Abstract: A system and method of determining an attestation or identity score of a user of a communication device employs metadata stored in a plurality of client devices, such as IoT devices. A request for attestation, comprises a unique identifier associated with the communication device and an input or shared value. The unique identifier is used to identify, in a distributed ledger (blockchain), client devices that are paired with the communication device. Metadata stored in association with each of the client devices is retrieved and compared to the input or shared value, and a sub-identity score is determined based on the extent to which there is a match and the reliability of the client device. The sub-identity scores are combined to obtain an identity score reflecting a confidence level in the user and/or communication device.

Abstract: A hybrid encryption scheme links a first public key encryption (PKE) scheme with a second PKE scheme through a true random or pseudo-random element, which is used by a sender to encapsulate a symmetrically encrypted message and its associated symmetric key to generate a pair of ciphertexts for transmission to a recipient. The recipient decrypts and decapsulates the ciphertexts, retrieves the random element, and may conduct one or more verification steps to ensure that the ciphertexts were well-formed, and to detect any re-encryption or encapsulation attacks. To encrypt a message, the message and initial random value are encrypted with a symmetric key to provide an intermediate ciphertext. The symmetric key and the encrypted message-value are each encapsulated by distinct algorithms using distinct values derived from the initial random value, such as different hashes, and public keys to provide first and second ciphertexts.

Abstract: A hybrid encryption scheme links a first public key encryption (PKE) scheme with a second PKE scheme through a true random or pseudo-random element, which is used by a sender to encapsulate a symmetrically encrypted message and its associated symmetric key to generate a pair of ciphertexts for transmission to a recipient. The recipient decrypts and decapsulates the ciphertexts, retrieves the random element, and may conduct one or more verification steps to ensure that the ciphertexts were well-formed, and to detect any re-encryption or encapsulation attacks. To encrypt a message, the message and initial random value are encrypted with a symmetric key to provide an intermediate ciphertext. The symmetric key and the encrypted message-value are each encapsulated by distinct algorithms using distinct values derived from the initial random value, such as different hashes, and public keys to provide first and second ciphertexts.

Abstract: A system and method of determining an attestation or identity score of a user of a communication device employs metadata stored in a plurality of client devices, such as IoT devices. A request for attestation, comprises a unique identifier associated with the communication device and an input or shared value. The unique identifier is used to identify, in a distributed ledger (blockchain), client devices that are paired with the communication device. Metadata stored in association with each of the client devices is retrieved and compared to the input or shared value, and a sub-identity score is determined based on the extent to which there is a match and the reliability of the client device. The sub-identity scores are combined to obtain an identity score reflecting a confidence level in the user and/or communication device.