This application provides an RRC connection resume method and apparatus. In the method, when a terminal moves to a target base station, the target base station may reselect, based on a capability and a requirement of the target base station, a first encryption algorithm and a first integrity protection algorithm that are used when the target base station communicates with the terminal, and send the first encryption algorithm and the first integrity protection algorithm to the terminal. On one hand, a security algorithm used for communication between the terminal and the target base station is flexibly selected. On the other hand, because the base station connected to the terminal changes, communication security can be improved by using a new encryption algorithm and integrity protection algorithm.

A computer-implemented method performed by a user device is provided. The computer-implemented method includes receiving a message including an encrypted credential from a server computer; determining a response shared secret using a private key and a server public key; decrypting the encrypted credential using the response shared secret to determine a credential; obtaining a key derivation parameter from the credential; determining a first cryptogram key using the key derivation parameter; generating a first cryptogram using the first cryptogram key; and sending the first cryptogram to a second computer.

A computer-implemented method performed by a user device is provided. The computer-implemented method includes receiving a message including an encrypted credential from a server computer; determining a response shared secret using a private key and a server public key; decrypting the encrypted credential using the response shared secret to determine a credential; obtaining a key derivation parameter from the credential; determining a first cryptogram key using the key derivation parameter; generating a first cryptogram using the first cryptogram key; and sending the first cryptogram to a second computer.

This invention relates generally to distributed ledger technology (including blockchain related technologies), particularly a method and corresponding system for providing a blockchain transaction comprising a redeem script for an output that comprises: i) a plurality of public keys, each associated with a corresponding private key, wherein each public key is uniquely associated with a potential state of at least one data source; and ii) logic arranged to provide a result based on: A) a determination of which of the plurality of associated private key(s) is/are used to sign the unlocking script, so as to provide an interim result: and B) a comparison of a parameter supplied via the unlocking script against the interim result, and further attempting to spend the transaction output more than once, each attempt supplying a different parameter.

This invention relates generally to distributed ledger technology (including blockchain related technologies), particularly a method and corresponding system for providing a blockchain transaction comprising a redeem script for an output that comprises: i) a plurality of public keys, each associated with a corresponding private key, wherein each public key is uniquely associated with a potential state of at least one data source; and ii) logic arranged to provide a result based on: A) a determination of which of the plurality of associated private key(s) is/are used to sign the unlocking script, so as to provide an interim result: and B) a comparison of a parameter supplied via the unlocking script against the interim result, and further attempting to spend the transaction output more than once, each attempt supplying a different parameter.

A method of controlling and coordinating of processing steps in a distributed system can be implemented by an initiator node of a cyclically-ordered set of nodes participating in a blockchain network (e.g., Bitcoin blockchain). The method includes generating a private key and cryptographic shares thereof for the nodes of the set and distributing them. A locking value is determined based on the shares and a transaction is arranged to transmit control of a resource responsive to supply of a corresponding unlocking value. A circuit of transactions amongst the nodes each arranged to transmit control of a resource responsive to supply of an unlocking value corresponding to a locking value determined based on the share distributed to a first node of one of two adjacent nodes and a value received from another node immediately previous to it is prepared. The initiator node may belong to a cyclically-ordered set of initiator nodes.

A method of controlling and coordinating of processing steps in a distributed system can be implemented by an initiator node of a cyclically-ordered set of nodes participating in a blockchain network (e.g., Bitcoin blockchain). The method includes generating a private key and cryptographic shares thereof for the nodes of the set and distributing them. A locking value is determined based on the shares and a transaction is arranged to transmit control of a resource responsive to supply of a corresponding unlocking value. A circuit of transactions amongst the nodes each arranged to transmit control of a resource responsive to supply of an unlocking value corresponding to a locking value determined based on the share distributed to a first node of one of two adjacent nodes and a value received from another node immediately previous to it is prepared. The initiator node may belong to a cyclically-ordered set of initiator nodes.

A server can record a device static public key (Sd) and a server static private key (ss). The server can receive a message with (i) a device ephemeral public key (Ed) and (ii) a ciphertext encrypted with key K1. The server can (i) conduct an EC point addition operation on Sd and Ed and (ii) send the resulting point/secret X0 to a key server. The key server can (i) perform a first elliptic curve Diffie-Hellman (ECDH) key exchange using X0 and a network static private key to derive a point/secret X1, and (ii) send X1 to the server. The server can conduct a second ECDH key exchange using the server static private key and point X0 to derive point X2. The server can conduct an EC point addition on X1 and X2 to derive X3. The server can derive K1 using X3 and decrypt the ciphertext.

A tracking device can use a permanent encryption key pair to encrypt a temporary private key that corresponds to a set of diversified temporary public keys. When a community mobile device subsequently detects the tracking device, the central tracking system provides a diversified temporary public key to the community mobile device. The community mobile device uses the diversified temporary public key to encrypt location data representative of a location of the community mobile device, and provides the encrypted location data to the central tracking system. When a user subsequently requests a location of the tracking device from the central tracking system, the central tracking system provides the encrypted temporary private key and the encrypted location data to a device of the user, and the device can decrypt the encrypted temporary private key using the permanent encryption key pair, and decrypt the encrypted location data using the decrypted temporary private key.

A tracking device can use a permanent encryption key pair to encrypt a temporary private key that corresponds to a set of diversified temporary public keys. When a community mobile device subsequently detects the tracking device, the central tracking system provides a diversified temporary public key to the community mobile device. The community mobile device uses the diversified temporary public key to encrypt location data representative of a location of the community mobile device, and provides the encrypted location data to the central tracking system. When a user subsequently requests a location of the tracking device from the central tracking system, the central tracking system provides the encrypted temporary private key and the encrypted location data to a device of the user, and the device can decrypt the encrypted temporary private key using the permanent encryption key pair, and decrypt the encrypted location data using the decrypted temporary private key.