Abstract: The elliptic-polynomial based Message Authentication Code (MAC) provides MAC generation methods based on the elliptic polynomial discrete logarithm problem. It is well known that an elliptic polynomial discrete logarithm problem is a computationally “difficult” or “hard” problem. The methods use both an elliptic polynomial and its twist, even if the polynomial and its twist are not isomorphic. Since both the polynomial and its twist are used, multiple x- and y-coordinates can be used to embed bit strings into a point that satisfies the elliptic polynomial, and the embedding process is non-iterative, so that the time required to embed the bit string is independent of the bit string content.

Abstract: The presented methods form the basis of a forward-secure signature scheme that is provably secure. Moreover, the presented methods form also the basis of a fine-grained forward-secure signature scheme that is secure and efficient. The scheme allows to react immediately on hacker break-ins such that signatures from the past still remain valid without re-issuing them and future signature values based on an exposed key can be identified accordingly. In general, each prepared signature carries an ascending index such that once an index is used, no lower index can be used to sign. Then, whenever an adversary breaks in, an honest signer can just announce the current index, e.g., by signing some special message with respect to the current index, as part of the revocation message for the current time period. It is then understood that all signatures made in prior time periods as well as all signatures make in the revoked period up to the announced index are valid, i.e., non-reputable.

Abstract: The data encryption apparatus with a data converting unit splits 256-bit input data into 32-bit data blocks A1, B1, A2, and B2. A first combining unit performs an exclusive OR operation on A1 and B1, and on A2 and B2. A first scramble unit branches A1, A2, and the results of the exclusive OR operations (C1 and C2) into three data blocks each, and for each set of three data blocks, shift-rotates two of the data blocks and combines the shifted data blocks with the remaining data block. A second combining unit performs an exclusive OR operation on D1 and E2, and on D2 and E1, which are the results of the processing performed by the first scramble unit. A block concatenating unit concatenates the results of the operations performed by the second combining unit. A second scramble unit branches the concatenated data into three data blocks, shift-rotates two of the data blocks and combines the two shifted data blocks with the remaining data block.

Abstract: Techniques are provided to obfuscate seed values to produce a decryption key for a simplified content protection scheme. A first repeatable sequence is performed that encrypts a value stored in a first memory location using a value stored in the second memory location to produce an encrypted value and the value stored in the first memory location is overwritten with the encrypted value and then applying a constraining function to the value stored in the second memory location to produce a result and the value stored in the second memory location is overwritten with the result, wherein the result contains a less entropy compared an entropy level of the value in the second memory location prior to applying the constraining function. This sequence is repeated, but the values used in the first and second memory locations are used in opposite fashion. Techniques are also provided to perform the reverse operation and de-obfuscate a decryption key.

Abstract: A system and method for coding data to help resist differential attacks. Data in m columns may be initialized to an initialized value. One new column of data may be mixed with a new input word and input to an advanced mixer. The advanced mixer may include linear mixing having indexed bytes and performing of exclusive-OR operation and transposing. An output of the advanced mixer may be a new m column state. A value of m could be 0 through 30. The value of m may have a preferred range of 27 through 36. Systems to implement the foregoing method are also described.

Abstract: A system and method for data processing for coding. The method may include providing a first plurality of bytes of data, non-linearly transforming the first plurality of bytes into a second plurality of bytes, multiplying each of the second plurality of bytes of data by a predetermined constant of a plurality of constants to generate a third plurality of bytes, and organizing in use the third plurality of bytes as a plurality of output bytes. Systems to practice the foregoing methods are also described.

Abstract: To provide an architecture information processing system having a small circuit size capable of reducing power consumption and cost, on which system a circuit simultaneously executing encryption processing and message authentication (falsification detection processing) can be mounted.

Abstract: In a gaming environment, a method of periodically downloading dynamically generated executable modules at random intervals that perform system configuration integrity checks in a secure and verifiable manner is disclosed. The dynamically generated executable modules are created on a server machine and are themselves signed using industry standard PKI techniques, and contain randomly chosen subset from a repertoire of proven hashing and encryption algorithms that are executed on the system to be checked to create a unique signature of the state of that system. The dynamically generated executable module returns the signature to the server machine from which it was downloaded and deletes itself from the system being checked. The next time such an executable module is downloaded, it will contain a different randomly chosen subset of hashing and encryption algorithms.

Abstract: A prime number generation unit 110 generates an integer r having a form suitable for fast elliptic curve pairing computation, by using a processing device (S302 to S303). The prime number generation unit 110 judges whether the integer r is a prime number or not, by using the processing device (S304). When the integer r is a prime number, the prime number generation unit 110 judges whether the prime number r is a group order capable of easily changing the level of security or not, by using the processing device (S305). Thereby, it is possible to generate an elliptic curve parameter which is settable to an elliptic curve cryptographic processor that performs elliptic curve pairing computation using an algorithm capable of performing fast computation even by using a processing device with low computational capacity and which is capable of easily changing the level of security.

Abstract: A cryptographic processing apparatus for performing arithmetic operation on an FL function and an FL?1 function in a cryptographic process includes a first arithmetic gate is configured to receive a first input bit string and a first extended key bit string, a first XOR gate configured to receive an output of the first arithmetic gate and a second input bit string, a second arithmetic gate configured to receive an output of the first XOR gate and a second extended key bit string, a second XOR gate configured to receive an output of the second arithmetic gate and the first input bit string, a third arithmetic gate configured to receive an output of the second XOR gate and the first extended key bit string, and a third XOR gate configured to receive an output of the third arithmetic gate and an output of the first XOR gate.

Abstract: Mechanisms for providing an encrypted file system are provided. The mechanisms use a combination of encryption methodologies so as to reduce the amount of decryption and re-encryption that is necessary to a file in the Encrypted File System in the event that the file needs to be modified. The encryption methodologies are interleaved, or alternated, with regard to each block of plaintext. In one illustrative embodiment, Plaintext Block Chaining (PBC) and Cipher Block Chaining (CBC) encryption methodologies are alternated for encrypting a sequence of blocks of data. The encryption of a block of plaintext is dependent upon the plaintext or a cipher generated for the plaintext of a previous block of data in the sequence of blocks of data so that the encryption is more secure than known Electronic Code Book encryption methodologies.

Abstract: A processor for executing a Rijndeal algorithm which applies a plurality of encryption rounds to a data block array in order to obtain an array of identical size, each round involving a key block array and a data block substitution table, wherein said processor comprises: a first input register (102) containing an input data block column; an output register (111) containing an output data block column or an intermediate block column; a second input register (101) containing a key block column or the intermediate data blocks; a block substitution element (104) receiving the data one block at a time following the selection (103) thereof in the first register and providing, for each block, a column of blocks; an element (109) applying a cyclic permutation to the substitution circuit column blocks; and an Exclusive-OR combination element (110) combining the permutation circuit column blocks with the content of the second register, the result of said combination being loaded into the output register.

Abstract: According to one embodiment, an information processing apparatus includes a receiving device including a tuner unit which receives broadcast program data, a first nonvolatile memory which stores an encryption key, and an encryption unit which encrypts the broadcast program data, which is received by the tuner unit, based on the encryption key, and a second nonvolatile memory which is provided on a system board, which is electrically connected to the receiving device, and stores key recovery data for recovering the encryption key which is stored in the first nonvolatile memory.

Abstract: Provided are an arithmetic method and apparatus for supporting Advanced Encryption Standard (AES) and Academy, Research Institute and Agency (ARIA) encryption/decryption functions. The apparatus includes: a key scheduler for generating a round key using an input key; and a round function calculator for generating encrypted/decrypted data using input data and the round key. Here, the round function calculator includes an integrated substitution layer and an integrated diffusion layer capable of performing both AES and ARIA algorithms.

Abstract: Disclosed herein are systems, methods, and computer readable-media for performing data encryption and decryption using a stream or block cipher with internal random states. The method includes splitting the input data into a predetermined number of blocks and processing each block. The processing includes creating sub-blocks, permuting the sub-blocks, replacing bytes using a lookup table, rotating bits, performing expansion and combining sets of bits. The element of randomness employed in this process allows for the same input to yield the same output, with differing internal states.

Abstract: Certain aspects for protecting image data in a video compression system may include encrypting image data utilizing counter-mode scrambling. The encrypted image data may be buffered in at least one frame buffer. The buffered encrypted image data may be decrypted by utilizing counter-mode descrambling.

Abstract: An apparatus and method for preventing information leakage attacks that utilize timeline alignment. The apparatus and method inserts a random number of instructions into an encryption algorithm such that the leaked information can not be aligned in time to allow an attacker to break the encryption.

Abstract: Encryption is provided with additional diffusion components to construct a block cipher with a large and variable block size. The cipher incorporates an encryption system or algorithm such that the cipher is at least as secure as the encryption system or algorithm. Additional components of the cipher provide improved diffusion. This combination ensures that the cipher is at least as strong as the encryption algorithm, and at the same time it provides additional security properties due to its improved diffusion.

Abstract: A computer enabled method and apparatus for encrypting and decrypting data using a keyless transformation cryptographic technique. Data is protected using a keyless (unkeyed) complex mathematical transformation, in contrast to a traditional cryptographic algorithm using a secret key. This approach is resistant to both static analysis (hacking) performed on executable encryption/decryption code, as well as dynamic analysis performed during execution (runtime) of ciphering or deciphering. The method uses a family of asymmetric data transformations based on Galois field polynomials.

Abstract: Provided is a method for setting a security channel between an OLT and at least one ONU in an EPON. In detail, a channel is generated by which the OLT makes a reciprocal security capability agreement with the ONU that wants to set a security channel in a discovery interval and then automatically registers the ONU with the security capability agreement. The security channel is set by which the OLT distributes an encryption key for the security with the ONU completed with the security capability agreement. A renewal point of the encryption key is shared by transmitting a message indicative of a time to change the encryption key between the OLT and the ONU both completed with the encryption key distribution.

Abstract: A communication device having a private key and configured to implement an elliptic curve security mechanism for successful operation of which it: (a) receives a first value from another device, (b) computes a second value as the scalar multiplication of the first value with its private key and (c) returns that second value for use by the other device; the mechanism being such that the first value defines a pair of coordinates representing a first point and the second value defines a pair of coordinates representing a second point and being such that the first value is valid only if it lies on an elliptic curve of predefined form; the device being configured to implement the mechanism by the steps of: receiving data as the first value; making a first evaluation as to whether the first value is a singular point with respect to the elliptic curve; computing the second value as the scalar multiplication of the first value with the private key; making a second evaluation as to whether the second value lies on the

Abstract: An anti-tamper module is provided for protecting the contents and functionality of an integrated circuit incorporated in the module. The anti-tamper module is arranged in a stacked configuration having multiple layers. A connection layer is provided for connecting the module to an external system. A configurable logic device is provided for routing connections between the integrated circuit and the connection layer. Specifically, the configurable logic device is programmable to create logical circuits connecting at least one of the input/output connectors of the integrated circuit to at least one of the input/output connectors of the connection layer. Configuration information for programming the reconfigurable logic device is stored in a memory within the module.

Abstract: A configuration is provided which enables usage management and secure data management of data newly generated or obtained that is different from data already stored in an information recording medium. New data such as information which the user has newly generated or downloaded related to content information increments of content management information stored in an information recording medium is recorded as configuration data of the content management unit, in the form of encrypted data to which a unit key corresponding to the content management unit, or a unit key corresponding to a new content management unit, has been applied. According to this configuration, secure data management and usage management is realized for new data the same as with data corresponding to original units.

Abstract: An execution unit adapted to perform at least a portion of the Data Encryption Standard. The execution unit includes a Left Half input; a Key input; and a Table input. The execution unit also includes a first group of transistors configured to receive the Table input, perform a table look-up, and output data. The execution unit further includes a first exclusive-or operator having two inputs and an output. The first exclusive-or operator is configured to receive the Left Half input and the Key input. The execution unit also includes a second exclusive-or operator having two inputs and an output. The second exclusive-or operator is configured to receive the data output by the first group of transistors and to receive the output of the first exclusive-or operator. The execution unit also includes a third exclusive-or operator having two inputs and an output. The third exclusive-or operator is configured to receive the Left Half input and the data output by the first group of transistors.

Abstract: It is possible to realize a Feistel-type common key block encryption/decryption processing configuration capable of reducing data stored in a memory at a low cost. The Feistel-type common key block encryption/decryption processing repeatedly executes an SP-type F function having nonlinear and linear transform sections by several rounds. At least one of the nonlinear and linear transform processes executed in the F function in each round is executed as a transform process identical with a transform process applied to an encryption/decryption algorithm other than a Feistel-type common key block encryption/decryption algorithm and/or another hash function such as AES and Whirlpool. With this configuration, it is possible to reduce the design cost and the amount of data stored in a memory.

Abstract: The present invention provides a stream control device. The device includes a plurality of data processors that sequentially implement processing for stream data. The unit data of processing in each of the data processors has a certain data amount. The stream control device also includes a memory that is provided at a previous stage or a subsequent stage of the data processor, and stores the stream data. Each of the data processors includes a monitoring unit that monitors an amount of data stored in the memories at a previous stage and a subsequent stage of the data processor, and a data retriever that retrieves data to be processed from the memory at the previous stage.

Abstract: A computer system having resistance to timing attacks based on measuring processing times by encrypting or decrypting a plain text or ciphertext by converting the partial data related to the plain text or the encrypted text into conversion data. In the system, a conversion table includes one piece of conversion data corresponding to the partial data at a start position of a line table area and includes data not associated with the conversion in the other position. In the system, a computer program includes an operation instruction for calculating a predetermined position of the conversion data in the conversion table by using acquired partial data and a read instruction for reading out the conversion data from the calculated position.

Abstract: The use of keys to encrypt data in a transmitter and to decrypt encrypted data in a receiver are synchronized in accordance with a synchronization signal that opportunistically replaces a null packet in an MPEG transport stream. Additionally or alternatively, key related information is transmitted and/or received in place of a null packet in the MPEG transport stream and is used to encrypt and/or decrypt data transmitted and/or received in the MPEG transport stream.

Abstract: A transmitter using pseudo-orthogonal code includes a serial-to-parallel converter for converting serial transmission data into 9-bit parallel data, and a pseudo-orthogonal code memory for receiving the parallel data from the serial-to-parallel converter and outputting 16-bit pseudo-orthogonal code by using the received data as addresses. The pseudo-orthogonal code memory has the relationship of the input address and output code, as expressed in the following equation: c(i)=0.5×((?1)b2?(i1b1)?(i0b0) (?1)b5?i2?(i1b4)?(i0b3) (?1)b8?i3?(i1b7)?(i0b6) (?1)( b2?b5?b8)?i3?i2?(i1(b1?b4?b7))?(i0(b0?b3?b6))) where C(i) is a pseudo-orthogonal code value, i is each bit of the pseudo-orthogonal code, 0?i?15, and b0-b8 are a transmission data bit stream input in the memory as addresses. Accordingly, the transmission efficiency of the transmitter/receiver using orthogonal code can be remarkably improved.

Abstract: A method for secure conversion between two different random markings used for cryptographic functions, converts a first binary data word, masked by a binary mask word according to a first masking process, into a corresponding second binary data word, masked by said binary mask word according to a second masking process, the first and second binary data words and the binary mask word including corresponding pluralities of bits, wherein each of the pluralities of the bits includes a least significant bit, a first bit, and at least one i-th bit i?2.

Abstract: A method and system for monitoring users on one or more computer networks, disassociating personally identifiable information from the collected data, and storing it in a database so that the privacy of the users is protected. In one embodiment, the system generates an anonymized identifier and associates that anonymized identifier with collected network data. An embodiment of the system may further anonymize data such as resource location identifiers, by identifying and removing personal information.

Abstract: Some embodiments of a method and apparatus for encrypting and decrypting data have been presented. In one embodiment, a current initialization vector (IV) is generated based on a previous block of plaintext enciphered. Then a current block of plaintext is combined with the current IV to create a temporary block. An encipher may encipher the temporary block to generate a current block of ciphertext.

Abstract: Executable instructions designed to provide faster cryptographic processing, fixed-timing memory access, and dedicated memory usage are implementable on an x86 CPU utilizing XMM registers. The instructions can be utilized to implement cryptographic processing in accordance with the Advanced Encryption Standard (AES). To encrypt, a single instruction performs nonlinear transformation, rotation, and linear transformation. Another single instruction used during encryption performs nonlinear transformation and rotation. New instructions also are implemented to perform decryption. The instructions implemented to perform decryption perform the mathematical inverse functions of their counterparts used for encryption.

Abstract: The disclosure provides a hardware architecture for encryption and decryption device. The hardware architecture can improve the encryption and decryption data rate by using parallel processing, and pipeline operation. Further, the hardware architecture can save footprint by sharing hardware components. Additionally, the hardware architecture can be associated with a memory to protect the information stored at the memory.

Abstract: A multiple level security system and method for encrypting data within documents is disclosed. The method includes one or more different encryption algorithms, and can employ the one or more different encryption algorithms to achieve the multiple levels of encryption. More particularly, a first encryption algorithm is based upon multiple rearrangements of bits representing data to obtain encoded data. A second encryption algorithm is based upon performing multiple XOR operations on bits representing data so that each data word is at least encoded with previous data words. Either encryption method or a combination of both encryption methods can be repeatedly applied to portions of data within a document to selectively encrypt each data portion within the document in accordance with the authorization level associated with the data portion.

Abstract: The method of verifying the integrity of an encryption key (K) obtained by combining at least two key portions (KM, M) in a protected zone (3) by using a commutative operator, comprises the steps of: using the commutative operator to perform a first combination between a key portion (KM) and a verification encryption key (Kv); using the commutative operator to perform in succession a combination between a key portion that has not yet been combined and a result obtained by an immediately preceding combination, until a last combination (Mv) is performed that includes all of the key portions; performing a combination in the protected zone (3) between the encryption key (K) to be verified and the last combination (Mv) of the verification encryption key (Kv) and the key portions (KM, M) in order to obtain a final verification key (Kf); encrypting verification data (Dv) by means of a symmetrical encryption algorithm (DES) using the final verification key (Kf); and making a comparison with a verification encryption

Abstract: There is provided a highly secure cryptographic processing apparatus and method where an analysis difficulty is increased. In a Feistel type common key block encrypting process in which an SPN type F function having a nonlinear conversion section and a linear conversion section is repeatedly executed a plurality of rounds. The linear conversion process of an F function corresponding to each of the plurality of rounds is performed as a linear conversion process which employs an MDS (Maximum Distance Separable) matrix, and a linear conversion process is carried out which employs a different MDS matrix at least at each of consecutive odd number rounds and consecutive even number rounds. This structure makes it possible to increase the minimum number (a robustness index against a differential attack in common key block encryption) of the active S box in the entire encrypting function.

Abstract: A system and related method for calculating parity information for disk array drive failure recovery. More specifically, using eight bit coefficients and calculating parity information using valid eight bit encryption keys to produce finite field encrypted resultant multiplication. Further disclosed is a method of determining whether a potential encryption key of a particular number of bits produces valid results for all possible multiplications in determining parity values.

Abstract: Method and apparatus for data security using exponentiation. This is suitable for public key cryptography authentication and other data security applications using a one-way function. A type of exponentiation is disclosed here where the bits of an exponent value expressed in binary form correspond to a course (path) in a given graph defining the one-way function. This uses an approach called here F sequences. Each value is in a ladder of a sequence of values, as defined from its predecessor values. This ladder satisfies certain algebraic identities and is readily calculated by a computer program or logic circuitry.

Abstract: A data communication apparatus which is capable of easily selecting a desired encryption scheme that is appropriate to the size of data that is to be transmitted. A key to be used for encryption is acquired. An encryption means corresponding to the acquired key is searched. The period of time required for encryption of data to be transmitted by the searched out encryption scheme is calculated. Encryption means candidates for encrypting data to be transmitted are determined based on the calculated period of time required for encryption. A user is notified of the determined encryption means candidates in a selectable manner together with the period of time required for encryption.

Abstract: An architecture and associated methods and devices are described in which a first selectable data path may be associated with a first port operating at a first data rate, a second selectable data path may be associated with a second port operating at a second data rate, and a third selectable data path may be associated with a third port operating at a third data rate that is higher than the first data rate and the second data rate. A plurality of security engines may be included which may be configurable to provide cipher key-based security for data associated with the first port and the second port using the first selectable path and the second selectable path, respectively, and configurable to provide cipher key-based security of data associated with the third port using the third selectable data path.

Abstract: An increase in safety from attacks by use of hardware-like methods by small-sized hardware is achieved. An encryption processing device includes a logical circuit capable of programmably setting logics for executing cipher processing, a memory that stores plural pieces of logical configuration information corresponding to an identical cipher processing algorithm, and a CPU that selectively sets plural logics corresponding to an identical cipher processing algorithm in the logical circuit. Even in processing using an identical cipher key, by changing the logic of the logical circuit for each processing, power consumption in cipher processing can be varied, and places a timing in which malfunctions occur can be varied. Moreover, an increase in the scale of hardware for realizing plural logics can be curbed.

Abstract: The enrollment process for purchasing multiple digital certificates configured using different cryptographic algorithms or hashing algorithms is streamlined. A certificate purchaser wishing to purchase two or more certificates is prompted to provide answers to common enrollment questions, such as the purchaser's contact information, payment details, web sever software, and the like, using a simplified and streamlined enrollment process. Each certificate is optionally configured using a different hashing algorithm.

Abstract: Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive unclassified material by U.S. Government agencies and, as a consequence the de facto encryption standard for commercial applications worldwide. Performing concurrent error detection (CED) for protection of such a widely deployed algorithm is an issue of paramount importance. We present a low-cost CED method for AES. In this method, we make use of invariance properties of AES to detect errors. For the first time, the invariance properties of the AES, which are for the most part used to attack the algorithm, are being used to protect it from fault attacks. Our preliminary ASIC synthesis of this architecture resulted in an area overhead of 13.8% and a throughput degradation of 16.67%.

Abstract: A verification device stores verification information and first random information in a storage. The verification information depends upon contents of comparative information, and not upon an information volume of the comparative information. The verification device generates an authentication information generation factor using the first random information and transmits the factor to a proving device, which generates authentication information using the authentication information generation factor and held information and transmits the authentication information to the verification device. The authentication information depends upon contents of the authentication information generation factor and the held information, and not upon the information volume of the held information. A decision section of the verification device decides whether a predetermined relationship is established between the authentication information and the verification information and the first random information.

Abstract: In an iterated block cipher, a method for round key encryption and key generation, the method including providing a first function Fi and a second function Fj, providing a round key generation function, the round key generation function being operative to utilize, in any given round, exactly one of the first function Fi, and the second function Fj, providing a round mixing function, the round mixing function being operative to utilize, in any given round, exactly one of the first function Fi, and the second function Fj, utilizing the round key generation function in at least a first round to generate a second round key for use in a second round, and utilizing the round mixing function in at least the first round to mix a first round key with a cipher state, wherein one of the following is performed in the first round the round key generation function utilizes the first function Fi to generate the second round key for use in the second round, substantially simultaneously with the round key mixing function util

Abstract: Provided is an architecture (hardware implementation) for an authentication engine to increase the speed at which multi-loop and/or multi-round authentication algorithms may be performed on data packets transmitted over a computer network. Authentication engines in accordance with the present invention apply a variety of techniques that may include, in various applications, collapsing two multi-round authentication algorithm (e.g., SHA1 or MD5 or variants) processing rounds into one; reducing operational overhead by scheduling the additions required by a multi-round authentication algorithm in such a matter as to reduce the overall critical timing path (“hiding the ads”); and, for a multi-loop (e.g., HMAC) variant of a multi-round authentication algorithm, pipelining the inner and outer loops.

Abstract: In a communications system, a method of transforming a set of message signals representing a message comprising the steps of first encoding one of the set of message signals in accordance with a first keyed transformation, a second encoding of the one of the set of message signals in accordance with at least one additional keyed transformation, a third encoding of the one of the set of message signals in accordance with a self inverting transformation in which at least one of the set of message signals is altered, a fourth encoding of the one of the set of message signals in accordance with at least one additional inverse keyed transformation wherein each of the at least one additional inverse keyed transformation is a corresponding inverse of at least one additional keyed transformation, and fifth encoding the one of the set of message signals in accordance with first inverse keyed transformation wherein the first inverse keyed transformation is the inverse of the first keyed transformation.

Abstract: A method encrypting data including selecting a pair of sequences based on a seed, performing a transposition of the data utilizing elements of a first one of the pair of sequences to produce a first transposition result, and performing a transposition of the first transposition result utilizing elements of a second one of the pair of sequences to produce the encrypted data. The pair of sequences may be selected from a pool of constrained sequences. The pool of constrained sequences may be generated utilizing a Knights Tour sequence generating system. The pool of constrained sequences may be transferred to a decrypting device for decryption of the encrypted data. The pair of sequences may be randomly generated utilizing a random integer sequence generator and the seed. The constrained indication may be constrained to a number of sequences present in the pool of sequences.

Abstract: A system for contributing to a concatenation of a first string and a second string may include a communication unit to receive an encrypted representation of a second share of the second string, the second string being identical to the second share of the second string combined with a first share of the second string and to send a rearranged representation of the encrypted representation of the second share of the second string to a second system. The system may further include a processing unit to rearrange a representation of the encrypted representation of the second share of the second string using a length value of a first share of the first string, the first string being identical to the first share of the first string combined with a second share of the first string.