Abstract: A cryptographic system (1) performs a cryptographic process in which a Richelot isogeny sequence ?s whose starting point is an abelian surface A0 and whose end point is an abelian surface As is a secret key and the abelian surface As is a public key. An encryption device (28) computes an abelian surface Am by transitioning the abelian surface As, which is the public key, by a Richelot isogeny sequence ?m generated by encoding a plaintext m, and sets the abelian surface Am as a ciphertext. A decryption device (30) computes a Richelot isogeny ?m whose starting point is the abelian surface As, which is the public key, and whose end point is the abelian surface Am, which is the ciphertext, based on the Richelot isogeny sequence ?s, which is the secret key.

Abstract: The present disclosure provides a data processing method and apparatus, a computer device and a computer storage medium, wherein the method includes: performing blinding processing on target information to be transmitted to obtain blinded information; acquiring a plurality of pieces of first encryption information obtained by respectively performing encryption processing on the blinded information by a plurality of service participation ends; performing data fusion on the plurality of pieces of first encryption information to obtain second encryption information; and performing de-blinding processing on the second encryption information to obtain third encryption information as a ciphertext identification corresponding to the target information.

Abstract: A device multiplies a first public key by a first scalar value, generating an intermediate result. The first public key corresponds to a point on an elliptic curve of order n, n is an integer, and the first scalar value is equal to n/m where in is a largest prime integer factor of n. The device determines whether the intermediate result is equal to a value corresponding to a point O at infinity on the elliptic curve. In response to the determining indicating the intermediate result is different from the value corresponding to the point O, the device multiplies the intermediate result by a second scalar, generating a shared secret value. The device performs one or more processing operations using the generated shared secret value. Otherwise, the device may initiate error processing without generating the shared secret value.

Abstract: A computer device may include a memory storing instructions and processor configured to execute the instructions to host a network function container that implements a microservice for a network function in a wireless communications network, wherein the network function container is deployed by a container orchestration platform; host a service proxy container associated with the network function container, wherein the service proxy container is deployed by the container orchestration platform; and configure the hosted service proxy container to apply a wireless network policy to the microservice for the network function. The processor may be further configured to intercept messages associated with the microservice for the network function using the configured service proxy container; and apply the wireless network policy to the intercepted messages using the configured service proxy container.

Abstract: Systems and methods for profile management across Web2 and Web3 environments can include a user profile database. The user profile database can store a plurality of keys associated with a plurality of blockchains. The systems and methods can process a user verification request, determine a particular blockchain associated with the user verification request, determine a particular key associated with the particular blockchain, and provide the particular key to the particular blockchain.

Abstract: To verify compliance with a data access policy, the system compares electronic data to an electronic data access policy identified by a database; determines whether a portion of the electronic data complies with the electronic data access policy; in response to the portion of the electronic data not complying with the electronic data access policy, indicates that an access to the electronic data by a communication device is not permissible; and declines the access to the portion of the electronic data to the communication device when the access to the electronic data is not permissible. Related methods and computer program products are also discussed.

Abstract: According to one example, a system includes a second computing device that receives encrypted data from a first computing device. The encrypted data is encrypted based on a first encryption key. Also, the data is obfuscated prior to encryption. The second computing device generates a second encryption key that matches the first encryption key, decrypts the encrypted data using the second encryption key, un-obfuscates the data, and transmits the data for use.

Abstract: Systems, methods, devices, instructions, and media are described for generating suggestions for connections between accounts in a social media system. One embodiment involves storing connection graph information for a plurality of user accounts, and identifying, by one or more processors of the device, a first set of connection suggestions based on a first set of suggestion metrics. A second set of connection suggestions is then identified based on a second set of suggestion metrics, wherein the second set of connection suggestions and the second set of suggestion metrics are configured to obscure the first set of connection suggestions, and a set of suggested connections is generated based on the first set of connection suggestions and the second set of connection suggestions. The set of connection suggestions is then communicated to a client device method associated with the first account.

Abstract: End-to-end distributed recovery of a user computing device on which secure workspaces are deployed is provided. An image of a user computing device and images of secure workspaces deployed on the user computing device can be created and stored. In response to a crash of the user computing device, a combined image can be created from the image of the user computing device and the images of the secure workspaces deployed on the user computing device. The combined image can then be deployed on the user computing device to recover the user computing device.

Abstract: Technology is disclosed for a method that may comprise: identifying an owner key seed; identifying a receiver key seed; determining a delta between the owner key seed and the receiver key seed; and storing the delta with a trusted third party in a manner that is inaccessible by a receiver. The delta may be provided to the receiver based on a transfer condition being satisfied.

Abstract: This patent application is directed to a method for detecting intrusions and anomalies, an intrusion and anomaly detecting edge computing unit, and a system for detecting intrusions and anomalies.

Abstract: Embodiments are directed to an apparatus, comprising: a microcontroller configured as a Universal Field Panel. The microcontroller provides channels that (i) couple to a digital encrypted security interface (DESI) via a digital communications interface and/or couple to a sensor comprising an analog signal, and wherein the analog sensor comprises one or more resistors coupled with one or more switches to monitor Boolean status from sensors (ii) wherein the digital encrypted security interface (DESI) couples to a sensor input and/or couples to a control output where signals to command a relay are authenticated prior to execution, (iii) authenticate and encrypt the sensor or control output. The control output is a programmable relay or solid-state device that features a Form-C control interface for providing authentication from command-and-control platforms to the devices and/or signals they are controlling.

Abstract: A method including receiving, by a trusted device from a processor, a request to determine a master key to be utilized for encrypting a private key; determining, by the trusted device based at least in part on receiving the request, the master key and a unique identifier that identifies the master key; transmitting, by the trusted device to the processor, the unique identifier; receiving, by the trusted device from the processor, the unique identifier in association with the private key to indicate to the trusted device that the master key, which is identified by the unique identifier, is to be utilized to encrypt the private key; and transmitting, by the trusted device to the processor, an encrypted private key based at least in part on utilizing the master key to encrypt the private key is disclosed. Various other aspects are contemplated.

Abstract: An individual data unit for enhancing the security of a user data record is provided that includes a processor and a memory configured to store data. The individual data unit is associated with a network and the memory is in communication with the processor. The memory has instructions stored thereon which, when read and executed by the processor cause the individual data unit to perform basic operations only. The basic operations include communicating securely with computing devices, computer systems, and a central user data server. Moreover, the basic operations include receiving a user data record, storing the user data record, retrieving the user data record, and transmitting the user data record. The individual data unit can be located in a geographic location associated with the user which can be different than the geographic locations of the computer systems and the central user data server.

Abstract: Systems and methods are disclosed for memory protection for vector operations. For example, a method includes fetching a vector memory instruction using a processor core including a pipeline configured to execute instructions, including constant-stride vector memory instructions; partitioning a vector that is identified by the vector memory instruction into a subvector of a maximum length, greater than one, and one or more additional subvectors with lengths less than or equal to the maximum length; checking, using a memory protection circuit, whether accessing elements of the subvector will cause a memory protection violation; and accessing the elements of the subvector before checking, using the memory protection circuit, whether accessing elements of one of the one or more additional subvectors will cause a memory protection violation.

Abstract: There is provided a system, method, and computing device for distribution of cryptographic key generation data in a secure network, the secure network comprising a security server and one or more clients. The method including: receiving or generating indexed random data; communicating at least a portion of the indexed random data to one of the clients; and receiving or communicating the indices of the portions of the indexed random data shared with the client, a portion of the indexed random data is used for cryptographic key generation for encrypted communication between the client and another client. In some cases, the above is repeated for each client, wherein the indexed random data is unique for each client.

Abstract: A system and method for performing inspection of a reachable code object of a cloud computing environment is presented. The method includes detecting a network path for each resource of a plurality of resources deployed in a cloud computing environment, wherein the network path includes at least a portion between an external network and the cloud computing environment; determining reachability parameters of each resource of the plurality of resources for which a network path is detected; accessing a code repository including a plurality of code objects; actively inspecting the network path of a resource to determine if the network path is a viable network path; mapping each resource having a viable network path to a code object of the plurality of code objects; inspecting a mapped code object for a cybersecurity object; and initiating a remediation action based on the cybersecurity object.

Abstract: The invention relates to systems, methods, network devices, and machine-readable media for encrypting and decrypting messages in a decentralized multi-authority attribute-based encryption (MA-ABE) scheme for a non-trivial class of access policies whose security is based in the random oracle model solely on the Learning With Errors (LWE) assumption. In some embodiments, any party can become an authority and there is no requirement for any global coordination other than the creation of an initial set of common reference parameters.

Abstract: Disclosed herein is a method for detection of a cyber-threat to a computer system. The method is arranged to be performed by a processing apparatus. The method comprises receiving input data associated with a first entity associated with the computer system, deriving metrics from the input data, the metrics representative of characteristics of the received input data, analysing the metrics using one or more models, and determining, in accordance with the analysed metrics and a model of normal behavior of the first entity, a cyber-threat risk parameter indicative of a likelihood of a cyber-threat. A computer readable medium, a computer program and a threat detection system are also disclosed.

Abstract: A method for cryptographic signature of a datum comprises determining: a signature point equal to the addition of elements equal to a derived first point and of number equal to a first scalar; a second scalar by subtracting, from the product of the first scalar and of a selected scalar, the product of a third and of a fourth scalar; another signature point equal to the addition of elements equal to a selected point and of number equal to the second scalar, and of elements equal to a derived second point and of number equal to the fourth scalar; and a signature portion based on a private key, on the first scalar, on a coordinate of the signature point and on the datum. The derived first and second point are respectively equal to the addition of elements equal to a generator point and of number equal to a fifth and to the third scalar.