Methods and systems are provided for power management and security for wireless modules in Machine-to-Machine communications. A wireless module operating in a wireless network and with access to the Internet can efficiently and securely communicate with a server. The wireless network can be a public land mobile network (PLMN) that supports wireless wide area network technology including 3.sup.rd generation (3G) and 4.sup.th generation (4G) networks, and future generations as well. The wireless module can (i) utilize sleep and active states to monitor a monitored unit with a sensor and (ii) communicate with wireless network by utilizing a radio. The wireless module can include power control steps to reduce the energy consumed after sending sensor data by minimizing a tail period of a radio resource control (RRC) connected state. Messages between the wireless module and server can be transmitted according to the UDP or UDP Lite protocol with channel coding in the datagram body for efficiency while providing robustness to bit errors. The wireless module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The wireless module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The communication system between the wireless module and the server can conserve battery life in the wireless module while providing a system that is secure, scalable, and robust.

A method for determining a compute amount contributed by a device is provided. The method comprises receiving encrypted data from a processor of a customer system and parsing the encrypted data into a plurality of encrypted subsets. Then, the method associates a token specific to the device with an encrypted subset of the plurality of encrypted subsets to produce a packaged subset. The packaged subset is sent to the device. In response, a processed packaged subset that includes the token is received. The compute time contributed by the device is determined from the token of the processed packaged subset.

Embodiments relates to a method for encrypting a 3D object (O) defined at least by a set of first points (p.sub.i) and a set first of faces (F), contained in a bounding box (B), the method being executed by an encryption device and comprising: determining (S4) a set of second points (p.sub.si) by bijection of the set of first points (p.sub.i), and a second set of faces (F.sub.s), determining (S5) an encrypted 3 D object (O.sub.s) defined at least by the set of second points (p.sub.si) and the second set of faces (F.sub.s), wherein the first points (p.sub.i) are associated with respective first indexes (i), the second points (p.sub.si) are associated with respective second indexes (s.sub.j), and a face is specified by a list of indexes, wherein the encrypted 3D object (O.sub.s) is contained in said bounding box (B), the method further comprising: partitioning the bounding box (B) into a set of first sub-boxes (n.sub.j), determining a set of second sub-boxes (n.sub.sj) by bijection of the set of first sub-boxes (n.sub.j), in function of a secret key (k), wherein the position of a second point (p.sub.si) is (c) determined in function the position of the corresponding first point (p.sub.i), the position of the first sub-box (n.sub.j) containing the corresponding first point, and the position of the second sub-box (n.sub.sj) corresponding with said first sub-box (n.sub.j).

In a general aspect, a parameter is refreshed in a lattice-based cryptography system. In some aspects, a first value of a public parameter is obtained. The first value of the public parameter may have been previously used in an execution of a lattice-based cryptography protocol. A second value of the public parameter is generated based on the first value of the public parameter and random information. The second value of the public parameter is used in an execution of the lattice-based cryptography protocol.

Format-preserving encryption and decryption processes are provided. The encryption and decryption processes may use a block cipher. A string that is to be encrypted or decrypted may be converted to a unique binary value. The block cipher may operate on the binary value. If the output of the block cipher that is produced is not representative of a string that is in the same format as the original string, the block cipher may be applied again. The block cipher may be repeatedly applied in this way during format-preserving encryption operations and during format-preserving decryption operations until a format-compliant output is produced. Selective access may be provided to portions of a string that have been encrypted using format-preserving encryption.

Method of integrity verification of public and private cryptographic key pairs in the additive group of integers modulo n, with n being the product of two prime numbers p and q, the method including the following steps: of computation (201), on the basis of the number n, of a public exponent e of the public key, and of a private exponent d of the private key, of two candidate factors p and q corresponding respectively to the numbers p and q, of verification (206) so as to verify the consistency of the private exponent with respect to the public exponent and to the number n, the verification step involving the candidate factors.

A flexible aes instruction set for a general purpose processor is provided. The instruction set includes instructions to perform a one round pass for aes encryption or decryption and also includes instructions to perform key generation. An immediate may be used to indicate round number and key size for key generation for 128/192/256 bit keys. The flexible aes instruction set enables full use of pipelining capabilities because it does not require tracking of implicit registers.

A flexible aes instruction set for a general purpose processor is provided. The instruction set includes instructions to perform a one round pass for aes encryption or decryption and also includes instructions to perform key generation. An immediate may be used to indicate round number and key size for key generation for 128/192/256 bit keys. The flexible aes instruction set enables full use of pipelining capabilities because it does not require tracking of implicit registers.

A flexible aes instruction set for a general purpose processor is provided. The instruction set includes instructions to perform a one round pass for aes encryption or decryption and also includes instructions to perform key generation. An immediate may be used to indicate round number and key size for key generation for 128/192/256 bit keys. The flexible aes instruction set enables full use of pipelining capabilities because it does not require tracking of implicit registers.

An Internet infrastructure delivery platform (e.g., operated by a service provider) provides an RSA proxy service as an enhancement to the SSL protocol that off-loads the decryption of the encrypted pre-master secret (ePMS) to an external server. Using this service, instead of decrypting the ePMS locally, the SSL server proxies (forwards) the ePMS to an RSA proxy server component and receives, in response, the decrypted pre-master secret. In this manner, the decryption key does not need to be stored in association with the SSL server.