Abstract: Various aspects of the disclosure relate to verification of data sets used for real-time processes and/or batch processes. A computing platform negotiates, by a first quantum node, a shared key group with at least a second quantum node and calculates an exclusive or (XOR) value of a pair of the first quantum node and the second quantum node. The first quantum service node performs a shared key grouping with the second quantum node and then selects a quantum key relay link between a real-time node and a batch source node. The computing platform selects a corresponding state of all virtual quantum nodes associated with the quantum key relay link and encapsulates a virtual quantum link state between any two quantum service nodes in the quantum network into a database decision engine data file.

Abstract: An attribute based encryption system includes a key generator configured to generate a cyclic group (G) having a prime order q; generate an attribute key matrix (M); generate a master public key (MPK) based, at least in part, on the group (G) and (M); generate a master secret key (MSK) based on a first vector s and a second vector t that represent an encryption policy; generate a user secret key based, at least in part, on the MSK and on a set of one or more user attributes; and send the user secret key to a user device, wherein a ciphertext message can be successfully decrypted if a vector y associated with attributes of the user associated with the user secret key is orthogonal to each row of a set of rows of M selected according to a set of authorization attributes used to encrypt the ciphertext message.

Abstract: A quantum-key distributed (QKD)-enabled communication architecture it devises for networked microgrids (NMGs). A real-time QKD-enabled NMGs testbed built in an RTDS environment, and a novel two-level key pool sharing (TLKPS) strategy it designs to improve the system resilience against cyberattacks. In the QKD-based microgrid testbed design there is used a real-time power system simulator, i.e., RTDS, including the QKD modeling, hardware connection, communication network design, and QKD integration. By integrating QKD features into a real-time microgrid simulator, this testbed offers a flexible and programmable testing environment for evaluating the performance of QKD-enabled microgrids under a variety of scenarios.

Abstract: The present disclosure relates to systems, non-transitory computer-readable media, and methods for integrating a document signature system with an account management system. In particular, in one or more embodiments, the disclosed systems activate a digital document template for integration with the account management system, receive interaction data by a client device with a digital document, and send the interaction data or the digital document to the account management system.

Abstract: A virtual private network (VPN) client receives data including a pre-shared key (PSK). The VPN client decrypts the data based on a short-term key pair to obtain a ciphertext. The VPN client then decrypts the ciphertext based on a short-term quantum-resistant key pair to obtain the PSK. A VPN tunnel is then established between the VPN client and a VPN server based on the PSK.

Abstract: The present disclosure relate to exchanging information between a start node and an end node. Based on the information session keys for a connection comprising the start node, the end node, and at least one intermediate node are established. The session keys include a data encryption session key and a Message Authentication Code (MAC) session key. The data is encrypted using the data encryption session key at the start node. MAC is generated using the MAC session key. The encrypted data is relayed, via the at least one intermediate node, from the start node to the end node without the at least one intermediate node re-encrypting the data.

Abstract: A method of quantum key distribution making use of 2-qubit entanglement, by which one entangled qubit is sent from an operator O to Alice and the other entangled qubit is sent from operator O to Bob, making for key-sharing among three parties (multi-user quantum key distribution, i.e. MU QKD). Alice and Bob each measures a respective sequence of qubits randomly along either one of two states, records the measurements in a respective list, and encodes the bits in an encoded list. The encoded lists are sent to operator O for entanglement to be verified with the CHSH inequality. Bob's verified list is sent to Alice and vice-versa, allowing Alice and Bob to further verify correlation. Non-entangled bits are rejected until Alice and Bob have a similar key, being a reconciled quantum-based key as sought.

Abstract: A method for communications in a network can include performing a pairing between a first device and a second device in the network. The method can include deriving a port knocking sequence from identification information of the pairing. The method can include providing port knocking according to the port knocking sequence. The method can include authorizing a connection between the first device and the second device responsive to detecting the port knocking sequence. Other devices and methods are described.

Abstract: Managing worksheet access including receiving a request from a first user account to access a worksheet shared from a second user account, wherein the worksheet comprises a worksheet architecture for at least one data set from a database; determining that the first user account is authorized to access the worksheet architecture of the worksheet; determining that the first user account is authorized to access the at least one data set presented by the worksheet; and granting the first user account access to the worksheet in response to determining that the first user account is authorized to access the worksheet architecture of the worksheet and determining that the first user account is authorized to access the at least one data set presented by the worksheet.

Abstract: Systems and methods for a secure cross-chain atomic swaps are disclosed herein. A user submits to a swap platform a signed limit order to atomically swap an amount of input token for an output token. The swap may involve a Dutch auction approach, in which the order execution price depends on time of inclusion in a block and decreases over the duration of the Dutch auction. The swap platform provides the order details to whitelisted resolvers to evaluate if/when/how to fill the order. Once a resolver makes that determination, it can utilize smart contracts associated with the swap platform to perform the atomic swap on behalf of the user and itself (e.g., without active involvement of the user). Input tokens deposited on an escrow contract are unlocked at the same time that output tokens deposited on another escrow contract are unlocked.

Abstract: A first device receives a data qumode and at least one auxiliary qumode from a second device. The data qumode and the auxiliary qumode(s) were entangled at the second device. The first device entangles the data qumode and the auxiliary qumode(s) and measures the auxiliary qumode(s). Measuring the auxiliary qumode(s) generates an indication of an error channel experienced by the data qumode. The first device applies an error correction to the data qumode based on the indication of the error channel, and generates a corrected data qumode.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for batch retrieving data are described. In one aspect, a method includes receiving, from a client device and by a first multi-party computation (MPC) server of a cluster of MPC servers, a batch request for retrieving multiple database values stored in one or more databases. The batch request includes a first byte array that includes, for each requested key of multiple requested keys, a first secret share of the requested key. Each database includes multiple data items that each include a database key and a corresponding value. The MPC server processes each database key to generate first secret shares of matching data indicating whether the database key matches at least one requested key. The MPC server generates one or more results that represent database values corresponding to each database key that matches at least one requested key.

Abstract: This document describes systems and techniques for using cryptography, secret sharing, secure MPC, garbled circuits, and oblivious transfer to select digital components in ways that preserve user privacy and protects the security of data of each party that is involved in the selection process. A method includes obtaining, by a first computer of a secure multi-party computation (MPC) system, at least a first share of user data related to a user of a client device. For each digital component in a set, a first secret share of a condition bit for the condition is obtained for each of one or more conditions that condition eligibility of the digital component for distribution. A garbled circuit is executed to select a given digital component for which each of the one or more conditions of the digital component is satisfied using the first secret share and the second secret share for each condition.

Abstract: Receiving first data regarding driving from the vehicle, a control unit is configured to execute generating and encrypting second data to be transmitted to the first server based on the first data, and transmitting the encrypted second data to the first server. and transmitting to the first server, every predetermined period, a key for decoding the second data transmitted to the first server during the predetermined period.

Abstract: A data processing method performed by a first device includes: generating, in response to first service data satisfying a data uploading condition, a first bit array corresponding to the first service data; encrypting the first bit array through a data key to obtain a ciphertext bit array, the data key being generated by a second device in a data intersection application run in a trusted execution environment of the second device; and transmitting the ciphertext bit array to a blockchain node for forwarding to a second device, for the second device to decrypt, in the data intersection application through the data key, the ciphertext bit array to obtain the first bit array.

Abstract: A method enables a user to bypass a pass code, such as personal identification number (PIN), when performing an authentication process between a client device and a gateway/broker of a virtual desktop infrastructure (VDI) provided by a virtualized computing environment. A customized operating system (OS) of the client device includes pre-installed certificates and keys that are used in the authentication process and which are protected by the PIN. Through a public interface, a client device may perform the authentication process without requiring the user to manually enter the PIN.

Abstract: A method is disclosed. The method includes generating, by a first user device in association with a second user device, a second secret key on the second user device. The second secret key is derived from a first secret held by the first user device. The method includes generating a first commitment, transmitting, to the second user device, the first commitment, receiving, from the second user device, a second commitment, receiving, from the second user device, a random value and a ciphertext. The ciphertext is generated using the first commitment, the second commitment, and the random value. The method also includes verifying the ciphertext, and in response to verifying the ciphertext, modifying a group to include the second user device.

Abstract: Shared information generation technique including key generation rate and soft-decision error correction in CV-QKD is disclosed. A receiver is configured to: set reference bit positions for basis reconciliation according to the reference bit positions with a transmitter, to generate sifted key quantization data; performs hard decision on a part of the sifted key quantization data to generate hard-decision data; perform bit position synchronization decision whether bit position synchronization is established; and in response to establishment of bit position synchronization, performs soft-decision error correction processing to generate shared information.

Abstract: In one embodiment, a service receives administration traffic data in a network associated with a remote administration session in which a control device remotely administers a client device. The service analyzes the administration traffic data to determine whether any portion of the administration traffic data is resulting from an administration session involving a trusted administrator. The service flags a first portion of the administration traffic data as authorized when the first portion of the administration traffic data is determined to result from an administration session involving a trusted administrator, and a second portion of the administration traffic data is non-flagged. The service assesses the second portion of the administration traffic data using a machine learning-based traffic classifier to determine whether the second portion of the administration traffic data is malicious.

Abstract: Systems and methods for data encryption and decryption requiring successive partial decryption using multiple keys. The method is designed to generate a public key used to encrypt plaintext into an encrypted message and to generate multiple private keys, each of which are different from one another and are transmitted to separate computing devices to be used for decryption. The encrypted message is sent to one computing device for partial decryption using one private key, and the partial decryption is sent to another computing device for partial decryption using a different private key to generate the plaintext.