A computer-implemented method includes: obtaining, by a data party, a piece of plaintext to be encrypted; generating a ciphertext file including multiple pieces of ciphertext, each piece of ciphertext being derived from a homomorphic encryption algorithm executed on the piece of plaintext; adding a first file identifier of the ciphertext file to a file identifier set corresponding to the piece of plaintext; and in response to a piece of ciphertext derived from the piece of plaintext being needed for a cooperative calculation in which the data party is participating: obtaining the first file identifier from the file identifier set corresponding to the piece of plaintext, reading a first piece of ciphertext from the ciphertext file identified by the first file identifier, and sending the first piece of ciphertext to a partner participating in the cooperative calculation.

A method for providing a proof-of-retrievability (POR) to a client for data stored on a storage entity includes the steps of: a) Encoding, by the client, data to be stored on the storage entity; b) Exchanging credentials between the storage entity, the client, and an auditor; c) Committing, by the client, to the encoded information using data identification information; d) Storing the encoded data on the storage entity together with the data identification information e) Computing, by the auditor, logging information for the stored data by performing one or more POR between the auditor and the storage entity, wherein for sampling randomness for the POR a public source of unpredictable randomness is used; Verifying, by the auditor, the computed logging information; and g) Verifying, by the client, the verified logging information of the auditor in a single batch verification procedure.

Some embodiments relate to an electronic network node (110) configured for a cryptographic operation. The network node obtains a shared matrix (A) by selecting integers, polynomials, and/or polynomial-coefficients from a shared pool, the shared pool being shared with the second network node, wherein the selecting is done according to one or more selection functions.

A method for detecting relay attacks between two communication platforms, the method including: receiving, at a first communication platform, a first signal sent via a first communication channel from a second communication platform, the first signal including information about a challenge; receiving, at the first communication platform, a second signal sent via a second communication channel from the second communication platform, the second signal being a start clock; receiving, at the first communication platform, a third signal sent via the second communication channel from the second communication platform, the third signal including the challenge; outputting, from the first communication platform, a response to the challenge via the first communication channel to the second communication platform; and determining, at the second communication platform, whether a relay attack has occurred based on a time elapsed from when the start clock began to when the response is received at the second communication platform.

Techniques for mitigating timing attacks via dynamically scaled time dilation are provided. According to one set of embodiments, a computer system can enable time dilation with respect to a program, where the time dilation causes the program to observe a dilated view of time relative to real time. Then, while the time dilation is enabled, the computer system can track a count of application programming interface (API) calls or callbacks made by a program within each of a series of time buckets and, based on counts tracked for a range of recent time buckets, scale up or scale down a degree of the time dilation.

Embodiments of the invention relate to systems and methods for confidential mutual authentication. A first computer may blind its public key using a blinding factor. The first computer may generate a shared secret using its private key, the blinding factor, and a public key of a second computer. The first computer may encrypt the blinding factor and a certificate including its public key using the shared secret. The first computer may send its blinded public key, the encrypted blinding factor, and the encrypted certificate to the second computer. The second computer may generate the same shared secret using its private key and the blinded public key of the first computer. The second computer may authenticate the first computer by verifying its blinded public key using the blinding factor and the certificate of the first computer. The first computer authenticates the second computer similarly.

A system for secure communications using resonant cryptography includes a resonator that has a random number generator (RNG). The RNG can be at least one of a true random number generator, pseudo-random number generator, and any non-repeating sequence of numbers having a characteristic of a random number stream, and generating a first stream of random numbers. A transmitter, electrically coupled to the random number generator, is also included to transmit the generated first stream of random numbers.

A multi-word multiplier circuit includes an interface and circuitry. The interface is configured to receive a first parameter X including one or more first words, and a second parameter Y including multiple second words. The second parameter includes a blinded version of a non-blinded parameter Y that is blinded using a blinding parameter A.sub.Y so that Y=Y+A.sub.Y. The circuitry is configured to calculate a product Z=X.Math.Y by summing multiple sub-products, each of the sub-products is calculated by multiplying a first word of X by a second word of Y, and subtracting from intermediate temporary sums of the sub-products respective third words of a partial product P=X.Math.B.sub.Y, B.sub.Y is a blinding word included in A.sub.Y.

Provided is a process that includes: obtaining a fictitious data entry associated with a field present in a plurality of records associated with an online resource; sending a query to a monitoring application, the query specifying the fictitious data entry and a request to determine whether a second repository of compromised data includes the fictitious data entry; in response to the query, receiving query results indicating that the second repository of compromised data includes the fictitious data entry; in response to the received indication that the second repository of compromised data includes the fictitious data entry, identifying at least some of the first set of one or more repositories that store the data entry; designating other data entries within the at least some of the first set of one or more repositories as potentially having been breached; and storing the designation in memory.

Systems and methods are provided for performing operations comprising: storing a set of input data; generating a noise distribution based on a two-step function, wherein a height of the two-step function is determined by a privacy parameter, a width of the two-step function is determined by minimizing a variance of the noise distribution, and wherein a mean of the two-step function is determined by a value of the set of input data to be privatized; applying the noise distribution to the set of input data to generate privatized noisy output data; and transmitting the resulting privatized noisy output data in response to a request for a portion of, or a complete set of, the input data.