information from one storage area to other storage area wherein cryptographic data protection scheme having protection attributes are applied on the data. A crypto container having cryptographic properties represents cryptographically protected data. The attributes that have been attached to the container at the time when data is added or removed from the container determine the scheme of data protection being applied. Crypto container can be converted or serialized for storage or transmission, here the conversion spread only to the protected data parts which possibly includes crypto containers in protected form but may not the attached crypto attributes. These attributes must be stored or transmitted in another form.Type: GrantFiled: October 24, 2006Date of Patent: September 21, 2010Assignee: International Business Machines CorporationInventors: Roman A. Pletka, Patrick Droz, Christian Cachin
-
Publication number: 20100235644Abstract: Systems and methods are described which utilize a recursive security protocol for the protection of digital data. These may include encrypting a bit stream with a first encryption algorithm and associating a first decryption algorithm with the encrypted bit stream. The resulting bit stream may then be encrypted with a second encryption algorithm to yield a second bit stream. This second bit stream is then associated with a second decryption algorithm. This second bit stream can then be decrypted by an intended recipient using associated keys.Type: ApplicationFiled: May 27, 2010Publication date: September 16, 2010Inventor: William V. Oxford
-
Patent number: 7797539Abstract: A method for communicating information between at least a pair of correspondents, the method comprising the steps of each of the correspondents selecting a plurality of cryptographic algorithms known to each of the correspondents. One of the correspondents applies the algorithms in a predetermined manner to a message for producing a set of processed information. The set of processed information is transmitted to the other correspondent. The other correspondent applies complimentary operations of the cryptographic schemes in accordance with the predetermined manner for deriving information related to the message from the processed information.Type: GrantFiled: July 19, 2001Date of Patent: September 14, 2010Assignee: Certicom CorporationInventors: Donald B. Johnson, Scott A. Vanstone
-
Patent number: 7797237Abstract: Disclosed herein is an electronic financial transaction system and method providing a real-time authentication service through a wire/wireless communication network that is provided with an electronic slip processing function and a deposit account, so electronic financial transaction users can authenticate electronic financial transactions in real time. The system and method of the present invention is provided with an electronic slip processing function. Accordingly, electronic financial transaction users can authenticate electronic financial transactions in real time using electronic slips without temporal and spatial restrictions, so electronic financial transactions can be safely, conveniently and rapidly carried out Additionally, an approval authority can approve financial transactions in real time without temporal and spatial restrictions, so a multi-approval function through a mobile communication network is provided to prevent a leakage of information and a misappropriation of money.Type: GrantFiled: December 6, 2001Date of Patent: September 14, 2010Inventor: Min-Suh Kim
-
Patent number: 7797543Abstract: Systems and methods are disclosed for authenticating electronic messages. A data structure is generated by a computer server which allows for the authentication of the contents and computer server identity of a received electronic message and provides a trusted stamp to authenticate when the message was sent. Data which can authenticate the message, the computer server identity, and the time the message was sent is included into a data structure which is called an Electronic PostMark (EPM).Type: GrantFiled: September 29, 2000Date of Patent: September 14, 2010Assignee: United States Postal ServiceInventors: Leo J. Campbell, Jon L. Cook, Charles R. Chamberlain, Michael J. McGrath, Isadore Schoen
-
Publication number: 20100217997Abstract: An authentication method is disclosed herein. The method includes: by a server, using a Trigger message nonce to generate a Trigger message, and sending the generated Trigger message to a client so that the client can extract the Trigger message nonce; after determining that the Trigger message nonce is valid, using the Trigger message nonce to generate a digest, and authenticating the Trigger message generated by using the Trigger message nonce; after the authentication succeeds, sending a session request to the server indicated by the Trigger message, where the session request carries a session ID. The corresponding system, server and client are disclosed herein. The present invention makes the authentication process more secure through the client and the server based on the DS or DM protocol.Type: ApplicationFiled: May 7, 2010Publication date: August 26, 2010Inventors: Xiaoqian CHAI, Hongtao Gao, Kepeng Li, Linyi Tian