Various embodiments relate to a data processing system comprising instructions embodied in a non-transitory computer readable medium, the instructions for an elliptic curve cryptography authentication method based on an elliptic curve in a processor, the instructions, comprising: generating, by a verifier, a random challenge r; multiplying, by the verifier, the random challenge r by a basepoint G to produce R; sending an x coordinate of R to a prover; receiving an x-coordinate of a first point P.sub.1 and a second point P.sub.2 from the prover, wherein P.sub.1 is based on a random share q.sub.1 of the private key q of the prover and R, and wherein P.sub.2 is based on a random share q.sub.2 of the private key q and R; where q=q.sub.1q.sub.2; finding a point P.sub.1 on the elliptic curve having an x-coordinate of the first point P.sub.1; finding a point P.sub.2 on the elliptic curve having an x-coordinate of the second point P.sub.2; and authenticating the prover when an x-coordinate of one of (P.sub.1+P.sub.2) and (P.sub.1P.sub.2) matches an x-coordinate of r.Math.Q, wherein Q is a public key of the prover.

Systems and methods for tokenization to support pseudonymization are provided herein. An example method includes receiving an input set, seeding a random number generator with one or more secret data, transposing the input set using a first random number/transposition parameter generated by the random number generator to create a transposed input set, transposing a token set using a second random number/transposition parameter generated by the random number generator to create a transposed token set, and generating a token by substituting transposed input set values with transposed token set values.

The invention is a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating pseudonymised data from entity data originating from data sources (DS.sub.i), wherein the data are identified at the data sources (DS.sub.i) by entity identifiers (D) of the respective entities, and wherein the pseudonymised data are identified by pseudonyms assigned to the respective entity identifiers (D) applying a one-to-one mapping. Furthermore, the invention is a computer system implementing the method, and a computer program and a computer-readable medium.

Systems and methods of generating a security key for an integrated circuit device include generating a plurality of key bits with a physically unclonable function (PUF) device. The PUF can include a random number generator that can create random bits. The random bits may be stored in a nonvolatile memory. The number of random bits stored in the nonvolatile memory allows for a plurality of challenge and response interactions to obtain a plurality of security keys from the PUF.

An interference signal may be used to add a layer of security to a wireless communication. The interference signal may comprise media content, such as video, audio, text, or other content available to a user device via a media service. The wireless communication may be used to transmit a data signal, which may include sensitive data. The interference signal may be filtered to process the data signal.

An example method includes receiving metadata associated with a plurality of computing devices. Each metadata includes an indication of a cryptographic fingerprint of secret data known to an associated computing device. The method includes receiving, over a short-range wireless communication mode, a ciphertext message broadcast by another computing device. The message is generated by an encryption algorithm that has the secure pseudo-random permutation (PRP) property and that conforms the message to a constrained packet size associated with the communication mode. A cryptographic fingerprint is derivable from the message. The method includes generating the cryptographic fingerprint. The method includes comparing the generated fingerprint with fingerprints associated with previously received metadata. The method includes, upon a determination that the generated fingerprint matches a fingerprint associated with one of the previously received metadata, establishing an integrity of the message. Establishing of the integrity is based on the PRP property of the encryption algorithm.

This disclosure provides techniques for permuting the performance of associative functions by circuitry of a digital device or processor in a manner that disrupts the effectiveness of side channel attacks. In specific embodiments, associative functions performed by math processing circuitry in such a device are permuted so as to mask/obfuscate a power signature and/or other externally-observable effects while providing an invariant result as an output. In still more detailed embodiments, a variable radix processor is used to provide conversion of an input operand to a permutation of associative functions. The radix can be varied across different products and/or can be dynamically varied during operation of a device, e.g., based on seeds from a random number generator. In still more detailed embodiments, conventional double-and-add or square-and-multiply execution units can be variably scripted to mask power signature and/or other patterns.

Disclosed is a security device which includes a memory and a processor connected with the memory to execute at least one instruction. The processor is configured to execute the at least one instruction to cause the security device to generate a plurality of pieces of combination data by combing input data and a plurality of masks, each of which is uniquely assigned to one of a plurality of sub-bloom filters, obtaining a plurality of hash values, based on inputting the plurality of pieces of combination data into one hash function common to the plurality of sub-bloom filters, and determining whether the input data is duplicated based on the plurality of hash values.

A method for obfuscating data at-transit can include receiving, at a first component on a chip, an instruction request for communicating a first data to a second component on the chip. The first component can be a processor and the second component can be an associated memory. The method can further include, determining a sequence of data arranged to obfuscate the first data while including valid bits of the first data, wherein the sequence of data indicates what is to be conveyed across lines on the chip during each time slot over a window of time controlled by a clock signal on the chip; and providing, over the window of time, the first data to the second component across the lines on the chip according to the sequence of data.

A method of operating a quantum key distribution (QKD) system including using a quantum random number generator (QRNG) to generate a random number string (RNS), and storing the RNS; providing the RNS to a first cryptographically secure pseudo-random number generator (CSPRNG) which uses random numbers of the RNS as seeds to generate respective first strings of pseudo-random numbers; using the first strings of pseudo-random numbers to encode photons or pulses transmitted by a transmitter of the QKD system; after a predetermined delay, providing the stored RNS to a second CSPRNG which uses random numbers of the RNS as seeds to generate respective second strings of pseudo-random numbers, the second CSPRNG identically configured to the first CSPRNG; using the second strings of pseudo-random numbers, together with information regarding encoded photons or pulses received by a receiver of the QKD system, to agree secure keys between the transmitter and the receiver.