The present description relates to systems and techniques for allowing a third party verifier to verify aspects of secured data, or successful communication thereof. For example, a message or other data may be associated with a shared manifest that describes aspects of some data but does not reveal or expose the data. As a result, the data may be kept private while selective privacy and verification with respect to the data is achieved by the inclusion of only selected aspects of said data in the shared manifest.

A device may include a processor configured to select a quantum key distribution transmission; identify an optical fiber path via which the quantum key distribution transmission is to be performed; determine one or more values for at least one transmission parameter for the identified optical fiber path; and select a pulse script for the optical fiber path based on the determined one or more values for the at least one transmission parameter. The processor may be further configured to perform the quantum key distribution transmission via the identified optical fiber path using the selected pulse script.

The present technology discloses methods and systems for receiving a security profile request from an integrity verifier, the request including a nonce; requesting, from a trusted platform module, a new nonce, wherein the new nonce is generated at least in part by the nonce and a current timestamp from a clock in the trusted platform module; receiving, from the trusted platform module, the new nonce; requesting, from a cryptoprocessor, a set of platform configuration registers; receiving, from the cryptoprocessor, the set of platform configuration registers; and sending a response to the integrity verifier, the response including the new nonce and the set of platform configuration registers to verify a security status of the trusted platform module and the cryptoprocessor.

A free-space optical communication system includes a transmitter and a receiver, the transmitter being configured to transmit an encrypted message to the receiver at the mid-infrared domain, the transmitter comprising a master mid-infrared optical source configured to generate a mid-infrared signal and a chaos generator configured to generate a chaotic signal by applying external optical feedback to the master mid-infrared optical source, the transmitter being configured to determine an encrypted message from an original message by applying a message encryption technique to the original message and to send the encrypted message to the receiver through an optical isolator, the receiver comprising a slave mid-infrared optical source similar to the master mid-infrared optical source the slave mid-infrared optical source being configured to recover the chaotic signal from the encrypted message by applying chaos synchronization, the receiver further comprising a first detector configured to detect the encrypted message, a second detector configured to detect the chaotic signal, and a message recovery unit configured to recover the original message from the encrypted message detected by the first detector and the chaotic signal detected by the second detector.

Timely and optimal user completion of pre-staged transactions is implemented by ultra-wideband (UWB) enabled devices at UWB-enabled ATMs. ATM information, transaction scheduling and user prioritization, transaction notifications, and/or haptic-feedback reminders are provided based on one or more real-time and/or predicted geographical locations and proximities, ATM-specific queue wait times, preference scores, historical usage, ATM resources, and/or other relevant data or preferences.

Systems and methods for scalable biometric authentication are disclosed. In one embodiment, a method for scalable biometric authentication may include: (1) receiving, by a biometric authentication computer program executed by a computer processor, a transaction request for a transaction comprising a received biometric; (2) identifying, by the biometric authentication computer program, a subset of likely customers from a set of customers for the transaction; (3) retrieving, by the biometric authentication computer program, stored biometrics for the subset of customers; (4) identifying, by the biometric authentication computer program, one of the stored biometrics for the subset of customers that matches the received biometric; and (5) retrieving, by the biometric authentication computer program, a stored payment method for the identified stored biometric.

A method for gesture-based multi-factor authentication includes mapping a gesture password to a first substitution string, generating a cryptographic key using the first substitution string as an input to a password authenticated key exchange protocol, encrypting a challenge response with the cryptographic key to generate an encrypted challenge response, and transmitting, to a relying party computing system, a first authentication message comprising the encrypted challenge response and a user identifier identifying a user.

Systems and methods for attesting an enclave in a network. A method includes receiving, by a first device, proof information from an application provider entity that the enclave is secure, wherein the proof information includes a public part, Ga, of information used by the enclave to derive a Diffie-Hellman key in a key generation process with the application provider entity, processing, by the first device, the proof information to verify that the enclave is secure and ensuring that Ga is authentic and/or valid, deriving, by the first device, a new Diffie-Hellman key, based on Ga and x, wherein x is a private part of information used by the first device to derive the new Diffie-Hellman key, and sending, by the first device, a message including Ga and a public part, Gx, of the information used by the first device to derive the new Diffie-Hellman key to the enclave.

Systems, apparatuses, methods, and computer program products are disclosed for post-quantum cryptography (PQC). An example method includes transmitting a first portion of an electronic communication to a client device over a non-PQC communications channel. The example method further includes transmitting a second portion of the electronic communication to the client device over a PQC communications channel. In some instances, the first portion of the electronic communication may comprise overhead data, and the second portion of the electronic communication may comprise payload data.

Various examples are provided related to software and hardware architectures that enable a lightweight incremental encryption scheme that is implemented on a System-on-chip (SoC) resource such as a network interface. In one example, among others, a method for incremental encryption includes obtaining, by a network interface (NI) of a sender intellectual property (IP) core in a network-on-chip (NoC) based system-on-chip (SoC) architecture, a payload for communication to a receiver intellectual property (IP) core; identifying, by the NI, one or more different blocks between the payload and a payload of a previous packet communicated between the sender IP core and the receiver IP core; and encrypting, by the NI, the one or more different blocks to create encrypted blocks of an encrypted payload.