Abstract: Disclosed herein are embodiments of systems, methods, and products comprise a computing device, which provides a secure data transport service (SecureX) for data packets traversing from an end user device (EUD) to a mission network over untrusted networks. The disclosed SecureX module may be software product running on the EUD and on a SecureX appliance fronting the mission network. The SecureX module on the EUD compresses the data packets by removing header fields that are constant over the same packet flow and double encrypts the data packets with different cryptographic keys. The SecureX on the EUD transmits the double compressed encrypted data packets over the untrusted network. The SecureX appliance receives the double compressed encrypted data packets, decrypts the data packets and decompresses the data packets to recreate the original data packets. The SecureX appliance transmits the original data packets to the mission network.

Abstract: A method of volume compressed header identification includes reading, by a processing device of a host, compressible data on a sector of a storage volume of a storage array. The method further includes compressing the compressible data to generate compressed data for the sector. The method further includes adding, by the processing device of the host, metadata associated with the storage volume to the compressed data. The method further includes writing the compressed data, including the added metadata, to the sector of the storage volume of the storage array.

Abstract: A method for maintaining user privacy in advertisement networks may include receiving first persona data associated with a first user from at least one publisher system. The first persona data may be generalized to form first generalized persona data. A session key may be generated. The first generalized persona data and the session key may be encrypted with a first public key of an advertisement network system to form a first ciphertext. The first ciphertext and first user identity data may be communicated to a mediator system. The first user identity data may be associated with first user's identity. A first encrypted targeted advertisement may be received based on the first generalized persona data from the advertisement network system via the mediator system. The first encrypted targeted advertisement may be decrypted with the session key to form a first targeted advertisement. A system and computer program product are also disclosed.

Abstract: A data processing method provides an improvement in speed of obtaining, in response to a computer search query from one or more computing devices, a particular compressed data chunk that may include a particular data value that is digitally stored in a large data file.

Abstract: A data processing system includes a cache system configured to transfer data stored in the memory system to a processor and to transfer data from the processor to the memory system. The cache system comprises a cache and a data encoder associated with the cache that is configured to encode uncompressed data from the cache for storing in the memory system in a compressed format, and decode compressed data from the memory system for storing in the cache in an uncompressed format.

Abstract: Disclosed herein are embodiments of systems, methods, and products comprise a computing device, which provides a secure data transport service (SecureX) for data packets traversing from an end user device (EUD) to a mission network over untrusted networks. The disclosed SecureX module may be software product running on the EUD and on a SecureX appliance fronting the mission network. The SecureX module on the EUD compresses the data packets by removing header fields that are constant over the same packet flow and double encrypts the data packets with different cryptographic keys. The SecureX on the EUD transmits the double compressed encrypted data packets over the untrusted network. The SecureX appliance receives the double compressed encrypted data packets, decrypts the data packets and decompresses the data packets to recreate the original data packets. The SecureX appliance transmits the original data packets to the mission network.

Abstract: Embodiments include methods for image compression and decompression. A sending computing device may determine a type of packing used for a chunk of image data, generate metadata describing the type of packing used for the chunk of image data, pack the chunk of image data according to the determined type of packing, and send the packed chunk of image data and the metadata to a second computing device. A receiving computing device may decode the metadata describing the type of packing used for the chunk of image data, determine the type of packing used for the chunk of image data based on the decoded metadata, and unpack the chunk of image data according to the determined type of packing used for the chunk of image data.

Abstract: The present disclosure relates to highly secure, high speed encryption methodologies suitable for applications such as media streaming, streamed virtual private network (VPN) services, large file transfers and the like. For example, encryption methodologies as described herein can provide stream ciphers for streaming data from, for example, a media service provider to a plurality of users. Certain configurations provide wire speed single use encryption. The methodologies as described herein are suited for use with blockchain (e.g. Bitcoin) technologies.

Abstract: A hybrid encryption scheme links a first public key encryption (PKE) scheme with a second PKE scheme through a true random or pseudo-random element, which is used by a sender to encapsulate a symmetrically encrypted message and its associated symmetric key to generate a pair of ciphertexts for transmission to a recipient. The recipient decrypts and decapsulates the ciphertexts, retrieves the random element, and may conduct one or more verification steps to ensure that the ciphertexts were well-formed, and to detect any re-encryption or encapsulation attacks. To encrypt a message, the message and initial random value are encrypted with a symmetric key to provide an intermediate ciphertext. The symmetric key and the encrypted message-value are each encapsulated by distinct algorithms using distinct values derived from the initial random value, such as different hashes, and public keys to provide first and second ciphertexts.

Abstract: A method for maintaining user privacy in advertisement networks may include receiving first persona data associated with a first user from at least one publisher system. The first persona data may be generalized to form first generalized persona data. A session key may be generated. The first generalized persona data and the session key may be encrypted with a first public key of an advertisement network system to form a first ciphertext. The first ciphertext and first user identity data may be communicated to a mediator system. The first user identity data may be associated with the first user's identity. A first encrypted targeted advertisement may be received based on the first generalized persona data from the advertisement network system via the mediator system. The first encrypted targeted advertisement may be decrypted with the session key to form a first targeted advertisement. A system and computer program product are also disclosed.

Abstract: A method for storing data blocks within a volume of data is disclosed. The method involves creating a frame header to identify encoding and a size of a data block, storing the frame header and the data block in the volume of data, and creating an identifying sequence to identify if a data block is encoded or unencoded and storing the data block with the identifying sequence and with a frame header if the data block is encoded and storing the data block without the identifying sequence and without a frame header if the data block is unencoded.

Abstract: Dynamic utilization of condensing metadata is enabled by condensing information being communicated to/from a mobile device. The communication exchange occurs between a mobile device and an internet service, and it involves a mobile internet service proxy. The information is condensed or compressed responsive to condensing metadata and uncondensed or uncompressed using the condensing metadata. The mobile internet service proxy may provide condensing metadata to the mobile device. This condensing metadata may be provided to the mobile device so that condensed data may be communicated at least between the mobile device and the mobile internet service proxy. In some instances, the mobile device may request that information be compressed and receive compressed information as a result. The mobile device may then utilize the condensing metadata to uncompress data provided from the internet service and/or the mobile internet service proxy.

Abstract: A data processing method provides an improvement in speed of obtaining, in response to a computer search query from one or more computing devices, a particular compressed data chunk that may include a particular data value that is digitally stored in a large data file.

Abstract: The present disclosure discloses a video encryption method comprising: acquiring image frames continuously by using an image acquisition component, and storing the image frames into a frame buffer; acquiring a time encryption sequence, and using the time encryption sequence to obtain an address encryption sequence; and reading each of the image frames in the frame buffer according to the address encryption sequence to obtain an encrypted video when the frame buffer is full. The method continuously acquires the image frames and uses the time encryption sequence to obtain the address encryption sequence, and when the frame buffer is full, each of the image frames in the frame buffer is read according to the address encryption sequence to obtain an encrypted video. In addition, the present disclosure also provides a video encryption apparatus, an image capture device, and a computer readable storage medium, which also have the above-mentioned beneficial effects.

Abstract: Compression of data for a file system utilizing protection groups can be implemented and managed. A compression management component (CMC) can control compression of data via inline or post-process compression for storage in protection groups in memory, including determining whether to compress data, determining a compression algorithm to utilize to compress data, and/or determining whether to perform inline and/or post-process compression of data. CMC can generate protection group (PG) metadata for a PG in which compressed data is stored. PG metadata can comprise a logical extent map that describes which logical blocks contain compressed data, a list of cyclic redundancy check values for logical blocks, and a list of compression chunks that store individual metadata regarding individual compressed streams, wherein, for an individual compressed stream, the individual metadata comprises a compression format, compressed size, uncompressed size, and/or starting offset in physical space within the PG.

Abstract: An aspect of the invention is directed to an imaging module including: an imaging device which converts an input optical image into image data; an encryption device which encrypts the image data by a homomorphic encryption method; and an interface which outputs encrypted image data received from the encryption device.

Abstract: A storage system receives one or more records from a host system. The records are compressed in a first compression format that is native to the host system. The storage system identifies an incompatibility between the first compression format and a first operation of the storage system. In response to the identified incompatibility, the storage system decompresses the received records. The decompression is based on the first compression format. The storage system compresses the decompressed records in a second compression format. The storage system stores the secondarily compressed records onto a storage medium.

Abstract: A method of volume compressed header identification includes reading, by a processing device of a host, compressible data on a sector of a storage volume of a storage array. The method further includes compressing the compressible data to generate compressed data for the sector. The method further includes adding, by the processing device of the host, metadata associated with the storage volume to the compressed data. The method further includes writing the compressed data, including the added metadata, to the sector of the storage volume of the storage array.

Abstract: A method of encryption management with host-side data reduction includes identifying data to be written to a storage array and compressing the data to generate compressed data. The method further includes encrypting the compressed data to generate an encrypted data packet. The method further includes adding, by a processing device of a host, a padding bit pattern to the encrypted data packet to generate a data block for storage. The method further includes sending the data block to the storage array.

Abstract: Described is a method for the mapping of reference signals. The method includes generating a reference signal sequence for two or more cells, where each cell of the two or more cells has a cell bandwidth. The method also includes determining an offset for the reference signal sequence based at least in part on the cell bandwidth of each cell. Mapping the reference signal sequence to resource elements of physical resource blocks for the cells based at least in part on the offset is included in the method. Apparatus and computer readable media are also disclosed.

Abstract: Techniques are described for generating and executing a digital safety box to provide secure communication between two computing devices. The digital safety box comprises an encryption key, and an executable code that defines a content holder and performs encryption of content stored in the content holder with the encryption key for secure communication. A receiver computing device generates the digital safety box including the executable code and the encryption key for a requesting sender computing device. The digital safety box may be one-time use and include a unique encryption key and a unique executable code. Upon receiving the digital safety box, the sender computing device executes the executable code of the digital safety box as an application that enables the sender computing device to store content in the defined content holder, encrypt the data with the encryption key, and generate a sealed digital safety box including the encrypted content.

Abstract: A virtual device for processing Web-based content to be displayed on a remote rendering device includes: a processor implemented by one or more cloud resources; and a memory, and the memory stores instructions that, when executed, cause the processor to: receive the content; detect an attribute of the remote rendering device and process the content according to the detected attribute; analyze the content to construct a render tree corresponding to the content; prepare render tree data for rendering by the remote rendering device, the render tree data corresponding to the constructed render tree; and transmit the render tree data over a communication network to the remote rendering device.

Abstract: A data processing method provides an improvement in speed of obtaining, in response to a computer search query from one or more computing devices, a particular compressed data chunk that may include a particular data value that is digitally stored in a large data file.

Abstract: A method for encryption, decryption, or encryption and decryption of data in a crypto device having at least one crypto core may include: generating a tweak value corresponding to block data, which is placed at a random position from which the encryption, decryption, or encryption and decryption starts, from among sequential block data; and/or performing the encryption, decryption, or encryption and decryption from the block data using the tweak value. A method for encryption, decryption, or encryption and decryption of block data may include: generating a tweak value corresponding to the block data at a random position; and/or performing the encryption, decryption, or encryption and decryption of the block data using the tweak value.

Abstract: Methods, devices and systems enhance compression and decompression of data values when they comprise a plurality of semantically meaningful data fields. Compression is sometimes not applied to each data value as a whole, but instead to at least one of the semantically meaningful data fields of each data value, and in isolation from the other ones. Data fields can be organized that share the same semantic meaning together to accelerate compression and decompression as multiple compressors and decompressors can be used in parallel. A system can be used where methods and devices are tailored to perform compression and decompression of the semantically meaningful data fields of floating-point numbers after first partitioning further at least one of said data fields into two or a plurality of sub-fields to increase the degree of value locality and improve compressibility of floating-point values.

Abstract: A transmission system and a transmission method are provided. The transmission system comprises a compressor, an intermediate terminal, and a decompressor. The compressor transmits an initial Internet Protocol package (IP package). The initial IP package comprised an initial forwarding table. The initial forwarding table records at least one candidate context identification (CID). The intermediate terminal receives the IP package and selects the at least one candidate CID different from an intermediate CID recorded in the intermediate terminal, so as to create an intermediate forwarding table. And, the intermediate terminal transmits an intermediate IP package. The decompressor receives the intermediate IP package. The decompressor selects the at least one candidate CID different from a decompressor CID recorded in the decompressor to be a target CID.

Abstract: An example client device includes a processor configured construct a key to be used to encrypt or decrypt data of a communication session between the client device and a server device, partition the key into a plurality of key partitions, send data representative of the key and a location of the client device to the server device, send data representative of each of the plurality of key partitions to a respective key verification server device of a plurality of key verification server devices, and after receiving an indication from the server device that the key has been verified using data representative of the key, the location of the client device, and the plurality of key partitions, encrypt or decrypt data exchanged with the server device using the key.

Abstract: Embodiments of compression and formatting of data for data storage systems are disclosed. In some embodiments, a data storage system can compress fixed sized data before storing it on a media and format obtained variable sized compressed data for storing on the media that typically has fixed size storage granularity. One or more modules compress the incoming host data and create an output stream of fixed sized storage units that contain compressed data. The storage units are stored on the media. Capacity, reliability, and performance are thereby increased.

Abstract: An object is to solve all of the following problems caused when a volatile register and a non-volatile register are used as registers in a processor: degradation of the integrity of data stored in the non-volatile register; loss of data security due to the processor and a non-volatile memory device that are provided apart from each other; and slow data processing speed due to wiring delay or the like caused by these devices provided apart from each other. When data maintained in the volatile register is stored in the non-volatile register before supply of power supply voltage is stopped, the data is encrypted by an encryption circuit and stored in a non-volatile memory device that is provided separately from the processor. Then, the data stored in the non-volatile register is compared with the compressed and encrypted data stored in the non-volatile memory device.

Abstract: A more secure TCP/IP protocol stack is provided having an enhanced transport layer. Encryption and decryption logic is arranged on the transmission side and on the reception side for processing a payload of a transport layer protocol, such as TCP or UDP. By employing this enhanced transport layer, a cryptograph process communication can be realized by dissolving various kinds of restrictions which a conventional IPsec or SSL possesses without affecting upper layer processing, and, at the same time, maintaining compatibility with the IP layer.

Abstract: A secure demand paging system includes a processor operable for executing instructions, an internal memory for a first page in a first virtual machine context, an external memory for a second page in a second virtual machine context, and a security circuit coupled to the processor and to the internal memory for maintaining the first page secure in the internal memory.

Abstract: Methods and systems for multi-dimensional run-length encoding of data are provided. In one embodiment, a method for multi-dimensional run-length encoding of an unprocessed data file is provided. The method includes obtaining an admission key and determining a traversal path within a virtual multi-dimensional shape based on the admission key. The method also includes transforming unprocessed data of the unprocessed data file into a plurality of compressed data segments. Also, the method includes plotting the plurality of compressed data segments onto a plurality of data points along the traversal path to obtain a plurality of secured data segments. Further, the method includes generically sorting the plurality of secured data segments to obtain a plurality of generically sorted data segments, and writing the plurality of generically sorted data segments into a processed data file.

Abstract: Methods and systems are provided for securely authenticating data of an integrated circuit. By authenticating data having keystream blocks inserted between ciphertext portions, it becomes more difficult to mount successful authentication-based attacks.

Abstract: The invention consists of a new registration and authentication protocol for between a Mobile Node and a Home Agent. The new protocol uses a novel messaging sequence to request registration, authentication and authorization of the Mobile Node when it is located on a foreign network, and the novel protocol will avoid some of the standard registration and authentication protocol messages in order to eliminate the problems associated with re-transmission errors.

Abstract: Embodiments of compression and formatting of data for data storage systems are disclosed. In some embodiments, a data storage system can compress fixed sized data before storing it on a media and format obtained variable sized compressed data for storing on the media that typically has fixed size storage granularity. One or more modules compress the incoming host data and create an output stream of fixed sized storage units that contain compressed data. The storage units are stored on the media. Capacity, reliability, and performance are thereby increased.

Abstract: Processing for generating a plurality of pieces of distributed data from original data or processing for restoring original data from a plurality of pieces of distributed data is performed safely and quickly. A distribution and restoration apparatus 200 generates a plurality of pieces of distributed data SD1 to SD3 by dividing original data OD into a plurality of divided blocks DB1 to DB16 and performing an operation of exclusive OR using divided blocks of different combinations. A combination including divided blocks used in common in a plurality of pieces of distributed data and a combination including divided blocks used only in specific distributed data are present in combinations of divided blocks in each piece of distributed data. Therefore, the distribution and restoration apparatus 200 can generate a plurality of pieces of safe distributed data having high information entropy at high speed.

Abstract: A method of operating an integrated circuit that includes a plurality of registers may include receiving a sleep mode request for the integrated circuit. The sleep mode request may be a control signal received with control circuitry on the integrated circuit. The plurality of registers may be configured to operate as a scan chain when the sleep mode request is received. Integrated circuit state information that are stored in the plurality of registers may be retrieved by operating the scan chain and stored in a memory module. The integrated circuit may be placed in a sleep mode. Placing the integrated circuit in the sleep mode may reduce power consumption of the integrated circuit.

Abstract: The present invention relates to a technique which provides a function of compressed encryption large pieces of plaintext information in a single ciphertext in order to improve a space efficiency of the encryption data which occupies most of a storage space to design an efficient SHE technique which is a base of the FHE technique design. More specifically, the present invention relates to a technique which is designed to improve a structure in which only one bit is encrypted/decrypted in the technique of the prior art to encrypt/decrypt multiple bit information to improve the space efficiency for storing a ciphertext.

Abstract: Various embodiments of the invention achieve optimal data security by adding a security layer to data at the point of generation. Some embodiments add a security feature to data that controls or configures a device at a physical interface.

Abstract: Embodiments of multiple stream compression and formatting of data for data storage systems are disclosed. In some embodiments, a data storage system can compress multiple streams of fixed sized host data before storing it on a media and format obtained variable sized compressed data for storing on the media that typically has fixed size storage granularity. One or more modules compress the incoming host data and create multiple output streams of fixed sized storage units that contain compressed data. The storage units are stored on the media. Capacity, reliability, and performance are thereby increased.

Abstract: Systems and methods for processing encoded messages within a wireless communications system are disclosed. A server within the wireless communications system determines whether the size of an encoded message is too large for a wireless communications device. If the message is too large, the server removes part of the message and sends an abbreviated message to the wireless device, together with additional information relating to processing of the encoded message, such as, for example, hash context values, that assist the wireless communications device in verifying the abbreviated message.

Abstract: In a wireless transmission system that transmits and receives a modulated signal between a transmitter and a receiver that are coupled through a wireless transmission path, the transmitter includes a spectrum division filter bank dividing the modulated signal and generating a plurality of sub-spectrum signals each of which is arranged at a predetermined frequency position, and subjects the plurality of sub-spectrum signals arranged in spectra to a direct spectrum division transmission, and the receiver includes a spectrum combination filter bank extracting the plurality of sub-spectrum signals from the received signals arranged in spectra and subjected to the direct spectrum division transmission to combine the sub-spectrum signals into an original modulated signal.

Abstract: An information processing apparatus includes: an acquisition target content determination unit that determines an acquisition target content item which is a target acquired by a content acquisition unit among related content items related to a reference content item, on the basis of processing performance of the content acquisition unit which acquires various content items via a communication network and can communicate with a content presentation control unit which performs a control so as to present the reference content item; and an acquisition processing unit that causes the content acquisition unit to acquire the acquisition target content item.

Abstract: In a MBMS system, a base station generates a data control task and a first header control task and second header control task corresponding to each terminal device for a MBMS function module. Each header control task synchronizes a compression state with an associated terminal device and transmits only header information to the terminal device, and the data control task distributes content information to the terminal device separately from header information.

Abstract: A method, system and computer program product are disclosed for compressing encrypted data, wherein the data is encrypted by using a block encryption algorithm in a chained mode of operation, and the encrypted data is comprised of a set of N encrypted blocks, C1 . . . CN. In one embodiment, the method comprises leaving block CN uncompressed, and compressing all of the blocks C1 . . . CN in a defined sequence using a Slepian-Wolf code. In an embodiment, the data is encrypted using an encryption key K, and the compressing includes compressing all of the blocks C1 . . . CN without using the encryption key. In one embodiment, the compressing includes outputting the blocks C1 . . . CN as a set of compressed blocks CmprC1 . . . CmprCN-1, and the method further comprises decrypting CN to generate a reconstructed block {tilde over (X)}n, and decrypting and decompressing the set of compressed blocks using {tilde over (X)}n.

Abstract: According to one embodiment, a decompressing apparatus includes an input unit, a calculating unit, a first selecting unit, and a decompressing unit. The input unit inputs additional data, which is obtained based on trace expression data in which an element in a subgroup of a multiplicative group of a finite field is trace-expressed and affine expression data in which the trace expression data is affine-expressed, and the trace expression data. The calculating unit calculates a plurality of solutions of simultaneous equations derived by the trace expression data. The first selecting unit selects any of a plurality of items of affine expression data in which the element is affine-expressed based on the additional data, the affine expression data being found from the solutions. The decompressing unit decompresses the selected affine expression data to the element.

Abstract: Encryption techniques for securing data in a data cache are generally disclosed. Example methods may include one or more of reading the cache to identify data, determining whether the data is encrypted to identify previously unencrypted data and/or previously encrypted data, and encrypting selectively at least a portion of the previously unencrypted data. The present disclosure also generally relates to a computer system data processor configured to read a cache to identify data, determine whether the read data is encrypted, and encrypt selectively at least a portion of the previously unencrypted data. The present disclosure also generally relates to computer accessible mediums containing computer-executable instructions for data encryption upon execution of the instructions by a data processor. The instructions may configure the data processor to perform procedures that read the cache to identify data, determine whether the data is encrypted, and selectively encrypt data determined as unencrypted.

Abstract: There is realized a data conversion device that performs generation of a hash value with improved analysis resistance and a high degree of safety. There are provided a stirring processing section performing a data stirring process on input data; and a compression processing section performing a data compression process on input data including data segments which are divisions of message data, the message data being a target of a data conversion. Part of multi-stage compression subsections is configured to perform a data compression process based on both of output of the stirring processing section and the data segments in the message data. There is provided such a configuration that the stirring process is executed at least on fixed timing of a compression processing round of plural rounds and thus, there is realized a data conversion device that performs generation of a hash value with improved analysis resistance and a high degree of safety.

Abstract: A method begins with a processing module obtaining data to store and determining whether substantially similar data to the data is stored. When the substantially similar data is not stored, the method continues with the processing module generating a first encryption key based on the data, encoding the first encryption key into encoded data slices in accordance with an error coding dispersal storage function, and storing the encoded data slices in a dispersed storage network (DSN) memory. The method continues with the processing module encrypting the data using an encryption key of the substantially similar data in accordance with an encryption function to produce encrypted data, compressing the encrypted data in accordance with a compression function to produce compressed data, storing the compressed data when the substantially similar data is stored.

Abstract: Methods and apparatus involve two keys to decode data that are generated during original encoding of the data. The keys are stored on computing devices separate from one another, and the encrypted data, which maintains security until such time as the original data requires decoding. Because the keys can be relatively large, its stored form may have padding bits to align with the file form of the encoded data. Representative keys include a dictionary corresponding to symbols representing the data and a weighted path decoder that correlates the symbols of the dictionary to underlying original bits. A “fast approximation” of compression of current data involves using information obtained from an earlier compression of similar data. Creating the two keys for the original data can also include creating a master key for decoding a plurality of later-encoded files. A second key also works in conjunction with the master key during decoding.