A method is provided for preparing a plurality of distributed nodes to perform a protocol to establish a consensus on an order of received requests. The plurality of distributed nodes includes a plurality of active nodes, the plurality of active nodes including a primary node, each of the plurality of distributed nodes including a processor and computer readable media. The method includes preparing a set of random numbers, each being a share of an initial secret. Each share of the initial secret corresponds to one of the plurality of active nodes. The method further includes encrypting each respective share of the initial secret, binding the initial secret to a last counter value to provide a commitment and a signature for the last counter value, and generating shares of a second and of a plurality of subsequent additional secrets by iteratively applying a hash function to shares of each preceding secret.

A method is provided for preparing a plurality of distributed nodes to perform a protocol to establish a consensus on an order of received requests. The plurality of distributed nodes includes a plurality of active nodes, the plurality of active nodes including a primary node, each of the plurality of distributed nodes including a processor and computer readable media. The method includes preparing a set of random numbers, each being a share of an initial secret. Each share of the initial secret corresponds to one of the plurality of active nodes. The method further includes encrypting each respective share of the initial secret, binding the initial secret to a last counter value to provide a commitment and a signature for the last counter value, and generating shares of a second and of a plurality of subsequent additional secrets by iteratively applying a hash function to shares of each preceding secret.

The invention relates to a platform and a method of connecting a blockchain engine to a traditional database. The platform according to the invention is implemented in the form of a network of nodes, said network of nodes being divided into at least two subnets: a security subnet and a data subnet, all nodes in the security subnet containing information on security keys user licenses, operating licenses, access policies, and other information related to the licensing, authentication, and authorization mechanism of users accessing the platform, and where nodes in at least one data subnet comprise a software component that uses a network computer, an API communication interface that allows interaction with the computer network and retrieval of information to be saved in the storage system, a GraphQL data query interface, a data processing engine, a blockchain engine, a connection interface between the data processing and blockchain engine, and a database.

Aspects of the invention include receiving a request from an initiator channel on an initiator node to initiate a secure communication with a responder channel on a responder node. The receiving is at a local key manager (LKM) executing on the initiator node. A security association is created at the LKM between the initiator node and the responder node. An identifier of a shared key assigned for communication between the initiator node and the responder node is obtained, and a message requesting initialization of the secure communication between the initiator channel and the responder channel is built. The message includes the identifier of the shared key. The message is sent to the initiator channel.

The present disclosure relates to a method, apparatus, and computer program for setting an encryption key in a wireless communication system; and a recording medium for same. According to one embodiment of the present disclosure, a method for setting an encryption key size in a wireless communication system may comprise: a step in which a first controller of a first device receives a first message containing information on a minimum value of a first encryption key size from a first host of the first device; and a step in which the first controller transmits, to the first host, a second message indicating an encryption change. The second message may contain information on the first encryption key size.

Systems and methods for providing encryption and decryption involving texture warping, comprising: obtaining a visual input; obtaining a private key; generating an encrypted visual representation (visual representation A) based on the private key and the visual input; determining at least one 3D object configured so that the private key is derivable when the visual representation A is mapped to a digital model of the at least one 3D object; transmitting the visual representation A to a second computing device associated with a second user; transmitting a representation of the digital model of the at least one 3D model to the second computing device; and instructing the second computing device so that the second computing device is configured to map the visual representation A to the digital model generated based on the representation of the digital model of the at least one 3D model to extract the private key.

A data storage device comprising a data path and an access controller, wherein: the data path comprises: a data port configured to transmit data between a host computer system and the data storage device, wherein the data storage device is configured to register with the host computer system as a block data storage device; a non-volatile storage medium configured to store user content data; and the access controller is configured to: repeatedly and automatically generate a dynamically changing unlock passcode for unlocking the data storage device; receive a first passcode including, at least, an input passcode provided by a user device external to the data storage device, wherein the input passcode is generated externally to the data storage device and synchronously with the generation of the unlock passcode by the access controller; and provide access to the user content data via the data port in response to the first passcode matching with a second passcode generated by the access controller, wherein the second passcode includes at least the unlock passcode.

Techniques for server control of client authorization proof of possession are described herein. In various embodiments, a first server provisions client authorization proof of possession for a client device a real-world time, a client public key, and a client private key. The first server generates provisioning response message(s) including the client public key, the client private key, the real-world time, and/or an assertion object, and sends the message(s) to the client device. In various embodiments, a client device obtains an authorization proof token generated based on a client public key, a client private key, and a real-world time provisioned by a first server. The client device generates a request and sends the request to a second server, the request includes the authorization proof token and an assertion object from the first server signed by a server private key and an expiration time and a reference to the client public key.

Techniques for server control of client authorization proof of possession are described herein. In various embodiments, a first server provisions client authorization proof of possession for a client device a real-world time, a client public key, and a client private key. The first server generates provisioning response message(s) including the client public key, the client private key, the real-world time, and/or an assertion object, and sends the message(s) to the client device. In various embodiments, a client device obtains an authorization proof token generated based on a client public key, a client private key, and a real-world time provisioned by a first server. The client device generates a request and sends the request to a second server, the request includes the authorization proof token and an assertion object from the first server signed by a server private key and an expiration time and a reference to the client public key.

A computer implemented method for managing large and sensitive data in a blockchain includes determining a master block store node from a plurality of block store nodes to add large and sensitive data to the blockchain after validation, and generating a block including the large and sensitive data that is validated and its metadata. If the block store nodes, a plurality of block verifier nodes and a plurality of block backup nodes of the blockchain are in synchronization, the method adds, using the master block store node, the block to its chain and generates a synchronization request to the block store nodes, the block verifier nodes and the block backup nodes of the blockchain. Based on assigned roles, the method performs enabling the block store nodes to store the block, enabling the block verifier nodes to store only the metadata, and enabling the block backup nodes to store the block.