Abstract: A method comprises: tokenizing, at a first device, a search query; creating search requests and send to delegate devices, each search request including a public key encrypted message containing the tokenized search query and index identifiers of indices to be searched; computing search responses to the search requests, each search response comprising a partial trapdoor computed per token per identifier; transmitting the search responses to the first device; recombining, at the first device, the search responses per identifier per token; performing a ranked set of queries against the indices; and returning the search results in order of relevancy.

Abstract: A method comprises registering, by a first device having a public key, with a gateway server by providing a proof of work based on the first device public key and encrypting and decrypting data using cryptographic information transmitted via the gateway server between other devices similarly registered.

Abstract: A method comprises: tokenizing, at a first device, a search query; creating search requests and send to delegate devices, each search request including a public key encrypted message containing the tokenized search query and index identifiers of indices to be searched; computing search responses to the search requests, each search response comprising a partial trapdoor computed per token per identifier; transmitting the search responses to the first device; recombining, at the first device, the search responses per identifier per token; performing a ranked set of queries against the indices; and returning the search results in order of relevancy.

Abstract: A method comprises registering, by a first device having a public key, with a gateway server by providing a proof of work based on the first device public key and encrypting and decrypting data using cryptographic information transmitted via the gateway server between other devices similarly registered.

Abstract: The disclosed embodiments include a passwordless method for securing data-at-rest. The method includes encrypting and/or decrypting data with a cryptographic key. For example, the encrypted data can be stored on a non-transitory computer memory of a first device. The method can include generating key shards based on the cryptographic key, which can be reconstituted from the key shards, and distributing the key shards among devices such that the encrypted data is secured at the first device because the first device is incapable of decrypting the encrypted data due to an absence of the cryptographic key.

Abstract: A method comprises: receiving, at a first device, a request to decrypt data encrypted with a symmetric key, the encrypted data stored on a memory device; retrieving shards of the symmetric key, the shards encrypted with public keys from a plurality of devices, wherein decryption of the data requires reconstituting the symmetric key from a threshold number of the shards; determining a priority to request decryption of the shards with private keys from the plurality of devices; requesting decryption by the plurality of devices of the shards in the determined priority until the threshold number of shards is reached; reconstituting the symmetric key from the decrypted shards; and decrypting the encrypted data with the symmetric key.

Abstract: A method comprises registering, by a first device having a public key, with a gateway server by providing a proof of work based on the first device public key and encrypting and decrypting data using cryptographic information transmitted via the gateway server between other devices similarly registered.

Abstract: A method comprises: tokenizing, at a first device, a search query; creating search requests and send to delegate devices, each search request including a public key encrypted message containing the tokenized search query and index identifiers of indices to be searched; computing search responses to the search requests, each search response comprising a partial trapdoor computed per token per identifier; transmitting the search responses to the first device; recombining, at the first device, the search responses per identifier per token; performing a ranked set of queries against the indices; and returning the search results in order of relevancy.

Abstract: The disclosed embodiments include a passwordless method for securing data-at-rest. The method includes encrypting and/or decrypting data with a cryptographic key. For example, the encrypted data can be stored on a non-transitory computer memory of a first device. The method can include generating key shards based on the cryptographic key, which can be reconstituted from the key shards, and distributing the key shards among devices such that the encrypted data is secured at the first device because the first device is incapable of decrypting the encrypted data due to an absence of the cryptographic key.