Abstract: A device includes a substrate, an array of metal pads on a first surface of the substrate, a carbon polymer composite covering the array of metal pads, the composite having variations that result in random resistance values between the metal pads usable as a random code. A method of manufacturing a secure device, including forming an array of metal pads on a dielet substrate, the dielet substrate containing at least one memory in which is stored an encryption key, and an RF communication section, covering the array of metal pads with a carbon polymer composite such that variations in the carbon concentration in the polymer forms a unique pattern of resistance, attaching the dielet substrate to a host component, receiving a request from a security server for a unique code determined by the unique pattern of resistance, and using the encryption key, encrypting and providing the unique code to the security server.

Abstract: An apparatus generates truly random numbers. The apparatus includes a container that is at least partially filled with a fluid (e.g., water or air). The apparatus also includes objects (e.g., dice) suspended freely in the fluid. The apparatus includes agitators configured to agitate the fluid, and cameras configured to capture images of the objects. When the agitators agitate the fluid, the objects move freely (e.g., move with the created currents) in the fluid in the container. The apparatus also includes a random number generation circuit coupled to the cameras. The random number generation circuit is configured to generate random numbers based on the images captured by the cameras. In some embodiments, the agitators are one or more motor-driven propellers that stir the fluid. Some embodiments use a hydraulic pump to agitate the fluid (e.g., circulating the fluid using both a push action and a pull action).

Abstract: A computer system is provided. The computer system includes a memory and at least one processor coupled to the memory and configured to measure one or more environmental factors; convert the one or more environmental factors to entropy values by truncation or rounding of the one or more environmental factors to a selected number of bits; and combine the entropy values to generate an encryption key. The one or more environmental factors may include a location of the computer system, a current date and time, parameters of a network environment to which the computer system is connected, or an identification of a server to which the computer system is connected. The at least one processor is further configured to encrypt and/or decrypt at least a portion of a data file and/or at least a portion of a binary executable application using the encryption key.

Abstract: There is provided a method and system for selection of response message(s), comprising: receiving from an initiator client terminal a function message including an unencrypted target value and a public key, receiving respective response messages to the function message from responding client terminals, each respective response comprising an unencrypted partial value of the target value and a parameter encrypted with the pubic key, receiving, from the initiator client terminal, a selection of response message(s) according to a ranking of the encrypted parameters, wherein a sum of the unencrypted partial values of the selected response message(s) is according to a requirement of the target value, and receiving a validation for the selected response message(s) from corresponding responding client terminals, wherein each of the corresponding responding client terminals is provided with all partial values and all unencrypted parameters associated with all of the selected response message(s).

Abstract: This invention relates to an anti-tamper assembly for a circuit board comprising one or more electronic components, the assembly comprising: a container having side walls, a first, closed end and a second, opposing, open end, the container being configured to be mounted on said circuit board at said open end, over at least one of said electrical components, to form, in use, a sealed cavity around said at least one of said electrical components; a source of radioactive particles mounted within said container; an image sensor for capturing image frames within said sealed cavity, in use, wherein said image sensor comprises a detector region defining an array of pixels; and a processor for receiving said captured image frames, monitoring said image frames for changes in the statistical distribution of active pixels and, in the event that statistical distribution of active pixels indicates the presence of a feature in an image frame, generating a tamper alert.

Abstract: A working method of an NFC dynamic token, comprising the following steps: after detecting that a preset press key is triggered, the NFC dynamic token activates NFC communication and builds connection with a mobile device via NFC channel; when the NFC dynamic token receives a second instruction from the mobile device, the NFC dynamic token obtains a seed key from the second instruction, stores the seed key and sends a message that writing is successful to the mobile device; when the NFC dynamic token receives a third instruction from the mobile device, the NFC uses self-stored seed data to generate a dynamic password and sends the dynamic password to the mobile device via the NFC channel. According to the present invention, the seed key is written into the NFC dynamic token via the NFC channel, which improves security and flexibility of the dynamic token.

Abstract: A key acquisition unit (411) acquires a decryption key ski in a pair of a conversion source and a public key pkj in a pair of a conversion target, out of a plurality of pairs of a decryption key and a public key. A conversion key generation unit (412) encrypts the decryption key ski acquired by the key acquisition unit (411) with the public key pkj, so as to generate a conversion key rki?j for converting a ciphertext encrypted with a public key pki in the pair of the conversion source into a converted ciphertext that can be decrypted with a decryption key skj in the pair of the conversion target. An output unit (413) outputs the conversion key rki?j generated by the conversion key generation unit (412).

Abstract: A method of response signal processing applied in traction power networks, comprising establishing an data transmission channel between a target and a backend terminal through a relay router in a power distribution room; delivering a temperature-humidity information to the backend terminal by the target through the data transmission channel, and a response signal being delivered to the relay router; the relay router determining a second signal to noise ratio (SNR) according to a first SNR of the data transmission channel responded from the target when a noise ratio (NR) adjusting requirement is satisfied; the relay router determining a first identification of encryption algorithm based on the second SNR, and transmitting the first identification of encryption algorithm to the target. The present invention avoids the needs for retransmitting encrypted response signals for several times during transmission between the backend terminal and the charging controller.

Abstract: Technologies are generally described for methods and devices for generating a final signature. The methods may comprise receiving a message by a processor. The methods may comprise generating a random number by a random number generator. The methods may comprise forwarding, by the processor, the random number to a cloaking element generator. The methods may comprise forwarding, by the processor, a private key to the cloaking element generator. The methods may comprise forwarding, by the processor, a group to the cloaking element generator. The methods may comprise forwarding, by the processor, a homomorphism to the cloaking element generator. The methods may comprise processing, by the cloaking element generator, the random number, the group, the private key, and the homomorphism to produce a cloaking element. The methods may comprise applying the cloaking element to transform the message into the final signature.

Abstract: A system that incorporates the subject disclosure may include, for example, instructions which when executed cause a device processor to perform operations comprising sending a service request to a remote management server; receiving from the management server an authentication management function and an encryption key generator for execution by a secure element and an encryption engine for execution by a secure device processor, sending a request to establish a communication session with a remote device; and communicating with the remote device via a channel established using an application server. The secure element and the secure device processor authenticate each other using a mutual authentication keyset. The secure element, the secure device processor and the device processor each have a security level associated therewith; the security level associated with the secure device processor is intermediate between that of the secure element and that of the device processor. Other embodiments are disclosed.

Abstract: A method of authenticated encryption and decryption includes generating a first digital signature with an encryption circuit of a first processor component. Concatenating the first digital signature to a plaintext message to generate a concatenated message. Encrypting the concatenated message into a ciphertext. Transmitting the ciphertext via a communications channel to a second processor component. Decrypting the ciphertext into a decrypted first digital signature and a decrypted plaintext message with a decryption circuit in the second processor component. Comparing, with the decryption circuit, the decrypted first digital signature with a second digital signature, thereby authenticating the decrypted plaintext message.

Abstract: Quantum optical device authentication technologies are described herein. A first device includes an optical transmitter transmits a plurality of pulses to an optical receiver included on a second device. The optical pulses each have one of two non-orthogonal optical states. The optical receiver measures each of the pulses and the second device records a measured value of the optical state of each pulse. Subsequently, the second device transmits the measured values of the optical states of the pulses to the first device. The first device outputs an indication of whether the second device is authenticated based upon the measured values received from the second device and the optical states of the pulses transmitted by the optical transmitter.

Abstract: A method, cryptographic device, and computer readable memory with instructions, for generating a cryptographic key from at least one prime number, by performing during runtime of the cryptographic device by obtaining from memory a challenge and at least one associated increment number, generating a seed by applying a Physically Unclonable function to said obtained challenge, generating at least one prime number from said generated seed by performing said cryptographic prime numbers generation algorithm and by performing therein as many incrementation steps as said obtained at least one increment number, and generating the cryptographic key from the generated prime number.

Abstract: The disclosure generally provides methods, systems and apparatus for an improved a Physically Unclonable Function (PUF). In one embodiment, the disclosure relates to a method to provide data from a Physically Unclonable Function (PUF) circuit array. The method includes storing a plurality of first data bits into a respective ones of a plurality of first bitcells of the PUF array to form a first dataset; storing a plurality of second data bits into a respective ones of a plurality of second bitcells of the PUF array, the plurality of second data bits defining a helper dataset; reading the first dataset from the plurality of first bitcells to provide a first read dataset; applying an error correction factor to the first read data dataset to form a security key dataset; and outputting the security key dataset from the PUF circuit array.

Abstract: Provided is a data processing system in which data are uploaded from a user terminal A to data storage server, and data are accessed from a user terminal B. User terminal A and B have a key KA and KB, respectively. Data storage server has a replacement key KA?B. User terminal A generates an authenticator tag with data M and temporary key R, generated by user terminal A, and generates a key k with temporary key R and key KA. User terminal A transmits data M, key k, and authenticator tag to the data storage server. Data storage server generates a key k? from key k and replacement key KA?B, and transmits data M, key k?, and the message authenticator tag to user terminal B. User terminal B generates temporary key R with key k? and key KB and generates an authenticator tag? to compare with the received authenticator tag.

Abstract: Embodiments of a secure multi-party computation method are provided. The method can include: dynamically converting a multi-party computation program segment into a first garbled circuit by using a multi-party computation operator of a first main body, and executing garbled gates of the first garbled circuit in sequence through an execution engine of the first main body, to encrypt data of the first main body; transmitting to a second main body the encrypted data of the first main body and identifiers for garbled gates of the first garbled circuit; performing a second encryption on the encrypted data of the first main body by the second main body in sequence according to the received identifiers for the garbled gates of the first garbled circuit, and returning to the first main body a result of the second encryption on the encrypted data of the first main body.

Abstract: Methods for secure data monitoring utilizing secure private set intersections are disclosed. In embodiments, a computer-implemented method includes: generating a garbled circuit program compiled into a first and second half; sending the second half of the garbled circuit program to a client server of a client; receiving social network data from a social network provider; and generating search results, utilizing the first half of the garbled circuit program in cooperation with the second half of the garbled circuit program, based on client data input at the second half of the garbled circuit program. The client data is private with respect to the social network provider and the social network data is private with respect to the client.

Abstract: Methods, systems, and devices, including computer programs encoded on computer storage media, for establishing a question and answer (QA) system are provided. One of the methods includes: determining QA pair data according to an extraction template and a target data source; adjusting the extraction template according to anomaly information corresponding to the QA pair data; updating the QA pair data according to the target data source and the adjusted extraction template; and determining a QA index according to the updated QA pair data to establish a QA system.

Abstract: A hash function is computed for each item of a partial string obtained by dividing a message received according to a group testing matrix representing combinatorial group testing relating to the message, and an authentication tag for the partial string is generated using a value obtained by a combining operation of individual hash values by a combiner, wherein the combiner performs the combining operation of the individual hash values, by using a hash value of an item of an empty string as an identity element of the operation.

Abstract: In a post-quantum asymmetric key generation method and system, a processing unit generates, based on a prime and an arithmetic function or a classical string, a prime vector which has an infinite number of components; generates a prime array based on the prime vector; generates an associated matrix based on the prime array; obtains, based on the associated matrix and a first reference prime, a first reference inverse prime array that serves as a private key; and obtains a public key that is paired with the private key based on a second reference inverse prime array. The second reference inverse prime array is obtained based on the associated matrix, the first reference prime, a second reference prime, and a randomization array.

Abstract: Technologies are disclosed herein for running a long-term on-demand service for executing actively-secure computations. A function circuit may be represented as a stream of buckets, in which each bucket represents a logical AND gate. A pool having a plurality of garbled AND gates is generated. Garbled AND gates are randomly selected from the pool for placement in one of the buckets. An output for the bucket is determined by an evaluation of the selected garbled AND gates. The output represents an execution of the logical AND gate. The determined output is applied as a parameter in a secure protocol.

Abstract: A method for execution by a distributed storage (DS) unit of a dispersed storage network (DSN), includes receiving a set of write slice requests that includes a set of slice names that are not utilized to store encoded data slices (EDSs), where each write slice request from the set of slice names that are not utilized to store encoded data slices includes a trap slice. The method continues with an access slice request that includes a requested slice name being received from a second DSN client, and then continues by determining whether the requested slice name corresponds to a trap slice stored by the DS unit. When the requested slice name corresponds to a trap slice, an action is determined for the access slice request based on an anomaly processing scheme.

Abstract: Systems, methods, and computing device readable media for implementing fast oblivious transfer between two computing devices may improve data security and computational efficiency. The various aspects may use random oracles with or without key agreements to improve the security of oblivious transfer key exchanges. Some techniques may include public/private key strategies for oblivious transfer, while other techniques may use key agreements to achieve simultaneous and efficient cryptographic key exchange.

Abstract: A system on a chip (SoC) includes memory, a processor coupled to the memory, and link protection circuitry coupled to the memory and the processor. The link protection circuitry includes an SoC encryption engine to receive first data from the memory and a first key, generate, by an SoC encryption counter of the SoC encryption engine, an SoC encryption counter value, encrypt the first data using the SoC encryption counter value and the first key to generate first encrypted data, and cause the first encrypted data to be transmitted to a device including a device decryption counter synchronized with the SoC encryption counter.

Abstract: A Material eXchange Format (MXF) digital file generated by a digital electronic processor is disclosed that includes a generic container for a media file. The MXF file also includes a SDTI-CP (Serial Data Transport Interface-Content Package) compatible system item. The SDTI-CP compatible system item has a media file metadata and a blockchain hash digest information formed from the media file. The blockchain hash digest information of the media file may be a blockchain hash digest used to error check the media file. Alternatively, the blockchain hash digest information of the media file may be a link to a cloud-based blockchain hash digest used to error check the media file.

Abstract: A computing system receives encrypted data that can be decrypted by a first secret to obtain data, wherein the first secret is securely stored by the system, determines that the data encodes a second secret and executable code usable to perform cryptographic operations, and run the executable code to perform the cryptographic operations. The first secret may be a one-time pad.

Abstract: A method for exporting sensitive information an integrated circuit, the method comprising: fabricating an integrated circuit, the integrated circuit having a register-transfer level “RTL” key fabricated in the integrated circuit, wherein the RTL key is a pre-determined cryptographic key; signing the sensitive information using the RTL key using a signature; and exporting the signed sensitive information and the signature for validation.

Abstract: A system and methods for authenticating an electronic signature using a biometric fingerprint includes registering a subscriber to the service. The subscriber asks document signers enter their fingerprint(s) by a fingerprint reader. The fingerprint data is applied to a fingerprint matcher which generates a gallery pair table of fingerprint minutiae for each signer. A secret user ID or operation number is generated. A sharing module splits the fingerprint information into N shares and generates a threshold number S. The secret is applied to the sharing module and N shares of the secret are generated. The N shares of fingerprint data are each combined with one share the secret to form N combined shares. The N combined shares are each stored in different cloud storage locations. Retrieval of the secret to authenticate the signers requires S signers to enter their fingerprints and S combined shares to be downloaded from the clouds.

Abstract: Systems and methods for secure communication are provided. A sender encrypts a first starting block with one of a number of random blocks. The encrypted first starting block is sent to a receiver, which expands it by a random amount. The expanded block is divided into a first expanded block and a second expanded block. A source data block is encrypted with the second expanded block and transmitted to the receiver, where it is decrypted with the decrypted first starting block. The first expanded block replaces the starting block for subsequent transmission.

Abstract: In one example in accordance with the present disclosure, a method may receiving a plaintext to be encrypted. The plaintext may include a first block, a second block and a third block. The method may include generating a preliminary ciphertext based on the first block and the second block and generating, using an encryption key, a first ciphertext using an encryption operation receiving the third block and the preliminary ciphertext as inputs. The method may also include generating, using the encryption key, a first finalized ciphertext using the encryption operation receiving the first block and the first ciphertext as inputs and generating, using the encryption key, a second finalized ciphertext using the encryption operation receiving the second block and the first finalized ciphertext as inputs.

Abstract: The communication system includes a communication buffer and a communication terminal. The communication buffer includes a physical unclonable function (PUF) device, and the communication buffer provides a security key generated by the PUF device. The communication terminal is coupled to the communication buffer, and transmits a mapping request to the communication buffer to ask for the security key. The communication terminal manipulates the transmission data with the security key to generate the encrypted data, and transmits the encrypted data to the communication buffer. The communication buffer further restores the transmission data from the encrypted data according to the security key.

Abstract: Technologies for managing exact match hash table growth include a network computing device which includes a compute engine and a network interface controller (NIC). The NIC is configured to allocate a plurality of physical bucket addresses in non-contiguous chunks of memory of the compute engine, configure a bucket threshold value as a function of a hash size of the hash table, generate a plurality of virtual bucket addresses as a function of the bucket threshold value, and map each generated virtual bucket address to an allocated physical bucket address. Other embodiments are described herein.

Abstract: Embodiments of the invention provide an electronic system for generating secret information comprising a Physically Unclonable Function (PUF) circuit, the PUF circuit being configured to provide a difference between two values of a physical variable of the PUF in response to a challenge applied to the PUF circuit. The system is configured to apply a set of challenges during an enrolment phase, and measure the physical variable difference provided by the PUF in response to each challenge.

Abstract: A seed value of a random number is generated in a more preferable manner by utilizing characteristics of a solid-state imaging device. A solid-state imaging device includes a pixel array unit in which a plurality of pixels is arrayed, and a processing unit that generates a seed value of a random number on the basis of each pixel value of predetermined one or more target pixels of the plurality of pixels, in which the pixel array unit is arranged on a first substrate, the processing unit is arranged on a second substrate, and a plurality of substrates including at least the first substrate and the second substrate is stacked so that the second substrate is located in a lower layer than the first substrate.

Abstract: The present invention discloses a method for computing a secret value including a first secret using a function including an operation, comprising: computing, by a host, a first encrypted value of the first secret with a first key; sending, by the host, the first encrypted value to a value holder and the first key to a key holder, wherein the value holder and the key holder are independently trusted by the host; computing, by the value holder, a computed encrypted value from the first encrypted value using the function; and computing, by the key holder, a computed key from the first key using the function.

Abstract: System and method for integrity assurance in a virtual environment are provided. The system includes a memory. The memory is configured to receive and store one or more artifacts. The system also includes a processing subsystem operatively coupled to the memory. The processing subsystem is configured to create one or more binary files for a stored one or more artifacts. The processing subsystem is also configured to incorporate the one or more artifacts into a blockchain platform. The processing subsystem is further configured to request the blockchain platform to trigger a crypto sealing process for the one or more artifacts. The processing subsystem is further configured to copy one or more crypto sealed artifacts to a repository. The processing subsystem is further configured to request the blockchain to trigger a verification process to one or more copied artifacts for integrity assurance.

Abstract: An access restriction system having a true random number generator (TRNG) to generate true random keys based on quantum-level physical properties and hub computer to provide those keys. An access-restricted component executes one or more tasks in response to receiving a verified task instruction. A component computer associated with the access-restricted component receives true random keys from the hub computer and stores the keys to a memory. A controller provides a task request to the component computer that includes a task instruction paired with a key. The component computer then verifies the task instruction by comparing and ensuring that the true random key stored to the memory matches the key received from the controller with the task request and then provides the verified task to the access-restricted component. The access-restricted component then carries out the verified task instruction.

Abstract: Information about firmware modules for a power unit (e.g., a battery backup unit or a power supply unit) can be downloaded, along with the firmware modules themselves. The firmware modules, which may constitute less than a complete firmware re-flash, can be used to update firmware of the power unit from a first version type to a second version type.

Abstract: Systems and methods for end-to-end encryption of a web browsing process are described herein. A web query is encrypted at a client using a homomorphic encryption scheme. The encrypted query is sent to a server where the encrypted query is evaluated over web content to generate an encrypted response without decrypting the encrypted query and without decrypting the response. The encrypted response is sent to the client where it is decrypted to obtain the results of the query without revealing the query or results to the owner of the web content, an observer, or an attacker.

Abstract: A method for identifying cell coupling in a memory system includes generating a two-dimensional pseudorandom binary sequence array. The method also includes performing an erase operation on a plurality of cells of a memory block of the memory system. The method also includes performing a write operation on the plurality of cells using the two-dimensional pseudorandom binary sequence array. The method also includes performing a read operation on the plurality of cells to identify a voltage value for each cell of the plurality of cells. The method also includes identifying cell coupling between respective cells of the plurality of cells using the voltage value for each of the cells of the plurality of cells.

Abstract: Multiple random numbers are generated. The multiple random numbers are N different random numbers. N is a positive integer. Generating the multiple random numbers includes generating a random number array including N storage units. The multiple random numbers are shuffled. A random number obtaining instruction is received. A random number is obtained from the multiple random numbers based on the random number obtaining instruction.

Abstract: A secure training sequence (STS) is included in wireless packets communicated between electronic devices to assist with channel estimation and wireless ranging. The STS includes multiple STS segments generated based on outputs from a cryptographically secure pseudo-random number generator (CSPRNG), the STS segments being separated by guard intervals and formatted in accordance with an 802.15.4 data symbol format that uses burst position modulation (BPM) and binary phase shift keying (BPSK) to map bits from the CSPRNG to burst positions and pulse polarities for the STS symbols. Both a first electronic device, which generates the STS, and a second electronic device, which estimates a communication channel using the STS, have prior private knowledge of cryptographic keys required to generate a non-repetitive single-use pseudo-random (PR) sequence by the CSPRNG. The STS includes two burst position intervals per STS symbol and two possible burst positions within each burst position interval.

Abstract: In embodiments, an apparatus for microcontroller (?C) or system-on-chip (SoC) computing includes a set of fuses disposed in a ?C or a SoC to store a seed value and M pairs of loop counter values (LCVs) with which to locally generate M private keys from the seed value on the microcontroller or SoC, where M is a positive integer, each private key to decrypt data encrypted with a pre-defined public key cryptosystem, wherein each private key includes two prime numbers p and q (p,q), the LCVs being a number of iterations of a key derivation function (KDF) needed to respectively obtain p and q from the seed value; and a key decoder, disposed in the (?C) or the SoC, and coupled to the set of fuses, to read the seed value and the M pairs of LCVs, and, for each of the M private keys to: respectively generate (p,q) from the seed value by respectively iterating the KDF by the LCVs for that key.

Abstract: The present application describes a method, system, and non-transitory computer-readable medium for generating new keys during a secure communication session. A key derivation function is operatively connected to both a counter and a memory. The key derivation function generates new key material from a first input and a second input in response to a signal provided by the counter. The key derivation function generates the new key material and outputs it to the memory.

Abstract: Examples of the present disclosure describe systems and methods for performing cryptographic operations in an isolated collection. In an example, a user may have an associated user resource within the isolated collection, which may be associated with a cryptographic key. Other users may access the user's key from a known location to manually or automatically perform one or more cryptographic operations. In another example, a key may be generated when initiating a group conversation. The key may be encrypted for and provided to each participant using each participant's public key. Each participant may then use the cryptographic key during the conversation. A new participant may receive authorization to join the conversation from an existing participant, wherein the encrypted key of the existing participant may be decrypted and re-encrypted using the new participant's public key. The new participant may then use the re-encrypted key to participate in the conversation.

Abstract: In some embodiments, an industrial asset may be associated with a plurality of monitoring nodes, each monitoring node generating a series of monitoring node values over time that represent operation of the industrial asset. A threat detection computer may determine that an attacked monitoring node is currently being attacked. Responsive to this determination, a virtual sensor coupled to the plurality of monitoring nodes may estimate a series of virtual node values for the attacked monitoring node(s) based on information received from monitoring nodes that are not currently being attacked. The virtual sensor may then replace the series of monitoring node values from the attacked monitoring node(s) with the virtual node values. Note that in some embodiments, virtual node values may be estimated for a particular node even before it is determined that the node is currently being attacked.

Abstract: Presented herein are techniques for synchronizing a cloud service and a key management service via a single indirect synchronous message sent by a client device. In particular, a cloud service receives a service request message sent by a client device. Embedded into the service request message is an encrypted key management message. The cloud service is configured to extract the encrypted key management message from the service request message and then send the encrypted key management message to the key management service.

Abstract: Dynamically generated quick response (QR) codes are used for secure communication to/from mobile devices. In one example, a QR code identifies a product or service selected by a user using a mobile device. The mobile device generates the QR code identifying the user's selection, and displays the QR code for reading by a retail kiosk. The retail kiosk, such as movie-rental kiosk, extracts the product or service selection encoded in QR code and provides the identified product or service to the user. The QR code can additionally identify a user account, such that payment for the product or service is automatically charged to the account identified from the QR code. In another example, the QR code is used to transfer money and/or credits between a user and a retailer, or between two users.

Abstract: A lifting drive device for a Z-axis spindle inserted into a guide tube and guided via an air layer including: a wire extending upward from the inside of the Z-axis spindle and having its upper end supported by the guide tube, a piston connected to an lower end of the wire, a cylinder that moves up-and-down relative to the piston by an air supplied to a cylinder chamber provided to the Z-axis spindle and partitioned by the piston, a driving roller provided to the guide tube and in contact with the surface of the Z-axis spindle, and a motor for driving the driving roller, so as to achieve highly precise linear movement and swift lifting of the Z-axis spindle guided by an air bearing and to be suitable for structural simplification, weight reduction and vibration countermeasures.

Abstract: A method of secure hash table implementation includes performing a secret key exchange between a server enclave of a server device and a client enclave of a client device and establishing an encrypted channel between the server enclave and the client enclave using the exchanged secret keys. The method includes generating a random key for a keyed hash function or a pseudo random function (PRF) and communicating the random key to the client enclave. The method includes receiving hashes of input data at the server enclave. The method includes building a hash table based on key-value pairs included in the received hashes. The method includes receiving a hash table query that includes keys. The method includes retrieving values that correspond to the keys. The method includes returning the retrieved values that correspond to the keys or a null if a value has not been inserted into the hash table for one of the keys.