A method for side-channel attack mitigation in streaming encryption includes reading an input stream into a decryption process, extracting an encryption envelope having a wrapped key, a cipher text, and a first message authentication code (MAC) from the input stream, generating a second MAC using the wrapped key of the encryption envelope, and performing decryption of the cipher text in constant time by determining whether the encryption envelope is authentic by comparing the first MAC extracted from the encryption envelope and the second MAC generated using the wrapped key.

A robust, computationally-efficient and secure system is described for streaming content from a server to a client device via the Internet or another digital network. Various aspects relate to automated processes, systems and devices for securing a media stream with efficient yet effective digital cryptography. In particular, content may be transmitted in transport stream (TS) format in which all packets are encrypted (e.g., using a cipher block chain), in which control packets are exempted from encryption (e.g., using an electronic codebook), or in any other manner.

A method for asynchronous side channel cipher renegotiation includes: establishing, by a first computing device, a first communication channel and a second communication channel with a second computing device, where the first communication channel is an encrypted tunnel and packages exchanged using the encrypted tunnel are encrypted using a first cipher; receiving, by a receiver of the first computing device, a renegotiation request from the second computing device using the second communication channel, where the renegotiation request includes at least a password value and a relative time; generating, by a processor of the first computing device, a second cipher using at least an encryption protocol and the password value; receiving, by the receiver of the first computing device, a new encrypted packet from the second computing device using the first communication channel; and decrypting, by the processor of the first computing device, the new encrypted packet using the second cipher.

This disclosure relates to a computer-implemented method, a data processing apparatus, a computer program, and a computer-readable storage medium for processing encrypted data. There is provided a computer-implemented method for processing encrypted data, comprising receiving a swap key, wherein the swap key is the product of an exclusive OR operation performed on a first key and a second key; receiving a first ciphertext, wherein the first ciphertext is encrypted with the first key and not encrypted with the second key; and performing an exclusive OR operation on the swap key and the first ciphertext to produce second ciphertext, such that the second ciphertext is encrypted with the second key and not encrypted with the first key.

The apparatus receives a first PDU and a first CRC that is based on the first PDU. The first PDU is encrypted based on a first nonce. The apparatus decrypts the first PDU to obtain a first payload and a first cipher stream. The apparatus soft combines the decrypted first payload with a decrypted set of payloads. The set of payloads have been encrypted based on at least one nonce different than the first nonce. The apparatus generates a second CRC based on the soft combined decrypted payloads and based on the first cipher stream. The apparatus determines whether the generated second CRC for the soft combined decrypted payloads passes a CRC check against the first CRC.

An integrated circuit features technology for generating a keystream. The integrated circuit comprises a cipher block with a linear feedback shift register (LFSR) and a finite state machine (FSM). The LFSR and the FSM are configured to generate a stream of keys, based on an initialization value and an initialization key. The FSM comprises an Sbox that is configured to use a multiplicative mask to mask data that is processed by the Sbox when the LFSR and the FSM are generating the stream of keys. Other embodiments are described and claimed.

A method comprises receiving a session identifier from a streaming system that identifies a user session with the streaming system. The method further includes receiving a first message from a streaming system that is based on a token that is generated based on a combination of the session identifier and a timestamp at which an insertable content item was presented to the user in a content stream by the streaming system. The first message is decrypted using a plurality of timestamps that are within a range of a current time. An identifier is determined for the insertable content item based on the decrypted message. A second message is transmitted to an enabling system, the message including instructions for execution by the enabling system to execute one or more operations with the identified insertable content item.

Techniques and mechanisms described herein facilitate the efficient common storage of partially encrypted content. According to various embodiments, a client device to transmit a designated representation of a media content item via a communications interface may be received. The media content item may be associated with a plurality of representations including the designated representation. The media content item may be associated with first media content data and second media content data. The first media content data may be shared among the plurality of representations. The second media content data may be specific to the designated representation. The first media content data may be combined with the second media content data to create a designated partially encrypted media content portion associated with the designated representation via a processor. The designated partially encrypted media content portion may be transmitted to the client device via the communications interface.

Methods, systems, and computer program products for operating a secure conference system. A non-limiting example of the computer-implemented method includes transmitting an invitation for a conference to a plurality of participants and instructing a blockchain system to create a blockchain network at a start of the conference. The blockchain network includes a node corresponding to each of the plurality of participants and a node corresponding to a central conference device. The method also includes obtaining, from the node of the blockchain network corresponding to the central conference device, a secret key corresponding to the central conference device and receiving an media communication stream from each of the plurality of participants. The method further includes creating a mixed media communication stream by combining the media communication stream from each of the plurality of participants, encrypting, using the secret key, the mixed media communication stream and multicasting the mixed media communication stream to the plurality of participants.

The present disclosure relates to a transmitting device and a transmitting method, and a receiving device and a receiving method which are capable of improving confidentiality and communication resistance in low power wide area (LPWA) communication. The transmitting device generates a key stream on the basis of GPS time information, encrypts transmitted data on the basis of the key stream to generate encrypted data, and transmits the encrypted data to the receiving device. The receiving device generates a key stream on the basis of GPS time information and decodes the encrypted data into the transmitted data on the basis of the key stream. The present disclosure can be applied to an LPWA communication system.