190 results about "Rekeying" patented technology

The present invention provides a technique which makes it possible to eliminate unauthorized playback of contents where unauthorized apparatuses are used and enable only authorized playback apparatuses to play back contents properly. The playback apparatus of the present invention obtains encrypted key information that has been encrypted by a first secret-key encrypting method, and decrypt the encrypted key information into key information using a secret key stored in a storing unit. When the key information is key-updating information, the playback apparatus updates the secret key according to the key-updating information. When the key information is a decryption key, the playback apparatus (i) obtains an encrypted content key that has been encrypted by a second secret-key encrypting method, (ii) decrypts the encrypted content key into a content key using the decryption key, (iii) obtains a scrambled content that has been scrambled by a scramble encrypting method, (iv) descramble the scrambled content using the decrypted content key, and (v) plays back the descrambled content.

An encryption method and apparatus that provides forward secrecy, by updating the key using a one-way function after each encryption. By providing forward secrecy within a cipher, rather than through a key management system, forward secrecy may be added to cryptographic systems and protocols by using the cipher within an existing framework. A random-access key updating method can efficiently generate one or more future keys in any order. Embodiments are applicable to forward secret ciphers that are used to protect protocols with unreliable transport, to ciphers that are used in multicast or other group settings, and to protection of packets using the IPSec protocols.

The invention relates to a system for securing access to resources or computer systems by means of a self modifying, single use password that limits access to a system and automatically changes each time it is used. Independent computer systems, or clients, are utilized by users to generate one time passcodes to prove their identity to one or more authentication servers. Servers are used to authenticate user inputted one time passcodes, to maintain and update the status of one time passcode clients, and perform rekeying and reset operations. Middleware, an optional component, allows for the interaction between one time passcode clients and servers. Middleware allows for client rekeying and resets as well as synchronisation between the client and server. The invention facilitates, inter alia, distribution of clients to users, maintaining and administering the status of clients on one or more servers, generation of a one time passcode (OTP), authentication of a one time passcode, rekeying of a one time passcode client, resetting of a one-time passcode client, Resetting of a one time passcode client, requesting for generation of a one time passcode on a communication enabled client through software or hardware interfaces, and authentication of one time passcodes by remote application servers.

Disclosed is a system and method for maintaining a secure, encrypted networking session across a communications network by dynamically replacing encryption keys during the networking session and without terminating the session. A secure control channel is embedded within the general encrypted network connection and is used to transport encrypted control messages from one network endpoint to another. In order to hide that fact that such control messages are being transferred (as opposed to general network data traffic), the control message data packets are formatted in a way to simulate the standard general network data packets.

This invention is to provide a method for rekeying a rekeyable lock cylinder. The first step of entire rekeying process is to insert a first user key into a keyhole of a sliding block of a plug assembly and turn the first user key to rotate the plug assembly, then a thrust is added to the first user key to move the sliding block of the plug assembly, thereby disengaging a plurality of upper locking pieces and a plurality of lower locking pieces within a plurality of lower pin sets. Next, after pulling out the first user key from the keyhole, a second user key is inserted into the keyhole of the sliding block and turned to restore the sliding block as to reengage the upper locking pieces and the lower locking pieces. Finally, the second user key is pulled out to complete the entire rekeying process. Accordingly, the present invention may provide advantages of widely lowering rekeying cost and enhancing convenience in use, because lock replacement may be completed as soon as rekeying another user key only without replacing lock cylinder.

A version number is associated with an encrypted key executable to allow real time updating of keys for a system which facilitates users signing on to multiple websites on different domains using an encrypted ticket. Two keys may be used at each site during updating of keys, each having an associated one digit Hex version tag. When a key is to be updated with a new key, the existing or old key is provided an expiration time. A second key is provided from the system in a secure manner with a new version number and made the current key which provides decryption of the encrypted ticket. The system tracks both keys while they are concurrent. After the existing key expires, only the second, or updated key is used to provide login services for users. The system periodically flushes old keys.

The invention discloses a secret key updating method under active state comprising following steps: user terminal under active state or network side starts a secret key updating when satisfying preset condition; the network side and user terminal update secret key and consult start time of new secret key. The invention also discloses a secret key updating device under active state. The user terminal and network side actively starts secret key updating procedure, and solves problem of secret key updating of session under active state.

A key management apparatus which can be used to encrypt / decrypt content data in a content playback device includes a storing unit for storing a secret key, a key information decrypting unit for decrypting encrypted key information and an updating unit operable to update the secret key with an algorithm stored therein, when the decrypted key information is key-updating information. Seed information can be received for use with the algorithm to provide a new secret key, and preliminary trigger information can be used to poll a group of appliances to request key information to determine any duplication of appliances.

A version number is associated with an encrypted key executable to allow real time updating of keys for a system which facilitates users signing on to multiple websites on different domains using an encrypted ticket. Two keys may be used at each site during updating of keys, each having an associated one digit Hex version tag. When a key is to be updated with a new key, the existing or old key is provided an expiration time. A second key is provided from the system in a secure manner with a new version number and made the current key which provides decryption of the encrypted ticket. The system tracks both keys while they are concurrent. After the existing key expires, only the second, or updated key is used to provide login services for users. The system periodically flushes old keys.

The invention provides a method for improving the security of a mobile terminal in a WLAN environment by installing two shared secrets instead of one shared secret, the initial session key, on both the wireless user machine and the WLAN access point during the user authentication phase. One of the shared secrets is used as the initial session key and the other is used as a secure seed. Since the initial authentication is secure, these two keys are not known to a would be hacker. Although the initial session key may eventually be cracked by the would be hacker, the secure seed remains secure as it is not used in any insecure communication.

The invention provides a steganography-based key transmission and key updating method, which is applied to the field of information safety. The method comprises the steps that a communication party A sets a communication type, an encryption algorithm an steganography algorithm, selects a steganography carrier and generates a communication identifier and then performs the updating of a transmission key or the transmission process of a conversion key; a new transmission key is selected when in updating, a time stamp and a signature are generated to encrypt and steganograph the transmission key, the key updating information is generated to be transmitted to a communication party B, and the communication party B performs the verification, de-staganography and deciphering to obtain the transmission key; and the conversion key is selected in transmission to generate a time stamp and a signature so as to encrypt and steganograph the conversion key, the key transmission information is generated to be transmitted to the communication party B, and the communication party B performs the verification, de-steganography and deciphering to obtain the conversation key. The key is concealed by utilizing the steganography, so that an encrypted data format in the key transmission process and the key updating process can be effectively protected, and the safety transmission of multiple encryption and decryption algorithm conversation keys can be realized.

Apparatuses, systems, and methods for optimal group key (OGK) management that may achieve non-colluding and / or the storage-communication optimality are disclosed. In some embodiments, a group controller (GC) is responsible for key generation and distribution and the group data are encrypted by a group key. When joining the group, in some embodiments, each group member (GM) is assigned a unique n-bit ID and a set of secrets, in which each bit is one-to-one mapped to a unique secret. Whenever GMs are revoked from the group, in some embodiments, the GC will multicast an encrypted key-update message. Only the remaining GMs may be able to recover the message and update GK as well as their private keys. The disclosed OGK scheme can achieve storage-communication optimality with constant message size and immune to collusion attack and also may outperform existing group key management schemes in terms of communication and storage efficiency.

A rekeyable lock cylinder comprises a cylinder body, a plug, an adjusting block and a plurality of rack component assemblies. The plug disposed within the cylinder body has a trench and a plurality of rack component runners communicating with the trench. The adjusting block disposed at the trench has an arc sidewall, a plurality of leading slots corresponding to the rack component runners one by one and a position groove recessed from the arc sidewall. The position groove has a notch portion and a groove inner portion, wherein a depth of the groove inner portion is larger than a depth of the notch portion. Each of the rack component assemblies comprises a first rack component disposed at the rack component runner and a second rack component capable of engaging with the first rack component. Each of the first rack components has a rib portion located at the leading slot.

Security key distribution techniques using key rollover strategies for wireless networks are described. A number of keys are generated, usually by an access point. The present invention allows a standard mode and a mixed mode. In standard mode, each device on the network supports automatic key updates. In mixed mode, one or more devices on the wireless network require fixed keys. In both modes, a predetermined number of keys are determined and communicated to client devices that are accessing the wireless network. The predetermined number is determined so that a client device can miss a certain number of authentication periods without losing communication with the wireless network. Preferably, transmit keys used by an access point are different than the transmit keys used by the client devices that support automatic key updates.