A device may process a message associated with an account to identify a first identifier that identifies a third party. The device may identify a match between the first identifier and transaction information related to an individual associated with the account. The transaction information may include a set of first identifiers that identify a respective set of third parties. The transaction information may facilitate identification of one or more messages that is likely to include account information. The device may tag the message with a second identifier based on the match. The device may receive, from another device, the message based on the message being tagged with the second identifier. The device may process the message to identify the account information related to another account. The device may extract identified account information from the message. The device may perform an action related to extracted account information or the message.

Discussed are a cross certification method and a certifying device to perform the method. The certifying device can include a certification communication unit; a certification storage unit; and a certification control unit, wherein when a first certification is approved, the certification control unit encrypts a second identification information with a unidirectional encryption algorithm to generate a certification cryptogram, and transmits the certification cryptogram to an electronic device to request a second certification, when receiving a first random number in response to the request for the second certification, the certification control unit inputs the second identification information and an initial vector to a random number generating algorithm to generate a second random number, and the certification control unit compares the first random number and the second random number to verify the first random number, and determines whether to approve the second certification according to a result of the verification.

Systems and methods for threshold authenticated encryption are provided. A collection of cryptographic devices may encrypt or decrypt a message, provided that a threshold number of those devices participate in the encryption process. One cryptographic device may generate a commitment message and transmit it to the other selected devices. Those devices may each perform a partial computation using the commitment message, and transmit the partial computations back to the encrypting or decrypting device. The encrypting or decrypting device may use those partial computations to produce a cryptographic key, which may then be used to encrypt or decrypt the message.

A method of generating a verification code includes measuring a time of arrival and a corresponding first or second state value of a plurality of first photons and a plurality of second photons, where respective ones of the plurality of first photons are entangled with respective ones of a plurality of second photons in a first basis, which is time, and entangled in a second basis. A first and a second ordered list of the measured times of arrival of the plurality of respective first and second photons is generated. Time-of-arrival matches between the first ordered list and the second ordered list are determined. First or second state values that correspond to the determined time-of-arrival matches between the first ordered list and the second ordered list are determined. A verification code using some of the determined first or second state values that correspond to the determined time-of-arrival matches is generated.

Generating a private key recovery seed based on random words extracted from an input memory of a user and using the recovery seed to recover the private key. An input that is related to a specific memory of a user is received. The specific memory was previously entered and used to generate random words that are related to each other by being included in the specific memory. The random words are extracted from the received input. The random words are associated with a first private key recovery mechanism for recovering a private key. The random words are input into the first private key recovery mechanism to generate a recovery seed. The recovery seed is input into a second private key recovery mechanism. The second private key recovery mechanism generates a recovered private key upon performing a recovery operation on the private key recovery seed.

Techniques are described herein that are capable of using security event correlation to describe an authentication process. Multiple events may describe a common (i.e., same) attempt to authenticate the user. For instance, a first event may include a first description of the attempt, a second event may include a second description of the attempt, and a third event may include a third description of the attempt. The first, second, and third events may be correlated based at least in part on the first, second, and third descriptions. The first, second, and third events may be aggregated to provide an aggregated event that includes an aggregation of the first, second, and third descriptions. An authentication report may be generated to include the aggregation of the first, second, and third descriptions to describe the authentication process.

A system uses information submitted in connection with a request to determine if and how to process the request. The information may be electronically signed by a requestor using a key such that the system processing the request can verify that the requestor has the key and that the information is authentic. The information may include information that identifies a holder of a key needed for processing the request, where the holder of the key can be the system or another, possibly third party, system.

The invention presents a solution in which blockchain Transactions are created to implement the functionality of a logic gate. The invention may be implemented on the Bitcoin platform or an alternative blockchain platform. The transaction includes a locking script which comprises instructions selected so as to implement the functionality of a logic gate, such as the XOR gate. When the script is executed (because a second transaction is attempting to spend the output associated with the locking script) the inputs will be processed by the conditional instructions to provide an output of TRUE or FALSE. The inputs are pre-processed by one or more computing agents so that they are evaluated to TRUE or FASLE prior to being used as inputs to the script. The second transaction is transmitted to the blockchain network for validation and, if determined to be valid, it will be written to the blockchain. Validation of the second transaction can be interpreted as a TRUE output. Thus, the locking script of the first transaction provides the functionality of the desired logic gate. The invention provides numerous advantages and can be used in a wide variety of applications, such as for the implementation of control systems and unit.

A trust management system is provided for a network communication ecosystem having a plurality of participating entities. The trust management system includes a trust specification engine configured to define and manage trust relationships between a first entity and a second entity of the plurality of participating entities, a trust analysis engine configured to process the results of a trust query from the first entity to the second entity, a trust evaluation engine configured to evaluate the trust relationships managed by the trust specification engine, and a trust monitor configured to (i) monitor one or more trust triggers occurring relevant to at least one of the first and second entities, and (2) update a trust relationship between the first and second entities based on one or more monitored trust triggers.

According to some example embodiments, a method for providing security to a storage device includes receiving, by the storage device, a public key via a network; sending, by the storage device, the received public key and a proposed configuration corresponding to the storage device to a security manager that resides in a control plane of the network; determining, by the security manager, whether the public key received from the storage device matches a private key available to the security manager; downloading, by the security manager, the proposed configuration to the storage device; determining, by the security manager, if the proposed configuration is successfully downloaded to the storage device; operating the storage device according to the downloaded configuration; and granting, by the security manager, a request to lease the storage device operating in the downloaded configuration for a time interval.