Abstract: Stateful hash-based signatures can be implemented using a secure device. For example, a computing device can transmit a request to a secure device to obtain a partial digital signature usable to cryptographically sign data, where the secure device is separate from the computing device. The secure device can generate the partial digital signature using a private key, which is generated by the secure device based on a counter value. The counter value is maintained internally to the secure device. The computing device can then receive, from the secure device, the partial digital signature and the counter value corresponding to the private key. The computing device can construct a full digital signature, to cryptographically sign the data, based on the partial digital signature and the counter value.

Abstract: Stateful hash-based signatures can be implemented using a secure device. For example, a computing device can transmit a request to a secure device to obtain a partial digital signature usable to cryptographically sign data, where the secure device is separate from the computing device. The secure device can generate the partial digital signature using a private key, which is generated by the secure device based on a counter value. The counter value is maintained internally to the secure device. The computing device can then receive, from the secure device, the partial digital signature and the counter value corresponding to the private key. The computing device can construct a full digital signature, to cryptographically sign the data, based on the partial digital signature and the counter value.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity. In one implementation, a cryptographic system is provided. The cryptographic system includes a memory to store encrypted data, and a processing device, operatively coupled to the memory, to identify a public key for a communications device in response to an indication of a presence of the communications device on a network. A first intermediate is determined in view of the public key for the communications device and in view of an acquisitioning public key. The acquisitioning public key is associated with the encrypted data. A second intermediate public key is received from the communications device in view of the first intermediate public key. Thereupon, the encrypted data is decrypted using an encryption key derived at least from the second intermediate public key.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity. In one implementation, a cryptographic system is provided. The cryptographic system includes a memory to store encrypted date, and a processing device, operatively coupled to the memory, to identify a public key for a communications device in response to an indication of a presence of the communications device on a network. A first intermediate is determined in view of the public key for the communications device and in view of an acquisitioning public key. The acquisitioning public key is associated with the encrypted data. A second intermediate public key is received from the communications device in view of the first intermediate public key. Thereupon, the encrypted data is decrypted using an encryption key derived at least from the second intermediate public key.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity. In one implementation, a cryptographic system is provided. The cryptographic system includes a memory to store encrypted data, and a processing device, operatively coupled to the memory, to identify a public key for a communications device in response to an indication of a presence of the communications device on a network. A first intermediate is determined in view of the public key for the communications device and in view of an acquisitioning public key. The acquisitioning public key associated with the encrypted data. A second intermediate public key is received from the communications device in view of the first intermediate public key. Thereupon, the encrypted data is decrypted using an encryption key derived at least from the second intermediate public key.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity with revocation capabilities. A cryptographic system is provided that includes a memory to store revocation information comprising a plurality of identifiers and a processing device operatively coupled to the memory. A provisioning public key is recovered in view of a first intermediate public key associated with a client device storing encrypted data. A binding identifier is generated for the client device in view of the provisioning public key. It is determined whether access to the encrypted data associated with the binding identifier is revoked or allowed in view of the revocation information. Responsive to determining that the access is allowed, provide a second intermediate public key to derive an encryption key to access the encrypted data in view of at least the provisioning public key and the first intermediate public key.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity with revocation capabilities. A cryptographic system is provided that includes a memory to store revocation information comprising a plurality of identifiers and a processing device operatively coupled to the memory. A provisioning public key is recovered in view of a first intermediate public key associated with a client device storing encrypted data. A binding identifier is generated for the client device in view of the provisioning public key. It is determined whether access to the encrypted data associated with the binding identifier is revoked or allowed in view of the revocation information. Responsive to determining that the access is allowed, provide a second intermediate public key to derive an encryption key to access the encrypted data in view of at least the provisioning public key and the first intermediate public key.

Abstract: Implementations of the disclosure provide for binding data to a network in the presence of an entity. In one implementation, a cryptographic system is provided. The cryptographic system includes a memory to store encrypted data, and a processing device, operatively coupled to the memory, to identify a public key for a communications device in response to an indication of a presence of the communications device on a network. A first intermediate is determined in view of the public key for the communications device and in view of an acquisitioning public key. The acquisitioning public key associated with the encrypted data. A second intermediate public key is received from the communications device in view of the first intermediate public key. Thereupon, the encrypted data is decrypted using an encryption key derived at least from the second intermediate public key.

Abstract: An intelligent system for the efficient selection and allocation of the various types of resources available in a multimedia environment. The system interrelates a combination of user input parameters with the resident hardware and software parameters of the requesting multimedia resources by grouping into common computing needs. In addition to traditionally known hardware/software parameters the system recognizes specific limitations of resources which would effect a proper multimedia presentation to the end user. The system uses an internal graph structure to interrelate the various resources as they are allocated to proved for an intelligent data flow.