4510results about "Encryption apparatus with shift registers/memories" patented technology

A technique is provided for securely transferring programming content from a first device in a first layer, e.g., a trusted domain, to a second device in a second layer, e.g., outside the trusted domain. When a user requests that the first device transfer protected content to the second device, the first device needs to authenticate the second device. After the second device is authenticated, the first device may transfer to the second device the protected content, together with a rights file associated therewith. The rights file specifies the rights of the second device to use the protected content, according to its security level indicative of its security. These rights may concern, e.g., the number of times that the second device may subsequently transfer the protected content to other devices, the time period within which the second device may play the protected content, etc. The higher the security level of the second device is, the more rights accorded thereto. Indeed, the second device may need to meet a minimum security level requirement in order for it to receive or keep the protected content.

A computer system that interfaces with a blockchain is provided. The computer system receives match data for a match between a first data transaction request that is associated with a first identifier and a second data transaction request that is associated with a second identifier. A first blockchain transaction is generated based on the match data and stored to a blockchain. At least one further blockchain transaction is generates that splits the match into two different transactions—one between the first identifier and an intermediary and the second between the intermediary. These are recorded to the blockchain via the further blockchain transactions.

A virtualized blockchain forest includes a plurality of individual blockchains. Each individual blockchain of the plurality includes a blockchain height, a genesis block, and at least one additional block. The virtualized blockchain forest further includes a plurality of participating processors that make up a consensus pool, and a blockchain forest height having a time-sequenced start-to-finish length of blocks among the collective plurality of individual blockchains. The virtualized blockchain forest is configured to aggregate different ones of the plurality of individual blockchains, and is further configured to terminate individual ones of plurality of individual blockchains.

An integrated circuit device comprising: a circuit which uses encryption; and an encapsulation packaging layer; in which the circuit is responsive to at least one physical parameter of the encapsulation to apply the encryption and/or decryption by reading the key therefrom, so that tampering with the encapsulation to gain access to the circuit causes the encryption and/or decryption to fail.

An integrated circuit for data encryption/decryption and secure key management is disclosed. The integrated circuit may be used in conjunction with other integrated circuits, processors, and software to construct a wide variety of secure data processing, storage, and communication systems. A preferred embodiment of the integrated circuit includes a symmetric block cipher that may be scaled to strike a favorable balance among processing throughput and power consumption. The modular architecture also supports multiple encryption modes and key management functions such as one-way cryptographic hash and random number generator functions that leverage the scalable symmetric block cipher. The integrated circuit may also include a key management processor that can be programmed to support a wide variety of asymmetric key cryptography functions for secure key exchange with remote key storage devices and enterprise key management servers. Internal data and key buffers enable the device to re-key encrypted data without exposing data. The key management functions allow the device to function as a cryptographic domain bridge in a federated security architecture.

A wearable electronic modular computer-communicator device is described which may interact and cooperate with other wearable, vehicle-mounted, object-mounted or stationary electronic devices that are also described.

When a SET receives a positioning service from a V-SLP by performing a roaming from a H-SLP to the V-SLP in a SUPL-based positioning system, only a new TLS connection is generated using an abbreviated handshake protocol without generating anew TLS session after the roaming. That is, when opening a TLS session for ensuring security in a SUPL-based positioning method, in particular, when opening a new TLS session between the V-SLP (V-SPC) and the SET after opening the TLS session between the H-SLP and the SET, the key information having used in the previous TLS session is provided to the V-SLP to set a new TLS connection, thereby reducing a load of an entire system.

A method for creating an asset-backed distributed ledger token representing a smart contract, the token being backed by a pledge of an illiquid form of a precursor or means of production of a commodity asset, comprising receiving a pledge of unrefined or pre-commodity asset, digitizing the unrefined commodity asset into fractional representations of the commodity asset using smart contracts on a distributed ledger network, and allowing account holders access to the perform transactions on the distributed ledger network to trade the fractional representations under the terms of the smart contract.

A system encrypts a name of content stored in a node of a hierarchical structure. A content receiving node encrypts a name of a predetermined node among names of nodes included in a content name, such as by using a hash function, and transmits the encrypted content name to receive the stored content. A relay node receives the content name including the encrypted name of the node and decrypts the encrypted name of the node, such as by using a reference table. The relay node uses the decrypted node name to relay the content request to the content storage node. Since the content name is encrypted, content routing may be performed without disclosing information associated with a hierarchical structure in which the content is stored.

A method and system for programming and reading data with reduced read errors in a memory device. In one approach, date to be written to the memory device is scrambled using a first pseudo random number which is generated based on a page of the memory device to which the data is to be written, to provide first scrambled data, which is scrambled using a second pseudo random number which is generated based on a block of the memory device to which the data is to be written. This avoids bit line-to-bit line and block-to-block redundancies which can result in read errors. The data may also be scrambled using a third pseudo random number that depends on a section within a page. Scrambling may also be based on one or more previous pages which were written.

Disclosed herein is a system for providing a cryptographic platform for distributing data structures within a peer-to-peer network wherein encrypted messages are exchanged among nodes. The system provides for the creation and management of privately subspaced blockchains that include subspaces that are private, yet verifiable through the use of global state roots. The global state roots are updated based on subspace roots that are in term generated based on the data in that subspace.

A method, system and computer program is provided for protecting against one or more security attacks from third parties directed at obtaining user credentials on an unauthorized basis, as between a client computer associated with a user and a server computer is provided. The server computer defines a trusted Public Key Cryptography utility for use on the client computer. The Public Key Cryptography utility is operable to perform one or more cryptographic operations consisting of encrypting/decrypting data, authenticating data, and/or authenticating a sender, decrypting and/or verifying data. The user authenticates to the Public Key Cryptography utility, thereby invoking the accessing of user credentials associated with the user, as defined by the server computer. The Public Key Cryptography Utility facilitates the communication of the user credentials to the server computer, whether directly or indirectly via an authentication agent, the server computer thereby authenticating the user. In response, the server computer providing access to one or more system resources linked to the server computer to the user. The present invention also provides a series of methods enabling the server computer to authenticate the user by operation of the Public Key Cryptography utility and/or based on enrolment of the user and providing the Public Key Cryptography utility to the user.

A system, apparatus, method, and machine readable medium are described for secure authentication. For example, one embodiment of a system comprises: an authenticator on a client device to securely store one or more private keys, at least one of the private keys usable to authenticate a block of a blockchain; and an attestation module of the authenticator or coupled to the authenticator, the attestation module to generate a signature using the block and the private key, the signature usable to attest to the authenticity of the block by a device having a public key corresponding to the private key.

A tag adapted to be applied to an object is disclosed. The tag includes a wireless communication interface, a processor and a memory. A univocal code, a cipher key and a count value are store in the memory. The tag generates a dynamic code as a function of the cipher key and the count value. Next, the tag varies the count value according to a determined operation, and stores the varied count value in the memory. The tag transmits the univocal code and the dynamic code to a reader device. The tag may transmit the univocal code and the dynamic code in a URL.

The invention relates to a transaction verification processing method, apparatus and node device. The transaction verification processing method includes the following steps: transmitting a transaction hash of a to-be-verified transaction to a destination credible node which can establish new block and save a complete block chain; and receiving a verification result which is returned by the destination credible node which conducts payment verification and transaction verification on the to-be-verified transaction based on the transaction hash. According to the invention, the credible node verifies the to-be-verified transaction of lightweight nodes, simplifies the verification process of lightweight nodes, can at the same time conducts transaction verification and payment verification; since the lightweight nodes can determine credible nodes based on the node condition of the credible nodes, can effectively ensure safety of the verification process, ensures information synchronization, reduces verification time delay and increases verification efficiency.

A single sign-on system using blockchain is disclosed. The single sign-on system may interconnect various organization systems over a peer-to-peer network, with each organization system having a blockchain node and an application programming interface (API). The blockchain node invokes and uses a smart contract to write registration credentials to the blockchain during a registration process. During a login process, the blockchain node invokes the smart contract to determine whether login credentials match stored login credentials in the blockchain. In response to matching login credentials, the API may generate a single sign-on token that can be used by a user device to access one or more organization systems connected over the network.

A blockchain oracle manages loans collateralized by a digital asset. Lenders and borrowers agree to loan terms that include digital asset collateral held in a multisig wallet for which various parties hold private keys. If collateral requirements are not met by the loan such as when a Loan-to-Value ratio satisfies a margin call condition, the oracle may transmit warnings to loan participants and may initiate liquidation of the digital asset collateral to remove the margin call condition. The oracle may exist on a blockchain initialized with loan agreement information. The oracle may determine whether margin call and liquidation conditions are satisfied by updating an internal state by obtaining and/or receiving information regarding the status of the loan, the digital asset collateral, and liquidation locations on-chain, by receiving status transactions, and/or by requesting the information directly.

Provided is a process including: obtaining a plurality of records to be protected; forming a tamper-evident log configured to prevent an attacker from undetectably modifying any of the plurality of records stored in the tamper-evident log, wherein the cryptographic hash value of a given entry in the tamper-evident log is sequence agnostic to the sequence of entries in virtue of being based on values that do not specify a position in the sequence of entries; and storing the tamper-evident log in memory.

A method and system using blockchains for distributing event information related to vehicle operation between a plurality of entities. The method includes executing blockchain agreements between the plurality of entities participating in a blockchain exchange for distributing event information related to the vehicle operation, where the blockchain exchange includes a plurality of databases having blockchains of data blocks for storing the event information. Next, generating by a particular entity of the plurality of entities the event information related to vehicle operation and validating the event information by a consensus of the plurality of entities participating in the blockchain exchange. Then, appending, upon validating by the consensus, a blockchain within the blockchain database for enabling each entity to have access to a same replicated block data with the event information to enable enhanced vehicle operations of multiple vehicles based on the same replicated block data.

A system and method for providing load balanced secure media content and data delivery (10) in a distributed computing environment is disclosed. Media content is segmented and encrypted into a set of individual encrypted segments on a centralized control center (15). Each individual encrypted segment has the same fixed size. The complete set of individual encrypted segments is staged to a plurality of intermediate control nodes (17, 19). Individual encrypted segments are mirrored from the staged complete set to a plurality of intermediate servers (21a-b, 23a-b). Requests are received from clients (11) for the media content at the centralized control center. Each individual encrypted segment in the set is received from one of an intermediate control node and an intermediate server optimally sited from the requesting client. The individual encrypted segments are reassembled into the media content for media playback.

The invention belongs to the technical field of information retrieval and database structure, discloses a method for storing and sharing secure files based on a blockchain, and uses the blockchain technology to realize secure storage and sharing of files. A user encrypts and uploads the files to obtain a file pointer, and acquires the partial file as the excitation after the accounting node writesthe information such as the formulated access policy and the pointer into a blockchain account. And the other users may acquire a file key from the adjacent accounting node or the file owner after satisfying the access policy to decrypt the files so as to finally obtain a plaintext file. The invention ensures the security of the user data, and is simple and convenient for the user to use, and thepublic key cryptography technology makes the file more secure at the same time. The unchangeable modification progress of the blockchain account further ensures the complete availability of the files, enables the user to formulate different access strategies for different files, and enables full control of the files while sharing the same.

An identity system for the Internet of Things (IOT) that enables users and machines to identify, authenticate and interact with items/goods without relying on a third-party-controlled authentication service. The system includes tags having alphanumeric values and coupled to items/goods and an open registry database and ledger where digital records associated with the items/goods is able to be stored. The open registry enables public access to the items/goods and data combined with item registration anonymity.

The invention discloses a construction equipment Internet of Things system and method based on the blockchain technology. The system comprises a plurality of Internet of Things nodes, a plurality of blockchain nodes, a plurality of intelligent terminals and a plurality of user terminals, the detection of various environmental information in the building and the monitoring of electrical equipment can be achieved, data are stored in the blockchain nodes in a distributed manner, a data transmission process is encrypted by using the asymmetric encryption technology, and data sharing is performed through a smart contract. According to the construction equipment Internet of Things system and method disclosed by the invention, the blockchain technology is combined with the Internet of Things technology, the consensus mechanism, distributed storage, asymmetric encryption and smart contract of the blockchain technology are applied to the Internet of Things, and many problems faced by the current Internet of Things are solved.

A credentials verification network utilizes blockchain technology to track/verify credentials for candidates that can later be used in the hiring verification process. As implemented by nodes of a distributed network, a candidate receives from a first network node a secure credential generated by a credentialing source from an original credential document. The first node processes the secure credential according to a security feature (e.g., hash function) to create a transaction, and assigns an identifier to the transaction. The first node signs the transaction with a private key to create a transaction signature. The first node sends the signed transaction to a central server that broadcasts the transaction to the blockchain network. Once the network has accepted the transaction, the candidate will be notified and handed over the raw text document and transaction receipt ID. The candidate can forward the information to a recruiter or potential employer running a second node.

A block encryption method and schemes (modes of operation) that provide both data confidentiality and integrity with a single cryptographic primitive and a single processing pass over the input plaintext string by using a non-cryptographic Manipulation Detection Code function for secure data communication over insecure channels and for secure data storage on insecure media. The present invention allows, in a further aspect, software and hardware implementations, and use in high-performance and low-power applications, and low-power, low-cost hardware devices. The block encryption method and schemes of this invention allow, in yet a further aspect, encryption and decryption in parallel or pipelined manners in addition to sequential operation. In a yet further aspect, the block encryption method and schemes of this invention are suitable for real-time applications.

An encryption system comprises a pseudo-random number generator (KS) for generating a long pseudo-random sequence (S) from a shorter encryption key (K) and, if necessary, a nonce value (N), and a mixing function (MX) for combining the sequence with a plaintext message (P) on a block-by-block basis, where successive blocks (S(i)) of 128 bits of the sequence are combined with successive 64-bit blocks of plaintext (P(i)) to produce successive 64-bit blocks of ciphertext. The blockwise use of a long pseudo-random sequence preserves the advantages of a block cipher in terms of data confidentiality and data integrity, as well as benefiting from the speed advantages of a stream cipher.

A system for distributing content over an electronic communications network includes a first electronic device including a first processor and a first memory, and a second electronic device including a second processor and a second memory. The second electronic device is configured to communicate with the first electronic device over the electronic communications network. The system further includes a blockchain and a blockchain processor in operable communication with each of the first electronic device and the second electronic device over the electronic communications network. The blockchain processor is configured to verify a transfer of content between the first electronic device and the second electronic device, and to update the blockchain with information regarding the verified transfer of content.

The creation of a private sub-blockchain from a main blockchain is disclosed including receiving a request including a trust requirement and an agility requirement, receiving monitoring data from at least one of a plurality of validator nodes of the main blockchain, the monitoring data generated by monitoring the execution of transactions and the exchange of consensus messages by one or more of the plurality of validator nodes, determining a minimum number of validator nodes required to meet the trust requirement, identifying a subset of the plurality of validator nodes of the main blockchain that meets the agility requirement based on the received monitoring data, the subset containing at least the determined minimum number of validator nodes required to meet the trust requirement, and creating a private sub-blockchain of the main blockchain, the private sub-blockchain including the identified subset of the plurality of validator nodes of the main blockchain.

The invention discloses a disaster recovery cloud storage system construction method based on a block chain technology. The block chain technology is introduced in a cloud storage system construction process. The characteristics of decentration and de-trust of the block chain technology are used to realize the distribution autonomy of storage nodes in a cloud storage system and data exchange and data sharing between the storage nodes based on a consensus algorithm. Compared with the current mainstream centralized cloud service system, the method has the advantages that network nodes can establish many-to-many rather than one-to-many contact relationship, which can greatly improve the transmission efficiency of data; and in the processes of data storage, exchange, upload and download, data block packaging and anonymous exchange and an asymmetric encryption algorithm are used, which greatly guarantees the safety and reliability of the entire ecological chain of data cloud storage. Compared with the current mainstream centralized cloud service system, the method provided by the invention has the advantages that on the basis of improved data safety, the operation efficiency of the system is greatly improved, and the operating cost of a cloud storage service is reduced.

The invention discloses a device networking authentication method based on a blockchain for solving the single point failure problem existing in the current networking authentication method. The technical scheme is to deploy a blockchain network comprising a client, a submission node and a consensus node. By means of the non-tampering property of the blockchain, a device firstly registers on the blockchain before accessing the network, when the device A needs to access the network, the device sends a networking request of a device B that has accessed to the network, the device B compares the information of the device A in the networking request with the information of the device A stored in the blockchain to judge whether the identity of the device A is legal, a smart contract issues a token to the device A, a timestamp in the token ensures that the device A is valid within a certain period of time, and after the token expires, the device A needs to pass the identity authentication toaccess the network again. By adoption of the device networking authentication method disclosed by the invention, the single point failure problem existing in the traditional networking authenticationmethod can be avoided, the legality of the identity of the device is ensured, and the security of the network is improved.