Systems and methods described relate to executing, by a third computing entity different from a first computing entity and a second computing entity, a smart contract generated by the first computing entity and the second computing entity. A verification key is determined based on a power of a secret, the power of the secret being based on first and second sets of elliptic curve points. The smart contract comprising a first input from the first computing entity and a second input from the second computing entity are received. The smart contract is executed by computation of a function on an input to produce an output. A proof of correct execution of the smart contract is produced. A blockchain transaction is generated using an output of the smart contract. The generated blockchain transaction using the verification key and the proof of correct execution is validated by a fourth computing entity.

The invention relates to a method of enabling zero-knowledge proof or verification of a statement (S) for enabling exchange of data between a prover and a verifier, wherein the prover has access to first data on a first blockchain, and the verifier has access to second data on a second blockchain. In the method, a prover sends to a verifier a set of data including a statement, which for a given function circuit output and an elliptic curve point, the function circuit input is equal to the corresponding elliptic curve point multiplier. The statement can be that the prover knows a private key for an address on a blockchain network.

An elliptic curve random number generator avoids escrow keys by choosing a point Q on the elliptic curve as verifiably random. An arbitrary string is chosen and a hash of that string computed. The hash is then converted to a field element of the desired field, the field element regarded as the x-coordinate of a point Q on the elliptic curve and the x-coordinate is tested for validity on the desired elliptic curve. If valid, the x-coordinate is decompressed to the point Q, wherein the choice of which is the two points is also derived from the hash value. Intentional use of escrow keys can provide for back up functionality. The relationship between P and Q is used as an escrow key and stored by for a security domain. The administrator logs the output of the generator to reconstruct the random number with the escrow key.

Provided are an accelerator, an acceleration method, and an electronic device. The accelerator includes: a calculating unit including a general operation logic performing an operation of different operation types in response to different inputs; an acquiring unit, configured to acquire a target microcode instruction generated according to a target type operation to be implemented; the target microcode instruction is used to indicate target input data required to enable the general operation logic to implement the target type operation; a parsing unit, configured to parse the target microcode instruction to obtain a parsing result corresponding to the target input data; and a controlling unit, configured to, in response to the parsing result, control the calculating unit to enable the calculating unit to acquire the target input data and run the general operation logic based on the target input data so as to complete the target type operation.

A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd48.

The invention relates to efficient zero knowledge verification of composite statements that involve both arithmetic circuit satisfiability and dependent statements about the validity of public keys (key-statement proofs) simultaneously. A method is disclosed for a prover proving to a verifier that a statement is true, while keeping a witness (w) to the statement a secret, and a verifier using a reciprocal method to verify the proof. The prover sends, to the verifier, data including a statement represented by an implemented function circuit, individual wire commitments and/or a batched commitment for the function circuit of the statement, a given function circuit output, and a proving key. Based on the sent data, the verifier is able to determine satisfiability of the function circuit, calculate an elliptic curve point, and validate the statement, thus determining that the prover holds the witness to the statement and ensuring the data complies with the statement.

A processor with an elliptic curve cryptographic algorithm and a data processing method thereof are shown. The processor has first register storing a Hash value pointer, and a second register, storing a private key pointer. In response to a first elliptic curve cryptographic instruction of an instruction set architecture, the processor reads a first storage space within a system memory by referring to the first register to get a Hash value of the data to be signed, reads a private key by referring to the second register, performs a signature procedure using the elliptic curve cryptographic algorithm on the Hash value based on the private key to generate a digital signature, and programs the digital signature into a second storage space within the system memory.

Systems and methods described herein relate to techniques that allow for multiple parties to jointly generate or jointly agree upon the parameters for generation of a smart contract, such as a verification key. Execution of the smart contract may be performed by a third party, for example, a worker node on a blockchain network. Techniques described herein may be utilised as part of a protocol in which parties of a smart contract share powers of a secret in a manner that allows each party to determine an identical common reference string, agree on parameters for a smart contract, agree and/or make proportionate contributions the smart contract, and combinations thereof. The smart contract may be published to a blockchain network (e.g., Bitcoin Cash). The protocol may be a zero-knowledge protocol.

A method relates to efficient zero knowledge verification of composite statements that involve both arithmetic circuit satisfiability and dependent statements about the validity of public keys (key-statement proofs) simultaneously. In one example, a computer-implemented method is provided for enabling zero-knowledge proof or verification of a statement (S) in which a prover proves to a verifier that a statement is true while keeping a witness (w) to the statement a secret. The method also relates to the reciprocal method employed by a verifier who verifies the proof. The method includes the prover sending to the verifier a set of data including a statement, which for a given function circuit output and an elliptic curve point, the function circuit input is equal to the corresponding elliptic curve point multiplier. The data includes individual wire commitments and/or a batched commitment for the circuit of the statement, an input and an output.

Systems and methods described herein relate to techniques in which multiple parties each generate and exchange quantities that are based on a shared secret (e.g., powers of the shared secret) without exposing the shared secret. According to a protocol, two or more parties may exchange sets of elliptic curve points generated over polynomials that can be used, by each of the two or more parties, to determine a power of a shared secret. The protocol may be utilised as part of determining parameters for a smart contract that is broadcast to a blockchain network (e.g., Bitcoin). Based on the protocol, an additional party (e.g., a third party different from the two or more parties) may perform a computational task such as execution of the smart contract.