|
Invention relates to computer engineering and specifically to means of secure communication in a network. The method relates to secure transmission of information from a first node (N1) to a second node (N2) in a network, the first node comprising a first node keying material (KM(ID1)), the second node comprising a second node keying material (KM(ID2)), wherein the keying materials of the first node and of the second node comprise each a plurality of shared keying root parts formed by segments of the shared keying root parts. A communication network, having at least two communication devices, carries out said method. |
|
|
Invention relates to computer engineering. The information protection method is based on two-way transmission and subsequent detection of probing radio signals carrying their emission timestamps, associated with predetermined time scales, and originating from communication devices located at both ends of a radio link, performing irreversible mathematical transformations over number sequences, encryption and decryption of messages using a key, while performing mutual recognition of communication participants and synchronising the time scale of the communication devices of the participants. The method also includes setting the operating time interval of information protection means and accumulating two matching sets of binary equivalents. |
|
|
Method of creating electronic document Invention relates to legally valid electronic document management. In the method, a certification centre places, in the body of an electronic document, an additional authentic label on the security level of accessing a personal key of a person registered at the certification centre. The centre verifies the electronic signature of the sent document with a signed hash and creates a security level label containing a label number, a document hash, a current time stamp, information on security parameters of the personal key, then signs the label with a key of the certification centre and returns the signed label. Signature verification can be performed based on biometric authentication of the person that has signed the document, and the security level label of the personal key further includes information on the time and parameters of biometric authentication, which ensures more accurate determination of the time of possible compromise of the personal key. |
|
|
Method for multichannel reception and transmission of navigation safety information Existing single-channel method of receiving navigation safety information through narrow-band direct printing in the short-wave range with an allowable error threshold thereof of 4% can be replaced with extended verbal instructions of message symbols by a digital selective call, wherein a shipborne receiver may collect symbol-by-symbol even a message that is received distorted on all transmission channels thereof. |
|
|
Wireless transmission protection system and method Wireless transmission protection system and method relate to wireless communication. The method of transmitting secure messages by a transmitting device includes encoding a message using a secret code for generating L output code words, where L is an integer value greater than 1, wherein the secret code includes a first security code and a second security code, transmitting one of the L output code words to a communication device if the channel quality between the transmitting device and the communication device satisfies a certain criterion, repeating transmission for each of the remaining L-1 output code words. |
|
|
Method and apparatus for obtaining security key in relay system Invention relates to communication engineering. The method of obtaining a security key in a relay system, wherein a node in a relay system obtains an initial key, in accordance with the initial key, the node obtains a root key of the security key of the radio interface between the node and another node adjoining said node, and in accordance with the root key, the node obtains a security key of the radio interface between the node and said other adjoining node. Therefore, in accordance with the initial key, each lower-level node obtains a root key of the security key of the radio interface between each lower-level node, such that UE data on an interface link Un can be secured accordingly. |
|
|
Method of protecting security data transmitted by transmitter device to receiver device Invention relates to a method of protecting security data transmitted by a transmitter to a receiver, the method comprising periodic transmission to a receiver, alternately with said security data, of neutral data intended to prevent security data filtering. |
|
|
Invention relates to a method an apparatus for performing cryptographic transformation in an electronic component. The method comprises obtaining a point P(X,Y) based on a parameter t on an elliptic curve which satisfies the expression Y2=f(X), and based on polynomials X1(t), X2(t), X3(t) and U(t), which satisfy the equation f(X1(t)).f(X2(t)).f(X3(t))=U(t)2 in Fq, wherein q=3 mod 4; further obtaining the value of the parameter t and determining the point P by carrying out substeps for (i) calculating X1=X1(t), X2=X2(t), X3=X3(t) and U=U(t), (ii) if the element f(X1).f(X2) is a square, checking if the element f(X3) is a square in Fq, and if so, calculating the square root of the element f(X3) to obtain a point P(X3), (iii) otherwise checking if the element f(X1) is a square, and if so, calculating the square root of f(X1) to obtain a point P(X1), (iv) otherwise calculating the square root of the element f(X2) to obtain a point P(X2), and then using said point P in a cryptographic application. |
|
|
Method of controlling access to set of channels for receiving or decoding device (versions) Invention relates to computer engineering. A method of controlling access to a set of channels using a receiver/decoder comprising a security module (SC), each channel being encrypted by a specific channel control word (CW1, CW2), each channel having a channel identifier and transmitting access control messages ECM containing at least the current channel control word and the channel access conditions. The method comprises the following steps: tuning to a first channel having a first channel identifier (ID1); transmitting the ID1 to the SC; receiving first access control messages ECM1 containing a first control word (CW1); transmitting the first access control messages ECM1 to the SC; decrypting the first access control messages ECM1 and verifying the channel access conditions; if the access conditions are met; transmitting the CW1 to the receiver/decoder; storing of the CW1 and the ID1 in the SC; tuning to a second channel having a second channel identifier ID2; transmitting the ID2 to the SC; calculating, by the SC, the second control word (CW2) by performing the following steps: calculating a root control word (RK) with an inverse cryptographic function F-1 using the CW1 and the ID1; calculating the CW2 with the cryptographic function F using the RK and the ID2; transmitting the CW2 to the receiver/decoder. |
|
Method for three-dimensional nonlinear replacement transformation Invention relates to computer engineering and telecommunication and is intended to solve the problem of protecting computer information. The method of performing three rounds of transformation is carried out along x, y, z axes. The first round involves performing N two-dimensional replacement transformations of layers Lx0, Lx1, …, Lx(N-1); the second round involves N two-dimensional replacement transformations of layers Ly0, Ly1, …, Ly(N-1); the third round involves N two-dimensional replacement transformations of layers Lz0, Lz1, …, Lz(N-1). |
|
|
Method of encrypting n-bit unit m Method of encrypting an n-bit data unit M includes generating a secret key by generating subkeys Q and R and auxiliary subkeys in form of mutually simple multi-bit binary numbers m1 and m2, generating an auxiliary n-bit data unit T, generating an n-bit auxiliary cryptogram CM by performing a block encryption operation E over the M depending on Q using the formula CM=EQ(M), generating n-bit auxiliary cryptograms CT by performing a block encryption operation E over T depending on R using the formula CT=ER(T), generating a cryptogram C in form of a solution of a system of two identities C≡CMmodm1 and C≡CTmodm2 with unknown C. In a particular version of the method, m1 and m2 are prime numbers. |
|
Invention relates to controlling access to scrambled content during hierarchical encoding. The hierarchical access control method includes: receiving and transmitting to a protective processor second cryptograms (CWi)Ki for i, ranging from 1 to k-1, obtained by encoding control words CW1-CWk-1 using corresponding keys K1-Kk-1, built using at least part of an array formed by data residing in ECMk, and an operational key CEk; decoding the second cryptograms (CWi)Ki, only if access conditions CAk, obtained in the ECMk message, correspond to access rules TA, and without preliminary comparison of access conditions CAi with access rules TA for i, strictly less than k, and, otherwise, blocking decoding of the second cryptograms (CWi)Ki, if access conditions CAk do not correspond to access rules TA. |
|
Techniques to provide and manage digital telephone to authenticate with network Invention relates to communication networks. The technical result is achieved due to that the apparatus may comprise a digital telephone management component having a telephone interface module operative to receive security information in the form of a personal identification number (PIN) for an operator or device. The digital telephone management component may also comprise a telephone security module communicatively connected to the telephone interface module, the telephone security module being operative to receive encrypted security credentials from a computing device, and decrypt the encrypted security credentials with the PIN. The digital telephone management component may further comprise a telephone authentication module communicatively connected to the telephone security module, the telephone authentication module being operative to authenticate the digital telephone using the security credentials. |
|
Method of enforcing rules for accessing broadcast product realised by control centre Invention relates to broadcast encryption and specifically to a method of managing authorisation rules in a data broadcasting system. Disclosed is a method of enforcing rules for accessing a broadcast product, received by receivers, which is realised by a control centre. Access is provided by a product key and the management centre manages a set of Boolean positive and negative attributes at receivers, which comprises steps of: associating one positive Boolean attribute with a receiver entitled to the attribute and loading a state therein; associating one negative Boolean attribute with a receiver not entitled to the attribute and loading a state therein; defining a second broadcast encryption scheme for the negative Boolean attributes and associating with each negative Boolean attribute corresponding decryption key material; expressing access conditions for a product as a Boolean expression by combining one positive Boolean attribute and one negative Boolean attribute by Boolean conjunction or disjunction; generating a cryptogram for transmission to a receiver by encrypting the access key with the two combined broadcast encryption schemes according to said Boolean expression. |
|
Invention relates to exchange of data between at least two servers using a gateway. Each server has a unique federative identifier, said identifier identifying a single patient (P). By creating one session pseudonym for each pair of a providing server (12), which stores relevant patient data, and a requesting server (10) and by formatting the input session identifier associated with the requesting server and the output session identifier associated with the providing server for each session pseudonym, the servers can exchange anonymous data with each other. Patient data are transmitted from at least one providing server to a requesting server, and all session pseudonyms are replaced at the requesting server with an identifier of the requesting server for the patient (P). |
|
Cryptographic secret key distribution Invention relates to distribution of a cryptographic secret key between a transmitting side and a receiving side. An apparatus for secure reception and transmission of data comprises a key generation controller and a unit for providing the number of iterations. |
|
Method of embedding message in jpeg 2000 digital image Method of embedding a message in a JPEG 2000 digital image involves replacing coding coefficients of medium-frequency and high-frequency wavelet transformation subranges, wherein embedding is performed after the procedure of quantisation into blocks of wavelet coefficients measuring N×N. Bit values of the embedded message are coded by the parity of the sum of values of wavelet coefficients in a block, wherein if the value of the embedded bit does not match the parity of the sum of values of wavelet coefficients in the block, the value of one of them is increased by one, wherein the wavelet coefficient whose value has the greatest fractional part is selected for modification. |
|
Invention relates to a wireless communication device. The device includes: a plurality of communication modules for transmission, which are adapted to modulate and transmit a transmission object signal; the communication modules for transmission include at least one communication module for transmission in which a modulation method is employed, which is different from the modulation method employed in another communication module(s) for transmission. |
|
Method and apparatus for pseudonym generation and authentication Invention relates to protection of user information from unauthorised access using a pseudonym and can be used in electronic medical systems. The method and apparatus for generating and authenticating a pseudonym are intended for protecting user information from unauthorised access. The method comprises steps of: determining a set of public parameters and a set of private parameters; receiving a user identifier IDuser from a user device; generating a prime pseudonym based on the determined set of private parameters and the IDuser; and transmitting the prime pseudonym Pprime and the set of public parameters to the user device. A Personal Identity Manager (PIM) includes a unit for determining a set of public parameters and a set of private parameters, a unit for receiving a user identifier IDuser, a unit for generating a prime pseudonym and a unit for transmitting the prime pseudonym to the user device. |
|
Method and apparatus for controlling distributed information system data streams Apparatus includes a response stream generating unit, a network configuration control unit, a switching unit, a switching table control unit, a switching table storage unit, an event detecting unit, a dynamic network configuration table control unit. |
|
Disclosed is a method and a system for decoding a data stream which includes a series of data frames, where the method includes a step of generating a cryptographic value for a block of N consecutive data frames and configuration information, characterised by that the configuration information includes information for rendering the data stream; the method then inserts the cryptographic value into the data stream, following the N consecutive data frames. |
|
Secure information transmission method Useful signal is encoded into a binary code; a first generator generates a source deterministic random signal by modulating parameters of the random signal with the useful digital signal and the obtained signal is transmitted over a communication channel to a receiving side where it is divided into two identical signals which are transmitted to a second generator and a third generator, which are identical with respect to control parameters, selected to facilitate a mode for general synchronisation with the first generator; signals obtained from the outputs of said first and third generators are transmitted to a subtractor and presence or absence of oscillations determines presence of a useful digital signal presented in form of a digital code, wherein periodic signals are obtained at the outputs of the second and third generators. |
|
Integrating enterprise identity authorisation in conferences First identifier is received. A user is identified from a plurality of users based at least in part on the first identifier. A second identifier is received that corresponds to the first identifier and the user and the user is validated based on both the first identifier and the second identifier. The user may then join the conferencing session, with the user's identity being revealed to others attending the conferencing session. |
|
Network component having a processor connected to memory and configured to exchange security information using a plurality of attributes in a management entity (ME) in an optical network unit (ONU) via an ONU management control interface (OMCI) channel, wherein the ME supports a plurality of security functions that protect upstream transmissions between the ONU and an optical line terminal (OLT). Also included is an apparatus having an ONU configured to connect to an OLT and having an OMCI ME, wherein the OMCI ME has a plurality of attributes that support a plurality of security features for upstream transmissions between the ONU and the OLT, and wherein the attributes are transmitted via an OMCI channel between the ONU and the OLT and provide the security features for the ONU and the OLT. |
|
Method for quantum encoding and transmission of cryptographic keys Quantum cryptographic system not only enables to detect any attempts at intruding into a communication channel, but also guarantees unconditional secrecy of transmitted cryptographic keys under the condition that an error at a receiving station in primary keys does not exceed a certain critical value. The method involves generating polarisation states at a receiving/transmitting station for a series of classic synchronising laser pulses using a polarisation controller in one arm of an interferometer and a polarisation controller at the output of the interferometer, which facilitate interference balancing of the interferometer; after reflection from a mirror in a transformation station, a series of single-photon states is detected at the transmitting/receiving station and the obtained photocount statistics are used to calculate the permissible error, which is then compared with a certain error threshold to obtain a cryptographic key known only at the transmitting/receiving and transformation stations. |
|
Invention relates to authentication methods and specifically to methods and an apparatus for authentication of subscribers in IP telephony networks. The technical result is achieved due to that the disclosed method for authentication through a user device when attempting to access an IP telephony network comprises steps of: obtaining one or more private keys of said user from secure memory associated with said user device; generating an integrity key and a ciphering key; encrypting said integrity key and said ciphering key using a session key; encrypting said session key with a public key of said IP telephony network; and providing said encrypted session key, encrypted integrity key and encrypted ciphering key to said IP telephony network for authentication using a public key infrastructure (PKI) coupled with an authentication and key agreement (AKA) mechanism. |
|
Method and device for verifying dynamic password Invention relates to computer engineering. Method of verifying a dynamic password, involving generating, by a mobile device, an initial code using token software, and transmitting the initial code to a verification server through a web page; generating, by the mobile device, a Diffie-Hellman key using a Diffie-Hellman algorithm according to a private Diffie-Hellman after verification of the initial code; and generating an initial token value according to the Diffie-Hellman key using a hashing algorithm; and generating the current dynamic password by executing a predefined algorithm for processing the initial token value and the current time, and transmitting the current dynamic password to the verification server through a web page; generating, by the verification server, a dynamic password of the verification server according to the received initial code and by using the same Diffie-Hellman algorithm as that used by the mobile device; and comparing, by the verification server, the dynamic password of the verification server with the dynamic password generated by the mobile device, and verifying whether the dynamic password generated by the mobile device is correct. |
|
Scrambling and descrambling device for parallel frame synchronisation Scrambling device for parallel frame synchronisation includes a control unit used to successively read a pseudorandom sequence from a data storage device and obtain content which corresponds to parallel data in that pseudorandom sequence, a data storage device configured to store the pseudorandom sequence, which is predetermined, and input content which corresponds to parallel data in the pseudorandom sequence into an XOR unit which performs XOR processing alternately for parallel data which are input successively with content which corresponds to parallel data in the pseudorandom sequence, and then outputs scrambled data. When the bit length of the parallel data is equal to Q, content which corresponds to parallel data in the pseudorandom sequence is Q bits of content, and the length of the pseudorandom sequence is equal to T×Q, and the pseudorandom sequence consists of Q M-sequences of a pseudorandom code, where T is the period of the repetition cycle of M-sequences. |
|
Methods and apparatus for selective data encryption Method includes a step, at an encryption device (710), of: determining whether the length of a message M is greater than, equal to or less than the length of a key k; and if the length of the message M is greater than the length of the key k, exactly k bits of the message M are encrypted; if the length of the message M is equal to the length of the key k, said k bits of the message M are encrypted; if the length of the message M is less than the length of the key k: the message M is connected in series with the next message to obtain a message which is elongated by at least k bits. At least one next message contains bit stream data and is the payload of the next packet; and exactly k bits of the elongated message are encrypted, wherein the message M is the payload of the packet and contains bit stream data. |
|
Identification-based data entity encryption for safe access thereof Method involves encrypting (103), using a symmetric encryption key (102), a data entity (100) to obtain an encrypted data entity (104), and encrypting (105), according to an identification information based encryption scheme with a data entity (100) identifier (101) and a master public key, said symmetric encryption key (102) to obtain an encrypted encryption key (106), granting a requesting party a decryption key (201) for decrypting the encryption key (106), where the decryption key is granted in response to a permit request, which includes a decryption key (201) to be issued to the requesting party, recording the granted decryption key (201) in a log book, and performing regular verification. |
|
Network architecture for secure data transmission Network architecture includes a perimetre network connected between an internal network and an external network. The perimetre network includes one or more external edge nodes that are connected to the external network and a plurality of proxy servers that are each connected to one or more of the external edge nodes. One or more internal edge nodes are connected between the plurality of proxy servers and the internal network. The proxy servers are configured to establish a first secure connection between a destination through the external network and a second secure connection to a destination in the internal network. Each of the plurality of proxy servers provides a substantially identical identification for authentication when establishing the first and second secure connections. |
|
Method for iterative cryptographic transformation of data Method involves generating a sequence of round keys K1, K2,…, KR, where R is the number of transformation rounds, from a private key using a key turning procedure; executing R transformation rounds; each round key used at the i-th round (Ki) is used to generate N round sub-keys Ki1. Ki2,…, Kin, where N is the number of paths of round transformations in each round; when executing each i-th round, N copies Ci1, Ci2,…, Cin of an input unit C are created, each copy Cij subjected to stochastic transformation Eij, which is recorded in the form Cij:=Fij(Cij, Kij); the transformed values Cij are transmitted to inputs of a combinational circuit F, the function of which is a parallel composition of different paths of round transformations; the result of actions of the combinational circuit C:=F(Ci1, Ci2, …, Cin) is declared the round result, which is transmitted to the input of the next round for i<R, and the result of the actions of the last round is the transformation result. |
|
Digital rights management apparatus and method Method comprises steps of: encoding a digital program to link said digital program with an authentication agent by packing the digital program and authentication agent into single digital content. Said authentication agent includes a program code executed by a device, wherein the device can reproduce said digital program and execute the program code. The program code is configured to authenticate the device when executed in the device; and provide said device with digital content which includes said digital program and said authentication agent. Said digital program is encrypted via a first encryption algorithm, and the decryption key of the fist encryption algorithm is encrypted via a second encryption algorithm and is stored in the authentication agent. |
|
Method for cryptographic transformation of information and apparatus for realising said method Method is based on breaking down an initial 32-bit input vector into eight serial 4-bit input vectors. Conversion tables are placed in each replacement unit, each table having sixteen rows, each row having four padding bits corresponding to 4-bit output vectors. Four replacement units are used, one for each pair of 4-bit input vectors, wherein each replacement unit employs a 16-byte or more central processing unit register in which two conversion tables are placed, and conversion of pairs of 4-bit input vectors to pairs of 4-bit output vectors in accordance with the conversion unit is carried out by switching the rows of the conversion tables to the central processing unit register of the corresponding replacement unit using pairs of 4-bit input vectors in form of switching addresses, after which the 4-bit output vectors are combined in series into a 32-bit output vector. |
|
Invention realises a common key block encryption processing with improved immunity against attacks, such as attack by saturation and algebraic attacks (RYAS attacks). In the encryption device which performs common key encryption processing, S blocks which are used as nonlinear conversion processing modules in round functions established in round function execution modules are configured to use S blocks of at least two different types. Such a configuration can improve immunity against attacks by saturation. Furthermore, the types of S blocks are a mixture of different types. Use of such a configuration can improve immunity against algebraic attacks, thereby realising a highly secure encryption device. |
|
Hardware interface for enabling direct access and security assessment sharing IPv4 to IPv6 translation component provides IPv4 to IPv6 translation for data traffic that is incoming to the network interface card. An IPsec component is configured to terminate an IPsec connection. An enterprise security assessment sharing component is configured to implement a security assessment publish and subscribe model in hardware for sharing security assessments among network endpoints, a security assessment being arranged to provide contextual meaning to a security incident that occurs within an enterprise network environment. |
|
Systems, methods and apparatus for detecting and correcting encryption errors Method involves using a first set from one or more input encryption parameters for decrypting data in a received protocol data unit, wherein encrypted data were encrypted using a second set from one or more input encryption parameters; comparing the value of at least part of the decrypted data with an expected value; detecting, using a decryption control scheme, an encryption error if the value of at least part of the decrypted data does not match the expected value; and initiating an encryption resynchronisation procedure in response to the determination that there has been an encryption error, in order to resynchronise at least one input encryption parameter from the first set with at least one input encryption parameter from the second set. |
|
Multi-factor content protection Recipient receives content from a publisher. Some content is managed by an access server. The access server controls the recipient's use of managed content through interaction with a trusted agent at the recipient. The content is encrypted on a content key, and the content is associated with policy information. The policy information includes the content key for decrypting the content. The policy information is encrypted on an access server key allowing the policy information to be decrypted by the access server. The content key is received from the access server. The content key is encrypted on a trusted agent key. The content key is further encrypted on additional factor(s) defining additional content protection beyond that provided by trusted agent. The content key is decrypted using the trusted agent key and the at least one additional factor. The content is decrypted using the content key. |
|
Creating and validating cryptographically secured documents Entity having namespace ownership rights may create a document in an authorised namespace and sign the document with a private key. Other entities may validate that the document was created by an authorised namespace owner by using a public key available in security data associated with a parent document of the document. For a root document, the public key may be available from a directory service. A namespace owner may change the namespace owner(s) that are allowed to create children of a document. |
|
Encryption device defined in standard gost 28147-89 Round device realising a sequence of actions for each data encryption device, comprises a summation unit CM1, a substitution box K, a shift unit R, an extra register PREG. In view of using the extra register, a maximum clock frequency in the data flow chart is determined by a maximum delay in the unit CM1, and in the boxes S and R. |
|
Method and system for concealing data encryption in communication channel Method of concealing data encryption in a communication network involves the following operations: generating a set of characters using a set of encryption keys as input into a pseudorandom function, wherein each character corresponds to an indicator value; subdividing the encrypted data into a plurality of parts; partitioning each part into a plurality of groups; encoding each part by mapping each group with a character in the set of characters in accordance with its indicator value; and transmitting the mapped characters over a communication network. |
|
Method of detecting radio-electronic equipment Method involves further multiplication and low-pass filtering of the output voltage of each antenna element with reference signal voltages corresponding to all antenna elements and presenting the multiplication and filtration results in form of a cross-correlation matrix of signals; performing corresponding multiplication, summation and subtraction operations with signals of corresponding elements of the cross-correlation matrix of signals to obtain the determinant of the cross-correlation matrix of signals; finding the maximum value of the determinant of the cross-correlation matrix of signals and, for the maximum value of the determinant of the cross-correlation matrix of signals, based on reference signal parameters, determining the frequency value and direction of arrival of the signal of continuously emitting radio-electronic equipment. |
|
Method comprises steps of selecting an arbitrary duration T for successive crypto-periods; replacing the current encryption key TEKj with a new key TEKj+1 at the end of each crypto-period using a synchroniser; encrypting successive segments Pi K through TEKj, wherein each Pi begins at the corresponding time tdi; the generator generating a packet Si, the duration of reception of which is shorter than the duration of reproducing Pi, wherein Si includes an encrypted Pi and a cryptogram of each TEK, used to encrypt Pi, wherein the step of replacing TEKj with TEKj+1 for encrypting Pi is delayed until a time tdi+TSTKM or is postponed to tdi in response to the exchange of a synchronisation signal between the generator and the synchroniser, wherein duration of TSTKM is greater than or equal to the time required by the receiver to decrypt the crytogram TEKj, included in Si, and is strictly less than a selected T. |
|
Method and apparatus for end-to-end encrypted communication Method for end-to-end encrypted communication includes: storing a set of keys suitable for end-to-end encrypted communication in a user terminal. One or more keys are associated with a validity indicator which defines a cryptographic group of two or more user terminals in which the corresponding key should be used, and a period during which said key is usable in said cryptographic group; connecting, at the user terminal, to the cryptographic group communication and selecting the key to be used from the stored set of keys based on said cryptographic group and current time in accordance with the associated validity indicator. |
|
Disclosed is a method of protecting information based on identification data, which involves encrypting a source message and subsequent decryption using a secret key generator and by applying a computational technique, characterised by that the following procedures are performed: at the initial initialisation step, calculating a secret master key and a system public key; at the second step, sending the secret master key to the input of an algorithm which executes the secret key computation step and generates, at the request of the decryption algorithm, a secret key for the new system user; at the encryption step, encrypting the source message using the identifier of the new user and the system public key obtained at the initial initialisation step; at the decryption step, transmitting to the input of the decryption algorithm the secret key for the new user and decrypting the message obtained at the encryption step. |
|
Device for encrypting data according to standards gost 28147-89 and aes Device for encrypting data includes a GOST 28147-89 conversion circuit, an AES conversion circuit, an AES key conversion unit, a first multiplexer, a second multiplexer, a data storage and a key storage; the output of the data storage is connected to the first input of the GOST 28147-89 conversion circuit and to the first input of the AES conversion circuit; the output of the key storage is connected to the second input of the GOST 28147-89 conversion circuit, the second input of the AES conversion circuit, the input of the AES key conversion unit and the second input of the second multiplexer; outputs of the GOST 28147-89 conversion circuit and the AES conversion circuit are connected to the first and second inputs of the first multiplexer, respectively; the output of the first multiplexer is connected to the input of the data storage; the output of the AES key conversion unit is connected to the first input of the second multiplexer; the output of the second multiplexer is connected to the input of the key storage; encryption algorithm selection signals are transmitted to the control inputs of the first and second multiplexers. |
|
Electronic certification, identification and transmission of information using coded graphic images Method of electronic certification, identification during data transmission by means of usage of coded graphic images, including: user registration on a server of a system for electronic certification, identification and transmission of data by means of usage of coded graphical images, where process versions have a client-server architecture; generation of one or several graphical images to the registered user; coding of certain user information in one or several images; coding of a user's message; and classification of correspondence during its transmission between users by means of attachment to the message of one or several specified graphical images, used by the client connected with the second user, in order to confirm authenticity of one or several certifications, identifications and correspondence. |
|
Method for secure transmission of information using pulse coding Method for secure transmission of information includes generating an information signal with encoded information, adaptive summation of said signal with a chaotic masking signal, transmitting the resultant signal over a communication channel to a receiving device, detecting information; during detection, the information signal is identified based on a neural network technique. |
|
Method includes receiving authentication request information from an application service providing server in order to request the interface server to authenticate the user terminal receiving an application service provided from the application service providing server; authenticating the user terminal according to the authenticating request information; and transmitting authentication response information including an authentication result of performing the authentication method to the application service providing server. The interface server provides an interface for a network to the application service providing server, wherein the authentication method is selected by the interface server or the user of the user terminal without the intervention of application service provider for successful authentication of the user terminal when the authentication method selected by the application service provider is inapplicable for the interface server, wherein information on the authentication method selected by the user of the user terminal is used together with the interface server. |
|
Method for user terminal authentication and authentication server and user terminal therefor Method for user terminal authentication in an authentication server comprises steps of: receiving authentication request information for accessing a network from the user terminal; processing an EAP authentication procedure according to the authentication request information; and transmitting a message related to the EAP authentication procedure to the user terminal, wherein the message includes network rejection information when network rejection is triggered, and the network rejection information includes network rejection reason information and control information related to re-accessing instructions for the user terminal to cope with the network rejection. |
Another patent 2527805.