Patent
Access control for sensitive functions
James Press
- 16 Oct 1995
25
TL;DR: In this paper, the authors propose a challenge/response mechanism to verify the correctness of a cryptographic algorithm in a data processing system against a user replacing a weak algorithm intended for the protection of data with a strong one intended for use by the security infrastructure.
read more
Abstract: A data processing system has a security infrastructure, including a first cryptographic support facility, a security service for user data, including a further cryptographic support facility, and a number of cryptographic algorithms, usable by said cryptographic support facilities. In order to protect against a user replacing weak algorithms intended for the protection of data with strong algorithms intended for use by the security infrastructure, a challenge/response mechanism is provided, which enables the cryptographic support facilities to verify authenticity of the algorithms. The challenge/response mechanism is as follows. First, the cryptographic support facility sends a challenge to the algorithm. The algorithm then generates a response by applying a cryptographic function to the challenge, and returns the response to the cryptographic support facility. The cryptographic support facility then checks whether the response has an expected value. Only upon successful authentication does the algorithm reveal a pointer to a function table. The pointer is encrypted under a shared secret key to prevent an "attacker in the middle" attack.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Patent
Multi-purpose transaction card system
David Chaum,Niels Ferguson,Jelte Van Der Hoek +2 more
- 13 Feb 1995
TL;DR: Disclosed is a multi-purpose transaction card system comprising an issuer (101), one or more cards (102), oneor more terminals (103), and optionally one or multiple acquirers (104), communicating using a variety of cryptographic confidentiality and authentication methods as mentioned in this paper.
201
Patent
System and method for protecting use of dynamically linked executable modules
Charles E. Mcmanis
- 09 Oct 1996
TL;DR: In this paper, the verifier responds to procedure calls by verifying the authenticity of any specified program module and by returning a verification confirmation or denial, when the program module verifier fails to verify the correctness of a program module, the calling program module throws an exception and aborts its execution.
109
Patent
System for providing session-based network privacy, private, persistent storage, and discretionary access control for sharing private data
Colin Savage,Christopher Petro,Sascha Goldsmith +2 more
- 24 Jul 2015
TL;DR: In this paper, the authors proposed a system for anonymous network browsing, in which the anonymity system is unaware of both the user's identity and browsing activities, and private network storage and retrieval of data such as passwords, profiles and files.
86
Patent
Pointguard: method and system for protecting programs against pointer corruption attacks
Stanley Crispin Cowan,Seth R. Arnold,S. Beattie,Perry Wagle +3 more
- 06 Dec 2002
TL;DR: In this article, the value of a pointer is encrypted each time the pointer is initialized or modified, and then the value is decrypted before use, i.e., each time a pointer can be read.
81
Patent
Initial secret key establishment including facilities for verification of identity
Moreau Thierry
- 07 May 1998
TL;DR: In this paper, a secret key registration process for the Probabilistic Encryption Key Exchange (PEKE) cryptosystem is described, and the registration software derives the key assigned to the applicant from the PEKE secret key, and loads it into the secret key store.
72
References
Patent
Continuous authentication using an in-band or out-of-band side channel
Robert Earl Scott,Richard Kent Smith +1 more
- 26 Aug 1993
TL;DR: In this paper, a reauthentication procedure between the modems of a public switched telephone network (PSTN) data connection, which is between a computer facility and a user, provides a secure method for protecting the computer facility against an active wire tap, or spoofing, by an intruder.
217
Patent
System method and apparatus for authenticating an encrypted signal
John R. Michener,Benjamin Samit +1 more
- 01 Feb 1993
TL;DR: In this article, a cryptographic communications system includes a method and apparatus for exchanging messages between a user terminal, containing a secret key, and an operations center wherein each party authenticates signals received from the other party before any other information is exchanged.
152
Patent
Method and apparatus for preventing wireless fraud
Steven Joseph Hodges,Zev Chaim Rubenstein +1 more
- 24 Jan 1994
TL;DR: In this paper, the use of stolen mobile identification number (MIN) and electronic serial number (ESN) information to fraudulently place wireless calls is prevented by having the switches of multiple wireless carriers forward or direct, over a telephone connection, all calls placed from selected MINs to a central authentication platform that serves the multiple wireless carrier.
115
Patent
Apparatus and method for encrypting communications without exchanging an encryption key
John D. Hoskinson
- 02 Dec 1993
TL;DR: An encryption/decryption unit (EDU) and method for determining a data encryption key used in encrypting and decrypting data transmitted over a non-secure communication link is described in this article.
107
Patent
Selected-exponent signature systems
David L. Chaum
- 21 Jun 1989
TL;DR: In this paper, the authors proposed a digital signature scheme in which exponents may be chosen by the message to be signed itself, by the signing party, by a party providing the message for signature, and/or by the party to whom the signature is shown.
87
Related Papers (5)
Anne O'connell,Tadhg Creedon,Deidre A. Smith +2 more
- 30 Jan 1992
Erik Westerberg,Jan Forslow +1 more
- 09 Mar 1999
Edward Acosta
- 22 Jan 2001