A method includes obtaining audit records. Each of the audit records indicates a timestamp for a corresponding message, at least one event type code selected from a plurality of event type codes for a corresponding audit event of the corresponding message, and an identifier for a corresponding system entity associated with creation of the corresponding message. A number of audit records are aggregated over a period of time. An audit file is generated to include the number of audit records and integrity information. Storage of the audit file is facilitated by utilizing a name of the audit file.

Among other things, we describe systems and method for implementing data security in an autonomous vehicle system. The systems and methods can include inter-process communication security via key management, in which asymmetric cryptography and other validation techniques are used to validate data received from sensors. The systems and method can also include penetrative testing, in which valid sensor inputs are modified and transmitted throughout a distributed network through one or more sensors.

An apparatus and method are described for processing a global navigation satellite system (GNSS) signal, the GNSS comprising multiple satellites, wherein each satellite transmits a respective navigation signal containing a spreading code. The method comprises receiving an incoming signal at a receiver, wherein the incoming signal may contain navigation signals from one or more satellites; encrypting the incoming signal at the receiver using a homomorphic encryption scheme to form an encrypted signal; and transmitting the encrypted signal from the receiver to a remote server.

This disclosure relates to method and system for encrypting and decrypting a facial segment in an image with a unique server key. The method includes receiving an image from one of a plurality of users. The image includes a plurality of facial segments. The method further includes, for each facial segment from the plurality of facial segments, identifying a unique user associated with the facial segment using a facial recognition algorithm, encrypting the facial segment with a unique server key, generating a protection frame, unlockable with the unique server key, to cover the facial segment, and decrypting the facial segment while rendering the image for at least one of the plurality of users upon receiving the unique server key from the at least one of the plurality of users.

Methods and systems disclosed herein describe obfuscating plaintext cryptographic material stored in memory. A random location in an obfuscation buffer may be selected for each byte of the plaintext cryptographic material. The location of each byte of the plaintext cryptographic material may be stored in a position tracking buffer. To recover the scrambled plaintext cryptographic material, the location of each byte of the plaintext cryptographic material may be read from the position tracking buffer. Each byte of the plaintext cryptographic material may then be read from the obfuscation buffer and written to a temporary buffer. When each byte of the plaintext cryptographic material is recovered, the plaintext cryptographic material may be used to perform one or more cryptographic operations. The scrambling techniques described herein reduce the likelihood of a malicious user recovering plaintext cryptographic material while stored in memory.

A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.

An initialization unit generates secret values of vectors p{right arrow over ( )}.sub.0 and r{right arrow over ( )}.sub.0 and a value ρ.sub.0. A first computation unit generates a secret value of a D-fold value of a vector a{right arrow over ( )}.sub.i−1. A second computation unit generates a secret value of a D-fold value of a value γ.sub.i−1. A third computation unit generates a secret value of a value α.sub.i−1. A fourth computation unit generates a secret value of a D-fold value of a vector d{right arrow over ( )}.sub.i. A fifth computation unit generates a secret value of a vector x{right arrow over ( )}.sub.i. A sixth computation unit the generates a secret value of a vector r{right arrow over ( )}.sub.i. A seventh computation unit generates a secret value of a D-fold value of a value ρ.sub.i. An eighth computation unit generates a secret value of a value β.sub.i. A ninth computation unit generates a secret value of a vector p{right arrow over ( )}.sub.i.

A processing method implemented by a first device including receiving first data including a challenge datum; obtaining key data including an encrypted cryptographic key which is masked by executing a cryptographic masking function; receiving an unmasking key; determining the encrypted cryptographic key by executing a cryptographic unmasking function on the basis of the unmasking key; determining a decrypted cryptographic key by a decryption by executing a decryption algorithm with white-box implementation on the basis of the encrypted cryptographic key; determining an answer datum by a cryptographic operation by executing a predetermined cryptographic algorithm on the basis of the decrypted cryptographic key and the challenge datum; and sending the answer datum to authenticate the first device.

Systems, computer program products, and methods are described herein for dynamic chaffing for log obfuscation based on shifting exposure portfolio. The present invention is configured to receive an event log from one or more sources associated with a resource, wherein the event log comprises one or more event records generated based on one or more action incidences; initiate a chaffing engine on the event log; generate, using the chaffing engine, one or more artificial records based on at least the one or more event records; tag the one or more artificial records and the one or more event records with one or more authentication codes; interleave, using the chaffing engine, the one or more artificial records and the one or more event records to generate an encrypted event log with one or more chaffed event records; and store the encrypted event log in an event database.

This disclosure relates to, among other things, electronic device security systems and methods. Certain embodiments disclosed herein provide for protection of cryptographic keys and/or associated operations using both an operating system security service and a software-based whitebox cryptographic security service executing on a device. Leveraging operating system security services and software-based whitebox cryptographic security services may provide enhanced security when compared to using either service alone to protect cryptographic keys and associated operations. In additional embodiments, server-side cryptographic security solutions may be further used to enhance device security implementations.