Abstract: A method for generating digital quantum chaotic orthonormal wavepacket signals includes the following steps: construct a N-dimensional Hermitian matrix ?; calculate N eigen-wavefunctions ?j of a quantum Hamiltonian system with the Hamiltonian ? by some numerical calculation methods, wherein the Hamiltonian is the Hermitian matrix ?; extract some or all of the eigen-functions ?j with obvious chaos features as quantum chaotic eigen-wavefunctions according to a chaos criterion; generate some semi-classical digital quantum chaotic wavepacket signals ?j(n) with the same mathematical form as the quantum chaotic eigen-wavefunctions and length N from the selected quantum chaotic eigen-wavefunctions according to the mathematical correspondence between the classical signal and the wavefunction in quantum mechanics.

Abstract: Relationship discovery can include receiving at a first mobile device a pair of ultrasonic signals conveyed at different frequencies from a second mobile device. The pair of ultrasonic signals can convey, respectively, a second user's contact information in an encrypted form and a key indicator. A contact number can be selected from a first user's contact list electronically stored on the first mobile device. The contact number can be selected based on the key indicator. A mutual contact can be identified in response to decrypting the second user's contact information using the contact number as a decryption key.

Abstract: A system in Elliptic Curve Cryptography (ECC) that offers secure encoding and mapping of a message to the curve E against encryption attacks, such as Chosen Plaintext Attack (CPA) and Ciphertext Only Attack (COA). The system includes, a method to convert the text message to numerical values with manipulation using Initial Vector IV. In addition, the system provides, a method to revert the manipulated values to their original value.

Abstract: Memory devices, systems including memory devices, and methods of operating memory devices are described, in which self-lock security may be implemented to control access to a fuse array (or other secure features) of the memory devices based on a predefined event associated with the memory device operation. The predefined event may include an operating parameter of the memory device, one or more commands directed to the memory device, or both. The memory device may monitor the predefined event and determine that the predefined event satisfies a threshold. The threshold may be related to a time elapsed since the predefined event has occurred or a certain pattern in the one or more commands. Subsequently, the memory device may disable a circuit configured to access the fuse array based on the determination such that an access to the fuse array is no longer allowed.

Abstract: Certain embodiments of the present invention are configured to facilitate analyzing computer code more efficiently. For example, by conducting a first level abstraction (e.g., symbolic interpretation and algebraic simplification) and a second level abstraction (e.g., generalization) of the computer code, the analysis may more accurately account for variations in the code that may occur as a result of register renaming, instruction reordering, choice of instructions, etc. while minimizing the cost of computations required to perform the analysis.

Abstract: A method may include obtaining, by a processing device, a workflow object that includes a plurality of workflow entity objects and one or more data objects, and executing a workflow by identifying, from the application objects, an application object that corresponds to a first application, wherein the workflow associates the application with at least one of the data objects, determining, whether the first application has permission to access the data object according to a data policy associated with the data object, wherein the data policy specifies one or more data access criteria, wherein the first application has permission to access the data object in response to one or more of the workflow entity objects that are associated with the data object satisfying the data access criteria, and responsive to determining that the first application has permission to access the data object, executing the first application in a secure enclave.

Abstract: Some embodiments are directed to a cryptographic device (20). A reliable bit function may be applied to a raw shared key (k*) to obtain reliable indices, indicating coefficients of a raw shared key, and reliable bits derived from the indicated coefficients. Reconciliation data (h) may be generated for the indicated coefficients of the raw shared key. A code word may be encapsulated using the reliable bits by applying an encapsulation function, obtaining encapsulated data (c) which may be transferred.

Abstract: A system includes an intelligent electronic device (IED) of an electric power distribution system and a key device. The key device is configured to perform operations that include receiving a request from the TED for communication with an additional component of the electrical power distribution system, establishing a Media Access Control security key agreement (MKA) connectivity association with the TED in response to receipt of the request, generating a security association key (SAK) in response to receipt of the request, and distributing the SAK to the IED via the MKA connectivity association to enable the TED to use the SAK to communicate via a Media Access Control security (MACsec) communication link that is isolated from the key device.

Abstract: A method protects a daemon in an operating system of a host computer. The operating system detects that there is an access of a plist file of a daemon by a process in the computer. If so, then it executes a callback function registered for the plist file. The callback function sends to a kernel extension a notification of the attempted access. The kernel extension returns a value to the operating system indicating that the access should be denied. The operating system denies access to the plist file of the daemon by the process. The extension may also notify an application which prompts the user for instruction. The kernel extension also protects itself by executing its exit function when a command is given to unload the extension, and the exit function determines whether or not the command is invoked by an authorized application, such as by checking a flag.

Abstract: Apparatus and methods for presentation of key frames. In one embodiment, an encoded video file is generated where one or more bits are assigned to key frames and minimizes the number of bits assigned to delta frames. Each key frame may be presented to a user during trick mode operation (e.g., fast forward, rewind, pause, or random seek operation). When the encoded video file is given to a packager, the packager generates a manifest file listing the byte information (byte offset and number of bytes) for each key frame in the encoded video file. When a user inputs a trick play mode command, the packager provides the manifest file to the client device of the user and the client device requests the bytes for the key frames of the video file from the content delivery network.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for post-quantum cryptography (PQC). An example method includes receiving data. The example method further includes receiving a set of data attributes about the data. The set of data attributes comprises one or more sets of data environment data attributes that are each representative of a set of data environments associated with the data. The example method further includes receiving one or more sets of data environment threat data structures associated with one or more data environments in the one or more sets of data environments associated with the data. The example method further includes selecting one or more cryptographic techniques for encrypting the data for at least the one or more data environments based on the set of data attributes, the one or more sets of data environment threat data structures, and a cryptograph optimization machine learning model.

Abstract: A method, system, and a computer program product automatically select training data for updating a model by applying human-annotated training data to a model to generate results that are evaluated to identify correct case results and false case results that are categorized into error type categories for use in building error models corresponding to the error type categories, where each error model is built from at least failed case results belonging to a corresponding error type, and where unlabeled data samples are applied to each error model to compute an error likelihood for each unlabeled data sample with respect to each error type category, thereby enabling the selection and display of unlabeled data samples for annotation by a subject matter expert based on a computed error likelihood for the one or more unlabeled data samples in a specified error type category meeting or exceeding an error threshold requirement.

Abstract: A unique implementation of a machine learning application for suggesting actions for a user to undertake is described herein. The application transforms a history of user behavior into a set of models that represent user actions given a set of parameters. These models are then used to suggest that users in a payments or banking environment take certain actions based on their history. The models are created using the DensiCube, random forest or k-means algorithms.

Abstract: Disclosed herein are a finite-field division operator, an elliptic curve cryptosystem having the finite-field division operator, and a method for operating the elliptic curve cryptosystem. The method for operating an elliptic curve cryptosystem may include, setting, by a key setting unit, a length of a key of a cryptographic algorithm, generating, by the key setting unit, first setup information that indicates a number of words corresponding to the key length, and generating, by the key setting unit, second setup information that indicates a number of repetitions of an operation by a finite-field division operator corresponding to the key length.

Abstract: A storage device providing a function of securely discarding data and an operating method of the storage device are provided. The storage device includes a safety pin device removably mounted on the storage device, the safety pin device configured to store first encrypted information and second encrypted information, the first encrypted information encrypted using a first key associated with a first user, and the second encrypted information encrypted using a second key associated with a second user, security circuitry configured to, receive the first encrypted information from the safety pin device, decrypt the first encrypted information, and generate a data encryption key based on results of the decrypting the first encrypted information, and a nonvolatile memory configured to store data encrypted with the data encryption key.

Abstract: A method includes receiving an access request at a first computing device from a second computing device, the access request specifying a data structure, the data structure including first data stored in a first portion of the data structure and second data stored in a second portion of the data structure. The method also includes extracting a first key from the access request and identifying a data rights definition that is associated with the data structure and that is associated with a second key, the data rights definition indicating that the first data but not the second data is shared with an entity associated with the second computing device. The method further includes comparing the first key to the second key, and, based on the comparison, determining whether to grant the second computing device access to the first data but not the second data.

Abstract: Disclosed are various examples for securing enterprise resources using a virtual private network. A client device can send a first unique device identifier for the client device to a remote management service upon enrollment. When a virtual private network application is first executed, the client device can send a second unique device identifier to the remote management service, where the remote management service is configured to store the second unique device identifier in association with the first unique universal identifier. During subsequent executions of the virtual private network application, the virtual private network service can authenticate the client device by comparing the first unique device identifier and the second unique device identifier to a device identifier received from the remote management service. A machine learning routine can be employed to identify anomalies as the virtual private network application is executed.

Abstract: The present invention relates to a receiver (2200) for recognizing blinding attacks in a quantum encrypted channel (1300) comprising an optical fiber, comprising a multipixel detector (2210) comprising a plurality of pixels, and configured to be illuminated by a light beam outputted by the optical fiber, and a processing unit (2220) connected to the multipixel detector (2210) and configured to determine the presence of a blinding attack if a predetermined number of pixels detects light within a predetermined interval. The invention further relates to the use of the receiver (2200) for recognizing blinding attacks in a quantum encrypted channel (1300) and to a method for recognizing blinding attacks in a quantum encrypted channel (1300).

Abstract: An integrated circuit including a set of security modules configured to implement an asymmetric cryptography operation, the set of modules including a conditional exchange module configured to exchange first and second vectors used to manipulate input bits of a secret key, the conditional exchange module being suitable for applying an exchange formula including a combination of a condition of the input bit with the first and second vectors so that the latter are interchanged only if the condition of the input bit is equal to ‘1’, the conditional exchange module including a masking module suitable for making use of at least one random number to mask said exchange formula before it is applied.

Abstract: The present specification discloses systems, methods, and a computer tangible medium storing instructions for a collision resistant process for thwarting birthday attacks. A birthday attack is a type of cryptographic attack that exploits mathematical collisions that result when different messages are hashed by a hash algorithm, but produce the same hash digest, which can render computer security systems vulnerable to hacking. By hashing files in different orders with the same hash algorithm, the systems, methods, and mediums disclosed herein can distinguish between identical files and different files that produce a collision when hashed in one order as the collision is not replicated when those different files are hashed in a different order as they are when the files are the same.