An electronic circuit with protection against eavesdropping by power analysis is provided. The electronic circuit includes: a storage element for storing a set of bits; a logic unit for processing the stored set of bits and providing a next state set of bits after two or more cycles, wherein in a first cycle, some of the stored set of bits are provided to the logic unit correctly and some are replaced by random values and in a last cycle, all of the stored set of bits are provided to the logic unit correctly; and a random bit generator that generates a random bit for each bit of the stored set of bits to determine which bits of the stored set of bits are to be provided correctly and which bits are to be replaced in each cycle.

Systems and methods for privacy-preserving data loss detection include performing a sweep of online information for a candidate data leakage to generate an online data set; performing an analysis of the online data set to determine that the online information is a candidate data leakage; the host encrypting the data communication and providing the host-encrypted data communication to a software agent at the enterprise; in response to receiving the host-encrypted data communication, the software agent encrypting a database of enterprise information and re-encrypting the host-encrypted data communication, and providing the same to the host; the host decrypting a host-encrypted aspect of the re-encrypted data communication to generate a software agent-encrypted data communication; determining whether a match exists between the encrypted database of information and the software agent-encrypted data communication; and based on whether the match exists, the software agent taking a first action or the host taking a second action.

In one exemplary embodiment of the invention, a method and computer program include: receiving first and second ciphertexts having first and second data encrypted per an encryption scheme, the encryption scheme has public/secret keys and encryption, decryption, operation and refresh functions, the encryption function encrypts data, the decryption decrypts ciphertext, the operation receives ciphertexts and performs operation(s) on them, the refresh operates to prevent growth of the magnitude of noise for a ciphertext while reducing the modulus of the ciphertext without using the secret key, utilizing a modulus switching technique that involves transforming a first ciphertext c modulo q into a second ciphertext c modulo p while preserving correctness, the technique includes scaling by p/q and rounding, p<q; using the operation function(s), performing operation(s) on them to obtain a third ciphertext; and reducing a noise level of the third ciphertext using the refresh function.

Systems and methods for sharing data between a first node and second node are disclosed. The methods may include sharing a first initialization vector between a first node and a second node using a multi-stage cryptography protocol. A first bit stream of first information may be passed from the first node to the second node using a single-stage cryptography protocol that encodes a message with the first initialization vector.

Disclosed is an apparatus and method for encrypting plaintext data. The method includes: receiving at least one plaintext data input; applying a Nonce through a function to the at least one plaintext data input to create Nonced plaintext data outputs and/or to intermediate values of a portion of an encryption function applied to the at least one plaintext data input to create intermediate Nonced data outputs; and applying the encryption function to at least one of the Nonced plaintext data outputs and/or the intermediate Nonced data outputs to create encrypted output data. The encrypted output data is then transmitted to memory.

Method for repeatable creation of random file enables to create and recreate random files at different places, different times and on different devices. Random files are based on aliases, which can contain any text, including specific information, such as serial number, start date, expiry date, etc. Random files can be used for generations of strong and unique passwords. The strength of the password doesn't depend on alias, so any alias will result in equally strong and unique password.

Browser, using the method, would be able to register the user to any resource, by generating a password, using resource's URL as alias, and afterwards automatically log user in using same URL for generating the password again.

Users can communicate securely by sending alias in plaintext together with ciphertext encrypted with password.

IoT devices can establish master, slave, partner, alien relationship and communicate securely without human introduction.

The subject of the invention is a countermeasure method for an electronic component implementing a public-key cryptography algorithm on an elliptic curve E defined over a field and comprising an iterative scalar multiplication operation making it possible to obtain a point [k]P on the basis of a point P of the curve E and of an integer k that must remain secret, the electrical consumption of the electronic component being dependent on the value taken by at least one so-called critical point used during said operation to iteratively determine the point [k]P. The method comprises: a step (500) of providing at least one power of a predefined non-zero constant element c of different from one; a step (501) of initializing the coordinates of the at least one critical point to a predefined value; a step (502) implementing the scalar multiplication operation, the coordinates associated with at least one critical point being modified at each iteration by multiplying at least one of the coordinates of this point by the at least one power of the element c obtained in the providing step (500).

A respective obfuscated performance metric can be received from each of a plurality of client devices. The respective obfuscated performance metrics can be aggregated and an average of the aggregated obfuscated performance metrics can be determined. The average of the obfuscated performance metrics can be communicated to at least a first of the plurality of client devices as representing an average of actual performance metrics.

A method of securely storing data including: providing, within a secure data storage system, a plurality of secret sharing methods for selection and identifying a striping policy for storage of the data, in accordance with input preferences. The data can be split into N secret shares according to a secret sharing method, the selection being determined by the striping policy, wherein a threshold number, T, of such shares is sufficient to recover the data, where T is less than N, generating metadata associated with the data, the metadata identifying the selected secret sharing method and storing the metadata within the secure data storage system and writing the secret shares to storage that includes storage outside the secure data storage system, such that, when at least T shares are retrieved, the metadata can be recalled to identify the selected secret sharing method for recovery of the data.

A method to protect computational, in particular cryptographic, devices having multi-core processors from DPA and DFA attacks is disclosed herein. The method implies: Defining a library of execution units functionally grouped into business function related units, security function related units and scheduler function related units; Designating at random one among the plurality of processing cores on the computational device to as a master core for execution of the scheduler function related execution units; and Causing, under control of the scheduler, execution of the library of execution units, so as to result in a randomized execution flow capable of resisting security threats initiated on the computational device.