A mesh network system suitable for connection to a cloud server is provided. The system includes: a first node device, configured to store a first private key and encrypt to-be-verified data according to the first private key to generate first encrypted data; and a second node device, configured to receive the first encrypted data and send the first encrypted data to the cloud server. After sending the first encrypted data, the second node device obtains, from the cloud server, second encrypted data generated by encrypting a first key according to the first public key. The second node device sends the second encrypted data to the first node device. The first node device decrypts the second encrypted data according to the first private key to obtain the first key from the second encrypted data, and performs encrypted communication with the cloud server according to the first key.

A mesh network system suitable for connection to a cloud server is provided. The system includes: a first node device, configured to store a first private key and encrypt to-be-verified data according to the first private key to generate first encrypted data; and a second node device, configured to receive the first encrypted data and send the first encrypted data to the cloud server. After sending the first encrypted data, the second node device obtains, from the cloud server, second encrypted data generated by encrypting a first key according to the first public key. The second node device sends the second encrypted data to the first node device. The first node device decrypts the second encrypted data according to the first private key to obtain the first key from the second encrypted data, and performs encrypted communication with the cloud server according to the first key.

A method of operating a storage means, wherein for writing and storing a storage item to the storage means the storage item to be written and stored—in particular by using the concept and theory of identification—is provided, a encoding process by means of randomization is applied to the storage item to generate and to provide a randomized encoded storage item, and the randomized encoded storage item is written and stored to the storage means. At least a first randomization process is underlying the encoding process and is a randomization process dedicated and assigned to the underlying storage means. The present disclosure further refers to a unit for operating a storage means, to a storage means and to a system for processing data. By having two randomization processes underlying the encoding process, a distinction can be made between a secrecy insuring and secrecy non-ensuring randomization processes.

Embodiments of this application provide a hybrid-cloud data storage method and apparatus, a related device, and a cloud system. The data storage method includes: obtaining, by a gateway of a private cloud, to-be-stored data; determining partial data to be encrypted in the to-be-stored data, to obtain first target data; obtaining a first ciphertext obtained after the first target data is encrypted, the first target data being encrypted according to a first key provided by an encryption chip connected to the gateway; generating second target data including the first ciphertext according to the first ciphertext; generating a data slice corresponding to the second target data according to the second target data; and transmitting the data slice corresponding to the second target data to a public cloud for storage.

Embodiments of this application provide a hybrid-cloud data storage method and apparatus, a related device, and a cloud system. The data storage method includes: obtaining, by a gateway of a private cloud, to-be-stored data; determining partial data to be encrypted in the to-be-stored data, to obtain first target data; obtaining a first ciphertext obtained after the first target data is encrypted, the first target data being encrypted according to a first key provided by an encryption chip connected to the gateway; generating second target data including the first ciphertext according to the first ciphertext; generating a data slice corresponding to the second target data according to the second target data; and transmitting the data slice corresponding to the second target data to a public cloud for storage.

Systems and methods are provided for object identifier translation using a key pairs platform in a virtualized or cloud-based computing system. A key pair refers to a pair of identifiers held by an entity. Each key pair includes at least one anonymized object identifier. Advantageously, the key pair system protects privacy and provides anonymity for objects by not disclosing the identity of the objects or the underlying data associated with the objects.

Systems and methods are provided for object identifier translation using a key pairs platform in a virtualized or cloud-based computing system. A key pair refers to a pair of identifiers held by an entity. Each key pair includes at least one anonymized object identifier. Advantageously, the key pair system protects privacy and provides anonymity for objects by not disclosing the identity of the objects or the underlying data associated with the objects.

Systems, apparatuses, methods, and computer program products are disclosed for post-quantum cryptography (PQC). An example method includes transmitting a first portion of an electronic communication to a client device over a non-PQC communications channel. The example method further includes transmitting a second portion of the electronic communication to the client device over a PQC communications channel. In some instances, the first portion of the electronic communication may comprise overhead data, and the second portion of the electronic communication may comprise payload data.

Systems and methods for the generation and use of session keys supporting secure communications between a client and server device are disclosed. The client device has or receives a password, which it hashes a predetermined first number of times. The hashed password is sent as a message digest to a server. The server applies the hashed password to a an array of PUF devices, and receives a response bitstream which is stored. The client later hashes the password a second predetermined number of times, which is less than the first predetermined number, and this second message digest is sent to the server. The server continues to hash the second message digest, generate PUF responses, and compare the result to the initially stored responses. The number of hashes necessary to achieve a match is the session key.

Systems and methods for the generation and use of session keys supporting secure communications between a client and server device are disclosed. The client device has or receives a password, which it hashes a predetermined first number of times. The hashed password is sent as a message digest to a server. The server applies the hashed password to a an array of PUF devices, and receives a response bitstream which is stored. The client later hashes the password a second predetermined number of times, which is less than the first predetermined number, and this second message digest is sent to the server. The server continues to hash the second message digest, generate PUF responses, and compare the result to the initially stored responses. The number of hashes necessary to achieve a match is the session key.