An example operation may include one or more of authorizing a blockchain for a video file, generating a first tracking value for an entry block referencing the video file, the first tracking value generated based on first data and the video file, receiving second data for each of additional blocks in the blockchain, generating second tracking values based on the second data of the additional blocks, forming the additional blocks including the second tracking values, respectively, appending the additional blocks to the entry block, the entry block and the additional blocks cryptographically linked in an ordered sequence, each of the additional blocks referencing a version of the video file which corresponds to an original version of the video file as referenced by the entry block or a processed version of the video file, the second data in each of the additional blocks indicative of processing performed on the version of the video file in that block, and tracing through the blockchain based on the first and second tracking values to confirm an auditable and immutable chain-of-custody of the video file.

A method of encrypting unencrypted digital content includes measuring an analog value associated with a physical property of interested cells of a memory array; digitizing the measured analog value to generate a response key; generating an encryption key based at least on the response key; encrypting the unencrypted digital content to generated encrypted digital content based on the encryption key; and storing the encrypted digital content.

A device having user-selectable content includes a storage having the capacity to store pre-loaded content and a controller. The controller is operative to manage access to the pre-loaded content, by way of limiting the access to a user-selected portion of the pre-loaded content. The controller limits access subject to and performed according to an indication of an initial purchase transaction. Also provided is a controller that includes a processing unit and an interface to a memory. The processing unit is operative to manage access to pre-loaded content stored on the memory.

Some embodiments provide a method for performing a cryptographic process. The method receives first and second cipher keys. The method generates a set of subkeys corresponding to each of the first and second cipher keys. The set of subkeys for the first cipher key is dependent on the first cipher key and the second cipher key. The method performs the cryptographic process by using the generated sets of subkeys.

Systems and methods in which multiple key servers operate cooperatively to securely provide authorization codes to requesting devices. In one embodiment, a server cloud receives a device authorization code request and selects an “A server”. The “A server” requests authorization from one or more “B servers” and authorizes the “B servers” to respond. The “B servers” provide authorization to the “A server”, and may provide threshold key inputs to enable decryption of device authorization codes. The “A server” cannot provide the requested device authorization code without authorization from the “B server(s)”, and the “B server(s)” cannot provide the requested server authorization code and threshold inputs without a valid request from the “A server”. After the “A server” receives authorization from the “B server(s)”, it can provide the initially requested device authorization code to the requesting device.

There is provided mechanisms for verifying setup of encryption of a block of data. The method is performed by a client node. A method comprises obtaining an indication to encrypt the block of data. The method comprises providing a first message to a compute node indicating a setup request of a block storage volume, V, to be encrypted, wherein the first message comprises a nonce, N. The method comprises obtaining a second message from the compute node, wherein the second message comprises the nonce, N, and provides validation that a key management node has taken part in setup of the encryption of the block of data and a cryptographic measurement of the compute node, including evidence that the compute node is in a trusted state according to the key management node. There is also provide such a client node. There is further provided a compute node and a method performed by the compute node. There is further provided a key management node and a method performed by the key management node.

A system of delivering data content with hardware assisted provenance proof in named data networking (NDN). The system comprises a data content server with a trusted security zone enabled that is configured to receive the first request message from the first client, and transmit the desired data content based on the name comprised in the first request message and a determination that the first client is trusted and that the routing path from the first client to the data content server is trusted. The system further comprises a signature server with a trusted security zone enabled that is configured to receive the first request message from the first client, generate a digital signature based on the desired data content, and transmit the corresponding digital signature based on a determination that the first client is trusted and that the routing path from the first client to the signature server is trusted.

Disclosed is an approach to implement a new layer of security within mobile devices using an encryption SDK, which implements a standalone component for applications to encrypt, decrypt, and view sensitive data on the device. A security layer is implemented on the device, wherein the security layer manages encryption for data retrieved onto the device from a cloud-based environment. Encrypted content is then generated at the security layer before storing the encrypted content by receiving the content object from the cloud-based environment and encrypting the content object with an encryption key that is password protected. The encrypted content is stored within an encrypted filesystem for presenting the content on the device.

A configuration capable of performing reliable source analysis of illegal copy content using content in which a reproduction path is settable is implemented. Content in which an individual segment region including a plurality of pieces of variation data which include different identification information embedded therein and are decryptable using different keys and a common segment region including single data are provided, and variation data is configured with an aligned unit is set. A content reproducing device calculates a reproduction path by applying a device key and selects and reproduces an aligned unit corresponding to the reproduction path on the basis of a variation data identifier recorded in an adaptation field in a plain text region at the head of a plurality of aligned units constituting the variation data.

An information processing device including: a data processing unit that generates an encryption key of content; and a communication unit that transmits an encryption key generated by the data processing unit, wherein the data processing unit generates, as the encryption key, individual keys that are different for each new content recording processing on a recording medium in a content recording device, and transmits the individual keys through the communication unit.