One embodiment provides a device that includes one or more line of sight transmitters configured to transmit signals over a line of sight communications medium, one or more transmitters configured to transmit signals over another communications medium and a controller. The controller is configured to perform an operation that includes retrieving a key adapted for use in decrypting encrypted content. The operation further includes transmitting the key to a second device over the line of sight communications medium using the one or more line of sight transmitters. Additionally, the operation includes encrypting data such that the data can be decrypted using the retrieved key. The operation also includes transmitting the encrypted data to the second device over the other communications medium using the one or more transmitters, where the second device is configured to decrypt the encrypted data using the key received over the line of sight communications medium.

The present invention provides a method and system for secure communication over communication network by an identity-based key agreement between the parties transmitting information over the network. The system and method there of employs (k, n) threshold secret sharing scheme and assures information theoretic secrecy that cannot be broken by unlimited computing power.

Described herein is a fuel authorization program that vehicles enrolled in the fuel authorization program to provide fuel tank sensor data in each fuel authorization request, so that an amount of fuel authorized will be limited to the amount needed to fill the vehicle's fuel tank, reducing a likelihood that fuel will be diverted. In at least some embodiments, the fuel authorization controller at the vehicle automatically uses the fuel tank sensor data and known tank size to include in a fuel authorization request sent to a fuel vendor data defining how much fuel is required to fill the vehicle fuel tanks. In at least some embodiments, the fuel vendor consults data from a source other than the vehicle (such as records maintained by the fuel authorization program) to determine how large the vehicles fuel tanks are, and to calculate how much fuel is required.

A system and method for authenticating and continuously verifying authorized users of a digital device includes an authentication device attached to an arm or wrist of authorized users. The authentication device has an accelerometer, digital radio, a processor configured to provide identity information over the radio, and to transmit motion data. The motion data is received by the digital device and the identity transmitted is verified as an identity associated with an authorized user. Input at a touchscreen, touchpad, mouse, trackball, or keyboard of the digital device is detected, and correlated with the motion data. Access to the digital device is allowed if the detected input and the detected motion data correlate, and disallowed otherwise.

Disclosed is a working method of a voice authentication system and a device. The method includes that: an application server sends user information sent by an application interface and a stored application name to an authentication server; the authentication server generates a push authentication request according to a generated challenge value, the user information and the application name and sends the push authentication request to a mobile terminal token; the mobile terminal token generates voice information, collects the voice response of user, generates a first response value according to the challenge value and sends the challenge value to the authentication server when determining that logon is authorized; the authentication server generates a second response value, returns successful authentication when two response values are identical. The invention prevents click errors caused by mistaken operations, and is convenient to remind user of current information, avoids authentication delay and enhances security.

In various examples, a method of establishing a communication session between an external device and an implantable medical device is described. The method includes generating at the external device a first private key and a first public key. A start session order is sent over a long-range communication channel. Evidence of physical proximity is sent from the external device to the implantable medical device over a short-range communication channel. A second private key and a second public key are generated at the implantable medical device. A first shared key is generated by the implantable medical device using the first public key and the second private key. A second shared key is generated by the external device using the second public key and the first private key. The first and second shared keys are used to encrypt and decrypt one or more messages between the external device and the implantable medical device.

An agreement apparatus P(i) (where i=0, . . . , n−1) which executes a consensus protocol generates an opinion value with a signature X.sub.ij=(x.sub.i, sig.sub._i(x.sub.i)) including an opinion value x.sub.i indicating an opinion and a signature sig.sub._i(x.sub.i) on the opinion value x.sub.i or information different from the opinion value with the signature X.sub.ij as an opinion value with a signature X′.sub.ij=(x′.sub.ij, e′.sub.ij) and outputs the opinion value with the signature X′.sub.ij to an agreement apparatus P(j) (where j=0, . . . , n−1, i≠j). The agreement apparatus P(j) accepts the opinion value with the signature X′.sub.ij and outputs the opinion value with the signature X′.sub.ij or information different from the opinion value with the signature X′.sub.ij to an agreement apparatus P(m) (where m=0, . . . , n−1, m≠i, m≠j) as an opinion value with a signature X″.sub.ij.

Various arrangements for configuring wireless network access for a first wireless device using a previously-configured second wireless device are presented. The first wireless device may output a temporary wireless network hotspot and advertise an identifier. A second wireless device may search for and identify the based on the advertised identifier. The second wireless device may connect with the temporary wireless network hotspot and provide wireless network credentials for a wireless network for which the second wireless device has previously been granted access. The may then establish a network connection with the wireless network based on the wireless network credentials transmitted by the second wireless device.

Aspects of the subject disclosure may include, for example, authenticating a user device based on communication over a data plane of a network, generating a decryption key, transmitting the decryption key to the user device, and transmitting encrypted content to the user device. The encrypted content may be accessible at the user device via the encryption key, potentially as a function of location and/or time. Other embodiments are disclosed.

Technologies for key management of internet-of-things (IoT) devices include an IoT device, an authority center server, and a group management server. The IoT device is configured to authenticate with an authority center server via an offline communication channel, receive a group member private key as a function of the authentication with the authority center server, and authenticate with a group management server via a secure online communication channel using the group member private key. The IoT device is further configured to receive a group shared key as a function of the authentication with the group management server, encrypt secret data with the group shared key, and transmit the encrypted secret data to the group management server. Other embodiments are described herein.