An secure computation server apparatus in a secure computation system includes: a local shuffle part that computes, by using a shared permutation shared by four of the five secure computation server apparatuses, permuted values of a share for a remaining one of the five secure computation server apparatuses and sends the permuted values of the share to the remaining secure computation server apparatus; a comparison and verification part that compares values with each other, which are received from at least three of the four secure computation server apparatuses and which are supposed to be a same value, and adopts the values that are same at least two values as an accurate permutation; and a shuffle synthesis part that synthesizes mini-shuffles, by using a shared permutation shared by a corresponding combination of four secure computation server apparatuses and a permutation adopted by a corresponding one of the comparison and verification parts.

A key generator including a first access circuit, a first calculating circuit and a first certification circuit is provided. The first access circuit writes first predetermined data to a first resistive memory cell during a write period and reads a first current passing through the first resistive memory cell after a randomization process. The first calculating circuit calculates the first current to generate a first calculation result. The first certification circuit generates a first password according to the first calculation result.

A method is provided for conducting an operation, the method including: determining a first result based on combining a first input with a first mask; determining a second result based on combining a second input with a second mask, the first mask and the second mask fulfilling a precondition; and conducting the operation based on the first result and the second result. A corresponding device is also provided.

A multi-word multiplier circuit includes an interface and circuitry. The interface is configured to receive a first parameter X including one or more first words, and a second parameter Y including multiple second words. The second parameter includes a blinded version of a non-blinded parameter Y that is blinded using a blinding parameter A.sub.Y so that Y=Y+A.sub.Y. The circuitry is configured to calculate a product Z=X.Math.Y by summing multiple sub-products, each of the sub-products is calculated by multiplying a first word of X by a second word of Y, and subtracting from intermediate temporary sums of the sub-products respective third words of a partial product P=X.Math.B.sub.Y, B.sub.Y is a blinding word included in A.sub.Y.

A computing device includes an interface configured to interface and communicate with a communication system, a memory that stores operational instructions, and processing circuitry operably coupled to the interface and to the memory that is configured to execute the operational instructions to perform various operations. The computing device processes an input value (e.g., associated with a key) based on a blinding key (e.g., homomorphic encryption) to generate a blinded value and generates an Oblivious Key Access Request (OKAR). The computing device transmits the OKAR to another computing device (e.g., associated with a Key Management System (KMS) service) and receives a blinded key therefrom that is based on a Partially-Oblivious Pseudorandom Function (P-OPRF). The computing device processes the blinded key based on the blinding key (e.g., homomorphic decryption) to generate the key (e.g., associated with the input value). In some examples, the computing device accesses secure information based on the key.

A test method of a circuit, comprising, acquiring value sets including values of a physical quantity or of logic signals, linked to the activity of a circuit to be tested when the circuit executes an operation of an operation set of distinct cryptographic operations applied to a same secret data, selecting at least two subsets of values in each value set, for each value set and each value subset, counting occurrence numbers of values of the subset, for each value set, forming all possible n-tuples associating together one of the occurrence numbers of each value subset of the value set, and computing a combined occurrence number for each n-tuple of the value set, to form an occurrence number set for the value set, and analyzing the occurrence number sets to determine the part of the secret data.

Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to detokenize encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

Devices for sampling a plurality of input signals are provided, wherein a sampling device is controlled to sample the input signals in a random order with additional delays. Other embodiments relate to voltage monitoring systems and corresponding methods.

A processor device has an executable implementation of a cryptographic algorithm implemented thereon that is white-box-masked by a function f. The implementation comprises an implemented computation step S by which input values x are mapped to output values s=S[x], and which is masked to a white-box-masked computation step T by means of an invertible function f. As a mapping f there is provided a combination (f=(c1, c2, . . . )*A) of an affine mapping A having an entry width BA and a number of one or several invertible mappings c1, c2, . . . having an entry width Bc1, Bc2, . . . respectively, wherein BA=Bc1+Bc2+ . . . . Output values w are generated altogether by the mapping f. The affine mapping A is constructed by a construction method coordinated with the invertible mappings c1, c2, and etc.

Embodiments of the invention include systems and methods for protecting study participant data for aggregate analysis. Aspects include sending a broker encryption key to a plurality of subjects. Aspects also include receiving double-encrypted subject data from the plurality of subjects. Aspects also include decrypting the double-encrypted subject data with a broker decryption key to generate single-encrypted subject data for the plurality of subjects. Aspects also include aggregating the single-encrypted subject data for the plurality of subjects to generate an aggregated single-homomorphically encrypted data set. Aspects also include including a plurality of random factors in the aggregated single-encrypted data set. Aspects also include sending the aggregated single-homomorphically encrypted data set to a researcher.