121 results about "Cryptography protocols" patented technology

The present invention pertains to improved communication quality and security of transmission in cellular communication networks. A customer has the option to pay different fees for different tiers of service relating to voice quality, bandwidth access, and different tiers of service relating to communications security. Higher tiers may guarantee a specific vocoder or bit rate is used, or guarantee a specific encryption protocol is use to ensure secure communications. Different tiers may be associated with customers' records for billing purposes. The network may afford high end devices higher voice quality and/or security via a lookup table indicating what level of service is associated with a given device. Calling or receiving devices may negotiate with each other to change to a more robust vocoder or bit rate to ensure a higher quality and/or security. Furthermore, the user may opt to change the quality and/or security level before or during a call.

A wireless ATM system (30) comprises one or more wireless ATMs (32, 34, 36) that are operative to wirelessly communicate with a wireless ATM server (38). The wireless ATMs each include a wireless network interface (41). The wireless ATM server includes a corresponding wireless access point or wireless hub (40). Wireless transmission between the wireless ATMs and wireless ATM server is secured with a wireless encryption protocol. The wireless ATM server is operative to communicate with at least one host banking system (46) through at least one public or private network (44). The wireless ATM server is operative to route transaction and event messages between the host banking system and each of the wireless ATMs using a message gateway router (43). The wireless ATM server further includes a firewall (42).

A system and method to send a secure message from a sender to a recipient using strong encryption protocols without the need for the recipient to create a public/private key pair and by using a third party to appropriately identify the recipient without revealing actual identification information to the third party. Upon successful identification, the third party is able to provide a recipient with information that enables recipient to create and use the actual decryption key without revealing the actual decryption key to the third party.

A method and system for secure communications in a mobile commerce system having a pre-defined communications protocol. The method and system are backward compatible, providing reader configured to distinguish between a first type of transponder using an unencrypted protocol and a second type of transponder using an encrypted protocol. The reader determines the type of transponder and alters its communications protocol accordingly. The encrypted protocol provides for encrypted communications within the constraints of the existing pre-defined communications protocol.

A “Wi-Fi Multicaster” provides a practical and efficient Wi-Fi multicast system for environments having potentially large numbers of Wi-Fi clients. Significantly, the Wi-Fi Multicaster does not require any changes to the 802.11 protocol, or to the underlying Wi-Fi infrastructure. In various embodiments, the Wi-Fi Multicaster uses pseudo-broadcast, and augments it with destination control, association control and optional proactive FEC (forward error correction) to improve multicast performance. More specifically, the Wi-Fi Multicaster system converts multicast packets to targeted unicast transmissions. To minimize the amount of airtime consumed, the Wi-Fi Multicaster uses destination control in combination with various algorithms for association control. Further, in various embodiments, the Wi-Fi Multicaster includes an adaptive, proactive FEC scheme to reduce overall packet losses. Finally, to overcome the challenges posed by encryption protocols such as 802.1x, the Wi-Fi Multicaster uses a “virtual multicast interface” that allows clients to “share” a common key for each multicast.

A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files. The library and information delivery system comprises: 1) a library server having a plurality of digital information files; 2) a client computer system coupled to the library server over a network; and 3) a mobile device removably connectable to the client computer system, the client computer system including logic for requesting a download of a selected one or more of the digital information files from the library server, the client computer system further including logic for downloading the selected one or more of the digital information files to the mobile device.

A computer network based digital information library system employing authentication and encryption protocols for the secure transfer of digital information library programs to a client computer system and a mobile digital information playback device removably connectable to the client computer system. The present invention is a computer network based library and information delivery system for accessing and obtaining selected digital information files. The library and information delivery system comprises: 1) a library server having a plurality of digital information files; 2) a client computer system coupled to the library server over a network; and 3) a mobile device removably connectable to the client computer system, the client computer system including logic for requesting a download of a selected one or more of the digital information files from the library server, the client computer system further including logic for downloading the selected one or more of the digital information files to the mobile device.

A pre-computation and dual-pass modular operation approach to implement encryption protocols efficiently in electronic integrated circuits is disclosed. An encrypted electronic message is received and another electronic message generated based on the encryption protocol. Two passes of Montgomery's method are used for a modular operation that is associated with the encryption protocol along with pre-computation of a constant based on a modulus. The modular operation may be a modular multiplication or a modular exponentiation. Modular arithmetic may be performed using the residue number system (RNS) and two RNS bases with conversions between the two RNS bases. A minimal number of register files are used for the computations along with an array of multiplier circuits and an array of modular reduction circuits. The approach described allows for high throughput for large encryption keys with a relatively small number of logical gates.

Novel system and methodology for protecting privacy of a computer device's user. A privacy protection device interacts with the computer device to enable the user to operate in multiple private modes. The system involves a data storage coupled to the privacy protection device, via a secure link, such as a Secure Sockets Layer (SSL) tunnel that provides an encryption protocol. The data storage is divided into multiple storage sections corresponding to the multiple private modes. Each section is configured for storing encrypted data supporting a particular private mode. The privacy protection device enables the user to set a selected private mode and runs software applications that use the data from the storage section corresponding to the selected mode.

The invention relates to an authentication and access control method for a CAN (Controller Area Network) bus, which is characterized by particularly comprising the following steps of: (1) completing functional partitioning of a vehicle system, and defining each function as a logic functional region; (2) based on functional partitioning of the vehicle system in the step (1), partitioning nodes of the vehicle system into each logic functional region according to functions to which the nodes belong; (3) based on partitioning of each node logic functional region in the step (2), allocating a secret key to each logic functional region; (4) based on each secret key in the step (3), generating a session secret key of the corresponding logic functional region after a vehicle is started up every time; (5) based on each session secret key in the step (4), completing authentication and encryption of CAN data, and based on each secret key in the step (3), implementing secret key resetting on updated nodes. According to the authentication and access control method disclosed by the invention, based on a cryptography technology, a node authentication and encryption protocol of the CAN bus is constructed by utilizing a cryptographic algorithm, and resource access control on the integral CAN bus is implemented.

The invention relates to the technical field of security of computer networks, in particular to a realization method for reasonable construction and correct parse of a communication data package based on an alarm system. Fixed-length data package header identification is used as data package feature identification, the length of a fixed-length data package is set at the rear of the data package header identification, the system can parse the finial size of the package according to the length of the data package after receiving data and then parse out the whole data package, and the size of the whole package can be known without traversing to the end of the package. A coding scheme of abstract syntax markup is used for coding to divide the data into the operation type of Cmd and the operation content of Value, wherein Key corresponds to the header of data package, Length corresponds to the data length, Cmd and Value both correspond to the data, Key, Length, Cmd and Value are coded through the coding and the decoding rule to form a bit stream data package, and the data content is encrypted and decrypted through a special encryption protocol. The security and the transmission speed are obviously promoted.

The invention relates to a system for updating web data which comprises a web server, a communication server and an instant messaging client side, wherein the web server is used for recording update information and transmits the update information to the communication server; the communication server receives and processes the update information, and transmits processed update information to the instant messaging client side through an encryption protocol connected with the communication server; and the instant messaging client side receives the processed update information, obtains control information and updated content information according to the processed update information, and conducts web update operation according to the control information and the updated content information. In addition, the invention relates to a method for updating the web data. By the system and the method, the pressure on a server and network bandwidth is reduced, the updating response of web at the instant massaging client side is fast, the operation is simple, a complicated webpage is avoided, and the property is good.

The present invention relates to a multiple encrypting method, for encrypting a file and/or a protocol and generating encryption keys. Comprising the steps of: uploading at least one of a file and a protocol by a file uploading unit; generating random numbers by a random number generation unit; arranging the random numbers to form at least one key and at least one initialization vector respectively by a key generation unit and an initialization vector generation unit; encrypting the file and/or the protocol from the file uploading unit via using AES encryption by an encryption unit, so as to generate an encrypted file and/or an encrypted protocol; saving the key and the initialization vector respectively in a first storage unit and a second storage unit; Repeating the above steps at least one time.

The invention discloses a network protocol identification method and system based on semi-supervised learning, relating to the technical field of network safety. The method comprises the following steps of: training a plurality of classifiers based on a semi-supervised learning method; carrying out split-flow treatment on a network flow rate to be identified, and counting a single flow to be identified, which is obtained by the split-flow treatment, so as to obtain length information of a pre-set quantity of network packets in each single flow to be identified; and utilizing the classifiers to carry out protocol identification on the single flow to be identified according to the length information of the pre-set quantity of the network packets in the single flow to be identified. According to the network protocol identification method and system based on the semi-supervised learning, disclosed by the invention, a semi-supervised machine learning method is introduced into the protocol identification, namely that less calibrated sample information is used and a lot of unlabelled information is sufficiently utilized, so that the classification performance and the practical expansibility are met simultaneously; and the network protocol identification method and system have higher identification accuracy and higher identification speed, and can identify an encrypted protocol without depending on a lot of calibration data sets.

The embodiment of the invention provides an application identification method and device. The method comprises the following steps: a service message is received, wherein the service message carries a network protocol IP address of an application server; according to the mapping relation between the IP address of the application server and a domain name, a target domain name corresponding to the IP address of the application server is determined; according to the preset mapping relation between an application and the domain name, the application corresponding to the target domain name is determined. According to the IP address of the application server carried in the service message, the mapping relation between the IP address of the application server and the domain name and the mapping relation between the application and the domain name, the application corresponding to the IP address of the application server is determined, and therefore the application identification method and device realize application identification for communication adopting a proprietary protocol or an encryption protocol.

The correctness of an exponentiation operation or other type of operation associated with a multi-party cryptographic protocol is verified using first and second proofs based on a randomized instance of the operation. A prover generates signals corresponding to information representative of the first and second proofs based on the randomized instance. The first proof is a so-called “blinded” proof that the operation has been correctly performed, configured so as to prevent leaks of information relating to the cryptographic protocol. The second proof is a proof that the first proof has been correctly performed by the prover. The proof information signals are transmitted from the prover to a verifier, and the verifier uses the signals to determine if the operation associated with the cryptographic protocol is valid. For example, the verifier in an illustrative embodiment generates an indication that the operation was correctly performed if the first and second proofs are acceptable to the verifier, generates an indication that the operation was not correctly performed if the first proof is not acceptable but the second proof is acceptable, and generates an indication of a cheating prover if the second proof is not acceptable. The verification protocol can be used in applications in which the prover is distributed across a number of different machines.