A processing service of a provider network may protect media content from being tampered with when it is transmitted from the provider network/transcoder to untrusted networks (e.g., third-party networks/CDNs) and to a media player. The processing service (e.g., the transcoder) generates a public and a private key. The service uses the private key to digitally sign content portions (e.g., video frames) before distribution to untrusted CDNs. The provider network creates a manifest that includes the public key. To play the media content, the media player obtains a manifest that includes the public key (via a secure/trusted connection with the provider network). The media player may then obtain the media content from an untrusted edge server/CDN and validate it using the public key that was separately obtained from the manifest (to verify the content was not tampered with).

A virtual hardware security module (“HSM”) is used to perform cryptographic operations. The virtual HSM may provision and coordinate requests between one or more HSMs within a fleet of HSMs. A set of cryptographic keys and/or digital certificates may be exchanged between a client and the virtual HSM such that the client and the virtual HSM may communicate with each other via a cryptographically protected communication session. The fleet of HSMs of a virtual HSM may be scaled up or scaled down according to various criteria. Cryptographic key material may be propagated between HSMs of the fleet using a fleet transfer key. Digital certificates may be used to demonstrate that one or more cryptographic keys were generated by a service provider and/or manufacturer.

Data security using randomized features, provides improved protection of user data, within a cloud infrastructure. Files received are broken apart into data blocks then randomly written into storage locations that are recorded in sequence into a key comprising an array of pointers. Data blocks may be randomly sized between maximum and minimum parameters. Storage locations may first be tested to prevent unwanted overwrites of preexisting data, undersized locations may receive a partial write, plus a pointer to an overflow location into which the remainder of data is written. Randomized data storage is separate and isolated from pointers based key storage via separate communication channels, and separate storage infrastructures. Download speeds may be boosted via parallel processing of data blocks out of storage and into reassembly according to the pointers key sequence. Re-assembled files may be worked upon then saved back into the cloud infrastructure.

The present disclosure provides in various aspects an encryption device (100), a communication system and a method of exchanging encrypted data in such a network. In accordance with some illustrative embodiments of an aspect, the encryption device (100) comprises a communication interface (110), a variable key generator (120) configured to generate at least two keys, a memory (130) configured to store keys that are either generated by the variable key generator (120) and/or received at the communication interface (110), and an encryption/decryption component (140) configured to successively use keys stored in the memory (130) for encrypting a plaintext received at the communication interface (110) and for decrypting a ciphertext received at the communication interface (110), wherein the communication interface (110) is configured to communicate with an associated separate communication device which is used by a user of the encryption device (100) for communicating in a communication network.

Various embodiments comprise systems, methods, architectures, mechanisms or apparatus for wireless secret communication with a device.

A system for quantum key synchronization within a server-cluster is provided. The system may include a plurality of silicon-based servers encapsulated in quantum cases. Each quantum case may include a quantum tunneling transmitter module, a quantum random number generator and a quantum entanglement module. The quantum cases may communicate with each other via the quantum tunneling transmitter module or any other suitable manner. The quantum cases may only communicate with cases with which they are entangled. Therefore, in the event of a compromise on one of the servers, the quantum entanglement module, included in the case that encapsulates the compromised server, may become disentangled, and therefore not be able to communicate with the other servers included in the cluster using an internal communications protocol.

A system for quantum key synchronization within a server-cluster is provided. The system may include a plurality of silicon-based servers encapsulated in quantum cases. Each quantum case may include a quantum tunneling transmitter module, a quantum random number generator and a quantum entanglement module. The quantum cases may communicate with each other via the quantum tunneling transmitter module or any other suitable manner. The quantum cases may only communicate with cases with which they are entangled. Therefore, in the event of a compromise on one of the servers, the quantum entanglement module, included in the case that encapsulates the compromised server, may become disentangled, and therefore not be able to communicate with the other servers included in the cluster using an internal communications protocol.

This document includes techniques, apparatuses, and systems related to an interface for revision-limited memory, which can improve various computing aspects and performance. In aspects, confidentiality, integrity, and availability may be ensured while increasing the performance of revision-limited memory. In this example, the techniques also enable the digital computing device to interact with information related to the revision-limited memory.

A method of generating a verification code includes generating a plurality of first photons and a plurality of second photons that are entangled in a first basis, which is time, and entangled in a second basis comprising a first and second state. The plurality of first photons are provided to a first device where the arrival time and an associated first or second state of the plurality of first photons are measured. An ordered list of the measured time of arrival of the plurality of first photons are generated at the first device. The plurality of second photons are provided to a second device. A time of arrival and an associated first or second state of the plurality of second photons are measured at the second device. An ordered list of the measured time of arrival of the plurality of second photons are generated at the second device. The ordered list of the time of arrival of the plurality of first photons and the ordered list of the measured time of arrival of the plurality of second photons are processed to determine time-of-arrival matches between the ordered list of the time of arrival of the plurality of first photons and the ordered list of the measured time of arrival of the plurality of second photons. The first or second state values associated with the time-of-arrival matches is determined. A verification code with at least some of the determined first or second state values associated with the time-of-arrival matches is generated.

Embodiments are directed to elliptic curve cryptography scalar multiplications in a generic field with heavy pipelining between field operations. A bit width is determined of operands in data to be processed by a modular hardware block. It is checked whether the bit width of the operands matches a fixed bit width of the modular hardware block. In response to there being a match, the modular hardware block processes the operands. In response to there being a mismatch, the operands are modified to be accommodated by the fixed bit width of the modular hardware block.