Abstract: Methods and system for managing partial private keys for cryptography-based, storage applications used in blockchain operations and/or facilitating secure authentication when conducting blockchain operations using cryptography-based, storage applications. For example, the methods and system may perform a plurality of blockchain operations for digital assets stored in a first cryptography-based, storage application, wherein the first cryptography-based, storage application corresponds to a first partial private key, and wherein the first partial private key is stored on a first user device, and wherein the second partial private key is not accessible to platform service facilitating the first cryptography-based, storage application.

Abstract: Methods and apparatus are provided for obtaining policy security association information at a cryptography accelerator. Mechanisms are provided for allowing a cryptography accelerator to extract header information and perform operations using header information to acquire policy security association information. The policy security association information can be obtained from a variety of sources including bus controller memory.

Abstract: The method of performing XZ-elliptic curve cryptography for use with network security protocols provides a computerized method that allows for the encryption of messages through elliptic polynomial cryptography and, particularly, with the embedding of either a symmetric secret key or a public key in the message bit string. The method of performing XZ-elliptic polynomial cryptography is based on the elliptic polynomial discrete logarithm problem. It is well known that an elliptic polynomial discrete logarithm problem is a computationally “difficult” or “hard” problem.

Abstract: A cryptography module includes a key store having a plurality of storage locations for storing a private key as k key fragments. One or more crypto-processing segments each operate based on corresponding ones of the k key fragments to process a message in accordance with elliptic curve digital signature algorithm (ECDSA) to produce a signed message.

Abstract: An exemplary method includes defining a CM field, representing coefficients of a Frobenius element of a hyperelliptic curve over a prime field as non-linear polynomials that are functions of an integer x and selecting a value for x whereby the product of the Frobenius element and its complex conjugate is a prime number. Such a method may further include determining the order of the Jacobian of the hyperelliptic curve, for example, where the order is an almost prime number. Various other methods, devices, systems, etc., are also disclosed, which may be optionally used for cryptography.

Abstract: According to one aspect, provided is a construction and specification for an implementation of a new cryptographic primitive, “Time-Lapse Cryptography”, with which a sender can encrypt a message so that it is guaranteed to be revealed at an exact moment in the future, even if this revelation turns out to be undesirable to the sender. In one embodiment, a Time-Lapse Cryptography Service is provided (“the Service”) based on a network of parties. Senders encrypt their messages with this public key whose secret key is not known to anyone—not even a trusted third party—until a predefined and specific future time T+?, at which point the secret key is constructed and published. In one example, the secret key can only be known after it is constructed. At or after that time, anyone can decrypt the cipher text using this secret key.

Abstract: The present inventive concept relates to a method for forming a Bluetooth network performing communication based on post-quantum cryptography at an application level and a Bluetooth network operating system that performs the same. A method for forming a Bluetooth network performed by a master device to perform Bluetooth communication with a slave device, according to an embodiment of the present invention, comprises the steps of: completing pairing with the slave device; receiving a certificate and an authentication message from the slave device; authenticating the slave device by using the certificate and the authentication message; generating a public key and a private key; generating a symmetric key by using the public key and the private key; and performing Bluetooth network communication by using the symmetric key.

Abstract: Methods and computer readable media for distributing a software license based on asymmetric cryptography via a network. An application publisher generates an asymmetric key-pair having an encryption key and a decryption key. The publisher assembles a software application embedded with the decryption key and releases the software application on an application storefront while keeping the encryption key as secret. A user of a device downloads the software application via a public network. To activate the software application in the device, the user sends a request for a license key to the publisher (or a distribution service provider) via the network. Upon validation of the request, the license key encrypted using the encryption key is sent to the device to thereby activate the software application in the device. Based on the cryptographic technique, the user may surrender the license key to get back the credit for the surrendered license key.

Abstract: The technical idea of the present invention relates to a method for forming virtual private network providing virtual private network through sealed key exchange based on post quantum cryptography and a virtual private network operating system performing same. A method for forming a virtual private network performed by a server according to an embodiment of the present invention comprises the steps of: generating a public key and a private key; transmitting the public key; receiving a key capsule corresponding to the public key; generating a verification capsule from the key capsule using the private key; generating a symmetric key by verifying the verification capsule; and performing communication through the virtual private network using the symmetric key.

Abstract: A method (200) for assigning a key pair to an entity, such as a certification authority (CA 102), includes the following steps. A key pair is generated (210). It includes a private key and a public key which form a key pair for use in public-key cryptography. The key pair is stored (220) in a cryptographic signing unit (CSU 140). The CSU (140) is then activated (230). A request for a key pair is received (240) from the entity (102). Responsive to the request, the key pair is assigned (250) to the entity (102). In a preferred embodiment, an identifier (312) is assigned to the key pair and preferably is different from identifiers assigned to other key pairs stored in the CSU (140). The identifier (312) is then included in a digital certificate (300) issued to the entity (102).

Abstract: A system and method for signing, sorting, and authenticating electronic documents using public key cryptography. The system comprises a document service computer cluster connected to user computers, document owner server computers, and registration computers via a network such as for example, the internet or the world wide web. Document owners and system users can store electronic documents in an encrypted database located on the document service computer cluster, or on a document safe connected to the document owner server. Users can sign documents by identifying the document to be signed and sending a signing request to the document service computer cluster. The document service computer cluster retrieves the user's private key, which is located securely in a database on the cluster, and signs the identified document. No dedicated signing software need be installed on the user computer prior to accessing the document service computer cluster.

Abstract: Fast methods for generating randomly distributed pairs of keys for use in public-key cryptography use a precomputation step to reduce the online task of discrete exponentiation with long integers. After the precomputation is completed, the online steps required to produce a key pair are reduced to a small number .kappa. (about 16) of modular multiplications with long integers. The key pairs are of the form (k, g.sup.k) or (k, k.sup.e) where the exponentiations are computed modulo a long number p, g and e are fixed integers, and k is randomly distributed modulo ord(g), where ord(g) is the smallest positive integer that satisfies g.sup.ord(g) modulo p=1. The complexity of doing the precomputation step is itself about n exponentiation and may be accelerated to the same as two exponentiations, but the precomputation step needs to be done only very infrequently.

Abstract: Disclosed herein are methods, devices, and apparatuses, including computer programs stored on computer-readable media, for testing signature verification for a blockchain system. One of the methods includes: obtaining a testing configuration from a configuration file, wherein the testing configuration specifies a cryptography algorithm used in the blockchain system, a group of one or more private keys corresponding to the cryptography algorithm, and a predetermined execution result based on the cryptography algorithm and the group of one or more private keys; signing a transaction, by encrypting data representing the transaction based on the cryptography algorithm and the group of one or more private keys, to generate one or more signed transactions; sending the one or more signed transactions to the blockchain system and receiving an execution result from the blockchain system; and determining whether the predetermined execution result is satisfied based on the execution result.

Abstract: An image verification system includes an image generation apparatus and a first verification apparatus. The image generation apparatus (a) generates image data, (b) generates a hash value from the image data, and (c) generates first verification data from the hash value using a common key cryptography and not using a public key cryptography. The first verification apparatus (a) receives the hash value and the first verification data, (b) verifies, using the received hash value, the received first verification data and the common key cryptography, whether the image data is altered, and (c) generates second verification data from the hash value using the public key cryptography, if the first verification apparatus verifies that the image data is not altered.

Abstract: Methods of authenticating a file are disclosed. A method may include selecting, via an identifier, a subset of data segments of a file. The method may also include executing, via a microcontroller, a cryptographic function on only the subset of data segments of the file to generate a digest. Further, the method may include generating, via the microcontroller, an authenticator based on the digest and a private key. The method may also include conveying the file, the identifier, and the authenticator to a cryptography element. In addition, the method may include executing, via the cryptography element, the cryptographic function on the subset of data segments of the file to generate a second digest. Furthermore, the method may include authenticating, via the cryptography element, the file via verification of the authenticator based on the second digest and a public key of the microcontroller.

Abstract: A method and system for evidencing payment of indicia using secret key cryptography is disclosed. The method and system include a plurality of indicia generating devices that are divided into groups for generating and printing indicia on a media that is to be received at a plurality of establishments, wherein the establishments are associated with different geographic designations. The method and system include assigning a plurality of verification keys to each indicia generating device in each of the groups, wherein each of the verification keys assigned to each of the groups is encrypted as a function of a respective geographic designation. A key ID is associated with each of the verification keys and is encrypted as a function of the same geographic designation used to encrypt the corresponding verification key.

Abstract: A digital measurement apparatus measures a physical measurement object, provides a digital signature of public-key cryptography to measured data of a thus-measured physical quantity, and manages the measured data. The apparatus generates at least a pair of a public key and a private key, to be used for the digital signature of the public-key cryptography, through a key generating algorithm.

Abstract: A digital measurement apparatus measures a physical measurement object, provides a digital signature of public-key cryptography to measured data of a thus-measured physical quantity, and manages the measured data. The apparatus generates at least a pair of a public key and a private key, to be used for the digital signature of the public-key cryptography, through a key generating algorithm.

Abstract: A system includes an associated tamperproof circuit that contains a cryptography unit and one or more keys. The system receives software having one or more portions of code that have been digitally signed prior to receipt of the code by the system. The cryptography unit and one of the keys contained in the tamperproof circuit are used to decrypt a signature file for a portion of the code. The validity of the portion of code is determined by using the decrypted signature file, and if the portion of code is invalid, operation of the system is prevented. One or more portions of the code received by the system, such as a communications protocol, may also be encrypted prior to receipt of the code by the system. The system obtains a key from a remote server via a secure communications channel and uses the key and the cryptography unit contained in the tamperproof circuit to decrypt the communications protocol.

Abstract: A system includes an associated tamperproof circuit that contains a cryptography unit and one or more keys. The system receives software having one or more portions of code that have been digitally signed prior to receipt of the code by the system. The cryptography unit and one of the keys contained in the tamperproof circuit are used to decrypt a signature file for a portion of the code. The validity of the portion of code is determined by using the decrypted signature file, and if the portion of code is invalid, operation of the system is prevented. One or more portions of the code received by the system, such as a communications protocol, may also be encrypted prior to receipt of the code by the system. The system obtains a key from a remote server via a secure communications channel and uses the key and the cryptography unit contained in the tamperproof circuit to decrypt the communications protocol.