Various examples are provided related to software and hardware architectures that enable a lightweight incremental encryption scheme that is implemented on a System-on-chip (SoC) resource such as a network interface. In one example, among others, a method for incremental encryption includes obtaining, by a network interface (NI) of a sender intellectual property (IP) core in a network-on-chip (NoC) based system-on-chip (SoC) architecture, a payload for communication to a receiver intellectual property (IP) core; identifying, by the NI, one or more different blocks between the payload and a payload of a previous packet communicated between the sender IP core and the receiver IP core; and encrypting, by the NI, the one or more different blocks to create encrypted blocks of an encrypted payload.

Systems and methods for cryptographic key generation at a client and server are disclosed. The client has an array of PUF devices, and the server has an image that PUF. The server sends the client addresses of PUF devices to be measured, and retrieves previously stored responses corresponding to those addresses from its database. The client measures responses at the addresses. Each device hashes the resulting responses, and the server compares the hash received from the client to its own. If the hashes to not match, the server searches for a matching hash be perturbing the measured response bit stream until a match is achieved. The perturbed response bitstream, and the measured response at the client are then salted, and used for key generation.

A computing device having a tightly attached or closely attached hardware accelerator directly coupled with one or more processors for efficient uses of the hardware accelerator for executing specific functions are described. According to an embodiment, the hardware accelerator is instantiated inside the main processor unit and interfaces to a load-store unit (LS) using virtual addresses. The hardware accelerator instantiated inside the main processing unit (e.g., core) is referred to as a tightly attached hardware accelerator. In an alternative embodiment, the hardware accelerator is instantiated inside a cluster of processor cores. The hardware accelerator that is instantiated inside the cluster of processor cores but not inside a specific processor core is referred to as a closely attached hardware accelerator.

In one example an apparatus comprises accelerator logic to pre-compute at least a portion of a message representative, hash logic to generate the message representative based on an input message, and signature logic to generate a signature to be transmitted in association with the message representative, the signature logic to apply a hash-based signature scheme to a private key to generate the signature comprising a public key, and determine whether the message representative satisfies a target threshold allocation of computational costs between a cost to generate the signature and a cost to verify the signature. Other examples may be described.

A computer-based method is provided for managing a transaction including provision of a process intelligence engine comprising a workflow aligner and process tool box, receiving deal parameters at the process intelligence engine, defining transaction subjects, each requiring the participation of at least one network partner, where each transaction subject is a requirement for achieving the objective of the transaction, defining, for each transaction subject, a plurality of subject goals to be addressed by a network partner, and defining, for each subject goal at least one action item required for satisfying the subject goal. The subject goals are then sequenced by the workflow aligner by defining prerequisites for at least one subject goal and transaction modules are defined based on the sequencing. During execution of a deal using the method, subject goals are not made available until prerequisite subject goals have been completed.

Systems and methods are disclosed with respect to using a blockchain for managing the subrogation claim process related to a vehicle collision, in particular, utilizing evidence oracles as part of the subrogation process. An exemplary embodiment includes receiving recorded data from one or more connected devices at a geographic location; analyzing the recorded data, wherein analyzing the recorded data includes determining that an collision has occurred involving one or more vehicles; generating a transaction including the data indicative of the collision based upon the analysis; and transmitting the transaction to at least one other participant in the distributed ledger network.

A computer program product includes a non-volatile computer readable medium and non-transitory program instructions embodied therein, the program instructions being configured to be executable by a processor to cause the processor to perform various operations. The operations may include obtaining first encoded data that encodes information of a first party, obtaining second encoded data that encodes information of a second party, performing a forward mashup algorithm on the first encoded data and second encoded data to form a third data set, and providing the third data set to the first party as a mashup two-dimensional barcode.

A computer program product includes a non-volatile computer readable medium and non-transitory program instructions embodied therein, the program instructions being configured to be executable by a processor to cause the processor to perform various operations. The operations may include obtaining first encoded data that encodes information of a first party, obtaining second encoded data that encodes information of a second party, performing a forward mashup algorithm on the first encoded data and second encoded data to form a third data set, and providing the third data set to the first party as a mashup two-dimensional barcode.

A system for data protection includes a first computing device comprising a security module; and a storage device coupled to the first computing device via a network interface. The security module comprises at least one of Software Root of Trust (SRoT) and Hardware Root of Trust (HRoT). The security module is further configured to: establish a trust channel between the first computing device and the storage device or storage service; monitor the first computing device and the storage device; create and enforce multi-dimensional data access control by tightly binding data access and permissions to authorized computing devices, users, applications, system services, networks, locations, and access time windows; and take over control of the storage device or storage service in response to a security risk to the system.

A method for establishing a fully private, information secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n, k) secret sharing. Further, defining for at least one node vi a directed edge (Vi1, Vi2) that has a k−1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.