Provided is a method for securely exchanging information during application startup. A processor may send a request for a passphrase to one or more remote devices using a first out-of-band message. The processor may receive, from at least one of the remote devices, a response that includes the passphrase. The response may be a second out-of-band message. The processor may decrypt application startup data that is stored in a first configuration file for the application using the received passphrase. The application startup data may be necessary for the application to execute. The processor may then execute the application using the decrypted application startup data.

System and methods are provided for admission to networks that include at least one node providing network coordinator functions. A network coordinator may have a random number generator, with the network coordinator distributing a random number within a network that include at least a first node and a second node. The network coordinator may receive a request for a dynamic encryption key from the first node, with the request being encrypted using a static encryption key unique to the first node, and with the static encryption key being determined based on the distributed random number. The network coordinator may then send a dynamic encryption key to the first node, with the dynamic encryption key being encrypted using the static encryption key. The second node may then admit the first node into the network. The network may be a Multimedia over Coax Alliance (MoCA) network.

A method of generating wallets for discrete blockchain networks comprising receiving a primary and a first secondary seeds, generating an enhanced hierarchical deterministic (HD) wallet, comprising deriving an enhanced parent public key and an enhanced parent private key from the primary seed, generating a first toughened HD wallet, comprising deriving a first toughened parent public and private key pair from the first secondary seed, deriving a first toughened primary child public/private key pair from a function including as inputs the first toughened parent public/private key pair, a first parent chain code, and the enhanced parent public key, and performing an identity registration and certification procedure for both the enhanced and the first toughened HD wallets. An identify of a user associated with each of the enhanced and the first toughened HD wallets is verifiable by an external blockchain network because of the identity registration and certification procedures.

Methods and systems are configured to store user data and control access to the user data, wherein the data is stored remotely from the user (such as external to a user's computing device) and the user's data is maintained anonymously. Content is stored in association with a user identifier and access by third parties is controlled by linked third party identifiers.

A novel key management approach is provided for securing communication handoffs between an access terminal and two access points. As an access terminal moves from a current access point to a new access point, the access terminal sends a short handoff request to the new access point. The short handoff request may include the access terminal ID; it does not include the access point ID. The new access point may then send its identifier and the access terminal's identifier to the authenticator. Using a previously generated master transient key, the access point identifier and the access terminal identifier, an authenticator may generate a master session key. The master session key may then be sent to the access point by the authenticator. The access terminal independently generates the same new security key with which it can securely communicate with the new access point.

Methods, systems and devices for generating an authentication key are provided. Two or more communications devices can generate an authentication key by monitoring a physical stimulus that is experienced by both devices (e.g., a common physical stimulus). Each device can then use an identical, predetermined algorithm to generate a common authentication key based on the stimulus. The devices can use the common authentication key to establish a secure network.

The invention solves the way of authentication of secured data channel between two sides (A, B) when there is at first established a non-authenticated protected data channel (1), with ending (3) of the data channel (1) on the first side (A) and ending (4) of the data channel (1) on the other side (B) and with target application (7) on the first side (A) and target application (8) on the other side (B), while the endings (3) and (4) have a non-authenticated shared secret (5), consequently, on both sides (A, B) of the data channel (1) there are calculated the data derived from non-authenticated shared secret (5), then the data derived from the non-authenticated shared secret (5) are passed via external communication means out of the data channel (1) to two sides (11, 12) of the external authentication system (2), which consequently performs authentication of communicating sides (A, B) including authentication of the data channel (1).

In the communications system, a user equipment UE accesses a core network via a first network-side device by using a first air interface and connects to the first network-side device via a second network-side device by using a second air interface to access the core network. The method includes: acquiring, by the network-side device, an input parameter; calculating, by the network-side device, an access stratum root key KeNB* according to the input parameter and an access stratum root key KeNB on the first air interface, or using, by the network-side device, the KeNB as the KeNB*; and generating, by the second network-side device, an access stratum key on the second air interface according to the KeNB*, or sending, by the first network-side device, the KeNB* to the second network-side device.

A system is configured for detecting a point of sale, receiving a personal identification number (PIN), generating a PIN based key using a message digest of the PIN, decrypting a data encryption key (DEK) using the PIN based key, and generating a DEK based dynamic key using the PIN based key. The system may also decrypt a session key using the DEK based dynamic key, generate a cryptogram from the session key, and send the cryptogram to the point of sale.

Apparatuses, methods, and systems are disclosed for application registration with a network. One method includes transmitting an application registration request to a network device. The application registration request includes a client identifier, an authentication code, a routing identifier, or a combination thereof. The method includes receiving a response from the network device. The response corresponds to the application registration request.