A method, apparatus, and computer program product are provided for facilitating randomized port allocation. An apparatus may include a processor configured to receive a port allocation message from a network management entity. The port allocation message may comprise an encryption key, an initial input value, and a value indicating a number of ports allocated to the apparatus for communication on a network. The processor may be further configured to calculate at least one port allocated to the apparatus with an encryption function based at least in part upon the encryption key and initial input value. Corresponding methods and computer program products are also provided.

There is described a method of checking whether a transponder device (220) is in proximity of a reader device (210), the method comprising (a) transmitting a first command (331) from the reader device to the transponder device, (b) in response to receiving the first command at the transponder device, transmitting a first response (332) to the reader device, the first response including an expected transponder device response time (pubRespTime) which is stored in a memory (224) of the transponder device, (c) transmitting a second command (333) from the reader device to the transponder device, (d) in response to receiving the second command at the transponder device, transmitting a second response (334) to the reader device, (e) at the reader device, determining the transponder device response time as the difference in time between transmitting the second command and receiving the second response from the transponder device, and (f) determining whether the determined transponder device response time matches the expected transponder device response time included in the first response. There is also described a reader device (210), a transponder device (220), and a contactless communication system (200).

In some examples, a target device determines that each device of a plurality of devices (i) includes a certificate that is provided to each device during provisioning, (ii) is within a predetermined distance from the target device, (iii) includes a beacon secret that is broadcast to each device at a predetermined time interval, and (iv) that either: (a) a privilege level associated with at least one device of the plurality of devices satisfies a particular privilege level specified by an access policy or (b) a number of the plurality devices with the determined distance from the target device satisfies a predetermined number specified by the access policy. The target device grants at least one device of the plurality of devices access to the target device, and receives a message from the at least one device. The target device initiates an action based at least in part on the message.

Disclosed in some examples are methods, systems and machine-readable mediums which allow for more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions determined by the user. These systems secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols.

Instantaneous key invalidation in response to a detected eavesdropper. A quantum computing system that includes a plurality of qubits and a quantum channel uses a quantum key distribution protocol to generate a key. The quantum computing system determines that an eavesdropper has eavesdropped on the quantum channel. In response to determining that the eavesdropper has eavesdropped on the quantum channel, the quantum computing system sends a key-revocation message to a designated destination.

Embodiments of this application disclose a terminal matching method and apparatus. The method includes: obtaining, by a second terminal, an interface address of a first terminal, where the interface address of the first terminal is MAC1; receiving, by the second terminal, a first message sent by the first terminal, where an interface address of the first terminal in the first message is MAC3 obtained after a change, and the first message includes first identification information; and comparing, by the second terminal, the first identification information with second identification information, and if the first identification information is consistent with the second identification information, determining, by the second terminal, that the MAC3 in the first message and the MAC1 that is obtained by the second terminal are used to identify a same device, where the same device is the first terminal.

A method for detecting an eavesdropping activity and a terminal device. The method includes determining whether a terminal device is in a conversation; when the terminal device is in a conversation, determining whether the terminal device has an application that starts a recording function; and when the terminal device has an application that starts a recording function, sending out an eavesdropping alarm prompt. By adopting the technical solutions of the present invention, an eavesdropping activity in a manner of recording may be detected.

A first node of a networked computing environment initiates each of a plurality of different types of man-in-the middle (MITM) detection tests to determine whether communications between first and second nodes of a computing network are likely to have been subject to an interception or an attempted interception by a third node. Thereafter, it is determined, by the first node, that at least one of the tests indicate that the communications are likely to have been intercepted by a third node. Data is then provided, by the first node, data that characterizes the determination. In some cases, one or more of the MITM detection tests utilizes a machine learning model. Related apparatus, systems, techniques and articles are also described.

Embodiments of an invention for hardening data transmissions against power side channel attacks are disclosed. In one embodiment, a system includes a first agent and a second agent. The first agent is to transmit an encoded datum through an interface in a plurality of encoded packets. The second agent is to receive each of the plurality of encoded packets from the interface and decode each of the encoded packets to generate a plurality of decoded packets. Each of the encoded packets has the same Hamming weight. The Hamming distance between any two consecutively transmitted encoded packets is constant.

Embodiments of the present invention provide methods, apparatus, systems, computing devices, computing entities, and/or the like for permitting or blocking tracking tools used through webpages. In particular embodiments, the method involves: scanning a webpage to identify a tracking tool configured for processing personal data; determining a data destination location that is associated with the tracking tool; and generating program code configured to: determine a location associated with a user who is associated with a rendering of the webpage; determine a prohibited data destination location based on the location associated with the user; determine that the data destination location associated with the tracking tool is not the prohibited data destination location; and responsive to the data destination location associated with the tracking tool not being the prohibited data destination location, permit the tracking tool to execute.