A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.

A system includes a plurality of storage units each including a network port operably coupled to the network, where one or more storage vaults is associated with the plurality of storage units and each storage vault of the one or more storage vaults represents a software-constructed grouping of storage units of the plurality of storage units, where the software-constructed grouping of storage units stores encoded data slices, where a data segment is encoded using an information dispersal algorithm to produce the encoded data slices, and where a storage unit: receives, via the network port, a request regarding the data segment stored in the software-constructed grouping of storage units, obtains, from a data structure pertaining to the software-constructed grouping of storage units, information regarding the request, determines whether the request is valid based on the information regarding the request, and when the request is valid, the storage unit executes the request.

The invention introduces an apparatus for detecting errors during data encryption. The apparatus includes a key generation circuitry and a key-error detection circuitry. The key generation circuitry is arranged operably to realize a key expansion operation for generating multiple round keys based on a root key in an encryption algorithm, where the encryption algorithm encodes plaintext or an intermediate encryption result with one round key in a corresponding round. The error detection circuitry is arranged operably to: calculate redundant data corresponding to each round key; and output an error signal to a processing unit when finding that any round key does not match corresponding redundant data at a check point during the key expansion operation.

The foundation of Matrix Encryption is a discrete function called the Modified Combinatorial Batch Decimation Function (CBDF-Mod) and its asymmetric inverse (CBDI-Mod). Herein we disclose the nature of Matrix Encryption, an encryption technology built upon these two discrete functions, together with their shared, Secondary Variable Functions. Matrix Encryption implements a block encryption with arbitrary block size dependent upon the length of text to be encrypted, thereby allowing for keys of user desired length and for the surpassing of industry standards of security. A Master Key may be used to generate a Key Set containing keys of appropriate length for any data presented above a minimum length, up to a length corresponding to the length of a message for which the Master Key is appropriate. Matrix Encryption reads and writes numerically encrypted text to text files as designated by the user.

The invention introduces an apparatus for detecting errors during data encryption. The apparatus includes an encoding circuitry and an error detection circuitry. The encoding circuitry is arranged operably to realize an encryption algorithm including multiple rounds, in which of each round encodes plaintext or an intermediate encryption result with a round key. The error detection circuitry is arranged operably to: calculate redundant data corresponding to the intermediate encryption result; and output an error signal to a processing unit when finding that the intermediate encryption result does not match the redundant data at a check point during an encryption process.

The method comprising: a) receiving, by an encoding module computer device (103), from a user (100), a message (101) including a content to be encoded; b) generating, by the encoding module (103), a generated encoding (104) of the content of the provided message (101) using encoding information (112); c) sending, by the encoding module computer device (103), the generated encoding (104) to a reception module computer device (106) and verifying, by the reception module computer device (106), that the generated encoding (104) corresponds to the encoding of the content of the message (101) by using a generated verification information (105) and public information (107), wherein the at least one code (102) having a cryptographic relationship with the public information (107) and the message (101), and the public information (107) and the message (101) having a cryptographic or a public relationship.

A method for execution by a computing device of a dispersed storage network (DSN). The method begins with obtaining a plurality of write requests. The method continues where for a write request of the plurality of write requests, the computing device generates a vault identification and a generation number. The method continues where the computing device obtains a rounded timestamp and a capacity factor and generates a temporary object number based on the rounded timestamp and the capacity factor. The method continues where the computing device generates a temporary source name based on the vault identification, the generation number, and the temporary object number. The method continues where the computing device identifies a set of storage units of a plurality of sets of storage units of the DSN based on the temporary source name.

A content recording apparatus includes an obtaining unit which obtains a content having a variable-length packet structure, an encrypter which generates encrypted data by encrypting the content, and a recorder which records the encrypted data in a block unit having a fixed length in a recording medium. The encrypted data includes an invalidated region unnecessary for reproduction of the content. The recorder records a size of the invalidated region in the recording medium.

Apparatuses, methods and storage medium associated with single pass parallel encryption are disclosed herein. In embodiments, an apparatus for computing may comprise an encryption engine to encrypt a video stream. The encryption engine may comprise a plurality of encryption pipelines to respectively encrypt a plurality of video sub-streams partitioned from the video stream in parallel in a single pass as the video sub-streams are being generated. The plurality of encryption pipelines may use a corresponding plurality of multi-part encryption counters to encrypt the corresponding video sub-streams as the video sub-streams are being generated. Each of the multi-part encryption counters used by one of the encryption pipelines may comprise a sub-portion that remains constant while encoding the corresponding video sub-stream, but the sub-key is unique for the one encryption pipeline, and differs from corresponding sub-portions of the multi-part encryption counters used by the other encryption pipelines. Other embodiments may be disclosed or claimed.

The disclosure relates to digital watermarking, steganography, and specifically to message coding protocols used in conjunction with digital watermarking and steganographic encoding/decoding and payload interpretation methods. One claim recites a method for interpreting a data structure having fixed and variable message portions, the method comprising: processing the fixed message portion to determine a version of the variable message portion; decoding the entire payload field of the variable message portion according to the determined version; and interpreting only a portion of the decoded payload field according to the determined version. Of course, other features and claims are provided too.