Systems and method are provided for determining a reliability of a physically unclonable function (PUF) cell of a device. A first signal is provided to a first branch of a PUF cell and a second signal is provided to a second branch of the PUF cell, the first and second signals being provided in synchronization. A base PUF cell value is determined based on an output of the PUF cell produced by the first signal and the second signal. A third signal is provided to the first branch and a fourth signal is provided to the second branch, the third signal and fourth signal being provided out of synchronization. A stressed PUF cell value is determined based on an output of the PUF cell produced by the third signal and the fourth signal. The PUF cell is determined to be unusable based on a difference between the PUF cell value and the stressed PUF cell value.

Systems and method are provided for determining a reliability of a physically unclonable function (PUF) cell of a device. A first signal is provided to a first branch of a PUF cell and a second signal is provided to a second branch of the PUF cell, the first and second signals being provided in synchronization. A base PUF cell value is determined based on an output of the PUF cell produced by the first signal and the second signal. A third signal is provided to the first branch and a fourth signal is provided to the second branch, the third signal and fourth signal being provided out of synchronization. A stressed PUF cell value is determined based on an output of the PUF cell produced by the third signal and the fourth signal. The PUF cell is determined to be unusable based on a difference between the PUF cell value and the stressed PUF cell value.

Implementations of this specification include receiving a synchronization request from a light-weight node of the blockchain network including an identity of the light-weight node; identifying one or more permissions associated with the identity of the light-weight node; determining an original world state structure associated with the block height and including a plurality of account records; identifying based on the one or more permissions, a subset of the plurality of account records that are authorized for access by the light-weight node; generating an isolated world state structure based on the original world state data structure including only the subset of the plurality of account records that are authorized for access by the light-weight node; sending a response to the light-weight node that includes the isolated world state data structure.

Embodiments provide a system and method for stateless session synchronization between inspectors for high availability deployments. Man in the Middle inspectors of a communication session between a client and server exchange a shared key that is used as a common seed value in a mapping function algorithm. Each inspector generates identical key-pairs using the common mapping function algorithm, and the inspectors generate the session keys from the key-pairs. Inspectors use the session keys to decrypt and either actively or passively inspect data transferred in a session between a client and server.

Embodiments provide a system and method for stateless session synchronization between inspectors for high availability deployments. Man in the Middle inspectors of a communication session between a client and server exchange a shared key that is used as a common seed value in a mapping function algorithm. Each inspector generates identical key-pairs using the common mapping function algorithm, and the inspectors generate the session keys from the key-pairs. Inspectors use the session keys to decrypt and either actively or passively inspect data transferred in a session between a client and server.

A logic circuitry package for a replaceable print apparatus component comprises an interface to communicate with a print apparatus logic circuit, and at least one logic circuit. The logic circuit may be configured to identify, from a command stream received from the print apparatus, parameters including a class parameter, and/or identify, from the command stream, a read request, and output, via the interface, a count value in response to a read request, the count value based on identified received parameters.

A quantum communications system includes a communications system that operates with a quantum key distribution (QKD) system, which includes a transmitter node, a receiver node, and a quantum communications channel coupling the transmitter node and receiver node. The transmitter node may be configured to transmit to the receiver node a bit stream of optical pulses, and switch between first and second QKD protocols based upon at least one channel condition.

A quantum communications system includes a communications system that operates with a quantum key distribution (QKD) system, which includes a transmitter node, a receiver node, and a quantum communications channel coupling the transmitter node and receiver node. The transmitter node may be configured to transmit to the receiver node a bit stream of optical pulses, and switch between first and second QKD protocols based upon at least one channel condition.

Methods and apparatus for detecting and handling evil twin access points (APs). The method and apparatus employ trusted beacons including security tokens that are broadcast by trusted APs. An Evil twin AP masquerades as a trusted AP by broadcasting beacons having the same SSID as the trusted AP, as well as other header field and information elements IE in the beacon frame body containing identical information. A sniffer on the trusted AP or in another AP that is part of a Trusted Wireless Environment (TWE) receives the beacons broadcasts by other APs in the TWE including potential evil twin APs. The content in the header and one or more IEs in received beacons are examined to determine whether a beacon is being broadcast by an evil twin. Detection of the evil twin are made by one of more of differences in MAC addresses of trusted and untrusted beacons, time jitter measurements and replay detection using timestamps in the beacons, detection of missing security tokens in untrusted beacons and detection that a security token that is mimicked by an evil twin is invalid. In one aspect, the security token is stored in a vendor-specific IE in trusted beacons that is generated by employing a secret key using a cryptographic operation operating on data in the beacon prior to the vendor-specific IE.

Encryption-based data access management may include a variety of processes. In one example, a device may transmit a user authentication request for decrypting encrypted data to a data storage server storing the encrypted data. The computing device may then receive a validation token associated with the user's authentication request, the validation token indicating that the user is authenticated to a domain. Subsequently, the computing device may transmit the validation token to a first key server different from the data storage server. Then, in response to transmitting the validation token the computing device may receive, from the first key server, a key required for decrypting the encrypted data. The device may then decrypt at least a portion of the encrypted data using the key.