1225 results about "Encryption decryption" patented technology

Improved techniques to partially encrypt media files are disclosed. The encryption serves to cryptographically secure only a portion of the media data within a media file, while the remaining portion of the media data is not cryptographically secured. Although only partial encryption is used, the portion being encrypted serves to substantially disrupt usefulness of other parts of the media file which are not encrypted. In other words, the partial encryption renders the media file substantially unusable by unauthorized users. In one embodiment, the partial encryption is performed by a host device and thereafter the partially encrypted media file is delivered to a client device. The client device, if authorized, can subsequently decrypt the partially encrypted media file and utilize (e.g., play) the media file. However, since the media files are only partially encrypted, the decryption is likewise also only partial, which makes decryption faster and less resource intensive.

Systems and methods for performing financial transactions are provided. In one embodiment, the invention provides for method for bank card transactions, including: reading the token information at the point of swipe for traditional and non-traditional POS platforms; performing a low-security task on the token information using a first microprocessor, wherein the non-security task includes one or more tasks from the group of encryption determination, encryption-decryption request, key management, token information delivery, or transactional data delivery; and performing a security-related task on the token information using a second microprocessor based on a request from the first microprocessor, wherein the security-related task includes one or more tasks from the group of token information authentication, token information decryption, or token information encryption. Formatting the encrypted information such that it is compatible with the format of the current POS system.

The present invention relates to the information protection of digital content transferred by streaming and download service through wire or wireless Internet network. The information protection system in this invention suggests a drastic prevention method of copyrights infringement such as illegal copy and unauthorized distribution of digital content, by using of the encryption, decryption, distribution, and authentication technologies. This invention suggests the control technology of general viewer program, not the specific viewer program for information protection, using a network filter driver for streaming and file system filter driver for download service. The main function of network and file system filter driver is the filtering operation such as a hooking, changing, decrypting, and restoring of message and data packet, and transferring to the viewer program. The main idea and technology of this invention suggest higher secure and efficient digital information protection system for live/VOD/HTTP streaming and download service.

Access to information or a document is secured by a central global positioning authority that evaluates access requests in accordance with predefined policies. One component of an access request includes location information regarding at least one of the requesting entity and location of the requested resource. Access is either allowed or denied as a function of at least the requesting entity, position information and the applicable policy or policies. An encryption/decryption scheme is implemented where the encryption key is a function of the resource's position.

A system for providing rights controlled access to digital media comprises a server data processor and a client data processor connected by a communications network. The user data processor provides access to a data object in accordance with rules associated with the data object by the server data processor. The client data processor comprises a machine key device and a user key device. The machine key device is preferably an installed component of the client data processor that provides encryption, decryption, and authentication functionality for the client data processor. The user key device is preferably a removable, portable device that connects to the client data processor and provides encryption, decryption, and authentication functionality for the user. A method restricts the use of a data object to a particular user and a particular data processor through the use of additional layers of encryption. The method preferably comprises encrypting a data object such that the it can be decrypted by the machine key device, and further encrypting the data object such that it can be decrypted by the user key device. A method restricts the use of a data object to a particular user and a particular data processor through the use of rules that require authentication of the machine key device and the user key device.

An encryption technique is disclosed for encrypting a data segment comprising a plurality of data blocks, wherein the security and throughput of the encryption is enhanced by using blockwise independent bit vectors for reversible combination with the data blocks prior to key encryption. Preferably, the blockwise independent bit vectors are derived from a data tag associated with the data segment. Several embodiments are disclosed for generating these blockwise independent bit vectors. In a preferred embodiment, the data tag comprises a logical block address (LBA) for the data segment. Also disclosed herein is a corresponding decryption technique as well as a corresponding symmetrical encryption/decryption technique.

The invention discloses a blockchain data processing method, device and system. The blockchain data processing method comprises that a first node identifies whether received block information needs privacy protection processing; if the received block information needs privacy protection processing, a secret key of a plaintext encryption algorithm is generated, the block information is encrypted by means of the plaintext encryption algorithm employing the secret key, and encrypted block information is generated; the secret key is encrypted in a stipulated way, a secret key ciphertext is generated, the stipulated way comprises an algorithm through which a second node associated with the first node in the first node and the blockchain encrypts and decrypts the secret key ciphertext according to a preset mode; and data including the encrypted block information and the secret key ciphertext is stored a corresponding block of the blockchain as blockchain data. According to each embodiment of the invention, information data stored in the blockchain can be encrypted, so that only specific members can decrypt and check the information data, and the aim of carrying out privacy protection on special transaction information is achieved.

A communication system including a transmitter, a receiver, a communication link (for example, a TMDS-like link), and preferably also an external agent with which the transmitter and receiver can communicate, in which video data (or other data) are encrypted, the encrypted data are transmitted from the transmitter to the receiver, and the transmitted data are decrypted in the receiver, a transmitter and a receiver for use in such a system, a cipher engine for use in such a transmitter or receiver, a method for operating such a transmitter or receiver to encrypt or decrypt data, and a method for distributing keys to the transmitter and receiver. The receiver can be a player coupled to a downstream receiver by a TMDS-like link, and configured to re-encrypt the decrypted data (for example, using an AES or HDCP protocol) and send re-encrypted data over the link to the receiver. Optionally, the player is a repeater which translates the decrypted data from the transmitter, and then re-encrypts the translated data for transmission to the downstream receiver. The transmitter can itself be a player that receives and decrypts encrypted data from an upstream source. In preferred embodiments, the system implements a content protection protocol including a challenge-response procedure. After a new key is supplied to the receiver (and the same new key should have been supplied to the transmitter) and before the receiver can use the new key, the challenge-response procedure requires that the receiver validate the transmitter by verifying that the transmitter has proper knowledge of the new key.

The owner of proprietor interest is in a better position to control access to the encrypted content in the medium if the encryption-decryption key is stored in the medium itself and substantially inaccessible to external devices. Only those host devices with the proper credentials are able to access the key. An access policy may be stored which grants different permissions (e.g. to different authorized entities) for accessing data stored in the medium. A system incorporating a combination of the two above features is particularly advantageous. On the one hand, the content owner or proprietor has the ability to control access to the content by using keys that are substantially inaccessible to external devices and at the same time has the ability to grant different permissions for accessing content in the medium. Thus, even where external devices gain access, their access may still be subject to the different permissions set by the content owner or proprietor recorded in the storage medium. When implemented in a flash memory, the above features result in a particularly useful medium for content protection. Many storage devices are not aware of file systems while many computer host devices read and write data in the form of files. The host device provides a key reference or ID, while the memory system generates a key value in response which is associated with the key ID, which is used as the handle through which the memory retains complete and exclusive control over the generation and use of the key value for cryptographic processes, while the host retains control of files.

A dynamically programmable security device. The device includes: a secure nonvolatile read only memory (NVMROM) for securely storing a unique device cipher key; a secure interface for dynamically loading authenticated application code; a cryptographic engine for encrypting, decrypting data and authenticating the application code; a secure random access memory (RAM) for storing the authenticated application code and application data; and a processor for executing the authenticated application code.

A method and architecture for secure transmission of data within optical-switched networks. In one embodiment, the optical switched network comprises a photonic burst-switched (PBS) network. Under various schemes, security keys including encryption and decryption keys are generated by edge nodes and the decryption keys are distributed to other edge nodes in a PBS network. In one embodiment, the security keys are dynamically generated by a trusted platform module (TPM). A source edge node uses its encryption key to encrypt selected data bursts to be sent to a destination edge node via a virtual lightpath coupling the source and destination edge nodes. Security data are embedded in a control burst header indicates to the destination node whether corresponding data bursts sent via the virtual lightpath are encrypted. The security data also includes the decryption key and may also identify an encryption/decryption algorithm to be used. In some embodiments, public key infrastructure facilities are used in conjunction with employment of private and public keys and digital certificates.

A network interface unit is provided for use intermediate a LAN and a public or private network, or a combination of both, for establishing secure links to a VPN gateway. Login by a LAN client with the network interface unit, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Illustrative network interface units include a DHCP server and provide encryption-decryption and encapsulation-decapsulation of data packets for communication with VPN nodes. Configuration and connection of a client are further enhanced by a built-in DNS server and other functional servers to provide a high degree of autonomy in establishing connections to a desired VPN gateway via an ISP or other public and/or private network links to. The interface unit then performs required authentication exchanges, and required encryption key exchanges.

A technique for obtaining a key for encryption/decryption/data recovery from an enterprise key management system. In one example embodiment, this is accomplished by connecting a client mobile device to a cryptography key management using a UID, a UDID, the names of one or more data files to encrypt, a password Pswd, and a KeyID to obtain the key for encryption/decryption/data recovery.

An object of the present invention is to provide an encryption/decryption system and encryption/decryption equipment which suppress the adverse effect of a load on arithmetic and logic operations to be performed by a computer, whose cipher system is hard to infer, which provide great security, and which eliminate the labor of managing keys or entering a key. A security key that encrypts or decrypts data using random numbers generated by a thermal noise random number generator is detachably attached to a personal computer. When attached to the personal computer, the security key autonomously encrypts or decrypts data to be handled by the personal computer. In other words, encryption/decryption equipment employing the thermal noise random number generator is detachably attached to a computer. The encryption/decryption equipment can be used as easily as keystrokes are made, and great security can be guaranteed.

The embodiment discloses an electronic data protection method, a device and a system based on face recognition, relating to the field of encryption-decryption security technologies of electronic data and improving the safety of data protection. The electronic data protection method comprises the following steps of: obtaining and storing registration information of at least one user, wherein the registration information comprises a password and a facial feature template of the user; extracting the facial feature template from a received face image when receiving an authentication request and the face image sent by a client, and determining a target user consistent with the extracted facial feature template from the stored registration information of the at least one user; and sending the password of the target user to the client, and indicating the client to carry out encryption-decryption operation according to the password. The embodiment is mainly applied to an encryption-decryptiontreatment process of data and utilizes the face recognition technology for authenticating user's identify, thereby improving the safety of the data.

A method and apparatus for storing and retrieving program material for subsequent replay is disclosed. The apparatus comprises a conditional access module, for accepting encrypted access control information and the program material encrypted according to a first encryption key, the encrypted access control information including a first encryption key and temporally-variant control data; the conditional access module having a first decryptor module, for decrypting the encrypted access control information to produce the temporally variant control data; a conversion module for modifying the temporally-variant control data to produce temporally-invariant control data; a re-encryptor module, for re-encrypting the decrypted access control information; a second decryptor module for decrypting the re-encrypted access control information to produce the first encryption key; a copy protection encryption module, communicatively coupleable to the conditional access module and a media storage device, the copy protection encryption module for further encrypting the encrypted program material according to a second encryption key and for encrypting the second encryption key according to a third encryption key to produce a fourth encryption key; and a copy protection decryption module, communicatively coupleable to the conditional access module and the media storage device, the copy protection decryption module for decrypting the encrypted fourth encryption key to produce the second encryption key using the third encryption key.

This invention provides a method, a system and a computer program for integrating encryption/decryption software and email software. In addition, it provides a method and a computer program for integrating encryption software (Pretty Good Privacy) encryption/decryption software and Lotus Notes email software with minimal process steps. Encryption/decryption software is public-key encryption/decryption software. The user can send encrypted email with just one step of clicking the send button. Also, the user can read encrypted email and attachments with just one step of keying in the password.

Disclosed in the present invention are a data encrypting and decrypting method, apparatus, and terminal, the method comprising: when setting a user privacy password, randomly generating an asymmetric key; when acquiring data to be encrypted, randomly generating a symmetric key; using the symmetric key to encrypt the data to be encrypted using a symmetrical encryption algorithm, obtaining encrypted data; using a public key of the asymmetric key to encrypt the symmetric key, obtaining a first cipher text corresponding to the symmetric key; and recording the encrypted data and the first cipher text.

An apparatus and method for encrypting/decrypting data include (a) a first plurality of encryption tables, each of the encryption tables being capable of transforming a data value into an encrypted/decrypted value, the data value corresponding to a unit of the data, the encrypted/decrypted value corresponding to a unit of encrypted/decrypted data, (b) a second plurality of selection tracks, each of the selection tracks including a series of values having a certain pattern, (c) a track mixer coupled to the second plurality of selection tracks, adapted to combine corresponding values of the selection tracks to produce a series of combined values, and (d) an encryption/decryption module coupled to the first plurality of encryption tables and the track mixer, adapted to transform each unit of the data into a unit of encrypted/decrypted data using an encryption table selected for that unit according to a combined value in the series of combined values.