A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.

A diabetes management system includes a handheld medical device, a mobile computing device, and a diabetes management application. The handheld medical device is configured to determine, in response to a port receiving a test strip, whether an auto-send feature is enabled on the handheld medical device, determine whether the handheld medical device is paired with a mobile computing device, and selectively instruct a wireless transceiver to establish a wireless connection and communicate a glucose measurement and identifying information to the mobile computing device. The mobile computing device is configured to execute the diabetes management application. The diabetes management application is configured to process a plurality of glucose measurements and identifying information associated with each of a plurality of glucose measurements.

Disclosed are methods and systems to provide distributed computation within a Fully Homomorphic Encryption (FHE) system by using g-adic properties to separate a ciphertext into multiple ciphertexts for each Hensel digit level. A number t of computation units may individually perform addition and/or multiplication of each Hensel digit level on each of the computation units and then reconstruct the resulting value from the result ciphertext of each computation unit using p-adic and g-adic operations. Accordingly, computation burdens may be distributed to several computation units.

A computing platform implements one or more secure enclaves including a first provisioning enclave to interface with a first provisioning service to obtain a first attestation key from the first provisioning service, a second provisioning enclave to interface with a different, second provisioning service to obtain a second attestation key from the second provisioning service, and a provisioning certification enclave to sign first data from the first provisioning enclave and second data from the second provisioning enclave using a hardware-based provisioning attestation key. The signed first data is used by the first provisioning enclave to authenticate to the first provisioning service to obtain the first attestation key and the signed second data is used by the second provisioning enclave to authenticate to the second provisioning service to obtain the second attestation key.

A method having the steps of obtaining temporal information communicated to a first device; carrying out one or more of the following tests: a test to determine whether the first device is in a state following an initial operation, a battery replacement or other power outage, or a reset, a test to determine whether a deviation between temporal information of the clock and the communicated temporal information is less than or equal to a threshold which is specified, and a test to determine whether the communicated temporal information has the same date as the temporal information of the clock; and synchronizing the clock using the communicated temporal information if all of one or more defined conditions are satisfied, wherein one of the one or more conditions requires that at least one of the one or more tests carried out has a positive result.

Embodiments are directed to a computer-implemented method, computer system, and computer program product for creating a public key token. A public key and private key are generated, using a master key. A set of permissions is received for the public key and private key that note the allowable uses for the public key and private key. Thereafter, the set of permissions, encrypted public key, and other associated information is placed in a public key token.

Disclosed is a dual-link wireless ad hoc network and a security defense method in an emergency scene, aiming at comprehensively improving its security defense capability. The method comprises: sending, by a source node, the secret key and other messages which are not security defense messages through the second link; detecting, by a destination node, abnormal messages from the acquired valid messages after matching with abnormal message feature library, filtering the abnormal messages out, and quickly broadcasting the features of new abnormal messages through the first link; checking, by a new node to be added to the network, the identity and hardware state, authorizing the new node without abnormality, and broadcasting the authorization result information through the first link; adding, by other nodes receiving the security defense messages, the features of the new abnormal messages to their own abnormal message feature library, and allowing the entry of the new node.

Aspects of the present disclosure involves receiving an input message, generating a first random value that is used to blind the input message to prevent a side-channel analysis (SCA) attack, computing a second random value using the first random value and a factor used to compute the Montgomery form of a blinded input message without performing an explicit Montgomery conversion of the input message, and computing a signature using Montgomery multiplication, of the first random value and the second random value, wherein the signature is resistant to the SCA attack.

Described herein is an Event Locking System (ELS) and its associated methods for (a) cryptographically locking a given piece of information until a certain time or the occurrence of a certain event and (b) providing an attestation of both the lock time and the locked content to prove that the information has not been accessed or tampered with since the lock time. Applications for such a system abounds: from sealed bids for auctions and tenders, sports betting, elections, archiving of sensitive information, securing legal documents and so on.

A system and method for certificate validation. The method includes acquiring revocation information associated with one or more revoked certificates from a plurality of certificate authorities, signing the revocation information, and storing the signed revocation information. Further, the method includes receiving a request from a client to connect to a web server. In response to the request, certificate information from the web server is received. The method further includes comparing the certificate information with stored revocation information and terminating a connection between the web server and the client when the certificate information matches a revoked certificate information included in the stored revocation information.