Abstract: Disclosed is a method and device for preventing blockchain forking. The method includes: selecting s consecutive blocks Bn to Bn+s; generating a key pair for block Bm by a node An that creates the block Bn; holding the node An active in the blockchain's continuously generating blocks Bn+1 to Bn+s until the block Bn+s of s consecutive blocks becomes tamper-proof; in response to that, signing on the block Ban+s with the private key PK?n; in response to the blockchain's subsequently generating a block Bm(m>n+s), placing the signature in Bm; making nodes creating each of the s blocks Bn to Bn+s all execute afore-mentioned steps, thereby forming multiple backlinks associated with the blockchain's block size. The number of backlinks is used for determining blockchain forking by a newly-added node creating a new block.

Abstract: The method of identity authentication at the user is provided to prove to the certificate authority that a key is owned by a user. The method can comprise selecting a certain number of keys from a set of keys of the user, obtaining a hash value of a correspondence between each key in the certain number of keys and a user identifier of the user respectively, and transmitting the obtained hash values to the certificate authority, and after receiving from the certificate authority a notification regarding a first subset of hash values, sending keys corresponding to the first subset of hash values as a first subset of keys to the certificate authority. The first subset of hash values can be selected by the certificate authority from the obtained hash values. Zero know ledge proof can be achieved with this technical solution.

Abstract: Disclosed are methods and apparatuses for electronic signature. The method for electronic signature comprises obtaining a hash value of a first key created for a user and a user identifier of the user, generating a key certificate of the first key based on the obtained hash value, the user identifier and a current key, recording the key certificate on a public medium, which public medium ensures that information published thereon is not tampered with, signing a file with the first key and recording a resulting file signature and the file on the public medium, and recording the first key on the public medium only after the file is already on the public medium. With the technical solution of the disclosure, a key can be effectively utilized.

Abstract: Disclosed are methods and systems for identity authentication, and a computing device and a storage medium. The method of identity authentication at the user is provided to prove to the certificate authority that a key is owned by a user. The method can comprise selecting a certain number of keys from a set of keys of the user, obtaining a hash value of a correspondence between each key in the certain number of keys and a user identifier of the user respectively, and transmitting the obtained hash values to the certificate authority, and after receiving, from the certificate authority a notification regarding a first subset of hash values, sending keys corresponding to the first subset of hash values as a first subset of keys to the certificate authority. The first subset of hash values can be selected by the certificate authority from the obtained hash values. Zero knowledge proof can be achieved with the technical solution of the disclosure.

Abstract: A computer implemented method of exchanging first valuable data at a first node for second valuable data from a second node, the method comprising the steps of: applying a first encryption to a first plurality of messages, at the first node, with a function having a commutative property, so as to create a blinded first plurality of messages; sending the blinded first plurality of messages from the first node to the second node, wherein the first valuable data is concealed in one message of the blinded first plurality of messages; receiving a blinded second plurality of messages at the first node, wherein the second valuable data is concealed in one message of the blinded second plurality of messages and the blinded second plurality of messages have been encrypted with a second encryption; in response to receiving the blinded second plurality of messages at the first node, applying a third encryption to the blinded second plurality of messages with a function having a commutative property so as to create do

Abstract: First and second devices store respective device data and private keys. The first-device data is additionally stored by the second device and by a proxy; and the second-device data is additionally stored by the first device and by the proxy. In a commitment phase, each of the first and second devices uses its respective device data, private key and a random nonce to generate a one-time first-device commitment value, which it sends to the proxy. In a checking phase, the devices communicate secret-key information to the proxy, which verifies the received one-time commitment values. In a digest phase, the proxy calculates a one-time digest, which it sends to the second device. The second device (101) then verifies the received one-time digest to authenticate the first device.

Abstract: A computer implemented method of authenticating communication between a first node and a second node, using a function of combined information obtained from at least one of the nodes, the method comprising: sending a commitment message from the first node to the second node, the message containing content based on (at least) a first part of the combined information, which content commits the first node to a first value of the function, and wherein the first part of the combined information is communicated from the first node to the second node with a delay mechanism that only allows the first part of the information to be determined by the second node after a predetermined time; and in response to receiving notification at the first node that the second node has received the message, which receipt commits the second node to the first function value.

Abstract: Disclosed are methods and apparatuses for electronic signature. The method for electronic signature comprises obtaining a hash value of a first key created for a user and a user identifier of the user, generating a key certificate of the first key based on the obtained hash value, the user identifier and a current key, recording the key certificate on a public medium, which public medium ensures that information published thereon is not tampered with, signing a file with the first key and recording a resulting file signature and the file on the public medium, and recording the first key on the public medium only after the file is already on the public medium. With the technical solution of the disclosure, a key can be effectively utilized.

Abstract: A computer implemented method of exchanging first valuable data at a first node for second valuable data from a second node, the method comprising the steps of: applying a first encryption to a first plurality of messages, at the first node, with a function having a commutative property, so as to create a blinded first plurality of messages; sending the blinded first plurality of messages from the first node to the second node, wherein the first valuable data is concealed in one message of the blinded first plurality of messages; receiving a blinded second plurality of messages at the first node, wherein the second valuable data is concealed in one message of the blinded second plurality of messages and the blinded second plurality of messages have been encrypted with a second encryption; in response to receiving the blinded second plurality of messages at the first node, applying a third encryption to the blinded second plurality of messages with a function having a commutative property so as to create do

Abstract: A computer implemented method of authenticating communication between a first node and a second node, using a function of combined information obtained from at least one of the nodes, the method comprising: sending a commitment message from the first node to the second node, the message containing content based on (at least) a first part of the combined information, which content commits the first node to a first value of the function, and wherein the first part of the combined information is communicated from the first node to the second node with a delay mechanism that only allows the first part of the information to be determined by the second node after a predetermined time; and in response to receiving notification at the first node that the second node has received the message, which receipt commits the second node to the first function value.

Abstract: A method of authenticating communication between a first and second party (or node) over an insecure, high bandwidth communications network, in which the first party (C) authenticates the second party (M) using a communications protocol comprising a first communications phase through a first communications channel over the insecure, high bandwidth communications network to establish a secure mode of communications between the first and second party, followed by a second communications phase of receiving information from the second party over a second communications channel, such as an empirical channel, and enabling a user to make a human comparison of the information received from the second party with information generated by the first party thereby enabling the user to authenticate the second party in the event of the information from both parties agrees.

Abstract: A system for verifying the security of communications between a set of nodes via a high-bandwidth, insecure communications channel. A number of embodiments are described for enabling authenticated communication between the nodes in an environment wherein there is a high bandwidth Dolev-Yao network amongst the nodes and non-spoofable, low-bandwidth empirical channels between each pair of nodes.

Abstract: A method of authenticating a message from a sending party to a receiving party. The sending party generates a digest of the message using a key, and sends the digest to the receiving party. The receiving party also generating the digest of the message using the key, and compares the digests to confirm the message was sent by the sending party. The key may be sent by the sending party to the receiving party by an authenticatable method; alternatively, the parties may use a secret previously agreed key.

Abstract: A method of authenticating communication between a first and second party (or node) over an insecure, high bandwidth communications network, in which the first party (C) authenticates the second party (M) using a communications protocol comprising a first communications phase through a first communications channel over the insecure, high bandwidth communications network to establish a secure mode of communications between the first and second party, followed by a second communications phase of receiving information from the second party over a second communications channel, such as an empirical channel, and enabling a user to make a human comparison of the information received from the second party with information generated by the first party thereby enabling the user to authenticate the second party in the event of the information from both parties agrees.

Abstract: A system for verifying the security of communications between a set of nodes via a high-bandwidth, insecure communications channel. A number of embodiments are described for enabling authenticated communication between the nodes in an environment wherein there is a high bandwidth Dolev-Yao network amongst the nodes and non-spoofable, low-bandwidth empirical channels between each pair of nodes.