51 results about "Link encryption" patented technology

A network system is provided between at least a first client site and a second client site, the first and the second client site are at a distance from one another. A client site network component is implemented at least at the first client site, the client site network component bonding or aggregating one or more diverse network connections so as to configure a bonded/aggregated connection that has increased throughput. At least one network server component may be configured to connect to the client site network component using the bonded/aggregated connection. A cloud network controller may be configured to manage the data traffic and a virtual edge providing transparent lower-link encryption for the bonded/aggregated connection between the client site network component and the network server component.

A network system is provided between at least a first client site and a second client site, the first and the second client site are at a distance from one another. A client site network component is implemented at least at the first client site, the client site network component bonding or aggregating one or more diverse network connections so as to configure a bonded/aggregated connection that has increased throughput. At least one network server component may be configured to connect to the client site network component using the bonded/aggregated connection. A cloud network controller may be configured to manage the data traffic and a virtual edge providing transparent lower-link encryption for the bonded/aggregated connection between the client site network component and the network server component.

The user's Bluetooth device substitutes a pseudonym address for the Bluetooth Device Address (BD_ADDR). The pseudonym address is a randomized version of the BD_ADDR. The pseudonym address is used in all the functions of the Bluetooth device that normally use the BD_ADDR, including the frequency hopping sequence, the device access code, the initialization key in link encryption, the authentication code, and the various packet addresses. In this manner, the user's privacy is protected by preventing the user's identity, routes, and activities from being correlated with his/her device's address. In addition to the Bluetooth standard, the technique also applies to other wireless standards.

The invention discloses a security certificate gateway, comprising a client crypto module, a client business module, a service business module and a service crypto module, wherein the client business module is used as an agent of an application client and used for calling the client crypto module and the service business module interactively to build an encrypted connection; and the service business module is used for calling the service crypto module and the service business module to build a secure encrypted channel. Based on the high-strength identity authentication service, the high-strength data link encryption service and the digital signature and authentication service of a digital certificate, the gateway provided by the invention effectively protects secure access of network resources, and supports B/S applications of a hypertext transport protocol (HTTP) and hypertext transfer protocol secure (HTTPS) as well as common C/S applications of a file transfer protocol (FTP), a remote desktop and the like.

The capability to encrypt or compress the traffic over network links, thus improving the security of the link on the performance of the links, and the capability to encrypt/decrypt data stored on the storage devices without requiring specialized hosts or storage devices. In a first embodiment, traffic to be routed over a selected link needing encryption and/or compression is routed to hardware which performs the encryption and/or compression and returned for transmission over the link. A complementary unit at the second end of the link routes the received frames to complementary hardware to perform the decryption and/or decompression. The recovered frames are then routed to the target device in a normal fashion. In a variation of this first embodiment the hardware is developed using an FPGA. This allows simple selection of the desired feature or features present in the switch. The switch can be easily configured to perform encryption, compression or both, allowing great flexibility to a system administrator. In a second embodiment frames can be encrypted by a switch and then provided to the storage device in this encrypted manner. The frames from the storage device are decrypted before provision to the requesting host. By performing the encryption and decryption in the switch, conventional hosts and storage devices can be utilized.

In accordance with the teachings of the present invention, a system and method for detecting AES random number generator synchronization errors are provided. In particular embodiments of the present invention, the method includes generating a first synchronization word at a playback server, the first synchronization word comprising a 10-bit advanced encryption system word immediately following an advanced encryption system word used to encrypt a final pixel of a final active line of a previous frame of video; placing the first synchronization word in a link encryption metadata message in an ancillary data packet; transmitting the ancillary data packet from the playback server to a digital video projector; extracting the first synchronization word from the link encryption metadata message at the digital video projector; generating a second synchronization word at the digital video projector, the second synchronization word comprising a 10-bit advanced encryption system word immediately following an advanced encryption system word used to decrypt the final pixel of the final active line of the previous frame of video; comparing the first and second synchronization words at the digital video projector; and generating an error message in response to a determination that the first and second synchronization words are not identical.

The invention provides a method for assessing a wireless local area network, comprising the following steps: a mobile station generates a temporary public key (px) and a temporary private key (sx), and the px and a digital certificate of the mobile station are sent to network side equipment; the network side equipment identifies and recognizes the mobile station and then generates a temporary public key (py) and a temporary private key (sy), and then the network side equipment uses the py and the sy for elliptic curve diffie-hellman (ECDH) calculation so as to generate a key seed and then sends the py to the mobile station; and the mobile station uses the sx and the py for ECDH calculation so as to generate a key seed which is the same as the key seed generated by the network side equipment and then negotiates with the network side equipment by using the key seeds so as to generate a conversation key. The invention also provides a system for assessing the wireless local area network, comprising the mobile station and the network side equipment. The invention combines the advantages of the public key encryption technology and the symmetric key encryption technology and can solve the problems of the identification and the reorganization of both the mobile station and the network side equipment and safety of the encryption of the communication link.

The invention relates to the technical field of networks, and relates to a safe screen projection method of a cloud mobile phone, a mobile terminal and a server. The method includes the following steps: generating a public key by using an asymmetric encryption algorithm and sending the public key to the server; receiving feedback from the server, wherein the server firstly uses a symmetric encryption algorithm to generate a unique key, then encrypts the key with the received public key, and then feeds the encrypted key back to the client; decrypting the key by a private key corresponding to the public key, and encrypting verification information by using the key, and sending the verification information to the server for authentication; receiving an authentication result and sending a screen projection request to the server when the authentication result is successful; and using a public network to receive projection content forwarded after being encrypted by the server using the symmetric encryption algorithm and pushed by the cloud mobile phone. The method firstly uses the asymmetric encryption algorithm to realize authentication. After successful authentication, the screen projection is performed and screen projection content transmitted by the private network is not encrypted, while screen projection content transmitted by the public network is encrypted by the symmetric encryption algorithm, so that security is ensured and some links are encrypted with efficiency.

The invention provides a quantum communication encryption system for realizing mobile communication quantum encryption transmission and an application method thereof. The quantum communication encryption system comprises a quantum communication network,a quantum key charging machine and quantum key distribution equipment arranged at the quantum key charging machine end, quantum encryption equipment arranged at the service platform end, a quantum security service platform, quantum key distribution equipment arranged at the service platform end, and a quantum terminal encryption module arrangedon the mobile terminal. According to the method, the existing encryption system and process of mobile communication are not changed, the link of information transmission link encryption is not increased, the security of the working key is enhanced, the security of the working key is enhanced and improved by fusing the key distributed by the public and private key system and the key distributed bythe quantum communication technology, and the quantum computing resistance is achieved.

The invention discloses a cinema live-broadcasting authorized management system and method. The cinema live-broadcasting authorized management system comprises a signal input module, an authorization processing module, a signal decryption module, a signal conversion module, a watermark superimposing module and a line encryption and signal output module, wherein the signal input module is used for receiving a cinema live-broadcasting audio-video signal and a corresponding authorized distribution message LDM (Logical Data Model) file, wherein the LDM file is encrypted by a public key; the authorization processing module is used for decrypting the LDM file by using a stored private key to obtain a signal key and an authorization effective schedule and determining the effectiveness of the LDM file according to the current time and the authorization effective schedule; the signal decryption module is used for decrypting the cinema live-broadcasting audio-video signal by using the signal key when the LED file is effective; the signal conversion module is used for carrying out format processing on the decrypted signal and converting the decrypted signal into a set output signal format; the watermark superimposing module is used for carrying out watermark superimposing on the signal subjected to format processing by using the equipment sequence number of the cinema live-broadcasting authorized management system and the current time; and the link encryption and signal output module is used for carrying out link encryption on the signal subjected to watermark superimposition and then outputting the signal subjected to link encryption. The cinema live-broadcasting authorized management system and method disclosed by the invention can realize effective copyright protection on cinema live-broadcasting contents.

The invention discloses a network device and an authentication and key management method of the network device. The method includes the steps that the network device generates a network key (NK); authentication protocol interaction is performed on the network device and a communication opposite end device, and a basic session key (BSK) is obtained through calculation according to parameters of the authentication protocol interaction and the NK; according to the BSK calculation, the network device obtains link encryption keys (EK) used for media access control (MAC) layers and physical layers (PHY) of various access technologies, and all the EKs are provided for corresponding MAC layer functional modules and PHY functional modules respectively. Through the authentication and key management method of the network device, one-time authentication process is performed on the heterogeneous network device to verify the validity of the device, and the effect that uniform key management is performed on the various MAC layer technologies is achieved.

The invention relates to the field of webpage front ends, PHP and databases, in particular to an implementation method of an online document cloud storage system. The method includes: configuring a PHP frame (taking codeigniter as an example), using an MVC mode to create five view pages which includes a registration/log-in page, a front page, a search page, a sharing page and an upload page, sequentially creating corresponding controller pages and model pages, and adding a method function uploaded to an appointed directory and a method function sharing a creating password and performing link encryption besides the creating, reading, updating and deleting of a database. By the implementation method applicable to the online document cloud storage system, the online document cloud storage system is convenient to use, high in efficiency, good in practicality and high in compatibility.

The invention provides a data security transmission method, system and device and a storage medium, and relates to the technical field of network security. The method is applied to a first link encryption gateway in communication connection with one or more terminals, the first link encryption gateway is also in communication connection with a second link encryption gateway, and the method comprises the following steps: receiving a first encrypted message sent by a terminal; determining that the first encrypted message passes the authentication; decrypting the first encrypted message to obtaina first decrypted message; encrypting the first decrypted message based on an encryption mode agreed with a second link encryption gateway to obtain a second encrypted message; and sending the secondencrypted message to a second link encryption gateway through a secure channel between the second encrypted message and the second link encryption gateway, so that the second link encryption gatewaydecrypts the second encrypted message and sends the decrypted second encrypted message to the server. According to the method, a plurality of terminals share one link encryption gateway, and an independent link encryption gateway does not need to be arranged at each terminal, so that the hardware cost is reduced.

The invention relates to the communication field, in particular to a communication link protection method and device. The device comprises an equipment end and a calling end; the equipment end comprises a first generation module, a first sending module, a first receiving module, a second elliptic curve point generation module, a second link encryption key generation module, a second verification value generation module, a first judgment module, a first terminating module and a third verification value generation module; and the calling end comprises a second receiving module, a second generation module, a first elliptic curve point generation module, a first link encryption key generation module, a first verification value generation module, a fourth verification value generation module, asecond judgment module, a second terminating module and a second sending module. According to the device, factors of the calling end takes participate in the link encryption key negotiation process,and therefore the communication security is improved.

The invention discloses a method for realizing a full-link encryption agent by using an event certificate. The method comprises the following steps: establishing an SSL encryption tunnel based on a digital certificate between a browser and an SSL proxy server, and then, dynamically generating an event certificate in the SSL proxy server in linkage with the CA server, and associating the event certificate to the SSL session to complete an SSL encryption tunnel with the back-end application server, so that the back-end application server can perform secondary identity authentication on the userand further perform fine-grained access control and single sign-on. By utilizing the event certificate, one-time pad of a session between the SSL proxy server and the application server can be realized, an authentication identifier of the session is consistent with a user identity identifier of an original visitor, and meanwhile, the characteristics of timely signing and issuing, no need of storage, short validity period and the like of the event certificate are fully utilized in the session. The SSL proxy server can realize micro-isolation from a user to an application by adopting an event certificate mode, and meanwhile, the access control capability of the whole system and the audit transparency are also improved.

The invention discloses a device and method for encryption protection of link communication and a safety message processing system. The device comprises a request sending module, a first processing module and a second processing module, wherein the request sending module is used by a device A for requesting to negotiate with a device B about a link encryption key; the first processing module is used for calculating and acquiring a link session key and then encrypting, signing and returning to the device A after the device B receives the request; the second processing module is used for calculating in the same manner and acquiring the link session key after the device A receives and verifies the signature; and then, the device A and the device B can negotiate about the encrypted session key for communication in such a manner. The device has the advantages of high safety level, quick negotiation process and suitability for various devices in low processing capacity and high-end devices in high processing capacity. The link communication is encrypted and the encrypted key is temporarily negotiated when the link is established at each time, so that all the data in the communication process can be protected and the adaptability is strong.