Method for forming key of encryption/decryption

FIELD: physics.

SUBSTANCE: method is carried out through the formation of a confidential key of the key distribution center, which is carried out on the basis of the sensor by selecting random numbers of coefficients of the symmetric polynomials {ƒi{x1, x2)}, over the field GF(264), the personal confidential key of the user is produced in the form of ratios of polynomials {gA,i (x)}, obtained by substituting the YA identifier in the polynomials {ƒi(x1, x2)}, instead of one of the arguments: gA,i(x)=ƒi(x, YA)=ƒi(YA, x)mod(264), the session key KAB is obtained usinga lookup in a personal confidential key {gA,i(x)}, of the correspondent identifier: KAB,i=g(YB)mod(264), while the session key with a length of n bits is a concatenation of the values of polynomials over the field GF (264) KAB=KAB,0||KAB,1||…||KAB,r-1 i.e. it can be calculated using the formula KAB=KAB.0+KAB,1⋅(264)+KAB.2⋅(264)2+KAB, r-1⋅(264)r-1.

EFFECT: reducing the time required to complete the procedures for obtaining personal and session keys.

1 cl

 



 

Same patents:

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to means of detecting illegal use of a processing device of a security system, used to descramble various media data distributed over multiple corresponding channels. The method includes counting new messages ECMj,c, received by the processing device of the security systems for channels, other than channel i, after the last received message ECMi,p; verifying that the message ECMi,c was received during said time interval by verifying that the number of new messages ECMj,c, received for channels other than i, reaches or exceeds a given threshold greater than two; increasing the counter Kchi by the given value each time when after verification a message ECMi,c is received during a given time interval, immediately after a message ECMi,p, otherwise the counter Kchi is reset to the initial value; detecting illegal use once the counter Kchi reaches said threshold.

EFFECT: reducing the probability of illegal use of a processing device.

10 cl, 3 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. A method of searching for an object belonging to a set of objects using a verification device, wherein the verification device and objects from the set of objects are configured to exchange information elements through at least one communication channel, wherein each object from the set of objects has a first corresponding identifier from which a plurality of representatives is obtained, wherein the method includes obtaining, in the verification device, a first identification word (mi;p(xi)) relating to the object being searched for, wherein the first identification word is formed by applying a first encoding function to a first object identifier, the search of which is performed such that the first identification word depends on a sub-part of the plurality of representatives obtained from the first identifier, wherein the sub-part is defined by at least one variable parameter (i), wherein the value of the variable parameter is selected randomly using the verification device, said value defining the sub-part of the plurality of representatives obtained from the first identifier; and the first identification word received over the communication channel is transmitted from the verification device.

EFFECT: protecting the identity of objects to prevent third-party monitoring of the objects.

14 cl, 4 dwg

FIELD: physics, communications.

SUBSTANCE: invention relates to communication security methods. The method comprises steps of: storing, in a first part of non-volatile memory of the resource-restricted device, at least one encrypted payload, storing, in a second part of the non-volatile memory of the resource-restricted device, a pointer pointing towards an encrypted payload stored in the memory, when a transmission is to be made by the resource-restricted device, sending the encrypted payload indicated by the pointer, and storing, in the second part of the non-volatile memory an updated pointer indicating a next-to-be-used encrypted payload stored in the memory.

EFFECT: more secure data transmission.

15 cl, 1 dwg

FIELD: physics.

SUBSTANCE: invention relates to semiconductor microelectronic devices and specifically to devices for protection from piracy and falsification of integrated circuits (IC), which are embedded in an IC chip. The device for protection from piracy and falsification of integrated circuits comprises, embedded in the chip of an authentic integrated circuit, a first logic register with elements for inputting an identification number (label) by a trusted integrated circuit manufacturer through working or auxiliary leads of the integrated circuit and which block subsequent input of another identification number. The device further includes a second logic register with elements for inputting, by the user of the integrated circuit, an identification number known to said user and a logic coincidence circuit with elements for outputting information on authenticity and permission for normal operation, in which the identification number stored in the first logic register of the integrated circuit is compared with the identification number in the second logic register, and if the identification numbers match, normal operation of the integrated circuit is allowed.

EFFECT: authentication of an integrated circuit, preventing reading of the identification number (label) from the integrated circuit by intruders and checking working capacity of the device for protecting integrated circuits from piracy and falsification.

1 dwg

FIELD: radio engineering, communication.

SUBSTANCE: if the bits of a digital image signal byte and message signal byte coincide, then the logical "1" value is assigned. Otherwise, the logical "0" is assigned. Then, a {F} array is formed to record the logical values. The latter are stored in the {F} array after comparison of the digital image signal and message signal bytes. Afterwards, the logical values are read from the {F} array. Then, a message marker packet is formed with recording the logical values from the {F} array to the information field of the packet. The marker packet and digital image packet are transmitted using different communication channels.

EFFECT: higher security of confidential information transmission.

3 dwg

FIELD: physics, optics.

SUBSTANCE: protection device is designed to prevent unauthorised probing of protected segments of optical cable systems and networks for various purposes. Controlled neutralisation of probing radiation in an optical cable is carried out by raising the noise level to the information-bearing signal power level or higher using a fibre-optic noise generator. The fibre-optic noise generator is connected in the optical network (1) on a Mach-Zehnder interferometer scheme (1), which is formed by asymmetrically connected two coupling devices (5, 6). One arm of the interferometer includes the fibre-optic noise generator, formed by a fire-optic modulator (7) and a noise generator (8). Power supply (9) and control of the device is carried out on the protected optical network via a channel (10). The protection device (2) is connected to the optical network (1) by detachable or permanent connections (3, 4). The device does not affect light flux in a switched off state and, when turned on, has optical nonreciprocity on noise induced in transmitted signals.

EFFECT: high efficiency of protecting information using optical channel noise masking methods.

13 cl, 7 dwg

FIELD: radio-engineering, communication.

SUBSTANCE: method of secret information transmission by the object means emission of the electromagnetic energy, where object is exposed by receiving-transmitting antennal (RTA1) of radar station (RS1)by continuous signal with frequency modulation under one-side saw-toothed linear law (NLFM signal) that is received by RTA2 of RS2 of the object, directed via two channels, and in one channel NLFM signal is delayed for time tz, and in another channel it passes through the coder generating different NLFM radio pulses with different width corresponding, for example, to dot, hyphen and pause from Morse alphabet, then NLFM signals are summed, reinforced as per power. And via RTA2 are re-transmitted towards RS1, where they are multiplied with the emitted LNLFM signal for further separation at RS1 of two signals with frequencies: Fpi=2DiFmdfm/C±2Vif/C and Fpj=2DiFmdfm/C±2Vif/C+B, where C and Vi are light velocity and speed of approach or divergence of RS1 and RS2; f, Fm and dfm are frequency, modulation frequency and frequency deviation of NLFM signal; B is part of frequency of difference signal due to delay of NLFM signal; Di is distance between radar , and separation of definite difference Δ=Fpi-Fpj=B upon which identification it is assumed that the object transmits the secret information.

EFFECT: expansion of assortment of devices used for information transmission.

2 cl

FIELD: electricity.

SUBSTANCE: information hiding device comprises: a signal attenuation unit, two key memory units, a masking signal shaping unit, a subtracting unit, six adder units, four multiplier units, an information transfer device unit, a factor shaping unit, a divider unit.

EFFECT: improvement of security and accuracy of recovery of the secured signal.

8 dwg

FIELD: information technologies.

SUBSTANCE: method of secure information transmission based on addition of the secured signal and the signal being a function of the secured signal and the masking signal, differing by that, for the purpose of increase of hiding and accuracy of recovery of the secured signal, the stego-container containing two components is formed, for this purpose the first signal is allocated which is equal to a half of the secured signal, and the second signal equal to a difference of the value of the first key and the first signal, the first component of the container is defined by the first signal, to which the product of masking signal and the sum of value of the second key and the first signal is added, the second component of the container is defined by the second signal, to which the product of masking signal and the sum of value of the third key and the second signal is added, to recover the secured signal four coefficients are determined, the first coefficient is equal to the doubled sum of values of the first and third keys, the second coefficient is equal to the doubled value of the second key, the third coefficient is equal to the doubled product of values of the first and second keys, the fourth coefficient is equal to the sum of values of the second and third keys, the readings of the secured signal are found by adding of the third coefficient to the product of the first container components and the first coefficient, and subtracting the product of the second container components and the second coefficient, the obtained result is divided by the sum of the first and second components of the container and the fourth coefficient.

EFFECT: improvement of security and accuracy of recovery of the secured signal.

11 dwg

FIELD: radio engineering, communication.

SUBSTANCE: method for transliteration conversion of information and transmission thereof over communication channels includes receiving a structured message and breaking down said method into parts. A first part is broken down into two different data units, to which control information is added to obtain transliteration matrix row and column coordinates, from which a matrix cell corresponding to the first part of the message is selected. A semantic expression is extracted and transmitted, from the selected cell, to a communication channel, the semantic expression being used to determine cells available for converting the second part of the message. The second part is broken down into two different data units with addition of control information to obtain row and column coordinates for selecting a matrix cell from which a semantic expression is extracted, which corresponds to the second part of the message, and said expression is transmitted to a communication channel. The selected semantic expression is used to determine cells which are available for converting the third part of the message, wherein the third and subsequent parts are converted in the same manner as the second part.

EFFECT: high reliability of transmitting structured messages, achieved by validation of transmission of structured units.

1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to security context signalling. A method for establishing a first security context between a remote station and a serving network, the first security context having a security property that is not supported by a second security context, the method comprising: the remote station forwarding a first message to the serving network, wherein the first message includes an information element; the remote station generating an integrity session key and an encryption session key in accordance with the first security context; the remote station receiving a second message having a message authentication code indicating that the serving network supports the first security context; the remote station verifying the message authentication code using the integrity session key; and the remote station, in response to successful verification of the message authentication code, performs wireless communication protected by the encryption session key.

EFFECT: providing signalling on support of an improved security context.

31 cl, 8 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to multimedia content protection. A method of protecting content (6) scrambled using a content key CW transmitted encrypted by a content access key K, characterised by that said content is transmitted by a transmission system to at least one receiving terminal (4) using a service, provided locally in said receiving terminal using a set of properties Pi, i ranges from 1 to n, known for the transmission system, where each of said properties Pi is represented by a data element xi recorded in said data transmission system, and using a local data element yi with local access, intended only for reading in said terminal, and during transmission, said method comprises a step of super-encrypting said content key CW using at least one invertible super-encryption function fi(xi), which depends on at least one of the properties Pi, i ranges from 1 to n, and upon reception, the value of said super-encrypted content key CW is disclosed by applying to said super-encrypted content key CW an inverse super-encryption function fi1(yi) corresponding to the property Pi.

EFFECT: efficient protection of multimedia content from illegal redistribution.

9 cl, 3 dwg

FIELD: information technology.

SUBSTANCE: method includes steps of: a transmitter using an operating key and an encryption algorithm executable code in a virtual mother card to encrypt a control word CWt to obtain a cryptogram CWt*, using a syntax constructor executable code in the virtual mother card to generate an ECM (Entitlement Control Message) that incorporates the cryptogram CWt*, and transmitting said ECM to a terminal; the terminal receiving the ECM, determining the location of the cryptogram CWt* in the received ECM using syntax analyser executable code and then decrypting the cryptogram CWt* using the operating key and the encryption algorithm.

EFFECT: safer data transmission.

14 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: invention relates to a broadcast encryption method. The technical result is achieved through a method of controlling decoders of at least one group of decoders, having access to audiovisual data, wherein the method comprises the following steps: at a step when the decoder should become a member of a group: obtaining and storing keys relating to a certain position in the group according to the broadcast encryption scheme; obtaining and storing current group access data containing at least the current group access key which is common for said group at the step of accessing the audiovisual data: using the current group access data for direct or indirect access to audiovisual data, at the step of updating the current group access key: transmitting a first group message containing at least the next group access data containing at least the next group access key encrypted such that only uncancelled decoders can gain access thereto, wherein said group message is further encrypted by the current group access key (CGK); updating the current group access key using the next group access key.

EFFECT: high efficiency of controlling access to broadcast content for a large number of subscribers by controlling access only based on keys.

5 cl, 4 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to computer engineering. The invention can be implemented in a conditional access content broadcast system where it is desirable to identify and take measures against receiving equipment, applied when sharing control words. Owing to the requirement that receiving equipment used in the system transmits to a transmission station a conditional access content message at a precisely defined time, the invention provides a method through which a server identifies receiving equipment participating in the sharing of control words and prevents said receiver from further accessing said content.

EFFECT: effective protection of transmitted content.

12 cl, 2 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to cryptography. A chipset function activation method includes: receiving at least one of the following elements: a segmentation key, a general purpose key and a global cryptographic algorithm selector; transmitting at least two of the following elements: an initial value, the obtained segmentation key, the general purpose key and the global cryptographic algorithm selector to a computation module, wherein the initial value, the obtained segmentation key, the general purpose key and the global cryptographic algorithm selector are provided by at least two different organisations; generating in the computation module a temporary key using one of the following elements: at least one cryptographic algorithm of the computation module and at least two elements selected from a group including the initial value, the segmentation key, the general purpose key and the global cryptographic algorithm selector; receiving an activation message using the computation module; receiving an authentication code of said message using the computation module, wherein said message authentication code is calculated using the temporary key; authenticating said received message using the message authentication code and the temporary key; if the received message is authentic, activating the corresponding chipset function; if the received message is not authentic, prohibiting activation of said corresponding chipset function.

EFFECT: effective chipset protection.

11 cl, 1 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to information decryption methods. The method comprises steps of, in response to the absence in any of the terminals of one or more control words CWc for decrypting one or more multimedia content cryptoperiods, transmitting through said terminal to a control word server a request containing a cryptogram(s) of said one or more absent control words, and in response, transmitting by the control word server to said terminal said one or more absent control words, wherein the control word server selectively determines for each terminal the number of additional control words CWs intended for transmission to the terminal depending on the probability of compromising the protection of said additional control words, and besides the absent control words CWc, transmitting to said terminal said determined number of additional control words CWs, which enables the terminal to decrypt additional multimedia content cryptoperiods in addition to cryptoperiods decrypted using the requested absent control words CWc.

EFFECT: ensuring secure transmission of control words.

10 cl, 6 dwg

FIELD: radio engineering, communication.

SUBSTANCE: apparatus comprises: a unit which stores a key used for encrypting or decrypting data; a unit which receives a key transmission request including a key-dividing number via a wireless signal from an operation terminal; a unit which acquires a key transmission request from the wireless signal received by the reception section; a unit which determines a security level when transmitting the key to the operation terminal, as a transmission security level; a unit which determines a transmission power in accordance with the transmission security level determined by the security level determination unit and the key-dividing number included in the key transmission request acquired by the key transmission request acquisition unit; a unit which acquires each key fragment by dividing the key stored in the storage unit into the key-dividing number; and a unit which transmits the each key fragment acquired by the key acquisition unit using the transmission power determined by the transmission power determination unit, via a wireless signal to the operation terminal.

EFFECT: safer data transmission.

15 cl, 9 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to a network operation method. A network comprises a node and a system control device. A system control device comprises a root key material which is a set of functions, each having a degree of complexity α, and a node is provided with a portion of key material of a node having a degree of complexity α extracted from the root key material. The system control device generates a portion of key material for an external user with a degree of complexity α from the root key material and generates an access identifier. The system control device generates access key material with a degree of complexity less than α from the portion of key material for the external user and generates a node identifier. The system control device provides the external user with a portion of access key material and the node identifier. The external user extracts a key from the portion of access key material and sends to the node said key and access identifier. The node calculates a key from the access identifier and the portion of node key material and compares the key sent by the external user and the key calculated by the node in order to identify the external user.

EFFECT: improved security.

14 cl, 4 dwg

FIELD: physics, computer engineering.

SUBSTANCE: invention relates to methods of providing secure communication in a network. The method comprises: an administration device provided with root keying materials, and steps of: generating, by the administration device based on the root keying materials, parts of keying material of a first node containing a certain number of sub-elements, and parts of keying material of the first node, assembled for generating a first terminated key, the administration device selects a subset of sub-elements of the first parts of the keying material, wherein the number of selected sub-elements is less than or equal to the total number of sub-elements of the first parts of the keying material, and the selected sub-elements form partial parts of the keying material of the first node or a symmetrical key generation mechanism, the first node generates, based on the symmetrical key generation mechanism of the first node and on a second node identifier, a first key used to provide secure communication with a second node.

EFFECT: more secure data transmission in a network.

6 cl, 7 dwg

FIELD: information technologies.

SUBSTANCE: method to code a data unit represented as a bit string consisting in formation of a secret key in the form of subkeys K and Q, which represent bit strings, formation of an auxiliary n-bit string T, formation of an n-bit auxiliary cryptogram CM by performance of operation of E coding on the data unit M depending on K according to the formula CM=EK(M), formation of an n-bit auxiliary cryptogram CT by performance of operation of E coding on the n-bit string T depending on Q according to the formula CT=EQ(T), formation of 2n-bit cryptogram C depending on subkeys K and Q and auxiliary cryptograms CM and CT, differing by the fact that the subkey K is formed as a 2n-bit string, representing concatenation o two n-bit strings k1 and k2, the subkey Q is formed as a 2n-bit string, representing concatenation of two n-bit strings q1 and q2, the (n+1)-bit string m is formed, and the 2n-bit cryptogram C is formed as concatenation of two binary polynomials of degree n-1, being the solution to the system of two linear equations k1C1+k2C2=CM mod m and q1C1+q2C2=CT mod m with two unknown binary polynomials C1 and C2, in which m is an additionally formed polynomial of degree n, and n-bit strings k1, k2, q1, q2, CM, CT are considered as binary polynomials of degree n-1, and (n+1)-bit string m is considered as a binary polynomial of degree n.

EFFECT: increased level of protection of coded information.

2 cl

Up!