Decoding a partially encrypted data stream may include receiving and scanning the partially encrypted data stream. Scanning the partially encrypted data stream may include identifying an encrypted portion sentinel in the partially encrypted data stream subsequent to a first portion, identifying an encrypted portion in the partially encrypted data stream subsequent to the encrypted portion sentinel, and generating a decrypted data portion by decrypting the encrypted portion. Decrypting the encrypted portion may include identifying an encrypted data portion in the encrypted portion, the encrypted data portion omitting an end encrypted portion sentinel, decrypting the encrypted data portion, and identifying an end encrypted portion sentinel in the encrypted portion subsequent to the encrypted data portion. Decoding the partially encrypted data stream may include including the decrypted data portion in the decrypted output data stream, and outputting the decrypted output data stream to a client device in the second network domain.

Decoding a partially encrypted data stream may include receiving and scanning the partially encrypted data stream. Scanning the partially encrypted data stream may include identifying an encrypted portion sentinel in the partially encrypted data stream subsequent to a first portion, identifying an encrypted portion in the partially encrypted data stream subsequent to the encrypted portion sentinel, and generating a decrypted data portion by decrypting the encrypted portion. Decrypting the encrypted portion may include identifying an encrypted data portion in the encrypted portion, the encrypted data portion omitting an end encrypted portion sentinel, decrypting the encrypted data portion, and identifying an end encrypted portion sentinel in the encrypted portion subsequent to the encrypted data portion. Decoding the partially encrypted data stream may include including the decrypted data portion in the decrypted output data stream, and outputting the decrypted output data stream to a client device in the second network domain.

A system and method is presented for storing a location on a blockchain of a hash, such as a cryptographic hash, digital fingerprint, or digest, of a digital item, such as a document, file, sound clip, or computer code, within the digital item itself. The blockchain may be used for providing a provenance of the digital item by generating the hash of the digital item and submitting it within a transaction to the blockchain. The system and method presented allow the location of the hash within the blockchain to be embedded within the digital item before said hash is generated and submitted, providing a clear link between a record of the hash and the digital item in question, and reducing the computational and network resources required to verify the provenance of the digital item.

A system and method is presented for storing a location on a blockchain of a hash, such as a cryptographic hash, digital fingerprint, or digest, of a digital item, such as a document, file, sound clip, or computer code, within the digital item itself. The blockchain may be used for providing a provenance of the digital item by generating the hash of the digital item and submitting it within a transaction to the blockchain. The system and method presented allow the location of the hash within the blockchain to be embedded within the digital item before said hash is generated and submitted, providing a clear link between a record of the hash and the digital item in question, and reducing the computational and network resources required to verify the provenance of the digital item.

An MMT transmission system includes first and second material output devices, first and second multiplexing devices, first and second encryption processing device, and a switching device. The first encryption processing device encrypts a first payload, except for a first MPU sequence number, of a first MMTP packet included in first multiplexed data output from the first multiplexing device. The second encryption processing device encrypts a second payload, except for a second MPU sequence number, of a second MMTP packet included in second multiplexed data output from the second multiplexing device. The switching device acquires a first MPU boarder from the first MPU sequence number, a second MPU boarder from the second MPU sequence number, and switches transmissions of the multiplexed data at these boarders.

In order to improve the efficiency of transfer to outside devices while necessary buffer memory is suppressed, the present invention is an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus including acquisition means for acquiring an encrypted packet on a unit data basis, decoding means for decoding the encrypted packet on the unit data basis, output means for outputting decoded data obtained through the decoding performed by the decoding means to an external device in accordance with an order in which the decoding is performed by the decoding means, and control means for restricting output to be performed by the output means in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding means.

In order to improve the efficiency of transfer to outside devices while necessary buffer memory is suppressed, the present invention is an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus including acquisition means for acquiring an encrypted packet on a unit data basis, decoding means for decoding the encrypted packet on the unit data basis, output means for outputting decoded data obtained through the decoding performed by the decoding means to an external device in accordance with an order in which the decoding is performed by the decoding means, and control means for restricting output to be performed by the output means in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding means.

Provided is an analysis system including a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; a communication processing unit that is configured to instruct the memory acquisition unit to acquire data stored in the memory unit when determining that key data including an encryption key for cryptographic communication protocol are stored in the memory unit; and a cryptanalysis unit that is configured to extract one or more key data candidates that are candidates of the key data, from the stored in the memory unit, and extract, from one or more of the key data candidates, correct key data that enables to decrypt correctly the encrypted communication data. The communication processing unit is further configured to execute specific processing according to the decrypted communication data.

Provided is an analysis system including a memory acquisition unit that is configured to acquire at least part of data stored in a memory unit in an information communication apparatus including a computing unit and the memory unit; a communication processing unit that is configured to instruct the memory acquisition unit to acquire data stored in the memory unit when determining that key data including an encryption key for cryptographic communication protocol are stored in the memory unit; and a cryptanalysis unit that is configured to extract one or more key data candidates that are candidates of the key data, from the stored in the memory unit, and extract, from one or more of the key data candidates, correct key data that enables to decrypt correctly the encrypted communication data. The communication processing unit is further configured to execute specific processing according to the decrypted communication data.

A calculation process is efficiently performed to a text file in which one or more records are included, each of the records includes one or more cells having an arbitrary length, and each of the cells includes arbitrary pieces of characters. A parameter setting apparatus sets a maximum value S.sub.csv and a minimum value s.sub.csv of a size of character strings for one record by using attribute information as an input, a maximum value S.sub.enc of a total size of encode information, a maximum value S.sub.ss of a total size of a calculation value obtained by performing specific calculation to the encode information, and a total size S.sub.ref of reference information, obtains a function value of C/(S.sub.csv+S.sub.enc+S.sub.ref) as the number of records which is a process unit of encoding and calculation, and obtains a function value of f.sub.0/I.Math.r.Math.S.sub.csv as the number of parallels in the calculation process. Here, C is a cache memory size, M is a main memory size, and f.sub.0 is a function value of s.sub.csv.Math.M/(s.sub.csv+S.sub.enc+max(S.sub.ref,S.sub.ss)).