Abstract: An apparatus and method for encryption key recovery based on memory analysis. The apparatus may include one or more processors and executable memory for storing at least one program executed by the one or more processors. The at least one program may collect memory information pertaining to an encrypted part of a file, in which ransomware is detected, based on dynamic binary instrumentation, analyze memory read operation data corresponding to an encryption key that is used for encryption of the file in the memory information, recover the encryption key based on the result of analysis of the memory read operation data, and output the result of recovery of the encryption key.

Abstract: Methods, systems, and apparatus, including a method for determining network measurements. In some aspects, a method includes receiving, by a first aggregation server and from each of multiple client devices, encrypted impression data. A second aggregation server receives, from each of at least a portion of the multiple client devices, encrypted conversion data. The first aggregation server and the second aggregation server perform a multi-party computation process to generate chronological sequences of encrypted impression data and encrypted conversion data and to decrypt the encrypted impression data and the encrypted conversion data.

Abstract: A contactless payment device including a wireless communication device; a power source; a processor coupled to the power source; an accelerometer communicatively coupled to the processor and the power source; and an actuator communicatively coupled to the wireless communication device and the processor. The actuator is configured to activate the wireless communication device when the actuator is set in a closed state, and deactivate the wireless communication device when the actuator is set in an open state. The processor is configured to receive an incoming signal from the accelerometer; determine whether the incoming signal corresponds to a pre-programmed signal corresponding to an enabling gesture; and set the actuator in the dosed state for a time interval, when the incoming signal corresponds to the enabling gesture.

Abstract: Techniques and apparatus for performing integrity verification for data stored on computing systems are described. One technique involves receiving a request to retrieve data from a first data repository. One or more parameters of the request are determined. The data is obtained from the first repository, based on the parameters. Verification information for the data is obtained from a second data repository, based on the parameters. A determination is made as to whether the data obtained from the first data repository has been modified. A message is sent that indicates whether the data obtained from the first data repository has been modified.

Abstract: Technique introduced here relates to virtual currency related services, and more specifically, to tools for providing crypto or other digital currency (e.g. bitcoin) related services, including bitcoin DNS service, sending bitcoins over social media communication networks, a bitcoin trading platform and secure storage services for bitcoin.

Abstract: A method of operation concealment for a cryptographic system includes randomly selecting which one of at least two cryptographic operation blocks receives a key to apply a valid operation to data and outputs a result that is used for subsequent operations. Noise can be added by operating the other of the at least two cryptographic operation blocks using a modified key. The modified key can be generated by mixing the key with a block-unique-identifier, a device secret, a slowly adjusting output of a counter, or a combination thereof. In some cases, noise can be added to a cryptographic system by transforming input data of the other cryptographic operation block(s) by mixing the input data with the block-unique-identifier, device secret, counter output, or a combination thereof. A cryptographic system with operation concealment can further include a distributed (across a chip) or interweaved arrangement of subblocks of the cryptographic operation blocks.

Abstract: A method is provided for conducting an operation, the method including: determining a first result based on combining a first input with a first mask; determining a second result based on combining a second input with a second mask, the first mask and the second mask fulfilling a precondition; and conducting the operation based on the first result and the second result. A corresponding device is also provided.

Abstract: Systems and methods are provided for dynamically configuring an IoT communications system. The IoT communications system receives a client message from an IoT device. The client message includes an endpoint designation (such as by specifying an endpoint in the Server Name Indication (SNI) field of the TLS client hello message). The IoT communications system determines whether the endpoint is associated with a custom or default processing logic and/or settings. Either custom or default processing logic is executed or custom or default settings are applied.

Abstract: Methods, machine readable media and systems for simulating the leakage of sensitive data in an integrated circuit, such as cryptographic data or keys, are described. In one embodiment, a method can include the following operations: performing a first dynamic voltage drop (DVD) simulation on a plurality of locations, distributed across an integrated circuit (IC), based on a physical model that specifies physical layout of components on the IC, the IC storing sensitive data in locations of the layout; performing an IC level side channel correlation analysis between each of the locations and the sensitive data based on the results of the first DVD simulation; and selecting, based upon the IC level side channel correlation analysis, a subset of the locations for further simulations to simulate leakage of the sensitive data. Other methods, media and systems are disclosed.

Abstract: A memory controller includes a read only memory (ROM) suitable for outputting a ROM code to execute firmware in response to fuse data and a control processor suitable for executing the firmware in response to the ROM code. A memory system includes the memory controller and a storage device storing data.

Abstract: The present invention relates to a device having a central processing unit, RAM memory and at least two hardware elementary operations, using registers of greater size than the one of the central processing unit, said device being such that construction of at least one part of RAM memory is managed only by the hardware elementary operations, hardware elementary operations themselves and masking of inputs/outputs/intermediary data are monitored by software instructions, said software instructions being able to address different cryptographic functionalities using said hardware elementary operations according to several ways depending on each concerned functionality, said software instructions being further able to address several levels of security in the execution of the different functionalities.

Abstract: A computerized system of a computing system implementing a .NET framework and useful for instrumenting virtual-machine-based applications includes a computer store containing data, wherein the data comprises: a native library; a computer processor in the computerized system, which computer processor: provides a virtual machine with a Just-In-Time Compilation function; loads the native library into a process memory; redirects the Just-In-Time Compilation function to a custom implementation, wherein the custom compilation function: creates a representation of one or more methods being compiled; and compares the one or more methods against a policy of methods to be instrumented; and determines that one or more methods match the policy of methods to be instrumented.

Abstract: A computing device implements a key management system (KMS), and includes an interface, memory, and processing circuitry that executes operational instructions to maintain structured key parameters and a generating procedure associated with associated with a structured key. The generating procedure produces the structured key from an Oblivious Pseudorandom Function (OPRF) output, and the structured key parameters. The computing device receives a blinded value associated with the structured key from a requesting computing device, processes the blinded value using an OPRF secret to generate a blinded OPRF output, and returns the blinded OPRF output, the generating procedure, and the structured key parameters to the requesting computing device, which uses that information to generate the requested structured key.

Abstract: Broadly speaking, embodiments of the present techniques provide methods and apparatus to implement a time-limited configuration settings hierarchy. The time-limited configuration settings hierarchy introduces a temporary override setting that allows a fail-back to a prior setting after the expiry of a time period. This allows temporary users of IoT devices to have much higher levels of privilege over configuration settings, as an automatic revocation of the permission and reversion to the previous settings is guaranteed on the expiry of the specified time period.

Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.

Abstract: A new snapshot of a storage volume is created by instructing computing nodes to suppress write requests. Once pending write requests from the computing nodes are completed, storage nodes create a new snapshot for the storage volume by allocating a new segment to the new snapshot and finalizes and performs garbage collection with respect to segments allocated to the previous snapshot. Subsequent write requests to the storage volume are then performed on the segments allocated to the new snapshot. An orchestration layer implements a multi-role application that is provisioned with virtualized storage and computation resources. A snapshot of the application may be created and used to rollback or clone the application. Containers may be loaded with data structures for encrypted and/or authenticated communication. Failed storage volumes maybe detected and repaired. Repopulating repaired volumes may be managed by an application or a storage manager implementing a virtualized storage system.

Abstract: Techniques for protecting a computer system against fileless malware are described. One technique includes a virtual machine (VM) locker logic/module implemented by one or more processors receiving information about input/output (I/O) requests associated with injection of data into a process. The logic/module can generate or update an information log to reflect that the process includes data from an external source. The data from the external source can include fileless malware. The technique also includes the logic/module intercepting an execution request by a process (e.g., the process that includes data from an external source, another process, etc.), where an execute privilege located in an operating system mediated access control mechanism approves the request. Next, the logic/module determines that the process requesting execution is included in the log and removes an execute privilege located in a hypervisor mediated access control mechanism to deny the request.

Abstract: A system and method for a secure and scalable data collection and ingestion data pipeline is discussed. The data pipeline provides secure ingestion of data into internet-of-things (IoT) platform, while providing high throughput, replication, and fault-tolerance, which makes it suitable for large scale systems where data can be received from millions or billions of devices, sensors, or clients. In addition, the data pipeline provides a platform for real time event generation and data analysis. Further the data pipeline reduces operational costs and platform-as-a-service (PAAS) vendor dependencies.

Abstract: The present disclosure addresses the meltdown vulnerability resulting from speculative execution in a multi-core processing system. The operating system (OS) can be loaded for execution on one of several processing cores (OS core), while an application can be loaded for execution on another of the processing cores (application core). The OS core uses process page tables that map the entire kernel address space to physical memory. Conversely, the application core uses pages tables that map only a portion of the kernel address space to physical memory.

Abstract: A server receives a first query to perform one or more operations on an encrypted database and intercepts the first query. A set of data referenced by the first query is determined to include data that is to be encrypted. Based on metadata, one or more data columns of the data that is to be encrypted are identified as well as an encryption scheme to be applied to each of the data columns. Each of the identified data columns is encrypted based on the identified encryption scheme to produce encrypted data. One or more of the operations of the first query is determined to be unsupported on encrypted data. The one or more operations are executed on a token vault at a tokenizer to retrieve token data referencing the encrypted data. The first query is replaced with a modified query based on the retrieved token data. The modified query is executed on the encrypted database to retrieve an encrypted query result.

Abstract: A method for securely validating the file format type including receiving a file having a file format type, a header and a content block. The header has a header block with a description representing attributes of the actual content in the file. The content block has leading bytes representing attributes of the actual content, and actual content. Data is parsed from the description of the header block, the leading bytes and the actual content. Data from the description is compared to the data from the leading bytes, data from the leading bytes is compared to the data from the actual content, and data from the description is compared to the data from the actual content. The file format type is validated and trustable when the data from the description, the data from the leading bytes and the data from the actual content are consistent with one another.

Abstract: A method, computer program product, and computing system for receiving an input text. The one or more portions of the input text may be tagged. A discussion model between a plurality of virtual speakers may be generated based upon, at least in part, the tagging of the one or more portions of the input text. The discussion model may be presented.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for a source independent query language. One of the methods includes receiving a first executable statement, the first executable statement referencing a second set of fields in a dataset, the first executable statement having instructions to cause the query processor to perform operations on data in the dataset. The method includes Generating a second executable statement based on the first set of fields and the first executable statement. The method includes determining a mapping between the first set of fields and the second set of fields. The method includes specifying a derived dataset using the corresponding values and the mapping. The method includes generating instructions to cause the query processor to perform the operations on the derived dataset. The method includes sending the second executable statement to the query processor.

Abstract: Provided is an analysis system including a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; a communication processing unit that is configured to instruct the memory acquisition unit to acquire data stored in the memory unit when determining that key data including an encryption key for cryptographic communication protocol are stored in the memory unit; and a cryptanalysis unit that is configured to extract one or more key data candidates that are candidates of the key data, from the stored in the memory unit, and extract, from one or more of the key data candidates, correct key data that enables to decrypt correctly the encrypted communication data. The communication processing unit is further configured to execute specific processing according to the decrypted communication data.

Abstract: Input signals may be received. Furthermore, a control signal controlling the implementation of a Differential Power Analysis (DPA) countermeasure may be received. One of the input signals may be transmitted as an output signal based on the control signal. A cryptographic operation may be performed based on the first output signal that is transmitted based on the control signal.

Abstract: A computer-implemented method for language generation of a flow diagram, which receives a flow diagram. A plurality of geometric shapes within the flow diagram is identified. A plurality of text elements within the flow diagram is identified. The plurality of text elements and corresponding geometric shapes are associated. The association between the plurality of geometric shapes are identified. A diagram matrix based on the associations between the plurality of geometric shapes is generated. A linear language representation of the diagram matrix is generated.

Abstract: The present invention relates to a system and method for assessing the cognitive style of a person. The system comprises an input interface (12) for receiving speech spoken by the person, a language processor (16) for analyzing the speech to identify predetermined natural language elements, and a style identifier (18, 18?) for identifying the cognitive style of the person based on the identified natural language elements.

Abstract: A system and computer-implemented method for generating software testing scripts from test cases is provided. The system comprises a test case importing module configured to receive test cases and a Natural Language Processing (NLP) module configured to scan and mine text of the received test cases. Furthermore, the system comprises a user interface object identifier to identify one or more User Interface (UI) elements, functional flow models and test steps and corresponding test data. The system also comprises a user interface object mapper to map the one or more identified UI elements from the test cases with one or more user interface elements corresponding to one or more wireframes. In addition, the system comprises a test script generator to receive the mapped one or more UI elements, the identified functional flow models and the identified test steps and corresponding test data for generating test scripts.

Abstract: Technique introduced here relates to virtual currency related services, and more specifically, to tools for providing crypto or other digital currency (e.g. bitcoin) related services, including bitcoin DNS service, sending bitcoins over social media communication networks, a bitcoin trading platform and secure storage services for bitcoin.

Abstract: Provided is a system for a robot to eliminate its own sound source, comprising a sound pickup unit (1) used for acquiring a digital signal having mixed left and right sound channels and outputting same; a sound-card driver unit (2) used for mixing the received reference signal of the robot sound source and the digital signal having mixed left and right sound channels, to form a mixed voice signal, and outputting same; a signal separation unit (3) used for separating the mixed voice signal into a digital signal having mixed left and right sound channels and a reference signal, and determining whether the digital signal having the mixed left and right sound channels contains an interference signal, obtaining a playback signal volume, and outputting same.

Abstract: Methods and systems for masking certain cryptographic operations in a manner designed to defeat side-channel attacks are disclosed herein. Squaring operations can be masked to make squaring operations indistinguishable or less distinguishable from multiplication operations. In general, squaring operations are converted into multiplication operations by masking them asymmetrically. Additional methods and systems are disclosed for defeating DPA, cross-correlation, and high-order DPA attacks against modular exponentiation.

Abstract: In one embodiment, a method includes accessing a string of symbols by a computing device. The string is divided into one or more string components each including at least one of the symbols, and each string component is associated with at least one string-position identifier. The string components and their respective associated string-position identifiers are stored for the string of symbols.

Abstract: A computer-implemented method for language generation of a flow diagram, which receives a flow diagram. A plurality of geometric shapes within the flow diagram is identified. A plurality of text elements within the flow diagram is identified. The plurality of text elements and corresponding geometric shapes are associated. The association between the plurality of geometric shapes are identified. A diagram matrix based on the associations between the plurality of geometric shapes is generated. A linear language representation of the diagram matrix is generated.

Abstract: Embodiments of the present invention relate to systems, methods, and computer-storage media for maintaining privacy while delivering advertisements based on encrypted user profile identifiers. In embodiments, a Public key Encryption with Keyword Search (PEKS) is used to generate a public key and a private key. In embodiments, a public key and a private key are used to encrypt user profile identifiers and generate trapdoors associated with defined profile identifiers, respectively. A portion of the encrypted user profile identifiers are compared to a portion of the trapdoors. If a match is present between at least one encrypted user profile identifier and an associated trapdoor, a delivery engine is provided with an identification of content to be delivered to the user. The provided description is then used to determine an advertisement to present to a user. The advertisement is then presented to the user.

Abstract: A cracking method for cracking a secret key of an encrypting device includes: building up a leakage model for the encrypting device; performing a mathematical calculation on the leakage model, according to a plurality of sets of input data, to generate a mathematical model; generating a plurality of sets of hypothesized keys; generating a plurality of sets of simulation data corresponding to the hypothesized keys using the mathematical model; providing the input data for the encrypting device and detecting a plurality of sets of leakage data generated by the encrypting device; performing the mathematical calculation on the leakage data to generate calculated data; determining a correlation between each of the simulation data and the calculated data; and determining one of the hypothesized keys to be consistent with the secret key according to the correlation.

Abstract: A method of verifying the sensitivity of an electronic circuit executing a Rijndael-type algorithm to side channel attacks, wherein: each block of data to be encrypted or to be decrypted is masked with a first mask before a non-linear block substitution operation is applied based on a substitution box, and is then unmasked with a second mask after the substitution; the substitution box is recalculated, block by block, before the non-linear operation is applied, the processing order of the blocks of the substitution box being submitted to a permutation; and a side channel attack is performed on the steps of recalculating, block by block, the substitution box.

Abstract: A system for diffracted data retrieval (DDR) comprises a plurality of storage locations. The system for DDR also comprises a client device configured to: transmit a request to retrieve the data object, wherein the data object comprises a plurality of segments stored across the plurality of storage locations; receive a sequencing key in response to the request to retrieve the data object; and retrieve the plurality of segments of the data object from the plurality of storage locations based at least in part on an order indicated by the sequencing key. The system of DDR further comprises an initiation server configured to: receive the request from the client device to retrieve the data object; generate the sequencing key in response to the request; transmit the sequencing key to the client device; and monitor a progress of the retrieval of the data object by the client device.

Abstract: Automatic semantic analysis for characterizing and correlating literary elements within a digital work of literature is accomplished by employing natural language processing and deep semantic analysis of text to create annotations for the literary elements found in a segment or in the entirety of the literature, a weight to each literary element and its associated annotations, wherein the weight indicates an importance or relevance of a literary element to at least the segment of the work of literature; correlating and matching the literary elements to each other to establish one or more interrelationships; and producing an overall weight for the correlated matches.

Abstract: The present invention provides a method and system for assessing a password based on characteristics of a physical arrangement of keys of a keyboard. A password including unique characters is stored. For each unique character of the password, a character key of the keyboard which denotes the unique character of the password is determined. A positive flag is assigned to each determined character key of the keyboard. A null flag is assigned to each key of the keyboard that is not one of the determined character keys. A key detection frequency is computed for each key vector of the keyboard. A maximum key detection frequency is determined from among the computed key detection frequencies of the key vectors. The maximum key detection frequency is compared with a threshold key detection frequency, from which it is ascertained whether the maximum key detection frequency is at least the threshold key detection frequency.

Abstract: Automatic semantic analysis for characterizing and correlating literary elements within a digital work of literature is accomplished by employing natural language processing and deep semantic analysis of text to create annotations for the literary elements found in a segment or in the entirety of the literature, a weight to each literary element and its associated annotations, wherein the weight indicates an importance or relevance of a literary element to at least the segment of the work of literature; correlating and matching the literary elements to each other to establish one or more interrelationships; and producing an overall weight for the correlated matches.

Abstract: A method for smoothing current consumed by an electronic device is based on a series of current copying operations and on a current source delivering a reference current. The reference current is delivered in such a manner that current consumed as seen from the power supply depends on the reference current.

Abstract: The techniques presented herein provide for verifying the integrity of an encryption key log file generated on a data storage system. Encryption key activity events associated with a storage system's back-end storage drives are identified. A unique signature is generated for each encryption key activity event. Each encryption key activity event and its corresponding signature are stored in an audit log file. An audit log hash file is generated using the contents of the audit log file. At an external location, the audit log file and the audit log hash file are retrieved from the storage system. The integrity of the retrieved audit log file is verified by generating a local audit log hash file and comparing the local audit log hash file to the retrieved audit log hash file and determining if the local audit log hash file matches the retrieved audit log hash file.

Abstract: An authority transfer system includes a determination unit configured to determine whether a domain of a service and a domain of an endpoint for allowing a client to acquire authority information are a same domain. An issue unit issues the authority information indicating that an authority of a user with respect to the service is transferred to the client without receiving an instruction to permit a transfer of the authority of the user with respect to the service to the client, if the two domains are determined to be the same domain by the determination unit.

Abstract: A security software comprises administrative module for configuring access levels and creating types of accounts and application server for domain filtering by checking against friendly and unfriendly inbound, outbound and exception lists. Hard filtering either approves, terminates requests or re-routes request without the user's knowledge. Soft filtering passes disapproved requests and sends an e-mail alert to authorized recipients. Content filtering includes checking a content of a requested document against a friendly, unfriendly list and exception list. Hard filtering passes or rejects the requested document. Soft filtering passes the requested document or rejects or approves by highlighting its content. Options include e-mail filtering that checks subject, sender's address and domain against an unfriendly, friendly and exception list.

Abstract: One embodiment of the invention is directed to a method comprising receiving a plurality of data packets including encoded data. The method further comprises determining a plurality of time delays between the plurality of data packets, and translating the plurality of time delays to obtain a decoding key for decoding the encoded data in the data packets. The decoding key may be used to decode the encoded data to obtain the data.

Abstract: Disclosed herein are systems, computer-implemented methods, and computer-readable media for dialog modeling. The method includes receiving spoken dialogs annotated to indicate dialog acts and task/subtask information, parsing the spoken dialogs with a hierarchical, parse-based dialog model which operates incrementally from left to right and which only analyzes a preceding dialog context to generate parsed spoken dialogs, and constructing a functional task structure of the parsed spoken dialogs. The method can further either interpret user utterances with the functional task structure of the parsed spoken dialogs or plan system responses to user utterances with the functional task structure of the parsed spoken dialogs. The parse-based dialog model can be a shift-reduce model, a start-complete model, or a connection path model.

Abstract: Systems and methods for enabling delivery of deidentified production data are described. The production data can include a set of alias records, which include deidentified data, and can be generated from corresponding real records of actual users. Enabling delivery of deidentified production data can include fulfilling production data requests via a production data feed, a bulk request, or other suitable delivery technique.

Abstract: Embodiments are directed to securing data in the cloud, securely encrypting data that is to be stored in the cloud and to securely decrypting data accessed from the cloud. In one scenario, an instantiated trust service receives information indicating that a trust server is to be instantiated. The trust service instantiates the trust server, which is configured to store key references and encrypted keys. The trust service receives the public key portion of a digital certificate for each publisher and subscriber that is to have access to various specified portions of encrypted data. A data access policy is then defined that specifies which encrypted data portions can be accessed by which subscribers.

Abstract: Methods and systems for rendering text to simulate human penmanship are described. A text rendering engine converts a text string into an image that can be displayed using one or more seed numbers to influence the rendering and appearance of the text. The text rendering engine may render variations of each character of the text string using the seed numbers to select from a set of single-character or multi-character glyphs, or to modify a size, weight, slope, or Bezier curve point of the character.

Abstract: Techniques for marking or flagging an account as potentially being compromised may be provided. Information about the popularity of passwords associated with a plurality of accounts may be maintained. In an example, an account may be marked as potentially being compromised based at least in part on the information about the popularity of passwords and a password included in a request to change the password associated with the account. A notification indicating that an account has been marked as potentially compromised may be generated.