A method for the interception-proof transmission of at least one cryptographic parameter from a user to an encrypted offline storage medium, comprising steps of: cloaking an upward portion of a substrate with an upper plate, characterized in that said upper plate comprises a multitude of indicia, wherein each indicium has a corresponding manipulation indicator; sequentially positioning a manipulation apparatus over one or more of the manipulation indicators; mechanically manipulating the substrate, after each sequential positioning of the manipulation apparatus, using said manipulation apparatus, characterized in that the manipulation indicator of the desired indicium overlaps with one mechanical manipulation unit of the substrate; and deconstructing said substrate in two or more complementary units, characterized in that said complementary units each comprises at least one mechanical manipulation unit administered by the manipulation apparatus.

A method for the interception-proof transmission of at least one cryptographic parameter from a user to an encrypted offline storage medium, comprising steps of: cloaking an upward portion of a substrate with an upper plate, characterized in that said upper plate comprises a multitude of indicia, wherein each indicium has a corresponding manipulation indicator; sequentially positioning a manipulation apparatus over one or more of the manipulation indicators; mechanically manipulating the substrate, after each sequential positioning of the manipulation apparatus, using said manipulation apparatus, characterized in that the manipulation indicator of the desired indicium overlaps with one mechanical manipulation unit of the substrate; and deconstructing said substrate in two or more complementary units, characterized in that said complementary units each comprises at least one mechanical manipulation unit administered by the manipulation apparatus.

Falsification is detected during secret computation that uses a plurality of types of secret sharing. A secret computation apparatus 1 uses shared values [a.sub.0], . . . , [a.sub.M-1] as inputs, and a function value [F([a.sub.0], . . . , [a.sub.M-1])] obtained with a function F for performing secret computation that uses J types of secret sharing as an output, and detects falsification during secret computation. A random number generating section 12 obtains shared values [r.sub.0], . . . , [r.sub.J-1]. A randomizing section 13 multiplies the shared value [a.sub.m] by the shared value [r.sub.j] to calculate a shared value [a.sub.mr.sub.j], and generates a randomized shared value <a.sub.m>:=<[a.sub.m], [a.sub.mr.sub.j]>. A secret computation section 14 obtains the function value [F([a.sub.0], . . . , [a.sub.M-1])] while including, in a checksum C.sub.j, randomized shared values that are computation objects and randomized shared values that are computation results. A synchronizing section 15 keeps idling until all of secret computation that uses secret sharing are completed. A validating section 16 verifies that the shared value [φ.sub.j] obtained by multiplying the sum of shared values [f.sub.0], . . . , [f.sub.μj-1] included in the checksum C.sub.j by the shared value [r.sub.j] is equal to the shared value [ψ.sub.j] obtained by adding shared values [f.sub.0r.sub.j], . . . , [f.sub.μj-1r.sub.j] included in the checksum C.sub.j.

Falsification is detected during secret computation that uses a plurality of types of secret sharing. A secret computation apparatus 1 uses shared values [a.sub.0], . . . , [a.sub.M-1] as inputs, and a function value [F([a.sub.0], . . . , [a.sub.M-1])] obtained with a function F for performing secret computation that uses J types of secret sharing as an output, and detects falsification during secret computation. A random number generating section 12 obtains shared values [r.sub.0], . . . , [r.sub.J-1]. A randomizing section 13 multiplies the shared value [a.sub.m] by the shared value [r.sub.j] to calculate a shared value [a.sub.mr.sub.j], and generates a randomized shared value <a.sub.m>:=<[a.sub.m], [a.sub.mr.sub.j]>. A secret computation section 14 obtains the function value [F([a.sub.0], . . . , [a.sub.M-1])] while including, in a checksum C.sub.j, randomized shared values that are computation objects and randomized shared values that are computation results. A synchronizing section 15 keeps idling until all of secret computation that uses secret sharing are completed. A validating section 16 verifies that the shared value [φ.sub.j] obtained by multiplying the sum of shared values [f.sub.0], . . . , [f.sub.μj-1] included in the checksum C.sub.j by the shared value [r.sub.j] is equal to the shared value [ψ.sub.j] obtained by adding shared values [f.sub.0r.sub.j], . . . , [f.sub.μj-1r.sub.j] included in the checksum C.sub.j.

A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.

A system, method, and computer-readable medium for challenge-response authentication are provided. A plurality of codes is received over a communication network based on input provided by way of a user interface displaying a plurality of images. An alphanumeric string is generated based on the received plurality of codes and based on a table that associates each one of the plurality of codes with a respective one of the plurality of images and with a respective one of a plurality of alphanumeric characters. A determination is made as to whether to grant authorization based on whether the generated alphanumeric string matches an alphanumeric user identifier stored in a memory device in association with a user.

A cipher processing configuration, of which the resistance against various attacks is improved, having a high security level is realized. In a cipher processing configuration in which a nonlinear transformation process and a linear transformation process are repeatedlyperformed for state data formed from a plurality of elements, a linear transformation unit performs a matrix operation applying a quasi-MDS matrix and a substitution process. As the substitution process, a substitution process is performed which satisfies the following (Condition 1) and (Condition A). (Condition 1) According to the substitution process of the substitution unit for the input X, each column element of the output Y is configured by elements of four mutually-different columns of the input X (Condition A) In a case where the substitution process performed by the substitution unit for the input X is repeatedly performed continuously twice, each column element of the output Y is configured by elements of three or more mutually-different columns of the input X.

A cipher processing configuration, of which the resistance against various attacks is improved, having a high security level is realized. In a cipher processing configuration in which a nonlinear transformation process and a linear transformation process are repeatedlyperformed for state data formed from a plurality of elements, a linear transformation unit performs a matrix operation applying a quasi-MDS matrix and a substitution process. As the substitution process, a substitution process is performed which satisfies the following (Condition 1) and (Condition A). (Condition 1) According to the substitution process of the substitution unit for the input X, each column element of the output Y is configured by elements of four mutually-different columns of the input X (Condition A) In a case where the substitution process performed by the substitution unit for the input X is repeatedly performed continuously twice, each column element of the output Y is configured by elements of three or more mutually-different columns of the input X.

This is a particular style of decoder ring. It is based on a spinner ring that is worn on the finger. It has a band that spins, and a small window cut out of that band. The window allows characters on the surface below to be read one at a time as the window passes over them.

This is a particular style of decoder ring. It is based on a spinner ring that is worn on the finger. It has a band that spins, and a small window cut out of that band. The window allows characters on the surface below to be read one at a time as the window passes over them.