An asymmetric cryptographic method for securing access to a private key generated and stored in a device is provided. The method includes generating an application password relating to a predetermined level of entropy; generating, within a trusted execution environment relating to a key manager, a user private key secured by using the application password; receiving, from a user via an input device, user entropy relating to a unique identifier for the user; deriving, using a password derivation function, a symmetric key based on the user entropy; encrypting, using an encryption system, the application password by using the symmetric key; and storing, in a memory, a device payload component relating to the application password and the symmetric key in a password management system.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

An apparatus, method, and computer readable medium that include accessing a frame buffer of a GPU, analyzing, in the frame buffer of the GPU, a first frame of displayed data from a source, the source being an image or video-based feed including an object, identifying the object in the first frame from the source, the object associated with a first value of a parameter, analyzing, in the frame buffer of the GPU, a second frame of the displayed data from the source, identifying the object in the second frame from the source, the object associated with a second value of the parameter, determining an entropy of the object based on a difference between the first parameter value and the second parameter value, generating a random number based on the entropy of the object, and generating an encryption for encrypting data based on the generated random number.

A key generation method includes determining, by an access and mobility management function node, key-related information. The method also includes sending, by the access and mobility management function node, a redirection request message to a mobility management entity. The redirection request message includes the key-related information, and the redirection request message is used to request to hand over a voice service from a packet switched (PS) domain to a circuit switched (CS) domain. The method further includes receiving, by the mobility management entity, the redirection request message. The method additionally includes generating, by the mobility management entity, an encryption key and an integrity protection key for the voice service based on the key-related information.

A security processor includes a key generator circuit configured to randomly generate a key, an encryption circuit configured to encrypt user data based on the key, and a security manager circuit configured to receive a first user identification (ID), which uniquely corresponds to a user of a device, and determine whether to allow access to the user data by authenticating the first user

ID.

Dynamic encryption and decryption method among lock control system modules comprise the following steps: step 1. filling hardware ID data, an unlocking communication protocol and a mask variable into an array according to a predefined variable space, and encrypting the array based on the mask variable to obtain an encrypted array; step 2. decrypting the encrypted array based on the mask variable to obtain a decrypted array, executing data division on the decrypted array according to the predefined variable space, matching the divided data with data recorded in advance one by one, and if the divided data are consistent with the data recorded in advance, executing related operations according to the decrypted unlocking communication protocol content; otherwise, executing no operation.

In a method for cogenerating a shared cryptographic material implemented within a first electronic device, which is connected to a second electronic cogeneration device and to a third electronic cogeneration device, a shared encryption material (pkx) is determined, as a function of a set of cogeneration parameters ECG. The shared encryption material (pkx) is transmitted, and corresponding shared encryption materials (pky, pkz) are received from the other devices. A shared seed (mx) is computed as a function of the shared encryption materials (pkx, pky, pkz) and the set of cogeneration parameters ECG. A masked form (Ox) of said shared seed (mx) is transmitted, and masked forms (Oy, Oz) of corresponding shared seeds (my, mz) are received. A final seed (ad) is computed as a function of the masked forms (Ox, Oy, Oz) of the shared seeds (mx, my, mz) and the set of cogeneration parameters ECG.

In order to provide an information matching system achieving an information matching scheme that takes a lower cost and uses secure biometric information, the information matching system includes a concealment apparatus, a decryption apparatus, and a similarity calculating apparatus. The concealment apparatus transmits, to the similarity calculating apparatus, concealed information including information concealing obtained matching information by linear conversion using random numbers. The similarity calculating apparatus calculates, from obtained one or more pieces of registration information and the concealed information received from the concealment apparatus, a concealed similarity which is a value concealing a similarity between the matching information and the registration information, and to transmit the calculated concealed similarity to the decryption apparatus. The decryption apparatus calculates the similarity between the matching information and the registration information from the concealed similarity received from the similarity calculating apparatus, using the random numbers used by the concealment apparatus.

A secure random number that follows a binomial distribution is generated without performing successive communication. A secure computation apparatus (1.sub.i) generates a share [r].sub.i of a random number r that follows a binomial distribution. A parameter storage unit (10) stores a pseudorandom function PRF, at least one set of a key k.sub.A and a polynomial f.sub.A. A pseudorandom number generating unit (11) obtains a pseudorandom number p.sub.A for each of the keys k.sub.A by computing the pseudorandom function PRF(k.sub.A, a) using the keys k.sub.A. A bit counting unit (12) counts the number r.sub.A of 1s included in each pseudorandom number p.sub.A. A random number share generating unit (13) obtains the sum of products of the number r.sub.A of 1s and an output of the polynomial f.sub.A(i) corresponding to the number r.sub.A of 1s as the share [r].sub.i of the random number r.

An apparatus is disclosed for storing a private key on an IoT device for encrypted communication with an external user device and includes a proximity-based communication interface, encryption circuitry and IoT functional circuitry. The encryption circuitry includes a memory having a dedicated memory location allocated for storage of encryption keys utilized in the encrypting/decrypting operations, an encryption engine for performing the encryption/decryption operation with at least one of the stored encryption keys in association with the operation of the IoT functional circuitry, an input/output interface for interfacing with the proximity-based communication interface to allow information to be exchanged with a user device in a dedicated private key transfer operation, an internal system interface for interfacing with the IoT functional circuitry for transfer of information therebetween, memory control circuitry for controlling storage of a received private key from the input/output interface for storage in the dedicated memory location in the memory, in a Write-only memory storage operation relative to the private key received from the input/output interface over the proximity-based communication interface, the memory control circuitry inhibiting any Read operation of the dedicated memory location in the memory through the input/output interface. The IoT functional circuitry includes a controller for controlling the operation of the input/output interface and the memory control circuitry in a private key transfer operation to interface with the external user device to control the encryption circuitry for transfer of a private key from the user device through the proximity-based communication interface for storage in the dedicated memory location in the memory, the controller interfacing with the encryption circuitry via the internal system interface, and operational circuitry for interfacing with the user device over a peer to peer communication link and encrypting/decrypting information therebetween with the encryption engine in the encryption circuitry.