A computer-implemented method of encryption of several units of a computerized system, wherein each of the units comprises data, includes generating distinct initialization vectors, or IVs, for the units, and storing the generated IVs; and for each unit of the several units: accessing a stored IV corresponding to the unit; and encrypting the unit according to the accessed IV and an encryption key.

Generally, the present disclosure provides technology modifying a first cryptographic cipher with one or more operations of a second cryptographic cipher. In some embodiments the technology leverages a mathematical relationship between representations of data used in the first and second ciphers to enable the substitution of one or more operations of the first cipher with one or more operations of the second cipher. The resulting modified cipher may in some instances exhibit improved performance and or security, relative to the unmodified first cipher. Methods, computer readable media, and apparatus including or utilizing the technologies are also described.

Cryptographic key management and usage is accomplished by employing a hybrid symmetric/asymmetric security context wherein seed values are associated with randomly generated cryptographic keys. A security context environment is maintained wherein cryptographic keys are reliably reproduced when needed.

The disclosed computer-implemented method for monitoring encrypted data transmission may include (1) detecting a data transmission session between an application running on a first device and an application running on a second device, (2) identifying a shared library loaded by the application running on the first device to establish encryption for the data transmission session, (3) retrieving, from the shared library, a symmetric session key designated for the data transmission session, (4) intercepting data transmitted during the data transmission session, the data having been encrypted using the symmetric session key, and (5) decrypting the data utilizing the symmetric session key retrieved from the shared library. Various other methods, systems, and computer-readable media are also disclosed.

A system for performing distributed computing. The system comprises a plurality of compute node resources for performing computations for the distributed computing, a management resource for managing each of the compute node resources in the plurality, and a virtual cloud network. The management resource and the plurality of compute node resources are interconnected via the virtual cloud network.

Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

A method of providing robust and secure fingerprints including, at an enrollment stage, the steps of providing a content x for which a fingerprint is to be provided, assigning an ID number to the content x, providing a secret key k, generating a fingerprint b.sub.x based on content x and secret key k, storing the generated fingerprint b.sub.x together with the assigned ID in a database, as well as, at an identification stage, the steps of extracting, for a given query content y which might result either from the enrolled content x or an unrelated content x′, an estimate fingerprint b.sub.y based on content y, and secret key k, producing an estimated I{hacek over (D)} number based on the estimate fingerprint b.sub.y for identifying the content x using said ID number stored in the database, or else rejecting the query.

Methods and apparatus for distribution of keys are disclosed. An optical signal for carrying encoded information in accordance with a quantum key distribution scheme is generated. The generated optical signal has a wavelength which is changed to another wavelength prior to transmission of the optical signal. The optical signal carrying the encoded information and having the changed wavelength is received, where after decoding of the information takes place by means of detector apparatus operating in the changed wavelength.

A memory stores therein a first vector. A processor generates a first encrypted polynomial by encrypting a first polynomial that corresponds to a first binary vector obtained by performing a binary transformation on elements of the first vector. A transmitter transmits to a cryptographic operation device cryptographic information that represents the first encrypted polynomial. The cryptographic operation device multiplies the first encrypted polynomial by a second encrypted polynomial that is generated by encrypting a second polynomial that corresponds to a second binary vector obtained by performing a binary transformation on elements of a second vector, so as to generate a third encrypted polynomial. When assigning 2 to a variable in a prescribed portion of a third polynomial obtained by decrypting the third encrypted polynomial, a result of an operation of the first vector and the second vector is obtained.

Embodiments provide methods, and systems for cryptographic keys exchange where the method can include receiving, by a server system, a client public key being part of a client asymmetric key pair from a client device; sending, by the server system, a server public key being part of a server asymmetric key pair to the client device; generating, by the server system, a random value master key and sending the random value master key encrypted using the client public key to the client device; and generating, by the server system, an initial unique session key and sending the initial unique session key encrypted under the random value master key to the client device. A unique session key from the set of the unique session keys is used by the client device to encrypt a session data for transmission to the server system per session.