Abstract: A Web site comprise detection method and system are disclosed. The method includes obtaining a resource identifier associated with a remote computer, and then receiving source code associated with the resource identifier. The method also includes parsing the source code, analyzing the source code to determine an indicator of compromise is present in the source code, determining that the indicator of compromise is associated with malware meta-data, and storing the resource identifier associated with the source code associated with the malware meta-data in a database.

Abstract: A method for providing a user identity based on zero-knowledge proof over a blockchain network by using a user certificate is provided. The method includes steps of: an address abstraction smart contract (a) instructing the user terminal which made a user identity generating request to generate the user identity corresponding to the user certificate issued from a certification authority and generate a user identity proof by using user identity verifying parameters, the user identity, the user certificate and a certification authority public key, to thereby prove that the user identity is generated from the user certificate issued by the certification authority; and (b) upon receiving a user identity registering request from the user terminal, (i) verifying the user identity proof by using the user identity verifying parameters, the user identity, the certification authority public key and the user identity proof and (ii) registering the user identity upon successful verification.

Abstract: Systems and methods for decoding distributed ledger transactions by data intake and query systems. An example method includes: receiving a transaction of a distributed ledger, wherein the transaction includes transaction data and an identifier of an account of the distributed ledger; receiving a bytecode module, wherein the bytecode module is associated with the account of the distributed ledger; computing a bytecode digital fingerprint associated with the bytecode module; identifying, among a plurality of stored application binary interface (ABI) definitions, an ABI definition having an ABI digital fingerprint that matches the bytecode digital fingerprint; and producing decoded transaction data by decoding, using the identified ABI definition, the transaction data.

Abstract: A method of multi-factor authentication includes receiving, by a first electronic device, a partial digital certificate including partial certificate information omitting at least one authentication factor from complete certificate information, and a signature encrypting a first hash of the complete certificate information with a certificate authority private key. The method also includes obtaining the first hash by decrypting, by the first electronic device, the signature with a certificate authority public key corresponding to the certificate authority private key; generating, by the first electronic device, a second hash based on the partial certificate information in the partial digital certificate and the at least one authentication factor; and comparing, by the first electronic device, the second hash to the first hash.

Abstract: A computing resource service provider receives a request from a customer to establish a physical connection between a provider network device and a customer network device in a colocation center. Once the connection has been established, the customer may transmit cryptographic authentication information, through the physical connection, to the provider network device. The provider network device transmits this information to an authentication service operated by the computing resource service provider to verify the authenticity of the information. If the information is authentic, the authentication service may re-configure the provider network device to allow the customer to access one or more services provided by the computing resource service provider. The authentication service may transmit cryptographic authentication information to the customer to verify the identity of the computing resource service provider.

Abstract: A processor-implemented method is disclosed. The method includes: generating a secure data object associated with a request for transfer of resources, the secure data object indicating one or more resource transfer parameters including account information for a transferee account at a resource account management system, wherein the secure data object includes a first hash computed based on the one or more resource transfer parameters; signing the secure data object using a private key associated with the resource account management system; and sending the secure data object to a messaging address associated with a transferor of the requested resources.

Abstract: Systems and methods that implement delegation on a blockchain network. A delegate blockchain transaction may be broadcasted to a blockchain network that encodes: a delegator blockchain user, a delegate blockchain user; information that indicates one or more permissions that the delegate blockchain user is authorized to perform, and an attestation that the delegator blockchain user authorizes the delegation. A delegate blockchain user may generate a blockchain transaction which is digitally signed using a delegate's private key in place of a delegator's private key.

Abstract: Systems and methods are disclosed with respect to using a blockchain for managing the subrogation claim process related to a vehicle collision, in particular, utilizing evidence oracles as part of the subrogation process. An exemplary embodiment includes receiving recorded data from one or more connected devices at a geographic location; analyzing the recorded data, wherein analyzing the recorded data includes determining that an collision has occurred involving one or more vehicles; generating a transaction including the data indicative of the collision based upon the analysis; and transmitting the transaction to at least one other participant in the distributed ledger network.

Abstract: A method for recovering data. Identity factors are collected at a device, wherein hashes of the identity factors are configured to be stored at a server. A dynamic password is generated at the device based on the identity factors and a Salt generated by the server and configured to be delivered to the device. A selfie is captured of a user. The device generates a symmetric key used to encrypt the selfie. The symmetric key is encrypted using the dynamic password. The encrypted symmetric key and the encrypted selfie are stored on the server. One or more data items are stored on the server. The dynamic password is recoverable by presenting the plurality of identity factors that are hashed to the server. The symmetric key is recoverable using the recovered dynamic password. The data items are recoverable by presenting the symmetric key and a second selfie of the user.

Abstract: A method including determining, by a manager device configured to manage network services provided by an infrastructure device, a manager request including a signature header signed by utilizing a manager private key associated with the manager device and a timestamp header identifying a point in time when the signature header was signed; transmitting, by the manager device to the infrastructure device, the manager request to request performance of an action associated with managing the network services; authorizing, by the infrastructure device, the manager request based at least in part on determining that a difference between the point in time when the signature header was signed and a current time satisfies a predetermined duration of time; and enabling, by the infrastructure device, performance of the action associated with managing the network services based at least in part on authorizing the manager request. Various other aspects are contemplated.

Abstract: Methods and systems for classifying network users. The system may receive a classification of a user account on a network and network activity data associated with the user account. Upon detecting a discrepancy between the expected behavior of the user account based on its classification and the present behavior of the user account, the system may obtain a corroborating result from one or more directory sources. An alert may then be issued based on the detected discrepancy and the corroborating result.

Abstract: Systems and methods for processing events transmitted by an application to hashing processors executing a custom mempool protocol that is independent of the public blockchain protocol. Events transmitted by the application are hashed only into blocks with other events transmitted by the application or events with parameters satisfying a screening criterion and are not propagated to mempools of nodes that are not executing the custom mempool protocol. The blocks are appended to the blockchain according to the public blockchain protocol. Thus, application users exercise intentionality over which hashing processors process their events and which other events will be hashed into a block with the users' events.

Abstract: An electronic marking for verifying the authenticity of an object, including an antenna, an analogue transceiver circuit, a microcontroller, and at least one secure cryptoprocessor, in which the antenna is connected to the analogue transceiver circuit; the microcontroller is connected both to the analogue transceiver circuit and the at least one secure cryptoprocessor; the at least one secure cryptoprocessor is designed to securely generate a digital signature; the electronic marking has one or more electrical sensor conductors; the at least one secure cryptoprocessor is connected to at least one of the sensor conductors and designed to determine at least one electrical property of the connected at least one sensor conductor; and the one or more electrical sensor conductor(s) are distinct from the antenna and are positioned to overlap, at least partly, with said antenna.

Abstract: A method for fast access to a data resource in a blockchain network is provided. The method includes opening a dedicated socket in a server to receive a datum from a data source and authenticating a signature of the data source to verify that the data source is a reliable data source. The method also includes storing the data in a dedicated memory space in the server, allowing a blockchain application to access the data in the dedicated memory space using a function that has accessibility to the dedicated memory space, and writing the data in a blockchain block when a block producer reads the data from the blockchain application. A system and a non-transitory, computer-readable medium storing instructions to perform the above method are also provided.

Abstract: A system and method for secure permissioning of access to user accounts, including secure distribution of aggregated user account data can include generating a financial report based on account information associated with one or more user accounts; receiving a financial report request for the financial report of the user account, wherein the financial report request is identified as being received from a third-party system; generating an audit report token associated with the financial report; sharing the audit token with the first third-party system in response to the financial report request; and providing the first third-party system account access to the financial report through the report token, where the audit report token can be shared with a second third-party system and provided by the second third-party system in order to confirm authorization to the report and integrity of the report.

Abstract: A first chain of custody verifiable claim is received by a second entity from a first entity. The first chain of custody verifiable claim is signed by the first entity and specifies that an object was in the custody of the first entity. A distributed ledger is accessed to verify the first chain of custody verifiable claim. A second chain of custody verifiable claim is generated that embeds the first chain of custody verifiable claim and is signed by the second entity. The second chain of custody verifiable claim is recorded on the distributed ledger. The second chain of custody verifiable claim is provided to a third entity. The second chain of custody verifiable claim is configured to specify to the third entity that the object was in the custody of the second entity.

Abstract: Quantum mechanics provides several features useful for datacenter networking. The no cloning theorem, which states that it is impossible to mate a duplicate of an arbitrary, unknown quantum state, can be used to detect eavesdroppers. Entanglement allows two parties to have common knowledge of a shared state. These properties are being used today for quantum key exchange and quantum computing, but they are currently too expensive for general use. Fortunately, we can use classical mechanisms to get a close enough approximation of these quantum properties to solve some important problems in distributed computing. Nothing we describe here is quantum mechanical. Rather, we show that it is possible to use classical mechanisms to emulate some properties of quantum mechanics, which enable us to address interesting problems in distributed computing. The engineering insight, is that we can get closer to achieving these properties than might be expected through conventional thinking.

Abstract: The technical idea of the present invention relates to a method for forming a virtual private network and a virtual private network operating system, which provide a virtual private network by performing signature and authentication based on a post quantum cryptography. A method for forming a virtual private network performed by a server according to the technical idea of the present invention comprises the steps of: generating a private key including a first key vector corresponding to a grid and a second key vector having a first distance from the first key vector; receiving a handshake request from a client; performing a signature by using the private key; and transmitting a certificate and an authentication message including the signature to the client.

Abstract: Disclosed is a method for constructing an emergency reporting system of vehicle networking based on multi-signatures, which comprises the following steps: initializing an emergency reporting system to obtain a public-private key pair and pre-calculation parameters of a vehicle set; obtaining authentication information of the emergency based on the public-private key pair and the pre-calculation parameters; integrating the authentication information to obtain multi-signatures of the emergency; and completing the system construction by regulating a traffic state based on the multi-signatures. The method realizes the efficient signature generation function of the vehicle with limited computing resources, reduces the communication pressure and computing pressure of roadside units, and may effectively prevent the common rogue key attacks in other schemes.

Abstract: Described are a system, method, and computer program product for secure real-time n-party computation. The method includes communicating, to a trusted execution environment (TEE), a first computation input and a first portion of a one-time key. The method also includes receiving, from the TEE, an encrypted output of a computation based on the first computation input and a second computation input communicated to the TEE by a second computing device. The method further includes communicating the encrypted output to the second computing device and receiving a digital signature indicating that the second computing device received the encrypted output. The method further includes communicating the first portion of the one-time key to the second computing device and, in response to not receiving the second portion of the one-time key from the second computing device, executing a fallback computation process using the TEE and a shared ledger to determine the computation.