|
Method of encrypting n-bit unit m Method of encrypting an n-bit data unit M includes generating a secret key by generating subkeys Q and R and auxiliary subkeys in form of mutually simple multi-bit binary numbers m1 and m2, generating an auxiliary n-bit data unit T, generating an n-bit auxiliary cryptogram CM by performing a block encryption operation E over the M depending on Q using the formula CM=EQ(M), generating n-bit auxiliary cryptograms CT by performing a block encryption operation E over T depending on R using the formula CT=ER(T), generating a cryptogram C in form of a solution of a system of two identities C≡CMmodm1 and C≡CTmodm2 with unknown C. In a particular version of the method, m1 and m2 are prime numbers. |
|
Invention relates to authentication methods and specifically to methods and an apparatus for authentication of subscribers in IP telephony networks. The technical result is achieved due to that the disclosed method for authentication through a user device when attempting to access an IP telephony network comprises steps of: obtaining one or more private keys of said user from secure memory associated with said user device; generating an integrity key and a ciphering key; encrypting said integrity key and said ciphering key using a session key; encrypting said session key with a public key of said IP telephony network; and providing said encrypted session key, encrypted integrity key and encrypted ciphering key to said IP telephony network for authentication using a public key infrastructure (PKI) coupled with an authentication and key agreement (AKA) mechanism. |
|
Digital rights management apparatus and method Method comprises steps of: encoding a digital program to link said digital program with an authentication agent by packing the digital program and authentication agent into single digital content. Said authentication agent includes a program code executed by a device, wherein the device can reproduce said digital program and execute the program code. The program code is configured to authenticate the device when executed in the device; and provide said device with digital content which includes said digital program and said authentication agent. Said digital program is encrypted via a first encryption algorithm, and the decryption key of the fist encryption algorithm is encrypted via a second encryption algorithm and is stored in the authentication agent. |
|
Invention realises a common key block encryption processing with improved immunity against attacks, such as attack by saturation and algebraic attacks (RYAS attacks). In the encryption device which performs common key encryption processing, S blocks which are used as nonlinear conversion processing modules in round functions established in round function execution modules are configured to use S blocks of at least two different types. Such a configuration can improve immunity against attacks by saturation. Furthermore, the types of S blocks are a mixture of different types. Use of such a configuration can improve immunity against algebraic attacks, thereby realising a highly secure encryption device. |
|
Systems, methods and apparatus for detecting and correcting encryption errors Method involves using a first set from one or more input encryption parameters for decrypting data in a received protocol data unit, wherein encrypted data were encrypted using a second set from one or more input encryption parameters; comparing the value of at least part of the decrypted data with an expected value; detecting, using a decryption control scheme, an encryption error if the value of at least part of the decrypted data does not match the expected value; and initiating an encryption resynchronisation procedure in response to the determination that there has been an encryption error, in order to resynchronise at least one input encryption parameter from the first set with at least one input encryption parameter from the second set. |
|
Encryption device defined in standard gost 28147-89 Round device realising a sequence of actions for each data encryption device, comprises a summation unit CM1, a substitution box K, a shift unit R, an extra register PREG. In view of using the extra register, a maximum clock frequency in the data flow chart is determined by a maximum delay in the unit CM1, and in the boxes S and R. |
|
Method and apparatus for end-to-end encrypted communication Method for end-to-end encrypted communication includes: storing a set of keys suitable for end-to-end encrypted communication in a user terminal. One or more keys are associated with a validity indicator which defines a cryptographic group of two or more user terminals in which the corresponding key should be used, and a period during which said key is usable in said cryptographic group; connecting, at the user terminal, to the cryptographic group communication and selecting the key to be used from the stored set of keys based on said cryptographic group and current time in accordance with the associated validity indicator. |
|
Disclosed is a method of protecting information based on identification data, which involves encrypting a source message and subsequent decryption using a secret key generator and by applying a computational technique, characterised by that the following procedures are performed: at the initial initialisation step, calculating a secret master key and a system public key; at the second step, sending the secret master key to the input of an algorithm which executes the secret key computation step and generates, at the request of the decryption algorithm, a secret key for the new system user; at the encryption step, encrypting the source message using the identifier of the new user and the system public key obtained at the initial initialisation step; at the decryption step, transmitting to the input of the decryption algorithm the secret key for the new user and decrypting the message obtained at the encryption step. |
|
Device for encrypting data according to standards gost 28147-89 and aes Device for encrypting data includes a GOST 28147-89 conversion circuit, an AES conversion circuit, an AES key conversion unit, a first multiplexer, a second multiplexer, a data storage and a key storage; the output of the data storage is connected to the first input of the GOST 28147-89 conversion circuit and to the first input of the AES conversion circuit; the output of the key storage is connected to the second input of the GOST 28147-89 conversion circuit, the second input of the AES conversion circuit, the input of the AES key conversion unit and the second input of the second multiplexer; outputs of the GOST 28147-89 conversion circuit and the AES conversion circuit are connected to the first and second inputs of the first multiplexer, respectively; the output of the first multiplexer is connected to the input of the data storage; the output of the AES key conversion unit is connected to the first input of the second multiplexer; the output of the second multiplexer is connected to the input of the key storage; encryption algorithm selection signals are transmitted to the control inputs of the first and second multiplexers. |
|
Method of encrypting messages presented in form of multibit binary number In the method for block encryption of a message M, which is presented in form of a multibit binary number, a private key and a cryptogram, which depends on the message M and the private key, are generated, wherein the private key is generated in form of a set of subkeys K1, K2,…, Kh, where h≥1, and auxiliary multibit binary numbers p1, p2,…, pu, pu+1, where u≥1; auxiliary multibit binary numbers R1, R2,…, Ru, D are generated and a cryptogram is generated in form of a multibit binary number C, which satisfies the comparison system C≡R1 mod p1, C≡R2 mod p2,…, C≡Ru mod pu, C=D mod pu+1, where at least one of the numbers R1, R2,…,Ru depends on the message M and one of the subkeys K1, K2,…, Kh. |
|
Method for steganographic transmission of information in tcp/ip network Method for steganographic transmission of information, wherein a secret text is transformed via cryptographic transformation into encrypted text; a pseudorandom mask is generated based on a key, which determines the order of transmitting information and masking segments; when transmitting a masking segment on an open network, a TCP segment which does not contain secret data is transmitted, and to transmit an information TCP segment based on the key, a pseudorandom binary value with the length of the open text is formed, whose unit bits are replaced with secret data bits, after which a TCP segment which contains the obtained value of camouflaging data is formed and then sent over the network. |
|
|
Method for coding of m message represented as multidigit binary number Method of unit coding of a message M represented in a binary form includes the following sequence of actions: generation of a secret key in the form of a set of subkeys K1, K2, …, Kh, where h≥1, generation of auxiliary multidigit binary numbers (MBN) p, Q1 (1),Q2 (1),…,Qd (1), Q1 (2), Q2 (2), …, Qd (2),…, Q1 (k), Q2 (u),…, Qd (u), R1, R2, …, Ru, where 1<d and 1<u<d, generation of a cryptogram in the form of a set of MBN, C1, C2, …, Cd, which complies with a system of equations Q1 (1), C1 + Q2 (1)C2 +… + Qd (1)Cd = R1 mod p, Q1 (2)C1+Q2 (2)C2+…+ Qd (2)Cd =R2 mod p, …,Q1 (u)C1+Q2 (u)C2+…+Qd (u)Cd =Ru mod p, where at least one of multidigit binary numbers R1, R2,…, Ru depends on an M message, and at least one of multidigit binary numbers Q2 (1),…,Qd (1), Q1 (2), Q2 (1),…,Qd (2),…,Qd (2),…,Q1 (u), Q2 (u),…,Qd (u) depends on one of subkeys K1 K2, …, Kh. |
|
Method for unit coding of m message represented in binary form Method of unit coding of a message M represented in a binary form includes the following sequence of actions: generation of a secret key in the form of a set of subkeys K, Q1, Q2,…Qu. R1, R2…,Rh, where h≥1, breakdown of the message into subunits M1 M2,…,MU; Mu+1, Mu+2,…,M2u;…; Miu+1 Miu+2,…,M(i+1)u;…; M(w.1)u+1,…, Mwu, where i=1, 2,…, w, u≥1 and w≥1, formation of data units Bi, where i=1, 2,…, w, by generation of additional messages T(1), T(2),…, T(h) , breakdown of messages T(j) where j=1, 2,…, h, into subunits T1 (i) T2 (j)…Tw (j), coding of subunits M(i-1)u+1 M(i-1)u+2,… MjU depending on subkeys Q1 Q2,…, QU, coding of subunits Ti (1), Ti (2),…, Ti (h) depending on subkeys R1 R2,…,Rh and combination of transformed subunits M(i-1)u+1 M(i-1)u+2,…, Miu, Ti (1), Ti (2),…, Tj (h), and coding of data units Bi depending on a subkey K. |
|
Encryption processing device, encryption processing method and computer programme Block cipher with common key processing configuration is implemented with improved immunity against such attacks as saturation attacks and algebraic attacks ("РЯС" attack). In the encryption processing device which executes processing of block cipher with common key, S-blocks used as modules of nonlinear transformation processing in round function and installed in round functions execution modules are made capable to use S-blocks of at least two different types. With such configuration, immunity against saturation attacks can be improved. Additionally, types of S-blocks represent mixture of various types. |
|
Method for symmetric encryption based on mixed number system Secrete key which is a set based on a mixed number system is used to obtain an encrypted message through nonlinear transformation of information in the mixed number system. The sender then sends the encrypted message over a clear channel to a recipient and the recipient, who knows the secret key and encrypted message, computes the original message. The secret key is sent to the sender and the recipient over a closed channel before the communication session. |
|
In the method, encrypted content data are recorded onto a recording medium. The value of the result of applying a hash function to the content data recorded after encryption is recorded onto the recording medium. A content certificate is also recorded onto the recording medium. Said certificate includes a hash table digest obtained by applying a second hash function to the value of the hashing result, and heading information. Heading information includes information on the number of hash table digests. |
|
Method for recultivation of oil-contaminated soils Method includes investigation of area, application of fertilisers, ploughing and sowing of crops. Besides according to the method, sand is added into phosphogypsum in the ratio of 2:1, and produced mix is applied onto soil surface with a layer of 10-15 cm in the first year 3-4 times in a month, starting from the second half of April and to the middle of October, excluding cold rainy period, and in autumn a compost is thrown on surface of soil with a layer of 10-15 cm, and compost consists of phosphogypsum and humus of cattle wastes in the ratio of 1:7, in spring mixture made of mineral fertilisers and phosphogypsum taken in the ratio of 1:5 is added into soil, soil is ploughed, and oat is sown. |
|
|
Two-digit information coding method Text or audio information to be coded is converted to a sequence of combinations of graphic characters of two different types. Combinations of characters and coding letters are interrelated on the pattern with configuration of corresponding letters whose patterns are deposited in cells of a graphical array. The projection of the corresponding letter is positioned onto the graphical array using one type of characters for visible lines and another for invisible lines. Combinations of characters, coding letters or sound are displayed without intervals. The type and mutual arrangement of characters is additionally coded with a digital code. |
|
Cryptographic processing device, cryptographic processing method Invention relates to a highly reliable cryptographic processing device. In cryptographic processing, the Feistel type public key unit repeatedly executes the SPN type F function and has a nonlinear transformation unit and a linear transformation unit during several cycles. Processing of the linear transformation of the F function, which corresponds to each of the several cycles, is carried out by processing the linear transformation in which PMP quadratic matrices are used. Arbitrary m column vectors included in the inverse matrices of the PMP quadratic matrices placed in at least successive cycles with even numbers and successive cycles with odd numbers respectively make up the PMP quadratic matrix. |
|
Using isogenies to design cryptosystems Invention relates to public-key encryption. Isogenies of Abelian sets (for example elliptical curves, in a one dimensional case) are used to provide a public-key encryption system. For example, isogenies allow for using a set of curves instead of a single curve to provide for high reliability. Given methods can be used in identity based encryption (IBE) and digital signing. Also isogenies can be used in other applications, such as blind signature, hierarchical systems and the like. Also disclosed are solutions for generating isogenies. |
|
Safety connection to keyboard or related device First initial value is known both to the keyboard and the component. Keyboard and component exchange time values. Both the keyboard and the component compute the second initial value and the third initial value on the basis of time values and the first initial value. Both the keyboard and the component make one and the same computation so that both the keyboard and the component have one and the same second and third initial values. The keyboard encodes keystrokes meant for the component by using CBC-3DES method on the basis of the key and the second initial component, as well as creates message authentication code for each keystroke by using CBC-3DESMAC on the basis of the key and the third initial value. The component encodes and verifies keystrokes by using the key and the second and the third initial values. |
|
Invention is related to the field of telecommunications, namely to the field of cryptographic devices and methods for verification of electronic digital signature (EDS). Method for generation and verification of EDS includes the following sequence of actions: elliptical curve is generated in the form of combination of points, every of which is set by two multidigit binary numbers (MBN), n>2 private keys are generated in the form of MBN k1, k2, …, kn, private keys are used to generate n open keys in the form of points P1, P2, …, Pn of elliptic curve, electronic document is received, being represented MBN H, depending on received electronic document and on value of private key EDS Q is generated in the form of two or more MBN, collective private key is generated in the form of P point in elliptic curve generated depending on points , where α1, α2, …, αm are natural numbers, 2≤m≤n, αj≤n and j=1, 2, …, m, the first A and second B verification MBN are generated, at that at least one of verification MBN is generated depending on collective open key P, MBN A and B are compared. If their parametres coincide, conclusion is made on authenticity of electronic digital signature. |
|
Method of adaptive stream encryption and device for its implementation Changeable n-th degree primitive polynomials and changeable value of the Galois field extension GF(2q)n are generated and introduced according to the key at the transmitting and receiving sides correspondingly; these values are used for reconfiguration of the key generator. The device contains, at the transmitting and receiving sides correspondingly, a control unit, the input of which is connected to the output of the key information source, a primitive polynomial generation unit generating polynomials of the preset degree and the preset quantity, a memory unit performing retrieval of the given polynomial of the preset degree, a key generator performing synthesis of recurrent shift registers, an encoder, and a decoder. |
|
Device for automatic browsing of large number of codes by means of one key code Device for automatic browsing of large number of codes by means of one key code is meant for storing secret codes and provides access to these by inputting a key code. Device contains drums, inserts. Inserts are movably connected along side edge of each drum with creation of belts. Inserts have at least one visible side. Drums are pinned on a rod. The rod contains first stopper, fastened to its one end. Second stopper is fastened to second end of rod. |
|
Method for generation of encryption key At information receiver side, open encryption key is generated in form of two multi-bit binary numbers p and α. First multi-bit binary number is selected so that Eiler function φ(p) contains at least one simple multiplier γ in form of ξ-bit binary number. Second multi-bit binary number α is calculated from formula α=βφ(p)/γmod p. Then open encryption key is transferred to information sender, where image of encryption key is formed R=[αWmodp]tmodp, where t≥2 - coefficient, previously given by information sender and information receiver, and W - randomly generated multi-bit binary number. After that image of encryption key is transferred to information receiver, where encryption key is calculated from formula K=RZmodp, where Z=tγ-2modγ. Also proven is that when using the invention, amount of encryption key computation is reduced 4-16 times. |
|
Method and device for storage and reproduction of cryptographic secret key Device for reproduction of secret key of cryptographic system contains: processor, volume of energy-independent memory, operatively connected to aforementioned processor, and a set of parameters for secret key, stored in aforementioned volume of energy independent memory with utilization of lesser memory volume, than for full set of parameters, using Chinese theorem about remainder {p,q,dp,dq,v}, and providing greater efficiency of computations, then minimal set of parameters {p,q}, while secret key may be reproduced from aforementioned stored set of parameters of secret key. |
|
Computing module and method for realization of arithmetic operation with encrypted operands Device has first input for sending first encrypted operand, second input for second encrypted operand, third input for encryption parameter and output for encrypted result of operation. Also provided is adder with selective transfer for encrypted data, cryptographic processor, providing high level of protection from attacks, method for performing operations with operands, method and device for forming computing device for performing operations with operands. |
|
Method for exchanging confidential information Method for exchanging confidential information, including, in particular, operations for reproducing at a server of single information data block system for remote client terminal performed with decryption of identification address of remote terminal of client and with cryptographic transformation of information data, while transmission of single information data block for remote client terminal is performed in conjunction with generation and dispatching of any number of fake information data blocks. |
|
Method is performed using microcontrollers with two memory types: data and software. For transfer of each symbol individual main and reserve codes are used, on basis of number of repeats of symbol in transferred message. First transfer of symbol is performed by main code, second transfer of same symbol - by reserve code, and then codes synchronization displacement is activated for a step around circle relatively to symbols until finish of circle. After transfer of displaced reserve code, closing the circle, synchronous replacement of codes variants is performed, and then order of codes replacement is repeated in case of repeat of any symbol in transferred message. Number of required code variants is set by planned volume of information, sent via communication line. |
|
Random numbers generation method Method includes generating random numbers with use of displacement register with check connection, elementary digit of which is a q-based symbol (q=2l, l - binary symbol length) at length of q-based digits register, in check connection networks nonlinear two-parameter operations on q-based symbols F (ub, ud) are used, on basis of random replacement tables, for generating next random number values z1=F(ui, uj), z2=F(ut, um), zg=F(z1, z2) are calculated, where ui, uj, ut, um - values of filling of respective register digits, value of result in check connection networks zg is recorded to g digit of displacement register and is a next result of random numbers generation, after which displacement of register contents for one q-based digit is performed. |
Another patent 2513252.