An information handling system may include at least one processor and a non-transitory memory coupled to the at least one processor. The information handling system may be configured to: request logging information from a target information handling system, the target information handling system including private data therein; based on blockchain credentials stored in the information handling system, create a transaction record associated with the request, wherein a plurality of nodes associated with the blockchain are configured to process the transaction record to determine whether access should be granted to the logging information; and in response to the plurality of nodes determining that access should be granted, receive the logging information.

The present invention relates to a method to protect a data file to be used by a white-box cryptography software application installed in memory of a device to prevent the malevolent use of a digital copy of the data file by a white-box cryptography software application installed in memory of another device, said method comprising the steps of extracting an unique identifier for the device from the environment of the device and modifying data in the data file according to the unique identifier, the available white-box cryptography software application being such that it comprises a software security layer adapted to, when the WBC software application is executed, retrieve the unique identifier from the environment of the device in which it is installed and to use this unique identifier in combination with the stored data file in its execution, the result of the execution being correct only in case where the correct unique identifier has been extracted by the executed WBC software application.

Disclosed examples decrypt a first block of sequential blocks using a first decryption key generated based on a first hash of a second decryption key and bit stream data, the first decryption key associated with the first block of the sequential blocks to generate a first segment of a band entropy coded bit stream; generate a third decryption key for a second block of the sequential blocks based on a second hash of the first decryption key and data of the first block of the sequential blocks; decrypt the second block of the sequential blocks using the third decryption key associated with the second block of the sequential blocks to generate a second segment of the band entropy coded bit stream; and merge the first and second segments of the band entropy coded bit stream to generate a source data bit stream using a bit mask for demultiplexing.

Many-to-many cryptographic systems and methods are disclosed, and a network employing the same, including numerous industry applications. The embodiments of the present invention can generate and regenerate the same symmetric key from a random token. The many-to-many cryptographic systems and methods include two or more cryptographic modules being in communication with each other and may be located at different physical locations. The cryptographic modules are configured to encrypt and/or decrypt data received from other cryptographic modules and to provide encrypted and/or decrypted data to other cryptographic modules. Each cryptographic module includes a key generator configured to use two or more inputs to reproducibly generate the symmetric key and a cryptographic engine configured to use the symmetric key for encrypting and decrypting data. Corresponding methods, and network employing the same, are also provided.

A block cipher encryption device for encrypting a data unit plaintext into blocks of ciphertexts, the data unit plaintext being assigned a tweak value and being divided into one or more plaintext blocks. The block cipher encryption device comprises: a combinatorial function unit associated with each plaintext block, the combinatorial function unit being configured to determine a tweak block value by applying a combinatorial function between a value derived from the tweak value and a function of a block index assigned to the plaintext block, a first masking unit in association with each plaintext block, the first masking unit being configured to determine a masked value by applying a data masking algorithm to the tweak block value determined by the combinatorial function unit associated with the plaintext block.

A processor device with a white-box masked implementation of the cryptographic algorithm AES implemented thereon, which comprises a SubBytes transformation. The white-box masked implementation is hardened in that white-box round input values x′ are supplied at the round input of rounds instead of the round input values x, said white-box round input values being formed from a concatenation of: (i) the round input values x that are masked by means of the invertible masking mapping A and (ii) obfuscation values y that are likewise masked with the invertible masking mapping A; wherein from the white-box round input values x′ only the (i) round input values x are fed to the SubBytes transformation T, and (ii) the masked obfuscation values y are not.

Systems and methods for managing keys in a computer memory are described. In some embodiments, location addresses are determined for two key elements. A periodic time interval that is based on a time duration for performing a transaction involving a distance between the key elements is determined. One key element may be stored at a location address and then relocated to another location address after the periodic time interval has passed. In some embodiments, areas the computer memory may remain static during relocation of the key element.

The system comprises a sending entity (100) and a receiving entity (200). The sending entity (100) is suitable for generating a random mask (MA) with m bits; applying an XOR operation between the raw data block to be encrypted (T) and the random mask (MA) thus generated to obtain a primary encrypted block (CPV) with m bits; and applying a permutation (PE) on the concatenation of the random mask (MA) and the primary encrypted block (CPV) to obtain a secondary encrypted block (CS). The receiving entity (200) is suitable for receiving the secondary encrypted block (CS) of 2*m bits; applying an inverse permutation (PI) on the secondary encrypted block thus received to obtain the de-concatenation of a random mask (MA) and a primary encrypted block (CPV) with m bits; and applying an XOR operation between the primary encrypted block (CPV) and the random mask (MA) thus de-concatenated to obtain a block in clear (T) with m bits. The permutation (PE) and its inverse permutation (PI) are secret and only shared and known by the communicating entities (100, 200).

A method for generating an authentication key for providing a digital signature at a device for authenticating an output from a ring comprising a plurality of peers, the method comprising generating respective security credentials for each peer of a plurality of peers constituting a ring of peers, at least one security credential being generated in dependence on one or more feature of the respective peer device; generating a ring key in respect of the ring in dependence on the respective security credential of each peer constituting the ring; and generating an authentication key in dependence on the ring key, a security credential of a first peer and respective security credentials of at least one of the other peers.

Systems and methods that may implement an Oracle-aided protocol for producing and using FHE encrypted data. The systems and methods may initially encrypt and store input data in one encrypted form that is not performed using FHE, which does not substantially increase the size of the data and storage resources required to store the encrypted data. In accordance with the Oracle-aided protocol, the encrypted data is re-encrypted as FHE encrypted data when FHE encrypted data is required.