Methods, systems, and media for secure authentication of users using one or more biometric recognition systems are provided. In some embodiments, the method comprises: receiving an indication that a biometric identifier is to be used to authenticate a user to a service; receiving (i) the biometric identifier of the user from a capture device and (ii) knowledge-based secondary information associated with the user from an input device; determining a Voronoi cell identifier that corresponds to the biometric identifier; calculating a hash of the Voronoi cell identifier and the knowledge-based secondary information; transmitting the hash to a server device for verification; in response to transmitting the hash to the server device, receiving a response indicating whether the hash matches a previously stored hash that was stored in the server device; and determining whether to automatically authenticate the user to the service based on the response from the server device.

Disclosed in some examples are methods, systems, devices, and machine-readable mediums that provide for techniques for scrambling and/or updating meta-data that enable an efficient internal copyback operation. In some examples, improved data distribution techniques decouple the scrambling key from a physical address to allow for copyback operations while maintaining data distribution requirements across a memory device. The controller may generate a seed value that is used by a scrambling algorithm to scramble the host-data and meta-data prior to the data being written. The seed value is then encoded and written to the page with encoded versions of the scrambled user data and meta-data—the random seed is written without scrambling the random seed.

Systems and methods are provided for authenticating an identity of a user requesting a resource or service from an entity. In some embodiments, a system may include at least one processor; and a non-transitory medium containing instructions that cause the system to perform operations. The operations may include receiving credential information associated with the remote user, and receiving, from the server associated with the entity, first hash information. The operations may also include generating second hash information based on information associated with the user, comparing the first hash information with the second hash information, and transmitting an indication based on the comparison to the server associated with the entity.

Apparatus and methods for presentation of key frames. In one embodiment, an encoded video file is generated where one or more bits are assigned to key frames and minimizes the number of bits assigned to delta frames. Each key frame may be presented to a user during trick mode operation (e.g., fast forward, rewind, pause, or random seek operation). When the encoded video file is given to a packager, the packager generates a manifest file listing the byte information (byte offset and number of bytes) for each key frame in the encoded video file. When a user inputs a trick play mode command, the packager provides the manifest file to the client device of the user and the client device requests the bytes for the key frames of the video file from the content delivery network.

A method includes receiving, in a data storage device, a request from a client computer for a portion of ciphertext stored in the data storage device, and providing, by a controller of the data storage device, the portion of the ciphertext to the client computer. The method also includes receiving, in the data storage device, an update token generated by the client computer from the portion of the ciphertext. The method further includes performing, by the controller of the data storage device, re-encryption of the ciphertext using the update token.

A shard distribution apparatus and method are disclosed. The shard distribution apparatus can include a trust calculation unit configured to obtain a trust value for each of a multiple number of nodes in a blockchain network by receiving a consensus result from each of the multiple nodes, where the consensus result may be obtained by aggregating the result of verifying the validity of a block by each of the multiple nodes and the results of verifying the validity of the block received from other nodes; and a shard distribution unit configured to distribute the multiple nodes to a multiple number of shards by calculating a shard trust value, which is represented by a sum of trust values of nodes distributed to each of the multiple shards, and distributing the multiple nodes such that deviations of the calculated shard trust values are the smallest.

One example method, which may be performed in connection with an object store, includes receiving a key of a key-value pair, correlating the key to a location in a base of a Merkle tree, inserting the key at the location, hashing the value associated with the key to produce a data hash, and inserting the data hash in the Merkle tree. The Merkle tree may then be checked for consistency, and synchronized with another Merkle tree. The Merkle tree may be of a fixed size, and insertion of the key in the Merkle tree does not change the location of any keys existing in the Merkle tree prior to insertion of the new key.

In one embodiment, an encoded pointer is constructed from a stack pointer that includes offset. The encoded pointer includes the offset value and ciphertext that is based on encrypting a portion of a decorated pointer that includes a maximum offset value. Stack data is encrypted based on the encoded pointer, and the encoded pointer is stored in a stack pointer register of a processor. To access memory, a decoded pointer is constructed based on decrypting the ciphertext of the encoded pointer and the offset value. Encrypted stack data is accessed based on the decoded pointer, and the encrypted stack is decrypted based on the encoded pointer.

Aspects of the invention include a computer-implemented method of executing a hybrid quantum safe key exchange system. The computer-implemented method includes initially retrieving an authenticated random value from a trusted source, generating a first Z value using a first elliptic curve (EC) private key and a first certified form of an EC public key with an EC Diffie-Hellman (ECDH) algorithm, deriving a shared key using the authenticated random value and the first Z value with a key derivation function, decrypting the authenticated random value using a quantum safe algorithm (QSA) private key, generating a second Z value using a second EC private key and a second certified form of the EC public key with the ECDH algorithm and deriving the shared key using the authenticated random value and the second Z value with the key derivation function.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.