Invented by Sergio A. Fernandez, Bruce Conway, Drew CONWAY, David J. GOTRIK, Ayman IBAIDA, Dhiah AL-SHAMMARY, Alsharif ABUADBBA, Mark Conway, Agilepq Inc

Data conversion systems and methods have become increasingly important in today’s digital age. With the exponential growth of data, it has become essential to convert data from one format to another to ensure compatibility and accessibility. The market for data conversion systems and methods has been growing steadily over the years, and it is expected to continue to grow in the future. Data conversion systems and methods refer to the process of converting data from one format to another. This can include converting data from analog to digital or from one digital format to another. The process of data conversion is essential in many industries, including healthcare, finance, and manufacturing. In healthcare, for example, patient records need to be converted from paper to digital format to ensure accessibility and accuracy. The market for data conversion systems and methods is driven by several factors. One of the main drivers is the increasing amount of data being generated. With the growth of the internet, social media, and other digital platforms, the amount of data being generated has increased exponentially. This has created a need for data conversion systems and methods to ensure that data can be accessed and used effectively. Another factor driving the market for data conversion systems and methods is the increasing demand for data analytics. Data analytics is becoming increasingly important in many industries, including finance, healthcare, and manufacturing. To perform data analytics effectively, data needs to be in a format that can be easily analyzed. This has created a need for data conversion systems and methods that can convert data into a format that is suitable for analysis. The market for data conversion systems and methods is also being driven by the increasing adoption of cloud computing. Cloud computing has become increasingly popular in recent years, and it has created a need for data conversion systems and methods that can convert data into a format that can be stored and accessed in the cloud. The market for data conversion systems and methods is highly competitive, with many companies offering a wide range of solutions. Some of the key players in the market include IBM, Microsoft, Oracle, and Google. These companies offer a range of data conversion solutions, including software, hardware, and services. In conclusion, the market for data conversion systems and methods is growing rapidly, driven by the increasing amount of data being generated, the demand for data analytics, and the adoption of cloud computing. The market is highly competitive, with many companies offering a wide range of solutions. As the demand for data conversion systems and methods continues to grow, it is expected that the market will continue to expand in the future.

The Agilepq Inc invention works as follows

The memory medium is configured to store instructions that cause the processor to retrieve a seed value, receive a digital bit stream, generate a stream of random bits using the seed value as a seed for a pseudo random number generator (PRNG), wherein this stream of random bits contains at least as many bits as the digital bitstream. The memory medium stores instructions that cause the processor retrieve a “seed value”, receive a “digital bitstream”, generate a “stream of random bits” using the seed as a PRNG seed, wherein this stream of randomly generated bits has at least the same amount of bits as a digital stream, shuffle the bits in the stream of randomly generated bits to create a “random bit buffer”, generate an obfuscated bitstream by applying the first exclusive OR (XOR), to the digital

Background for Data conversion systems and methods

Securing data against prying eyes was an important part in the development of Internet. Hide information like credit card numbers or login details transmitted across a LAN to give a feeling of security and safety to end users, merchants, and credit card processing companies. Data obfuscation is a technique that has been developed to reduce the risk of hidden information being exposed.

In addition, we need specialized techniques for the exchange of information between ‘intelligent devices.’ The yearly shipment of over 10 billion microcontrollers, which can exchange information either locally or via the Internet, has enabled a wide variety of so-called ‘intelligent devices. The Internet of Things (IoT) is enabled by the yearly shipments of more than 10 billion micro controllers that can all exchange information locally or through the Internet. The Internet of Things is a network of devices that can be accessed via the internet. A refrigerator, for example, could be a large IoT device. It can be connected to Internet and track the contents so that if a homeowner is running low on milk it will automatically order more milk. Smaller devices like sensors that detect when a window or door has been opened, as part of an alarm system for a home, can be connected to Internet to alert the homeowner. A pacemaker could also be an IoT device that communicates with the Internet to provide feedback to doctors on the heart function of a patient and allow them to control the settings remotely.

The ability to connect all kinds of devices together poses risks and challenges. In the case of pacemakers, authentication and security is crucial so that only authorized persons can modify the pacemaker’s settings. The smaller IoT gadgets are often powered by batteries and the small size of their circuit boards means that they are not able to store large amounts of data. Therefore, energy conservation and compactness are key. IoT devices typically require both an Internet connection and a low-power wireless local connection. A gateway is needed to connect sensors to the Internet using local infrastructure, or cellular connections.

The current authentication and security algorithms for IoT devices like the advanced encryption standard (AES) require a lot of processing power, which reduces the useful life of a device. AES is a power- and space-intensive algorithm, and many devices don’t even implement authentication and security functions. AES128, as an example, is designed to operate in 16-byte blocks. However, due to the smaller payloads in IoT applications, padding the boundaries to 16 bytes is a waste. AES implementations are often slowed down by the smaller size of IoT device. Finaly, AES implementations require many CPU cycles which can directly affect battery life. “What is needed is an algorithm to allow authentication and secure IoT devices. This algorithm should have a small footprint and low power consumption, as well as strong authentication and safety.

The present disclosure provides methods and systems for overcoming limitations in the field. The disclosed systems and methods, for example, provide stronger obfuscation and faster processing times, as well as lower power consumption and customization.

The present disclosure describes a computer-readable medium that uses at least two obfuscation methods to obscure an incoming bit stream. The first obfuscation method obfuscates an incoming digital bitstream and the second technique is used for obfuscating information in the header section, which includes information on how the data portion has been obfuscated by the first technique.

Another embodiment relates to getting information about obfuscation from a policy-server.

Another embodiment of the disclosure is to pad the digital bit stream by adding additional bits in order to further obscure the transmission.

The present disclosure also includes a method of transferring data between an IoT low-power controller and a gateway, which involves retrieving a key from the internal memory of the controller, creating a table distribution code based on that key, receiving the first encoded frames from the gateway, where the first encoded frames contain a data table in the frame, decoding the frame with the table distribution keys and obtaining the data table. This method then involves encoding another encoded information frame by using the data table from the previous embodiment, transmitting it, using the first embodiment, using the first embodiment, using the first embodiment, using the first embodiment, using the first, encoded, using the first, encoded, using the first, using the first, using the first, using the first, using the data, using the data, using the first, using the first, using the first, using the first, using the first, using the first, using the first, using, and transmitting to, using,

According to yet another embodiment, a nontransient computer-readable medium is provided that is operatively coupled with a processor. Memory medium and processor can be components of communications device, which may also include a communication interface. The memory medium can store instructions. The instructions are configured for implementing the disclosed methods. The instructions can cause the processor retrieve a value for a PRNG seed, to receive a bit stream digital, to receive a bit stream digital, to generate a random stream using the seed as a seed. The stream of randomly generated bits can contain at least the same number of bits as the digital stream. The instructions may also cause the processor shuffle bits from the stream of randomly generated bits to create an random bit buffer. They can also generate an obfuscated bit stream by applying the first exclusive OR (XOR), for example, to the digital bitstream and the random buffer. The obfuscated bit stream can have the same amount of bits as digital bitstream. The instructions can also cause the processors to send the obfuscated bit stream to the communication interface, for instance, to transmit. The stream of random bit may be a power-of-two number of bytes. For example, the stream of random bits can consist of 2 bytes or 4 bytes. To shuffle the bits from the stream random bits, initialize a random bit-buffer first. Then traverse the bits within the stream random bits to identify which bits are set. The destination bit location for each bit set in the stream may be calculated, and then the corresponding bit is set in the random-bit buffer. Initializing the random bit cache may include setting all bits to the exact same value. According to some embodiments, the bits in the random bit are all initialized at zero. A table lookup can be used to calculate the destination bit.

In a further embodiment, the instructions cause the processor to be configured to receive a digital bitstream and generate a digital bitstream that is obfuscated by performing a XOR on the digital bitstream and the random bits buffer. In one example, the second XOR uses only the bits from the random bit stream that were not used in first XOR. The instructions may also cause the processor to provide the second obfuscated bit stream to the communication interface if it has the same amount of bits as second digital bitstream. The instructions can generate a second random stream from the PRNG if the second XOR reaches an end but the bits of the digital bit streams have not been XORed. They may also shuffle the bits of this second random stream to fill the random buffer and then continue to create the second obfuscated bit stream using a third XOR on the digital bit streams and random bit. The first bits of the third XOR can be the first bit in the random bit and the bit following the last bit from the second digital stream that was used in the previous XOR. The instructions can further cause the processor shuffle bits from the stream random bits by using a lookup to identify the bits to be swapped, generate a shuffling lookup using values swapped in the lookup based on the plurality bits in the random bit stream, and then shuffle bits from the second random bit stream using the shuffling lookup to identify the bits to be swapped. In some embodiments the shuffled table is generated by swapping 17 values in the lookup tables. When swapping values, in other embodiments the last swapped table entry is kept so that the swaps begin at the next table entry when the table next gets shuffled.

According to further embodiments, additional methods, nontransient computer readable memory media, and communication devices are provided. The communication device can include a communications processor, a non-transient computer readable memory medium coupled to it, as well as a communications interface. The memory medium can store instructions that cause the processor to generate a random bit stream and a random number. It may also contain instructions to calculate a CRC value using the digital bitstream. The number of random bits can be the same as the number of bits combined in the digital bitstream and CRC value. The instructions can also cause the processor generate a frame of payload by concatenating the random number and an exclusive OR (XOR), of the stream random bits, with the concatenation between the digital bitstream and the CRC, then shuffle all the bits in the frame of payload to create an obscured payload, and finally provide the obscured payload to the communications interface. The random number can also be used to calculate the CRC value. The random number can be a real random number. To shuffle the bits from the stream random bits, initialize a random bit-buffer first. Then traverse the bits within the stream and identify which bits are set. The destination bit location for each bit set in the stream may be calculated, and then the corresponding bit is set in the random-bit buffer. Initializing the random bit cache may include setting all bits to the exact same value. According to some embodiments all bits in the random bit are set to zero. A table lookup can be used to calculate the destination bit.

Referring to the figures in general, systems and methods of data obfuscation for a digital bitstream are described. These systems and methods can be used to encode or decode data packets to secure data. The digital bit stream can be called a bitstream, data stream, data packet or data.

Referring to the figures further, systems and methods of managing obfuscated communications between multiple devices are described. Key provisioning can be used to establish a communications protocol among multiple devices, and the techniques described in this document may be used for securing the communications.

Referring to FIG. A data communication system in its embodiment is shown in Figure 1A. In general, the data communications system includes one sender 100 and one receiver 150. The one or two senders 100 transmit data to the receiver 150. FIG. In the embodiment shown in FIG. In the embodiment of FIG.

As described previously, the data transmitted 140 is obfuscated in order to protect it from cyber-attacks. A data conversion module (102), which is part of the sender’s 100 preparation for data transmission, obfuscates data using one or more mappings and functions. The data conversion module 100 obfuscates the data that will be transmitted, also referred to as “input data”. In the present disclosure, the OCTS header data for the data packet being transmitted is also obfuscated. Note that the terms “header” and “header data” are used interchangeably. In the present disclosure, “header” and “header data” refer to the OCTS header information instead of the packet header in a communications protocol such as TCP/IP (where routing information would be stored). In the present disclosure, the OCTS header data is used instead of the header in a communication protocol like TCP/IP where information such as routing would be stored. The data conversion module includes a manager (104), which is configured to control obfuscation of the data, (e.g. determining the functions and mappings that should be used and in what order), and provide information to allow the receiver to deobfuscate the data. Three modules are shown in the data conversion module to obfuscate data. The data conversion module includes an input data module 108 for obfuscating the input data. A header data module 110 is used to obfuscate header data in the data packet. And a data merge module 112 that merges the obfuscated information from the modules 110, 108 together. The data conversion module may include multiple tables 106 to be used during the obfuscation.

Once the obfuscated information is received and transmitted by a receiver, the data conversion modules 152 reverse the obfuscation performed at the data converter module 102 of sender 100. The data conversion module includes a manager (154), which is configured to control the deobfuscation process. Three modules are shown for deobfuscating data in the data conversion module. The data conversion module includes a data split module 158 that divides the data received into an input data and header data portions, a deobfuscation input module 160 for deobfuscating the input portion, and a deobfuscation header data 162 for deobfuscating the header data. As described in the following figures, the data conversion module may include tables 156 to be used during deobfuscation.

The three modules from the two data conversion modules, 102 and 152, may be configured independently. Each module can obfuscate data according to the functions, tables etc. It is impossible for an unauthorised agent to obtain the original data, as all three modules must be “broken” by that agent in order to recover it. The unauthorized agent would have to ‘break’ all three independent modules in order to recover the original, unencoded data. “However, the way in which one of three independent modules encoded the data will not provide any clues as to the obfuscation used by the other two modules.

In the embodiment shown in FIG. The data conversion module 102 is shown in each of the sender and receiver 100 (e.g. the data converter modules 102 are inside a receiver or sender device). In different exemplary embodiments any configuration of the data communication system is possible (e.g. the sender may send data to be encrypted to a remote module for data conversion, and the receiver may receive the deobfuscated information from the remote module for data conversion, etc.). In some embodiments, different computing devices may perform the functions of data conversion modules. All such variations should be considered to fall within scope of the current disclosure.

The present disclosure describes forward mapping and reverse map functions that can be used to obfuscate or deobfuscate data. The forward mapping function can be used to replace the input bit patterns with a new one, whereas the reverse mapping function reverses this substitution. In certain embodiments, both the forward map (or the reverse map) and the forward map can be stored or contained by the receiver 150. A person of skill would know that the sender only needs to contain the forward map, and the receiver only needs the reverse map. One of skill would also recognize that if only one map is provided, it can be easily deduced to provide the other map, requiring just one map for both the receiver and the sender.

Referring to FIG. A data storage system 180 in its embodiment is shown on FIG. The embodiment shown in FIG. In FIG. 1A, the data obfuscation is described in relation to a bit stream that will be transmitted by a sender from a receiver. The data obfuscation may be used to encrypt data that is to be stored, for example, “data at rest”. The embodiment of FIG. The data storage system 180 can receive a packet of data to be stored (e.g. a database 182) in the memory of the system. As shown in FIG. 1, the data storage system may include input data obfuscation modules 108 and 110 as well as data merging modules 112. The data can be obfuscated before being stored using module 1A. The data storage system may also include the header data deobfuscation 162, input data deobfuscation 160, and data splitting module 158 for decoding data after retrieval. The data storage system may include one manager for managing processes of encoding data and decoding data retrieved. The present disclosure is primarily concerned with a data obfuscation method for data that will be transmitted. However, the systems and methods described herein can be used to store data locally without departing the scope of this disclosure. The present disclosure, although describing a database in its primary form, does not require that the storage be in database format. A person skilled in the art will recognize that any type of storage can be used, whether or not it has a database schema. The obfuscated information may, for example, be stored as standalone files, in the file system or on removable media. “A person of skill would recognize that the system could spread the deobfuscation or obfuscation component on different machines or networks, and these different machines and networks might be controlled by separate entities.

Click here to view the patent on Google Patents.