A key exchange device is provided that includes: a shared secret key storage in which shared secret information mk.sub.i.sup.k which is information different from a secret key of the key exchange device is stored; an authentication information addition unit that generates authentication information σ.sub.i, by which authentication is performed and falsification is detected, for key exchange information e.sub.i, which is output to the outside, by using the shared secret information mk.sub.i.sup.k; and an authentication information verification unit that receives key exchange information e.sub.s and authentication information σ.sub.s corresponding to the key exchange information e.sub.s from the outside, verifies the authentication information σ.sub.s using the shared secret information mk.sub.i.sup.k, and, if the authentication information σ.sub.s is not successfully verified, stops a key exchange, and the shared secret information mk.sub.i.sup.k is a value that is used in a generation process in a key exchange.

Customers of a software platform, such as a unified communications as a service platform, are enabled to control their own encryption keys used to encrypt and decrypt data from various communication services in the software platform. A key broker server is employed to map encryption and decryption requests from servers in the platform to key management servers of customers based on user identifiers. Examples of data encrypted may includes conference recordings, webinar recordings, phone call recordings, voicemails, emails, and calendar tokens.

A CAN device is provided with an encryption function and a decryption function. The encryption function allows messages to be encrypted and put onto a CAN bus. The decryption function allows the messages on the CAN bus to be decrypted. The encryption and decryption functions share keys which change over the course of time.

Management of a group of connected objects in a communications network including at least one local network. The connected objects, known as client objects, have at least one functional attribute. The method includes: obtaining an identifier of the group and an encryption key of the group); assigning the group at least one connected object according to at least one functional attribute of the connected object; obtaining an encryption key of the object; encrypting the encryption key of the group using the encryption key of the object; transmitting the identifier of the group, and the encrypted encryption key of the group to the at least one connected object.

The present disclosure provides a communication apparatus comprising a cryptographic circuitry which, in operation, uses a shared cryptographic secret Key and a cryptographic salt to generate a cryptographically encoded Message Integrity Code (MIC) that is computed over the address field of a Wake Up Radio (WUR) frame; and a transmission signal generator which, in operation, generates a secure WUR signal by replacing the address field of the WUR frame with the MIC; and a transmitter which, in operation, transmits the secure WUR signal.

A key management protocol (such as KMIP) is extended to provide an extended credential type that enables an initiating (first) client device to create a credential dynamically and that can then be selectively shared with and used by other (second) client devices. Using a dynamically-created credential of this type, the other (second) devices are able to fetch the same key configured by the initiating (first) device. In this manner, multiple devices are able to create and share one or more keys among themselves dynamically, and on as-needed basis without requiring a human administrator to create a credential for a device group in advance of its usage.

One disclosed example method includes obtaining a meeting cryptographic key; transmitting, from a client device to a video conference provider, a request to initiate an encrypted video conference, the encrypted video conference including a plurality of participants; distributing the meeting cryptographic key to each participant of the plurality of participants; obtaining a public cryptographic key of a key pair, the key pair including the public cryptographic key and a private cryptographic key; encrypting the meeting cryptographic key using the public cryptographic key; transmitting, from the client device to the video conference provider, a request to record the video conference; encrypting audio and video from a microphone and image sensor of the client device using the meeting cryptographic key; transmitting the encrypted audio and video to the video conference provider; and providing the encrypted meeting cryptographic key to the video conference provider.

Methods, devices and systems are disclosed for inter-app communications between software applications on a mobile communications device. In one aspect, a computer-readable medium on a mobile computing device comprising an inter-application communication data structure to facilitate transitioning and distributing data between software applications in a shared app group for an operating system of the mobile computing device includes a scheme field of the data structure providing a scheme id associated with a target software app to transition to from a source software app, wherein the scheme id is listed on a scheme list stored with the source software app; and a payload field of the data structure providing data and/or an identification where to access data in a shared file system accessible to the software applications in the shared app group, wherein the payload field is encrypted.

An apparatus to facilitate transparent network access controls for spatial accelerator device multi-tenancy is disclosed. The apparatus includes a secure device manager (SDM) to: establish a network-on-chip (NoC) communication path in the apparatus, the NoC communication path comprising a plurality of NoC nodes for ingress and egress of communications on the NoC communication path; for each NoC node of the NoC communication path, configure a programmable register of the NoC node to indicate a node group that the NoC node is assigned, the node group corresponding to a persona configured on the apparatus; determine whether a prefix of received data at the NoC node matches the node group indicated by the programmable register of the NoC; and responsive to determining that the prefix does not match the node group, discard the data from the NoC node.

This disclosure describes systems, methods, and devices related to passive location measurement in wireless communications. A device may perform a ranging measurement with a first device and a second device. The device may identify a first uplink (UL) location measurement report (LMR) received from the first device. The device may identify a second UL LMR received from the second device. The device may cause to send a first broadcast LMR comprising information associated with the ranging determination of the first device and the second device. The device may cause to send a second broadcast LMR comprising the measurement information carried in the first UL LMR and the second UL LMR.