A moving target defense scheme for a serial communications system is disclosed herein. A bus controller generates and broadcasts a nonce to remote terminals over a bus. The bus controller and the remote terminals generate a randomized sequence based upon the nonce and a shared secret that is shared between the bus controller and the remote terminals. The bus controller broadcasts first messages over the bus on first addresses that are derived from first portions of the randomized sequence. The remote terminals listen for the first messages that are broadcast over the bus on the first addresses. The bus controller broadcasts a shift message that causes the remote terminals to listen for second messages that are broadcast over the bus on second addresses that are derived from second portions of the randomized sequence.

A system provides integrity validation of authorization codes using cryptographic hashes. In particular, the system may use various types of input data to generate a randomized hash value which may be associated with a user, device, or set of data (e.g., an authorization code). For instance, the input data may include historical log data, location and/or geolocation data, contextual data, salt values, or the like. In this way, the system may generate a hash value that is randomized while adding meaning that is unique to the user, device, or data with which the randomized hash value is associated.

Disclosed are homomorphic encryption method and apparatus specialized for zero-knowledge proof. The homomorphic encryption method specialized for zero-knowledge proof includes (a) dividing a message M into n message blocks; (b) generating a ciphertext CT by encrypting the n message blocks, wherein the ciphertext CT includes each encryption block for each of the n message blocks, and each encryption block includes the message block in the form G.sub.i.sup.m.sup.i of an exponentiation of a generator G; and (c) generating a zero-knowledge proof key π for the n message blocks by applying the n message blocks as inputs to a preset zero-knowledge proof algorithm.

Systems and methods of generating a security key for an integrated circuit device include generating a plurality of key bits with a physically unclonable function (PUF) device. The PUF can include a random number generator that can create random bits. The random bits may be stored in a nonvolatile memory. The number of random bits stored in the nonvolatile memory allows for a plurality of challenge and response interactions to obtain a plurality of security keys from the PUF.

The invention provides an authentication method and system. It is particularly suited for verifying the identity of an individual prior to permitting access to a controlled resource. This may or may not be a financial resource. The invention uses biometric data relating to a user to encode and decode an identifier associated with a user. Thus the user's biometric data becomes the key for encoding and subsequently decoding the identifier. In one embodiment, the biometric data is used to generate a keypad configuration. The keypad configuration specifies the order and/or position of a plurality of keypad keys. An operable keypad and/or image of a keypad is then generated using the configuration. Thus, the individual's biometric data can be used to generate a customised keypad and/or image which can then be used to encode or decode the identifier associated with the user. A keypad or image generated from the biometric data can be used to generate a mapping between different keypad configurations. The biometric data may be captured at or on a device associated with the individual, such as a computer, mobile phone, tablet computer etc.

The invention provides a solution for secure authentication of an individual. The invention comprises methods and apparatus for secure input of a user's identifier e.g. PIN. An image of a keypad is superimposed over an operable keypad within a display zone of a screen associated with an electronic device. The keypad image and/or the operable keypad are generated by the device using a scrambled or randomised keypad configuration generated on or at the electronic device. The configuration or order of keys depicted in the image may or may not be scrambled or randomised. Thus, the order of keys depicted in the image do not correspond to the order of the keys in the operable keypad, so that when the user selects a ‘key’ depicted in the image on the screen, the underlying operable keypad is caused to operate and an encoded version of the user's input is received into memory on the device. The encoded input can be sent for decoding on a remote computer. The keypad configurations used for generation of the operable keypad(s) and/or keypad image(s) are generated using an input. The input could be a true or pseudo random number or biometric data relating to a user of the device. The device may be a mobile phone, a tablet computer, laptop, PC, payment terminal or any other electronic computing device with a screen.

Methods, systems, and apparatuses for defending against cryptographic attacks using clock period randomization. The methods, systems, and apparatuses are designed to make side channel attacks and fault injection attacks more difficult by using a clock with a variable period during a cryptographic operation. In an example embodiment, a clock period randomizer includes a fixed delay generator and a variable delay generator, wherein a variable delay generated by the variable delay generator is based on a random or pseudorandom value that is changed occasionally or periodically. The methods, systems, and apparatuses are useful in hardware security applications where fault injection and/or side channel attacks are of concern.

In an embodiment, a circuit includes a supply terminal, a reference terminal, a logic circuit coupled between the supply terminal and the reference terminal, and an auxiliary circuit coupled to the logic circuit. The auxiliary circuit includes a plurality of switches configured to be controlled to produce random criterions. Each random criterion causes, on each transition of an output signal of the logic, an attenuation of a current flowing between a supply terminal of the circuit and a reference terminal of the circuit; or an increase of the current flowing between the supply terminal of the circuit and the reference terminal of the circuit; or an additional current flowing through the logic circuit on a current path not passing through the supply terminal; or no change in the current flowing between the supply terminal of the circuit and the reference terminal of the circuit.

A computer-implemented method comprises: committing a transaction amount t of a transaction with a commitment scheme to obtain a transaction commitment value T, the commitment scheme comprising at least a transaction blinding factor r_t; encrypting a combination of the transaction blinding factor r_t and the transaction amount t with a second public key PK_2_B of a recipient of the transaction, wherein: the recipient is further associated with a first public key PK_1_B as an address for receiving the transaction amount t; and transmitting the transaction commitment value T and the encrypted combination to a recipient node associated with the recipient for the recipient node to verify the transaction.

A random number generator generates a random number by using at least two algorithms. A security device includes the random number generator. The random number generator includes a random seed generator and a post processor. The random seed generator is configured to receive an entropy signal and to generate a random seed of a digital region generated by using the entropy signal. The post processor is configured to generate a random number from the random seed by using a first algorithm and a second algorithm. A bias property represents unbiasedness of a result value, and a bias property of the first algorithm is different from a bias property of the second algorithm.