scispace - formally typeset
Search or ask a question

Showing papers on "Encryption published in 1998"


Journal ArticleDOI
TL;DR: Methods are shown how to adapt invertible two-dimensional chaotic maps on a torus or on a square to create new symmetric block encryption schemes to encrypt an N×N image.
Abstract: In this paper, methods are shown how to adapt invertible two-dimensional chaotic maps on a torus or on a square to create new symmetric block encryption schemes. A chaotic map is first generalized by introducing parameters and then discretized to a finite square lattice of points which represent pixels or some other data items. Although the discretized map is a permutation and thus cannot be chaotic, it shares certain properties with its continuous counterpart as long as the number of iterations remains small. The discretized map is further extended to three dimensions and composed with a simple diffusion mechanism. As a result, a symmetric block product encryption scheme is obtained. To encrypt an N×N image, the ciphering map is iteratively applied to the image. The construction of the cipher and its security is explained with the two-dimensional Baker map. It is shown that the permutations induced by the Baker map behave as typical random permutations. Computer simulations indicate that the cipher has g...

1,654 citations


Patent
13 Aug 1998
TL;DR: In this article, the authors describe a method and apparatus of securely providing data to a user's system, where the data is encrypted so as to only be decryptable by a data decrypting key.
Abstract: Disclosed is a method and apparatus of securely providing data to a user's system. The data is encrypted so as to only be decryptable by a data decrypting key, the data decrypting key being encrypted using a first public key, and the encrypted data being accessible to the user's system, the method comprising the steps of: transferring the encrypted data decrypting key to a clearing house that possesses a first private key, which corresponds to the first public key; decrypting the data decrypting key using the first private key; re-encrypting the data decrypting key using a second public key; transferring the re-encrypted data decrypting key to the user's system, the user's system possessing a second private key, which corresponds to the second public key; and decrypting the re-encrypted data decrypting key using the second private key.

1,610 citations


Book ChapterDOI
31 May 1998
TL;DR: A definition of protocol divertibility is given that applies to arbitrary 2-party protocols and is compatible with Okamoto and Ohta's definition in the case of interactive zero-knowledge proofs and generalizes to cover several protocols not normally associated with divertibility.
Abstract: First, we introduce the notion of divertibility as a protocol property as opposed to the existing notion as a language property (see Okamoto, Ohta [OO90]) We give a definition of protocol divertibility that applies to arbitrary 2-party protocols and is compatible with Okamoto and Ohta's definition in the case of interactive zero-knowledge proofs Other important examples falling under the new definition are blind signature protocols We propose a sufficiency criterion for divertibility that is satisfied by many existing protocols and which, surprisingly, generalizes to cover several protocols not normally associated with divertibility (eg, Diffie-Hellman key exchange) Next, we introduce atomic proxy cryptography, in which an atomic proxy function, in conjunction with a public proxy key, converts ciphertexts (messages or signatures) for one key into ciphertexts for another Proxy keys, once generated, may be made public and proxy functions applied in untrusted environments We present atomic proxy functions for discrete-log-based encryption, identification, and signature schemes It is not clear whether atomic proxy functions exist in general for all public-key cryptosystems Finally, we discuss the relationship between divertibility and proxy cryptography

1,533 citations


Journal ArticleDOI
TL;DR: It is shown that public key information hiding systems exist, and are not necessarily constrained to the case where the warden is passive, and the use of parity checks to amplify covertness and provide public key steganography.
Abstract: In this paper, we clarify what steganography is and what it can do. We contrast it with the related disciplines of cryptography and traffic security, present a unified terminology agreed at the first international workshop on the subject, and outline a number of approaches-many of them developed to hide encrypted copyright marks or serial numbers in digital audio or video. We then present a number of attacks, some new, on such information hiding schemes. This leads to a discussion of the formidable obstacles that lie in the way of a general theory of information hiding systems (in the sense that Shannon gave us a general theory of secrecy systems). However, theoretical considerations lead to ideas of practical value, such as the use of parity checks to amplify covertness and provide public key steganography. Finally, we show that public key information hiding systems exist, and are not necessarily constrained to the case where the warden is passive.

1,270 citations


Journal ArticleDOI
TL;DR: Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions, which are based on ordinary predicate calculus and copes with infinite-state systems.
Abstract: Informal arguments that cryptographic protocols are secure can be made rigorous using inductive definitions. The approach is based on ordinary predicate calculus and copes with infinite-state systems. Proofs are generated using Isabelle/HOL. The human effort required to analyze a protocol can be as little as a week or two, yielding a proof script that takes a few minutes to run. Protocols are inductively defined as sets of traces. A trace is a list of communication events, perhaps comprising many interleaved protocol runs. Protocol descriptions incorporate attacks and accidental losses. The model spy knows some private keys and can forge messages using components decrypted from previous traffic. Three protocols are analyzed below: Otway-Rees (which uses shared-key encryption), Needham-Schroeder (which uses public-key encryption), and a recursive protocol (Bull and Otway, 1997) (which is of variable length). One can prove that event ev always precedes event ev' or that property P holds provided X remains secret. Properties can be proved from the viewpoint of the various principals: say, if A receives a final message from B then the session key it conveys is good.

997 citations


Book ChapterDOI
31 May 1998
TL;DR: In this paper, the authors proposed a probabilistic public-key cryptosystem which is provably secure under the p-subgroup assumption, which is comparable to the quadratic residue and higher degree residue assumptions.
Abstract: This paper proposes a novel public-key cryptosystem, which is practical, provably secure and has some other interesting properties as follows: 1. Its trapdoor technique is essentially different from any other previous schemes including RSA-Rabin and Diffie-Hellman. 2. It is a probabilistic encryption scheme. 3. It can be proven to be as secure as the intractability of factoring n = p2q (in the sense of the security of the whole plaintext) against passive adversaries. 4. It is semantically secure under the p-subgroup assumption, which is comparable to the quadratic residue and higher degree residue assumptions. 5. Under the most practical environment, the encryption and decryption speeds of our scheme are comparable to (around twice slower than) those of elliptic curve cryptosystems. 6. It has a homomorphic property: E(m0, r0)E(m1, r1) mod n = E(@#@ m0 + m1, r2), where E(m, r) means a ciphertext of plaintext m as randomized by r and m0+ m1 < p. 7. Anyone can change a ciphertext, C = E(m, r), into another ciphertext, C′ = Chr' mod n, while preserving plaintext of C (i.e., C′ = E(m,r″)), and the relationship between C and C′ can be concealed.

740 citations


Journal ArticleDOI
TL;DR: It is argued that steganography by itself does not ensure secrecy, but neither does simple encryption, and if these methods are combined, however, stronger encryption methods result.
Abstract: Steganography is the art of hiding information in ways that prevent the detection of hidden messages. It includes a vast array of secret communications methods that conceal the message's very existence. These methods include invisible inks, microdots, character arrangement, digital signatures, covert channels, and spread spectrum communications. Steganography and cryptography are cousins in the spycraft family: cryptography scrambles a message so it cannot be understood while steganography hides the message so it cannot be seen. In this article the authors discuss image files and how to hide information in them, and discuss results obtained from evaluating available steganographic software. They argue that steganography by itself does not ensure secrecy, but neither does simple encryption. If these methods are combined, however, stronger encryption methods result. If an encrypted message is intercepted, the interceptor knows the text is an encrypted message. But with steganography, the interceptor may not know that a hidden message even exists. For a brief look at how steganography evolved, there is included a sidebar titled "Steganography: Some History."

644 citations


Patent
Charles E. Narad1, Kevin Fall1, Neil MacAvoy1, Pradip Shankar1, Leonard M. Rand1, Jerry J. Hall1 
15 Jun 1998
TL;DR: In this article, a general-purpose programmable packet-processing platform for accelerating network infrastructure applications which have been structured so as to separate the stages of classification and action is presented, where a language interface is defined for specifying both stateless and stateful classification of packets and to associate actions with classification results.
Abstract: The present invention relates to a general-purpose programmable packet-processing platform for accelerating network infrastructure applications which have been structured so as to separate the stages of classification and action. Network packet classification, execution of actions upon those packets, management of buffer flow, encryption services, and management of Network Interface Controllers are accelerated through the use of a multiplicity of specialized modules. A language interface is defined for specifying both stateless and stateful classification of packets and to associate actions with classification results in order to efficiently utilize these specialized modules.

490 citations


01 Jan 1998
TL;DR: A new block cipher is proposed that uses S-boxes similar to those of DES in a new structure that simultaneously allows a more rapid avalanche, a more efficient bitslice implementation, and an easy analysis that enables it to be more secure than three-key triple-DES.
Abstract: We propose a new block cipher as a candidate for the Advanced Encryption Standard. Its design is highly conservative, yet still allows a very efficient implementation. It uses S-boxes similar to those of DES in a new structure that simultaneously allows a more rapid avalanche, a more efficient bitslice implementation, and an easy analysis that enables us to demonstrate its security against all known types of attack. With a 128-bit block size and a 256-bit key, it is as fast as DES on the market leading Intel Pentium/MMX platforms (and at least as fast on many others); yet we believe it to be more secure than three-key triple-DES.

433 citations


Book ChapterDOI
05 Feb 1998
TL;DR: It is shown directly that the decision Diffie-Hellman assumption implies the security of the original ElGamal encryption scheme (with messages from a subgroup) without modification.
Abstract: The ElGamal encryption scheme has been proposed several years ago and is one of the few probabilistic encryption schemes. However, its security has never been concretely proven based on clearly understood and accepted primitives. Here we show directly that the decision Diffie-Hellman assumption implies the security of the original ElGamal encryption scheme (with messages from a subgroup) without modification. In addition, we show that the opposite direction holds, i.e., the semantic security of the ElGamal encryption is actually equivalent to the decision Diffie-Hellman problem. We also present an exact analysis of the efficiency of the reduction.

395 citations


Proceedings ArticleDOI
01 Nov 1998
TL;DR: The probabilistic version of the scheme is an homomorphic encryption scheme whose expansion rate is much better than previously proposed such systems and has se- mantic security, relative to the hardness of computing higher residues for suitable moduli.
Abstract: This paper describes a new public-key cryptosystem based on the hardness of computing higher residues modulo a composite RSA integer. We introduce two versions of our scheme, one deterministic and the other probabilistic. The deterministic version is practically oriented: encryption amounts to a single exponentiation w.r.t. a modulus with at least 768 bits and a 160-bit exponent. Decryption can be suitably opti- mized so as to become less demanding than a couple RSA decryptions. Although slower than RSA, the new scheme is still reasonably compet- itive and has several specific applications. The probabilistic version ex- hibits an homomorphic encryption scheme whose expansion rate is much better than previously proposed such systems. Furthermore, it has se- mantic security, relative to the hardness of computing higher residues for suitable moduli.

Proceedings Article
01 Jan 1998
TL;DR: In this article, the authors take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the schemes that result from implementing the random oracle by so called ''cryptographic hash functions''.
Abstract: We take a critical look at the relationship between the security of cryptographic schemes in the Random Oracle Model, and the security of the schemes that result from implementing the random oracle by so called \cryptographic hash functions". The main result of this paper is a negative one: There exist signature and encryption schemes that are secure in the Random Oracle Model, but for which any implementation of the random oracle results in insecure schemes. In the process of devising the above schemes, we consider possible denitions for the notion of a \good implementation" of a random oracle, pointing out limitations and challenges.

Proceedings ArticleDOI
03 May 1998
TL;DR: The protocols presented here are the first exchange protocols which use offline TTP and at the same time guarantee true fair exchange of digital messages and introduce a novel cryptographic primitive, called the Certificate of Encrypted Message Being a Signature (CEMBS), as the basic building block of the fair exchange protocols.
Abstract: We present protocols for fair exchange of electronic data (digital signatures, payment and confidential data) between two parties A and B. Novel properties of the proposed protocols include: 1) offline trusted third party (TTP), i.e., TTP does not take part in the exchange unless one of the parties behaves improperly; 2) only three message exchanges are required in the normal situation; 3) true fair exchange, i.e., either A and B obtain each other's data or no party receives anything useful; no loss can be incurred to a party no matter how maliciously the other party behaves during the exchange. This last property is in contrast to previously proposed protocols with offline TTP ([1] and [21]), where a misbehaving party may get another party's data while refusing to send his document to the other party, and the TTP can provide affidavits attesting to what happened during the exchange. To our knowledge, the protocols presented here are the first exchange protocols which use offline TTP and at the same time guarantee true fair exchange of digital messages. We introduce a novel cryptographic primitive, called the Certificate of Encrypted Message Being a Signature (CEMBS), as the basic building block of the fair exchange protocols. It is used to prove that an encrypted message is a certain party's signature on a public file, without revealing the signature. We also give two examples to show in detail how the certificate can be constructed.

Proceedings ArticleDOI
01 Sep 1998
TL;DR: A novel MPEG Video Encryption Algorithm, called VEA, to use a secret key randomly changing the sign bits of all of the DCT coefficients of MPEG video to secure video-on-demand, tideo conferencing and video email applications is presented.
Abstract: Multimedia data secmity is important for multimedia commerce. Previous cryptography studies have focused on text data. The encryption algorithms devdoped to secure text data may not be suitable to multimedia applications becattse of large data sizes and real time constraint. For multimedia applications, light weight encryption algorithms are attractive. We present a novel MPEG Video Encryption Algorithm, called VEA The basic idea of VEA is to use a secret key randomly changing the sign bits of all of the DCT coefficients of MPEG video. VEA’S encryption effects are achieved by the IDCT during MPEG video decompression processing. VEA adds minimum overhead to MPEG codecj one Mm&e XOR operation to each none zero DCT coefficient. A software implementation of VEA is fast enough to meet the real time requirement of MPEG video applications. Our experimental results show that VEA achieves satisfying results. We believe that it can be used to secure video-on-demand, tideo conferencing and video email applications.

Patent
Howard C. Herbert1, Derek L. Davis1
30 Apr 1998
TL;DR: In this article, a method and system for maintaining integrity and confidentiality of pages paged to an external storage unit from a physically secure environment is presented, which takes the form of taking a one-way hash of the page using a well-known oneway hash function.
Abstract: A method and system for maintaining integrity and confidentiality of pages paged to an external storage unit from a physically secure environment. An outgoing page is selected to be exported from a physically secure environment to an insecure environment. An integrity check value is generated and stored for the outgoing page. In one embodiment, this takes the form of taking a one-way hash of the page using a well-known one-way hash function. The outgoing page is then encrypted using a cryptographically strong encryption algorithm. Among the algorithms that might be used in one embodiment of the invention are IDEA and DES. The encrypted outgoing page is then exported to the external storage. By virtue of the encryption and integrity check, the security of the data on the outgoing page is maintained in the insecure environment.

Proceedings ArticleDOI
03 May 1998
TL;DR: This paper conceptualizes the specific cryptographic problems posed by mobile code, and it is able to provide a solution for some of these problems, and presents techniques to achieve "non-interactive evaluation with encrypted functions" in certain cases.
Abstract: Mobile code technology has become a driving force for recent advances in distributed systems. The concept of the mobility of executable code raises major security problems. In this paper, we deal with the protection of mobile code from possibly malicious hosts. We conceptualize the specific cryptographic problems posed by mobile code, and we are able to provide a solution for some of these problems. We present techniques to achieve "non-interactive evaluation with encrypted functions" in certain cases and give a complete solution for this problem in important instances. We further present a way in which an agent might securely perform a cryptographic primitive-digital signing-in an untrusted execution environment. Our results are based on the use of homomorphic encryption schemes and function composition techniques.

Patent
29 May 1998
TL;DR: In this paper, a protocol for securely transmitting a message between a wireless client and a proxy server is presented, where the message includes at least one packet of data and is encrypted using a data encryption key.
Abstract: A communications system and methods for securely transmitting a message between a wireless client and a proxy server are provided. A method for transmitting a message from the wireless client to a proxy server is provided. The message includes at least one packet of data and is encrypted using a data encryption key. The data encryption key is encrypted using a proxy server public key prior to sending the encrypted data encryption key to the proxy server. A method for transmitting a message from the proxy server to the wireless client is also provided. The proxy server recovers the data encryption key using the proxy server private key corresponding to the proxy server public key. The proxy server encrypts the message using the data encryption key and transmits the encrypted message to the wireless client. A communications system for secure communications comprising a source of data, a proxy server and a wireless client is also provided. Each transaction in the communications system comprises at least one request message and at least one response message. For each transaction, the wireless client encrypts a data encryption key using a proxy server public key. Messages exchanged between the wireless client and the proxy server are encrypted using the transaction specific data encryption key.

Patent
05 Jun 1998
TL;DR: In this paper, the authors proposed a method for identifying a purchaser who purchased content from which an illegal copy was produced by using a watermarking scheme to identify the buyer who purchased the content from the source of the illegal copy.
Abstract: This invention provides a method for identifying a purchaser who purchased content from which an illegal copy was produced. A provider system encrypts a content purchased by the purchaser using a public key of a purchaser system and sends the encrypted content to the purchaser system. The purchaser system creates a digital signature of the content with the use of a private key of its own and embeds the created digital signature into the received content. When an illegal copy is found, the provider system verifies the digital signature, embedded in the illegal copy as a digital watermark, to identify the purchaser who purchased the content from which the illegal copy was produced.

Journal ArticleDOI
TL;DR: Five representative MPEG encryption algorithms are described, evaluated, and compared with respect to not only their encryption speed metric, but also their security level and stream size metrics, to show that there are trade-offs among these metrics.

Patent
Derek L. Davis1
14 Aug 1998
TL;DR: Secure Video Content Processor (SVCP) as discussed by the authors uses hardware envelopes to prevent unauthorized access to the decrypted digital stream when a need arises to transmit digital data outside the hardware envelope, the digital data is encrypted and then decrypted when it re-enters a hardware protected section of circuitry.
Abstract: A secure video content processor ("SVCP") which receives encrypted digital video information and converts it into analog information for a monitor while preventing unauthorized access to the intermediate unencrypted digital data. The SVCP uses hardware envelopes to prevent unauthorized access to the decrypted digital stream. When a need arises to transmit digital data outside the hardware envelope, the digital data is encrypted and then decrypted when it re-enters a hardware protected section of circuitry.

Patent
22 Apr 1998
TL;DR: In this paper, the authors present a web browser with the capabilities to generate encryption keys, to encrypt and decrypt HTML forms, and to digitally sign and timestamp HTML forms and track each processed transaction through an audit trail.
Abstract: The financial transaction processing system includes at least one financial server connected through a public network to a number of users associated with client computers. Each user accesses the financial server through a web browser. The web browser is provided with the capabilities to generate encryption keys, to encrypt and decrypt HTML forms, and to digitally sign and timestamp HTML forms. The financial server transfers web pages including HTML forms representing financial transactions. The HTML forms contain extensions that specify the format of an incoming format and the format of a returned form. An HTML form can be transmitted in an encrypted format, in a format including a user's digital signature and timestamp, and in an encrypted format that contains the user's digital signature and timestamp. The financial server tracks each processed transaction through an audit trail including the user's account, the user's digital signature, the timestamp of the transaction, and the text of the transaction.

Patent
16 Sep 1998
TL;DR: A secure communication platform on an integrated circuit is a highly integrated security processor which incorporates a general purpose digital signal processor (DSP) (62), along with a number of high performance cryptographic function elements, as well as a PCI and PCMCIA (14) interface as mentioned in this paper.
Abstract: A secure communication platform on an integrated circuit is a highly integrated security processor which incorporates a general purpose digital signal processor (DSP) (62), along with a number of high performance cryptographic function elements, as well as a PCI and PCMCIA (14) interface. The secure communications platform is integrated with an off-the-shelf DSP so that a vendor who is interested in digital signal processing could also receive built-in security functions which cooperate with the DSP. The integrated circuit includes a callable library of cryptographic commands and encryption algorithms. An encryption processor is included to perform key and data encryption, as well as a high performance hash processor and a public key accelerator (28).

Proceedings ArticleDOI
TL;DR: In this paper, the consistency of the output pattern and the security of the filter function are discussed, and the two topics discussed in this paper are the consistency and security of filter function.
Abstract: Biometric EncryptionTM is an algorithm which has been developed to securely link and retrieve a digital key using the interaction of a biometric image, such as a fingerprint, with a secure block of data, known as a BioscryptTM. The key can be used, for example, as an encryption/decryption key. The BioscryptTM comprises a filter function, which is calculated using an image processing algorithm, and other information which is required to first retrieve, and then verify the validity of, the key. The key is retrieved using information from an output pattern formed via the interaction of the biometric image with the filter function. Therefore, the filter function must be designed so that it produces a consistent output pattern (and thus, key). The filter function must also be designed to be secure (i.e. information about the fingerprint cannot be retrieved from the filter function). The consistency of the output pattern and the security of the filter function are the two topics discussed in this paper.© (1998) COPYRIGHT SPIE--The International Society for Optical Engineering. Downloading of the abstract is permitted for personal use only.

Proceedings ArticleDOI
04 Oct 1998
TL;DR: A scheme for authenticating the visual content of digital images is proposed, robust to compression noise, but will detect deliberate manipulation of the image-data.
Abstract: It is straightforward to apply general schemes for authenticating digital data to the problem of authenticating digital images. However, such a scheme would not authenticate images that have undergone lossy compression, even though they may not have been manipulated otherwise. We propose a scheme for authenticating the visual content of digital images. This scheme is robust to compression noise, but will detect deliberate manipulation of the image-data. The proposed scheme is based on the extraction of feature-points from the image. These feature-points are defined so as to be relatively unaffected by lossy compression. The set of feature-points from a given image is encrypted using public key encryption, to generate the digital signature of the image. Authenticity is verified by comparing the feature-points of the image in question, with those recovered from the previously computed digital signature.

Journal ArticleDOI
TL;DR: This analysis shows that when compared with signaturethen-encryption on elliptic curves, signcryption on the curves represents a 58%saving in computational cost and a 40% saving in communication overhead.

Patent
09 May 1998
TL;DR: In this paper, a method of accessing electronic resources via machine readable data embedded on a document which comprises compressing input data with a transmitter adapted to save a first bandwidth using a compression method adapted to minimize utilization of bandwidth by the compressed input data while retaining substantially all information content of the input data and appending a compression flag to the compressed inputs indicative of the compression method enabling a receiver to decompress the compressed data.
Abstract: A method of accessing electronic resources via machine readable data embedded on a document which comprises compressing input data with a transmitter adapted to save a first bandwidth using a compression method adapted to minimize utilization of bandwidth by the compressed input data while retaining substantially all information content of the input data and appending a compression flag to the compressed input data indicative of the compression method enabling a receiver to decompress the compressed input data. The compression step further comprises utilizing a compression dictionary adapted to map the elements and strings of the input data to minimized representations having redundancies deleted. The compression dictionary may be appended to the compressed input data (as cleartext or cyphertext) under circumstances where a bandwidth occupied by the appended compression dictionary is less than the bandwidth saved by the step of compressing the input data. The compression dictionary may also be selected by the receiver independently from the transmitter independently indexes, pointer registration, application restricted subsets or customized according to the input data content. Also the input data may be encrypted, and an encryption flag appended which is indicative of the encryption method enabling decryption via public or private key cryptosystems as well as utilizing various authentication techniques such as digital signatures to ensure that the document was created by a licensed user.

Book ChapterDOI
Markus Jakobsson1
31 May 1998
TL;DR: A robust and efficient mix-network for exponentiation is introduced, and it is used to obtain a threshold decryption mix- network for ElGamal encrypted messages, in which mix servers do not need to trust each other for the correctness of the result.
Abstract: We introduce a robust and efficient mix-network for exponentiation, and use it to obtain a threshold decryption mix-network for ElGamal encrypted messages, in which mix servers do not need to trust each other for the correctness of the result. If a subset of mix servers cheat, they will be caught with an overwhelming probability, and the decryption can restart after replacing them, in a fashion that is transparent to the participants providing the input to be decrypted. As long as a quorum is not controlled by an adversary, the privacy of the mix is guaranteed. Our solution is proved to be secure if a commonly used assumption, the Decision Diffie-Hellman assumption, holds.

Patent
28 Jan 1998
TL;DR: An information processing system providing archive/backup support with privacy assurances by encrypting data stored thereby Data generated on a source system is encrypted, the key used thereby is separately encrypted, and both the encrypted data and encrypted key are transmitted to and maintained by a data repository system as discussed by the authors.
Abstract: An information processing system providing archive/backup support with privacy assurances by encrypting data stored thereby Data generated on a source system is encrypted, the key used thereby is separately encrypted, and both the encrypted data and encrypted key are transmitted to and maintained by a data repository system The repository system receives only the encrypted data and key, while the source system retains the ability to recover the key and in turn, the data The source system is therefore assured of privacy and integrity of the archived data by retaining access control yet is relieved of the physical management of the warehousing medium

Patent
11 Mar 1998
TL;DR: In this article, a digital product is freely distributed through uncontrolled channels in encrypted form (108), security fragment(s) of the encrypted product are withheld (102), and provided only upon communication with license server (104).
Abstract: A digital product is freely distributed through uncontrolled channels in encrypted form (108). Security fragment(s) of the encrypted product are withheld (102), and provided only upon communication with license server (104). The customer uses reader software (106) to purchase a license. Such software (106) examines components then present on the reader system to develop a reader system signature, which the license server (106) uses to encrypt the product decryption key and the security fragments before sending them to the reader system. When the customer wishes to use the product, a new reader system signature is generated and used to decrypt the product fragments.

Patent
24 Sep 1998
TL;DR: In this article, a self-authenticating document is created by providing a one-way hash value in a symbol creation process, and then using a public key to decrypt data of the self-Authenticating document.
Abstract: A self-authenticating document is created by providing a one-way hash value in a symbol creation process, and then using a public key to decrypt data of the self-authenticating document. Raw data to be provided with the self-authenticating document is received, and an account digital signature key is retrieved and used to sign the raw data. A non-repudiation hash value from a previously-created self-authenticating document is utilized, and the raw data and the digital signature key is combined with the hash value to create a new hash value for the self-authenticating document. The hashed data is then encrypted, and any non-encrypted fields are merged in to create a full data packet. The full data packet is used to provide a self-authenticating symbol, such as a bar code label, on the self-authenticating document. The self-authenticating code is used during a document verification step to ensure that the document is genuine. The non-encrypted data within the self-authenticating code contains flags indicating which public key should be used to decrypt the encrypted data within the self-authenticating code. After decryption, a checksum is performed and compared against a checksum value stored in the decrypted portion of the self-authenticating code. If they match, and if a digital signature within the self-authenticating code is verified using an appropriate public key, the document is determined to be authentic.