Abstract: Systems and methods for efficient cryptographic signing in heterogeneous systems that include IoT or other resource-limited devices. A signer which is the resource-limited device is not expected to generate, store and/or communicate expensive commitment values and/or public keys. A secure hardware platform serves as PUblic nonce-Commitment-Key Oracle (PUCKO) that computes and transmits commitments (e.g., one-time public key keys, ephemeral algebraic commitments) on behalf of the signer(s) to verifiers (or other signers in distributed signatures).

Abstract: A method for publicly verifiable symmetric cryptography is disclosed. The method includes: obtaining an initial encrypted key and a homomorphic public key; obtaining a first message and an initial signature; calculating an initial hashed value of the first message; setting a cryptographic function of the initial hashed value of the first message and an initial private key; generating an evaluated value based on the cryptographic function, the homomorphic public key, the initial encrypted key, and the initial hashed value of the first message; and transmitting, at the verifier, a verification result based on a hashed value of the initial signature and the evaluated value. Other aspects, embodiments, and features are also claimed and described.

Abstract: A method, system, or apparatus for generating and/or verifying a signature on a message is provided. The method, system, or apparatus at a signer may include receiving a message, generating a security parameter, generating at least two seeds corresponding to at least two servers based on the security parameter, transmitting the at least two seeds to each server of the at least two servers, determine a private key based on the security parameter or the at least two seeds, and generating, on the message, a signature based on the private key. The method, system, or apparatus at a verifier may include receiving, from a signer, a signature on a message, obtaining at least two partial public keys, determining a full public key based on the at least two partial public keys, and authenticating the signature on the message based on the full public key. Other aspects, embodiments, and features are also claimed and described.

Abstract: An algebraic proof-of-work algorithm is provided that can be used as part of the consensus algorithm used by cryptocurrencies such as Bitcoin. Instead of solving blocks using a hash puzzle, the present algorithm uses an algebraic puzzle such as a lattice-based puzzle based on the shortest vector problem and/or the knapsack problem. A cryptocurrency using the proposed proof-of-work algorithm has only a small quantum advantage when compared with existing proof-of-work algorithms.

Abstract: A method of searching encrypted files includes a client computing device selecting a specific keyword to search a plurality of encrypted files stored at a server computing device and if the specific keyword has not been previously used to search the plurality of encrypted files, the method further includes using an encrypted keyword index stored at the server computing device to identify one or more encrypted files of the plurality of encrypted files that contain the specific keyword based upon keyword-file relationships stored in the encrypted keyword index.

Abstract: Disclosed are various embodiments for certificate-free cryptosystems that achieve significant computational and communication efficiency as compared to prior systems. A private key generator (PKG) generates a master public key and a master private key unique to the PKG; receives identifying information for at least one client device; generates a public key for the at least one client device; generates a private key for the at least one client device by: performing a hash of the identifying information using the public key generated for the at least one client device to generate a plurality of indices; identifying values corresponding to the indices from the master private key; and deriving the private key based at least in part on a summation of the values corresponding to the indices; and sends the public key and the private key to the at least one client device.

Abstract: Cryptographic techniques referred to as Sender Optimal, Breach-resilient Auditing with Post-Quantum security (SOBAP) are described. Optimal efficiency and post-quantum security of symmetric key based techniques are achieved, while providing compromise-resiliency, conditional non-repudiation, and fault-tolerance verification in a distributed setting. SOBAP relies on any choice of a symmetric key based primitive with extended features (e.g., forward-security, append-only authentication), which can be optimally efficient. The verification is done via the execution of symmetric primitive F with a secure multi-party computation (SMPC) technique, wherein an honest majority guarantees a conditional non-repudiation and fault-tolerance. SOBAP offers an architecture that uses authenticated access control data structures to ensure policy enforcement. SOBAP also offers a post-quantum security via symmetric primitives and SMPC. Extensions of SOBAP offer oblivious access and enhancements with secure hardware support.

Abstract: A computer data security system, useful in protecting audit logs, includes symmetric key based techniques, requires only a small-constant number of cryptographic hash operations at the signer side sending a prospective audit log or other computer record data to a primary repository to achieve forward-secure and append-only authentication. The verification is performed by independent parties sharing parts of the symmetric key, wherein the presence of single honest party among all verifier parties ensures a conditional non-repudiation. It also ensures that an active adversary cannot generate authentication tags on behalf of the signer, unless it compromises all verification parties.

Abstract: A computer data security system, useful in protecting audit logs, includes symmetric key based techniques, requires only a small-constant number of cryptographic hash operations at the signer side sending a prospective audit log or other computer record data to a primary repository to achieve forward-secure and append-only authentication. The verification is performed by independent parties sharing parts of the symmetric key, wherein the presence of single honest party among all verifier parties ensures a conditional non-repudiation. It also ensures that an active adversary cannot generate authentication tags on behalf of the signer, unless it compromises all verification parties.

Abstract: A digital signature protocol achieves the least energy consumption, the fastest signature generation, and the smallest signature among its ECC-based counterparts. The method of authenticating is also immune to side channel attacks aiming elliptical curve operations/exponentiations as well as to weak pseudo random number generators at the signer's side. A security system for authenticating the updating of computer records includes a network of member computers in data communication with each other and calculating an assigned portion of a commitment code used for the authenticating the secure data at the verifier device by completing, among the server computers, a plurality of discrete verification tasks for a single authentication code (R?) associated with an aggregated commitment code (R), aggregating at the verifier device, the aggregated commitment code (R), and verifying the secure data at the verifier device.

Abstract: Audit logs are a fundamental digital forensic mechanism for providing security in computer systems. In one embodiment, a system that enables the verification of log data integrity and that provides searchable encryption of the log data by an auditor includes a key generation center, logging machine, and an auditor computing device. The system enables Compromise-Resilient Searchable Encryption, Authentication and Integrity, Per-item QoF with E&A for Searchable Encrypted Audit Logs, and a Key Management and System Model.

Abstract: Audit logs are a fundamental digital forensic mechanism for providing security in computer systems. In one embodiment, a system that enables the verification of log data integrity and that provides searchable encryption of the log data by an auditor includes a key generation center, logging machine, and an auditor computing device. The system enables Compromise-Resilient Searchable Encryption, Authentication and Integrity, Per-item QoF with E&A for Searchable Encrypted Audit Logs, and a Key Management and System Model.

Abstract: In a method of network communication that mitigates denial of service attacks, a server broadcasts cryptographic puzzles with certain time intervals, where each puzzle is only valid for the given time interval. A client receives the puzzle, generates a solution for the puzzle, and sends a network request to the server along with the solution of the puzzle. The server verifies the puzzle solution. If the puzzle solution is valid and received within a designated validity time period, then the server processes the request of the client. The server generates the puzzle and transmits the puzzle to the client before the client generates a request for services from the server.

Abstract: A method of generating cryptographic keys includes generating, with a first processor in a first computing device, error correction data corresponding to first sensor data that are stored in a memory, generating a first cryptographic key with reference to a first hashed value of the first sensor data, generating a first message authentication code (MAC) with reference to the first cryptographic key and the error correction data, and transmitting with a first I/O device in the first computing device the error correction data and the first MAC through a communication channel to a second computing device. The transmitted data enable the second computing device to generate a second cryptographic key with reference to second sensor data.

Abstract: A method of searching encrypted data includes generating with a client computing device a search index identifier corresponding to a search term in an encrypted search table and transmitting the search index identifier, a first single use key and a second single use key to a server. The method includes generating a set of decrypted data with the server for a set of data in an encrypted search table corresponding to the search index identifier using the first single use key to decrypt a first portion of the data and the second single use key to decrypt a second portion of the data. The method further includes identifying one or more encrypted files stored on the server that include the encrypted search term based on the decrypted data from the search table, and transmitting the encrypted files or encrypted file identifiers to the client computing device.

Abstract: A method of generating cryptographic keys includes generating, with a first processor in a first computing device, error correction data corresponding to first sensor data that are stored in a memory, generating a first cryptographic key with reference to a first hashed value of the first sensor data, generating a first message authentication code (MAC) with reference to the first cryptographic key and the error correction data, and transmitting with a first I/O device in the first computing device the error correction data and the first MAC through a communication channel to a second computing device. The transmitted data enable the second computing device to generate a second cryptographic key with reference to second sensor data.

Abstract: A method of searching encrypted data includes generating with a client computing device a search index identifier corresponding to a search term in an encrypted search table and transmitting the search index identifier, a first single use key and a second single use key to a server. The method includes generating a set of decrypted data with the server for a set of data in an encrypted search table corresponding to the search index identifier using the first single use key to decrypt a first portion of the data and the second single use key to decrypt a second portion of the data. The method further includes identifying one or more encrypted files stored on the server that include the encrypted search term based on the decrypted data from the search table, and transmitting the encrypted files or encrypted file identifiers to the client computing device.

Abstract: In a method of network communication that mitigates denial of service attacks, a server broadcasts cryptographic puzzles with certain time intervals, where each puzzle is only valid for the given time interval. A client receives the puzzle, generates a solution for the puzzle, and sends a network request to the server along with the solution of the puzzle. The server verifies the puzzle solution. If the puzzle solution is valid and received within a designated validity time period, then the server processes the request of the client. The server generates the puzzle and transmits the puzzle to the client before the client generates a request for services from the server.

Abstract: In a network device, a method for verified communication includes generating a network communication message using a selection of predetermined message elements having digital signatures generated with a private key. The network device generates a signature for the message by applying a homomorphic operation to the digital signatures of the selected predetermined message elements and to a one-time signature corresponding to a random number. The network device transmits the message in association with the signature for the message and the random number to at least one other network device.

Abstract: In a network device, a method for verified communication includes generating a network communication message using a selection of predetermined message elements having digital signatures generated with a private key. The network device generates a signature for the message by applying a homomorphic operation to the digital signatures of the selected predetermined message elements and to a one-time signature corresponding to a random number. The network device transmits the message in association with the signature for the message and the random number to at least one other network device.