320 results about "Key size" patented technology

A crytography method of encrypting data is disclosed. The method provides for creating or selecting a master key. Thereafter, the data to be encrypted is segmented into data blocks of equal or variable lengths. For each data block a sub-key of an arbitrary starting position is selected from a pre-defined set of arbitrary positions and of matched or unmatched length from the master key, where the master key length is selected from a pre-defined set of arbitrary lengths. Having acquired the sub-key for each data block, each data block is encrypted using its sub-key and an encryption algorithm.

Systems and methods for security key transmission with strong pairing to a destination client are disclosed. A security key may be generated by an on-chip key generator, an off-chip device, and/or software. A rule may then be paired with the security key and an address associated with the security key. The rule may define permissible usage by a destination module, which is defined by the associated address. The rule may comprise a command word, which may be implemented using a data structure associated with a permissible algorithm type, a security key size, and/or a security key source.

The invention relates to a method for inputting user commands into an electronic device (1), which uses dynamic I/O input arrangement. After each input command the most potential next input command is emphasized by enlarging the size of a key of the command (23, 24, and 25). The invention also relates to a cellular terminal or PDA utilizing the method and software means to carry out the invention.

The present invention relates to digitally signing of electronic documents which are to be kept secure for a very long time, thereby taking into account future cryptographic developments which could render current cryptographic key-lengths insufficient. In accordance with the invention a double signature is issued for each document. A first digital signature (DTS) ensures the long time security, whilst a second digital signature (DUS) ensures the involvement of an individual user. Thereby, the second digital signature is less computationally intensive in its generation than the first digital signature.

In a cryptography system, client and server terminals each generate a private key constituting a randomized compilation of dynamic system parameters. Public keys are then generated based on the private keys, exchanged between the terminals, and used to generate a shared secret. Key stream generators generate a randomized key stream at each terminal using the shared secret, based on self-generating primitive polynomials. Key length is user selected, and may be modified during an ongoing encryption session. The generator includes a plurality of linear feedback shift registers whose lengths are self-configuring based on the user-specified key length. The registers are interconnected so that their output, namely, the key stream, is non-linear and random. Data is converted to binary form and encrypted by XOR'ing the binary-format data with the key stream. The system may be used in both a static secure transfer mode and a dynamic secure real time transfer mode.

The related wireless terminal (1) security locking method based on elliptic curve public key cipher comprises: using elliptic curve public key certificate to form digital signature and private key to validate software during startup; deciding by software to provide network service according to current register and pre-set information or reading the IMSI number in user USIM/SIM card to compare with stored one and decide whether provide service. This invention synthesizes lots business, and special fit to terminal with common processing capacity.

An apparatus is disclosed for generating keys having one of a number of key sizes. Memory sections of a memory element are adapted to store a portion of a key. The memory element has a size at least as large as a largest key size of a number of key sizes, the key having a size of one of the plurality of key sizes. Key generation logic is adapted to generate intermediate key results for the key by operating on values from the memory sections and from the intermediate key results. Key selection logic is adapted to route selected intermediate key results to selected ones of the memory sections. The control logic is adapted to determine the size of the key and, based at least partially on the size of the key, to select the selected intermediate key results and the selected ones of the memory sections. The selected intermediate key results comprise some or all of the key.

The present invention leverages the invertibility of determinants of unimodular matrices to provide a universal hash function means with reversible properties and high speed performance. This provides, in one instance of the present invention, length controllable hash values comprised of vector pairs that can be processed as one instruction in a SIMD (single instruction, multiple data) equipped computational processor, where the vector pair is treated as a double word. The characteristics of the present invention permit its utilization in streaming cipher applications by providing key data to seed the ciphering process. Additionally, the present invention can utilize smaller key lengths than comparable mechanisms via inter-block chaining, can be utilized to double hash values via performing independent hash processes in parallel, and can be employed in applications, such as data integrity schemes, that require its unique processing characteristics.

The invention relates to a credible data access control method applied to cloud storage of mobile devices. The credible data access control method includes six steps including user registering, user login, secret key generation, data encryption uploading, data downloading and decryption in three stages. The first step is user registering, the second step is user login with an authentication process, the third step is encryption secret key generation, the fourth step is user data encryption uploading, the fifth step is secret key sharing among the multiple mobile devices, and the sixth step is data downloading and decryption. According to the credible data access control method, transmitting of a credible chain in the secret key exchanging process is guaranteed by a user through a mobile TPM chip, the length of a secret key is reduced through encryption based on a elliptic curve, it is guaranteed that the multiple mobile devices can safely share the secret key, compared with a traditional server terminal or client terminal data encryption method provided by a cloud storage service provider, the credible data access control method is safe, reliable, high in confidence degree and small in interaction data amount, and the good practical value and the wide application prospect are achieved in the technical field of cloud storage safety.

The invention relates to a method for achieving lightweight authentication and key agreement. A long-term shared key K is preset between any two network nodes, a counter CTR is stored in each network node, the encryption algorithm E and the PRNG are achieved in the two network nodes, and an authentication and shared key is built between the two network nodes. The method solves the problem that the existing network authentication technology and the existing key agreement technology are not suitable for the resource-constrained communication environment, and can be efficiently and safely suitable for the Internet of Things or the mobile communication network with a large number of resource-constrained nodes. According to the method, the symmetric cryptography algorithm is used only by four times in the authentication and key agreement process, the lightweight grouping symmetric cryptography algorithm can be used, the length of the required key is small, the encryption and decryption speed is high, bi-directional authentication of the authentication process can be completed only through two times of information interaction, the communication data size is small, and occupied network resources are few.

A mechanism is provided in which access to the functionality present on an integrated circuit chip is controllable via an encrypted certificate of authority which includes time information indicating allowable periods of operation or allowable duration of operation. The chip includes at least one cryptographic engine and at least one processor. The chip also contains hard coded cryptographic keys including a chip private key, a chip public key and a third party's public key. The chip is also provided with a battery backed up volatile memory which contains information which is used to verify authority for operation. The certificate of authority is also used to control not only the temporal aspects of operation but is also usable to control access to certain functionality that may be present on the chip, such as access to some or all of the cryptographic features provided in conjunction with the presence of the cryptographic engine, such as key size.

The invention relates to an encryption method for network and information security; the adopted packet length and key length are 128 bits, and a 128-bit system parameter is added; encryption algorithm comprises a plurality of rounds of round transform iteration consisting of mixed layers and diffusion layers, wherein the last round is incomplete round transformation, and the incomplete round transformation consists of the mixed layer; the mixed layer comprises key plus, S box portfolio transform and system parameter minus; the S box portfolio transform comprises 8-input 8-output reversible S box transform and inverse S box transform in the same number which are output by parity exchange; the diffusion layer can construct linear transformation with a reversible re-model polynomial matrix; an encryption round key is generated by an encryption key through encryption round transformation; and decryption algorithm is the inverse transformation of encryption algorithm. The encryption methodfor network and information security has the advantages of high diffusion speed, good security strength, hardware resource saving, and very high speed when being realized by hardware and on a software platform.

A post-quantum, public key cryptosystem is described which is polynomial based and where the private key polynomial has coefficients from a sub-set of Galois field elements and plain text message polynomials have coefficients from a second sub-set of Galois field elements. The public key polynomial is constructed using the inverse of the private key polynomial and a randomly chosen polynomial having coefficients chosen from a third sub-set of Galois field elements. Cipher texts are constructed using the public key and randomly chosen session key polynomials. Other more complicated embodiments are described. For implementation a small prime base field such as 2, 3 or 5 will usually be used in constructing the prime power Galois field. The system has the advantage of relatively small public key sizes.

Virtual keyboards become efficient and ergonomic by typing with small, incremental partial word completions, using fewest but largest possible keys, presented in highly condensed layouts, retaining familiar structural patterns of standard keyboards like QWERTY, and utilizing curved thumb typing formats. The keyboard continuously adjusts numbers of keys, key sizes, predictive values and layouts, to minimize keystrokes, reduce errors, and maximize potential words entered, while providing the most ergonomic, minimalist interface possible at any moment, scaling to any size device. Keys display normal default characters concatenated with supplemental predictive characters, forming incremental partial word completions; each represents the longest common building block shortcut of likely intended words derivable from a key's default value. The most relevant keys can generate larger numbers of highly predicted words; the more relevant, the larger the key. Only the most relevant keys are displayed, in stripped down, but familiar layouts, allowing only valid text entry options.

Elliptical curve based cryptographic algorithms are public key algorithms offering a shorter calculation time and smaller key sizes in comparison with RSA. In a smart card type environment, these algorithms are vulnerable to differential power analysis (DPA) attacks. The disclosed invention provides a countermeasure procedure enabling positive action to be taken against DPA-type attacks. The countermeasure does not reduce performance and is easy to use in a smartcard type component.

This invention provides improved security and improved throughput of the McEliece public key encryption system and reduces the public key size. Even though the public key is reduced, in some embodiments of the invention the ensemble of cryptograms produced is identical to the ensemble of cryptograms produced by the original system for a given Goppa code, and the same private key. It is possible using this invention that the encrypted message, the cryptogram is a truly random function, not a pseudo random function of the message so that even with the same message and the same public key, a different, unpredictable cryptogram is produced each time. Other embodiments of the invention use a shortened error correcting code allowing the length of the generated cryptogram to match exactly the available transmission or storage media such as is the case of RFID and packet based radio applications.

The invention discloses a digital image encryption method based on a Cat mapping and hyper-chaos Lorenz system, and belongs to the field of image encryption. According to the digital image encryption method, a key length of an image encryption system is 247 digits and is higher than classical cryptography algorithms of the data encryption standard (DES, 56 digits), the advanced encryption standard (AES, the basic standard is 128 digits) and the international data encryption algorithm (IDEA, 128 digits). By introducing a secret key stream generative mechanism related to plaintexts, secret key streams are enabled to be related to both secret keys and the plaintexts, and even when the same diffusion secret keys are used to encrypt different plaintext images, the generated secret key streams are different. Therefore, the known-resistant/plaintext-selective attack capacity of the encryption system is obviously improved.

A cryptographic method for providing a level of security by a postage security device, which generates a digital token using a cryptographic key. When it is required to make a key change in order to improve the level of security, the postage security devices replaces the cryptographic key with a new cryptographic key, wherein the new cryptographic key has a key length that is equal to or greater than the replaced cryptographic key. The new cryptographic key can be generated by the postage security device based on a given key length, or selected from a plurality of replacement keys stored in a storage device.

Data entry using a software keyboard such as a touchscreen keyboard is secured by varying key sizes in the keyboard from key to key and from software keyboard configuration to software keyboard configuration, decoupling display locations from keys. Multiple software keyboard configurations are generated, each having different sets of key sizes. The keyboard configuration may be changed with each keystroke, or may be changed for each prompted entry including multiple keystrokes.

The invention discloses a quantum secret key distribution privacy amplification method supporting large-scale dynamic changes. The method includes the steps of firstly, conducting initialization, wherein the optimal operation scale m of an FFT module is calculated according to the actual running parameters of a quantum secret key distribution system when the privacy amplification method is started, and the initialization scale is an FFT operation and inverse FFT operation module of m; secondly, normalizing data, wherein the final security secret key length r is calculated according to the detector counting rate Q mu of the quantum secret key distribution system, the quantum bit error rate E mu, the corrected weak security secret key length n and the security parameter s of the quantum secret key distribution system, and normalizing an initial secret key string and a Toeplitz matrix according to the parameter m, the parameter n and the parameter r; thirdly, conducting data operation, wherein the operation process of the Toeplitz matrix and the initial secret key string is operated through the FFT technology, the first r items of the calculation result are taken to form a result vector, namely, the final security secrete key. The method has the advantages of being high in flexibility, better in processing performance, and the like.

In a packet switching device or system, such as a router, switch, combination router/switch, or component thereof, a method of and system for performing a table lookup operation using a lookup table index that exceeds a CAM key size is provided. Multiple CAM accesses are performed, each using a CAM key derived from a subset of lookup table index, resulting in one or more CAM entries. One or more matching table entries are derived from the one or more CAM entries resulting from the multiple CAM accesses.