A system and method of wireless display, including a transmitter processing a first encrypted content into a second encrypted content without decoding, and transferring the second encrypted content over a wireless display connection to a receiver.

A system and method for encrypting portions of data for storage in a remote network have been provided. The system comprises a memory with instructions executable by a processor to receive data for forwarding to a server device, wherein the received data comprises an indication of one or more portions of the received data to be encrypted; identify a portion comprising the one or more portions of the received data based at least in part on the indication; encrypt the identified portion of the data; generate a payload that comprises the encrypted portion and one or more unencrypted portions of the received data; and transmit, to the server device, the payload.

This disclosure describes systems and methods related to utilizing hardware assisted protection for media content. In some embodiments, a provided method comprises: receiving, from a content server and by a computing device processor of a secure enclave of a device, first encrypted media content; decrypting, by the computing device processor, the first encrypted media content using a first decryption key; generating, by the computing device processor, a second decryption key; encrypting, by the computing device processor, the first decrypted media content using the second key, thereby resulting in second encrypted media content; and sending, by the computing device processor and to one or more graphical processing units (GPUs) comprised in a graphics component of the device, the second encrypted media content and the second decryption key.

Various approaches are disclosed for protecting vehicle buses from cyber-attacks. Disclosed approaches provide for an embedded system having a hypervisor that provides a virtualized environment supporting any number of guest OSes. The virtualized environment may include a security engine on an internal communication channel between the guest OS and an external vehicle bus of a vehicle to analyze network traffic to protect the guest OS from other guest OSes or other network components, and to protect those network components from the guest OS. Each guest OS may have its own security engine customized for the guest OS to account for what is typical or expected traffic for the guest OS (e.g., using machine learning, anomaly detection, etc.). Also disclosed are approaches for corrupting a message being transmitted on a vehicle bus to prevent devices from acting on the message

The invention relates to a method of signature with pseudonym of a message m by a user device storing a secret signature key sk dependent at least on a first part of key f, on a second part of key x and on a third part of key A equal to (g.sub.1h.sup.f).sup.1/(x+y) and comprising the following steps: generation of a pseudonym nym equal to h.sup.f dpk.sup.x, with dpk a public domain parameter, determination of random numbers a, r_a, r_f, r_x, r_b, r_d, calculation of signature coefficients R.sub.1 equal to h.sup.r.sup._.sup.Jdpk.sup.r.sup._.sup.x, R.sub.2 equal to nym.sup.r.sup._.sup.ah.sup.r.sup._.sup.ddpk.sup.r.sup._.sup.b, R.sub.3 equal to Z.sup.r.sup._.sup.x V.sup.ar.sup._.sup.xr.sup._.sup.fr.sup._.sup.b W.sup.r.sup._.sup.a, with Z, V and W respectively equal to e(A, g.sub.2), e(h, g.sub.2) and e(h,w), obtaining of a first signature parameter T equal to Ah.sup.a, calculation of a second signature parameter c by applying a cryptographic hash function H, to the public domain parameter dpk, to the pseudonym nym, to the first signature parameter T, to the signature coefficients R.sub.1, R.sub.2, R.sub.3 and to the message m, calculation of signature parameters s_f, s_x, s_a, s_b, s_d, respectively equal to r_f+c.f, r_x+c.x, r_a+c.a, r_b+c.a.x and r_d+c.a.f, generation of said signature with pseudonym of said message m on the basis of said signature parameters.

A method of encrypting information using a computational tag may include, by a mobile electronic device, detecting a computational tag within a near field communication range of the mobile electronic device, identifying a document to be encrypted by the mobile electronic device, transmitting the document to the computational tag by the mobile electronic device, receiving, from the computational tag, an encrypted document, wherein the encrypted document comprises an encrypted version of the document that was to be encrypted, and storing the encrypted document in a memory of the mobile electronic device.

Methods, systems and computer readable media for a MiTM proxy that supports client authentication are described.

A computing apparatus outputs .sub.1 and .sub.2 corresponding to a ciphertext x, a capability providing apparatus uses .sub.1 to correctly compute f(.sub.1) with a probability greater than a certain probability and sets the result of the computation as z.sub.1, uses .sub.2 to correctly compute f(.sub.2) with a probability greater than a certain probability and sets the result of the computation as z.sub.2, the computing apparatus generates a computation result u=f(x).sup.bx.sub.1 from z.sub.1, generates a computation result v=f(x).sup.ax.sub.2 from z.sub.2, and outputs u.sup.bv.sup.a if the computation results u and v satisfy a particular relation, where G and H are groups, f(x) is a function for obtaining an element of the group G for xH, X.sub.1 and X.sub.2 are random variables having values in the group G, x.sub.1 is a realization of the random variable X.sub.1, and x.sub.2 is a realization of the random variable X.sub.2.

Systems, methods, and non-transitory computer-readable storage media for a non-replayable communication system are disclosed. A first device associated with a first user may have a public identity key and a corresponding private identity. The first device may register the first user with an authenticator by posting the public identity key to the authenticator. The first device may perform a key exchange with a second device associated with a second user, whereby the public identity key and a public session key are transmitted to the second device. During a communication session, the second device may transmit to the first device messages encrypted with the public identity key and/or the public session key. The first device can decrypt the messages with the private identity key and the private session key. The session keys may expire during or upon completion of the communication session.

Methods, systems, and computer-readable storage media for processing queries in analytical web applications over encrypted data. Implementations include actions of receiving, by a database driver executed on a server-side computing device and from a client-side proxy, a query and one or more encryption keys, the one or more encryption keys having been selected by the client-side proxy based on operations required to perform the query, performing at least one operation of the query to provide a query result including encrypted data, and transmitting, by the database driver, the encrypted data to the client-side proxy, the client-side proxy processing the encrypted data to provide plaintext data to an end user.