Abstract: Systems, apparatuses, methods, and computer program products are disclosed for secure utilization of quick response (QR) codes. An example method includes obtaining a key known to an initiating device and a participating device, and receiving, by the communications hardware of the participating device, an indication of a secure character string extracted from a QR code. The example method further includes verifying, by security circuitry of the participating device and using the key, authenticity of the QR code, and performing by the participating device, an action set.

Abstract: Systems and techniques for secure communications and distribution of random values, produced from at least two satellite entropy sources, are described. These random values may be provided by respective quantum random number generators (QRNGs) at separate satellites, and optionally combined with values from ground-based entropy sources (e.g., QRNGs at terrestrial locations). An example method includes: receiving a first random value and a second random value via at least one satellite communication, where the first random value is generated by a first QRNG at a first satellite, and the second random value is generated by a second QRNG at a second satellite; and generating a cryptographic key based on the first random value and the second random value. The cryptographic key may be produced by a key derivation function that combines the random values, and the cryptographic key may be used to establish a secure communication session.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for establishing cryptographic keys shared among three or more devices. An example method includes generating a set of particles and an entangled particle triplet based on the set of particles. The example method further includes transmitting the first set of entangled particles to a first host device, the second set of entangled particles to a second host device, and the third set of entangled particles to a third host device, and making a determination whether the three sets of bits are matching, where the three sets of bits are derived from the three sets of entangled particles sent to the three host devices. The example method further includes establishing the cryptographic keys based on the matching sets of bits.

Abstract: Systems and techniques for secure communications and distribution of random values for cryptographic key generation, coordinated with the use of specific key generation parameters, are described. An example method includes: receiving a first random value and a second random value generated from at least one quantum random number generator (QRNG), with at least one of the first random value and the second random value being provided from a satellite communication; obtaining key generation parameters associated with cryptographic key generation, where the key generation parameters specify a specific combination of the first random value and the second random value; and generating a cryptographic key, using the specific combination of the first random value and the second random value, as a seed to a cryptographic function.

Abstract: A method, apparatus, and computer program product for proactive offline authentication are provided. An example method includes determining a current offline condition of a computing device at a first time and determining a prior online condition of the computing device at a second time that is earlier than the first time at which the computing device generated second authentication credentials based upon one or more user attributes obtained from a digital identity construct database associated with a first user at the second time. The method further includes obtaining, at the first time, first authentication credentials associated with the first user and determining a discrepancy between the first and the second authentication credentials. In response to the determined discrepancy, the method includes generating an authentication token based upon the second authentication credentials for authenticating a first user device of the first user with the computing device.

Abstract: System and techniques for aerospace-based key injection are described herein. An aerospace platform can receive a request for an initial key from an entity. This request includes an identifier for the entity that is unique among a set of entities to which the entity belongs. The aerospace platform uses a local base derivation key and the received identifier to generate an initial key for the entity. The initial key is then transmitted to the entity.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for determining a security vulnerability of a computer system. An example method includes initializing a policy based on initial policy data. The example method further includes selecting an action based on the policy and executing, by agent circuitry, the action in the environment. The example method further includes, subsequent to executing the action in the environment, receiving an observation of the environment and determining an updated state from the set of states based on the observation. The example method further includes determining, by the policy, a reward based on the updated state and updating the policy based on the updated state.

Abstract: Systems and methods for dynamic routing protocols are provided. A method includes receiving, using a computer system including a quantum computer, data related to a multipoint communication between a start point and an end point from one or more data sources, and calculating one or more routes for the multipoint communication between the start point and the end point using the data and based at least in part on a shortest route between the start point and the end point. Using the quantum computer, the one or more routes are optimized based on a communication status of one or more nodes along the route. The optimized routes are dynamically selected based on timing and performance requirements of the computer system, and the multipoint communication between the start point and the end point is executed using the optimized one or more routes.

Abstract: Disclosed are example methods, systems, and devices that allow for secure data processing using data packages generated by edge devices. A computing device can generate a biometric signature from a scan of a physical feature of a user and encrypt user data based on the biometric signature and a device identifier to produce encrypted user data decryptable with a first digital key. The first digital key can be transmitted to a first computing system to receive a security token indicating validity of at least part of the user data. The encrypted user data and security token can be stored in a data package such that alterations invalidate the token. A second digital key corresponding to the data package can be generated and transmitted with the data package to a second computing system to provide a service.

Abstract: Systems and methods are disclosed herein for providing qubits via a quantum communication channel. An example method includes receiving a set of quantum generator nodes, a request for the qubits and a profile for generating the qubits. The example method also includes determining a quantum generator node for delivering the qubits to the endpoint device based on properties of the quantum generator node and the profile and selecting a quantum circuit and a device configuration based on the properties of the quantum generator node and the profile. The example method also includes causing execution of the quantum circuit to generate the qubits. Finally, the example method further includes causing transfer of the qubits to the endpoint device.

Abstract: Systems and techniques may generally be used for modifying quantum entangled bit communication. An example technique may include generating, at a first node in a computing network, a random number using a quantum derived seed as input to a random number generator; modifying a program using the random number while maintaining a function output of the program for a given input; receiving, at the first node from a second node, an input based on the random number; and executing the modified program at the first node using the input to obtain an output consistent with the program in an unmodified state.

Abstract: Systems and methods may generally be used to authenticate user credentials. An example method may include using a personal identifier and a stored base derivation key to generate an initial key value, generating a current key value using an initial key value and a counter, determining a decryption key from the current key value and decrypting an encrypted secret value using the decryption key to identify a password. The method may include generating a password check value using the current key value and the device identifier, and determining whether to authenticate the user device based on whether the password check value indicates that the password is valid.

Abstract: Systems and techniques for secure communications and distribution of random values for cryptographic key generation, coordinated with the use of specific key generation parameters, are described. An example method includes: receiving a first random value and a second random value generated from at least one quantum random number generator (QRNG), with at least one of the first random value and the second random value being provided from a satellite communication; obtaining key generation parameters associated with cryptographic key generation, where the key generation parameters specify a specific combination of the first random value and the second random value; and generating a cryptographic key, using the specific combination of the first random value and the second random value, as a seed to a cryptographic function.

Abstract: A mesh communication network for providing random bits for key generation may comprise one or more network nodes. Random bitstreams may be generated by nodes in the network based upon environmental conditions, hardware in the node, quantum phenomena, and the like. In some examples, the system can generate a common set of random bits from a superset of bits and deliver the common set or the superset to communicating parties which can then be used by the communicating parties to generate a shared cryptographic key.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for establishing cryptographic keys shared among three or more devices. An example method includes generating a set of particles and an entangled particle triplet based on the set of particles. The example method further includes transmitting the first set of entangled particles to a first host device, the second set of entangled particles to a second host device, and the third set of entangled particles to a third host device, and making a determination whether the three sets of bits are matching, where the three sets of bits are derived from the three sets of entangled particles sent to the three host devices. The example method further includes establishing the cryptographic keys based on the matching sets of bits.

Abstract: Securing digital assets in a vault that interfaces with multiple different third-party wallets to store keys/mnemonics. The vault interface accepts input from multiple different party wallets to combine multiple encryptions and secure storage techniques. Numerous cryptographic mechanisms are employed to securely pull a mnemonic phrase from a third-party wallet and into an institution's vault. A customer's mnemonic phrase is securely transported from a personal wallet into a secured institution's encrypted vault using the power of HSM to encrypt and decrypt a customer's mnemonic phrase securely.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for secure utilization of quick response (QR) codes. An example method includes obtaining a key known to the initiating device and a participating device, and identifying, by QR code processing circuitry of the initiating device, a payload to be encoded in a QR code. The example method further includes generating, by security circuitry of the initiating device and based on the payload and the key, a secure character string, creating, by the QR code processing circuitry of the initiating device, the QR code using the secure character string, and outputting the QR code by the communications hardware of the initiating device.

Abstract: Systems and methods are disclosed herein for providing entropy to clients. An example method includes receiving a first datagram comprising a first request for entropy and a set of requirements comprising an indication of an endpoint device, an indication of a number of bits of entropy, and an indication of a quality of the entropy. The example method further includes determining, by routing circuitry, whether a first entropy source from a set of entropy sources meets the set of requirements and determining, by priority circuitry, a first priority value based on the first request. The example method further includes determining, by the priority circuitry, whether the first priority value is a greatest available priority value and causing generation, by entropy quality circuitry, of an admixture of a plurality of entropy sources from the set of entropy sources. The example method further includes providing the admixture to the endpoint device.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for determining a security vulnerability of a computer system. An example method includes initializing a policy based on initial policy data. The example method further includes selecting an action based on the policy and executing, by agent circuitry, the action in the environment. The example method further includes, subsequent to executing the action in the environment, receiving an observation of the environment and determining an updated state from the set of states based on the observation. The example method further includes determining, by the policy, a reward based on the updated state and updating the policy based on the updated state.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for constructing a foundational identity to establish the identity of an individual and linking the foundational identity to various other identities of the individual in virtual spaces. An example method includes linking identities across virtual spaces. The example method further includes verifying identity activity associated with the various other identities using the link between the various other identities and the foundational identity, and based on the verification of the identity activity, generate outputs.