Abstract: Described are techniques for generating and employing decentralized asset identifiers for cross-blockchain network asset transfers, the techniques including registering a decentralized asset identifier to an asset with a local asset identifier, where the decentralized asset identifier is immutable. The techniques further include endorsing a proposed transaction for transferring the asset from a first controller associated with a first blockchain network to a second controller associated with a second blockchain network, where the proposed transaction utilizes the decentralized asset identifier. The techniques further include exchanging, in a document associated with the decentralized asset identifier and retrieved from an identity network, the first controller for the second controller.

Abstract: The method provides an automated and scalable system for the generation, distribution, management of symmetric pre-shared keys (PSKs) to applications executing on headless and mobile devices. It helps achieve device protection, application security, and data protection with data authenticity and confidentiality in intra-device, inter-device, device-to-edge, and device-to-cloud communications. It helps Transport Layer Security (TLS) enabled applications dynamically acquire and renew PSKs and use identity hints for PSK based authentication ceremony during a TLS handshake. It helps client-server applications dynamically acquire and renew PSKs using keyed-hash message authentication code (HMAC) for data integrity and authenticity, content signing, and data encryption for confidentiality. It helps manage and distribute API shared secrets and API access tokens required for authenticated API requests and API security.

Abstract: There is provided an information processing apparatus that generates an encrypted bit string in which a hash value calculated by using keyed hashing from a keyword for an information search is mapped into a bit string having a predetermined length, selects a predetermined number of bits from the encrypted bit string on the basis of a dynamically generated random number, inverts the predetermined number of selected bits, and sends the encrypted bit string and inverted-bit-number information to an external apparatus. The inverted-bit-number information indicates a number of bits inverted by a bit inverting unit.

Abstract: A mechanism for securing a series of related function calls for firmware services using session tokens is discussed.

Abstract: An active feedback control method for a quantum communication system based on machine learning is disclosed. In the transmission process of a quantum key distribution system, the present invention uses a pre-trained double-layer LSTM network to predict, according to a real-time ambient temperature, humidity and laser light intensity fluctuation, as well as voltage changes in the past moment, a zero-phase voltage value of a phase modulator at a receiving end at the next moment, and updates the network at a fixed time interval, so that the LSTM network can accurately predict for a long time, ensuring that the quantum key distribution system operates stably and efficiently for a long time. The present invention greatly improves the transmission efficiency of the quantum key distribution system by method of active prediction and feedback control.

Abstract: Described are a system and method for secure n-party computation. The method includes communicating a first input of an n-party computation to a trusted execution environment (TEE). The method also includes receiving, from the TEE, at least one encrypted output of the n-party computation using the first input and at least one second input of at least one other computing device, and using at least one public key of the at least one other computing device. The method further includes posting the at least one encrypted output on at least one blockchain accessible by the at least one other computing device. The method further includes, in response to posting the at least one encrypted output, receiving at least one proof of publication. The method further includes communicating the at least one proof of publication to the TEE and receiving the function output of the n-party computation.

Abstract: A method includes a computing device verifying authenticity of a blockchain-encoded record representing a statement of words and an entigen group to produce an authenticity indicator where a set of identigens is determined utilizing a knowledge database for each word to produce sets of identigens and where the sets of identigens is interpreted to produce the entigen group. When the authenticity indicator indicates an authentic status, the method further includes determining, based on an updated knowledge database, an updated set of identigens for each word of the statement to produce updated sets of identigens. The method further includes interpreting, based on the updated knowledge database, the updated sets of identigens to produce an updated entigen group. The method further includes updating the blockchain-encoded record to represent the statement and the updated entigen group to facilitate subsequent utilization of an updated validated interpretation of the statement as the updated entigen group.

Abstract: A method including determining, by a device, an assigned key pair including an assigned public key and an assigned private key; determining, by the device for a group associated with a folder, a group access key pair including a group access public key and a group access private key; encrypting, by the device, the group access private key by utilizing the assigned public key; and accessing, by the device, the folder based at least in part on decrypting the group access private key. Various other aspects are contemplated.

Abstract: Techniques for providing application-independent access control in a cloud-services computing environment are provided. In one embodiment, a method for providing application-independent access control is provided. The method includes obtaining a user identity for accessing the cloud-services computing environment and receiving a user request to perform a task using an application. The method further includes collecting process-related data for performing the task using the application and obtaining one or more network routing addresses. The method further includes determining, based on the user identity, the process-related data, and the one or more network routing addresses, whether the task is to be performed. If that the task is to be performed, the task is caused to be performed using the application; and if the task is not to be performed, the user request is denied.

Abstract: A root-of-trust device includes one or more processors configured to receive a candidate block identifier corresponding to a block number of a candidate block of a distributed electronic ledger; receive one or more verified block identifiers each corresponding to a block number of one or more verified blocks; compare the received candidate block identifier with a block identifier in the stored one or more verified block identifiers; and in the case that the comparing of the candidate block identifier to the block identifier in the stored one or more verified block identifiers satisfies a predetermined condition, verify the candidate block corresponding to the candidate block identifier and send data corresponding to a verified block of the distributed electronic ledger.

Abstract: Systems and methods for determining consumer eligibility for a gated offer using verification data from a verification source, while reducing exposure of the verification data, are herein disclosed. In one example, a method for a verification source comprises, generating a seed hash from a pre-determined data specification, aggregating verification data based on one or more data fields indicated by the data specification to produce aggregated verification data, hashing the aggregated verification data using the seed hash to produce hashed verification data, receiving hashed customer data from a verification platform, receiving a comparison request from the verification platform, comparing the hashed customer data with the hashed verification data; and returning a result to the verification platform indicating if the hashed customer data matches the verification data.

Abstract: The present invention relates to a zero-knowledge proof-based certificate service method using a blockchain network, the method comprising: (a) a step in which, if a certificate registration request transaction including user trap information generated by using at least one user personal information corresponding to a user and a private key of the user is acquired from a user terminal, a certification support server confirms whether or not the user personal information included in the certificate registration request transaction is authentic; (b) a step in which, if it is confirmed that the user personal information corresponds to the user, the certification support server computes the user personal information and the user trap information included in the certificate registration request transaction by using a commitment scheme, thereby generating a user commitment corresponding to the user personal information; and (c) a step in which the certification support server transmits a certificate transaction incl

Abstract: A method for atomic exchange of assets on multiple blockchains using transient key pairs includes: generating, by a first computing device, a proposal message, the proposal message including at least a first transaction value, a first network identifier corresponding to a first blockchain, a second transaction value, a second network identifier corresponding to a second blockchain, and a swap public key of a swap cryptographic key pair; generating, by the first computing device, a first digital signature for the proposal message; encrypting, by the first computing device, the first digital signature using the swap public key and a first private key of a first cryptographic key pair; appending, by the first computing device, the encrypted first digital signature to the generated proposal message; and transmitting, by the first computing device, the generated proposal message with appended encrypted first digital signature to a second computing device.

Abstract: Methods and systems enabling tracking and managing apparel items are described. The apparel item (e.g. clothing item, shoes, accessories, jewelry and other type of wearables) is tagged and tracked using an inimitable identification tag that is at least partially invisible to the naked human eye, and generating a record of the apparel item in a distributed ledger using the tag data of the inimitable identification tag. The record is associated with a non-fungible token (NFT) on the ledger that allows for tracking the item throughout its life. For example, it is possible to locate and authenticate the apparel item by using the private key associated with the NFT of the token. The apparel item may be tracked starting from a manufacturing phase of the apparel and extending throughout the lifespan of the apparel item. The authenticity of the apparel item can be shown throughout the manufacturing, distribution and ownership stages.

Abstract: A system and method for providing power consumption data for a distributed system in blockchains in a computer environment are presented. Energy consumption of one or more blockchain nodes in a blockchain network that achieves a consensus by a proof of work on a plurality of transactions upon executing a cryptographic operation may be determined.

Abstract: Some embodiments are directed to a system for selectively disclosing attributes and data entries of a record. An issuer device generates a digital signature on a message comprising the attributes and a secret record identifier, and digital signatures on messages comprising respective data entries and each comprising the secret record identifier. The record, secret record identifier, and signatures are provided to a selector device. The selector device selectively discloses attributes and data entries of the record to a receiver device, proving authenticity by means of a zero-knowledge proof of knowledge of the signature on the attributes and signatures on respective data entries. The receiver device verifies the proof with respect to the public key of the issuer and the received attributes and data entries.

Abstract: Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.

Abstract: Disclosed herein are systems and methods for preserving data integrity when integrating secure multiparty computation (SMPC) and blockchain technology. In one exemplary aspect, a method may split, via a data publisher, data into a plurality of data secret shares using an SMPC protocol, wherein each secret share of the plurality of data secret shares is assigned to an SMPC compute node of a plurality of SMPC compute nodes and wherein the plurality of SMPC compute nodes may be members of a blockchain network. In some aspects, the method may determine parameters of a message authentication code (MAC) condition based on the data, may generate secret shares of the MAC condition parameters, and may include a plurality of MAC secret shares with the plurality of data secret shares.

Abstract: There may be provided a computer-implemented method. The computer-implemented method includes: i) after a proof-of-stake token is transferred to an address of a determined type on a proof-of-stake blockchain, adding a record of the transfer of the proof-of-stake token to the proof-of-work blockchain; ii) identifying a node, from a group of nodes, to participate in adding a block to the proof-of-stake blockchain, the identifying based on the proof-of-work blockchain; and iii) including a block submitted by the identified node in the proof-of-stake blockchain.

Abstract: A method for managing a deal room using a cryptographic ledger that includes a plurality of blocks that store information relating to a deal being hosted in the deal room, the method comprising: receiving a request to perform an operation with respect to the deal room from a remote computing device, wherein the request indicates a user that is requesting permission to perform the operation and a permission key corresponding to the user; determining a cryptographic hash of the operation specific permission key using a hash function; transmitting the cryptographic hash to a plurality of node computing device, wherein each node computing device stores at least a portion of the cryptographic ledger, and wherein the cryptographic ledger in part stores cryptographic hashes of operation specific permission keys that indicate permissions granted to respective users associated with the deal.