摘要:
A method and device for securely provisioning trust anchors includes generating a database wrapper key as a function of computing device hardware. The database wrapper key encrypts a key database when it is not in use by a trusted execution environment and may be generated using a Physical Unclonable Function (PUF). A local computing device establishes a secure connection and security protocols with a remote computing device. In establishing the secure connection, the local computing device and remote computing device may exchange and/or authenticate cryptographic keys, including Enhanced Privacy Identification (EPID) keys, and establish a session key and device identifier(s). One or more trust anchors are then provisioned depending on whether unilateral, bilateral, or multilateral trust is established. The local computing device may act as a group or domain controller in establishing multilateral trust. Any of the devices may also require user presence to be verified.
摘要:
Embodiments of methods, systems, and storage medium associated with providing access to encrypted data for authorized users are disclosed herein. In one instance, the method may include obtaining a derived value for an authenticated user based on user personalization data of the authenticated user, and generating a user-specific encryption key based on the derived value. The derived value may have entropy in excess of a predetermined level. The user-specific encryption key may enable the authenticated user to access the encrypted data stored at the storage device. Other embodiments may be described and/or claimed.
摘要:
A hardware-based digital random number generator is provided. The digital random number generator is a randomly behaving random number generator based on a set of nondeterministic behaviors. The nondeterministic behaviors include temporal asynchrony between subunits, entropy source “extra” bits, entropy measurement, autonomous deterministic random bit generator reseeding and consumption from a shared resource.
摘要:
Techniques for communicating information over management channels are described. An apparatus may comprise a classifier module operative to classify management information for a wireless communications network as media access control security management information or media access control management information. The apparatus may further comprise a wireless transceiver to couple to the classifier module, the wireless transceiver operative to communicate the media access control security management information over an insecure management connection and the media access control management information over a secure management connection. Other embodiments are described and claimed.
摘要:
An electrostatic precipitator including: a collecting electrode in a gas passage; a discharge electrode in the gas passage and separated by a gap from the collecting electrode; a power supply applying a voltage to the discharge electrode, wherein the voltage establishes an electric field between the discharge electrode and the collecting electrode to ionize gas flow in the gap, and a resistor in series with the discharge electrode and having an effective resistance in series with the discharge electrode of at least 50 Ohms.
摘要:
An electrostatic precipitator including: a collecting electrode in a gas passage; a discharge electrode in the gas passage and separated by a gap from the collecting electrode; a power supply applying a voltage to the discharge electrode, wherein the voltage establishes an electric field between the discharge electrode and the collecting electrode to ionize gas flow in the gap, and a resistor in series with the discharge electrode and having an effective resistance in series with the discharge electrode of at least 50 Ohms.
摘要:
A method and system to decrypt data in a particular round of decryption substantially in parallel with the generation of a decryption key associated with the next round of the particular round of decryption. By performing an inverse next key computation, the decryption process can be symmetric to the advanced encryption standard (AES) encryption process in terms of processing time, hardware implementation and storage requirements.
摘要:
A method of retrieving security information in a media access control (MAC) header by a wireless station may include receiving a data unit, such as a protocol data unit (PDU), from a remote wireless station. The PDU may include the MAC header. The method may also include reading two encryption key sequence (EKS) bits in the MAC header that denote both whether the data unit is encrypted and a position in an encryption key sequence for the data unit.
摘要:
Secure communications may be implemented by transmitting packet data units with information sufficient to enable a receiving entity to reconstruct a nonce. That is, rather than transmitting all of the bits making up the nonce, some of the bits may be transmitted together with an identifier that enables the rest of the bits of the nonce to be obtained by the receiving entity.