Abstract: A method for creating a one-way function from a computation problem instances with a predefined success criteria, based on mutual hiding of the success criteria, comprising the steps of selecting at least a first and a second original computation tasks, each having an original corresponding success criterion; applying a function (such as a bitwise XOR operation) over both original corresponding success criteria, to form a single combined success criterion for a mutual computation task being a combination of the at least a first and a second original computation tasks; outputting the original computation tasks along with the combined success criterion, while excluding the original corresponding success criteria.

Abstract: A system for performing real-time quantum-safe computation of a digital transaction using in a blockchain consensus protocol, comprising a plurality of permissioned verification servers being a plurality of distributed participants that are adapted to create common randomization to all of said participants which remains unrevealed until being used by said participants, by assigning to each participant a unique polynomial having a maximal degree being common to all participants; allowing each participant to select a random value; allowing each participant to send his selected random value to all other participants using a secret sharing scheme based on points on his unique polynomial, such that said secret hides the details of said selected random value and all other participants that receive shares of said selected random value will not be able to reconstruct said selected random value from the received shares; create a pool of all shares of all participants; build a quantum-safe consensus of honest participa

Abstract: A computer implemented method for encoding bits by qubits to perform information-theoretically secure quantum gate computation, according to which pairs of quantum bits consisting of a first qubit as an encoding of “0” and a second qubit as an encoding of “1” are randomly selected, such that the first and second qubits are orthogonal to each other as quantum states and are interchanged by a NOT gate. Each qubit rotating to a desired initial direction and then each rotated qubit is further rotated to its antipodal direction by applying a quantum NOT or CNOT gate to the each rotated qubit, without any knowledge about the desired direction. A unitary gate is further applied over the qubits, using an ancillary |0 qubit that creates an equally weighted superposition of the qubits.

Abstract: A system and method for validating an entity may include obtaining by at least a first system, a set of entity details related to the entity; associating with the entity, by the first system, a first trust level based on at least some of the entity details; and validating the entity based on the first trust level. A system and method for validating an entity may include providing at least one of first and second values to a respective at least one of first and second devices; providing the entity, by at least one of the first and second devices, with the at least one of first and second values; and using the at least one of first and second values, by the entity, to identify the entity to an identifying entity.

Abstract: A system and method for validating an entity and sending secret shared public key for securely communicating data that may include providing first and second entities with an identical sequence of bits; encrypting data, by the first entity, using bits in a first portion of the identical sequence as an encryption key, to produce encrypted data; XORing the encrypted data based on bits in a second portion of the sequence to produce encrypted and XORed data; sending the encrypted and XORed data to the second entity; and using the sequence of bits, by the second entity, to un-XOR and decrypt the encrypted and XORed data.

Abstract: A system and method for securing a communication channel may include obtaining a first value by first and second devices. A second value may be randomly selected by the first device and may be provided to the second device. The first and second devices may independently from one another apply a function to the first and second values and may use a result of the function to secure and authenticate a communication channel between the first and second devices.

Abstract: A method for providing self-stabilization of functionality security and privacy to a distributed computer system with self-stabilizing machines, according to which the system periodically and constantly recovers from cyber-attacks performed by an adversary who gained access to the system during a vulnerability window. Then a True Random Number Generator (TRNG) generates a random number from which generating a pair of public and private keys are generated. The public key of the pair is distributed among neighboring machines, to generate a common symmetric secret key. Each machine to exchanges messages with any other machine using messages that are encrypted and decrypted by their established common symmetric secret key, where all keys are generated using random numbers that were generated by the True Random Number Generator.

Abstract: A method for efficiently method for performing adaptive management of a cache with predetermined size and number of cells with different locations with respect to the top or bottom of the cache, for storing at different cells, data items to be retrieved upon request from a processor. A stream of requests for items, each of which has a temporal probability to be requested is received and the jump size is incremented on cache misses and decremented on cache hits by automatically choosing a smaller jump size and using a larger jump size when the probability of items to be requested is changed. The jump size represents the number of cells by which a current request is promoted in the cache, on its way from the bottom, in case of a cache hit, or from the outside in case of a cache miss, towards the top cell of the cache.

Abstract: A method for performing, in a single round of communication and by a distributed computational system, Secure MultiParty Computation (SMPC) of an arithmetic function ƒ:pk?p represented as a multivariate polynomial over secret shares for a user, comprising the steps of sharing secrets among participants being distributed computerized systems, using multiplicative shares, the product of which is the secret, or additive shares, that sum up to the secret by partitioning secrets to sums or products of random elements of the field; implementing sequences of additions of secrets locally by addition of local shares or sequences of multiplications of secrets locally by multiplication of local shares; separately evaluating the monomials of ƒ by the participants; adding the monomials to obtain secret shares of ƒ.

Abstract: The present invention is directed to a method and system for testing, during runtime, the correctness of a computer program (such as a hypervisor, an operating system or an interpreter) that controls a system and has one or more software modules. Accordingly, a reflexive code of a reflex function is integrated into the software modules or into a virtual infrastructure that executes the computer program. Whenever desired, the reflexive code is activated by an input and its corresponding output is processed. Then, the correctness of the one or more software modules or of the computer program is determined according to the processing results.

Abstract: A method for efficiently method for performing adaptive management of a cache with predetermined size and number of cells with different locations with respect to the top or bottom of the cache, for storing at different cells, data items to be retrieved upon request from a processor. A stream of requests for items, each of which has a temporal probability to be requested is received and the jump size is incremented on cache misses and decremented on cache hits by automatically choosing a smaller jump size and using a larger jump size when the probability of items to be requested is changed. The jump size represents the number of cells by which a current request is promoted in the cache, on its way from the bottom, in case of a cache hit, or from the outside in case of a cache miss, towards the top cell of the cache.

Abstract: A broadcast encryption method that allows a broadcaster to send encrypted content to a set of users such that only a subset of authorized users can decrypt the content, and to perform both temporary and permanent revocation of users. Accordingly, during a Setup stage, a Key Service generates a public key and a Master Secret Key (MSK) and sends the Public Parameters PP used to generate the public key to a broadcaster and to all users. The broadcaster uses the Public Parameters PP to create a message M, with which the broadcaster encrypts the content, and further creates a Cipher Text (CT), which is sent to all users. During a Key Gen stage, whenever a user wishes to decrypt the message M for decrypting the content, the user sends a request with his ID1 to the Key Service. The Key Service generates a corresponding secret key SKID1 and the secret key SKID1 is sent to the user ID1 via a secure data channel.

Abstract: A system and method for validating an entity and sending secret shared public key for securely communicating data that may include providing first and second entities with an identical sequence of bits; encrypting data, by the first entity, using bits in a first portion of the identical sequence as an encryption key, to produce encrypted data; XORing the encrypted data based on bits in a second portion of the sequence to produce encrypted and XORed data; sending the encrypted and XORed data to the second entity; and using the sequence of bits, by the second entity, to un-XOR and decrypt the encrypted and XORed data.

Abstract: A system and method for providing secure communication between a source and a destination that is secured by secret sharing, during a vulnerability window in which all secret shares are collected in one or more points along the communication paths. Accordingly, during the regular operation of the communication protocol, a common random secret OTP is created by sending random bits from the sender to the receiver and the source is allowed to perform bitwise XOR operation between the information to be sent and the common random secret OTP, prior to using secret sharing. The results of the bitwise XOR operation are sent to the destination using secret sharing and the destination reconstructs the random secret and decrypts the received data, using the common established random secret. The common random secret is based on polynomial randomization being transferred from the source to the destination using secret sharing.

Abstract: A method for establishing a fully private, information theoretically secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n,k) secret sharing. Further, defining for at least one node vi a directed edge (vi1, vi2) that has a k?1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.

Abstract: A method for establishing a fully private, information theoretically secure interconnection between a source and a destination, over an unmanaged data network with at least a portion of a public infrastructure. Accordingly, n shares of the source data are created at the source according to a predetermined secret sharing scheme and the shares are sent to the data network, while encrypting the sent data using (n,k) secret sharing. A plurality of intermediating nodes are deployed in different locations over the network, to create a plurality of fully and/or partially independent paths in different directions on the path from the source to the destination, and with sufficient data separation. Then, the shares are sent over the plurality of fully and/or partially independent paths while forcing shares' carrying packets to pass through selected intermediate nodes, such that no router at any intermediating nodes intercepts k or more shares.

Abstract: A method for providing self-stabilization of functionality security and privacy to a distributed computer system with self-stabilizing machines, according to which the system periodically and constantly recovers from cyber-attacks performed by an adversary who gained access to the system during a vulnerability window. Then a True Random Number Generator (TRNG) generates a random number from which generating a pair of public and private keys are generated. The public key of the pair is distributed among neighboring machines, to generate a common symmetric secret key. Each machine to exchanges messages with any other machine using messages that are encrypted and decrypted by their established common symmetric secret key, where all keys are generated using random numbers that were generated by the True Random Number Generator.

Abstract: A system and method for signing a message and establishing a symmetric key between two entities. A plurality of leaves are generated, each including public and private values of a Lamport signature; a plurality of trees are generated each including a subgroup of leaves; leaves of a first nested tree are used for signing messages sent to a second entity. If a first nested tree is exhausted, then a leaf of a following tree is used for signing and a root of the following tree together with an auxiliary value are published, the auxiliary value enabling the second entity to verify that the root of the following tree was generated by the first entity. The symmetric key is generated using a modified Merkel puzzle including a plurality of rows, each including a plurality of hashed values. The modified Merkel puzzle may be signed using a leave of a nested tree.

Abstract: A system and method for validating an entity may include obtaining by at least a first system, a set of entity details related to the entity; associating with the entity, by the first system, a first trust level based on at least some of the entity details; and validating the entity based on the first trust level. A system and method for validating an entity may include providing at least one of first and second values to a respective at least one of first and second devices; providing the entity, by at least one of the first and second devices, with the at least one of first and second values; and using the at least one of first and second values, by the entity, to identify the entity to an identifying entity.

Abstract: A system and method for securing a communication channel may include obtaining a first value by first and second devices. A second value may be randomly selected by the first device and may be provided to the second device. The first and second devices may independently from one another apply a function to the first and second values and may use a result of the function to secure and authenticate a communication channel between the first and second devices.