The present invention relates to a method for securing against N-order side-channel attacks a cryptographic process using in a plurality of encryption rounds an initial Substitution box S.sub.0 comprising the steps of: —generating (E12) a first randomized substitution box S.sub.1 by masking said initial substitution box S.sub.0 such that S.sub.1(x XOR m.sub.1)=S.sub.0(x) XOR m.sub.2, with m.sub.1, m.sub.2 uniformly-distributed random values, for any input value x of the initial substitution box S.sub.0, —generating (E13) a first transrandomized Substitution box S(1,1) from the first randomized substitution box S.sub.1 and from masks m.sub.1,1, m′.sub.1,1 such that S(1, 1)[x]=S.sub.1[x xor (m.sub.1 xor m.sub.1,1)] xor (m.sub.2 xor m′.sub.1,1) for any input value x of the first transrandomized Substitution box S(1,1), —generating (E14) from the first transrandomized Substitution box S(1,1) a N−1th transrandomized Substitution box S(1, N−1) by performing iteratively N−2 times a step of generation of a ith transrandomized Substitution box S(1, i) from a i−1th transrandomized substitution box S(1, i−1) and from a plurality of masks m 1,i, m′.sub.1,i, m.sub.1,i−1, m′.sub.1,i−1 such that S(1, i)[x]=S(1, i−1)[x xor (m.sub.1,i-1 xor m.sub.1,i)] xor (m′.sub.1,i−1 xor m′.sub.1,i) for any input value x of the ith transrandomized substitution box S(1, i), with i an integer comprised in {2, . . . N−1}, —performing the cryptographic process using (E15) the N−1th transrandomized Substitution box S(1, N−1) instead of the initial Substitution box S.sub.0 in at least said first round of the cryptographic process.

An apparatus includes a processor and a memory operatively coupled to the processor and associated with an instance of a distributed database at a first compute device. The processor is configured to select an anonymous communication path. Each blinded public key from a sequence of blinded public keys associated with the anonymous communication path is associated with a pseudonym of a compute device from a set of compute devices that implement the anonymous communication path. The processor is configured to generate an encrypted message encrypted with a first blinded public key. The processor is configured to generate an encrypted data packet including the encrypted message and a compute device identifier associated with a second compute device. The encrypted data packet is encrypted with a second blinded public key. The processor is configured to send the encrypted data packet to a third compute device.

A method begins by a requesting device transmitting a certificate signing request to a managing unit, wherein the certificate signing request includes fixed certificate information and suggested certificate information. The method continues with the managing unit forwarding the certificate signing request to a certificate authority and receiving a signed certificate from the certificate authority, wherein the signed certificate includes a certificate and a certification signature and wherein the certificate includes the fixed certificate information and determined certificate information based on the suggested certificate information. The method continues with the managing unit interpreting the fixed certificate information of the signed certificate to identify the requesting device and forwarding the signed certificate to the identified requesting device.

An encryption circuit includes a fundamental vector generation circuit configured to generate a random number sequence for serving as a fundamental vector based on an initial vector, an image mask generation circuit configured to generate an image mask with a mask value set for each pixel in a region to be encrypted smaller than a frame size of the image, based on the fundamental vector and coordinate information for specifying the region to be encrypted, and an XOR operation circuit configured to compute an exclusive OR between each mask value of the image mask and each pixel value of the image data to generate encrypted image data.

Systems and methods that may be used to provide multitenant key derivation and management using a unique protocol in which key derivation may be executed between the server that holds the root key and a client that holds the derivation data and obtains an encryption key. In one or more embodiments, the derivation data may be hashed. The disclosed protocol ensures that the server does not get access to or learn anything about the client's derived key, while the client does not get access to or learn anything about the server's root key.

To calculate of an exclusive OR of elements of bits while the bits remain distributed to a plurality of secret calculation devices without communication among the secret calculation devices, and to calculate of an AND of bits with small amounts of communication and calculation while the bits remain distributed, provided is a secret calculation device including a local AND device and an AND redistribution device. The local AND device receives at least two one-bit input elements to produce a first local AND element. The AND redistribution device receives a one-bit mask and a second local AND element acquired by calculating an exclusive OR of the first local AND element and P bits (P is an integer equal to or more than 0), calculates a first OR, and communicates to/from an AND redistribution device of another secret calculation device to produce at least one one-bit output element.

The invention relates to a processing method, including the calculation of one function between a datum to be compared and a reference datum. The function can be written in the form of a sum of: a term that depends on the datum to be compared, a term that depends on the reference datum, and a polynomial, such that all the monomials of the polynomial include at least one coordinate of each datum. The method includes an initialization step including: generating masking data; scrambling reference data by means of a server unit on the basis of said masking data; and calculating, by means of a client unit, the term of the function that depends on the datum to be compared. The method also includes steps for executing the calculation of the function between the datum to be compared and the reference datum, indexed by an index c, during which: the client unit sends the coordinates of the datum to be compared to a secure component, which returns said datum, in a masked form, to said component; the client unit retrieves, from the server unit, the reference datum, indexed by the index c and scrambled by the masking data; and on the basis of the data obtained from the secure component and the server unit, the client unit calculates the sum of the term of the function that depends solely on the reference datum and the polynomial term and adds, to said sum, the term that depends on the datum to be compared, such as to obtain the result of the function.

Provided is a method for masking a sensitive signal by injecting noise into planes of a printed circuit board (PCB). The method comprises detecting, by a secondary integrated circuit (IC), a noise signal on a shared plane of a PCB that includes the secondary IC. The noise signal may be analyzed to determine the characteristics of the noise signal. A masking signal may be generated based on the characteristics. The masking signal may then be injected onto the shared plane.

A method for sharing secret data between multiple containers. In response to the initial booting of an operating system instance in a container, a unique operating system identifier is generated for the operating system instance. A grant authority stores the unique operating system identifier in a reserved area of a secure storage device. In response to a request from the operating system instance to access secret data in the secure storage device, the grant authority determines whether the unique operating system identifier is stored in the secure storage device. The operating system instance may be granted access to secret data in the non-reserved area of the secure storage device.

Disclosed are systems and methods for delegating computations of resource-constrained mobile clients, in which multiple servers interact to construct an encrypted program representing a garbled circuit. Implementing the garbled circuit, garbled outputs are returned. Such implementations ensure privacy of each mobile client's data, even if an executing server has been colluded. The garbled circuit provides secure cloud computing for mobile systems by incorporating cryptographically secure pseudo random number generation that enables a mobile client to efficiently retrieve a result of a computation, as well as verify that an evaluator actually performed the computation. Cloud computation and communication complexity are analyzed to demonstrate the feasibility of the proposed system for mobile systems.