Disclosed are an encryption apparatus and method. The encryption apparatus includes a storage configured to store a static key table, and at least one processor configured to implement an authenticator configured to perform authentication with an external apparatus and acquire authentication information and a key table generator configured to generate a dynamic key table using authentication information acquired through the authentication.

A computing apparatus outputs .sub.1 and .sub.2 corresponding to a ciphertext x, a capability providing apparatus uses .sub.1 to correctly compute f(.sub.1) with a probability greater than a certain probability and sets the result of the computation as z.sub.1, uses .sub.2 to correctly compute f(.sub.2) with a probability greater than a certain probability and sets the result of the computation as z.sub.2, the computing apparatus generates a computation result u=f(x).sup.bx.sub.1 from z.sub.1, generates a computation result v=f(x).sup.ax.sub.2 from z.sub.2, and outputs u.sup.bv.sup.a if the computation results u and v satisfy a particular relation, where G and H are groups, f(x) is a function for obtaining an element of the group G for xH, X.sub.1 and X.sub.2 are random variables having values in the group G, x.sub.1 is a realization of the random variable X.sub.1, and x.sub.2 is a realization of the random variable X.sub.2.

A technique includes performing a plurality of instances of retrieving components of a security key from a plurality of locations of an electronic device and constructing the security key from the components. The technique includes inhibiting electromagnetic field-based eavesdropping from being used to reveal the security key, where the inhibiting includes varying a protocol that is used to retrieve the components among the instances.

A method and encryption node (300) for providing encryption of a message m according to a selected encryption scheme. A noise computation engine (300a) in the encryption node (300) computes (3:1) a noise factor F as a function of a predefined integer parameter n of the selected encryption scheme and a random number r. When the message m is received (3:3) from a client (302) for encryption, an encryption engine (300b) in the encryption node (300), encrypts (3:4) the message m by computing a cipher text c as e=g.sup.m.Math.F mod n.sup.2, where g is another predefined integer parameter of the selected encryption scheme. The cipher text c is then delivered (3:5) as an encryption of the message m, e.g. to the client (302) or to a cloud of processing resources (304).

One embodiment provides a system for noise addition to enforce data privacy protection in a star network. In operation, participants may add a noise component to a dataset. An aggregator may receive the noise components from the plurality of participants, compute an overall noise term based on the received noise components, and aggregate values using the noise components and overall noise term.

According to one exemplary embodiment, a method for obfuscating a traffic pattern associated with a plurality of network traffic within a tunnel connection is provided. The method may include detecting the tunnel connection. The method may also include analyzing a connection environment associated with the detected tunnel connection. The method may then include determining a packet handling technique based on the analyzed connection environment, whereby the packet handling technique provides a way for creating a noise packet that will be discarded by a network stack at a target node or before the target node. The method may include determining a noise strategy based on the determined packet handling technique. The method may also include sending a plurality of noise packets into the tunnel connection based on the determined noise strategy to obfuscate the traffic pattern.

A resonant crypto network is described herein including a first resonator and a second resonator. The first resonator is configured to: transmit a first random number stream to a second resonator, receive a second random number stream from the second resonator, and generate a first daughter stream based in part on a combination of the first random number stream and the second random number stream. The second resonator is configured to: transmit the second random number stream to the first resonator, receive the first random number stream from the first resonator, and generate a second daughter stream based in part on a combination of the first random number stream and the second random number stream, the second daughter stream being distinct from the first daughter stream.

Disclosed in some examples are methods, systems and machine-readable mediums which allow for more secure authentication attempts by implementing authentication systems with credentials that include interspersed noise symbols in positions determined by the user. These systems secure against eavesdroppers such as shoulder-surfers or man-in-the middle attacks as it is difficult for an eavesdropper to separate the noise symbols from legitimate credential symbols.

Systems and methods for generating min-increment counting bloom filters to determine count and frequency of device identifiers and attributes in a networking environment are disclosed. The system can maintain a set of data records including device identifiers and attributes associated with device in a network. The system can generate a vector comprising coordinates corresponding to counter registers. The system can identify hash functions to update a counting bloom filter. The system can hash the data records to extract index values pointing to a set of counter registers. The system can increment the positions in the min-increment counting bloom filter corresponding to the minimum values of the counter registers. The system can obtain an aggregated public key comprising a public key. The system can encrypt the counter registers using the aggregated shared key to generate an encrypted vector. The system can transmit the encrypted vector to a networked worker computing device.

A secure keyboard resource executed in a network device detects a user input, and generates a user input data structure representing the user input relative to input options presented to the user, the user input data structure based on the secure keyboard resource identifying a position of the user input relative to the input options. The secure keyboard resource sends the user input data structure to one or more executable destination resources, having requested supply of the user input data structure responsive to a user selection, only via a corresponding data path providing the destination resource with access to the user input data structure, for execution of a service by the one or more executable destination resources based on the user input data structure. The secure keyboard resource thus minimizes spying by limiting access of the user input data structure to the destination resource via the data path.