Abstract: An apparatus for enhancing secret key rate exchange over quantum channel in QKD systems includes an emitter system with a quantum emitter and a receiver system with a quantum receiver, wherein both systems are connected by a quantum channel and a service communication channel. User interfaces within the systems allow to define a first quantum channel loss budget based on the distance to be covered between the quantum emitter and the quantum receiver and the infrastructure properties of the quantum channel as well as a second quantum channel loss budget associated to the loss within the realm of the emitter system. The emitter system is adapted to define the optimal mean number of photons of coherent states to be emitted based on the first and the second quantum channel loss budgets.

Abstract: Example of secure monitoring of modular applications and associated edge devices are described herein. In an example, an accreditation request is initiated to accredit at least one of a modular application and an edge device hosting the modular application. The edge device may a device coupling an IoT device to a cloud server. Based on initiating, accreditation information corresponding to at least one of the modular application and the edge device may be received. The accreditation information are generated by a hardware encryption device associated with the edge device. Further, an accreditation status of the modular application may be monitored during execution of the modular application to ascertain whether the modular application and the edge device have been tampered. In case tampering is detected, a remedial action to address the tampering may be performed.

Abstract: Methods and apparatus for controlling access to and/or forwarding of communicated information, e.g. traffic, in a wireless communication system are described. The key, e.g., PSK, used to secure data that is transmitted to an access point for communication to a destination device is taken into consideration when deciding whether or not to provide the destination device access to the communicated content. The decision of whether or not to provide the destination device access to a communication may involve deciding whether or not to forward the received data to another device, e.g., another access point, for delivery to the destination device and/or may involve deciding whether or not to transmit the data to the destination device. If the destination device is not associated with, e.g., does not have access to and/or authorization to use, the key used to secure the received data, the data is not communicated to the destination device.

Abstract: A computer-implemented method includes: in response to a first client device invoking a transaction with respect to a target smart contract, obtaining, by a blockchain node device in a blockchain, encrypted contract codes of the target smart contract; transmitting the encrypted contract codes of the target smart contract to a trusted execution environment; in response to determining that the target smart contract is not a managed smart contract, extracting a decryption key stored in the trusted execution environment, in which the decryption key corresponds to the encrypted contract codes of the target smart contract; decrypting the encrypted contract codes of the target smart contract; executing the decrypted contract codes of the target smart contract in the trusted execution environment; encrypting the execution result; and transmitting the encrypted execution result to the distributed ledgers of the blockchain for storage.

Abstract: Disclosed are a robust and reliable edge storage method for the Internet of Things and a system therefor. A data owner server splits and encrypts raw data into an encrypted data segment, sets a trusted data access control policy and sends it to a third-party proxy server, and sends the encrypted data segment and the trusted data access control policy to a processing server; the processing server stores the encrypted data segment based on a totally local reconstruction code scheme, and forwards the request sent by a data requester server to the third-party proxy server; the third-party proxy server determines whether the data requester server that sends the request is trustable according to the trusted data access control policy, if it is trusted, then sends decrypted information to the data requester server through the processing server; the data requester server decrypts the encrypted data segment according to the decrypted information to obtain the raw data.

Abstract: A data transmission method to avoid a channel resource waste where first random data and second random data are generated by a sending device; at least two pieces of reference data are determined; a modulation signal based on the first random data, the second random data, and the at least two pieces of reference data are generated; a component in a first polarization direction and a component in a second polarization direction of a first laser signal by using the modulation signal are modulated by the sending device, to obtain a second laser signal, where the first polarization direction and the second polarization direction are perpendicular to each other, and the second laser signal includes a quantum light and a reference light; and the second laser signal is sent by the sending device.

Abstract: The disclosed technology provides solutions that enable scalable and secure data retrieval between microservices by using microservice attributes to encrypt container based data stores. A process of the technology can include steps for: instantiating a first microservice and a second microservice in a cloud environment, wherein the first microservice is associated with a first attribute label and the second microservice is associated with a second attribute label, generating a first key based on the first attribute label and a second key based on the second attribute label, associating a first data store with the first microservice, wherein the first data store is encrypted using the first key, and associating a second data store with the second microservice, wherein the second data store is encrypted using the second key. Systems and machine readable media are also provided.

Abstract: Authentication is performed on a plurality of links to be used to couple one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining, by the other node from the one node via one link of the plurality of links, an identifier of a shared key maintained by a key server. The other node uses the identifier to obtain the shared key from the key server. An indication that the other node decrypted a message received from the one node using the shared key is sent from the other node via the one link. The sending the indication on one or more other links of the plurality of links is repeated for subsequent messages decrypted by the other node using the shared key previously obtained.

Abstract: Systems and methods for managing provisioning of keys prior to a key rotation are provided. A license server generates a license that is associated with a renewal time. The renewal time is a time that is prior to a key rotation time, and triggers a receiver device to send a renewal request prior to the key rotation time. The renewal time may be a randomized time prior to the key rotation time that differs for different receiver devices. The license is transmitted to the receiver device. The license server then receives a renewal request from the receiver device that is triggered at the renewal time. The license server generates a next license that comprises a next key, whereby the next key is a decryption key for decrypting the encrypted signal after the key rotation time. The next license is transmitted to the receiver device prior to the key rotation time.

Abstract: Authentication is performed on a plurality of links coupling one node of the computing environment and another node of the computing environment. The performing authentication includes obtaining by the one node a shared key from a key server coupled to the one node and another node of the computing environment. A message encrypted with the shared key is sent from the one node to the other node via one link of the plurality of links. An indication that the other node decrypted the message using the shared key obtained by the other node is received from the other node via the one link. The sending and the receiving are repeated on one or more other links of the plurality of links using the shared key previously obtained.

Abstract: Systems and methods for monitoring voice and SMS communication exchanged over a UMTS network is described wherein a technique for quickly testing different Count-C values, until the correct value is ascertained is used. The Count-C parameter consists of a HyperFrame Number (HFN) and the system iteratively attempts to decrypt the packets using a series of candidate HFNs. For each of these candidate HFNs, and for each of the packets, the system produces a candidate Count-C by appending the sequence number (SN). The system then uses the candidate Count-C to calculate a candidate keystream block. Subsequently, the system uses the candidate keystream blocks to decrypt the packets, and then tests whether the packets were correctly decrypted. If the system deems the decryption successful, the system stops iterating through the candidate HFNs, and uses the candidate HFN that correctly decrypted the packets to decrypt subsequent packets in the communication session.

Abstract: A method for operating a quantum-resilient server-cluster is provided. The server-cluster includes a plurality of servers. Each of the servers may be encapsulated in a selectively-quantum-resilient case. The method may include transmitting a first communication from a first server, included in the server-cluster. The first communication may be intercepted at a first selectively-quantum-resilient case. The method may include identifying, at the first selectively-quantum-resilient case, a recipient of the first communication. When the recipient of the first communication is a server included in the server-cluster, the first case verifies the security of the communication via quantum entanglement, and transmits the communication to the recipient in an encrypted manner via quantum tunneling.

Abstract: A machine-implemented method of encoding/decoding data is described. The encoding method comprises steps of receiving a message of a given size, the message being represented by a series of units of data, configuring multiple encoding elements (50) in an arrangement having a given frame size, and encoding the message by passing each unit of data through the arrangement so that each unit is processed by at least one of the encoding elements. The frame size of the arrangement is the maximum number of units of data that can pass through the arrangement without any unit of data passing through the arrangement and being processed in the same way as another unit of data.

Abstract: A server in a blockchain distribution network includes a processor and a transceiver operatively coupled to the processor. The transceiver is configured to receive bytes of an encrypted blockchain from a peer node in a peer-to-peer network, where the server is unable to identify a source node that generated the encrypted blockchain based on the received bytes. The transceiver is also configured to propagate the bytes of the encrypted blockchain to one or more additional peer nodes and to one or more additional servers in the blockchain distribution network.

Abstract: A computer node comprising multiple software modules may receive a cryptographic key from a hardware security module. The computer node may use the cryptographic key to produce two key portions, which are distributed to two software modules. These software modules and an optional additional software module may use the key portions in order to encrypt an initial message. The key portions and their locations in memory are periodically updated in order to provide improved cryptographic security.

Abstract: A secure text having an authentication code is efficiently created. A key generation part 12 generates secure texts ([x], [?], [?]) of “x”, “?” and “?” that are values satisfying x?=?. A secure text generation part 13 generates secure texts [ai] of random values “ai” for i=1, . . . , N. An authentication code generation part 14 generates authentication codes [?(ai)] by multiplying the secure texts [ai] by the secure text [?] for i=1, . . . , N. A verification value generation part 15 generates a secure text [w] of a verification value “w” using the secure texts ([x], [?], [?]), the secure text [ai] and the authentication code [?(ai)]. A verification value determination part 16 determines whether the verification value “w” is equal to zero or not.

Abstract: In some embodiments, a device includes a memory and a processor. The memory is operatively coupled to the processor and configured to store encrypted personal data. The processor is configured to receive query and a personal identifier from a user. Based on the query, the processor further identifies and retrieves a portion of the associated encrypted personal data from the memory. Using the personal identifier, the processor produces decrypted personal data by decrypting a portion of the retrieved encrypted personal data. The processor is further configured to analyze the decrypted personal data to identify a result of the query. The result is sent to the user without sending the decrypted personal data.

Abstract: Embodiments of the invention are directed to systems, methods and computer program products for end to end encryption on a network without using certificates. The system utilizes a correlation between two quantum particles that are entangled. In this way, data may be encrypted with the particles and transmitted to end users. Since the particles are forced to behave the same way even if they are separated, the data associated with the particles is not able to be breached. In the application encryption processing, that means the particles are not hackable and the encryption is always true and accurate. In this way, verification of application encryption occurs via particle measurement by leveraging the fact that that there is only one sender and one receiver, because they are of the same particle computation or physical end-point, instead of current encryption relying on logical end-points.

Abstract: A wireless network connection security method is disclosed, including: acquiring a type of a wireless network to which a mobile device is connected; determining that the type of the wireless network is insecure; monitoring an application, the application being installed on the mobile device; determining that the application is to be activated; and in response to the determination that the application is to be activated, establishing a secure communication channel between the mobile device and a first server.

Abstract: A system for use in a blockchain distribution network includes a plurality of peer-to-peer nodes and a plurality of central servers in communication with at least a portion of the plurality of peer-to-peer nodes. The plurality of peer-to-peer nodes includes a first peer node and a second peer node and the plurality of central servers includes a first central server. The first peer node includes a first transceiver that is configured to transmit a blockchain to the second peer node. The second peer node includes a second transceiver that is configured to relay the blockchain to the first central server such that the first central server is unable to identify an origin of the blockchain.

Abstract: A contactless card can include a plurality of keys for a specific operation, e.g., encryption or signing a communication. The contactless card can also include an applet which uses a key selection module. The key selection module can select one of the plurality of keys and the applet can use the key to, e.g., encrypt or sign a communication using an encryption or signature algorithm. The contactless card can send the encrypted or signed communication to a host computer through a client device. The host computer can repeat the key selection technique of the contactless device to select the same key and thereby decrypt or verify the communication.

Abstract: Techniques for securely sealing and unsealing enclave data across platforms are presented. Enclave data from a source enclave hosted on a first computer may be securely sealed to a sealing enclave on a second computer, and may further be securely unsealed for a destination enclave on a third computer. Securely transferring an enclave workload from one computer to another is disclosed.

Abstract: Embodiments disclose a method and a device for controlling access to data in a network service provider system. In the embodiments, when a received access request of accessing data in the network service provider system is a user access instruction, data requested by the user access instruction may be acquired from network service provider-usable data or network service provider-unusable data in the network service provider system, or when a received access request of accessing data in the network service provider system is a non-user access instruction sent by the network service provider system, data requested by the non-user access instruction is acquired from only network service provider-usable data in the network service provider system.

Abstract: Certain aspects of the present disclosure provide techniques for requesting data in a distributed system. Embodiments include receiving a query from an application running on a client device. Embodiments further include generating a plurality of subqueries based on the query, each subquery corresponding to an entity of the plurality of entities that is requested in the query. Embodiments further include determining that a group of subqueries of the plurality of subqueries corresponds to particular entities that are provided by particular providers of the plurality of providers that are included within a single service. Embodiments further include sending a batch request to the single service, the batch request comprising the group of subqueries. Embodiments further include receiving the particular entities from the single service in response to the batch request and providing the particular entities to the application in response to the query.

Abstract: It is possible to reduce singling overhead in a radio access network by coordinating authentication of a group of UEs (e.g., IoT devices, etc.) via a master device. In particular, the master device may aggregate UE identifiers (UE_IDs) for UEs in the group, and send an identity message carrying the UE_IDs and a master device identifier (MD_ID) to a base station, which may then relay the identity message to a Security Anchor Node (SeAN). The SeAN may send an authentication data request carrying the UE_IDs and MD_ID to a Home Subscriber Server (HSS), which may return an authentication data response that includes a group authentication information. The group authentication information may then be used to achieve mutual authentication between the SeAN and each of the master device, group of UEs, and individual UEs.

Abstract: In a network system (100) for wireless communication an enrollee (110) accesses the network via a configurator (130). The enrollee acquires a data pattern (140) that represents a network public key via an out-of-band channel by a sensor (113). The enrollee derives a first shared key based on the network public key and the first enrollee private key, and encodes a second enrollee public key using the first shared key, and generates a network access request. The configurator also derives the first shared key, and verifies whether the encoded second enrollee public key was encoded by the first shared key, and, if so, generates security data and cryptographically protects data using a second shared key, and generates a network access message. The enrollee processor also derives the second shared key and verifies whether the data was cryptographically protected and, if so, engages the secure communication based on the second enrollee private key and the security data.

Abstract: In one embodiment, a system for generating an access stratum key comprises: a first network-side device that has access to a core network (CN) and is communicably coupled to a user equipment device (UE) through a first air interface, and a second network-side device that has access to the CN through the first network-side device and is communicably coupled to the UE through a second air interface. The first network-side device is configured to calculate an access stratum root key of the second network-side device according to an access stratum root key of the first network-side device and an input parameter; and send the access stratum root key of the second network-side device to the second network-side device. The second network-side device is configured to receive the access stratum root key of the second network-side device from the first network-side device; and generate an access stratum key according to the access stratum root key of the second network-side device.

Abstract: A branch circuit thermal monitoring system comprises a housing and an electrical power distribution sub-system. The housing includes a plurality of thermal modules each connected with a thermal sensor assembly of a plurality of thermal sensor assemblies. The housing further includes a module rack wherein each of the thermal modules is installed on the module rack. The housing further includes a main controller configured to communicate with the thermal modules. The thermal modules are configured for individually monitoring corresponding identified connection points of interest with the attached thermal sensor assemblies such that the thermal modules and the thermal sensor assemblies provide continuous temperature monitoring of the corresponding identified connection points of interest. The thermal sensor assembly is configured to be directly applied to a connection point of interest thus avoiding any additional mounting assembly. The electrical power distribution sub-system is coupled to the thermal modules.

Abstract: Systems, apparatuses, methods, and computer program products are disclosed for session authentication. An example method includes receiving, by decoding circuitry and over a quantum line, a set of qbits generated based on a first set of quantum bases. The example method further includes decoding, by the decoding circuitry and based on a second set of quantum bases, the set of qbits to generate a decoded set of bits comprising at least one wildcard bit. The example method further includes generating, by session authentication circuitry, a session key based on the decoded set of bits, wherein the session key is generated based at least in part on the at least one wildcard bit.

Abstract: Encryption key block generation with barrier descriptors is provided. In some embodiments, a descriptor is read. The descriptor includes a list of revoked devices and a list of boundaries between devices. A plurality of subset differences is generated. The plurality of subset-differences covers a plurality of devices. None of the plurality of devices appears in the list of revoked devices. None of the plurality of subset differences spans any of the boundaries. Encrypted information is generated based on the subset differences.

Abstract: A computer-implemented method includes: in response to a first client device invoking a transaction with respect to a target smart contract, obtaining, by a blockchain node device in a blockchain, encrypted contract codes of the target smart contract; transmitting the encrypted contract codes of the target smart contract to a trusted execution environment; in response to determining that the target smart contract is not a managed smart contract, extracting a decryption key stored in the trusted execution environment, in which the decryption key corresponds to the encrypted contract codes of the target smart contract; decrypting the encrypted contract codes of the target smart contract; executing the decrypted contract codes of the target smart contract in the trusted execution environment; encrypting the execution result; and transmitting the encrypted execution result to the distributed ledgers of the blockchain for storage.

Abstract: A method includes receiving, at an access point, an access request from a first device after an expiration of a first passcode. The access request is encrypted based on the first passcode. The method includes making a determination by the access point before an expiration of a usage time of a first passcode usage list that an identifier of the first device is included in the first passcode usage list. The method also includes, in response to making the determination, generating, at the access point, data representing a second passcode by encrypting the second passcode using the first passcode; and sending the data representing the second passcode from the access point to the first device.

Abstract: A system and method for voice control of a media playback device is disclosed. The method includes receiving an instruction of a voice command, converting the voice command to text, transmitting the text command to the playback device, and having the playback device execute the command. An instruction may include a command to play a set of audio tracks, and the media playback device plays the set of audio tracks upon receiving the instruction.

Abstract: Implementations provide for extending an authentication protocol to dynamically create a per user end to end encryption over a multi-hop path for data traffic, which provides an automatic triggering of authentication on each hop of a path when a client joins the network. A device includes a processor that is configured to, in response to receipt of a request for authentication from an end device, perform an authentication protocol to authenticate with an authentication server via an authenticator device. When the authentication protocol is successfully performed, the processor is configured to receive a message indicating that the device was successfully authenticated by the authentication server. The processor is configured to create a pairwise master key (PMK) from the parameters, and derive a pairwise temporary key (PTK) from a key derivation function seeded by the PMK. The processor is configured to encrypt, using the PTK, a message from the end device.

Abstract: The disclosed exemplary embodiments include computer-implemented systems, apparatuses, and processes that dynamically generate and manage a distribution of asymmetric cryptographic keys using distributed ledgers. For example, an apparatus may extract, from a hierarchical data structure, an index value associated with a corresponding element of permissioning data. The apparatus may also extract, from a first element of a distributed ledger, cryptographic data that includes a first public cryptographic key associated with the hierarchical data structure. The apparatus may generate a second public cryptographic key based on the first public cryptographic key and the extracted index value, and encrypt information using the second public cryptographic key. The encrypted information may be associated with the corresponding element of permissioning data, and the second public cryptographic key may be discarded in response to the encryption of the information.

Abstract: A method includes initiating, by an agent application of an access point, a communication connection to a self-organizing network controller via a particular communication path to the self-organizing network controller. The particular communication path is identified in a prioritized set of communication paths to the self-organizing network controller. The method includes receiving, at the access point, control data from the self-organizing network controller via the particular communication path. The control data includes an instruction for a station, the station in communication with the access point via a wireless local area network supported by the access point. The method also includes sending the instruction to the station from the access point via the wireless local area network. The instruction is executable by the station to cause the station to modify a data transmission rate of the station.

Abstract: Various examples are directed to systems and methods for communications security. For example, a computing device may generate a connection between the computing device and a client device. A first application executing at the computing device may send a first application session key to the client device via the connection. The first application may perform a cryptographic operation on a first message based at least in part on the first application session key to generate a first cryptographic result and send the first cryptographic result to the client device via the connection. The first application may receive a second cryptographic result from the client device via the connection and determine that the second cryptographic result was obtained with the first application session key.

Abstract: Methods, system and devices are provided that generate a sequence of sub-keys for cryptographic operations from a main key. The main key is operated on only once to generate the sub-keys of the sequence, with a transformation comprising one or more one-way functions. The respective bit values of the sub-keys of the sequence are set using respective bit values of the one or more one-way functions. Advantageously, deriving sub-key bits from respective output bits of one or more one-way functions removes or at least reduces correlations between the main key and the sub-keys, as well as between sub-keys, making it harder or even impossible to recover the main key or other sub-keys from a single sub-key, for example as found using a side-channel attack.

Abstract: Techniques for key ratcheting with multiple step sizes are described. For example, an apparatus may be configured to receive two or more encrypted messages, where the encrypted messages are encrypted according to a multi-dimensional ratcheting encryption scheme. Moreover, the apparatus may be configured to determine which of the encrypted messages was most-recently received and extract a message iteration count from the most-recent encrypted message, generate a decrypted message by decrypting the encrypted message based on a decryption key, decompose the message iteration count into a plurality of message chain key iteration counts, and determine the decryption key based on the plurality of message chain key iteration counts.

Abstract: The present invention provides an integrated system-on-chip device. The device is configured on a single silicon substrate member. The device has a data input/output interface provided on the substrate member. The device has an input/output block provided on the substrate member and coupled to the data input/output interface. The device has a signal processing block provided on the substrate member and coupled to the input/output block. The device has a driver module provided on the substrate member and coupled to the signal processing block. The device further includes a driver interface and coupled to the driver module and configured to be coupled to a silicon photonics device. In an example, a control block is configured to receive and send instruction(s) in a digital format to the communication block and is configured to receive and send signals in an analog format to communicate with the silicon photonics device.

Abstract: An authentication method is performed between a first party and a second party. The method includes: i) determining a challenge; ii) sending the challenge to the second party; receiving a response from the second party including a second cryptogram; computing a first cryptogram using the challenge and the key of the first party; determining if the first cryptogram matches the second cryptogram received from the second party. If the first cryptogram does not match the second cryptogram, the method further includes performing a computation using the first cryptogram and the second cryptogram; and comparing a result of the computation with a stored set of results to recover a first data element carried by the second cryptogram.

Abstract: Disclosed are an apparatus and method for data encryption and an apparatus and method for data decryption. The data encryption apparatus includes a key exchanger configured to generate a session key using a key exchange protocol, a cipher key generator configured to generate at least one of a cipher key and a key table from the session key, and an encryptor configured to encrypt data with the at least one of the cipher key and the key table generated from the session key.

Abstract: A method of encrypting a passcode is disclosed. In one embodiment, the method includes: receiving an indication of a portion of the passcode; calculating a plaintext value based at least in part on the indication, wherein the plaintext value represents an encoded portion of the passcode; encrypting the plaintext value into ciphertext using a homomorphic encryption system; and updating a cumulative encryption string by executing a cumulative operation to aggregate the ciphertext corresponding to the encoded portion into the cumulative encryption string computed for a previous portion of the passcode, wherein the cumulative operation is dictated by a homomorphic property of the homomorphic encryption system.

Abstract: The present invention provides for streamlined issuance of certificates and other tokens that are contingent on key attestation of keys from a trusted platform module within a computing platform. Various methods are described for wrapping the requested token in a secret, such as an AES key, that is encrypted to a TPM based key in a key challenge. If the requesting platform fails the key challenge, the encrypted certificate or token cannot be decrypted. If requesting platform passes the challenge, the encrypted certificate or token can be decrypted using the AES key recovered from the key challenge.

Abstract: A method for performing spacetime-constrained oblivious transfer between a party A and a party B. The method includes imposing relativistic signaling constraints on a cryptographic task of one out-of-m oblivious transfer involving parties A and B. The method further includes using quantum systems for the one-out of-m oblivious transfer. The method guarantees unconditional security of the spacetime-constrained oblivious transfer, based on the imposed relativistic signaling constraints and based on using quantum systems for the one-out of-m oblivious transfer.

Abstract: Embodiments of the present invention are directed to methods, apparatuses, computer readable media and systems for obtaining authorization for a plurality of split shipments associated with a single order. In particular, embodiments of the present invention allow a merchant to submit a separate split shipment authorization request for each of the plurality of split shipments. The split shipments authorization requests are linked to the original order using verifiable linking data. The linking data may be extracted from a previous (e.g., initial) split shipment authorization request and/or a previous (e.g., initial) split shipment authorization request. The linking data may be validated by an authorizing entity (e.g., a payment processing network computer or an issuer computer) to ensure validity of a split shipment authorization request. Additionally, the split shipment authorization requests may be validated using one or more predefined split shipment rules.

Abstract: A method for securing data in a storage grid is provided. The method includes generating a storage key from key shares of at least two storage clusters of a storage grid having at least three storage clusters and generating a grid key from the storage key and an external secret. The method includes encrypting data with the grid key to yield once encrypted data and encrypting the once encrypted data with the storage key to yield twice encrypted data. The method includes storing the twice encrypted data in a first storage cluster of the storage grid and storing the twice encrypted data in a second storage cluster of the storage grid, wherein at least one method operation is performed by a processor.

Abstract: A system for secure storage of data includes a key database and a processor. The processor is configured to receive a request associated with securely storing data and encrypt the tenant service key using a tenant master key. The data is encrypted using the tenant service key. The processor is further configured to encrypt the tenant master key using a customer key and store encrypted tenant service key and encrypted tenant master key in the key database.

Abstract: A system for secure retrieval of stored data includes an encrypted key database and a processor. The encrypted key database is configured to store an encrypted tenant service key and an encrypted tenant master key. The processor is configured to request decryption of the encrypted tenant master key into an unencrypted tenant master key. The decryption of the encrypted master key is approved by a key release system. The processor is further configured to decrypt the encrypted tenant service key using the unencrypted tenant master key into an unencrypted tenant service key and authorize a response to a request using the unencrypted tenant service key.

Abstract: A communication control device includes a receiving unit, a generating unit, and an output unit. The receiving unit receives input of a binary tree in which each leaf node has an index and a node key assigned thereto, and receives input of node IDs that, from among the leaf nodes, enable identification of the leaf nodes belonging to a group. The generating unit generates, using the node key assigned to the root node of each partial tree of the binary tree which includes only the leaf nodes identified by the node IDs, a cipher text by encrypting a group key shared in the group, and generates set information containing the generated cipher text. The output unit outputs the set information at least to the communication devices that are associated to the leaf nodes belonging to the group.