Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Embodiments of the present invention provide methods and apparatus for squaring a fence or other surface in a woodworking jig relative to the saw blade of the table saw used with the jig, by providing an adjustable tool that may be engaged with a kerf created by the blade of the table saw. Embodiments of the invention may be used to create a crosscut sled without using the “five-cut method”. In different embodiments, the invention may be used not only to square to the saw blade, but also to set other angles relative to the saw blade in the event that different positioning is desired.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Disclosed herein are techniques for analyzing software build changes. Techniques include accessing first executable code associated with a first version; accessing second executable code associated with a second version; determining a code delta between the first executable code and the second executable code, the code delta being based on a change of at least one first element of code in the first executable code to at least one second element of code in the second executable code; determining a software vulnerability associated with at least one of the at least one first element of code or the at least one second element of code; and generating a report including a pairing of an indicator of the software vulnerability with an indicator of at least one of the at least one first element of code or the at least one second element of code.

Abstract: Disclosed herein are techniques for shrinking security patches. Techniques include accessing executable code; scanning the executable code for an indicator of 3rd-party code associated with a software vulnerability; identifying, based on the scanning, the indicator of 3rd-party code; determining, based on the scanning, that the executable code includes a local fix patching the software vulnerability or that the executable code is not configured to rely on the 3rd-party code; and based on the determination that the executable code includes a local fix patching the software vulnerability or that the executable code is not configured to rely on the 3rd-party code, performing at least one of: generating a security patch file that does not patch the software vulnerability; or removing, from a security patch file, a patch associated with the software vulnerability, thereby reducing a size of the security patch file.

Abstract: Disclosed herein are methods and systems for training and using a neural network to evaluate vulnerability of software packages, comprising using a plurality of training samples each associating one of a plurality of software packages with one of a plurality of vulnerabilities identified by one of a plurality of validators to training the neural network to compute a probability of presence of one or more of the plurality of vulnerabilities in each of the plurality of software packages and outputting the trained neural network. The validators may include expert knowledge, heuristics, rule-based models as well as machine learning and deep learning models. The trained neural network may be then applied to compute a probability of presence of one or more of the vulnerabilities in one or more previously unseen software packages based on a feed of vulnerabilities identified in the previously unseen software package(s) by the plurality of validators.

Abstract: Disclosed herein are methods and devices for mitigating Bluetooth (BT) based attacks, using a BT proxy device comprising a first and a second BT interfaces. The BT proxy device is configured to identify a first BT device and a second BT device connected to each other via a BT link, transmit a BT link disconnect to the first and second BT devices while using the device name of the second and first BT devices respectively, use the device name of the second BT device to connect to the first BT device via the first BT interface, use the device name of the first BT device to connect to the second BT device via the second BT interface, intercept BT packets exchanged between the first and the second BT devices, and detect one or more potential attack vectors based on analysis of one or more of the intercepted BT packets.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Techniques for securing digital signatures using multi-party computation. A method includes generating at least one first secret share by a first system, wherein at least one second secret share is generated by one of at least one second system; signing data based on the at least one first secret share when a signing policy is met, wherein the signing is part of an interactive signing process including running a multi-party computation protocol by the first system and the at least one second system, wherein the signed data corresponds to a public key generated based on the plurality of secret shares, wherein the signing policy requires a minimum number of secret shares, wherein shares of one system alone are not sufficient to meet the signing policy, wherein no portion of shares of one system are revealed to the other system during the interactive signing process.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

Abstract: A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

Abstract: A system and method for digitally signing data. A method includes generating, by a first device, at least one first secret share based on a secret key chosen by the first device, wherein the first device is offline with respect to a second device; partially signing data by the first device using the at least one secret share, wherein the data is received from the second device without establishing direct communications between the first device and the second device; and sending the partially signed data from the first device to the second device, wherein the second device generates signed data using the partially signed data, wherein the signed data corresponds to a public key generated based on the at least one first secret share and at least one second secret share generated by the second device.

Abstract: Described is a system for biometric authentication. The system converts biometric data into a cryptographic key r? using a reusable fuzzy extractor process having an underlying hash function modeling a random oracle model. The system allows access to secured services when a comparison of r? to a previously computed cryptographic key r shows a match.

Abstract: Described is a system for biometric based security. The system converts biometric data into a cryptographic key using a reusable fuzzy extractor process. The reusable fuzzy extractor process comprises a generation process and a reconstruction process. The generation process takes as input a public parameter and a first biometric input and outputs a public helper string and a first random string. The reconstruction process takes as input a public helper string and a second biometric input and outputs a second random string. The reusable fuzzy extractor process is reusable such that multiple public helper strings do not reveal any information about the first biometric input and the first random string. Secured data is unlocked by applying the cryptographic key for biometric security of access to secured data.

Abstract: Described is a system for biometric based security. The system converts biometric data into a cryptographic key using a reusable fuzzy extractor process. The reusable fuzzy extractor process comprises a generation process and a reconstruction process. The generation process takes as input a public parameter and a first biometric input and outputs a public helper string and a first random string. The reconstruction process takes as input a public helper string and a second biometric input and outputs a second random string. The reusable fuzzy extractor process is reusable such that multiple public helper strings do not reveal any information about the first biometric input and the first random string. Secured data is unlocked by applying the cryptographic key for biometric security of access to secured data.

Abstract: Described is a secure system for generic pattern matching. In operation, the system determines if a pattern p, as presented by a second party, is within a textual pattern T, as maintained by a first party. In making such a determination, the system uses a series of binary value matrices and corresponding pairs of encrypted permuted matrices. Challenge bits are then used to generate permutations and later verify correctness of the various encrypted permuted matrices. If it is determined that pattern p is within text T, the, for example, an access protocol is initiated.

Abstract: Techniques for securing digital signatures using multi-party computation. A method includes generating at least one first secret share by a first system, wherein at least one second secret share is generated by one of at least one second system; signing data based on the at least one first secret share when a signing policy is met, wherein the signing is part of an interactive signing process including running a multi-party computation protocol by the first system and the at least one second system, wherein the signed data corresponds to a public key generated based on the plurality of secret shares, wherein the signing policy requires a minimum number of secret shares, wherein shares of one system alone are not sufficient to meet the signing policy, wherein no portion of shares of one system are revealed to the other system during the interactive signing process.