Abstract: Systems and methods relating to the encryption and decryption of messages to be sent through a communications link. The system and method uses a random data source at the receive and transmit sides, along with a trusted random sampler that produces correlated random samples from the random data source to be used at the send and receive sides. At the transmit side, the correlated random sample is used to generate a symmetric key as well as a ciphertext. The symmetric key is then used to encrypt the message. The ciphertext is transmitted, along with the encrypted message, to the receive side. The receive side then uses the ciphertext, along with its own correlated random sample, to recover the symmetric key. The symmetric key is then used to decrypt the encrypted message.

Abstract: A financial institution computing system associated with a financial institution includes a network interface configured to communicate data over a network, and a processing circuit comprising a memory and a processor. The memory has instructions stored thereon that cause the processor to receive, by the network interface, a content request from a user computing device associated with a user, the content request requesting content from a network destination, determine if the network destination is associated with a trusted entity, determine that the requested content prompts the user to input sensitive information, and transmit, by the network interface substitution content to the user computing device responsive to determining that the network destination is illegitimate and to determining that the requested content includes at least one field into which the user may input sensitive information, the substitution content including at least one prompt requesting the user to input sensitive information.

Abstract: Technologies are described herein for remotely configuring multi-mode dual in-line memory modules (“multi-mode DIMMs”) using a firmware or a baseboard management controller (“BMC”). Technologies are also described for simultaneously initiating multiple commands for configuring multi-mode DIMMs using a BMC and for updating inventory data regarding multi-mode DIMMs stored by a BMC.

Abstract: A method of decommissioning a key in a decryption storage system includes scanning a storage system to identify metadata associated with a current key to be decommissioned. The method further includes encrypting, with the current key, data corresponding to the metadata to generate encrypted data. The method further includes decrypting the encrypted data with a target key to generate decrypted data. The method further includes modifying, by a processing device, the metadata to identify the target key to generate modified metadata. The method further includes storing the decrypted data and the modified metadata to the storage system.

Abstract: A file sharing system and methods therefor share one or more files without requiring the files be sent to or stored on a server. The file sharing system enables files to be shared from a user device allowing users to maintain control of the files by storing and sharing files off the cloud. Sharing and file access is typically effectuated via a server and one or more links provided by the server. File access is limited to selected file access types.

Abstract: The disclosed systems and methods are directed to a method for malicious software detection comprising: recognizing and extracting an EP section in an unrecognized PE file, collecting bytes in the EP section of the unrecognized PE file, converting the bytes to an array of integers, generating one or more n-grams from the array of integers, converting the one or more n-grams into b-MinHash, converting the bytes in an EP function included in the EP section to an array of assembly-based mnemonics; generating one or more n-grams from the array of assembly-based mnemonics and converting the one or more n-grams from the array of assembly-based mnemonics into a-MinHash, generating a similarity matrices, converting, the similarity matrices into a lower dimensionality code representation, and classifying the code as a PE benign or a malware file.

Abstract: A system and method for contaminant control, often infection control, with multiple time and space domains that integrate active and passive infection control devices and processes that preferably feature infection control active additives with controllable dis-passivation to limit post-consumption environmental impact. Additionally, the system executes the infection control devices and process transactions by controlling the dispatch of infection control tasks centered around a potential infection control incidence and/or cross-contamination locations from assets or personnel having probabilistic infection rates to increase compliance of infection control preventative measures.

Abstract: Example embodiments provide methods, apparatuses, systems, computing devices, and/or the like for vetting USB device firmware via a USB-specific firmware analysis framework. In one example, a method is provided for analyzing firmware of a Universal Serial Bus (USB) device. The example method includes steps of receiving a firmware image extracted from the USB device, identifying signatures from the firmware image relating to USB operation, and building an expected model of operation of the USB device using the identified signatures and a database of operational information regarding USB devices. The example method further includes the steps of generating a recovered model of operation of the USB device based on the firmware image and the identified signatures, and comparing the recovered model of operation with the expected model of operation to identify unexpected or unknown behaviors. The example method may further include generating a report comprising the identified unexpected or unknown behaviors.

Abstract: Aspects of the disclosure describe methods and systems for performing an antivirus scan using file level deduplication. In an exemplary aspect, prior to performing an antivirus scan on files stored on at least two storage devices, a deduplication module calculates a respective hash for each respective file stored on the storage devices. The deduplication module identifies a first file stored the storage devices and determines whether at least one other copy of the first file exists on the storage devices. In response to determining that another copy exists, the deduplication module stores the first file in a shared database, replaces all copies of the first file on the storage devices with a link to the first file in the shared database, and performs the antivirus scan on (1) the first file in the shared database and (2) the files stored on the storage devices.

Abstract: A method for updating firmware includes receiving, at a device, an updated installation package. The updated installation package includes an updated version of an installation package, which belongs to a set of installation packages stored on the device for installation of firmware on the device. The method further includes updating the set of installation packages by replacing the installation package with the updated installation package. The method further includes installing updated firmware in volatile memory of the device based on the updated set of installation packages. The method further includes storing an image of the updated firmware in nonvolatile storage of the device. Additionally, the method includes, during a boot process, loading the image from the nonvolatile memory of the device onto the volatile memory of the device, to enable running the updated firmware from the volatile memory, and verifying the authenticity of the updated firmware.

Abstract: A method of operating a Master gNodeB (MgNB) in a radio access network RAN is disclosed. An indication of a user plane security policy is received from a core network node, wherein the user plane security policy requires user plane integrity protection for a protocol data unit PDU session. Responsive to the user plane security policy requiring user plane integrity protection for the PDU session and responsive to determining that a secondary base station supporting the user plane security policy requiring user plane integrity protection is unavailable, a data radio bearer DRB of the PDU session is established directly between the MgNB and a user equipment UE. Related MgNBs are also discussed.

Abstract: An image archiving facility creates an image and other data archive relating to an event at a location when prompted by a downloaded application for a host user. The host user may approve guest users to upload to the archive. Approval may come from an image of a person uploaded to the data archive and recognized from biometric data as an approved user. The host may control viewing of images in the archive either individually or generically.

Abstract: Generally discussed herein are systems, devices, and methods for device verification. A method can include providing, by test equipment (TE), electrical stimulus consistent with a challenge of a challenge response pair (CRP) to a physical unclonable function (PUF) of a device under test (DUT), receiving, by the TE and from the DUT, a response to the electrical stimulus, comparing, by the TE, the provided response to responses to CRPs in a database including PUF CRPs associated with a device identification and a device type, and validating the identity of the DUT when the response of the PUF to the electrical stimulus matches the response of the CRP or invalidating the identity of the electrical device when the response of the PUF does not match the response of the CRP.

Abstract: Provided are an electronic device for sorting homomorphic ciphertext by using shell sorting and an operating method thereof to sort ciphertext generated by using homomorphic encryption according to a size of an original number corresponding thereto.

Abstract: An integrated circuit including an electronic fuse for supporting a secure bootstrap process, in which the fuse is queried. The circuit includes a protection against electromagnetic fault injection. The circuit is configured in such a way that the protection extends to the bootstrap process.

Abstract: Embodiments of the invention relate to symmetric encryption that converts plain text to Diophantine equations, i.e. cipher text, and creates a symmetric key which is held by a sender (or encryption apparatus) and a recipient (or decryption apparatus). The key is used by the decryption apparatus to decrypt the Diophantine equations, and convert them to original plain text. Particularly, undecidable encryption and artificial intelligence (AI) are employed in combination. More particularly, the AI would exclude any class of Diophantine equations which has been solved or deciphered without key, or known to be solvable. In the event certain classes of Diophantine equations are solved in the future, the AI will exclude the use of these solved or solvable classes of Diophantine equation in encryption.

Abstract: A terminal device includes a signal reception unit that receives signals transmitted from a plurality of transmission devices, and analyzes the contents of data contained in the signals; and a control unit that performs control to select one transmission device from the plurality of transmission devices that have transmitted signals containing identical data, and causes the signal reception unit to continuously receive a signal being transmitted from the selected transmission device when the number of received signals containing identical data is equal to or larger than a prescribed number.

Abstract: Disclosed is a ciphertext computation method. The ciphertext computation method includes: receiving a modular computation command for a plurality of ciphertexts; performing a modular computation for the plurality of ciphertexts by using a lookup table storing a plurality of predetermined prime number information; and outputting a result of the computation.

Abstract: A first entity stores an issuer digital certificate published by a certificate authority (CA) and signed by the issuer certificate; and also stores an old issuer digital certificate published by the CA prior to publication of the issuer digital certificate and an old first entity digital certificate signed by the old issuer digital certificate. The first entity attempts to initiate a secure communication session with a second entity by receiving a second entity digital certificate from the second entity via an electronic network, and sending either the first entity digital certificate or the old first entity digital certificate to the second entity based on which of the issuer digital certificate or the old issuer digital certificate is effective to authenticate the second entity digital certificate received from the second entity. The secure communication session is conducted only if the attempt to initiate the secure communication session is successful.

Abstract: The present disclosure discloses a method for sharing models among autonomous vehicles based on a blockchain, the method comprising the steps of: 1) creating a mobile edge computing network; 2) generating a key pair for each node in the mobile edge computing network; 3) creating a local model set of a mobile node set in the mobile node computing network; 4) enabling each mobile node to communicate with a corresponding nearest mobile edge computing node; 5) creating supernode sequences by the mobile edge computing node; 6) creating a blockchain based on the supernode sequences; and 7) updating the local model set.