A method, system, and non-transitory computer readable medium are described for providing a sender a plurality of ephemeral keys such that a sender and receiver can exchange encrypted communications. Accordingly, a sender may retrieve information, such as a public key and a key identifier, for the first receiver from a local storage. The retrieved information may be used to generate a key-encrypting key that is used to generate a random communication encryption key. The random communication encryption key is used to encrypt a communication, while the key-encrypting key encrypts the random communication key. The encrypted communication and the encrypted random communication key are transmitted to the first receiver.

This patent describes a new protocol of encryption and decryption process. With the capable of uniting all available implementations that may have different built-in countermeasures against different side-channel attacks, the patented work will have strong resistance to existing and future side-channel attacks. The limit of number of implementations, N, can be negotiated between the Sender and the Receiver, and is only limited by the resource availability (including computing, time, power, etc) of the Sender and the Receiver.

Embodiments of the invention relate to systems and methods for confidential mutual authentication. A first computer may blind its public key using a blinding factor. The first computer may generate a shared secret using its private key, the blinding factor, and a public key of a second computer. The first computer may encrypt the blinding factor and a certificate including its public key using the shared secret. The first computer may send its blinded public key, the encrypted blinding factor, and the encrypted certificate to the second computer. The second computer may generate the same shared secret using its private key and the blinded public key of the first computer. The second computer may authenticate the first computer by verifying its blinded public key using the blinding factor and the certificate of the first computer. The first computer authenticates the second computer similarly.

The present invention relates to methods and systems for binary scrambling, and applications for cybersecurity technology aimed at preventing cyber-attacks.

In various embodiments, a computer-readable memory medium coupled to a processor is disclosed. The memory medium is configured to store instructions which cause the processor to retrieve a seed value, receive a digital bit stream, receive a digital bit stream, generate a stream of random bits, using the seed value as a seed to a pseudo random number generator (PRNG), wherein the stream of random bits contains at least as many bits as the digital bit stream, shuffle bits of the stream of random bits to create a random bit buffer, generate an obfuscated digital bit stream by applying a first exclusive OR (XOR) to the digital bit stream and the random bit buffer, wherein the obfuscated digital bit stream has the same number of bits as the digital bit stream, and provide the obfuscated digital bit stream to the communications interface.

Universal tags linked to the content of a data file are sporadically/periodically generated for protecting the authenticity of the data file and/or the owner/creator of a digital file. New universal tags are generated by altering one or more keys/seeds used to generate the universal tag. Once a current universal key is generated, the current universal tag is registered on a distributed ledger of at least on distributed trust computing network, thus superseding the registration of a last-in-time/previous universal tag to thereby become the effective validation means for (i) an authenticity of the data file, and/or (ii) the user associated with the data file (e.g., rightful possessor and/or creator of the digital file).

A universal tag linked to the content of a data file for protecting the authenticity of the data file and/or the owner/creator of a digital file. The universal tag is linked to the content in the data file via one or more input keys/seeds that are used to generate the universal tag and rely on data associated with the content. Once generated, the universal tag is registered on a distributed ledger of at least on distributed trust computing network, which acts as a source of truth to validate the universal tag and, as such, validate (i) an authenticity of the data file, and/or (ii) the user associated with the data file (e.g., rightful possessor and/or creator of the digital file).

A system and method that utilize an encryption engine endpoint to encrypt data in a data storage system are disclosed. In the system and method, the client controls the encryption keys utilized to encrypt and decrypt data such that the encryption keys are not stored together with the encrypted data. Therefore, once data is encrypted, neither the host of the data storage system, nor the encryption engine endpoint have access to the encryption keys required to decrypt the data, which increases the security of the encrypted data in the event of, for example, the data storage system being accessed by an unauthorized party.

An apparatus and method are described for processing a global navigation satellite system (GNSS) signal, the GNSS comprising multiple satellites, wherein each satellite transmits a respective navigation signal containing a spreading code. The method comprises receiving an incoming signal at a receiver, wherein the incoming signal may contain navigation signals from one or more satellites; encrypting the incoming signal at the receiver using a homomorphic encryption scheme to form an encrypted signal; and transmitting the encrypted signal from the receiver to a remote server.

Methods, systems, and techniques for facilitating data transfer between blockchains, Data is sent from a first blockchain to a second blockchain. The data includes lineage verification data that permits the second blockchain to verify a lineage of at least one block of the first blockchain; a proper subset of all non-header data stored using the at least one block; and validity verification data that permits the second blockchain to verify validity of the proper subset of all non-header data sent to the second blockchain from the first blockchain. The proper subset of non-header data may be a slice of state data of an application stored in the first blockchain. The second blockchain verifies the lineage and validity of the data it receives, and creates a new block having non-header data comprising the data it received.