Methods and apparatus to establish secure low energy wireless communications in a process control system are disclosed. An example field device includes a Bluetooth Low Energy (BLE) interface to receive a first initialization message from a remote device over an unpaired BLE connection. The first initialization message includes a plaintext message containing authentication content. The authentication content is generated based on a private authentication token available to the remote device using middleware. The field device also includes a BLE message analyzer to validate the plaintext message based on the authentication content using the authentication token stored by the field device.

The present disclosure relates to highly secure, high speed encryption methodologies suitable for applications such as media streaming, streamed virtual private network (VPN) services, large file transfers and the like. For example, encryption methodologies as described herein can provide stream ciphers for streaming data from, for example, a media service provider to a plurality of users. Certain configurations provide wire speed single use encryption. The methodologies as described herein are suited for use with blockchain (e.g. Bitcoin) technologies.

Provided are embodiments for a circuit comprising for performing hardware acceleration for elliptic curve cryptography (ECC). The circuit includes a code array comprising instructions for performing complex modular arithmetic; and a data array storing values corresponding to one or more complex numbers. The modular arithmetic unit includes a first multiplier and a first accumulation unit, a second multiplier and a second accumulation unit, and a third multiplier and a third accumulation unit, wherein the first, second, and third multiplier and accumulation units are cascaded and configured to perform hardware computation of complex modular operations. Also provided are embodiments of a computer program product and a method for performing the hardware acceleration of super-singular isogeny key encryption (SIKE) operations.

A method and system are provided for updating an elliptic curve (EC) base point G, with the EC basepoint used in encryption and coding of video data. A candidate base point G is generated that includes additional data used for validation purposes and checked as a valid base point before transmission and use.

In one embodiment, an apparatus includes a hardware accelerator to execute cryptography operations including a Rivest Shamir Adleman (RSA) operation and an elliptic curve cryptography (ECC) operation. The hardware accelerator may include a multiplier circuit comprising a parallel combinatorial multiplier, and an ECC circuit coupled to the multiplier circuit to execute the ECC operation. The ECC circuit may compute a prime field multiplication using the multiplier circuit and reduce a result of the prime field multiplication in a plurality of addition and subtraction operations for a first type of prime modulus. The hardware accelerator may execute the RSA operation using the multiplier circuit. Other embodiments are described and claimed.

An electronic device and a method for performing a peer to peer (P2P) service in the electronic device are provided. The electronic device includes a communication module, a processor, a memory, and a security module, wherein the memory may be configured to store instructions that, when executed, enable the processor to receive a public key from an external electronic device as a P2P service is requested, transmit, to the external electronic device, an authentication certificate chain generated on the basis of the received public key via the security module, verify an authentication certificate chain received from the external electronic device by using a root authentication certificate stored in the security module, receive encrypted information of the external electronic device from the external electronic device, decrypt the encrypted information of the external electronic device by using a shared key generated according to a result of the verifying of the received authentication certificate chain, and perform the P2P service with the external electronic device via the communication module, on the basis of the decoded information of the external electronic device.

A method for secure key exchange. The method comprises receiving a request to certify a key from a communication partner at an interface between an access and tamper resistant circuit block and exposed circuitry. Within the access and tamper resistant circuit block, a first random private key is generated. A corresponding public key of the first random private key is derived, and a cryptographic digest of the public key and attributes associated with the first random private key is generated. The generated cryptographic digest is signed using a second random private key that has been designated for signing by one or more associated attributes. The public key and the signature are then sent to the communication partner via the interface.

The present disclosure discloses a method for sharing models among autonomous vehicles based on a blockchain, the method comprising the steps of: 1) creating a mobile edge computing network; 2) generating a key pair for each node in the mobile edge computing network; 3) creating a local model set of a mobile node set in the mobile node computing network; 4) enabling each mobile node to communicate with a corresponding nearest mobile edge computing node; 5) creating supernode sequences by the mobile edge computing node; 6) creating a blockchain based on the supernode sequences; and 7) updating the local model set.

Methods, systems, and devices are provided for authenticating API messages using PKI-based authentication techniques. A client system can generate a private/public key pair associated with the client system and sign an API message using the private key of the private/public key pair and a PKI-based cryptographic algorithm, before sending the signed API message to a server system. The server system (e.g., operated by a service provider) can authenticate the incoming signed API message using a proxy authenticator located in less trusted zone (e.g., a perimeter network) of the server system. In particular, the proxy authenticator can be configured to verify the signature of the signed API message using the public key corresponding to the private key and the same cryptographic algorithm. The authenticated API message can then be forwarded to a more trusted zone (e.g., an internal network) of the server system for further processing.

A method for misbehaviour warnings in an intelligent transportation system (ITS) including determining at a network server that an ITS station is misbehaving. In response to determining that the ITS station is misbehaving, the network server transmits a misbehaviour warning message to the ITS station indicating that the ITS station is misbehaving. In response to transmitting the misbehaviour warning message and determining that the ITS station is continuing to misbehave, the network server includes information of the ITS station in a certificate revocation list (CRL) and transmits the CRL.