Abstract: In various embodiments, systems and methods for generating attested video image data are provided. In some embodiments, an ISP pipeline incorporates a secure cryptographic signing mechanism to digitally sign content-based outputs in a way that attests to the authenticity of the process by which the content was processed before output from the camera. The ISP pipeline may include a hardware security module that inputs video image data from an image sensor, and generates an attestation package that includes attestations about the video content, in combination with an attestation of how it was produced, and signs those attestations together using a key to produce an output comprising attested media data. The ISP pipeline may apply supplemental attestations to the attestation package representing facts associated with the video content that evidence the authenticity. The digital signature applied to the attestation package may use a zero-knowledge proof to describe the signing key.

Abstract: An electro-optical modulating device and method that provides efficient control of the nonlinear propagation constant in an optical waveguide are featured. The electro-optical modulating device provides large wavelength tunability of the generated entangled photon pairs in real-time by using an applied external bias voltage. The electro-optical modulating device uses gate-tunable material at locations near the optical waveguide. The application of an external bias voltage creates a variable field-effect which in turn varies the optical dielectric properties of the waveguide. The result is a compact active, highly efficient wavelength-tunable integrated quantum photonic device for tunable entangled photon pair generation using an external bias voltage.

Abstract: Aspects of a storage device are provided that perform partial decryption of host encrypted data and encryption of host provided data using received or generated keys for data targeted for compute services. The storage device may include a non-volatile memory and a controller. The controller may receive encrypted data, receive a key associated with a portion of the encrypted data, and decrypt the portion of the encrypted data based on the key without decrypting a remainder of the encrypted data. The controller may also receive data, receive or generate a key associated with a portion of the data, encrypt the portion of the data based on the key without encrypting a remainder of the data based on the key, and store the encrypted portion of the data in the non-volatile memory for subsequent decryption. As a result, a balance between encrypted data storage and decrypted data security may be achieved.

Abstract: In some implementations, a first network device may communicate, with a second network device, one or more internet key exchange (IKE) messages to exchange a first identifier associated with the first network device and a second identifier associated with the second network device, and to indicate that a post-quantum preshared key (PPK) is to be used as a shared key for an IKE security association (SA) between the first network device and the second network device. The first network device may obtain, from a key management entity (KME), a quantum key based on providing the second identifier to the KME, wherein the PPK is based on the quantum key. The first network device may communicate, with the second network device, one or more IKE authentication messages to exchange a third identifier associated with the quantum key and to confirm that the second network device successfully obtained the PPK.

Abstract: A method for secure pairing between a sensor and a concentrator using a mobile terminal includes generating and emitting a confirmation code by the concentrator; converting by the sensor of the confirmation code into a sequence of light signals executed by at least one light-emitting diode; converting by the mobile terminal of the sequence of light signals into a sequence code; sending the sequence code to the concentrator; comparing, by the concentrator, the sequence code and the generated confirmation code: if the sequence code does not match the generated confirmation code, generating a warning; if the sequence code matches the generated confirmation code, pairing and exchanging information between the sensor and the concentrator.

Abstract: Aspects of the disclosure provide various methods relating to enclaves. For instance, a method of authentication for an enclave entity with a second entity may include receiving, by one or more processors of a host computing device of the enclave entity, a request and an assertion of identity for the second entity, the assertion including identity information for the second identity; using an assertion verifier of the enclave entity to determine whether the assertion is valid; when the assertion is valid, extracting the identity information; authenticating the second entity using an access control list for the enclave entity to determine whether the identity information meets expectations of the access control list; when the identity information meets the expectations of the access control list, completing the request.

Abstract: A method for encryption and decryption of files or email messages text, is disclosed that involves loading a p-text file for encryption into a computing device, determining if total bit number of said file is divisible by six and adding any necessary bits to result in bit number divisible by six, combining the bit sequence with a matching number of pad bits using an XOR additive cipher resulting in a modified file, converting said modified file to C-text, six bits a time, using a conversion table, rearranging the c text sequence using Prime Set Permutation. inserting a PSP lock character into the sequence, inserting pad pointer sequence characters into said sequence and displaying the file name saved.

Abstract: Disclosed are a service server capable of performing Internet access management services according to grades and the operating method thereof, which when a request for permission to access a web page is received from a client terminal, confirm an access authority degree set in the client terminal based on unique identification information of the client terminal, determine whether the client terminal is a terminal having an authority capable of accessing the web page based on access authority degree, and control whether the client terminal accesses the web page based on a determination result.

Abstract: Herein is disclosed a method of verifying the completeness and authenticity of instant messages sent from a first instant messaging application of a sender to a second instant messaging application of a recipient, the instant messages each having a sender's address and a user-accessible field for receiving content. The content of the user-accessible field is visible to the recipient upon opening the instant message in the second instant messaging application. The method includes the steps of identifying the receiver for an instant message to be sent by the sender, generating a current sequence marker for the receiver, inserting the current sequence marker into the user-accessible field of the instant message, and then sending the message. The current sequence marker represents a next sequence identifier in a sequence of instant messages between the sender and the receiver.

Abstract: Herein is disclosed a method of verifying the authenticity of text messages sent from a sender to a recipient. The text messages each having a sender's address and a user-accessible field for receiving content. The content of the user-accessible field is visible to the recipient upon opening the text message in the second text message application. The method includes the steps of identifying the receiver for a message to be sent by the sender, generating a current sequence marker for the receiver, inserting the current sequence marker into the user-accessible filed of the text message, and then s ending the message. The current sequence marker represents a next sequence identifier in a sequence of text messages between the sender and the receiver.

Abstract: Systems and methods for automatically disseminating a private key are presented. A first message requesting a key proxy instance is received from a first user device. The first message comprises a first symmetric key. A key proxy server is directed to allocate a key proxy instance for communication with the first user device based on a device public key that corresponds to the first user device. A unique URL corresponding to the key proxy instance is received from the key proxy server. A second message comprising the unique URL is sent to the first user device. The second message is encrypted using the first symmetric key and signed using a server private key. A third message comprising the URL of the key proxy instance is received from the first user device and forwarded to a second user device.

Abstract: A system and method of securely controlling a device from another device. The user of the device attempts to modify the device in some way. In response to the attempted modification a request is generated and sent to a controlling device. The request includes information related to the desired modification. The controlling device analyzes the request and a determination on how to respond to the request is made. This response is encrypted at the controlling device and transmitted to the device. The device then decrypts the response and implements the indicated response to the request. The encryption and decryption keys are burned into the corresponding devices such that information needed to decrypt the response is not transmitted to the device.

Abstract: A key broker monitors network traffic metadata and determines which decryption keys are required at one or more packet brokers in order to decrypt relevant traffic required by various network monitoring devices. The key broker retrieves the required keys from a secure keystore distributes them, as needed, to the network packet brokers, and dynamically updates the decryption keys stored in the network packet brokers in response to changes in network traffic.

Abstract: A system for protecting electronic information when stored ‘at rest’ in which the information is first encrypted into ciphertext and whereby the ciphertext is divided into two or more parts (fragments). The two or more fragments are stored in two or more completely independent computer networks and the encryption key used to encrypt the electronic information is stored in one of the independent computer networks and is not shared with any other independent network. A second encryption key, generated and managed within the same independent computer network as the first encryption key, is shared with authorized accessors of the electronic information and is used to encrypt a wrapper which contains one of the ciphertext fragments corresponding to the electronic information and the resulting ciphertext is itself divided into two or more fragments for the purpose of transporting the enveloped ciphertext fragment to the one or more other independent networks.

Abstract: A system and method for a federated deep learning platform utilizing homomorphically-compressed and encrypted data. The system comprises multiple client devices, each with a local dataset, and a central server hosting a deep learning core. Client devices convert local data into codewords, which are also homomorphically encrypted. The central server processes these encrypted codewords without decryption, preserving data privacy. The platform supports at least two architectural variants: a conventional Transformer trained on codewords, and a Latent Transformer operating on latent space vectors. Both variants eliminate the need for embedding and positional encoding layers. The system aggregates encrypted model updates from clients, enabling collaborative learning while maintaining data confidentiality. Additional features comprise differential privacy implementation and adaptive federated optimization techniques.

Abstract: Aspects of the present disclosure may address cryptographic methods and systems using redundant encryption and re-keying to provide security in a post-quantum computing environment. A trusted server may initially establish encrypted communications with users, using symmetric key matrices established with the users. The trusted server may be used to establish symmetric key matrices between users and to assist in the users in establishing communications. All of the symmetric keys in a given symmetric key matrix may be used to encrypt plaintext for transmission. Re-keying may be used to generate new symmetric key matrices on a periodic basis or upon initiation by a node or based on a selected secrecy mode. Establishment of symmetric key matrices and re-keying may involve the use of post-quantum key encapsulation mechanisms.

Abstract: A key management system is disclosed, including: a control node; multiple computing nodes, all the multiple computing nodes are connected to the control node; and multiple Quantum Key Distribution (QKD) nodes, all the multiple QKD nodes are connected to the control node, and each QKD node is connected to one of the computing nodes, where each QKD node is configured to generate a root key, generate Key Encryption Keys (KEKs) between the QKD node and a plurality of other QKD nodes according to a first instruction sent by the control node, and generate, according to a second instruction sent by the control node, a Data Encryption Key (DEK) corresponding to a user on the computing node connected to the QKD node.

Abstract: One or more computing devices, systems, and/or methods are provided. In an example, a system includes a first non-quantum-resistant (NQR) device configured to generate first data and a first quantum capable proxy server configured to receive the first data, encrypt the first data using a quantum resistant (QR) protocol to generate first QR data, and communicate the first QR data to a first target device using a first QR channel. In an example, a method includes generating first data by a first non-quantum-resistant (NQR) device, communicating the first data, by the first NQR device, to a first quantum capable proxy server, encrypting the first data, by the quantum capable proxy server, using a quantum resistant (QR) protocol to generate first QR data, and communicating, by the quantum capable proxy server, the first QR data to a first target device using a first QR channel.

Abstract: A system includes at least one processor and at least one memory communicatively coupled to the at least one processor. The at least one processor is configured to receive a plurality of doubly-encrypted secret parts that were encrypted using at least a public key belonging to a public/private keypair. The at least one processor is also configured to decrypt each of the plurality of doubly-encrypted secret parts into a corresponding singly-encrypted secret part using a private key belonging to the public/private keypair. The at least one processor is also configured to decrypt each corresponding singly-encrypted secret part into a corresponding secret part. A secret is reconstructed from a quantity of corresponding secret parts that is a subset of a total number of secret parts. The public key, the private key, or both are rotated by creating a new version of the public key, the private key, or both.

Abstract: Systems and methods that may be used to provide policies and protocols for blocking decryption capabilities in symmetric key encryption using a unique protocol in which key derivation may include injecting a random string into each key derivation. For example, a policy may be assigned to each client device indicating whether the client device has been assigned encryption only permission or full access permission to both encrypt and decrypt data. The disclosed protocol prevents client devices with encryption only permission from obtaining keys for decryption.

Abstract: Method, computer program product, and computer system are provided. Program queries for an indicator of dependency between a usage domain and a control domain in a virtual machine (VM) configuration having a cryptographic AP adapter. The VM and the cryptographic AP adapter are both installed on a hardware server. Program sets an internal bitmap based on a result and generates one or more sets of AP commands, based on the setting of the internal bitmap. The sets of AP commands are directed to an adjunct processor (AP) message queue on a cryptographic AP in the VM configuration. Program enqueues the one or more sets of program instructions to the VM having an identifier corresponding to an offset in the program internal bitmap. Program receives status at completion of the one or more sets of AP commands from the VM having the cryptographic AP in the VM configuration.

Abstract: A secondary fragment of an encryption key is received. The secondary fragment is associated with an authentication process of a user. The secondary fragment is one of a plurality of secondary fragments of the encryption key. The user is authenticated (e.g., by validating a username/password). The encryption key is regenerated using the secondary fragment and a primary fragment of the encryption key. In response to regenerating the encryption key using the secondary fragment and the primary fragment, and authenticating the user: access is granted, to the user, by unencrypting an encrypted data record using the regenerated encryption key.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for mobile quantum key distribution (MQKD). An example method includes establishing a first connection between a MQKD device and a first device. The example method further includes generating a pair of entangled particles and injecting quantum data that is based on a first particle of the pair of entangled particles into the first device. The example method further includes establishing a second connection between the MQKD device and a host device and injecting quantum data that is based on a second particle of the pair of entangled particles into the host device to facilitate secure communication between the host device and the first device based at least on the pair of entangled particles.

Abstract: A computer-implemented method for providing cryptographic services, including providing key pairs. A key management service receives a web service application programming interface or other such request to generate a key pair. To respond to the request, the key management service obtains a pregenerated key pair that is securely stored and provides the key pair in response to the request.

Abstract: Techniques for zero-trust cloud deployment are described herein. In accordance with various embodiments, a device including a processor and a non-transitory memory derives a key from deployment metadata of a virtual machine, where the deployment metadata change with each deployment of the virtual machine. The device then encrypts secrets using the key to bind the key to the virtual machine. The device further deploys the virtual machine in a cloud using the deployment metadata, including loading the encrypted secrets to the deployed virtual machine in the cloud.

Abstract: Methods and systems for consensus-based online authentication are provided. An encryption device may be authenticated based on an authentication cryptogram generated by the encryption device. The encryption device may transmit a request for security assessment to one or more support devices. The support devices may individually assess the encryption device, other security devices, and contextual information. The support devices may choose to participate in a multi-party computation with the encryption device based on the security assessments. Support devices that choose to participate may transmit one or more secret shares or partial computations to the encryption device. The encryption device may use the secret shares or partial computations to generate an authentication cryptogram. The authentication cryptogram may be transmitted to a decryption device, which may decrypt the authentication cryptogram, evaluate its contents, and authenticate the encryption device based on its contents.

Abstract: A server device is provided for authenticating client devices on a communication network. The server device includes a transceiver configured for operable communication with at least one client of the communication network, and a processor including a memory configured to store computer-executable instructions. When executed by the processor, the instructions cause the server device to receive an authentication request from a client device, generate a seed for a first key for the client device if the client device authenticates, transmit the seed for the first key to the client device, receive a hash of the first key from the client device, and validate the first key based on the hash of the first key.

Abstract: Disclosed is a method of establishing secure communications between nodes in a cloud environment. The method includes receiving a log-in of a first user, receiving a log-in of a second user and presenting to the first user one or more options to use a secure inter-user communication security service leveraging quantum teleportation in order to communication with the second user, wherein the secure inter-user communication security service optionally uses a quantum EPR processor (QEP). The one or more options include applying the secure inter-user communication security service using QEP to generate EPR Bell state pairs and applying security via quantum teleportation for communications between the first user and the second user and applying the secure inter-user communication security service to securely control communication between a first container associated with the first user and a second container associated with the second user and associated daemons leveraging the QEP.

Abstract: Qwyit® Authentication and Encryption Service serves as a direct replacement of Transport Layer Security. Applications can place a small code segment within their communications protocol, resulting in authenticated and encrypted message traffic with the features of TLS while adding additional improvements as set forth herein. QAES provides a direct next generation replication and enhancement of the current, only global secure communications framework. QAES provides the same features, benefits, authentication (embedded) and data security (stream cipher) for communications traffic using the Qwyit® Directory Service key store. The combination of features and properties provide a simple, straightforward way for any application to incorporate secure communications. The unique, superior Qwyit® protocol delivers where TLS fails: embedded security without any need for additional bandwidth, processing power or cumbersome user requirements.

Abstract: A system and method that authenticates and secures communications between a wireless client device and a remote network component. The system includes a gateway component that establishes a secure communications channel with the remote network component. A client device application, corresponding to the wireless client device, receives local authentication credentials from the gateway component. The client device application uses the local authentication credentials to authenticate to the remote network component. The client device application then requests an exclusive local key from the remote network component, which transmits the exclusive local key to the gateway component, which then transmits the exclusive local key to the client device application. The client device application, having the exclusive local key, requests and receives cryptographic material from the remote network component.

Abstract: Methods for seamlessly onboarding commonly owned wireless local area network (WLAN) enabled devices to a wireless network are provided. Generally, the method includes exchanging an UID, encryption algorithm and key between the devices to form a common-onboarding-group (COG), manually provisioning credentials to onboard a first device of the COG, and automatically provisioning credentials to onboard a second device. In one embodiment, the first device registers with the network the UID and an encrypted-connection-profile encrypted using the algorithm, the network responds to a probe from the second device with the UID and encrypted-connection-profile, and the second device decrypts the encrypted-connection-profile using the secret key and joins the network. In another embodiment, the first device monitors the network and responds to a probe from the second device with the UID and encrypted-connection-profile.

Abstract: A network is described. The network is a peer-to-peer network of nodes. The nodes maintain a distributed ledger. The distributed ledger includes a list of transactions. The list of transactions includes various transactions for maintaining a decentralized root store between the nodes. The decentralized root store includes a list of certificate authorities which are trusted by the nodes in the network. The root certificates may be retrieved from the distributed ledger, validated, and then used to access the certificate authorities.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for facilitating on-demand delivery of unknown qubits. An example method includes determining a first quantum basis pattern. The example method further includes encoding, by encoding circuitry, a set of bits utilizing the first quantum basis pattern to generate a set of qubits and transmitting, by quantum communications circuitry, the set of qubits over a quantum line, for example, a polarization maintaining optical fiber, to a remote device, wherein the set of qubits is configured for measurement by an independently determined, second quantum basis pattern, resulting in a second set of bits different than the first set of bits.

Abstract: A data encryption, decryption, and storage method includes: receiving a first query request to retrieve a production data; obtaining a constructed data and encrypting the constructed data using the production data to obtain an encrypted constructed data where the encrypted constructed data is generated without including metadata specifying an access list specifying one or more users and types of users that are able to access the encrypted constructed data; and generating decryption instructions using the production data and storing the decryption instructions with the encrypted constructed data.

Abstract: Systems and methods for a dynamic encryption model in which dynamic encryption keys are associated with an access token having an expiration time. The access token is generated for a user session of a user application seeking to make API calls to a service provider system. When the access token expires, or becomes otherwise invalid, the dynamic encryption keys are discarded, and any further API calls are made using an updated access token and updated dynamic encryption keys. The dynamic encryption keys are used to encrypt specially designated fields of API calls and/or API call results.

Abstract: Disclosed are a method and an apparatus for implementing privacy amplification in quantum key distribution. Participants of the quantum key distribution include a first participant and a second participant, which share a first key pool including at least one key. The method is executed on a terminal of either of the first and second participants, and includes: acquiring an auxiliary string to be used in current privacy amplification processing, wherein the auxiliary string is determined based on a seed key determined from the first key pool and a first Hash function agreed with the other participant; acquiring, in a stream way, at least one first bit in a first key subjected to information reconciliation; and performing a preset inter-bit operation between the at least one first bit and bits at corresponding positions in the auxiliary string to obtain at least one second bit for forming a privacy-amplified second key.

Abstract: The present invention relates to a method and system of cybersecurity; and particularly relates to an encryption method and system on the basis of cognitive computing for xenomorphic cryptography or unusual form of cryptography; said method comprises generating a Functional Neural Network or KeyNode (KN) of the system by programming a chain of multiple nodes also called Artificial Mirror Neurons (AMN) based on captured information of reaction time and emotional response to a simple task; racing the nodes in the Functional Neural Network or KeyNode (KN) as an encryption device or cipher for the time of use; generating a password at the time of use based on the sum of intrinsic values of the nodes in the racing network at this time and adopting the generated password for authentication.

Abstract: A system and method for determining a secret crypto-graphic key shared between a sending unit and a receiving unit for secure communication includes obtaining, by the sending unit, a random bit sequence, and transmitting, at the sending unit, a first sequence of electromagnetic pulses to the receiving unit via a communication channel, wherein each electro-magnetic pulse of the first sequence of electromagnetic pulses corresponds to a bit of the random bit sequence according to a ciphering protocol, the signal loss is determined in the communication channel caused by an eavesdropper, and an information advantage is estimated over the eavesdropper based on the determined signal loss. Privacy amplification is performed based on the estimated information advantage in order to establish a shared secret crypto-graphic key.

Abstract: A vehicle system includes: a reprogramming slave device that is an electronic control unit (hereinafter, referred to as ECU) to be a target of updating an update file of a program stored among a plurality of the ECUs; a reprogramming master device that transmits the update file to the reprogramming slave device in response to a request from a terminal operable by a vehicle user to control updating of the program stored in the reprogramming slave device; and a determination unit that determines traveling propriety of a vehicle when the update file is rewritten in the reprogramming slave device. The vehicle device functions as the reprogramming master device, and includes: an obtaining unit that obtains the traveling propriety determined by the determination unit; and a notification command unit that commands a notification medium to notify information of the traveling propriety obtained by the obtaining unit.

Abstract: A method of rotating a set of keys, having a media encryption key (MEK) and a current media encryption key encryption key (MEKEK) encrypted and stored in a self-encrypting drive (SED) having data encrypted with the MEK (MEK(data)), includes decrypting the stored MEK and the current MEKEK. A new MEK (MEK?) and a new MEKEK (MEKEK?) are generated. The MEKEK? is encrypted to replace the current encrypted MEKEK. A concatenation of the MEK and the MEK? is encrypted with MEKEK?. The encrypted data MEK(data) is re-encrypted with MEK?.

Abstract: A plurality of public encryption keys are distributed to a plurality of participants in a federated learning system, and a first plurality of responses is received from the plurality of participants, where each respective response of the first plurality of responses was generated based on training data local to a respective participant of the plurality of participants and is encrypted using a respective public encryption key of the plurality of public encryption keys. A first aggregation vector is generated based on the first plurality of responses, and a first private encryption key is retrieved using the first aggregation vector. An aggregated model is then generated based on the first private encryption key and the first plurality of responses.

Abstract: A device, having executed a single sign-on operation, may maintain a private device key in volatile memory. A client application may request an authentication artifact as part of obtaining authentication credentials for the device. Responsive to the request, an artifact may be signed with the private device key to generate the requested authentication artifact. The single sign-on operation may be authenticated using an authentication device and a wrap key generated and applied by a secure cryptographic processor using an identifier based on an attestation certificate obtained from the authentication device after successful authentication. The wrap key may be used to decrypt the private device key stored on a persistent device storage.

Abstract: A method of organizing an end-to-end encrypted online meeting for a group of members including a creator. The method includes: maintaining, by each member in the online meeting including the creator, a group tree from which is derivable a group key required for communication between members in the online meeting; accessing, by the creator, a key package associated with a member of the group; adding to the online meeting, by the creator and based on the key package, the member associated with the key package; updating, by the creator, the group tree maintained by the creator; generating, by the creator and based on the updated group tree, one or more encrypted secret keys required for deriving the group key; and transmitting, by the creator and via a server, the updated group tree and the one or more encrypted secret keys to each other member in the online meeting.

Abstract: In order to provide an information matching system achieving an information matching scheme that takes a lower cost and uses secure biometric information, the information matching system includes a concealment apparatus, a decryption apparatus, and a similarity calculating apparatus. The concealment apparatus transmits, to the similarity calculating apparatus, concealed information including information concealing obtained matching information by linear conversion using random numbers. The similarity calculating apparatus calculates, from obtained one or more pieces of registration information and the concealed information received from the concealment apparatus, a concealed similarity which is a value concealing a similarity between the matching information and the registration information, and to transmit the calculated concealed similarity to the decryption apparatus.

Abstract: A system and method for determining a secret cryptographic key shared between a sending unit and a receiving unit by using a communication channel comprising spatially separated amplifiers for secure long-distance communication includes transmitting a sequence of electromagnetic pulses via the communication channel through the amplifiers for establishing a shared secret cryptographic key, wherein each electromagnetic pulse corresponds to a bit of a random bit sequence according to a ciphering protocol, and at least one ciphering parameter is determined by maximizing the expected key generation rate using an information theory model, wherein a measured signal loss and at least one amplification parameter are taken into account as input parameters to the information theory model.

Abstract: Aspects of the disclosure relate to a system and method for securely authenticating a device via token(s) and/or verification computing device(s). A verification computing device may generate a pseudorandom number or sequence. Based on the pseudorandom number or sequence, the verification computing device may select a first plurality of parameters associated with a user of a device to be authenticated. The verification computing device may transmit, to the device, the pseudorandom number or sequence, and the device may select a second plurality of parameters. The device may generate a token based on the second plurality of parameters. The device may send the token to another device, and the other device may send the token to the verification computing device. The verification computing device may authenticate the device based on the token.

Abstract: According to an example aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to process a time series of location information elements, indicating a series of past locations of the apparatus, for input to an input layer of an artificial neural network, provide the processed time series of location information elements to the input layer of the artificial neural network, to obtain as output of the artificial neural network a predicted current location of the apparatus, and provide the predicted current location of the apparatus to a network entity as a current location of the apparatus.

Abstract: Encrypting a document, including: generating first and second nonces; combining the first and second nonces to generate a secret key that is deterministically defined by the first and second nonces; encrypting the document using the secret key to produce an encrypted document; delivering the first nonce to a license manager; and delivering the second nonce to a rights manager.

Abstract: In one example an apparatus comprises a computer readable memory, an XMSS verification manager logic to manage XMSS verification functions, a one-time signature and public key generator logic, a chain function logic to implement chain function algorithms, a low latency SHA3 hardware engine, and a register bank communicatively coupled to the XMSS verification manager logic. Other examples may be described.

Abstract: The present disclosure provides an anti-malicious method, device and medium for secure three-party computation, and relates to the field of data security. The method includes the following: Respective private data matrices of three participants are determined; each participant receives a corresponding random matrix pair generated by a commodity server node; and based on the random matrix pair, a corresponding internal matrix is generated in a computational process of the three participants, and corresponding security constraints are separately added to a computational process in which a collusion behavior exists and no collusion behavior exists. The security constraints implement a constraint on a rank of an internal matrix, so that any participant in the computational process cannot predict private data matrices of another two participants. The present disclosure can improve data security of the secure three-party computation.