Provided is a method for producing a product by a machine tool, wherein the control information and/or production data of a machine tool, such as a milling machine, injection molding machine, welding robot, laser cutter or 3D printer, is protected or cryptographically encrypted such that unauthorized copying or modifying is prevented, including the steps: producing product by the machine tool taking into consideration control information which controls the production of the product; generating production data by the machine tool during production of the product, wherein the production data describes the production of the product; providing protection information to the machine tool, which indicates which of the production data is to be protected, and defines a protection method for the production data which is protected; and protecting that production data which, according to the protection information, is to be protected, by the protection method defined by the protection information.

Embodiments include cryptographic circuits having isolated operation with respect to embedded sensor operations to mitigate side-channel attacks. A cryptographic circuit, a sensor, and an analog-to-digital converter (ADC) circuit are integrated into an integrated circuit along with a cryptographic circuit. A sensed signal is output with the sensor, and the sensed signal is converted to digital data using the ADC circuit. Further, cryptographic data is generated using one or more secret keys and the cryptographic circuit. The generation of the cryptographic data has isolated operation with respect to the operation of the sensor and the ADC circuit. The isolated operation mitigates side-channel attacks. The isolated operation can be achieved using power supply, clock, and/or reset circuits for the cryptographic circuit that are electrically isolated from similar circuits for the sensor and ADC circuit. The isolated operation can also be achieved using time-division multiplex operations. Other variations can also be implemented.

Disclosed is a cyber-security system that is configured to aggregate and unify data from multiple components and platforms on a network. The system allows security administrators to design and implement a workflow of device-actions taken by security individuals in response to a security incident. Based on the nature of a particular threat, the cyber-security system may initiate an action plan that is tailored to the security operations center and their operating procedures to protect potentially impacted components and network resources.

Encrypting data blocks by receiving blocks of compressed data, determining a size, in bytes, of the compressed data, appending a trailer to the compressed data, the trailer associated with the size in bytes of the compressed data, encrypting the compressed data and trailer, yielding encrypted data, where a header of the encrypted data comprises a number of complete encrypted data blocks, and providing the encrypted data to a user.

A tamper detecting component for a quantum communication system is a trusted node, configurable as a first endpoint trusted node, a middle-trusted node and a second endpoint trusted node. The trusted node has a tamper detection module and a secure memory. The tamper detection module deletes critical system parameters responsive to detecting physical tampering. The trusted node, as the first endpoint trusted node, exchanges a quantum key, encrypts data and transmits encrypted data. The trusted node as the middle-trusted node exchanges a quantum key, exchanges another quantum key, decrypts and re-encrypts data and transmits encrypted data. The trusted node as the second endpoint trusted node exchanges a quantum key, and decrypts data.

Decentralized security methods and systems using a hybrid permission based blockchain with public key infrastructure (PKI) for storage, access, distribution, exchange and execution of electronic information including images, files, media between individuals and or nodes is more secure on connected devices and servers than traditional systems and software applications that are vulnerable to cyberattacks and theft. Email is a popular way of transferring documents and other forms of content. However, there does not exist a decentralized system to protect sensitive information against cyber attacks and theft such that the information can be shared, accessed, executed, and or distributed to other individual(s) and or systems—including save, upload, email, co-author, co-edit, redline, comment, markup, e-sign documents that automatically enforces legally binding and verification processes for and between individual(s) and or business(es). To store and distribute electronic information securely using a decentralized method and system, authorized individuals(s) are authenticated and automatically entered into a smart contract, using a private and public key authentication and verification process where the electronic information is stored as a block that is immutable and secure during both transmission and access by authorized user(s) only. The electronic information may be distributed using a webmail plugin extension and a decentralized storage vault using blockchain to enable secure transmission and storage, which may act in concert with software controlled by the registered owner of the electronic information. The electronic information is securely, transmitted to the registered members using a permission based blockchain on our servers. Decentralized systems and methods provide smart contracting when electronic information is exchanged between authorized and permitted user(s) where creating, uploading, accessing, viewing, editing, redlining, replying, printing, downloading, e-signing and or marking up are each stored as separate immutable blocks within the permission based blockchain allowing the system to securely track the version history and users activity to enforce legally binding and verification processes. Standard email, storage systems and web applications today lack the decentralized security systems and methods for authorized users) to access, control, share, add, modify and distribute the information exchange processes between connected devices and systems that protect against cyber attacks and data theft.

Various embodiments relate to a method for securely comparing a first polynomial represented by a plurality of arithmetic shares and a second compressed polynomial represented by a bitstring where the bits in the bitstring correspond to coefficients of the second polynomial, including: performing a first masked shift of the shares of the coefficients of the first polynomial based upon the start of the interval corresponding to the compressed coefficient of the second polynomial and a modulus value; performing a second masked shift of the shares of the coefficients of the first polynomial based upon the end of the interval corresponding to the compressed coefficient of the second polynomial; bitslicing the most significant bit of the first masked shift of the shares coefficients of the first polynomial; bitslicing the most significant bit of the second masked shift of the shares coefficients of the first polynomial; and combining the first bitsliced bits and the second bitsliced bits using an AND function to produce an output including a plurality of shares indicating that the first polynomial would compress to a bitstream matching the bitstream representing the second compressed polynomial.

A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.

This disclosure relates generally to configuring an application or service with reconfigurable cryptographic features taking the form of cryptographic algorithms, protocols or functions. The application or service can be configured with a cryptographic provider configured to receive abstracted cryptographic API calls and retrieve specific cryptographic features based on established cryptographic policies. This configuration allows for rapid updates to the cryptographic framework and for the cryptographic framework to be managed remotely in enterprise environments.

The present disclosure is directed towards a system, method, and computer readable storage medium for searchable encryption. A plurality of search terms are extracted from at least a part of a data structure. A keyed-hash value for each search term is calculated and stored in a list. The value of a bit in a predetermined position within each keyed-hash value is examined. If the value of the bit is a first value for α of the keyed-hash values and a second value for α of the keyed-hash values, wherein α is a number greater or equal to two and the first value is different to the second value, then the set of keyed-hash values is split into two lists. Each list is assigned a search token value.