An optical device for a quantum random number generator comprising: a source of phase randomised pulses of light, the source of phase randomised pulses of light further comprising a plurality of gain-switched lasers, each gain-switched laser having an output, and each gain-switched laser being configured to emit a stream of pulses such that the phase of each pulse in the stream of pulses is randomised, and an optical pulse combiner, the optical pulse combiner being configured to receive streams of pulses from the output of each gain-switched laser, combine the streams of pulses with one another into a combined stream of pulses and direct the combined stream of pulses into at least one output of the optical pulse combiner, the at least one output of the optical pulse combiner being the output of the source of phase randomised pulses of light; wherein the source of phase randomised pulses of light is configured such that the streams of pulses of light emitted by the plurality of gain-switched lasers are temporally offset relative to one another, a phase measurement element, the phase measurement element being configured to receive the combined stream of pulses from the output of the source of phase randomised pulses of light; and an optical detector, the optical detector being optically coupled to the phase measurement element.

An apparatus, computer program, and method are provided for securely broadcasting a message to a plurality of recipient devices. In operation, a message is identified, and the message is encrypted utilizing a first key. A message authentication code (MAC) is generated utilizing a second key that is mathematically coupled to the first key (that is utilized to encrypt the message). The encrypted message is caused to be broadcasted to a plurality of recipient devices, utilizing the MAC.

Disclosed in some examples are methods, systems, devices, and machine-readable mediums that provide for techniques for scrambling and/or updating meta-data that enable an efficient internal copyback operation. In some examples, improved data distribution techniques decouple the scrambling key from a physical address to allow for copyback operations while maintaining data distribution requirements across a memory device. The controller may generate a seed value that is used by a scrambling algorithm to scramble the host-data and meta-data prior to the data being written. The seed value is then encoded and written to the page with encoded versions of the scrambled user data and meta-data—the random seed is written without scrambling the random seed.

An authentication and encryption protocol is provided that can be implemented within a single clock cycle of an integrated circuit chip while still providing unbreakable encryption. The protocol of the present invention is so small that it can co-exist on any integrated circuit chip with other functions, including a general purpose central processing unit, general processing unit, or application specific integrated circuits with other communication related functionality.

An apparatus, method, and computer readable medium that include accessing a frame buffer of a GPU, analyzing, in the frame buffer of the GPU, a first frame of displayed data from a source, the source being an image or video-based feed including an object, identifying the object in the first frame from the source, the object associated with a first value of a parameter, analyzing, in the frame buffer of the GPU, a second frame of the displayed data from the source, identifying the object in the second frame from the source, the object associated with a second value of the parameter, determining an entropy of the object based on a difference between the first parameter value and the second parameter value, generating a random number based on the entropy of the object, and generating an encryption for encrypting data based on the generated random number.

In order to provide an information matching system achieving an information matching scheme that takes a lower cost and uses secure biometric information, the information matching system includes a concealment apparatus, a decryption apparatus, and a similarity calculating apparatus. The concealment apparatus transmits, to the similarity calculating apparatus, concealed information including information concealing obtained matching information by linear conversion using random numbers. The similarity calculating apparatus calculates, from obtained one or more pieces of registration information and the concealed information received from the concealment apparatus, a concealed similarity which is a value concealing a similarity between the matching information and the registration information, and to transmit the calculated concealed similarity to the decryption apparatus. The decryption apparatus calculates the similarity between the matching information and the registration information from the concealed similarity received from the similarity calculating apparatus, using the random numbers used by the concealment apparatus.

A random number generator resistant to side-channel attacks. The random number generator includes an entropy unit generating random pulses, a random frequency clock generator generating random frequencies by receiving random pulses output from the entropy unit, and an MCU externally masking a specific operation or a specific instruction based on a random frequency received from the random frequency clock generator.

Performing cryptographic operations such as encryption and decryption may be computationally expensive. In some contexts, initialization vectors and keystreams operable to perform encryption operations are generated and stored in a repository, and later retrieved for use in performing encryption operations. Multiple devices in a distributed system can each generate and store a subset of a larger set of keystreams.

Information is removed from data transmitted over networks and stored in data storage facilities by generating non-informational data as an output from a series of nodes (routers, computing devices or logical routing applications) by using a function that applies random data to the data received at each node. The function may be an XOR and the random data may be a pseudorandom string of the same length as the informational data. The non-informational data may be managed normally without concern for security. When the informational data is needed it can be re-generated using the non-informational data and a cascade of the random data from the series of nodes as inputs to an inverse function (XOR is its own inverse). The random data may be generated from a smaller random seed.

Methods are described for a data creator to securely send a data payload to another device in a transient symmetric key technology (TSKT) system, and for the other device to securely receive the payload data. One method includes receiving a first seed and a formula from a command and control server. A second seed is generated, and the first seed and the second seed are combined using the formula to create a data seed. A first key is generated using the first seed, and the second seed is encrypted using the first key to form an encrypted second seed. A second key is generated using the data seed, and the data payload is encrypted using the second key to form an encrypted data payload. The encrypted data payload and the encrypted second seed are combined in a secure container, and subsequently all keys and seeds and the formula are destroyed.