Techniques for securely controlling multiple lighting devices simultaneously with a lighting control device are disclosed. Command messages may be transmitted from the lighting control device to multiple lighting devices over a computer network without routing through a remote cloud service. The messages may be encrypted and may include an incremented sequence number. Lighting devices that receive a command message may compare the incremented sequence number to a previously stored sequence number corresponding to the lighting control device. If the incremented sequence number is greater than the stored sequence number, then a lighting device may determine the message was transmitted by an authorized lighting control device and may implement any command instruction included therein. If the incremented sequence number is equal to or less than the stored sequence number, then the lighting device may determine the command message was transmitted by a malicious source and may ignore the command message.

In general, one innovative aspect of the subject matter described in this specification may be embodied in methods that may include validating user data pages extracted from a digital identification in circumstances where a user device that includes the digital identification is either unavailable or presently lacks network connectivity. For instance, an authorized device may be used to extract user data pages from the digital identification by either exchanging communications with the user device using a proximity-based data exchange protocol, or by using a physical identification card to identify the digital identification on a user record. The user data pages may then be validated by comparing checksums associated with user data pages against the checksums within the user record, and decrypting the user data pages using a decryption key that is variably designated by a security status assigned to the digital identification.

Embodiments herein provide a method and system for continuously validating a user during an established authenticated session using Photoplethysmogram (PPG) and accelerometer data. State of the art approaches are mostly based on feature extraction and ML modelling for PPG based continuous session validation, while a template based approach in the art follows a complicated approach. The method disclosed herein utilizes less computation intensive template based approach to continuously validate the user across the session. The method comprises preprocessing a PPG data or PPG signal acquired from a wearable device worn by the user to identify segments of negligible motion. A first segment, after authentication using conventional authentication mechanism, serves as the initial reference. The chosen segments are then tested one by one with respect to the reference. If the templates in a segment match those of the reference, it is updated as the new reference, else a re-authentication is triggered.

Techniques for computer security, and more specifically timestamp-based key generation techniques, are described. Some implementations provide a table of key generation processes that is shared as a secret between a first computing system and a second computing system, both of which have synchronized clocks. Both computing systems use the same technique for selecting a key generation process from the table, such as based on a random number generator seeded with a timestamp. Since the computing systems have synchronized clocks, they both select and use the same key generation process, thereby generating the same encryption key without the need to communicate the key from one system to another. Furthermore, both computing systems may synchronize their clocks to a private time server that maintains a clock that runs faster or slower than standard time. Security is maintained by one or more of restricting access to the time server, using secret key generation processes, and/or using a secret random number generator.

Provided are embodiments for performing encryption and decryption. Embodiments include generating a random key address, obtaining a pre-stored key using the random key address, and re-arranging portions of the pre-stored key using the random key address and a first enable signal. Embodiments also include selecting a dynamic logic operation based on the random key address and a second enable signal, receiving data for encryption, and combining portions of the received data for encryption with the re-arranged portions of the pre-stored key using the dynamic logic operation to produce encrypted data. Embodiments include re-arranging portions of the encrypted data based on the random key address and a third enable signal, and combining the re-arranged portions of the encrypted data with the random key address into an encrypted data packet for transmission. Also provided are embodiments for a transmitter and receiver for performing the encryption and decryption.

Provided are embodiments for performing encryption and decryption. Embodiments include generating a random key address, obtaining a pre-stored key using the random key address, and re-arranging portions of the pre-stored key using the random key address and a first enable signal. Embodiments also include selecting a dynamic logic operation based on the random key address and a second enable signal, receiving data for encryption, and combining portions of the received data for encryption with the re-arranged portions of the pre-stored key using the dynamic logic operation to produce encrypted data. Embodiments include re-arranging portions of the encrypted data based on the random key address and a third enable signal, and combining the re-arranged portions of the encrypted data with the random key address into an encrypted data packet for transmission. Also provided are embodiments for a transmitter and receiver for performing the encryption and decryption.

A service communication method, system, apparatus, electronic device, computer-readable storage medium, and computer program product; the method includes: receiving an authentication request sent by a service access process, performing synchronous verification processing on the service access process, and performing asynchronous verification processing on the service access process; determining service key information allocated for the service access process according to a synchronous verification processing result of the service access process, sending the service key information to the service access process to perform encrypted service communication with the service access process based on the service key information, and controlling a communication connection used for bearing the encrypted service communication with the service access process according to an asynchronous verification processing result of the service access process.

Sequences to synchronize devices and related methods are disclosed herein including an access address generator to cryptographically generate a first bit sequence, an access address selector to read a first portion of the first bit sequence and read a second portion of the first bit sequence, the second portion different than the first portion, an access address analyzer to identify a first access address from a first section of the first portion based on a first criteria, the first criteria a function of a first autocorrelation function and identify a second access address from a second section of the second portion based on a second criteria, the second criteria a function of a second autocorrelation function.

A quantum key distribution device is provided with an encoding unit which encodes an optical pulse train; an intensity modulating unit which subjects the encoded optical pulse train to N (where N is an integer at least equal to 3) types of intensity modulation having mutually different intensities, with different timings; and a first key distillation processing unit which generates an encryption key on the basis of a data sequence obtained by removing data obtained from an optical pulse having a specific modulation pattern from a data sequence used by the encoding unit and the intensity modulating unit.

A quantum key distribution device is provided with an encoding unit which encodes an optical pulse train; an intensity modulating unit which subjects the encoded optical pulse train to N (where N is an integer at least equal to 3) types of intensity modulation having mutually different intensities, with different timings; and a first key distillation processing unit which generates an encryption key on the basis of a data sequence obtained by removing data obtained from an optical pulse having a specific modulation pattern from a data sequence used by the encoding unit and the intensity modulating unit.