A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q−1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd≤48.

Devices and techniques for replay protection nonce generation are described herein. A hash, of a first length, can be produced from a first input. A first subset of the hash can be extracted as a selector. A second subset of the hash can be selected using the selector. Here, the second subset has a second length that is less than the first length. The second subset can be transmitted as a nonce for a freshness value in a replay protected communication.

A receiver for recognizes blinding attacks in a quantum encrypted channel having an optical fiber. The receiver includes a multipixel detector having a plurality of pixels, and configured to be illuminated by a light beam outputted by the optical fiber. A processing unit connects to the multipixel detector and is configured to determine the presence of a blinding attack if a predetermined number of pixels detects light within a predetermined interval. The receiver recognizes blinding attacks in a quantum encrypted channel and implements a method for recognizing blinding attacks in a quantum encrypted channel.

The invention relates to a system for transmitting encoded information over radio channels and wired communication lines, including the Internet. The system includes a transmitting side and a receiving side each comprising various software/hardware modules for generating/displaying the output/received information of the transmitting side, cryptographic calculations of the transmitting side, service information of the transmitting side, a module for generating a set key of the transmitting side, a module for generating a computed key of the transmitting/receiving side, a module of transmitting side communication channel, macroblocks for blocking computer brute-force search including at least three software/hardware modules for information encoding/cryptographic transformations, a module for random numbers generation, and modules for a degree of the setting polynomial. These modules of the transmitting and receiving sides are connected to each other within their respective sides, as well as to each other across a communication channel.

In some implementations, a device may receive, at an operating system, a request for a random number from an application. The device may provide a command to generate an entropy input, based on the request for the random number and through a driver that is isolated from the operating system, to a quantum random number generator that is isolated from one or more processors hosting the operating system. Accordingly, the device may receive the entropy input, from the quantum random number generator, using the driver, and may generate the random number based at least in part on the entropy input. The device may provide the random number to the application.

An information processing device updates its own secret key according to an update request including request order information, the information processing device being provided with: a storage unit that stores, in a nonvolatile manner, a master secret key, a secret key, and order comparison information that enables comparison of the request order of the update request; and an update unit that, in a case where the update request has been made, compares the request order information and the order comparison information, and in a case where it has been determined that the order of the update request is authorized, updates the order comparison information to information corresponding to the request order information before update processing of the secret key is performed by using the master secret key.

In one example an apparatus comprises an input state register, and a first round secure hash algorithm (SHA) datapath circuit communicatively coupled to the input state register and a second round secure hash algorithm (SHA) datapath circuit communicatively coupled to the first round secure hash datapath circuit, the first round secure has algorithm (SHA) datapath circuit and the second round secure hash algorithm (SHA) datapath circuit each comprising a first section to perform a θ step of a SHA calculation, a second section to perform a ρ step calculation, a third section to perform a π step of the SHA calculation, a fourth section to perform a χ step of the SHA calculation, and a fifth section to perform a .Math. step of the SHA calculation.

An information security protection method includes: repeatedly substituting a plaintext into an encryption algorithm to obtain a plurality of ciphertexts, and. determining whether the ciphertexts are all the same h the processor core. Each time the processor core substitutes the plaintext into the encryption algorithm, the encryption algorithm outputs a ciphertext. When the processor core determines that the ciphertexts are not all the same, the processor core outputs a hacker attack message, which means that an encryption process has suffered a hacker attack.

Signal, data transmission, and/or encryption units generating a cryptographic code using a cryptographic key before writing to a pseudorandom noise buffer memory. The PRN code generator comprises a first processor generating a PRN code from initial data using a cryptographic key. A second processor generates sections of the PRN code for integrity check purposes through computation using the same cryptographic key and initial data. Within the PRN code generator and before temporary storage of the PRN code in the buffer memory, there is a comparison device for comparing at least one duplicated section of the PRN code sequence cryptographically generated by the first processor with the section computed by the second processor. A blocking, stop and/or alarm function is activated in the comparison device and triggered on the basis of a predefined degree of matching between the section obtained through duplication and the computed section.

A communication device is provided, comprising: an ultra-wideband device configured to establish a communication session with an external communication device; a secure element configured to generate a session key for use in said communication session and an authentication key derived from said session key; a processing unit configured to execute an application; wherein the secure element is further configured to transfer the session key and the authentication key to the UWB device; wherein the UWB device is configured to add, upon or after receiving data for use by said application, a cryptographic tag to said data; wherein the processing unit is configured to receive said data and the cryptographic tag, and to forward said data and cryptographic tag to the secure element; wherein the secure element is configured to verify said cryptographic tag and to return, upon or after a positive verification of the cryptographic tag, a signed confirmation.