Systems and methods for device registration and authentication are disclosed. In one embodiment, a method for authentication of a device may include (1) receiving, at a mobile device, a first credential; (2) transmitting, over a network, the first credential to a server; (3) receiving, from the server, a first key and a first value, the first value comprising a receipt for the first credential; (4) receiving, at the mobile device, a data entry for a second credential; (5) generating, by a processor, a second key from the data entry; (6) retrieving, by the mobile device, a third credential using the first key and the second key; (7) signing, by the mobile device, the first value with the third credential; and (8) transmitting, over the network, the signed third value to the server.

A computer-readable recording medium storing an update program is disclosed. An issuing request of a second public key certificate is sent to a server under a secure connection to the server using a first public key certificate. The second public key certificate is received from the server. A connection confirmation using the second public key certificate is conducted, when a validity date of the first public key certificate lapses.

Systems and methods for managing group encryption are described. In certain methods, a content asset may be encrypted with an asset key. An account key may be determined. Using the account key, an encrypted content asset package may be generated comprising at least the asset key, wherein the encrypted content asset package is decryptable with the account key. The encrypted content asset package and an identifier associated with the account key may be transmitted, for example to a playback device.

The present application describes a method, system, and non-transitory computer-readable medium for end-to-end encryption during a secure communication session. According to the present disclosure, a first device initializes a secure communication session with at least one second device. Initializing the secure communication session includes transmitting an invitation to a secure communication session to the at least one second device. The at least one second device may generate a transmission root key, which may be used to derive a first key for encrypting data transmitted to the first device and a second key for decrypting received data from the first device. The at least one second device may transmit the transmission root key to the first device, which may use the transmission root key to derive a first key to encrypt data transmitted to the at least one second device and a second key to decrypt data received from the at least one second device.

A vehicle control method of starting and shutting down an engine, in which a processor receives a blockchain update comprising a first transaction with instructions to perform an engine startup or shutdown; the blockchain update is validated; an engine startup or shutdown is performed based on the validated blockchain update; where the engine startup or shutdown is delayed based on validating a predetermined number of subsequent blockchain updates, including a second transaction with instructions to perform the engine startup or shutdown.

Control systems and methods for securely loading software in a power control system. In some examples, the control system includes a computing device and a plurality of security modules. The computing device may obtain and divide an executable image into a plurality of images. The computing device may generate a control hash as a function of the plurality of images, and record the control hash. The computing device may store each of the plurality of images in a plurality of security modules. At boot up, the computing device may load, from each security module, the stored image, and store each image to a memory device. The computing device may generate a hash based on the stored images, and compare the generated hash to the recorded control hash. Based on the comparison, the computing device may allow execution of the executable image.

A method of communication, within a processing system of a gas turbine engine, between a first electronic component and a second electronic component, comprising: generating by the first electronic component, a request, comprising a digital certificate, intern comprising a first host public key and a first client public key, signed with a first host private key, to initiate a trusted communication session with a second electronic component; encrypting at the first electronic component, at least a portion of the request with a first client private key; transmitting the request to the second electronic component; the first host private key and the first host public key defining a first asymmetric keypair and the first client private key and the first client public key defining a second asymmetric keypair.

Control systems and methods for securely authenticating and validating a control system. The control system may include a plurality of dependent control nodes and master control nodes. Each dependent control node is communicatively coupled to one or more peripheral devices. Each control node maintains a unit level distributed ledger, where each unit level distributed ledger includes information from corresponding peripheral devices. Each control node may transmit a portion of the unit level distributed ledger to a master control node. Each master control node may maintain a system level distributed ledger that includes information from the corresponding unit level distributed ledgers. Each master node may transmit a portion of the system level distributed ledger to a central node that maintains a separate secure distributed ledger. The master node may authenticate the control system based on the received portion of the system level distributed ledgers and the secure distributed ledgers.

A method for controlling an engine having a control module and smart nodes. The method includes maintaining a block chain ledger, which includes an information block from at least a preceding engine start, may be at the control module of the aircraft engine. The method also includes maintaining a hash of at least a digital certificate and data at one of the smart nodes; transmitting a message including the hash to the control module; receiving the message at the control module; determining a control hash based upon the information from at least a preceding engine start at the control module; module comparing the hash to the control hash at the control; and based upon the comparison, starting the engine and updating the block chain ledger as a function of the received message.

An example of a system and method implementing a live migration of a guest on a virtual machine of a host server to a target server is provided. For example, a host server may utilize a flow key to encrypt and decrypt communications with a target server. This flow key may be encrypted using a receive master key, which may result in a receive token. The receive token may be sent to the Network Interface Controller of the host server, which will then encrypt the data packet and forward the information to the target server. Multiple sender schemes may be employed on the host server, and various updates may take place on the target server as a result of the new location of the migrating guest from the host server to the target server.