In one embodiment, a processor includes a memory hierarchy and a core coupled to the memory hierarchy. The memory hierarchy stores encrypted data, and the core includes circuitry to access the encrypted data stored in the memory hierarchy, decrypt the encrypted data to yield decrypted data, perform an entropy test on the decrypted data, and update a processor state based on a result of the entropy test. The entropy test may include determining a number of data entities in the decrypted data whose values are equal to one another, determining a number of adjacent data entities in the decrypted data whose values are equal to one another, determining a number of data entities in the decrypted data whose values are equal to at least one special value from a set of special values, or determining a sum of n highest data entity value frequencies.

An integrated circuit having Radio Frequency Identification components and circuitry used for authentication is discussed. The RFID components and circuitry include two or more coils and corresponding electrical circuits that are tuned to use two or more different resonant frequencies including: a first resonant RF used for power generation and a second resonant RF used for data communication. The integrated circuit contains a unique signature that is used for the authentication with two or more aspects including i) a first aspect that is a programmed password in a memory embedded on the integrated circuit, and ii) a second aspect that is a unique, randomly generated code based upon a physical characteristic of the integrated circuit.

Provided are a random number generation device and the like capable of calculating a high precision random number using a memory capacity selected irrespective of the precision of the random number. A random number calculation device is configured to generate first random numbers based on given number and specify, for the given number of second random numbers in a target numeric extent, bin range depending on the first random numbers based on frequency information representing cumulative frequency regarding a frequency of numeric extent including respective second random numbers among given numeric extents, the numeric extent being determined in accordance with a desirable precision.

A communication system including a first device (1a, 1a′) and a second device (1b, 1b′). The first device (1a, 1a′) comprises a memory storing first-device-specific identification data and the second device (1b, 1b′) comprises a memory storing second-device-specific identification data. The first device (1a, 1a′) is configured to receive a copy of the second-device-specific identification data and to store the copy in the memory of the first device (1a, 1a′) and the second device (1b, 1b′) is configured to receive a copy of the first-device-specific identification data and to store the copy in the memory of the second device (1b, 1b′). The first device (1a, 1a′) is configured to derive a first encryption key from the first-device-specific identification data and the received copy of the second-device-specific identification data. The second device is configured to derive the first encryption key from the second-device-specific identification data and the received copy of the first-device-specific identification data. The first device (1a, 1a′) encrypts transmission data using the first encryption key and transmits the encrypted transmission data to the second device (1b, 1b′). The second device (1b, 1b′) receives the encrypted transmission data from the first device (1a, 1a′) and decrypts the encrypted transmission data using the first encryption key.

A method for key generation is arranged in a client processor device, by means of which a second public client key P.sub.c′ of the client is generated. The public key P.sub.c′ is formed by a calculation, or sequence of calculations, which does not contain any operation whose result depends exclusively on the nonce s and at least one public value, or the public key P.sub.c′ being formed by a calculation, or sequence of calculations, where into each operation in which the nonce s enters, at least one non-public value enters the first private client key k.sub.c or the second private client key k.sub.c′, for example as a result of the calculation P.sub.c′=(k.sub.c′.Math.s).Math.G+(k.sub.c′.Math.k.sub.c).Math.P.sub.t.

A server determines an array [[addr]] indicating a storage destination of each piece of data, generates an array of concealed values, and connects the generated array to the array [[addr]] to determine an array [[addr′]]. The server generates a sort permutation [[σ.sub.1]] for the array, applies the sort permutation [[σ.sub.1]] to the array [[addr′]], and converts the array [[addr′]] into an array with a sequence composed of first Z elements set to [[i]] followed by α.sub.i elements set to [[B]]. The server generates a sort permutation [[σ.sub.2]] for the converted array [[addr′]], generates dummy data, imparts the generated dummy data to the concealed data sequence, applies the sort permutations [[σ.sub.1]] and [[σ.sub.2]] to the data array imparted with the dummy data, and generates, as a secret hash table, a data sequence obtained by deleting the last N pieces of data from the sorted data array.

A method of securely dispersing private user data may include operating a software application configured to utilize user data, receiving the user data, generating a sequence of random bits, and generating a plurality of secret shares from the user data. Generating the plurality of secret shares may include selecting a subset of the user data for each secret share and combining the subset of the user data with the sequence of random bits. The subset of the user data may be a first half of the user data for a first secret share, a second half of the user data for a second secret share, and the whole user data for a third secret share. The method may also include dispersing each of the secret shares.

This disclosure relates to, among other things, systems and methods for deriving key identifiers and managing mapping between keys and key identifiers. Consistent with embodiments disclosed herein, the disclosed systems and methods may provide a mechanism that allows multiple parties to reconstruct unique identifiers given a set of known inputs that may be used to look up, identify, and/or otherwise access services and/or data objects. In some embodiments, this may allow for a service provider and a rights management service to independently derive key identification information based on information that both entities share (e.g., a content document such as a Content Protection Information Exchange Format document), thereby reducing requirements to maintain such mappings.

The present technology discloses methods and systems for receiving a security profile request from an integrity verifier, the request including a nonce; requesting, from a trusted platform module, a new nonce, wherein the new nonce is generated at least in part by the nonce and a current timestamp from a clock in the trusted platform module; receiving, from the trusted platform module, the new nonce; requesting, from a cryptoprocessor, a set of platform configuration registers; receiving, from the cryptoprocessor, the set of platform configuration registers; and sending a response to the integrity verifier, the response including the new nonce and the set of platform configuration registers to verify a security status of the trusted platform module and the cryptoprocessor.

A method includes receiving, by a mobility management entity (MME), a redirection request message from an access and mobility management function (AMF) node, where the redirection request message includes key-related information. The method also includes generating, by the MME, an encryption key and an integrity protection key based on the key-related information. The redirection request message is used to request to hand over a voice service from a packet switched (PS) domain to a circuit switched (CS) domain.