Embodiments include method, systems and computer program products for providing entropy to generate random numbers.

Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate a key pair comprising a public key and a private key. The first computing device can generate a first shared secret using the private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.

System and methods are provided for admission to networks that include at least one node providing network coordinator functions. A network coordinator may have a random number generator, with the network coordinator distributing a random number within a network that include at least a first node and a second node. The network coordinator may receive a request for a dynamic encryption key from the first node, with the request being encrypted using a static encryption key unique to the first node, and with the static encryption key being determined based on the distributed random number. The network coordinator may then send a dynamic encryption key to the first node, with the dynamic encryption key being encrypted using the static encryption key. The second node may then admit the first node into the network. The network may be a Multimedia over Coax Alliance (MoCA) network.

A communication method includes receiving by a SGSN a context request message from a mobility management entity (MME), obtaining by the SGSN an authentication vector-related key, and calculating by the SGSN a root key according to the authentication vector-related key. In addition, the method further includes sending by the SGSN a context response message including the root key to the MME, wherein the MME derives a NAS protection key according to the root key.

There is proposed a user authentication method that uses a time-based password (TP) having a relatively long update cycle instead of a TOTP having a conventional short update cycle (e.g., 60 seconds). The present invention is a user authentication method executed by an authentication system that performs authentication of a user who performs access from an information communication terminal device in order to use a usage target system by using a reference terminal device that includes a security token capable of generating a TP. The authentication method includes setting an update cycle of the TP to a first update cycle of 30 days, 1 month, or a time period longer than 1 month, receiving a user authentication request that includes a time-based password generated by the security token according to the set first update cycle, and performing the authentication based on the TP contained in the received user authentication request.

A method including transmitting, by a transmitting device to a receiving device, a combination of messages including encrypted decoy messages and one or more encrypted content messages; determining, by the receiving device, a cryptographic decryption key based at least in part on unique seed information associated with the transmitting device and the receiving device; and determining, by the receiving device, that a message, included in the combination of messages, is a content message or that the message is a decoy message based at least in part on decrypting the message by utilizing the cryptographic decryption key. Various other aspects are contemplated.

A base key that is stored at a device may be received. A network identification may further be received. A device identification key may be generated based on a combination of the network identification and the base key. Furthermore, the device identification key may be used to authenticate the device with a network that corresponds to the network identification.

Systems and methods are provided for securing data using a mobile device. The method may include determining securing global positioning data values of the mobile device; measuring a securing direction of the mobile device relative to a magnetic north direction; capturing a securing password by the mobile device; and securing the data against unauthorized access using the determined global positioning data values, the securing password, and the securing direction as a combined password.

Example embodiments of systems and methods for data transmission system between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device, which can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.

Embodiments of the invention relate to efficient methods for authenticated communication. In one embodiment, a first computing device can generate an ephemeral key pair comprising an ephemeral public key and an ephemeral private key. The first computing device can generate a first shared secret using the ephemeral private key and a static second device public key. The first computing device can encrypt request data using the first shared secret to obtain encrypted request data. The first computing device can send a request message including the encrypted request data and the ephemeral public key to a server computer. Upon receiving a response message from the server computer, the first computing device can determine a second shared secret using the ephemeral private key and the blinded static second device public key. The first computing device can then decrypt the encrypted response data from the response message to obtain response data.