Systems and methods for tokenization to support pseudonymization are provided herein. An example method includes receiving an input set, seeding a random number generator with one or more secret data, transposing the input set using a first random number/transposition parameter generated by the random number generator to create a transposed input set, transposing a token set using a second random number/transposition parameter generated by the random number generator to create a transposed token set, and generating a token by substituting transposed input set values with transposed token set values.

Systems and methods for generating min-increment counting bloom filters to determine count and frequency of device identifiers and attributes in a networking environment are disclosed. The system can maintain a set of data records including device identifiers and attributes associated with device in a network. The system can generate a vector comprising coordinates corresponding to counter registers. The system can identify hash functions to update a counting bloom filter. The system can hash the data records to extract index values pointing to a set of counter registers. The system can increment the positions in the min-increment counting bloom filter corresponding to the minimum values of the counter registers. The system can obtain an aggregated public key comprising a public key. The system can encrypt the counter registers using the aggregated shared key to generate an encrypted vector. The system can transmit the encrypted vector to a networked worker computing device.

Methods, systems, and devices for memory operations are described. First scrambling sequences may be generated for first addresses of a memory device after an occurrence of a first event, where the first addresses may be associated with commands received at the memory device. Portions of the memory array corresponding to the first address may be accessed based on the first scrambling sequences. After an occurrence of a subsequent event, second scrambling sequences may be generated for the first addresses, where the second scrambling sequences may be different than the first set of scrambling sequences. After the occurrence of the subsequent event, the portions of the memory array may be accessed based on the second scrambling sequences.

A cipher accelerator is provided. An encryption and decryption circuit is configured to perform an encryption and decryption operation according to a control signal. The encryption and decryption operation includes a plurality of normal rounds and a plurality of redundant rounds. A controller is configured to provide a control signal to the encryption and decryption circuit according to a first variable value and a second variable value. The encryption and decryption circuit is configured to divide the normal rounds into a first normal section and a second normal section according to the first variable value, and divide the redundant rounds into a first redundant section and a second redundant section according to the second variable value. The encryption and decryption circuit is configured to perform the first normal section, the first redundant section, the second normal section, and the second redundant section sequentially.

Disclosed herein is a method and apparatus for stateful order-preserving encryption for enhancing security. The method includes generating an order-preserving ciphertext by performing order-preserving encryption on a plaintext, generating a plurality of dummy ciphertexts corresponding to a preset variable for the order-preserving ciphertext, and adding the order-preserving ciphertext and the plurality of dummy ciphertexts to a ciphertext set.

Embodiments of this specification disclose secure multi-party computation for privacy protection. In an implementation, a method includes obtaining a fragment of first gradient data and a fragment of noise data, where the first gradient data is gradient data of a loss function. Based on the fragment of first gradient data by performing secure multi-party computation with another participant, obtaining a fragment of second gradient data, where the second gradient data is gradient data obtained after the first gradient data is clipped. Based on the fragment of second gradient data and the fragment of noise data, determining a fragment of third gradient data, where the third gradient data is the second gradient data with the noise data added. A fragment of a model parameter is determined based on the fragment of third gradient data.

Systems and techniques are described herein for information protection. For example, a process may include obtaining a security information asset at a randomizing engine; performing a first randomization of the security information asset to obtain a randomized security information asset; providing the randomized security information asset to a secure storage device; obtaining the randomized security information asset from the secure storage device; performing a second randomization of the security information asset to obtain an updated randomized security information asset; and providing the updated randomized security information asset to a security component, wherein the updated randomized security information asset is used to perform a security operation.

Methods and systems described herein authenticate a user and help secure transaction. A display screen presents images that are difficult for malware to recognize but a person can recognize. In at least one embodiment, a person communicates transaction information using visual images received from the service provider system. In at least one embodiment, a user selects a sequence of visual images as a means of authenticating the user and logging into a financial account or other corporate account. In some embodiments, methods and systems are provided for determining whether to grant access, by generating and displaying visual images on a screen that the user can recognize, and select. In an embodiment, a user presses his or her finger or fingers on a display screen to select images as a method for authenticating and protecting communication from malware. In an embodiment, non-determinism in hardware helps unpredictably vary the image selected, the image location, generate noise in the image, or change the shape or texture of the image. In some embodiments, visual image authentication helps Alice and Bob detect if Eve has launched a man-in-the-middle attack on their key exchange.

Methods and systems for performing an operation on at least one homomorphically encrypted ciphertext, the method include determining, by a computing device, a value that is an initial approximation of a result of the operation on the at least one homomorphically encrypted ciphertext; and iteratively improving, by the computing device, the value using a recurrence relation wherein a number of iterations is determined based on a predetermined accuracy to minimize an approximation error.

An electronic device and method of generating a Physically Unclonable Function (PUF) value is disclosed. An OTP memory with a plurality of OTP cells that can be reliably and deterministically programmed with a minimum and a maximum program voltage being selected for pre-conditioning. All OTP cells can be programmed at least once around the minimum program voltage to hide the program status. Data to be programmed into the OTP can be a fixed, time-varying voltage or data from an entropy source. The programmed OTP data can be masked for weak bits and further randomized to generate PUF output by compressing a bit stream into a single bit, e.g., single parity bit. The PUF output can be through a hash function and/or to generate keys.