In one implementation, a system for a session key repository includes a monitor engine to monitor communication between a first computing device and a second computing device that is encrypted with a private key, an identification engine to determine a number of session keys and session IDs that correspond to the encrypted communication, a rules engine to determine a number of rules for storing and sharing the number of corresponding session keys and session IDs, a repository engine to send a portion of the number of session keys and session IDs to a network tool based on the number of rules and identification of the network tool.

Devices, systems and methods for enhancing aircraft maintenance are disclosed. An exemplary method for improving dataloading in an airplane includes retrieving, from an in-flight entertainment connectivity (IFEC) system, at least one avionics software, the IFEC system comprising a mass storage device comprising a first storage segment and a second storage segment, the first storage segment being a secure storage segment configured to store the at least one avionics software, and the second storage segment being configured to store media content, and loading, using a wireless network converter coupled to a wired legacy port, the at least one avionics software onto a target avionics system.

Embodiments of the present disclosure provide a method, an electronic device, and a program product implemented at an edge switch for data encryption. For example, the present disclosure provides a data encryption method implemented at an edge switch. The method may include receiving encryption and decryption information for an encryption operation or a decryption operation from a source device. In addition, the method may include encrypting a data packet received from the source device based on encryption information in the encryption and decryption information to generate an encrypted data packet. The method may further include sending the encrypted data packet to a target device indicated by the data packet. The embodiments of the present disclosure can reduce the computing loads of Internet of Things (IoT) devices, clouds, and servers while ensuring encryption performance, and can also reduce the time delay caused by encryption and decryption operations.

A modem of a smart electricity meter obtains, following a registration in the powerline communication network of the ad hoc type, routing information and encryption information, by exchanges of messages in the powerline communication network. The smart electricity meter saves in non-volatile memory the routing information and the encryption information, the routing information being saved in association with information representing an instant at which the backup is made. At the time of a subsequent re-registration of the smart electricity meter following a disconnection of the powerline communication network, the smart electricity meter retrieves the routing and encryption information previously saved in the non-volatile memory, updates it by deleting any route information that is no longer valid, and uses it to communicate in the powerline communication network.

Deep packet inspection of data in a multi-spoke data tunnel inspection architecture is provided. Inspection may include using a data review tunnel module to receive a first portion of a data stream, encrypted with a first encryption scheme, in a first data conduit. The method may also include receiving a second portion of the data stream, encrypted with a second encryption scheme, in the second data conduit. The method may also include decrypting and reconstructing a complete data stream. The complete data stream may be derived from the decrypted and reconstructed first data stream and the decrypted and reconstructed second data stream. The method may then analyze and review the flow of the complete data stream to determine whether the flow of the data stream is associated with a pre-determined likelihood of intrusion, and then prepare a data report based on the analysis and review.

Systems and methods for securely sharing and authenticating a last secret. A method includes generating a first key and a last secret. The method includes splitting the last secret into first second splits; signing the splits using a dealer signing key to attach a dealer signature to each of the splits; encrypting the first split using a first key of a first share-holder and encrypting the second split using a first key of a second share-holder; decrypting the first split using the first key of the first share-holder and encrypting the first split using a second key of the first share-holder; decrypting the second split using the first key of the second share-holder and encrypting the second split using a second key of the second share-holder. Encrypting maintains confidentiality of the last secret. The dealer signature can be verified to determine integrity and authenticity of the last secret.

In an example, a method of encryption is described to include generation of a content encryption key and a key encryption key. In that example, the content encryption key is wrapped based on a key wrap operation using the key encryption key and the wrapped content encryption key is encrypted using a policy encryption key. Further in that example, the policy encryption key is encrypted using a public key corresponding to a print apparatus. In an example, a method of decryption is described. The example method of decryption performs recovery of a policy object using a private key corresponding to a print apparatus. In that example, the policy object includes a wrapped key that is unwrapped using a key encryption key to recover a content encryption key usable to decrypt an encrypted electronic document.

A portable encryption format wraps encrypted files in a self-executing container that facilitates transparent, identity-based decryption for properly authenticated users while also providing local password access to wrapped files when identity-based decryption is not available.

In an embodiment, an electronic data security system improves the security and usability of encrypted electronic data using a symmetric key approach implemented by security engines embedded on operably coupled integrated circuits. Engines paired to integrated circuits in combinations of hardware and software engines implementing security tasks can also be utilized. A first security engine is configured to interface to a second security engine and, using the components of the respective security engines, securely exchange electronic data using symmetric key encryption. The key change instruction configures the second security engine private key for a subsequent transmission.

In an example, a method of encryption is described to include generation of a content encryption key and a key encryption key. In that example, the content encryption key is wrapped based on a key wrap operation using the key encryption key and the wrapped content encryption key is encrypted using a policy encryption key. Further in that example, the policy encryption key is encrypted using a public key corresponding to a print apparatus. In an example, a method of decryption is described. The example method of decryption performs recovery of a policy object using a private key corresponding to a print apparatus. In that example, the policy object includes a wrapped key that is unwrapped using a key encryption key to recover a content encryption key usable to decrypt an encrypted electronic document.