The present invention provides a method of preventing pry for random access memory. A functional interface is designed between a computer program and a random access memory. When the computer program wants to store an original data into the random access memory, an encryption procedure is processed on the original data first, and then stoic into the random access memory for being an encrypted data. When the computer program ants to fetch related data float the random access memory, the functional interface is used to fetch the encrypted data for decryption, so that the original data is obtained for calculation.

A method is provided in which a network access system receives an initial request from a device requesting access to the network. In response to successfully authenticating the initial access request, the system causes a code to be transmitted in light emitted by one or more light fixtures within a physical space in which access to the network is to be restricted. The system receives information from the device requesting access to the network and determines whether to permit the device access to the network based on the initial request and on whether the received information is derived from the code transmitted by the one or more light fixtures, thereby indicating that the requesting device is within the physical space.

A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.

The method utilizes a passport identification number as an element of a homomorphic encryption used to stamp a passport with country entry/exit data to form a digital representation of a subset of information in the passport. As a result, exchange of the digital representation is permitted to allow a selective transfer of information without exposing a user-sensitive passport identification number. The homomorphic encryption comprises a support for exposing a trusted photo and a trusted group containing country travel entry and exit information. The digitally signed passport stamp may then be used to provide verification of the individual by ensuring linkage to that user's passport. The individual's identity and passport verification may occur unconnected, i.e., without having to connect to a central database.

A method for delegating a computational burden from a computationally limited party to a computationally superior party is disclosed. Computations that can be delegated include inversion and exponentiation modulo any number m. This can be then used for sending encrypted messages by a computationally limited party in a standard cryptographic framework, such as RSA. Security of delegating computation is not based on any computational hardness assumptions, but instead on the presence of numerous decoys of the actual secrets.

Methods, systems, and computer-readable storage mediums are described for effecting practical use of a dual currency which is a currency that can be electronically created and stored, and further for which there is a secret key (e.g., the secret key of a public key/secret key pair as used in public key cryptography) such that: an entity that does not possess the secret key cannot, in practice, create notes of the currency; and an entity that does possess the secret key can, in practice, create notes of the currency without assistance from entities that do not possess the secret key.

A random number processing device according to an aspect of the present disclosure is a random number processing device generating random number data by using data read from memory cells, the memory cells having a property such that, in a variable state, in response to application of different electrical signals, a resistance value of each of the memory cells reversibly transitions between resistance value ranges and, when the resistance value falls within at least one resistance value range among the resistance value ranges, the resistance value changes as time passes, the random number processing device including a random number processing circuit that, in operation, generates first random number data from a combination of first resistance value information and second resistance value information about the resistance values of first and second memory cells among the memory cells which fall within the at least one resistance value range.

A gateway device between a first and second communication network outside the gateway device handles communication between a first device in the first network and a second device in the second network. When the gateway receives a communication request from the first device, directed to the second device, for performing a first cryptographic data communication protocol, the gateway determines whether the first cryptographic data communication protocol is registered as unsafe in the gateway device, and/or registered as safe, in particular whether it is safe against key reconstruction by a quantum computer. When the first cryptographic data communication protocol is not registered as unsafe in the gateway device, and/or registered as safe, the gateway device forwards messages exchanged as part of execution of the first cryptographic data communication protocol between the first and second device. When the gateway determines that the first cryptographic data communication protocol is registered as unsafe in the gateway device, and/or not registered as safe, the gateway device executes the first cryptographic data communication protocol between the first device and the gateway device, and executes a second cryptographic data communication protocol, which is not recorded as unsafe in the gateway device, and/or registered as safe, between the gateway and the second device, whereby the first and second cryptographic data communication protocol are executed sequentially to communicate data between the first and second device via the gateway device.

A cryptographic method including: generating by a first device having a datum x an RSA module N; computing by the first device a number C=g.sup.b.sup.axh1, g being an element of sub-group G of order b.sup.d, h1 being an element of sub-group H of order f, and a, b, d, f being integers, b and f being mutually prime, and x and y being less than d/a; sending C to a second device having datum y; computing by the second device D=C.sup.u.Math.b.sup.d−ay(gh3).sup.vh2, u and v being random numbers and h2 and h3 being elements of H, and a first fingerprint (gh3).sup.v; sending to the first device, D and the first fingerprint; computing by the first device (D.sup.f).sup.f′, f′=1/f; obtaining based on (D.sup.f).sup.f′ a second fingerprint; and determining whether x is greater than or equal to y or x is less than y by comparing the first and the second fingerprints.

Transport Layer Security (TLS) connection establishment between a client and a server for a new session is enabled using an ephemeral (temporary) key pair. In response to a request, the server generates a temporary certificate by signing an ephemeral public key using the server's private key. A certificate chain comprising at least the temporary certificate that includes the ephemeral public key, together with a server certificate, is output to the client by the server, which acts as a subordinate Certificate Authority. The client validates the certificates, generates a session key and outputs the session key wrapped by the ephemeral public key. To complete the connection establishment, the server applies the ephemeral private key to recover the session key derived at the client for the new session. The client and server thereafter use the session key to encrypt and decrypt data over the link. The ephemeral key pair is not reused.