Abstract: A method for encrypting data based on all-or-nothing encryption includes: providing, by an encryption system, data to be encrypted and an encryption key; dividing, by the encryption system, the data into an odd number of blocks, wherein each of the blocks has the same size; encrypting, by the encryption system, the blocks with the encryption key to obtain an intermediate ciphertext c? comprising intermediate ciphertext blocks c0?, . . . , cN?, wherein c0? corresponds to a random seed and c1?, . . . , cN? corresponds to the encrypted blocks; and obtaining, by the encryption system, a final ciphertext c using the intermediate ciphertext c?. An intermediate overall ciphertext t is obtained based on XOR'ing the intermediate ciphertext blocks c0?, . . . , cN?; and obtaining a plurality of final ciphertext blocks c1, . . . cN by XOR'ing respective intermediate ciphertext blocks c1?, . . . , cN? with the intermediate overall ciphertext t.

Abstract: A method for storing a data file, ‘DF’ on a storage entity, ‘SE’ includes a computing entity, ‘CE’, chunking the DF into a number of blocks using a one-way-function and a chunking key. The CE may compute a hash value for each of the blocks. One or more proxies, ‘PE’, may check whether the blocks are already stored, resulting in a first number of already stored blocks and a second number of blocks not being stored. The CE may encrypt the blocks not being stored using an encryption key, transmit the encrypted blocks to the SE for storing, and inform the PE about the hash value of each of the transmitted blocks and corresponding storage location information of the transmitted blocks.

Abstract: A method for encrypting data based on all-or-nothing encryption includes: providing, by an encryption system, data to be encrypted and an encryption key; dividing, by the encryption system, the data into an odd number of blocks, wherein each of the blocks has the same size; encrypting, by the encryption system, the blocks with the encryption key to obtain an intermediate ciphertext c? comprising intermediate ciphertext blocks c0?, . . . , cN?, wherein c0? corresponds to a random seed and c1?, . . . , cN? corresponds to the encrypted blocks; and obtaining, by the encryption system, a final ciphertext c using the intermediate ciphertext c?. An intermediate overall ciphertext t is obtained based on XOR'ing the intermediate ciphertext blocks c0?, . . . , cN?; and obtaining a plurality of final ciphertext blocks c1, . . . cN by XOR'ing respective intermediate ciphertext blocks c1?, . . . , cN? with the intermediate overall ciphertext t.

Abstract: A method for determining an identity of a URL visited by a user from a vantage point in a network in which network traffic is encrypted includes determining a host to model, generating a list of URLs hosted by the host to model, repeatedly retrieving web resources referenced by the list of URLs hosted by the host to model and generating a network traffic signature upon each retrieval, generating a data feature for each of the generated network traffic signatures, and training, using the generated data features, a classifier corresponding to the host to model, wherein the classifier is configured to determine an identity of the visited URL from a signature of network traffic produced by the retrieval of a resource referenced by the visited URL.

Abstract: A method for encrypting data based on all-or-nothing encryption. Data to be encrypted and an encryption key are provided. The data is divided into an odd number of blocks, wherein each of the odd number of blocks has the same size. The blocks are encrypted with the encryption key to obtain an intermediate ciphertext that includes the encrypted blocks. The intermediate ciphertext is linearly transformed based on additive contravalence operations to obtain a final ciphertext.

Abstract: A method for enforcing access control policies on data owned by a plurality of users includes evaluating the access control policies of users, applying a collusion resistant sharing scheme for generating key shares of an encryption key and delegating the key shares to one or more designated users based on a result of the evaluation. The data is securely dispersed by applying an encryption scheme on all parts of the data to be encrypted to produce encrypted data shares. The encryption scheme is provided such that for decryption of the encrypted data, the encryption key and at least a predetermined number of data shares are provided. Each data share is delegated to one or more designated users, and the data shares and the key shares are distributed to the respective designated users.

Abstract: A method for enforcing access control policies on data owned by a plurality of users includes evaluating the access control policies of users, applying a collusion resistant sharing scheme for generating key shares of an encryption key and delegating the key shares to one or more designated users based on a result of the evaluation. The data is securely dispersed by applying an encryption scheme on all parts of the data to be encrypted to produce encrypted data shares. The encryption scheme is provided such that for decryption of the encrypted data, the encryption key and at least a predetermined number of data shares are provided. Each data share is delegated to one or more designated users, and the data shares and the key shares are distributed to the respective designated users.

Abstract: A method for encrypting data based on all-or-nothing encryption. Data to be encrypted and an encryption key are provided. The data is divided into an odd number of blocks, wherein each of the odd number of blocks has the same size. The blocks are encrypted with the encryption key to obtain an intermediate ciphertext that includes the encrypted blocks. The intermediate ciphertext is linearly transformed based on additive contravalence operations to obtain a final ciphertext.