An apparatus for increasing security in inter-chip communication includes a sending control module, a communication bus, and a receiving control module. The communication bus is coupled between the sending control module and the receiving control module. The sending control module operates to send data on the communication bus, disable the communication bus when threats are detected, or both.

A method for generating a digital signature includes grouping, with a processing device, a first record with a second record, and generating a first digital signature based at least in part on the first record and the second record.

A star topology network comprises a user device, a central gateway, and one or more sensor nodes added to the existing network. A communication between the user device and the central gateway is secured either based on public-key cryptography, symmetric-key cryptography, or by the use of a secure channel such as a wired communication. A request from the user device to the central gateway can be transmitted over the internet.

In a data registration phase, encrypted data is calculated by encrypting input data to be concealed by using a secret key, registration data is generated based on the encrypted data and a verification key, and the registration data is stored as a registration template in a storage unit together with an identifier for uniquely identifying the registration data. In an encrypted text verification phase, a data verifying request is generated in which input data to be verified has been encrypted by using a random number, the registration template stored in the storage unit and the data verifying request are verified to produce a determined result, a verified result including a part or all of the registration template corresponding to the determined result is produced, and data is restored based on the verified result to produce a restored result.

A method of performing user authentication includes by a service electronic device associated with a service, receiving, from a public electronic device, a request for a user to initiate a session of the service, generating a first security token, a first write token, a first read token, and/or a first delete token, sending the first security token, the first write token, the first read token, and/or the first delete token to a server electronic device, receiving, from the server electronic device, a key location identifier that uniquely identifies a memory location of a data store associated with the server electronic device where the first security token, the first write token, the first read token, and/or the first delete token are stored, saving the key location identifier in a data store associated with the service electronic device, generating a signed key location identifier, generating a machine-readable image that includes the key location identifier, the signed key location identifier and the first write token in an encoded format, and sending the machine-readable image to the public electronic device.

A method of performing out-of-band user authentication includes, by a service electronic device associated with a service a request to initiate a session of the service, generating an authentication token, encrypting the authentication token to generate an encrypted authentication token, and transmitting the encrypted authentication token to the electronic device.

A method for authenticating an object, comprising determining a physical dispersion pattern of a set of elements, determining a physical characteristic of the set of elements which is distinct from a physical characteristic producible by a transfer printing technology, determining a digital code associated with the object defining the physical dispersion pattern, and authenticating the object by verifying a correspondence of the digital code with the physical dispersion pattern, and verifying the physical characteristic.

Methods, systems, and media for protecting and verifying video files are provided. In some embodiments, a method for verifying video streams is provided, the method comprising: receiving, at a user device, a request to present a video that is associated with a video archive, wherein the video archive includes a file list, a signature corresponding to the file list, video metadata, a signature corresponding to the video metadata, and at least one encrypted video stream corresponding to the video, and wherein the file list indicates a plurality of files that are to be included in the video archive; verifying the signature corresponding to the file list; in response to determining that the signature corresponding to the file list has been verified, determining whether the plurality of files indicated in the file list are included in the video archive; in response to determining that the plurality of files indicated in the file list are included in the video archive, verifying the signature corresponding to the video metadata; in response to determining that the signature corresponding to the video metadata has been verified, requesting a decryption key corresponding to the video stream; in response to receiving the decryption key, decrypting the encrypted video stream; and causing the decrypted video stream to be presented on the user device.

Aspects of the invention include providing a clear key with an attribute that controls usage of the clear key. The clear key includes key data in at least a first 8-byte section and second and third 8-byte sections and a wrapping key for wrapping the clear key. The computer-implemented method further includes chaining the first, second and third 8-byte sections together with zeroes for those 8-byte sections that are unpopulated into chained key data, deriving encryption and authentication keys from the wrapping key, calculating an authentication code over the clear key and the attribute using the authentication key, executing encryption over the chained key data using the encryption key to generated encrypted chained key data and adding the authentication code, the attribute and the encrypted chained key data to form a key block.

Devices and techniques for secure transmission of content over third-party networks are provided. Keys are established for secure transport of content between a source and recipient via a third party. The source generates a content package that includes an encrypted payload, and a payload handler. In some instances, the content package may also include user interface code for obtaining a secret from the recipient. The content package may be signed (e.g., the message content hashed and the result of the hash added to the content package). The content package is transmitted over a connection to a content delivery service for delivery to recipient(s) via another connection. The content delivery service receives the package and forwards the package to recipient(s) without decrypting the payload. A recipient receives the package from the content delivery service, validates the package and decrypts the payload. The payload may be presented to a display application.