An electronic device and an operating method of an electronic device are provided. The electronic device receives, from a first server, access information about a second server for accessing the second server, receives access information about a third server from the second server accessed based on the access information about the second server, in response to a service connection request using the third server of an application, checks the validity of the application based on data for verifying the validity of the application included in the access information about the third server, and performs the service by accessing the third server based on the result of identifying the validity of the application.

A node may receive, from a quantum key-distribution (QKD) device, a first message that includes an identifier associated with a key. The node may send, to another node, a second message that includes the identifier and a request to perform at least one task. A node may receive, from the other node, a third message that includes information associated with performance of the at least one task by the other node and information indicating a time of performance. The node may receive, from the QKD device, a fourth message that includes the key and information indicating a time window associated with the quantum key; wherein the fourth message is received after expiration of the time window. The node may process, based on the fourth message, the third message to determine whether the third message is valid and thereby cause one or more actions to be performed.

Embodiments relate to systems and methods for securely provisioning login credentials to an electronic device on a network, e.g., a consumer premises device (CPE) device, such as, among other devices, a modem. The login credential may be used, for example, for securely provisioning and configuring a CPE device.

A controller for an electric power distribution system includes processing circuitry and a memory that includes instructions. The instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to determine that a first switch of the electric power distribution system is a primary switch communicatively coupled to an intelligent electronic device (IED) of the electric power distribution system, determine that a second switch of the electric power distribution system is a backup switch communicatively coupled to the IED, and distribute a first copy of a security association key (SAK) to the first switch and a second copy of the SAK to the second switch in response to determining that the first switch is the primary switch and the second switch is the backup switch to enable the first switch and the second switch to establish respective media access control security (MACsec) communication links with the IED.

The present application relates to devices and components including apparatus, systems, and methods to share a credential for accessing a secured entity between an origination device and a recipient device. In some embodiments, the sharing may be cross platform where the recipient device executes a different platform than the origination device.

Authentication of a networked device with limited computational resources for secure communications over a network. Authentication of the device begins with the supplicant node transmitting a signed digital certificate with its authentication credentials to a proxy node. Upon verifying the certificate, the proxy node then authenticates the supplicant's credentials with an authentication server accessible over the network, acting as a proxy for the supplicant node. Typically, this verification includes decryption according to a public/private key scheme. Upon successful authentication, the authentication server creates a session key for the supplicant node and communicates it to the proxy node. The proxy node encrypts the session key with a symmetric key, and transmits the encrypted session key to the supplicant node which, after decryption, uses the session key for secure communications. In some embodiments, the authentication server encrypts the session key with the symmetric key.

Techniques are described for wireless communication. A method for wireless communication at a user equipment (UE) includes performing an extensible authentication protocol (EAP) procedure with an authentication server via an authenticator. The EAP procedure is based at least in part on a set of authentication credentials exchanged between the UE and the authentication server. The method also includes deriving, as part of performing the EAP procedure, a master session key (MSK) and an extended master session key (EMSK) that are based at least in part on the authentication credentials and a first set of parameters; determining a network type associated with the authenticator; and performing, based at least in part on the determined network type, at least one authentication procedure with the authenticator. The at least one authentication procedure is based on an association of the MSK or the EMSK with the determined network type.

A SSH (secure shell) public key is received from a client device 120 120 on the enterprise network, and an EMS device 140 is queried based on the SSH public key. Responsive to confirmation of registration from the EMS server, an authentication certificate based on a user and the client device 120 120 is generated. An SSH session is initiated on behalf of the client device 120 120 including submitting the certificate and the SSH public key from the client device 120 120 to the external server.

A first device obtains a public key of a first home device and a first message leaving key that is used to encrypt an offline message between the first device and the first home device; obtains a public key of a second device and a second message leaving key that is used to encrypt an offline message between the first device and the second device; obtains a third message leaving key used to encrypt an offline message between the second device and the first home device; encrypts the public key of the second device and the third message leaving key by using the first message leaving key, to obtain first encrypted information, and requests a server to push the first encrypted information to the first home device; and encrypts the public key of the first home device and the third message leaving key by using the second message leaving key.

An encrypted data storage system and method based on offsite key storage are provided, comprising the system includes a key control center, an offsite key storage system, and a data encryption/decryption storage system. The offsite key storage system includes a first key control device, a key storage device, and a first quantum key distribution device. The data encryption/decryption storage system includes a second key control device, a data encryption/decryption storage device, and a second quantum key distribution device. The first quantum key distribution device is in quantum communication connection with the second quantum key distribution device. The first key control device is communicatively connected with the key storage device and the first quantum key distribution device, respectively.