Showing papers on "Encryption published in 1986"

Software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocessor

Abstract: The invention provides a software asset protection mechanism which is based on the separation of the software to be protected from the right to execute that software. Protected software can only be executed on composite computing systems in which a physically and logically secure coprocessor is associated with a host computer. The software to be protected is broken down into a protected (encrypted) portion and an (optional) unprotected or plain text portion. The software is distributed by any conventional software distribution mechanism (for example a floppy disk) including the files already identified along with an encrypted software decryption key. The coprocessor is capable of decrypting the software decryption key so it can thereafter decrypt the software, for execution purposes. However, the coprocessor will not perform these functions unless and until the user's right to execute is evidenced by presentation of a physically secure token. The physically secure token provides to the coprocessor token data in plain text form (the physical security of the plain text token data is provided by the cartridge within which token data is stored). The physical properties of that cartridge taken together with the correspondence between the token data provided by the cartridge and the encrypted token data evidence the user's right to execute. While the coprocessor can, thereafter, decrypt and execute the protected portion of the software, access to that software is denied the user by the physical and logical features of the coprocessor. Other properties of the cartridge (specifically a destructive read property) ensure that the act of transferring token data to the coprocessor obliterates that data from the cartridge so it cannot be revised. Further, the protocol for the coprocessor/cartridge exchange is arranged so that observation of even the entire exchange provides inadequate information with which to simulate or spoof the effect of an authentic, unused cartridge.

Postage and mailing information applying system

Abstract: A postage and mailing information system wherein an encrypted message based upon postage and mail address information is created. This encrypted message is used in the determination of authenticity. Another aspect of the invention resides in placing the encrypted message in the address field of a mail piece for authentication by an automatic high speed sorter.

Communication of individual messages to subscribers in a subscription television system

Abstract: A subscription television system in which individual decoders are enabled to receive individually addressed messages is disclosed. The composite signal, including video and teletext, also comprises addressed packets, which are detected by decoders and which indicate that a message addressed to a particular subscriber is forthcoming, and system control data. The decoder detects an addressed packet addressed to itself, whereby it is enabled to select the appropriate teletext message and to display the same. In a preferred embodiment, both address packets and teletext are encrypted. The addressed packet is decrypted using a decoder-specific code and a system key transmitted as part of the system control data, while the teletext packet is decrypted using the system key, but cannot be received until the addressed packet has been decrypted. Therefore, redundant levels of security are provided to the system. Messages for display to the user can be selected in response to user initiated commands, in response to decoder initiation, or in response to the transmitter. In each case, the bulk of the data to be displayed is repetitively transmitted by the transmitter and is adapted to the particular user after receipt by supply of user-specific information generated or stored by the decoder. In this way, the memory requirements of the decoder are substantially minimized, while extensive flexibility in the choice of messages to be transmitted is provided.

Modular software security

Abstract: Disclosed is a computer method and apparatus that permits identical copies of encrypted computer software (including a number of software elements) to be distributed to many users while retaining central control over which elements are "unlocked", that is, are authorized for use by each user.

Software usage authorization system with key for decrypting/re-encrypting/re-transmitting moving target security codes from protected software

Abstract: A computer based function control system is particularly suited for use as a software security device on the highly popular personal computers or a micro-processor driven function. The system includes an encrypted security message uniquely encoded at predetermined locations within the software or function program. The software or function program includes pre-set errors in it to cause failure of execution of the function or software program unless the errors are nulled during operation of the function or software program. A separate electronic key for retrieving, recognizing, decrypting, encrypting, and producing the null signals is connected to the communications port of the computer from which the key draws its power as well as the security message passed from the computer to the key and back to the computer. There is interchange of moving target and validation information between the computer software and the electronic key. This information is transferred via the security message under the cover of encryption and is monitored by the key and the software to insure that operation of the program can be effected only by authorized users of the function or software program (that is those having the key uniquely associated with that program).

The Design of a Capability-Based Distributed Operating System

Abstract: Fifth-generation computer systems will use large numbers of processors to achieve high performance. In this paper a capability-based operating system designed for this environment is discussed. Capability-based operating systems have traditionally required large, complex kernels to manage the use of capabilities. In our proposal, capability management is done entirely by user programs without giving up any of the protection aspects normally associated with capabilities. The basic idea is to use one-way functions and encryption to protect sensitive information. Various aspects of the proposed system are discussed.

Networks without user observability—design options

Abstract: In usual communication networks, the network operator or an intruder could easily observe when, how much and with whom the users communicate (traffic analysis), even if the users employ end-to-end encryption. When ISDNs are used for almost everything, this becomes a severe threat. Therefore, we summarize basic concepts to keep the recipient and sender or at least their relationship unobservable, consider some possible implementations and necessary hierarchical extensions, and propose some suitable performance and reliability enhancements.

Software security method and systems

Abstract: Encrypted digital information in a data processing system is decrypted using a key which is a word sequence. The key is generated in a hardware module which is a single chip microprocessor. Individual words of the key word sequence generated by the module are generated as a function of a plurality of words of the input key word sequence. To that end, the microprocessor is programmed as a finite state machine. The hardware module may be combined with a storage medium in a software package. The decryption routines and a key sequence to be applied to the key generator are stored with the application software on the storage medium. To decrypt the application software, the stored key sequence is applied to the key generator to obtain an output key sequence. A computer system may include an encryption/decryption module and a key generator module to encrypt software and data prior to outputting the software or data from the system. Identical key generators may be utilized for encryption and decryption in a secure network.

How to Prove All NP Statements in Zero-Knowledge and a Methodology of Cryptographic Protocol Design (Extended Abstract)

Abstract: Under the assumption that encryption functions exist, we show that all languages in NP possess zero-knowledge proofs. That is, it is possible to demonstrate that a CNF formula is satisfiable without revealing any other property of the formula. In particular, without yielding neither a satisfying assignment nor weaker properties such as whether there is a satisfying assignment in which x 1 = TRUE, or whether there is a satisfying assignment in which x 1 = x 3 etc.

Computer security system

Abstract: A security system for distributed computer systems with a central computer and remotely located interactive terminals. The security system includes a master security control processor (SCP) which is associated with the central computer, and one or more slave SCPs, each of which is associated with one of the interactive terminals. Clearance at several security levels is required before communications between one of the remote terminals and the central computer is authorized. The security levels are implemented after communications are established to maintain only authorized access to the central computer. One of several unauthorized access modes are implemented when an unauthorized interactive terminal or SCP is identified. All data communicated between the master and slave SCPs is encrypted for security.

Satellite communication system and method with message authentication suitable for use in financial institutions

Abstract: A satellite communications system apparatus and method for authenticating data transmissions uses the position of the transmitter, which position is determined by the satellite communications system. The transmitter position information is appended to the message (which can be either clear text or encrypted), which is sent to the receiver at a second location by the satellite system. A receiver can then authenticate the received message by comparing the received transmitter position with stored transmitter position information. The mobile transceiver syncing versions of the present invention allow the transceiver to be mobile, as opposed to being stationary. In this mobile version, each succeeding message is encrypted using the previous position of the mobile transceiver. Examples of transceivers implementing the apparatus and method of the present invention are shown, as are the specific vertical market applications of financial networks and automatic weather observation and reporting systems. In each version of the present invention, the determination of the location of the transmitter for each message that is received introduces an independently verifiable authentication parameter.

Advances in cryptology -- CRYPTO '85 : proceedings

Abstract: Signatures and authentication.- Breaking the Ong-Schnorr-Shamir Signature Scheme for Quadratic Number Fields.- Another Birthday Attack.- Attacks on Some RSA Signatures.- An Attack on a Signature Scheme Proposed by Okamoto and Shiraishi.- A Secure Subliminal Channel (?).- Unconditionally Secure Authentication Schemes and Practical and Theoretical Consequences.- Protocols.- On the Security of Ping-Pong Protocols when Implemented using the RSA (Extended Abstract).- A Secure Poker Protocol that Minimizes the Effect of Player Coalitions.- A Framework for the Study of Cryptographic Protocols.- Cheating at Mental Poker.- Security for the DoD Transmission Control Protocol.- Symmetric Public-Key Encryption.- Copy Protection.- Software Protection: Myth or Reality?.- Public Protection of Software.- Fingerprinting Long Forgiving Messages.- Single Key Cryptology.- Cryptanalysis of des with a Reduced Number of Rounds.- Is DES a Pure Cipher? (Results of More Cycling Experiments on DES) (Preliminary Abstract).- A Layered Approach to the Design of Private Key Cryptosystems.- Lifetimes of Keys in Cryptographic Key Management Systems.- Correlation Immunity and the Summation Generator.- Design of Combiners to Prevent Divide and Conquer Attacks.- On the Security of DES.- Information theory without the finiteness assumption, II. Unfolding the DES.- Two Key Cryptology.- Analysis of a Public Key Approach Based on Polynomial Substitution.- Developing an RSA Chip.- An M3 Public-Key Encryption Scheme.- Trapdoor Rings And Their Use In Cryptography.- On Computing Logarithms Over Finite Fields.- N Using RSA with Low Exponent in a Public Key Network.- Lenstra's Factorisation Method Based on Elliptic Curves.- Use of Elliptic Curves in Cryptography.- Randomness and Other Problems.- Cryptography with Cellular Automata.- Efficient Parallel Pseudo-Random Number Generation.- How to Construct Pseudo-random Permutations from Pseudo-random Functions.- The Bit Security of Modular Squaring given Partial Factorization of the Modulos.- Some Cryptographic Aspects of Womcodes.- How to Reduce your Enemy's Information (extended abstract).- Encrypting Problem Instances.- Divergence Bounds on Key Equivocation and Error Probability in Cryptanalysis.- Impromptu Talks.- A chosen text attack on the RSA cryptosystem and some discrete logarithm schemes.- On the Design of S-Boxes.- The Real Reason for Rivest's Phenomenon.- The Importance of "Good" Key Scheduling Schemes (How to Make a Secure DES* Scheme with ? 48 Bit Keys?).- Access Control at the Netherlands Postal and Telecommunications Services.

Secured printer for a value printing system

Abstract: A system is disclosed for securing a device from invasive and noninvasive tampering, one such device being a printer assembly for use in a value printing system, such as a postal mailing system. The system is comprised of a Decryption Microcomputer operable for decrypting the input data to be printed in accordance with a valid cipher key, the encrypted data and key being provided by another device, such as a postal meter. The cipher key is stored within a Tamper Latch readably coupled to the Microcomputer for providing the key to the Microcomputer. In addition, the Tamper Latch has a wire of small cross-sectional area connected thereto such that the presence of the wire is operable for defining a portion of the cipher key. To provide further security from tampering the Microcomputer, Latch and wire are embedded within a potting material. An attempt to remove the potting material in order to gain access to the components embedded therein will cause a brakage of the wire, thereby invalidating the cipher key and rendering the Microcomputer inoperable for decrypting the data to be printed.

System for preventing software piracy employing multi-encrypted keys and single decryption circuit modules

Abstract: A system which enables a protected program (e.g., prog. A, prog. B, ...) to run only a selected plurality of computers (e.g., computer 10) including a rspective unique key Ki for each computer of the plurality, the key being triple encrypted (14a) in the form EFK ADEKi ADEFK ADKi BD BD BD. A respective module (16) is coupled (via 17) to each computer (10) of the plurality. A checker program (15) in each computer responds to a request (from station 11) to use the protected program by performing a single decryption procedure EFK on the triple encrypted key (step 22 of Fig. 2) and sends the result (step 23) to the module (16) as a message. The module (16) performs a single decryption procedure EKi on the message (step 25) and sends that result (step 26) back to the computer. The checker program (15) receives the module's result and performs another single decryption procedure EFK on it (step 28) to obtain key Ki. Then the checker program (15) uses key Ki to decrypt an identifier, (e.g., 14b, 14c, ...) and proceeds with the execution of the protected program only if it is identified by the decrypted identifier (step 32).

Apparatus and method for broadcasting priority rated messages on a radio communications channel of a multiple transceiver system

Abstract: Apparatus in a transceiver for broadcasting priority rated messages on a channel shared by a multiplicity of similar transceivers, converts an analog audio frequency message to compressed digitalized format which is stored, encrypted, and encoded with a priority rating and recipient identity code. A central data processor prevents broadcast of the message while any other message of higher priority rating is being broadcast, or interrupts broadcast of the message when broadcast of another message of higher priority is detected, or interrupts broadcast of any other message of lower priority than that of a message waiting to be broadcast. Received messages bearing the recipient's identity code are stored and played back in order of their priority rating.

Communications network using IC cards

Abstract: A communications network has a plurality of customer terminals and a single center terminal which are coupled through communication lines. A large scale integrated circuit is operatively coupled to each terminal. The integrated circuit device has enciphering and deciphering functions and has a recording device. When a transaction request message is sent from one customer terminal to the center, the transaction request message is enciphered by the integrated circuit device, and the enciphered message is sent to the center. In order to increase the transaction verification capability, the transmission message is recorded, in association with encryption of the transmission message, in an area of the recording device which can be accessed from outside only for readout. In order to further improve the transaction verification capability, the response message is enciphered by the integrated circuit device in the center. The enciphered response message is deciphered by the integrated circuit device in the customer terminal. The response message is recorded in the area of the recording device such that the encrypted message and decrypted message can be distinguished from each other.

Method and apparatus for scrambling and descrambling television signals

Abstract: A method and apparatus for descrambling a television signal using a three tier encryption technique for the code used to descramble the signal. At the transmitter, a distribution key (41) is used to encrypt a session key. The encrypted session key (40.1) is transmitted in the digital data channel (40) of the television signal. The session key is also used to encrypt the descramble code (40.2) which is also transmitted in the data channel (40) of the television signal. At the receiver (42) the encrypted session key (43) is decrypted using a distribution key (41). The decrypted session key (43), is in turn used to decrypt the descramble code (44). The descramble code may then be used to descramble and/or decrypt other signals (45, 46, 47) in the receiver.

Technique for reducing rsa crypto variable storage

Abstract: A technique for reducing RSA (Rivest, Shamir and Adleman algorithm) cryptovariable key from 1200 bits (400-bit public key, 400-bit secret key and 400-bit modulus) to 106 bits makes feasible the storage of the RSA algorithm parameters on current magnetic stripe cards used by the banking and finance industry. Of the 106 bits required, only 56 bits must be kept secret; the remaining 50 bits are nonsecret. These 106 bits are used to derive two 200-bit primes P and Q from which is computed the modulus N = PQ and two 400-bit keys PK (public key) and SK (secret key). In effect, a savings in storage is achieved at the expense of performing a precomputation to derive the modulus an keys each time the system is utilised for encryption/decryption. The 56-bit value plus the additional 50 bits of non- secret data can be used to generate the RSA cryptovariables in systems where the RSA algorithm has been implemented. In another embodiment, a technique is provided for reducing the RSA cryptovariable storage of the public key PK and modulus from 1800 bits to 242 bits. These 242 bits can be used at any later time to derive the 400-bit public key PK and 40--bit modulus N = PQ. The savings in storage is achieved by performing a precomputation each time the system is utilised for encryption/decryption.

Method and apparatus for creating encrypted and decrypted television signals.

Abstract: A method and apparatus for creating a television signal and encrypting or decrypting the signal at the same time. Luminance and chrominance information are received by the apparatus and stored in separate television scan line stores (38a, 38b). The stored luminance and chrominance information is read out from their respective stores at a frequency corresponding to a desired format or standard to create the television signal. The signal may be simultaneously encrypted or decrypted by delaying the time at which the luminance and/or chrominance information is read out in accordance with an encryption or decryption key.

Is the data encryption standard a group

Abstract: The Data Encryption Standard (DES) defines an indexed set of permutations acting on the message space M = {0, l}64. If this set of permutations were closed under functional composition, then DES would be vulnerable to a known-plaintext attack that runs in 228 steps, on the average. It is unknown in the open literature whether or not DES has this weakness.We describe two statistical tests for determining if an indexed set of permutations acting on a finite message space forms a group under functional composition. The first test is a "meet-in-the-middle" algorithm which uses O[?K) time and space, where K is the size of the key space. The second test, a novel cycling algorithm, uses the same amount of time but only a small constant amount of space. Each test yields a known-plaintext attack against any finite, deterministic cryptosystem that generates a small group.The cycling test takes a pseudo-random walk in the message space until a cycle is detected. For each step of the pseudo-random walk, the previous ciphertext is encrypted under a key chosen by a pseudo-random function of the previous ciphertext. Results of the test are asymmetrical: long cycles are overwhelming evidence that the set of permutations is not a group; short cycles are strong evidence that the set of permutations has a structure different from that expected from a set of randomly chosen permutations.Using a combination of software and special-purpose hardware, we applied the cycling test to DES. Our experiments show, with a high degree of confidence, that DES is not a group.

Encryption/decryption system

Abstract: An encryption/decryption system for a communication channel in­creases the number of values for the encryption key variable without increasing the length of a cipher feedback register. This is done by providing a selector (13) to select one from many local and prestored keys for each frame. The transmitting end has a first storage register (12), a first memory (22), a first selector (13), and an encrypting circuit (10). The encrypting circuit combines a randomized signal with the input signal to form an encrypted signal. As cipher feedback, the first storage register (12) provides bits of the encrypted signal as addresses to the first memory (22), which outputs corresponding random numbers. The first selector (13) selects from the random number data to form the coding randomized signal fed to the encrypting circuit. The receiving end has a second storage register, a second memory, a second selector, and a digital signal decoding circuit. The second storage register stores bits of a received encrypted signal and outputs them in parallel as addresses. The second memory receives these address­es and outputs corresponding random numbers. To enable decoding, the working and stored contents of the first and second memories are identical. The second selector, operating the same way that the first operates, selects from the identical random number data to form a decoding randomized signal. The decoding circuit combines the received encrypted signal with the decoding random­ized signal to reproduce the input digital signal.

A 128K EPROM using encryption of pseudorandom numbers to enable read access

Abstract: A 128K EPROM with a pseudorandom number generator and encryption circuits has been produced to provide a barrier to software piracy and to prevent unauthorized access to computers. The EPROM, known as the Keyed-Access EPROM, is capable of locking its array so that unauthorized users cannot read its contents. An authentication handshake is used to ensure that only authorized legitimate users can open and read the information that is stored in the memory. This unlocking process uses an on-chip pseudorandom number generator, encryption circuitry, and a 64-bit secret key. The security provided by this novel integrated circuit is shown to be effective. The circuit design of the pseudorandom number generator and the encryption circuitry is explained in detail. Several examples of applications are given.

Apparatus and method for effecting a key change via a cryptographically protected link

Abstract: Messages sent from an earth station to a satellite by a command link are authenticated within the satellite before being executed. Authentication is accomplished by comparing a codeword appended to the message to a codeword generated within the satellite. This codeword is a cryptographic function of the message data and a secret operating key. A key change command from the earth station causes the satellite authenticator to generate a new operating key based a secret master key, a supplemental private code, and a publicly available initialization vector. The codeword appended to the key change command is encrypted in the new key and, if it agrees with a codeword generated by the satellite authenticator, the new key becomes the operating key and the key change function is complete.

Arrangement for and method of protecting private security codes from unauthorized disclosure

Abstract: A private security code used for rendering microprocessor-based electronic equipment operational need not be selected or remembered by the user of the equipment. Instead, an authorized service center generates the private security code needed to re-enable disabled equipment. The equipment includes a built-in microprocessor for executing a program stored in internal memory, a random number generator for generating an unpredictable code, and a display for displaying the unpredictable code. The microprocessor also executes an encryption routine for encrypting the unpredictable code and storing the encrypted code in the internal memory protected from exterior interrogation. The service center generates the same encrypted code in response to knowledge of the displayed unpredictable code. Entry of the same encrypted code via a keyboard into the disabled equipment re-enables the same.

Advances in array languages

Abstract: The construction of the public key cryptosystems for picture languages opens up a new vista of applications for array grammars. We note that by extending the concept of codes to arrays, the unambiguity requirement may be removed provided we use array codes for encryption.

The importance of “good” key scheduling schemes (how to make a secure DES scheme with ≤48 bits keys?)

Abstract: In DES the key scheduling scheme uses mainly shift registers. By modifying this key scheduling, conventional cryptosystems can be designed which are, e.g., strong against exhaustive key search attacks (without increasing the key size), or have public key like properties. Other effects obtainable by modifying the key scheduling and their importance are discussed.

Authentication protocols for computer networks: I

Abstract: Specifications of encryption-based protocols using conventional and public-key encryption schemes are discussed for authentication of users or systems in a computer network environment. The protocols treat a sender and a receiver symmetrically and make no assumption about any specific time ordering of events. We apply state machine modeling and analysis techniques to determine important properties of these protocols including completeness, deadlock freeness, livelock or tempo-blocking freeness, termination, boundedness, and absence of non-executable interactions.

Personal identification encryptor system and method

Abstract: An inexpensive encryption device, system and method includes coded alphanumeric characters preprinted according to different key codes or mail-out forms that can be manipulated by a prospective user to yield encrypted data that can be returned over unsecure transmission channels for secure decryption by the operator of a computer-secured operating system.

Encryption methods based on combinatorial designs

Abstract: We explore the use of some combinatorial designs for possible use as secret codes. We are motivated to use designs as (1) combinatorial designs are often hard to find, (2) the algorithms for encryption ond decryption are of reasonable length, (3) combinatorial designs have very large numbers of designs in each equivalence class lending themselves readily to selection using a secret key. Disciplines Physical Sciences and Mathematics Publication Details Sarvate, DG and Seberry, J, Encryption methods based on combinatorial designs Ars Combinatoria, 21A, 1986, 237-246. This journal article is available at Research Online: http://ro.uow.edu.au/infopapers/1019 Encryption Methods Bllsed on Combinlltorilll Designs Dinesh G. Sarvate and Jennifer Seberry Ba3:ser Department of COmputer Sciera , UnlYe"Hy of Sydney NSW,2006, Australia.