A Software in the Loop (SiL) system and method is disclosed which may include a simulator operable to provide an environment to simulate dynamic systems, enable rapid development, validation of systems, and testing of complex systems. The system and method may include assembling one or more unsecured models operable to simulate the real-world system. The system and method may then encrypt and generate at least one secured model from the one or more unsecured models using a first cryptographic key. The at least one secured model may be decrypted using a sealed decryption key. The decrypted secured model may then be executed within the one or more TEEs. The at least one secured model may be operable to process incoming data and outgoing data.

A computer-implemented method, non-transitory, computer-readable medium, and computer-implemented system are provided for deploying a smart contract in a blockchain network. The computer-implemented method includes: receiving, by a blockchain node in a blockchain network, a transaction for creating a smart contract, wherein the transaction comprises machine codes of the smart contract, and the machine codes of the smart contract are obtained by a compilation service provider performing Ahead of Time (AoT) compilation on bytecodes of the smart contract; determining, by the blockchain node, that the machine codes of the smart contract are obtained by a trusted compilation service provider; and in response to determining that the machine codes of the smart contract are obtained by the trusted compilation service provider, completing, by the blockchain node, a deployment of the smart contract.

Systems and methods for managing provisioning of keys prior to a key rotation are provided. A license server generates a license that is associated with a renewal time. The renewal time is a time that is prior to a key rotation time, and triggers a receiver device to send a renewal request prior to the key rotation time. The renewal time may be a randomized time prior to the key rotation time that differs for different receiver devices. The license is transmitted to the receiver device. The license server then receives a renewal request from the receiver device that is triggered at the renewal time. The license server generates a next license that comprises a next key, whereby the next key is a decryption key for decrypting the encrypted signal after the key rotation time. The next license is transmitted to the receiver device prior to the key rotation time.

Systems and methods for cryptographic key generation at a client and server are disclosed. The client has an array of PUF devices, and the server has an image that PUF. The server sends the client addresses of PUF devices to be measured, and retrieves previously stored responses corresponding to those addresses from its database. The client measures responses at the addresses. Each device hashes the resulting responses, and the server compares the hash received from the client to its own. If the hashes to not match, the server searches for a matching hash be perturbing the measured response bit stream until a match is achieved. The perturbed response bitstream, and the measured response at the client are then salted, and used for key generation.

A firmware update shared key management method using a flash memory includes: a firmware data registration step of receiving, from a manufacturer server, at least one of information of a user device that is a firmware update target, and firmware information and registering the received information as firmware data; a firmware data management step of receiving a request from a firmware update server in which the registered firmware data is stored, and storing and managing the registered firmware data in a specific area of a flash memory included in the user device via a network; a shared key verification execution step of using a shared key to execute verification on a command communicating between the user device including the flash memory and the firmware update server that performs firmware update; and a firmware update execution step of performing firmware update of the user device through the firmware update server only when the encrypted command and the shared key pass the verification.

An electronic device and method are disclosed for managing a non-fungible token (NFT). The electronic device includes: a memory configured to store computer-executable instructions, and a processor. The processor implements the method, including: generating, a NFT for target content in response to receiving a request to register the target content from a first external electronic device, generating, for the NFT, a certification authority (CA) signature indicating that the NFT is generated by the server, and transmitting, via a communication circuitry, the NFT to the first external electronic device, wherein an ownership signature is added to the NFT, together with the CA signature, the ownership signature based on a private key of a user to which ownership of the NFT is assigned.

A device configured to obtain a first graphical code that represents a public encryption key for an organization and to extract the public encryption key for the organization from the first graphical code. The device is further configured to obtain a second graphical code that represents a digital document comprising data and a digital signature that was signed using a private encryption key for the organization. The device is further configured to extract the digital document from the second graphical code and to validate the second graphical code using the public encryption key for the organization. The device is further configured to determine the second graphical code passes validation using the public encryption key for the organization and to store the digital document in a digital document repository.

An electronic device may include at least one wireless communication module configured to transmit and receive a wireless signal; a memory electrically configured to store instructions; and at least one processor operatively connected to the at least one wireless communication module and the memory, the at least one processor being configured to execute the instructions to: based on an attempt to connect to an access point (AP), identify whether a pairwise master key security association (PMKSA) for the AP, generated based on to a previous connection of the electronic device to the AP, is present, and based on identifying that the PMKSA is present, determine whether to reuse a pairwise master key (PMK) stored in the PMKSA by comparing a lifetime of the PMK with a margin time in which a use of the PMK is guaranteed.

A method includes receiving, by a mobility management entity (MME), a redirection request message from an access and mobility management function (AMF) node, where the redirection request message includes key-related information. The method also includes generating, by the MME, an encryption key and an integrity protection key based on the key-related information. The redirection request message is used to request to hand over a voice service from a packet switched (PS) domain to a circuit switched (CS) domain.

A system and method mediate transfer of encrypted data files between local applications and external computer systems. Application containers perform cryptographic operations using stored credentials to decrypt data coming from these external systems and configurably forward them to the local applications, and to encrypt data sent from the local applications to the external systems. Access to this encryption-as-a-service (EaaS) functionality is gated by a fingerprint service that classifies requests by security level, and detects anomalous requests. Security classification is performed by a supervised machine learning algorithm, while anomalous request detection is performed by unsupervised machine learning algorithm. Stored keys are monitored, and when they near expiration or are damaged, embodiments proactively undertake key renewal and key exchange with the external computer systems. Containerization enables key storage in multiple vaults, thereby making such storage vendor-agnostic.