Methods and devices are provided for use in carrying out a transaction between a transaction device and a point of interaction. In connection therewith, a device for interacting with a point of interaction to carry out a transaction by a consumer includes a processor comprising a payment application and a system environment module, where the system environment module is configured to determine whether the payment application is eligible for a transaction. The device also includes an input in communication with the processor and configured to receive transaction data from a point of interaction in connection with the transaction, and an output in communication with the processor and configured to transmit transaction data to the point of interaction in connection with the transaction when the system environment module determines that the payment application is eligible for the transaction.

A method is provided for obfuscating program code to prevent unauthorized users from accessing video. The method includes receiving an original program code that provides functionality. The original program code is transformed into obfuscated program code defining a randomized branch encoded version of the original program code. The obfuscated program code is then stored, and a processor receiving input video data flow uses the obfuscated program code to generate an output data flow.

Provided is a method for generating a digital signature of an input message (M) based on a secret key (d.sub.A) of a client device having access to a first set and a second set of precomputed data stored in a storage unit. The first set of precomputed data comprises private element parts (k.sub.i) protected with an homomorphic encryption. The second set of precomputed data comprises public element parts (Q.sub.i) paired with the private element parts of the first set. Each private element part is a discrete logarithm of the public element part paired therewith. The private element (k), can be homomorphically encrypted, by combining homomorphically encrypted private element parts selected in the first set (k.sub.i). The selection of the public and private element parts depends on the input message. Other embodiments are disclosed.

Provided in the embodiments of the present application are a dynamic white box-based data processing method, apparatus, and device, the method comprising: using a pre-generated key obfuscation mapping relationship set to perform obfuscation processing on an original key to obtain a redundant key; and inputting the redundant key and to-be-processed data into a white box algorithm library to implement encryption and decryption processing; thus, in the technical solution provided in the embodiments of the present application, different redundant keys can be inputted into the white box algorithm library, so that there is no need to change the white box algorithm library and the key together, increasing the flexibility of the solution.

Methods and systems disclosed herein describe obfuscating plaintext cryptographic material stored in memory. A random location in an obfuscation buffer may be selected for each byte of the plaintext cryptographic material. The location of each byte of the plaintext cryptographic material may be stored in a position tracking buffer. To recover the scrambled plaintext cryptographic material, the location of each byte of the plaintext cryptographic material may be read from the position tracking buffer. Each byte of the plaintext cryptographic material may then be read from the obfuscation buffer and written to a temporary buffer. When each byte of the plaintext cryptographic material is recovered, the plaintext cryptographic material may be used to perform one or more cryptographic operations. The scrambling techniques described herein reduce the likelihood of a malicious user recovering plaintext cryptographic material while stored in memory.

An authentication request message is sent from a first computing device to a second computing device, wherein the first computing device and the second computing device communicate via a machine-to-machine communication protocol, and wherein the authentication request comprises a token issued by the second computing device and stored in a key obfuscation block of the first computing device. A challenge message is received at the first computing device from the second computing device. In response to the challenge message, a session key is computed at the key obfuscation block of the first computing device, wherein the session key is computed based on a secret shared between the first computing device and the second computing device. Upon generating the session key, the first computing device extracts a value from the challenge message and generates an authentication delegate based on the extracted value. The authentication delegate is sent from the first computing device to a third computing device for verification to allow the first computing device access to the third computing device.

A computer implemented method of access control for a restricted resource of a resource provider in a network connected computer system, wherein a blockchain data structure accessible via the network stores digitally signed records validated by network connected miner software components, the method including: identifying an access control role definition for access to the resource, the role including a specification of access permissions; defining a cryptocurrency for indicating authorization to access the resource, the cryptocurrency being formed of tradeable units of value associated with records in the blockchain and wherein transfer of the cryptocurrency between records in the blockchain is validated by the miners; receiving a request from an authenticated resource consumer for authorization to access the resource; and submitting a blockchain transaction to the miner components to transfer a quantity of cryptocurrency to a consumer record in the blockchain, the transaction including an identification of the role, such that the consumer record identifies that the consumer is authorized to access the resource in accordance with the role definition.

A method, system and/or computer usable program product for managing user access to restricted data including authenticating a set of users requesting attendance to a teleconference; obtaining content access rights associated with each of the authenticated users; converting and reviewing content of the teleconference in real-time to identify restricted data in the teleconference content; determining whether each of the authenticated users has content access rights to identified restricted data; upon determining at least one authenticated user does not have content access rights to the identified restricted data, redacting the identified restricted data in real-time from the teleconference content to generate a redacted teleconference content; and providing the teleconference content in real-time to each authenticated user with content access rights to the identified restricted data, and providing the redacted teleconference content in real-time to each authenticated user without content access rights to the identified restricted data.

A cryptographic data processing method for implementing a cryptographic function, implemented within an electronic data processing device including a processor, a memory and a set of cryptographic processing modules, the method including the following steps implemented by a current cryptographic processing module of the set: receiving incoming data; determining a decryption key to be applied to the incoming data according to a master key and a position of the current cryptographic processing module; decrypting the incoming data, with the key, delivering unencrypted incoming data; implementing at least one cryptographic operation on the unencrypted incoming data, delivering unencrypted outgoing data; optionally, determining a subsequent cryptographic processing module to be executed on the unencrypted outgoing data; obtaining an encryption key for the unencrypted outgoing data; encrypting the unencrypted outgoing data with the previously determined encryption key for the outgoing data, delivering the encrypted outgoing data, which may be intermediate data.

Securely re-encrypting homomorphically encrypted data by receiving fully homomorphically encrypted (FHE) information from a client device, training a machine learning model using the FHE information, yielding FHE ciphertexts, applying a first transform to the FHE ciphertexts, yielding obfuscated FHE ciphertexts, sending the obfuscated FHE ciphertexts to a secure device, receiving a re-encrypted version of the obfuscated FHE ciphertexts from the secure device, applying a second transform to the re-encrypted version of the obfuscated FHE ciphertexts yielding de-obfuscated re-encrypted FHE ciphertexts, determining FHE ML model parameters according to the de-obfuscated re-encrypted ciphertexts, and sending the FHE ML model parameters to the client device.