There is provided an information processing system including: a first apparatus (10a) that divides a user key (UK) of a share-source user through a secret distribution process to generate a plurality of distribution keys (S1 and S2); a second apparatus (10b) that sends a processing request to execute a predetermined process by using one of a plurality of the distribution keys generated by the first apparatus; and a third apparatus (20) that makes a determination based on one of a plurality of the distribution keys generated by the first apparatus and the processing request received from the second apparatus.

A computing device comprising a frontend and a backend is operably coupled to a plurality of storage devices. The backend comprises a plurality of buckets. Each bucket is operable to build a failure-protected stipe that spans two or more of the plurality of the storage devices. The frontend is operable to encrypt data as it enters the plurality of storage devices and decrypt data as it leaves the plurality of storage devices.

A server in a blockchain distribution network includes a processor and a transceiver operatively coupled to the processor. The transceiver is configured to receive bytes of a transaction from a first peer node. The transceiver is also configured to propagate the bytes of the transaction to one or more additional peer nodes and to one or more additional servers in the blockchain distribution network. The transceiver is also configured to receive bytes of a blockchain from a second peer node. The blockchain includes information regarding a plurality of transactions, and the plurality of transactions includes the transaction. The transceiver is further configured to propagate the bytes of the blockchain to the one or more additional peer nodes and to the one or more additional servers in the blockchain distribution network.

An authentication system for authenticating an authentication-target apparatus by transmitting challenge data from an authenticating apparatus to the authentication-target apparatus and transmitting response data from the authentication-target apparatus to the authenticating apparatus. The authentication-target apparatus updates ae secret key and an encrypted original key stored in a memory using a new secret key and a new encrypted original key, derives an authentication key based on an original key, and generates the response data based on a challenge data received from the authenticating apparatus and the authentication key. The authentication apparatus derives an authentication key based on identification information of the authentication-target apparatus and an authentication original key, generates response data for verification based on the challenge data and the authentication key, and obtains an authentication result.

A system described herein provide for the secure maintaining and providing of information, such as public keys used in Public Key Infrastructure (“PKI”) techniques or other techniques, using a secure distributed ledger (e.g., “blockchain”) system. A blockchain system may be utilized in lieu of a key escrow system in the exchange and/or providing of public keys in a Diffie-Hellman key exchange technique or other type of technique in which public keys are provided from one entity to another. A first entity may generate an asymmetric key pair that includes a public key and a private key, and may provide the public key to a blockchain system for retrieval by one or more other entities. For example, the entities may be engaged in a secure messaging session, in which messages are encrypted and may be decrypted using one or more keys, including the public key.

Disclosed is a method for ultra-wide band (UWB) security ranging and a UWB device configured to perform secure ranging. The method includes obtaining, from a UWB sub-system of the UWB device, first encryption data including a symmetric key encrypted with a public key of a secure application of the UWB device; transferring the first encryption data to the secure application; obtaining, from the secure application, second encryption data including a ranging data set (RDS) encrypted with the symmetric key; and transferring the second encryption data to the UWB sub-system. In this case, the RDS may include a ranging session key configured to secure a UWB ranging session, and the secure application may be included in a trusted execution environment area.

The present application describes a method, system, and non-transitory computer-readable medium for generating new keys during a secure communication session. A key derivation function is operatively connected to both a counter and a memory. The key derivation function generates new key material from a first input and a second input in response to a signal provided by the counter. The key derivation function generates the new key material and outputs it to the memory.

An electronic device includes a first non-volatile memory and an application circuit. The first non-volatile memory stores first encrypted data encrypted with a global key. The application circuit includes a second non-volatile memory, a decryption unit, a local key unit, and an encryption unit. The second non-volatile memory stores the global key. The decryption unit is coupled to the first non-volatile memory and the second non-volatile memory. The decryption unit retrieves the global key from the second non-volatile memory and decrypts the first encrypted data with the global key to generate plain data. The local key unit generates or stores a local key. The encryption unit is coupled to the local key unit. The encryption unit encrypts the plain data with the local key to generate second encrypted data and overwrites the first encrypted data in the first non-volatile memory with the second encrypted data.

Aspects of the invention include detecting that a rekey timer has expired. The rekey timer is one of a shared key rekey timer for a current shared key between the first node and a second node, and a session key rekey timer for a session key used in a secure communication between a channel on the first node and a channel on the second node. The session key was created based on the current shared key and is used for encrypting data in the secure communication. Based on the rekey timer being the shared key rekey timer, a new shared key is obtained and stored as the current shared key. Based on the rekey timer being the session key rekey timer, a new session key that is based at least in part on the current shared key is obtained and used in the secure communication.

A method including receiving, at a processor, a first assigned public key from a first device included in a mesh network and an external assigned public key from an external device not included in the mesh network; determining, by the processor, that the external device is to be included in the mesh network based at least in part on determining an association between the first device and the external device; and transmitting, by the processor based at least in part on determining that the external device is to be included in the mesh network, the first assigned public key to the external device and the external assigned public key to the first device to enable the first device and the external device to set up a meshnet connection. Various other aspects are contemplated.