One-to-many cryptographic systems and methods are disclosed, and a network employing the same, including numerous industry applications. The embodiments of the present invention can generate and regenerate the same symmetric key from a random token. The one-to-many cryptographic systems and methods include a central location and a cryptographic module being in communication with each other. The cryptographic module is configured to encrypt and/or decrypt data received a remote location and output encrypted and/or decrypted data. The cryptographic module includes a key generator configured to use two or more inputs to reproducibly generate the symmetric key and a cryptographic engine configured to use the symmetric key for encrypting and decrypting data. Corresponding methods, and network employing the same, are also provided.

Various embodiments include a first node for providing a function to a second node for evaluation, the first node configured to form a first plurality of garbled circuits for the function, each circuit being formed from a circuit representing the function and a respective set of wire keys and including one or more logic operations, one or more input wires for inputting data into the circuit and one or more output wires for outputting the result of the function, wherein each respective set of wire keys comprises a respective subset of wire keys for each input wire and each output wire, each subset of wire keys comprising a plurality of wire keys, each wire key in the plurality being associated with a possible value for the wire; and publish a first list of the first plurality of garbled circuits for the function for access by a plurality of second nodes.

Biometric data such as iris, facial, or fingerprint data may be obtained from a user. A public code may be generated from the biometric data, but does not obtain any of the biometric data or information that can be used to identify the user. The public code includes information that can be used to extract from the biometric data a biometric code that is suitable for bitwise comparison. Neither the underlying biometric data nor information from which the biometric data may be determined is stored as only the public code and the actual biometric feature of the user is required to generate the biometric code.

There is provided a device for protecting the execution of a cryptographic operation from attacks, the cryptographic operation being implemented by a cryptographic algorithm, the cryptographic operation comprising at least one modular operation between a main base (m) representing a data block and at least one scalar (d) in at least one finite starting group. The device is configured to determine at least one intermediary group (E′) different from the at least one starting group (E), the number of intermediary groups being equal to the number of starting groups E. The device is further configured to determine at least one final group (E″) from the at least one starting group E and the at least one intermediary group E′. The base m being mapped to an auxiliary element (x) in the at least one intermediary group and to an auxiliary base (m″) in the at least one final group E″. The device performs a first elementary operation in each final group (E″i), the first elementary operation consisting in executing the modular operation between the auxiliary base (m″) and an auxiliary scalar (d.sub.a) in each final group E″, which provides at least one result, the auxiliary scalar (d.sub.a) being determined from the auxiliary element (x) and from the main scalar (d). The device further performs a second elementary operation in each starting group E, the second elementary operation consisting in executing the modular operation between an additional auxiliary base and an additional auxiliary scalar d′.sub.b in each starting group, at least one of the additional auxiliary base and of the additional scalar being derived from the result of the first elementary operation.

Various embodiments relate to a method for securely comparing a first polynomial represented by a plurality of arithmetic shares and a second compressed polynomial represented by a bitstring where the bits in the bitstring correspond to coefficients of the second polynomial, including: performing a first masked shift of the shares of the coefficients of the first polynomial based upon the start of the interval corresponding to the compressed coefficient of the second polynomial and a modulus value; performing a second masked shift of the shares of the coefficients of the first polynomial based upon the end of the interval corresponding to the compressed coefficient of the second polynomial; bitslicing the most significant bit of the first masked shift of the shares coefficients of the first polynomial; bitslicing the most significant bit of the second masked shift of the shares coefficients of the first polynomial; and combining the first bitsliced bits and the second bitsliced bits using an AND function to produce an output including a plurality of shares indicating that the first polynomial would compress to a bitstream matching the bitstream representing the second compressed polynomial.

Systems and methods of secure analytics using an encrypted analytics matrix are disclosed herein. An example method includes encoding an analytic parameter set using a homomorphic encryption scheme as a homomorphic analytic matrix, wherein the homomorphic analytic matrix is generated by extracting a set of term components from an analytic and the analytic parameter set using a term generator function; transmitting a processing set to a server system, the processing set including at least the homomorphic analytic matrix and a keyed hashing function; and receiving a homomorphic encrypted result from the server system, the server system having utilized the homomorphic encryption scheme and the keyed hashing function to evaluate the homomorphic analytic matrix over a datasource.

Provided are methods and systems for performing a secure probabilistic analytic using an encrypted analytics matrix. An example method includes acquiring, by a client, an analytic, analytic parameters associated with the analytic, and a homomorphic encryption scheme including a public key for encryption and a private key for decryption. The method further includes generating, using the encryption scheme, an analytic matrix based on the analytic and analytic parameters, and sending the analytic matrix and the encryption scheme to at least one server. The method includes generating, by the server and based on the encryption scheme, set of terms from a data set, evaluating the analytic matrix over the set of terms to obtain an encrypted result, and estimating a probabilistic error of the encrypted result. The method further includes sending, by the server, the encrypted result and the probabilistic error to the client where the encrypted result is decrypted.

Many-to-many cryptographic systems and methods are disclosed, and a network employing the same, including numerous industry applications. The embodiments of the present invention can generate and regenerate the same symmetric key from a random token. The many-to-many cryptographic systems and methods include two or more cryptographic modules being in communication with each other and may be located at different physical locations. The cryptographic modules are configured to encrypt and/or decrypt data received from other cryptographic modules and to provide encrypted and/or decrypted data to other cryptographic modules. Each cryptographic module includes a key generator configured to use two or more inputs to reproducibly generate the symmetric key and a cryptographic engine configured to use the symmetric key for encrypting and decrypting data. Corresponding methods, and network employing the same, are also provided.

Described herein are various methods of generating and using a digital signature, such as a polymorphic digital signature. One or more methods of creating a digital signature permit strings of characters, which may be simple or complex, to uniquely identify large numbers of people, things, and actions. Different people, things, and actions can use the same set of characters to identify themselves and yet still be uniquely identified.

A method and device for protecting encrypted data are disclosed. In an embodiment an integrated circuit includes a secure module including a first register containing a first mask and a second register containing masked data, the first mask and the masked data forming a secret key and a processor configured to generate a second mask and mask the secret key with the second mask when the secret key is not used for an encryption operation and during reception of a validation signal, wherein the first and second registers are disposed in the secure module so that the outputs of the registers are not simultaneously optically viewable.