A secure computation device obtains concealed information {M(i.sub.0, . . . , i.sub.S−1)} of a table M(i.sub.0, . . . , i.sub.S−1) having one-variable function values as its members. It is to be noted that M(i.sub.b, 0, . . . , i.sub.b, S−1) generated by substituting counter values i.sub.b, 0, . . . , i.sub.b, S−1 into the table M(i.sub.0, . . . , i.sub.S−1) represents a matrix M.sub.b, γ, μ, which is any one of M.sub.b, 2, 1, . . . , M.sub.b, 3, 2. The secure computation device obtains concealed information {M.sub.b, γ, μ} by secure computation using concealed information {i.sub.b, 0}, . . . , {i.sub.b, S−1} and the concealed information {M(i.sub.0, . . . , i.sub.S−1)}, and obtains concealed information {M.sub.b, Γ, MU} of a matrix M.sub.b, Γ, MU, which is obtained by execution of a remaining process including those processes among a process P.sub.j, 1, a process P.sub.j, 2, a process P.sub.j, 3, and a process P.sub.j, 4, that are performed subsequent to a process P.sub.γ, μ.

Data is efficiently read from a sequence without a read position being revealed. A secure reading apparatus 1 receives a secret text sequence and a secret text of a read position as input, and outputs an element at the read position of the secret text sequence. A vector creating part (12) creates a vector expressing the read position. A compression computing part (13) repeatedly generates a new secret text sequence in which an inner product of a vector based on the secret text sequence and a vector expressing the read position is set as an element. The reading part (14) outputs the new secret text sequence having the number of elements of one as the element at the read position of the secret text sequence.

Data is efficiently read from a sequence without a read position being revealed. A secure reading apparatus 1 receives a secret text sequence and a secret text of a read position as input, and outputs an element at the read position of the secret text sequence. A vector creating part (12) creates a vector expressing the read position. A compression computing part (13) repeatedly generates a new secret text sequence in which an inner product of a vector based on the secret text sequence and a vector expressing the read position is set as an element. The reading part (14) outputs the new secret text sequence having the number of elements of one as the element at the read position of the secret text sequence.

A method comprises receiving an image of an update for a software module, a rate parameter, an index parameter, and a public key, generating a 32-byte aligned string, computing a state parameter using the 32-byte aligned string, generating a modified message representative, computing a Merkle Tree root node, and in response to a determination that the Merkle Tree root node matches the public key, forwarding, to a remote device, the image of the update for a software module, the state parameter; and the modified message representative.

The AP transmits a verification server certificate signed by a trusted certificate authority to the STA, transmits, upon receipt of the verification request from the STA, the content thereof to the verification server, performs encrypted communication that uses a random number included in the verification response as a seed, and encrypts and transmits the content of the verification response to the STA. The STA generates a common key, checks the content of the response, receives the verification server certificate, verifies whether or not there is a signature of a trusted certificate authority, and encrypts and transmits, to the AP information about a connection destination and the random number as the verification request. The STA decrypts the content of the verification response and checks to see whether information indicating success or failure of the verification and the random number are included, decrypts the content of the verification server certificate.

Data is efficiently read from and written in a sequence without an access position being revealed. A secure reading and writing apparatus (1) receives a read command or a write command as input, and, when the read command is input, outputs a secret text [a[x]] which is an x-th element of a secret text sequence [a], and, when the write command is input, adds the secret text [a[x]] which is the x-th element of the secret text sequence [a], to a secret text [d]. A secure reading part (12) reads the secret text [a[x]] which is the x-th element from the secret text sequence [a]. A buffer addition part (13) adds a secret text [c] of an unreflected value c to the secret text [a[x]]. A buffer appending part (14) appends a secret text [x] and the secret text [d] to a write buffer [b]. When the number of elements of the write buffer [b] exceeds a predetermined value, a secure writing part (15) adds a value indicated with a secret text vector [b.sub.1] to an access position of the secret text sequence [a] which is indicated with a secret text vector [b.sub.0].

Data is efficiently read from and written in a sequence without an access position being revealed. A secure reading and writing apparatus (1) receives a read command or a write command as input, and, when the read command is input, outputs a secret text [a[x]] which is an x-th element of a secret text sequence [a], and, when the write command is input, adds the secret text [a[x]] which is the x-th element of the secret text sequence [a], to a secret text [d]. A secure reading part (12) reads the secret text [a[x]] which is the x-th element from the secret text sequence [a]. A buffer addition part (13) adds a secret text [c] of an unreflected value c to the secret text [a[x]]. A buffer appending part (14) appends a secret text [x] and the secret text [d] to a write buffer [b]. When the number of elements of the write buffer [b] exceeds a predetermined value, a secure writing part (15) adds a value indicated with a secret text vector [b.sub.1] to an access position of the secret text sequence [a] which is indicated with a secret text vector [b.sub.0].

A method for secure key exchange. The method comprises receiving a request to certify a key from a communication partner at an interface between an access and tamper resistant circuit block and exposed circuitry. Within the access and tamper resistant circuit block, a first random private key is generated. A corresponding public key of the first random private key is derived, and a cryptographic digest of the public key and attributes associated with the first random private key is generated. The generated cryptographic digest is signed using a second random private key that has been designated for signing by one or more associated attributes. The public key and the signature are then sent to the communication partner via the interface.

A processing system selectively compresses cache lines at a cache or at a memory or encrypts cache lines at the memory based on evictions of entries mapping virtual-to-physical address translations from a translation lookaside buffer (TLB). Upon eviction of a TLB entry, the processing system identifies cache lines corresponding to the physical addresses of the evicted TLB entry and selectively compresses the cache lines to increase the effective storage capacity of the processing system or encrypts the cache lines to protect against vulnerabilities.

A processing system selectively compresses cache lines at a cache or at a memory or encrypts cache lines at the memory based on evictions of entries mapping virtual-to-physical address translations from a translation lookaside buffer (TLB). Upon eviction of a TLB entry, the processing system identifies cache lines corresponding to the physical addresses of the evicted TLB entry and selectively compresses the cache lines to increase the effective storage capacity of the processing system or encrypts the cache lines to protect against vulnerabilities.