Abstract: A method of low-latency and encrypted hardware layer communication includes calculating, by an encryption circuit of a communication bridge controller, a pre-calculated encryption keys corresponding to a block encryptor of the encryption circuit, each block encryptor configured to use a corresponding pre-calculated encryption key to encrypt a corresponding unencrypted data block of a data transmission having one or more unencrypted data blocks, storing the one or more pre-calculated encryption keys in an encryption key memory associated with the communication bridge, for each unecrypted data block, encrypting the unencrypted data block using the corresponding pre-calculated encryption key to generate an encrypted data block and an authentication code block for the unencrypted data block, aggregating one or more encrypted data blocks into an encrypted data transmission, and generating an authenticated code corresponding to the encrypted data transmission based upon each of the authentication code blocks of eac

Abstract: A fork support is provided for duplicating an application running inside an enclave entity. In this regard, a request to duplicate an application running inside a first enclave may be received by one or more processors of a host computing device of the first enclave. A snapshot of the first enclave including the application may be generated. The snapshot may be encrypted with a snapshot key and copied to untrusted memory of the host. A second enclave may be generated. The snapshot key may be sent from the first enclave to the second enclave through a secure communication channel. The encrypted snapshot may be copied from the untrusted memory of the host into the second enclave. The encrypted snapshot may be decrypted inside the second enclave with the snapshot key.

Abstract: Replica is an encryption algorithm where security is based on lavish use of randomness rather than on mathematical complexity and the cipher is decoy-tolerant, namely it can readily distinguish between bona fide ciphertext bits and randomized meaningless bits. This attribute allows its users to project as much security as they care by mixing the message bits with more and more decoy bits. It also allows its user to conceal their pattern of communication in a fixed rate of message bit flow.

Abstract: A method of exchanging a combined cryptographic key between a first node and a second node, the first node and the second node being connected through a first communication and a second communication network, wherein the first communication network is a quantum communication network wherein information is encoded on weak light pulses; and the first node and the second node being configured to: exchange one or more first cryptographic keys on the first communication network; exchange one or more second cryptographic keys using the second communication network; and form the combined cryptographic key by combining the one or more first cryptographic keys and the one or more second cryptographic keys, such that the first node and the second node share knowledge of the combined cryptographic key.

Abstract: N key generation circuits are arranged in a pipeline having N stages. Each key generation circuit is configured to generate a round key as a function of a respective input key and a respective round constant. Output signal lines that carry the round key from a key generation circuit in a stage of the pipeline, except the key generation circuit in a last stage of the pipeline, are coupled to the key generation circuit in a successive stage of the pipeline to provide the respective input key.

Abstract: In accordance with a first aspect of the present disclosure, a method is conceived for setting permissions for cryptographic keys in a cryptographic processing system, comprising: generating at least one cryptographic key to be protected; assigning one or more configurable properties to said cryptographic key; wherein the configurable properties define at least one of a permission of performing a first set of predefined operations on the cryptographic key and a permission of using the cryptographic key for performing a second set of predefined operations. In accordance with a second aspect of the present disclosure, a corresponding computer program is provided. In accordance with a third aspect of the present disclosure, a corresponding cryptographic processing system is provided.

Abstract: Certain aspects of the present disclosure provide techniques for summarizing data in a distributed system. Embodiments include generating an ordered list of blocks by iterating through a first group of blocks of a hash chain starting at a last block of the hash chain and adding each of the first group of blocks of the hash chain to the ordered list. Embodiments further include generating summary data by applying a summary function to the first group of blocks based on the ordered list. The summary function may take the ordered list as an input and provide the summary data of the first group of blocks as an output. Embodiments further include generating a summary block comprising the summary data and adding the summary block to a summary chain.

Abstract: An ID-based hash proof system configuration apparatus includes a processor, and a memory storing program instructions that cause the processor to receive a security parameter, and output a public parameter and a master private key by using a multi identity-based encryption (MIBE) setup algorithm and a key K randomly selected, receive the public parameter, the master private key, and an identifier, and output a private key by using a bit value ri (1?i?n) that is selected, and a MIBE key generation algorithm, receive the public parameter and the identifier, and output a ciphertext and a key k by using a MIBE encryption algorithm, receive the public parameter and the identifier, and output a wrong ciphertext by using the MIBE encryption algorithm, and receive the public parameter, the private key, the identifier, and the ciphertext, and output the key k by using a MIBE decryption algorithm.

Abstract: Apparatus, systems and methods for agile network isolation through use of packet level non-repudiation (PLNR) are provided. Using a fast cryptography to verify that incoming packets are undeniably being received from the identified source, real-time attack notifications can be independently verified and shared among the network devices to remove compromised nodes from the network. The ability to collaborate among nodes without trust may be achieved via PLNR, to share attack notifications in real-time may be achieved via Telling Attack Layer (TATL), and to establish the identity of an attack in a permanent and binding way may be achieved via DISCOvery (DISCO).

Abstract: A system which identifies a memory device using a physical unclonable function. The system performs raw read operations on every page of a block; sorts the pages into low and high groups using an average number of ones based on the raw read operations; generates unordered page pairs by sequentially selecting a first page from the low group and a second page from the high group; generates ordered page pairs by selectively converting an order of pages in each pair of the unordered page pairs; and generates a sequence for identifying the selected block based on comparing the average number of ones for pages in each ordered page pair.

Abstract: Aspects of the invention include initializing a local key manager (LKM) on a node of a computing environment. The node includes a plurality of channels. The LKM is configured to provide a secure data transfer between the node and an other node of the computing environment. A connection is established, by the LKM, between the LKM and an external key manager (EKM) that stores a shared key for the node and the other node. In response to establishing the connection, the LKM registers security capabilities of the plurality of channels. The security capabilities are used by the LKM to provide the secure data transfer between the node and the other node.

Abstract: A data anonymity method and a data anonymity system are provided. The data anonymity method includes the following steps. A data set comprising a plurality of direct-identifiers, a plurality of quasi-identifiers and a plurality of event logs each of which includes an activity and a timestamp is obtained. A content of each of the direct-identifiers is replaced by a pseudonym. The quasi-identifiers are classified, via a group-by algorithm with k-anonymity, as a plurality of equivalence classes. The activities corresponding to each of the direct-identifiers are linked according to the timestamps to obtain a plurality of event sequences. A similarity hierarchy tree is obtained according to a plurality of edit distances among the event sequences. The event sequences are grouped according to the similarity hierarchy tree with k-anonymity to obtain at least one group. The event sequences which are in the group are generalized.

Abstract: A secure deduplication system, including a plurality of secure computation apparatuses, wherein the plurality of secure computation apparatuses include a plurality of permutation calculation parts 11n for generating a share {{?}} of a permutation ? that stably sorts a vector v in ascending order, a plurality of permutation application parts 12n for generating a share [?(v)] of a vector ?(v) obtained by applying the permutation ? to the vector v, a plurality of vector generation parts 13n for generating a share [e] of a vector e that has 1 as an element corresponding to a certain element when the certain element of the vector ?(v) and an element before the certain element are different, and has 0 otherwise, and a plurality of inverse permutation application parts 14n for generating a share [??1(e)] of a vector ??1(e) obtained by applying an inverse permutation ??1 of the permutation ? to the vector e.

Abstract: A server can record a device static public key (Sd) and a server static private key (ss). The server can receive a message with (i) a device ephemeral public key (Ed) and (ii) a ciphertext encrypted with key K1. The server can (i) conduct an EC point addition operation on Sd and Ed and (ii) send the resulting point/secret X0 to a key server. The key server can (i) perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using X0 and a network static private key to derive a point/secret X1, and (ii) send X1 to the server. The server can conduct a second ECDH key exchange using the server static private key and point X0 to derive point X2. The server can conduct an EC point addition on X1 and X2 to derive X3. The server can derive K1 using X3 and decrypt the ciphertext.

Abstract: Privacy protection methods, systems, and apparatus, including computer programs encoded on computer storage media, are provided. One of the methods is performed by a second computing device and includes: receiving a data request for object data from a first computing device, wherein the object data is associated with an object and is stored in the second computing device; performing encryption of the object data using a public key associated with the object based on the data request to generate a first ciphertext; obtaining verification data based on the first ciphertext for verifying whether a ciphertext to be verified corresponds to the object data; and sending the verification data to the first computing device for the first computing device to execute a cryptography protocol with a third computing device based on the verification data.

Abstract: A method and apparatus of a first network entity in a wireless communication system is provide. The method and apparatus comprises: identifying at least one set of bit strings to generate a ranging scrambled timestamp sequence (STS); identifying at least one initialization vector (IV) field corresponding to the at least one set of bit strings, wherein the at least one IV field comprises a 4-octet string; generating a ranging STS key and IV information element (RSKI IE) that includes the at least one IV field to convey and align a seed that is used to generate the ranging STS; and transmitting, to a second network entity, the generated RSKI IE for updating the ranging STS of the second network entity.

Abstract: A high-performance distributed ledger and transaction computing network fabric over which large numbers of transactions (involving the transformation, conversion or transfer of information or value) are processed concurrently in a scalable, reliable, secure and efficient manner. In one embodiment, the computing network fabric or “core” is configured to support a distributed blockchain network that organizes data in a manner that allows communication, processing and storage of blocks of the chain to be performed concurrently, with little synchronization, at very high performance and low latency, even when the transactions themselves originate from distant sources. This data organization relies on segmenting a transaction space within autonomous but cooperating computing nodes that are configured as a processing mesh. Each computing node typically is functionally-equivalent to all other nodes in the core.

Abstract: The present invention provides a bit decomposition secure computation system comprising: a share value storage apparatus to store share values obtained by applying (2, 3) type RSS using modulo of power of 2 arithmetic; a decomposed share value storage apparatus to store a sequence of share values obtained by applying (2, 3) type RSS using modulo 2 arithmetic; and a bit decomposition secure computation apparatus that, with respect to sharing of a value w, r1, r2, and r3 satisfying w=r1+r2+r3 mod 2{circumflex over (?)}n, where {circumflex over (?)} is a power operator and n is a preset positive integer, being used as share information by the (2, 3) type RSS stored in the share value storage apparatus, includes: an addition sharing unit that sums two values out of r1, r2 and r3 by modulo 2{circumflex over (?)}n, generates and distributes a share value of the (2, 3) type RSS with respect to the sum; and a full adder secure computation unit that executes addition processing of the value generated by the addition s

Abstract: A protocol that is managed by a coordinating network element or third-party intermediary or peer network elements and utilizes tokens prohibits any subset of a union of the coordinating network element or third-party intermediary, if any, and a proper subset of the processors involved in token generation from substantively accessing underlying data. By one approach, processors utilize uniquely-held secrets. By one approach, an audit capability involves a plurality of processors. By one approach, the protocol enables data transference and/or corroboration. By one approach, transferred data is hosted independently of the coordinating network element. By one approach, the coordinating network element or third-party intermediary or a second requesting network element is at least partially blinded from access to tokens submitted by a first requesting network element. By one approach, a third-party intermediary uses a single- or consortium-sourced database.

Abstract: A space and wave division multiplexing and demultiplexing system and method for quantum key distribution (QKD) using free space laser communications. The system operates to transmit a quantum channel, including a key of QKD, included in a combined laser transmission with a classical channel, including an encrypted message of QKD. The laser transmission can be transmitted through free space to a lens, wherein it is diffracted into two separate diffraction patterns and captured by a double clad optical receiver fiber having an inner core and a concentric outer core. The diffraction pattern of the classical channel is captured by the outer core, while the diffraction pattern of the quantum channel is captured by the inner core, thus allowing separate treatment of each channel.

Abstract: Apparatus (1) for additively manufacturing three-dimensional objects (2) by means of successive layerwise selective irradiation and consolidation of layers of a build material (3) which can be consolidated by means of an energy source (4), wherein a control unit (6) is provided that is adapted to receive or generate encrypted object data relating to at least one three-dimensional object (2) to be built in a, in particular additive, manufacturing process performed on the apparatus (1), wherein the or a control unit (6) is adapted to decrypt the encrypted object data for performing the additive manufacturing process.

Abstract: An electronic device is provided. The electronic device includes a communication interface including circuitry, a memory, and a processor which, based on receiving ID information generated by performing a first encryption process on biometric information and password information generated by performing a second encryption process on the biometric information from an external electronic device through the communication interface, is configured to control the electronic device to: store the ID information and the password information in the memory.

Abstract: A system, method, and computer-readable medium are disclosed for attesting component certificates to particular devices. An enterprise hosted integrity protected distributed ledger, such as a block chain, is provided to publish component certificates. Component vendors are provided authorization tokens to publish their component certificates. Manifests are generated by the original equipment manufacturer (OEM) that includes vendor component identifiers. End users discover the distributed ledger through a verification mechanism, and the component certificates are retrieved from the distributed ledger.

Abstract: Provided are communication apparatus and a communication method that allow for secure communication even in a case that an eavesdropper has multiple antennas. An apparatus includes a transmitter configured to transmit a constant amplitude signal from three or more transmit antennas; a controller configured to control a phase of the constant amplitude signal, based on channel information and a target symbol; and a modulation unit configured to generate a modulation symbol from bits. The target symbol is generated by multiplying the modulation symbol by an amplitude coefficient.

Abstract: Methods, systems, and devices are described for communicating data from multiple data terminals to an aggregator terminal over a communication link having changing link conditions. In some embodiments, source data is received at multiple data terminals, each in communication with an aggregator terminal over a communication link. For example, during a live newscast, one mobile camera may receive live video of an event from a first position while another mobile camera receives live video of the event from a second position. For various reasons (e.g., as the cameras move) each communication link may experience independently changing link conditions. Each data terminal encodes the source data (or store source data for later encoding) as a function of its respective link conditions and transmits encoded source data over its respective communication link to the aggregator terminal.

Abstract: A processor of an aspect is to perform a Single Instruction Multiple Data (SIMD) instruction. The SIMD instruction is to indicate a source register storing input data to be processed by a round of AES and is to indicate a source of a round key to be used for the round of AES. The processor is to perform the SIMD instruction to perform the round of AES on the input data using the round key and store a result of the round of AES in a destination. In one aspect, the SIMD instruction is to provide a parameter to specify whether or not a round of AES to be performed is a last round. Other instructions, processors, methods, and systems are described.

Abstract: Techniques of generating a lattice-based verification matrix and signature vector are disclosed. The method enables a generating device to sample a gadget matrix and then generate a reduced gadget matrix. The generating device may then sample a trapdoor matrix and use the trapdoor matrix and the reduced gadget matrix to generate a verification matrix. A sending device may receive the trapdoor matrix and the verification matrix from the generating device, in addition to receiving a message. The sending device may then use the trapdoor matrix and the verification matrix to generate a signature vector for the message. A verification device can receive the verification matrix, the message, and the signature vector. The verification device may use the verification matrix and the signature vector to verify the message.

Abstract: A base key that is stored at a mobile device may be received. A first dynamic key that is based on the base key may be generated. First transaction data corresponding to a first transaction associated with the mobile device may be received. Furthermore, the first dynamic key may be updated to generate a second dynamic key based on a combination of the first dynamic key and the first transaction data corresponding to the first transaction. Authentication of a second transaction associated with the mobile device may be requested based on the second dynamic key.

Abstract: Aspects of the present disclosure involves receiving an input message, generating a first random value that is used to blind the input message input message to prevent a side-channel analysis (SCA) attack, computing a second random value using the first random value and a factor used to compute the Montgomery form of a blinded input message without performing an explicit Montgomery conversion of the input message, and computing a signature using Montgomery multiplication, of the first random value and the second random value, wherein the signature is resistant to the SCA attack.

Abstract: Embodiments of the invention relate to symmetric encryption that converts plain text to Diophantine equations, i.e. cipher text, and creates a symmetric key which is held by a sender (or encryption apparatus) and a recipient (or decryption apparatus). The key is used by the decryption apparatus to decrypt the Diophantine equations, and convert them to original plain text. Particularly, undecidable encryption and artificial intelligence (AI) are employed in combination. More particularly, the AI would exclude any class of Diophantine equations which has been solved or deciphered without key, or known to be solvable. In the event certain classes of Diophantine equations are solved in the future, the AI will exclude the use of these solved or solvable classes of Diophantine equation in encryption.

Abstract: A method according to one embodiment includes generating one or more key tables based on a first seed value; generating one or more secret values from a tweak value based on the one or more key tables; and performing encryption or decryption using the one or more secret values. An apparatus according to one embodiment includes a key table generator configured to generate one or more key tables based on a first seed value, a secret value generator configured to generate one or more secret values from a tweak value based on the one or more key tables, and an encryptor/decryptor configured to perform encryption or decryption using the one or more secret values.

Abstract: Technologies for secure data transfer of MMIO data between a processor and an accelerator. A MIMO security engine includes a first block cipher pipeline to encrypt a count using a key; a first exclusive-OR (XOR) to generate a first XOR result of the encrypted count and a length multiplied by an authentication key; a second block cipher pipeline to encrypt (count+1) using the key; a second XOR to generate a second XOR result of plaintext data and the encrypted (count+1); a plurality of Galois field multipliers (GFMs) to perform Galois field multiplication on additional authenticated data (AAD), powers of the authentication key, and ciphertext data; and a plurality of exclusive-ORs (XORs) to combine results of the GFMs and the first XOR result to generate an authentication tag. Other embodiments are described and claimed.

Abstract: In one embodiment, an apparatus includes a hardware accelerator to execute cryptography operations including a Rivest Shamir Adleman (RSA) operation and an elliptic curve cryptography (ECC) operation. The hardware accelerator may include a multiplier circuit comprising a parallel combinatorial multiplier, and an ECC circuit coupled to the multiplier circuit to execute the ECC operation. The ECC circuit may compute a prime field multiplication using the multiplier circuit and reduce a result of the prime field multiplication in a plurality of addition and subtraction operations for a first type of prime modulus. The hardware accelerator may execute the RSA operation using the multiplier circuit. Other embodiments are described and claimed.

Abstract: Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

Abstract: Methods, systems and apparatus, including computer programs encoded on computer storage medium, for implementation of secret superposition protocols. In one aspect a method includes, performing, by a sender party, quantum operations on one or more qubits, comprising preparing, according to a predetermined secret superposition protocol, one or more qubits in respective uniform superposition quantum states; transmitting, by the sender party, to a recipient party, and through a secure channel, data indicating use of the predetermined secret superposition protocol; and transmitting, by the sender party and to the recipient party, one or more of the qubits, wherein the recipient party performs one or more measurements on the qubits to verify use of the predetermined secret superposition protocol.

Abstract: A system and method for the creation of combinatorial security is herein presented. The security of the transmission of a message from sender to receiver is strengthened if there is no direct transmission between the parties. The system provides for transforming an incoming message into an alphanumeric content object, segmenting or sharding that object, encrypting each shard with a unique encryption algorithm, and storing each shard into an unknown number of network server. A recipient is provided with a message notification that permits the recipient to retrieve and reconstruct the message content with no direct communication between the sender of the message and the recipient of the message.

Abstract: Systems and methods for data unfolding are disclosed. For example, it may be desirable or necessary to increase a data set, such as for increasing accuracy of one or more predictive models. Data set proliferation without introducing unnecessary bias may be important for increasing such accuracy. Described herein are system and methods that allow for data set proliferation by generating records based on whether an event occurred with respect to an entity during multiple time intervals. A record may be generated for each time interval and the associated data may be unfolded and disassociated, at least partly, from other records related to the entity. Those records may then be used for data analytics and/or predictive model generation, for example.

Abstract: A computer implemented system and method for providing general data protection regulation (GDPR) compliant hashing in blockchain ledgers. The invention guarantees a user's right to be forgotten, in compliance with the GDPR regulations, utilizing blockchain technologies.

Abstract: The present disclosure relates to a method and device for performing an elliptic curve cryptography computation comprising: twisting, by a first device based on a first index of quadratic or higher order twist (d), a first point (P?KB) on a first elliptic curve over a further elliptic curve twisted with respect to the first elliptic curve to generate a twisted key (PKB); transmitting the twisted key (PKB) to a further device; receiving, from the further device, a return value (ShS) generated based on the twisted key (PKB); and twisting, by the first device based on the first index of quadratic or higher order twist (d), the return value (ShS) over the first elliptic curve to generate a result (ShS?) of the ECC computation.

Abstract: A first circuit is authenticated using a second circuit. A first datum and a second datum are stored in the second circuit. The second datum corresponds to an application of a first function to the first datum and a third datum. The second circuit sends the second datum to the first circuit. The first circuit decrypts the second datum and sends a fourth datum representative of a result of the decrypting to the first second circuit for authentication. The second circuit verifies a correspondence between the first datum and the fourth datum.

Abstract: A method for processing votes in a public blockchain includes: generating an election reference and candidate references; generating an asymmetric cryptographic key pair comprised of a master private key and master public key; generating a registration block for addition to a blockchain including the election reference, candidate references, and master public key; transmitting the registration block to nodes associated with the blockchain; receiving a plurality of voting messages, each including a vote and the election reference, where the vote includes a voter reference and at least one candidate reference; generating one or more voting blocks for addition to the blockchain including the received votes; and transmitting each generated voting block to nodes associated with the blockchain.

Abstract: A homomorphic encryption device includes: a recryption parameter generating circuit, a recryption circuit, and an arithmetic circuit. The recryption parameter generating circuit is configured to generate a recryption parameter including a plurality of recryption levels respectively for a plurality of ciphertexts based on an arithmetic scenario including information about an arithmetic schedule between the plurality of ciphertexts. The recryption circuit is configured to generate a plurality of recrypted ciphertexts by recrypting each of the plurality of ciphertexts to a corresponding recryption level based on the recryption parameter. The arithmetic circuit is configured to output an arithmetic result by performing operations by using the plurality of recrypted ciphertexts, according to the arithmetic scenario.

Abstract: A method for cryptocurrency exchange between multiple parties using threshold signature cryptocurrency wallets includes steps for creating threshold signature cryptocurrency wallets shared between a set of parties and a mediator for trading cryptocurrencies. The method may include steps for dividing a threshold private key, corresponding to each of the threshold signature cryptocurrency wallets, into n shares based on (t, n)-threshold signature scheme and sharing masked shares, corresponding to the threshold private key for each of the threshold signature cryptocurrency wallets, by the set of parties and the mediator. The method may include steps for validating correctness of all masked shares of the threshold private keys by the set of parties and the mediator. The method may include steps for signing a withdrawal cryptocurrency transaction jointly by the set of parties or signing a withdraw deposit transaction jointly by the at least one party and the mediator.

Abstract: Systems and methods for improving encrypted transmissions between nodes in a network are disclosed. In one embodiment, two sets of nonce values are used to monitor communications between each pair of network devices, wherein one set of nonce values is used for packets transmitted from a first node to a second node, and the second set of nonce values is used for packets transmitted from the second node to the first node. These nonce values are used to encrypt packets transmitted between the two nodes. In this way, the probability of loss of synchronization may be reduced, especially in configurations where there is an intermediate node between the first node and the second node. In another embodiment, the possibility of a delay attack is minimized by the intentional resetting of security parameters.

Abstract: An information management method and system stores signatures (e.g., hashes or cryptographically unique IDs) corresponding to the individual data blocks of files or other data objects. The method and system may compare signatures for a file against a database of signatures for other stored files. If there are a threshold amount of matching signatures, the system can identify a relationship between the files, such as to identify potential security threats in the information management system.

Abstract: The present invention provides a technique for performing confidential sort at a faster speed than in the prior art. A confidential sort system comprises first to Mth apparatuses. The first to Mth apparatuses obtain inverse substitution [[?0?1]] of L-bit stable sort of {?k0}. The first to Mth apparatuses perform, on i=1, . . . , N?1, a process of converting [[?i-1?1]] to hybrid substitution to obtain {?i-1?1}, a process of inversely substituting {?ki} with {?i-1?1} to obtain {?i-1?ki}, a process of obtaining inverse substitution [[??i?1]] of L-bit stable sort of [[?i-1?ki]], a process of synthesizing {?i-1?1} with [[??i?1]] to obtain [[?i?1]]:=[[?i-1?1??i?1]], and a process of converting [[?N-1?1]] to hybrid substitution to obtain {?N-1?1}. The first to Mth apparatuses inversely substitute [[?v]] with {?N-1?1} and output [[?N-1?v]].

Abstract: A method, a computer program product, and a system for removing padding oracles in encryption techniques. The method includes padding a plaintext message using a padding scheme producing a padded plaintext message. The method also includes encrypting the padded plaintext message using a block cipher generating an encrypted data block of fixed-size as well as a hash value. The method further includes randomly generating an ephemeral key and an initialization vector. The method also includes prepending the hash value, the ephemeral key, and the initialization vector to the encrypted data block. The method includes performing an encryption technique to the encrypted data block prepended with the hash value, the ephemeral key, and the initialization vector.

Abstract: An encrypted information matching device 20 includes: a storage unit 240 in which representative information representing a group based on similarity in a characteristic and encrypted information to be matched belonging to the group are associated with each other and stored; an identification unit 231 which calculates a first similarity between the encrypted input information and the representative information stored in the unit 240, and which, based on the first similarity, identifies a group to be matched with the first input information; and a determination unit 232 which calculates a second similarity between the encrypted input information and the encrypted information to be matched that belongs to the group identified, in a state in which the input information and the information to be matched are encrypted, wherein the unit 232 determines the presence or absence of information to be matched which makes the calculated second similarity satisfy criteria.

Abstract: A method for generating random numbers includes initializing a pseudo-random number generator (PRNG) having a state of 2048 bits comprising inner bits and outer bits, the inner bits comprising the first 128 bits of the 2048 bits and the outer bits comprising the remaining bits of the 2048 bits. The method also includes retrieving AES round keys from a key source, and for a threshold number of times, executing a round function using the AES round keys by XOR'ing odd-numbered branches of a Feistel network having 16 branches of 128 bits with a function of corresponding even-numbered neighbor branches of the Feistel network, and shuffling each branch of 128 bits into a prescribed order. The method also includes executing an XOR of the inner bits of the permuted state with the inner bits of a previous state.

Abstract: Systems and methods for controlling data access through the interaction of a short-range transceiver, such as a contactless card, with a client device are presented. Data access control may be provided in the context of creating and accessing a secure memory block in a client device, including handling requests to obtain create and access a secure memory block via the interaction of a short-range transceiver, such as a contactless card, with a client device such that, once the secure memory block is created in memory of the client device, personal user data may be stored in the secure memory block, and access to the stored personal user data may only be provided to users authorized to review the data.