A method to implement traceability and provability on a particular project in software development based on blockchain-recorded transactions of assigned developer time, the method comprising of the following steps: setting up a blockchain network comprised of a distributed, redundant, and tamper-resistant ledger; issuing each user an attestable pre-fabricated and signed virtualized environment on approved hardware that comes with functionality required for the user's role implemented as one of a set of virtual machine templates fashioned from a signed and approved pre-fabricated image; and verifying that assigned developer time is valid, and if so, record each development action on the ledger to enable extensive tracking and auditing of end- to-end software development process.

A method may include splitting an original token into a first sub-token and a second sub-token, generating a first hash value of the first sub-token and a first randomness value, and generating a second hash value of the second sub-token and a second randomness value. The method may also include evaluating an NIZKP regarding the split, and sampling first and second signature keys and verification keys associated with the first and second sub-tokens, respectively. The method may additionally include generating first and second signed values of concatenations of the first and second hash values and the first and second verification keys, respectively, and signed using an initial signature key of a current owner of the original token. The method may additionally include sending the NIZKP, the first and second hash values, the first and second signed values, and the first and second verification keys to the blockchain.

Described herein is a system and method for validating media integrity using asymmetric key cryptography utilizing a public/private cryptographic key pair. The private key is kept secret and is known to an originator and/or publisher of a media file. The public key is added to the media file and is used to validate integrity of the media file, that is, that content of the media file (e.g., portion(s), frame(s)) has not been altered since publication of the media file. By validating integrity of the media file, strong proof that the media file came from an owner of the keypair (e.g., had possession of the private key) can be obtained, for example, resolving issues of trust and/or authenticity common in altered content. In some embodiments, information regarding an origin of the content can further be determined.

To manage property records using a multi-layered hybrid distributed ledger architecture, identification information for a particular property is obtained and transmitted to at least one participant in a public distributed ledger network for a public distributed ledger layer. Ownership information for the same particular property is obtained and transmitted to at least one participant in a federated distributed ledger network for a federated distributed ledger layer. Transaction-related documents for the same particular property are obtained and transmitted to at least one participant in a private distributed ledger network for a private distributed ledger. The distributed ledger layers are different layers of a property distributed ledger each having a separate set of consensus rules for appending distributed ledger data to the respective layer. This allows for the immutable preservation of royalty terms and conditions for a property or asset using the distributed ledger.

The disclosed exemplary embodiments include computer-implemented systems, devices, and processes that securely manage transfers of digital assets between computing devices using permissioned distributed ledgers. By way of example, an apparatus may receive, from a first device, a request to transfer a digital asset to a second device and a first digital signature applied to the request. Based on a validation of the first digital signature, the apparatus may approve the request and apply a second digital signature to the request and the first digital signature indicative of the approval of the request by the apparatus. The apparatus may also transmit the request, the first digital signature, and the second digital signature to a computing system, which may validate the first and second digital signatures and perform operations that record the first public key and asset data identifying the digital asset within at least one element of a distributed ledger.

An endpoint for trusted fabrication, the endpoint including at least one secure controller configured for connection to a wide area network; and at least one untrusted controller configured for local communication, wherein the endpoint is configured for connection to a fabricator and further configured to receive digitally-signed data specifying at least one item for manufacture; verify the digitally-signed data; and direct the fabricator to manufacture the at least one item after verifying the digitally signed data. A method for trusted on-demand manufacturing, the method including receiving, at an endpoint connected to a fabricator, digitally signed data describing at least one item for manufacture; verifying, at the endpoint, the digitally signed data; and manufacturing the at least one item using the digitally signed data after verifying the digitally signed data, wherein the endpoint comprises at least one secure controller and at least one untrusted controller.

Generating a verifiable pairwise claim. Receiving a request for issuing a verifiable claim that is associated with a subject entity and is verifiable by one or more verifying entities. The request includes at least an encrypted portion using a particular type of encryptography. Verifying that the subject entity is associated with a subject of the verifiable claim based on decrypting the encrypted portion using the particular type of cryptography. In response to verifying that the subject entity is associated with the subject of the verifiable claim, issuing the verifiable claim that is structured to be verifiable only by the one or more verifying entities.

A communications device for managing an authentication event is provided, which is configured to generate location data indicative of a geolocation associated with the communications device, retrieve, from a key that is obfuscated and stored in the communications device, the key, sign the location data with the retrieved key, and transmit request data to a communications server apparatus for requesting the authentication event, the request data comprising the signed location data. A method and a communications system for managing an authentication event are also provided.

Examples are described for dynamically applying a digital watermark to a file, such as a dataset of genomic sequencing data. In one example, a method of dynamically applying a watermark to at least a portion of a file includes generating, using a secret key, a first random seed, generating, using the first random seed, an ordered pseudorandom set of integers, generating, using entity information and timing information, a second random seed, selecting, using the second random seed, a subset of the ordered pseudorandom set of integers, and modifying data at data locations in the file corresponding to at least a portion of the identifiers included in the subset to generate a watermarked file. The method may further include performing a check to determine whether the watermark is present in a file using a sequence of watermark elements that are generated based on the secret key.

According to aspects of the present disclosure, there is provided methods and devices for verifying integrity of a remote device, including a method comprising generating a first nonce value, transmitting the first nonce value, receiving a message from the remote device, the message comprising measurements of a configuration of the remote device and a cryptographic signature based on a private key of a public-private key pair of the remote device and a second nonce value, determining that the second nonce value was generated based on the first nonce value, and verifying the cryptographic signature based on the second nonce value and a public key of the public-private key pair of the remote device.