Abstract: A security integrated circuit (IC) includes a memory including a first register and a second register, a token generation circuit configured to generate first data based on first bits of interest extracted before performance of an operation by using the first register, generate a first token by converting the first data, generate second data based on second bits of interest extracted after the performance of the operation by using the second register, and generate a second token by converting the second data, and an error detection circuit configured to detect an error on the first and second bits of interest by comparing the first token with the second token.

Abstract: Some embodiments provide a non-transitory machine-readable medium that stores a program. The program receives a request to execute a task for re-encrypting a set of data associated with an application that has been encrypted with a first encryption key. The task is for re-encrypting the set of data using a second encryption key. The program further determines an amount of work to complete the task. The program also divides the task into a set of subtasks based on the amount of work. The program further assigns each subtask in the set of subtasks to a node in a plurality of nodes for execution of the subtask. The plurality of nodes are configured to implement the application.

Abstract: Described are systems and methods that may be used to compare virtual machine manager-level system operations in a host environment to verify to a guest environment, such as a virtual machine, that the requested operations have been performed and the data managed by the host on behalf of the guest is secure. The implementations may include a security monitor that interfaces with a trusted platform module included in a hardware of the host. The security monitor may work with the TPM to verify consistency between a VM operation and a corresponding VMM-level operation of the host. This verification provides transparency that the host machine is complying with its responsibility to properly manage and secure data of the VM.

Abstract: A storage device and an operating method are provided. The storage device includes a non-volatile memory comprising a first area configured to store a plurality of normal firmware images and a second area configured to store a plurality of trusted firmware images, a firmware table configured to store information about the plurality of normal firmware images and the plurality of trusted firmware images, and a storage controller configured to control the non-volatile memory, perform a self-test for the storage device and write at least one of the plurality of trusted firmware images over a boot image based on a result of the self-test. The firmware table is configured to store a first hash value calculated before encryption of the plurality of trusted firmware images, and a second hash value calculated after encryption of the plurality of trusted firmware images.

Abstract: Disclosed herein are system, method, and computer program product embodiments for encrypting and decrypting a sensitive data item using a zero-knowledge encryption protocol. An embodiment operates by receiving a request to decrypt the sensitive data item from a client. The embodiment retrieves the requested sensitive data item from a data store. The embodiment generates a result set by replacing a ciphertext value of the sensitive data item to be stored in the result set with a placeholder identifier. The embodiment retrieves a data encryption key (DEK) block from a DEK manager, wherein the DEK block comprises a DEK associated with the sensitive data item. The embodiment generates and encrypts a cipher ticket comprising the ciphertext value of the sensitive data item. The embodiment then sends the result set, the cipher ticket, and the DEK block to the client for decryption of the ciphertext value of the sensitive data item.

Abstract: Technology related to accessing security hardware keys is disclosed. In one example, a method includes receiving an initial request to perform a first cryptographic operation using a key stored in security hardware circuitry. In response to servicing the initial request, a persistent attribute of the key can be used to query the security hardware circuitry to receive a volatile attribute of the key. The volatile attribute of the key can be stored external to the security hardware circuitry to enable subsequent requests to perform cryptographic operations on the security hardware circuitry without querying the security hardware circuitry for the volatile attribute of the key. A subsequent request referencing the key can be received. The subsequent request can be serviced by using the security hardware circuitry and identifying the key using the stored volatile attribute of the key without querying the security hardware circuitry for the volatile attribute of the key.

Abstract: Techniques are disclosed relating to dispatching compute work from a compute stream. In some embodiments, a graphics processor executes instructions of compute kernels. Workload parser circuitry may determine, for distribution to the graphics processor circuitry, a set of workgroups from a compute kernel that includes workgroups organized in multiple dimensions, including a first number of workgroups in a first dimension and a second number of workgroups in a second dimension. This may include determining multiple sub-kernels for the compute kernel, wherein a first sub-kernel includes, in the first dimension, a limited number of workgroups that is smaller than the first number of workgroups. The parser circuitry may iterate through workgroups in both the first and second dimensions to generate the set of workgroups, proceeding through the first sub-kernel before iterating through any of the other sub-kernels. Disclosed techniques may provide desirable shapes for batches of workgroups.

Abstract: A value corresponding to a physical variation of a device may be received. Furthermore, helper data associated with the physical variation of the device may be received. A result data may be generated based on a combination of the value corresponding to the physical variation of the device and the helper data. An error correction operation may be performed on the result data to identify one or more code words associated with the error correction operation. Subsequently, a target data may be generated based on the one or more code words.

Abstract: A method and system of augmenting display content in a graphical user interface environment. Content produced by a graphical user interface is augmented with additional content before the content is displayed. In an example, a security marker may be rendered on top of an existing display content using the method described to protect high-value or sensitive information.

Abstract: A method is provided for determining a unique identifier of a device, the device including a quantum tunnelling barrier unique to the device. The method comprises applying a potential difference across the quantrum tunnelling barrier, the potential difference sufficient to enable tunnelling barrier. The method further comprises measuring an electrical signal, the electrical signal representative of a tunnelling current through the quantrum tunnelling barrier. The method further comprises determining, from the measured electrical signal, a unique identifier for the device. Related apparatuses, systems, computer-readable media and methods are also provided herein.

Abstract: To protect against physical and side-channel attacks, circuit assemblies may mount a main processor opposite of a cryptographic processor such that traces between the two processors are hidden in a substrate. Another substrate defining a cavity may be mounted on the bottom of the substrate to enclose the cryptographic processor and prevent physical access without disrupting the cryptographic operations. Voltage converters with integrated inductors may also be included in the cavity to generate electromagnetic noise that will disrupt the sensitive equipment used in side-channel attacks. An electromagnetic shield may be sputtered on top of the main processor to block electromagnetic sniffing attacks while still allowing the processor to be coupled with a heat sink.

Abstract: An illustrative embodiment disclosed herein is an apparatus including a processor and a memory. In some embodiments, the memory includes programmed instructions that, when executed by the processor, cause the apparatus to upload an object to a source bucket in an object store and create a lambda bucket in the object store that is symlinked to the source bucket. In some embodiments, the lambda bucket is associated with a predefined transformation. In some embodiments, the memory includes the programmed instructions that, when executed by the processor, cause the apparatus to receive a request to download the object from the lambda bucket, detect that the object is in the source bucket, fetch the object from the source bucket, transform the object, by compute resources of the object store, using the predefined transformation, and download the transformed object.

Abstract: Computer-readable media, methods, and systems are disclosed for tenant-specific encryption of container in connection with a database employing group-level encryption. An encryption group identifier may be assigned to container. The encryption group identifier may define how the container is encrypted. A container entry corresponding to the container may be created. A commit operation may be received for committing the assignment of the encryption group identifier to the container. A job may be initialized for encryption the container according to the encryption group identifier. The container may be flagged as modified. A flush operation may be initiated whereby the container is re-encrypted according to the encryption group identifier. Once flushing is complete, the container entry may be deleted.

Abstract: Multiple data paths may be available to a data management system for transferring data between a primary storage device and a secondary storage device. The data management system may be able to gain operational advantages by performing load balancing across the multiple data paths. The system may use application layer characteristics of the data for transferring from a primary storage to a backup storage during data backup operation, and correspondingly from a secondary or backup storage system to a primary storage system during restoration.

Abstract: A method for transmitting information between a data processing system external to the vehicle and systems using the information in a vehicle employs integrity protection and/or encryption mechanisms. The integrity and/or encryption mechanisms are used with different levels of protection, wherein the level of protection is selected and/or adjusted based on the information or a classification of the information, the provided use of the information, the state of the vehicle, the surroundings of the vehicle, the origin of the information, the protection goal, and/or the resource consumption.

Abstract: A quantum communication system for encrypting communication includes a processor configured to receive an encryption request from a mobile device. The mobile device determines a first encryption key from the mobile device. A quantum random number generator generates a second encryption key using quantum mechanics. The processor transmits the second encryption key to the mobile device. The mobile device implements a digital XOR logic gate configured to perform an XOR operation on the first encryption key and the second encryption key to generate a third encryption key.

Abstract: Devices and techniques for host accelerated operations in managed NAND devices are described herein. A host logical-to-physical (L2P) table of the NAND device has an associated map. Entries in the map correspond to one or more logical addresses (LA) and indicate whether the host L2P table is current for those LAs. If the table is not current, then a request will bypass the host L2P table, using a standard device L2P lookup instead. Otherwise, the host L2P table can be used.

Abstract: Systems, computer program products, and methods are described herein for secure access control using dynamic resource replication. The present invention is configured to electronically receive, from a computing device of a user, a request to generate a resource access path to access a resource; determine one or more resource requirements associated with the resource; determine an authentication level associated with the user; initiate a resource replication engine on the one or more resource requirements and the authentication level associated with the user; determine, using the resource replication engine, that the one or more requirements and the authentication level associated with the user meets one or more conditions for a replication process; and generate, using the resource replication engine, the resource access path and a plurality of replicate resource access paths.

Abstract: A processing unit comprising: a processor; and a memory, coupled to the processor and adapted to provide a plurality of enclaves isolated from each other, where the plurality of enclaves include a plurality of application enclaves, each of the application enclaves is used for running a respective application program, and the plurality of enclaves further include at least one of the following: a runtime enclave adapted to provide a storage space required for an invokable program; and a crypto enclave adapted to provide a storage space required for a crypto related program, wherein the runtime enclave and the crypto enclave have read/write permission for the plurality of application enclaves, and each of the application enclaves has no read/write permission for the runtime enclave and the crypto enclave.

Abstract: A storage system that can achieve a cryptographic operation circuit that supports multiple types of cryptographic operation formats. The cryptographic operation circuit is provided that encrypts data according to the format determined by the processor based on a request by the host terminal for writing the data into the storage device, and decrypts the encrypted data on the data stored in the storage device according to the format determined by the processor based on a request by the host terminal for reading the data from the storage device.

Abstract: A method of authenticating a user to a computer in an adverse environment includes receiving the user's password in a trusted user device, such as by the user typing the password, and encoding a keyword with a hash of the entered password to create an encoded keyword. The encoded keyword is sent from the trusted user device to the computer using a physical communication channel perceivable by the user; and the encoded keyword is compared in the computer with a keyword encoded with a known hash of the user's password in the computer to authenticate the user.

Abstract: A computing device, such as a personal computing device (e.g., laptop, smartphone, etc.) or server, is configured to utilize environmental factors in generating public/private key pairs to access restricted data or operations. The environmental factors can include location, time, barometric pressure, acceleration, temperature, humidity, and the like. An initial key pair may be used to encrypt data and enable other conventional security features. A key pair can be subsequently generated based on the same environmental factors as with the initial key pair generation and used to access the data or operations which have been restricted using the initial key pair.

Abstract: A computing device may receive a plurality of scanning requests with at least one scanning request in the plurality identifying a target address of a target network. The computing device may for at least a subset of the plurality of scanning requests: generate a scanner instance and a virtual network interface card (VNIC) in response to the scanning request. The scanner instance and the VNIC communicating with a routing namespace that can communicate with two or more scanner instances simultaneously. Until the target address has been scanned: one or more packets can be sent from the scanner instance to the target address via the routing namespace and VNIC. The one or more packets can be wrapped in one or more packet wrappers identifying the target address and the target network. In response to the target address being scanned, the scanner instance and VNIC can be decommissioned.

Abstract: Methods and corresponding systems and apparatuses for saving power through selectively disabling clock signals in a systolic array are described. In some embodiments, a clock gate controller is operable to output a gated clock signal from which local clock signals of processing elements in the systolic array are derived. The gated clock signal corresponds to a root clock signal that is distributed through a clock distribution network or clock tree. The clock gate controller is located along one branch of the clock distribution network. The branch can be associated with processing elements that form a column within the systolic array. Disabling the gated clock signal disables the local clock signals along the entire branch, preventing any components that are clocked by those local clock signals from consuming power. Additional clock gate controllers can similarly be provided for other branches, including a branch associated with another column.

Abstract: The present invention relates to a method, apparatus, and system for communication with a user's family members using the DNA of the user without making the DNA profile public. According to a first aspect, there is provided a computer implemented method of locating one or more members of a familial network, comprising the steps of: generating one or more encryption keys derived from a first genomic sequence; encrypting a message using the or each encryption key to form an encrypted message; sending the encrypted message to one or more remote devices wherein decrypting the encrypted message at the one or more remote devices uses one or more encryption keys derived from a second genomic sequence; and receiving a confirmation regarding whether the decryption of the encrypted message was successful by any of the one or more remote devices.

Abstract: A processor system includes a processor and a first memory area storing a boot program code. The boot program code starts execution of the operating system when executed by the processor, performs a cryptographic operation when processor executes the boot program code. A second memory area stores one or more cryptographic keys and is only accessible to the boot program code. A third memory stores the operating system. A communication interface receives data over a communication network. The processor retrieves the boot program code from the first memory area and executes the boot program code to start execution of the operating system. The processor terminates execution of the boot program code. The processor is configured to re-execute the boot program code while the operating system is executed to cryptographically encrypt data upon the basis of the cryptographic keys stored in the second memory area.

Abstract: A vacuum cleaner comprises a nozzle (N) for cleaning a surface, a suction tube (T) for receiving input air from the nozzle (N), a cyclone device having a cyclone (C) and a dirt container (DC) both oriented substantially perpendicular to the suction tube (T), a cyclone device input coupled to the suction tube (T) from which the input air is transported, following a spiral around a center, in a first direction substantially perpendicular to the suction tube (T) to reach a stage (V) at which dirt is separated from the input air to obtain cyclone output air, from which stage the cyclone output air is conveyed through a conduit in a second direction substantially perpendicular to the suction tube (T) and opposite to the first direction to arrive at a cyclone device output, a filter (F) for filtering the cyclone output air, and an airflow generator (A) for generating an airflow through the suction tube (T), the cyclone (C) and the filter (F), wherein when the nozzle (N) is touching the surface, the suction tube (T)

Abstract: A computer platform is disclosed. The computer platform comprises a non-volatile memory to store fuse override data; and a system on chip (SOC), coupled to the non-volatile memory, including a fuse memory to store fuse data and security micro-controller to receive the fuse override data and perform a fuse override to overwrite the fuse data stored in the fuse memory with the fuse override data.

Abstract: An incorrect copy of a record of data can be prevented from being transmitted to a distributed ledger system. A first file can be received and can include information, in audio or video form, with a description of a subject matter of the record of data and with an authorization to transmit the copy to the distributed ledger system. The first file can be sent to a device. A second file can be received from the device and can include information that confirms that the description of the subject matter, included in the first file, is correct, and that confirms that an entity, which controlled production of the first file, has permission to authorize causing the copy to be transmitted to the distributed ledger system. The correct copy can be caused, based on a receipt of the first and the second files, to be transmitted to the distributed ledger system.

Abstract: In general, this disclosure describes techniques for replacing target cryptographic primitives in executable binary files with other, potentially more secure, cryptographic primitives. In some examples, a computing system for augmenting cryptographic executables includes a locator to determine if an executable program in an executable binary file includes a target cryptographic primitive. The computing system can include a patch generator to generate patch instructions in response to a determination by the locator that the executable program includes the target cryptographic primitive. The patch instructions cause the executable program to execute a replacement cryptographic primitive instead of the target cryptographic primitive. A rewriter engine of the computing system can modify, based on the patch instructions, the executable program to generate a modified executable binary file.

Abstract: Technologies for attestation techniques, systems, and methods to confirm the integrity of a device for establishing and/or maintaining a trustworthy encrypted network session. An example method can include sending, via a server and using a cryptographic security protocol, a message associated with establishing an encrypted network session; receiving a response from a client device; identifying a level of trust of the client device based on the response; determining whether to perform a next step in the cryptographic security protocol based on the level of trust, wherein the cryptographic security protocol comprises at least one of a Secure Shell (SSH) protocol, a Transport Layer Security (TLS) protocol, a Secure Sockets Layer (SSL) protocol, and an Internet Protocol Security (IPsec) protocol.

Abstract: Computer systems, devices, and associated methods of verifying reliability of instructions for a device are disclosed herein. In one embodiment, a method includes identifying a reliability requirement associated with instructions for a device and receiving, from a user, an assertion in relation to the reliability requirement. The method includes generating a cryptographic assertion tracer (CAT) based at least in part on the received assertion. The method includes receiving assertion-related instructions in association with the CAT and generating a first code verification encrypted reproducible record based at least in part on the CAT and the received assertion-related instructions. The method then includes reporting that the reliability requirement is addressed.

Abstract: Systems, computer program products, and methods are described herein for implementing real-time redaction in a workflow configurable environment. The present invention is configured to electronically receive, from a user input device, a request to load at least one user interface associated with an application; initiate a real-time content redaction engine on contents of the one or more fields associated with the at least one user interface in response to receiving the request, wherein initiating further comprises: parsing one or more embedded structures associated with the one or more fields; identifying private information in the one or more fields based on at least parsing the one or more embedded structures; and masking the private information in the one or more fields; and load the at least one user interface associated with the application in response to masking the private information in the one or more fields.

Abstract: An authentication method includes: receiving a command of an upper host; parsing an option parameter in the command; determining a value of a fingerprint authentication identifier in the option parameter, and if the value is a first preset value, prompting a user to input a fingerprint and verifying the fingerprint input to obtain a user operation verification result; if the value is a second preset value, prompting the user to press a key and verifying the key pressed to obtain a user operation verification result; determining the user operation verification result, and if the user operation verification result is success, setting an authentication mode confirmation identifier, obtaining client data from the command, generating data to be signed, signing the data to be signed to generate a signature result, sending the signature result to the upper host; if the user operation verification result is failure, reporting an error.

Abstract: Implementations are directed to developing and facilitating a data collaboration using a data collaboration tool that bundles data pipelines and governing contracts into a data collaboration app. The data collaboration tool may include an authoring mode and may include an electronic canvas that visually represents all contracts and pipelines of the data collaboration app on a single canvas and visually represents traceability from the contracts to the pipeline elements they enable. A developer may use authoring mode to develop a template app that includes placeholder elements, including a reference to an anonymous placeholder participant. The template app may be shared, and a recipient may invite data collaborators to fill in the placeholder elements and deploy the app, enabling the data collaborators to trigger the data pipelines to execute in a data trustee environment to generate insights from each other's assets without exposing the assets to the collaborators or the developer.

Abstract: A system for defending against a side channel attack. The system includes a reuse distance buffer configured to measure one or more reuse distances for a microarchitecture block according to information of marker candidates and information of target events of a microarchitecture block; and a defense actuator configured to determine existence of a side channel attack in the microarchitecture block according to the one or more reuse distances for the microarchitecture block.

Abstract: An example operation may include one or more of establishing a communication channel between a sending system and a receiving system, executing an oblivious transfer protocol between the sending system and the receiving system via the established communication channel, wherein the oblivious transfer protocol provides the receiving system with a functional encryption key based on a data vector of the receiving system without the sending system learning the data vector, committing to the functional encryption key using a cryptographic commitment and signing the functional encryption key commitment with a digital key of the receiving system, and storing the signed functional encryption key commitment to a blockchain.

Abstract: A transient blockchain proxy server consolidates many individual requests to add data to a blockchain by aggregating hashed data from these requests and sending the aggregated hashed data to the blockchain network as a single request. The blockchain network adds a new block to the blockchain with the aggregated hashed data and returns a transaction identifier for the new block to the transient blockchain proxy server, which passes the transaction identifier back to all the requestors who then can directly use the blockchain network to verify the hashed data using the transaction identifier. The transient blockchain proxy server buffers all incoming requests until one of the pending requests reaches a send timepoint that is the blockchain network delay plus a buffer time before a guaranteed time of verification. All incoming requests are then consolidated and sent as a single transaction to the blockchain network. Tiered verification-time services are enabled.

Abstract: A file protection method of a computer apparatus including a processor, the method including extracting classes from an executable file of a package file, classifying the classes into class groups, adding a loading code to a first class group among the class groups, the loading code configured to cause sequential loading of the class groups to a memory in a random loading order in response to execution of the package file, adding an integrity code to a second class group among the class groups, the integrity code configured to verify an integrity of a corresponding class group among the class groups or a previous class group among the class groups, the previous class group including the loading code configured to cause the corresponding class group to load, and regenerating the package file using the class groups after the adding the loading code and the adding the integrity code.

Abstract: Techniques are presented for controlling or influencing use of and/or access to a resource. This resource may be a device, such as an IoT (Internet of Things) device or a process. Techniques include a method comprising generating a blockchain transaction (TxA) indicative of a condition on use of, or access to, the resource for a specified period of time, the blockchain transaction comprising a multi-signature script requiring a plurality of signatures for completion of the blockchain transaction; providing a first subset of the plurality of signatures to the blockchain transaction (TxA) to generate a partially signed signature script to partially complete the blockchain transaction (SI 14); and responsive to the condition on the use of, or access to, the resource being satisfied, providing a second subset of the plurality of signatures (S204) to the blockchain transaction to fully complete the blockchain transaction.

Abstract: A method includes receiving, at a first server from a second server, a first file attribute associated with a file. The method includes making a determination, at the first server based on the first file attribute, of availability of a classification for the file from a cache of the first server. The method includes, in response to the determination indicating that the classification is not available from the cache, sending a notification to the second server indicating that the classification for the file is not available. The method also includes receiving a first classification for the file from the second server at the first server. The first classification is generated by the second server responsive to the notification.

Abstract: Systems, methods, and apparatuses relating to circuitry to implement an instruction to create and/or use data that is restricted in how it can be used are described. In one embodiment, a hardware processor comprises a decoder of a core to decode a single instruction into a decoded single instruction, the single instruction comprising a first input operand of a handle including a ciphertext of an encryption key (e.g.

Abstract: Various systems and methods for enabling derivation and distribution of an attestation manifest for a software update image are described. In an example, these systems and methods include orchestration functions and communications, providing functionality and components for a software update process which also provides verification and attestation among multiple devices and operators.

Abstract: Systems, computer program products, and methods are described herein for implementing real-time redaction in a workflow configurable environment. The present invention is configured to electronically receive, from a user input device, a request to load at least one user interface associated with an application; initiate a real-time content redaction engine on contents of the one or more fields associated with the at least one user interface in response to receiving the request, wherein initiating further comprises: parsing one or more embedded structures associated with the one or more fields; identifying private information in the one or more fields based on at least parsing the one or more embedded structures; and masking the private information in the one or more fields; and load the at least one user interface associated with the application in response to masking the private information in the one or more fields.

Abstract: A device comprising a processing unit having a plurality of processors is provided. At least one encryption unit is provided as part of the device for encrypting data written by the processors to external storage and decrypting data read from that storage. The processors are divided into different sets, with state information held in the encryption unit for performing encryption/decryption operations for requests for different sets of processors. This enables interleaved read completions or write requests from different sets of processors to be handled by the encryption unit, since associated state information for each set of processors is independently maintained.

Abstract: Leveraging stochastic physical characteristics of resistive switching devices to generate data having very low cross correlation among bits of that data is disclosed. Data generated from stochastic physical characteristics can also be referred to as physical unclonable feature—or function—(PUF) data. Additionally, error correction functions for PUF data generated from resistive switching memory cells are provided. The error correction functions facilitate additional redundancy and longevity of PUF data, among other benefits. Different embodiments include addressing arrangements to incorporate ECC parity bits among generated PUF data bits, even for differential PUF bits respectively defined by multiple memory cells in different portions of a resistive memory array.

Abstract: There is provided a device of protecting an Integrated Circuit from perturbation attacks. The device includes a sensing unit configured to detect a perturbation attack, the sensing unit comprising a set of digital sensors comprising at least two sensors, the sensors being arranged in parallel. Each digital sensor provides a digitized bit output having a binary value, in response to input data, the sensing unit being configured to deliver at least one binary vector comprising a multi-bit value, the multi-bit value comprising at least two bit outputs provided by the set of digital sensors. The sensing device further comprising an analysis unit, the analysis unit being configured to receive at least one binary vector provided by the sensing unit, the analysis unit being configured to detect a perturbation attack from the at least one binary vector.

Abstract: A system includes a virtual machine to transmit an input/output request to a data storage system and a hypervisor configured to maintain a map of the virtual machine to a virtual disk, wherein the virtual disk is a slice of a persistent storage device. A virtual machine server is configured to maintain a map of the virtual disk to a start address and an end address and to update the input/output request with the start address, the end address, and a virtual disk identifier associated with the virtual machine. A processor determines whether the start address and the end address are valid, and if the start address and the end address are valid, then process the input/output request. The response is transmitted to the input/output request.

Abstract: An identity authentication management (IAM) service is established as a master over a master identity database of the centralized identity authentication management service. When adding an additional node to the computing infrastructure, a non-master copy of the master identity database is distributed to the additional node. Ongoing coordination between the master identity database and the non-master copy is established so as to synchronize differences between the master identity database and the non-master copy of the identity database. The additional node hosts a fully-functional authentication management service using the non-master copy of the master identity database and is able to respond to READ requests for data by accessing the non-master copy—without interaction with the centralized identity authentication management service.

Abstract: There is provided an information processing apparatus that generates an encrypted bit string in which a hash value calculated by using keyed hashing from a keyword for an information search is mapped into a bit string having a predetermined length, selects a predetermined number of bits from the encrypted bit string on the basis of a dynamically generated random number, inverts the predetermined number of selected bits, and sends the encrypted bit string and inverted-bit-number information to an external apparatus. The inverted-bit-number information indicates a number of bits inverted by a bit inverting unit.