Abstract: A data storage system configured to deduplicate and store sets of data is presented. The system comprises a computer readable storage device configured to store a plurality of sets of data for a plurality of hosts, wherein each sets of data of the plurality of sets of data corresponding to each host of the plurality of hosts is encrypted with one or more different encryption keys, and wherein at least one of the plurality of sets of data contains deduplicated data. The system also comprises a key translator configured to create at least one translation key based, at least in part, on the one or more different encryption keys and the deduplicated data, and wherein the at least one translation key is configured to translate from a first encryption key to a second encryption key of the one or more different encryption keys.

Abstract: An information processing apparatus includes a memory, and a processor coupled to the memory and configured to generate, from a common key used for symmetric key cryptography, and from either an encryption process using the common key or a decryption process using the common key, an encryption lookup table corresponding to the encryption process or a decryption lookup table corresponding to the decryption process by using white box cryptography, and disseminate the generated encryption lookup table or the generated decryption lookup table as a public key.

Abstract: A method including determining an assigned key pair associated with a device, the assigned key pair including an assigned public key and an associated assigned private key; determining an access key pair associated with content to be encrypted, the access key pair including an access public key and an associated access private key; encrypting the access private key using a combination encryption key determined based at least in part on the access private key and the assigned public key; encrypting a randomly generated key by utilizing the access public key; and encrypting the content utilizing the randomly generated key. Various other aspects are contemplated.

Abstract: An in-vehicle communication network comprising a bus and at least one node connected to the bus; an in-vehicle network operating system (OS) that manages OS processes, to enable a processor to run the processes and execute their respective process codes; and a module hosted in the OS that is configured to monitor the OS and vet a process that the OS enables for running by a processor to determine if the process is potentially damaging.

Abstract: A method for execution by one or more storage units of a dispersed storage network (DSN). The method begins by receiving, at a first storage unit, a request for a partial task. The method continues by generating a slice request, to one or more additional storage units, when the first storage unit does not contain all encoded data slices required to execute the partial task. The method continues by receiving the at least one additional encoded data slice from the one or more additional storage units and performing the partial task on the first encoded data slice and the at least one additional encoded data slice to produce at least partial results.

Abstract: In some examples, an electronic device includes a non-transitory storage medium storing blockchain information, a processor to compute a secure representation of the blockchain information based on applying a cryptographic function to the blockchain information, and a transmitter to transmit a beacon comprising the secure representation of the blockchain information.

Abstract: Provided are methods and systems for performing a secure probabilistic analytic using an encrypted analytics matrix. An example method includes acquiring, by a client, an analytic, analytic parameters associated with the analytic, and a homomorphic encryption scheme including a public key for encryption and a private key for decryption. The method further includes generating, using the encryption scheme, an analytic matrix based on the analytic and analytic parameters, and sending the analytic matrix and the encryption scheme to at least one server. The method includes generating, by the server and based on the encryption scheme, set of terms from a data set, evaluating the analytic matrix over the set of terms to obtain an encrypted result, and estimating a probabilistic error of the encrypted result. The method further includes sending, by the server, the encrypted result and the probabilistic error to the client where the encrypted result is decrypted.

Abstract: A single sign-on system using blockchain is disclosed. The single sign-on system may interconnect various organization systems over a peer-to-peer network, with each organization system having a blockchain node and an application programming interface (API). The blockchain node invokes and uses a smart contract to write registration credentials to the blockchain during a registration process. During a login process, the blockchain node invokes the smart contract to determine whether login credentials match stored login credentials in the blockchain. In response to matching login credentials, the API may generate a single sign-on token that can be used by a user device to access one or more organization systems connected over the network.

Abstract: In some aspects, a cryptography method includes executing, by operation of a first computing device associated with a first entity, a first handshake process with a second entity according to a first handshake protocol to establish a first symmetric encryption key for a first encryption protocol; executing, by operation of the first computing device, a second handshake process with the second entity to establish a second symmetric encryption key for a second encryption protocol. Executing the second handshake process includes: generating second handshake data according to a second handshake protocol; encrypting the second handshake data using the first symmetric encryption key with the first encryption protocol; and sending the encrypted second handshake data to a second computing device associated with the second entity; and using the second symmetric encryption key and the second encryption protocol for single-encrypted communication over a communication channel between the first and second entities.

Abstract: The present invention mainly relates to the field of information technology, and specifically to a method and system for cryptographic attribute-based access control supporting dynamic rules. In the system, the protected object is stored in an encrypted form, only the access request satisfying the access policy in attribute-based access control can be authorized to decrypt the object, which ensures that the access to data in an unsecure environment can be authorized according to a security policy, and supports dynamic policy and real-time authorization of attributes.

Abstract: Systems and methods for managing a compromised autonomous vehicle server are described herein. A processor may obtain an indication of a first server configured to control an autonomous vehicle being compromised. The autonomous vehicle may have previously been provisioned with a first public key. The first public key may be paired with a first private key. A processor may compile command information. The command information may include a command for the autonomous vehicle and a digital certificate of a second server configured to control the autonomous vehicle in the event of the first server being compromised. The digital certificate may include a second public key and may be signed with the first private key. The command may be signed with a second private key associated with the second server. The second private key may be paired with the second public key.

Abstract: A network device may receive a request to install a filter associated with an application identifier or a uniform resource locator (URL), and may add, based on the request, information identifying the filter to a list of filters associated with the network device. The network device may receive a packet destined for an endpoint device, may generate a copy of the packet, and may cause the packet to be forwarded to the endpoint device. The network device may perform deep packet inspection of the copy to identify a packet application identifier or a packet URL, and may determine whether the packet application identifier or the packet URL matches the application identifier or the URL. The network device may cause the copy of the packet to be forwarded to a content destination device when the packet application identifier or the packet URL matches the application identifier or the URL.

Abstract: Methods and systems for malicious non-human user detection on computing devices are described. The method includes collecting, by a processing device, raw data corresponding to a user action, converting, by the processing device, the raw data to features, wherein the features represent characteristics of a human user or a malicious code acting as if it were the human user, and comparing, by the processing device, at least one of the features against a corresponding portion of a characteristic model to differentiate the human user from the malicious code acting as if it were the human user.

Abstract: A software defined networking (SDN)-based distributed denial of service (DDoS) attack prevention method, an apparatus, and a system, where a controller delivers a traffic statistics collection instruction to a first packet forwarding device. The traffic statistics collection instruction instructs the first packet forwarding device to perform traffic statistics collection, and carries a destination Internet Protocol (IP) address. The controller collects statistical data reported by the first packet forwarding device, obtains, according to the statistical data, a statistical value of global traffic flowing to the destination IP address, and delivers a DDoS prevention policy to a second packet forwarding device based on a determining result that the statistical value of the global traffic exceeds the preset threshold.

Abstract: A random flux of rising bubbles generates a fluctuating electrical current that is processed into a high-quality bit stream. Any stream of fully or mildly randomized bits is measured for its degree of randomness, and that randomness is amplified or attenuated as the case may be. Impact on ciphers and cyber security tools that rely on randomness.

Abstract: Embodiments of the present application provide a resource request method, a device, and a storage medium, where the method applied to a control device includes: generating a resource collection request message, the resource collection request message including a resource request for at least one remote reference node and corresponding first check data of the resource request, and sending the resource collection request message to a resource collection device.

Abstract: In accordance with a first aspect of the present disclosure, an authentication token is provided, comprising: a communication unit for contactless communication between the token and an external device; an energy storage unit for storing energy; a biometric capturing unit for capturing at least one biometric sample; a processing unit for processing the biometric sample captured by the biometric capturing unit; wherein the token further comprises a synchronization unit configured to: determine a communication status of the communication unit; determine a power supply capability of the energy storage unit; adjust a processing speed of the processing unit in dependence on said communication status and said power supply capability. In accordance with a second aspect of the present disclosure, a corresponding method of operating an authentication token is conceived. In accordance with a third aspect of the present disclosure, a corresponding computer program is provided.

Abstract: A method for tracking rash driving includes: receiving a plurality of rider embarkation notifications, each including a digital signature and a vehicle identifier; generating a new block for a blockchain, the new block including a block header and a plurality of blockchain data values, each blockchain data value corresponding to a rider embarkation notification and including the respective digital signature; receiving a rash driving notification including the vehicle identifier; transmitting a confirmation request to at least one mobile computing device associated with one of the plurality of rider embarkation notifications; receiving a confirmation message from one of the at least one mobile computing devices; and generating a subsequent block for the blockchain, the subsequent block including a new block header and a new data value, the new data value including an indication of rash driving.

Abstract: A request to perform a cryptographic operation is received, the request including a first identifier assigned to a key group, the key group comprising a plurality of second identifiers, with the plurality of second identifiers corresponding to a plurality of cryptographic keys. A second identifier is determined, according to a distribution scheme, from the plurality of second identifiers, and the cryptographic operation is performed using a cryptographic key of the plurality of cryptographic keys that corresponds to the second identifier that was determined.

Abstract: Systems, methods and computer program products are provided for layered quantum computing (QC) detection. An example system includes QC detection data generation circuitry that generates QC detection data via a first post-quantum cryptographic (PQC) technique. The system also includes cryptographic circuitry configured to generate a pair of asymmetric cryptographic keys including a public cryptographic key and a private cryptographic key via a second PQC technique, generate encrypted QC detection data based on the pair of asymmetric cryptographic keys, and destroy the private cryptographic key. The system further includes data monitoring circuitry configured to monitor a set of data environments for electronic information related to the encrypted QC detection data. In response to detection of the electronic information related to the encrypted QC detection data, the system may monitor a set of data environments for electronic information related to the QC detection data.