Systems, methods, and data storage devices for data recovery from network storage systems are described. The data storage device may include a host data channel for data transfer with the host and a network data channel for data transfer with the network storage system over a network. Responsive to a read error when reading a data unit, the data storage device establishes a secure data transfer connection with the network storage system to request the failed data unit from the network storage system. The data unit retrieved from the network storage system may be used to respond to the original read request and restore the data unit in the data storage device.

A surface including: a plurality of visually detectable marks, wherein the visually detectable marks include: a first group of grid marks forming a grid and a second group of information marks encoding information based on positions of information marks of the second group of marks relative to the data page, wherein grid marks are less than 45% of the visually detectable marks on the surface.

Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset δ from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient a.sub.i of the polynomial a to produce Boolean shares â.sub.i that encode the same secret value a.sub.i; and performing in parallel for all coefficients a shared binary search to determine which of coefficients a.sub.i are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.

A storage network operates by: issuing a read threshold number of read slice requests to storage units of a set of storage units, where the read threshold number of read slice requests identifies a read threshold number of encoded slices of a set of encoded slices corresponding to a data segment; when one or more other encoded data slices of the read threshold number of encoded slices is not received within a time threshold, facilitating receiving a decode threshold number of encoded slices of the set of encoded slices; decoding the decode threshold number of encoded slices to produce recovered encoded data slices, wherein a number of the recovered encoded data slices corresponds to the read threshold number minus a number of the encoded slices received within the time threshold; and outputting the recovered encoded data slices and the encoded slices of the read threshold number of encoded slices received within the time threshold.

A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.

Various examples are directed to systems and methods for securing a data storage device. A storage controller may receive a read request directed to the data storage device. The read request may comprise address data indicating a first address of a first storage location at the data storage device. The storage controller may request from the data storage device a first encrypted data unit stored at the first memory element and a first encrypted set of parity bits, such as Error Correction Code (ECC) bits, associated with the first storage location. An encryption system may decrypt the first encrypted set of parity bits to generate a first set of parity bits based at least in part on an a first location parity key for the first address.

According to an embodiment, an encryption processing device includes a memory and one or more processors. The memory stores a plurality of divided masks to be applied to an input sentence on which mask processing is performed in unit of processing of a predetermined size corresponding to a size of data obtained by dividing target data of encryption processing into a plurality of pieces, the divided masks having a same size as that of data obtained by further dividing the data of the unit of processing. The one or more processors are configured to: read out the plurality of divided masks from the memory at different respective timings, and generate a plurality of first masks by using the read-out divided masks at different respective timings; and execute arithmetic processing on intermediate data of the encryption processing using the plurality of first masks at different respective timings.

Embodiments described herein ensure differential privacy when transmitting data to a server that estimates a frequency of such data amongst a set of client devices. The differential privacy mechanism may provide a predictable degree of variance for frequency estimations of data. The system may use a multibit histogram model or Hadamard multibit model for the differential privacy mechanism, both of which provide a predictable degree of accuracy of frequency estimations while still providing mathematically provable levels of privacy.

A security device generates a key based on a physically unclonable function (PUF). The security device includes a physically unclonable function (PUF) block, an integrity detector, and a post processor. The PUF block outputs a plurality of first random signals and a plurality of corresponding first inverted random signals each having a logic level opposite to that of each of the plurality of corresponding first random signals. The integrity detector determines data integrity of the plurality of first random signals by using the plurality of first random signals and the plurality of corresponding first inverted random signals. The post processor generates a first row key that includes validity signals satisfying the data integrity.

A method of cryptographically secured decentralized testing includes receiving, by a computing device and from a secure test apparatus, an output of a cryptographic function of a secret test result identifier, authenticating the output, and recording, in a data repository, an indication of a test result as a function of the output.