The present invention relates to a method for making available a security key, wherein a smart card adapted according to the invention is employed for the production thereof. In this case, an expedient method sequence is proposed which makes it possible for the smart card to make available, for example, a so-called one-time password or a dynamic check number in interaction with a token server. The present invention further relates to a correspondingly adapted computing arrangement and to a computer program product with control commands which implement the method and/or operate the computing arrangement.

A method (300) for registering with a serving network (104). The method is performed by a UE (102). The method includes the UE transmitting (s302) to the serving network (104) a message (212) indicating a UE capability that is relevant for a home network (106), wherein the 5 serving network (104) is configured to send to the home network (106) a message (216) indicating the UE capability.

A client device for use with a gateway device (or a Wi-Fi APD) with a key stored therein and an external server where an original singe sign on (SSO) password is stored. The client device transmits a one time password (OTP) request to the external server, obtains the OTP from the external server, transmits the OTP to the external server to authenticate the client device, transmits an encrypted SSO password request to the external server, onboards the gateway device using a temporary password, receives the encrypted SSO password from the external server, obtains the key from the gateway device, decrypts the encrypted SSO password using the key to obtain the SSO password, and changes the temporary password of the gateway device to the original SSO password.

This invention relates to a method for updating a one-time secret key Kn maintained in a subscription module implemented in a communication apparatus, a wireless communication network maintaining an identical version of said one-time secret key Kn and configured to determine a result XRES expected from the communication apparatus when an authentication function is applied by the subscription module using a random challenge and said one-time secret key Kn as an input, the method comprising the following steps: receiving from the communication network an authentication request message containing at least a random challenge RANDn; determining by the subscription module a result RES by applying the authentication function using the random number RANDn and the one-time secret key Kn as inputs; transmitting said result RES to the communication network for it to be compared with the expected result XRES determined by the communication network using the random number RANDn and the corresponding version of the one-time secret key Kn, the subscriber being authenticated if said first and second results are matching; updating the one-time secret key Kn by replacing its current version with a new version obtained by applying a first key derivation function using the random challenge RANDn as an input, the updated version of the one-time secret key Kn being used by the subscription module for processing a subsequent authentication request, the same update being carried out by a server accessible or part of the wireless communication network in order to maintain an identical version of the one-time secret key Kn.

A recursive hash infinite pad process for securing data is disclosed. The process shared secrets to recursively create a key which may be used to encrypt and decrypt data.

A streaming one time Pad cipher using rotating ports for data encryption uses a One Time Pad (OTP) to establish multiple secure point-to-point connections. This can be used to implement a streaming OTP point-to-point firewall, virtual private network or other communications facility for communicating secure information across one or more insecure networks.

A method for distributing data to a computing device using device level authentication includes: storing, in a memory of a computing device, a single use key encrypted with a first encryption, a server public key, and device data; generating a key pair comprising a device private key and a corresponding device public key; wrapping the device public key using the server public key; transmitting at least the device data, wrapped device public key, and the single use key encrypted with the first encryption to a server; receiving the single use key encrypted with a second encryption from the server; and executing a query on the memory to insert the received single use key encrypted with the second encryption.

A provisioning client obtains an identifier from a public server and a one-time password from a trusted server. The provisioning client combines the one-time password with the identifier to create an activation code for a client device and presents the activation code to the client device. The activation code enables the client device to download trusted cryptographic information from the trusted server in a communication session that is secured using the one-time password.

A process for processing a received message, where the message includes encrypted data and at least one indicator element, is disclosed. The process includes generating a complete indicator from data stored in the electronic device and from the received indicator element, generating a key from the complete indicator, and decrypting the encrypted data using said key. The disclosure also relates to a corresponding sending process.

The present disclosure is directed to methods that provide a secure communication protocol by utilizing one step process of authenticating and encrypting data without having to exchange symmetric keys or needing to renew or re-issue digital identities fundamental to asymmetric encryption methodology.