Abstract: A method for conveying auditable information regarding provenance of a product that is cryptographically accurate while retaining complete anonymity of product and participant on a blockchain includes: receiving a product identifier; generating a digital token by applying a hashing algorithm to the product identifier; generating an entry value by applying the hashing algorithm to a combination of an event identifier and the digital token; generating a digital signature by digitally signing a data package using a private key of a cryptographic key pair, where the data package includes at least a blockchain address, the event identifier, and the digital token; and transmitting the blockchain address, the digital signature, and the entry value to a node in a blockchain network.

Abstract: The application discloses a verification method and system. The verification method is for verifying content of a first volatile read-write memory of a chip. A first non-volatile read-write memory of the chip stores a firmware image, including predetermined calculation value. The chip includes a second volatile read-write memory. The verification method includes: at a bootloader mode, loading a first portion and a second portion of the firmware image to the first volatile read-write memory and the second volatile read-write memory respectively; performing a first specific operation to the first portion and the second portion to obtain a first calculation value; performing a second specific operation to the first calculation value to obtain a second calculation value and storing the second calculation value in the second volatile read-write memory.

Abstract: A mobile device and method are provided that allow for registering the mobile device using a machine readable optical label. The mobile device receives a machine readable optical label, such as a QR code or a bar code. The machine readable optical label includes authentication data and security information. The mobile device scans machine readable optical label to read the authentication data and the security information. The mobile device validates the machine readable optical label and generates certificate request, the certificate request digitally signed using the authentication data and the security information. The mobile device transmits the certificate signing request to a registration authority.

Abstract: A digital time-lock contract specifies that an agent holds an encryption private key corresponding to an encryption public key on a blockchain network and then releases the encryption private key to the blockchain network within a specified time window. An agent provides a first cryptographic asset for holding and then releasing the encryption private key to the blockchain network, the first cryptographic asset being transferrable when the encryption private key is released to the blockchain network within the specified time window. A client provides a second cryptographic asset to the agent for holding and then releasing the encryption private key to the blockchain network, the second cryptographic asset being transferrable when the encryption private key is released to the blockchain network within the specified time window. The digital time-lock contract can be broadcast to the blockchain network for mining onto the blockchain.

Abstract: A disclosed method of operating a representational state transfer (REST) server to respond to receiving a batch request includes: extracting a first requested item from the batch request; opening an output stream to a client network; writing a response opening of a batch response to the output stream; writing a first response item opening of the batch response to the output stream; in response to determining that a first REST service indicated by the first requested item is authorized to be invoked based on access control lists (ACLs), invoking the first REST service to stream a first response item body of the batch response to the output stream; writing a first response item closing of the batch response to the output stream; and writing a response closing of the batch response to the output stream, wherein the batch response is in valid JavaScript Object Notation (JSON).

Abstract: A server system for digital media processing may receive two digital media assets and information associated with capture of the two digital media assets, such as metadata or sensor data from the respective times of capture of the two digital media assets. The server system verifies that the two digital media assets and associated information are unaltered, and that the second of the two digital media assets is captured after the first. The server system then generates a document that incorporates the two digital media assets, such as an insurance claim document.

Abstract: Among other things, we describe systems and method for implementing data security in an autonomous vehicle system. The systems and methods can include inter-process communication security via key management, in which asymmetric cryptography and other validation techniques are used to validate data received from sensors. The systems and method can also include penetrative testing, in which valid sensor inputs are modified and transmitted throughout a distributed network through one or more sensors.

Abstract: A method is provided for generating a tamper-proof record of a conversation recorded using a recording device. During or after the recording, successive sections, chunks or other form of fragments of the audio recording are sent continuously or intermittently to a secure remote server. The successive fragments are automatically encrypted and stored securely on the recording device until a network connection is available.

Abstract: Embodiments of the present disclosure describe methods, apparatuses, storage media, and systems for a device disposed at an edge of a vehicular communication network or vehicles within a coverage area of the device. The device is to generate a list of vehicle security data to be distributed to vehicles currently within a coverage area of the device, based at least in part on a context related to the vehicles. The device is further to announce, on a control channel communicatively coupling the device and the vehicles, that the list of vehicle security data are available and a service channel to receive the list of vehicle security data. The list of vehicle security data are to be provided to the vehicles via the service channel. Other embodiments may be described and claimed.

Abstract: Workload Images comprising one or more artifacts are managed in a decentralized and centralized manner. Local management comprises breaking any image/artifact into blocks, encrypting each block with a key known and available only to the local processing environment, and uniquely signing each encrypted block. Published versions of the images/artifacts are retained remotely in a cloud/server in encrypted and signed block format. When retrieval, modification, addition, deletion, and deployment of any given image/artifact is needed, the target device/server that is to receive the image/artifact provides a listing of encrypted blocks with the corresponding signatures that are already present on that device/server and a centralized cloud/server schedules and manages download of just those encrypted blocks that are missing to the target device/server.

Abstract: A system and method for efficiently managing an executable environment involving multiple code-sign certificate chains. The system and method include receiving, by one or more processors and from a client device, a request for information to verify an authorization of a code bundle, the code bundle associated with a first signed code segment and a second signed code segment. The system and method include generating, by one or more processors, a list of certificates associated with the code bundle. The system and method include transmitting, by the one or more processors and to the client device, a message comprising the list of certificates, the message causing the client device to verify the code bundle based on the list of certificates.

Abstract: This application provides an authentication method and related device and system. The method includes sending, by a first network device, a first next-hop resolution protocol (NHRP) registration request message to the second network device, where the first NHRP registration request message is used to request the second network device to perform digital certificate authentication on the first network device, and the first NHRP registration request message includes first PKI certificate information. The method may further include receiving, by the first network device, a first NHRP registration reply message indicating that the digital certificate authentication performed by the second network device succeeds. In this way, authentication is performed between a spoke device and a hub device using a PKI certificate. This helps reducing authentication workload and improving authentication security.

Abstract: (A) An individual one of two or more terminals prepares a set of a first public key and a first private key. (B) One of the two or more terminals creates a set of a second public key and a second private key and distributes the second public key and the second private key to the other terminal(s). (C) One of the two or more terminals creates a shared key by using the corresponding first private key prepared in the (A) and the second public key shared in the (B). (D) A different terminal(s) of the two or more terminals creates a shared key used to communicate with the one terminal by using the second private key shared in the (B) and the first public key of the one terminal prepared in the (A). (E) The set of terminals performs an encryption communication(s) by using the shared keys.

Abstract: The disclosed embodiments provide a distributed transaction system including a group of validator nodes that are known to each other in a network but are indistinguishable to other network nodes. The validator nodes form a Committee including a Leader node and one or more Associate nodes. The Committee may be dynamically changed, such that new network nodes may be added to the Committee or may replace existing validator nodes. The Associate nodes also may coordinate with each other to select a new Leader node. The disclosed embodiments reduce the distributed system's reliance on the stability of any particular node(s) in the network, as the validator nodes in the Committee may be changed at a sufficient frequency to remove unreliable, unavailable, or otherwise untrusted nodes. Further, the disclosed embodiments provide a scheme that helps ensure the Leader node, as well as the other Committee members, functions properly.

Abstract: An electronic key fob device, in one embodiment, includes a transmitter, a counter configured to provide a current counter value indicated by a plurality of bits, a memory configured to store an operation key, and a processor coupled to the transmitter and memory. The processor is configured to encrypt the current counter value using the operation key to produce an encrypted counter value, select a subset of the plurality of bits of the current counter value, transmit a message the includes the encrypted counter value and the subset of plurality of bits of the current counter value.

Abstract: A method, apparatus, system, and computer program product are provided for managing the usage of verified credentials. An issuer of credentials receives a request from a person for a credential. The issuer identifies the credential from information that is controlled by the issuer. The issuer identifies a decentralized identifier (DID) record for an audit engine from a blockchain network. The DID record for the audit engine includes a public key of that is associated with the audit engine. The issuer identifies a DID record for the person from the blockchain network. The DID record for the person includes a public key that is associated with the person. The issuer generates an encrypted credential by encrypting the credential and the DID record for the person based on the public key associated with the audit engine. The issuer sends the encrypted credential to the person.

Abstract: The invention is related to a method for secure transferring of information through a network between an origin Virtual Asset Service Provider and a destination Virtual Asset Service Provider, in a hostile environment, where every entity (party member, network node) must proof its entitlement of the information being exchanged. Hostile environment means that neither any entity/network node nor the network as a whole can be trusted. The present method doesn't require other party member/network node or database to secure information transfer. Neither it requires any other trusted entity or server to guarantee or provide proof of ownership of exchange information. The present method for communicating securely between electronic devices uses asymmetric key encryption. The invention comprises also a computer program product comprising program code stored on a non-transitory computer readable medium, said program code comprising computer instructions for performing the inventive method.

Abstract: Various examples are directed to systems and methods for executing a web application with client-side encryption. A web browser can receive a document comprising a plurality of data elements including a secure element that comprises an encrypted value. An extension component may generate a secure container element to replace the secure element. The extension component can also insert a subdocument into the secure container element. The web browser may be configured to prevent web applications from accessing the subdocument. The extension component may also decrypt the encrypted value to generate a clear value and write the clear value to the subdocument. The web browser may render the document using the clear value.

Abstract: The present disclosure generally relates to securing access to resource and access rights using cryptography and the blockchain. Certain embodiments of the present disclosure generally relate to systems and methods that enhance the security of resource access using hierarchical deterministic (HD) cryptography and the blockchain. Certain embodiments of the present disclosure relate to systems and methods that securely and anonymously represent the identity of a user and the user's access code data on a distributed ledger represented across the blockchain.

Abstract: Methods and systems for provisioning transferable access tokens are disclosed. An access device associated with a resource provider can communicate with a first communication device as part of an interaction between a first user and the resource provider. The access device can generate an authorization request message comprising a first access token and an interaction value. The access device can transmit the authorization request message to an authorization computer. The authorization computer can authorize the interaction and generate an authorization response message. After authorizing the interaction, the authorization computer can provide a transferable access token to the first communication device. The first communication device can transmit the transferable access token to a second communication device, so that a second user can use the transferable access token in an interaction.