Some embodiments are directed to a computation device configured for batch-wise multiparty verification of a computation which has been performed multiple times. The computations being multiparty computations that are cryptographically shared between the computation device and multiple other computation devices. The computation device is configured to perform the computation a further time to obtain a randomizing computation on a randomizing set of values.

Systems and methods for protecting secret or secure information involved in generation of ciphered data by circuitry. The circuitry includes data paths and key paths that operate to perform cipher operations to generate a plurality of key shares and a plurality of data shares using a key and data as input. The data and the key may be masked by at least one mask. The plurality of key shares may be generated using the key and a first mask. The plurality of data shares are generated using key shares, the data, and a second mask.

This disclosure is related to devices, systems, and techniques for automatically generating software packages to provide Secure Computation as a Service (SCaaS). For example, a computing device includes processing circuitry configured to receive a set of information comprising an indication of a first party and an indication of a second party. Additionally, the processing circuitry is configured to generate, based on the set of information, a first software package corresponding to the first party, the first software package configured to implement a secure computation, and generate, based on the set of information, a second software package corresponding to the second party, the second software package configured to implement the secure computation. Additionally, the processing circuitry is configured to export the first software package and export the second software package, enabling the first party device and the second party device to perform the secure computation.

Systems and methods may be used for providing more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions selected, for example by a user. These systems and methods secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols. Some systems and methods may use a subset of a credential with the interspersed noise symbols.

The present disclosure relates to a method and device for performing an elliptic curve cryptography computation comprising: twisting, by a first device based on a first index of quadratic or higher order twist (d), a first point (PKB) on a first elliptic curve over a further elliptic curve twisted with respect to the first elliptic curve to generate a twisted key (PKB); transmitting the twisted key (PKB) to a further device; receiving, from the further device, a return value (ShS) generated based on the twisted key (PKB); and twisting, by the first device based on the first index of quadratic or higher order twist (d), the return value (ShS) over the first elliptic curve to generate a result (ShS) of the ECC computation.

Disclosed in some examples are methods, systems and machine-readable mediums which allow for more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions determined by the user. These systems secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols.

The present invention relates to a method for implementing a cryptographic algorithm having a given secret key comprising the execution by data processing means (11a) of an equipment (10a) of a code implementing said cryptographic algorithm stored on data storage means (12a) of the equipment (10a), the method being characterized in that at least one so-called obfuscated part of said code parameterized with said secret key uses only one so-called cmov instruction, which is a conditional move instruction in a first operand of the instruction of a second operand of the instruction, with at least one occurrence of said cmov instruction in said obfuscated part of the code being dummy.

Certain aspects of the present disclosure provide techniques for performing computations on encrypted data. One example method generally includes obtaining, at a computing device, encrypted data, wherein the encrypted data is encrypted using fully homomorphic encryption and performing at least one computation on the encrypted data while the encrypted data remains encrypted. The method further includes identifying a clear data operation to perform on the encrypted data and transmitting, from the computing device to a server, a request to perform the clear data operation on the encrypted data, wherein the request includes the encrypted data. The method further includes receiving, at the computing device in response to the request, encrypted output from the server, wherein the encrypted output is of the same size and the same format for all encrypted data transmitted to the server.

An encryption method of a video and audio signal stream comprises the steps of: providing a video and audio signal stream, wherein the video and audio signal stream comprises a header; generating a true key string and a false key string randomly, in which the true key string is associated with the header; encoding the true key string and the false key string to generate an encrypted string as the header of the audio signal, in which the encrypted string comprises an indication index indicating an initial position and a length of the true key string; and encoding the encrypted string and the video and audio signal stream to generate an encrypted video and audio signal stream.

Some embodiments provide systems and methods for confidentially and securely provisioning data to an authenticated user device. A user device may register an authentication public key with an authentication server. The authentication public key may be signed by an attestation private key maintained by the user device. Once the user device is registered, a provisioning server may send an authentication request message including a challenge to the user device. The user device may sign the challenge using an authentication private key corresponding to the registered authentication public key, and may return the signed challenge to the provisioning server. In response, the provisioning server may provide provisioning data to the user device. The registration, authentication, and provisioning process may use public key cryptography while maintaining confidentiality of the user device, the provisioning server, and then authentication server.