Provided herein are CRISPR/Cas methods and compositions for targeting RNA molecules, which can be used to detect, edit, or modify a target RNA.

Systems and methods for encrypted content management are provided and include generating a user private key, a user public key, and a symmetric encryption key. A group private key, a group public key, and a group symmetric encryption key are generated and the group private key is encrypted with the group symmetric encryption key. A first shared-secret key is generated based on the user public key and the group private key using a diffie-hellman exchange algorithm. The group symmetric encryption key is encrypted using the first shared-secret key to generate an escrow key. Plaintext data is encrypted using a content symmetric key. A second shared-secret key is generated based on an ephemeral private key and the group public key using a diffie-hellman exchange algorithm. The content symmetric key is encrypted using the second shared-secret key.

Systems and methods for encrypted content management are provided and include generating a user private key, a user public key, and a symmetric encryption key. A group private key, a group public key, and a group symmetric encryption key are generated and the group private key is encrypted with the group symmetric encryption key. A first shared-secret key is generated based on the user public key and the group private key using a diffie-hellman exchange algorithm. The group symmetric encryption key is encrypted using the first shared-secret key to generate an escrow key. Plaintext data is encrypted using a content symmetric key. A second shared-secret key is generated based on an ephemeral private key and the group public key using a diffie-hellman exchange algorithm. The content symmetric key is encrypted using the second shared-secret key.

Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.

A device can (i) operate a primary platform (PP) within a tamper resistant element (TRE) and (ii) receive encrypted firmware images for operating within the primary platform. The TRE can store in nonvolatile memory of the TRE (i) a PP static private key (SK-static.PP), (ii) a server public key (PK.IDS1), and (iii) a set of cryptographic parameters. The TRE can generate a one-time PKI key pair of SK-OT1.PP and PK-OT1.PP and send the public key PK-OT1.PP to a server. The TRE can receive a one-time public key from the server comprising PK-OT1.IDS1. The TRE can derive a ciphering key using an elliptic curve Diffie Hellman key exchange and the SK-static.PP, SK-OT1.PP, PK.IDS1, and PK-OT1.IDS1 keys. The TRE can decrypt the encrypted firmware using the derived ciphering key. The primary platform can comprise a smart secure platform (SSP) and the decrypted firmware can comprise a virtualized image for the primary platform.

A method for user authentication according to one embodiment of the present disclosure includes acquiring authentication information including biometric information of a user, generating a random string and a helper string from the biometric information, generating a secret value that corresponds to the authentication information, generating a private key and a public key using the secret value and the random string, and transmitting the public key to an authentication server.

A method for user authentication according to one embodiment of the present disclosure includes acquiring authentication information including biometric information of a user, generating a random string and a helper string from the biometric information, generating a secret value that corresponds to the authentication information, generating a private key and a public key using the secret value and the random string, and transmitting the public key to an authentication server.

Examples described herein relate to integrating a blockchain-enabled reader with a blockchain network over machine-to-machine communication protocol. A subscriber node may receive event data published by a publisher node. The event data may be communicated to the publisher node from a blockchain-enabled reader using a machine-to-machine communication protocol. The event data may be attested by the blockchain-enabled reader using a decentralized identity provisioned to the blockchain-enabled reader from the blockchain network. The decentralized identity of the blockchain-enabled reader may be verified. The event data may be submitted by the subscriber node to a distributed ledger upon successful verification of the decentralized identity of the blockchain-enabled reader.

Examples described herein relate to integrating a blockchain-enabled reader with a blockchain network over machine-to-machine communication protocol. A subscriber node may receive event data published by a publisher node. The event data may be communicated to the publisher node from a blockchain-enabled reader using a machine-to-machine communication protocol. The event data may be attested by the blockchain-enabled reader using a decentralized identity provisioned to the blockchain-enabled reader from the blockchain network. The decentralized identity of the blockchain-enabled reader may be verified. The event data may be submitted by the subscriber node to a distributed ledger upon successful verification of the decentralized identity of the blockchain-enabled reader.

Techniques for securely monitoring an air-gapped machine. Systems, methods, and devices for generating a status message representing a state of an air-gapped machine, converting the status message to a visual code, displaying the visual code to a display monitor connected to the air-gapped machine, capturing image data of the visual code at a camera connected to a monitoring machine, and transmitting the image data to the monitoring machine, thereby causing the visual code to be accessible by a user of the monitoring machine. Techniques for verifying the integrity of the status message, and optionally, encrypting the status message.