Abstract: A method for storing information includes receiving information to be stored and an information tag from a user computing entity, and storing the information and the information tag. The information to be stored includes a chunk that is divided into a plurality of blocks each comprising one or more elements. The information tag comprises a plurality of tags each having been computed for one of the blocks, wherein the tag for the j-th block of the i-th chunk is based on: an output of a random function using as input: 1) an output of an index function mapping each index j to a certain value, and/or 2) a seed sampled for the i-th chunk; the j-th block; and a representation of a second secret comprising one or more random elements each associated with a respective one of the one or more elements of one of the blocks.

Abstract: A method for execution of a Byzantine Fault Tolerant (BFT) protocol among a number of participating nodes of a network includes: receiving, by a primary node of the BFT protocol, a transaction request, applying, by the primary node, a data dissemination protocol for distributing the transaction request among the participating nodes via a data-plane of the network, and generating, by the primary node, a hash of the transaction request and requesting consensus among the participating nodes via a control-plane of the network using the hash of the transaction request.

Abstract: A method detects model-poisoning attempts in a federated learning system. The federated learning system includes a server orchestrating with clients to train a machine-learning model. The method includes receiving, by the server, results of a poisoning detection analysis. The poisoning detection analysis includes at least one of an analysis of class-specific misclassification rates or an analysis of activation clustering of a current state of the machine-learning model.

Abstract: A method for storing a data file (DF) on a storage entity (SE) includes receiving, by a proxy (PE) and from a computing entity (CE), a plurality of hash values corresponding to a plurality of blocks of the DF. The PE may check whether the plurality of blocks of the DF are stored in the SE based on the plurality of hash values. Based on determining that at least a subset of the plurality of blocks of the DF are not being stored in the SE, the PE may compute a secret associated with an encryption key. The PE may transmit, to the CE, the secret. The PE may receive, from the CE, information including storage locations of the subset of the plurality of blocks within the SE and one or more hash values, of the plurality of hash values, associated with the subset of the plurality of blocks.

Abstract: A method for securing a cryptocurrency transaction on a permissioned blockchain, which involves cryptocurrencies of a permissionless public blockchain, includes receiving a join request including a transaction identification. The transaction identification identifies an enroll transaction involving a public smart contract deployed on the permissionless public blockchain, the enroll transaction identifying a permissioned blockchain public key being valid on the permissioned blockchain and transferring a cryptocurrency balance to the public smart contract. The method further includes verifying that the enroll transaction was properly executed, crediting an account corresponding to the permissioned blockchain public key with the cryptocurrency balance, and receiving a send request identifying a second cryptocurrency balance and a second permissioned blockchain public key being valid on the permissioned blockchain.

Abstract: A method for securing an interblockchain transaction includes receiving, from a first user application, a registration request including a first permissioned blockchain public key and a first permissionless blockchain public key. The method also includes performing, by the processing circuitry, receiving, from a second user application, a second registration request including a second permissioned blockchain public key and a second permissionless blockchain public key. The permissioned blockchain public keys are valid on the permissioned blockchain and the permissionless blockchain public keys are valid on the permissionless public blockchain. In addition, the method includes receiving, from the first user application, a transaction identification, the transaction identification identifying a first transfer transaction executed on the permissionless public blockchain. The transaction identification identifies the first and second permissionless blockchain public keys.

Abstract: A method for storing information includes receiving information to be stored and an information tag from a user computing entity, and storing the information and the information tag. The information to be stored includes a chunk that is divided into a plurality of blocks each comprising one or more elements. The information tag comprises a plurality of tags each having been computed for one of the blocks, wherein the tag for the j-th block of the i-th chunk is based on: an output of a random function using as input: 1) an output of an index function mapping each index j to a certain value, and/or 2) a seed sampled for the i-th chunk; the j-th block; and a representation of a second secret comprising one or more random elements each associated with a respective one of the one or more elements of one of the blocks.

Abstract: A method for supporting sharing of travel history of travelers in airports includes receiving, by a trusted entity of the distributed ledger system, a registration request from a traveler via a traveler application. The registration request provides personal information of the traveler to the trusted entity. The method further includes generating, by the trusted entity, a public key for the traveler using an identity-based encryption mechanism and sending, from the trusted entity to the global identity blockchain, a registration transaction with respect to the traveler. The registration transaction comprises the public key of the traveler. The method further includes recording a travel history that includes all travel tickets of the traveler, wherein a Merkle tree of all the travel tickets of the traveler is generated. The Merkle tree has a Merkle root, and the Merkle root of the Merkle tree is stored in the global identity blockchain.

Abstract: A method for enabling pruning of a blockchain of a blockchain network includes creating an active blocks commitments Merkle tree from hashes of active blocks and creating an active smart contracts commitments Merkle tree from hashes of active smart contracts. The Merkle trees are created after an amount of blocks created in the blockchain has reached a threshold set by a pruning threshold parameter stored in the blockchain network. Hashes of the roots of the Merkle trees are stored in a header of a new block as a new genesis block. The new genesis block is broadcast to the blockchain network. A set of the active blocks and active smart contracts used respectively to create the active blocks commitments Merkle tree and the active smart contracts commitments Merkle tree are committed to upon the blockchain network reaching consensus on the new genesis block.

Abstract: A method is provided for preparing a plurality of distributed nodes to perform a protocol to establish a consensus on an order of received requests. The plurality of distributed nodes includes a plurality of active nodes, the plurality of active nodes including a primary node, each of the plurality of distributed nodes including a processor and computer readable media. The method includes preparing a set of random numbers, each being a share of an initial secret. Each share of the initial secret corresponds to one of the plurality of active nodes. The method further includes encrypting each respective share of the initial secret, binding the initial secret to a last counter value to provide a commitment and a signature for the last counter value, and generating shares of a second and of a plurality of subsequent additional secrets by iteratively applying a hash function to shares of each preceding secret.

Abstract: A method for supporting sharing of travel history of travelers in airports, wherein the travelers' identity is managed using a distributed ledger system, wherein the distributed ledger system includes a global identity blockchain and several per segment security blockchains, wherein the global identity blockchain is accessible by entities of the distributed ledger system, and wherein a per segment security blockchain is employed for a predetermined flight segment, such that the per segment security blockchain is accessible only by entities of the distributed ledger system that are involved in the predetermined flight segment, the method comprising the steps of: a) generating a history secret of a traveler according to a resistance mechanism for resisting a creation of multiple identities, in particular a Sybil-resistance mechanism; b) receiving, by the global identity blockchain, a registration request of the traveler, wherein the registration request comprises a commitment of the traveler's history secret, a

Abstract: A method for operating a mining pool includes running, by a mining pool operator, a blockchain node and at least one enclave. The blockchain node is connected to the enclave as well as to a blockchain P2P network and to a publicly available site. The method further includes checking, by the blockchain node, validity of incoming blocks and transactions received from the blockchain P2P network, and forwarding information on the received blocks and transactions to the at least one enclave. The method further includes creating, by the at least one enclave, a state transparency log and inserting the block and transaction information received from the blockchain node into the state transparency log, and signing, by the at least one enclave, the state transparency log and publishing the state transparency log at the publicly available site.

Abstract: A method for securing a blockchain and incentivizing the storage of blockchain data using a publicly verifiable proof of retrievability (PoR) includes receiving a PoR transaction having a PoR proof, determining whether the PoR proof is a verified PoR proof, and based upon determining that the PoR proof is a verified PoR proof, incorporating, by a block creator node, the PoR transaction into a new block of the blockchain.

Abstract: A method for byzantine fault-tolerance replicating of data on a plurality of n servers includes performing a preprocessing procedure. The n servers include one primary node (PN) and n?1 backup nodes (BN), wherein f servers may arbitrarily fail, and wherein all n servers have a trusted computing entity (TCE). The preprocessing procedure is performed by the TCE of the PN and includes computing a random secret value for a unique, monotonic, sequential counter (UMSC) to be assigned with a request message for requesting an operation to be performed, computing a commitment for the random secret value and the UMSC, and splitting the random secret value into a plurality of shares. The preprocessing procedure further includes computing a server-specific authenticated encryption of each share, and providing the computed server-specific shares and the computed commitment to the respective servers.

Abstract: A method for providing information to be stored includes computing a storable first secret for generating a random value based on a random function. The information to be stored is provided as a chunk which is divided into blocks each having an element. A storable second secret comprising a random element is computed. A tag is computed for each block such that the tag for the j-th block of the i-th chunk is computed using: an output of the random function, the j-th block, and a representation of the second secret. The information to be stored is provided together with an information tag comprising the computed tags of each block of each chunk.

Abstract: A method for electing a leader in a blockchain network using a role-based consensus protocol includes generating a new block by a node in the blockchain network and computing an effective resources metric for the node based on a role of the node, resources of the node and a role-based weight profile for the resources of the node. Eligibility proof of the node is generated based on eligibility information that includes a blockheader of the new block, an identity of the node, a difficulty target, T, of the blockchain network, and the effective resources metric. The new block and the eligibility proof is broadcast to the blockchain network, to enable one or more other nodes in the blockchain network to verify eligibility of the node as a leader.

Abstract: A full blockchain node for preserving privacy of a lightweight blockchain client in a blockchain network includes at least one computer device having an operating system. A trusted execution environment is installed on the at least one computer device such that code is executable by the trusted execution environment in isolation from the operating system. The trusted execution environment is configured to communicate with the lightweight blockchain client for performing blockchain transactions in a blockchain network.

Abstract: A computer-implemented method of instantiating a machine learning model with a host processing system is provided. The host processing system includes a trusted execution environment (TEE) and an untrusted processing system (UPS). The method includes: preparing, with the host processing system, a compiler encoding an architecture of the machine learning model; receiving, from a client processing system, source data; and producing, with the compiler, software based on the received source data and model parameters stored on the host processing system. The software includes an untrusted software component for performance on the UPS and a trusted software component for performance on the TEE. The untrusted software component and the trusted software component are configured to, when performed in concert, instantiate the machine learning model.

Abstract: A blockchain smart contract rewriting framework system has a vulnerability detection tool, a rewriter tool, and a deployment component. The deployment component obtains a permission to upgrade the smart contract, which granted by a smart contract creator/owner. The contract rewriting framework system retrieves the smart contract from the blockchain network, and passes it to the vulnerability detection tool. The vulnerability detection tool detects a vulnerability in the smart contract, and determines a type of the vulnerability and an instruction location of the vulnerability. The rewriter tool rewrites the smart contract to include a patch for fixing the vulnerability, a patched smart contract being generated by the rewriter tool based on the type of the vulnerability and the instruction location of the vulnerability.

Abstract: A method for securing a genuine machine learning model against adversarial samples includes the steps of attaching a trigger to a sample to be classified and classifying the sample with the trigger attached using a backdoored model that has been backdoored using the trigger. In a further step, it is determined whether an output of the backdoored model is the same as a backdoor class of the backdoored model, and/or an outlier detection method is applied to logits compared to honest logits that were computed using a genuine sample. These steps are repeated using different triggers and backdoored models respectively associated therewith. It is compared a number of times that an output of the backdoored models is not the same as the respective backdoor class, and/or a difference determined by applying the outlier detection method, against one or more thresholds so as to determine whether the sample is adversarial.