Disclosed herein are system, method, and computer program product embodiments for a secured cloud storage system. An embodiment operates by receiving a compressed file comprising data that has been compressed using a compression algorithm. The compressed data is divided into a plurality of separate files. A password for each of the separate files is determined. Each of the separate files is encrypted with its corresponding password. The encrypted files are stored across a plurality of servers.

A computer processing system and method for reducing memory footprint that includes initiating, through at least one computer processor, a cryptography session utilizing an -degree isogeny arithmetic computation having chained computations therein. The cryptography session includes implementing a first iteration cycle, of a plurality of iteration cycles, and a implementing a remaining amount of the plurality of iteration cycles, each of the plurality iteration cycles computing isogenies using a compressed Z value to complete the -degree isogeny arithmetic computation. The first iteration cycle includes individually computing a plurality of sequentially occurring pivot points within the chained computations, implementing a Co-Z algorithm within the plurality of sequentially occurring pivot points to compute and store the compressed Z value on one of the plurality of temporary registers and computing a first isogeny of the -degree isogeny arithmetic computations using the compressed Z value.

The present invention provides a method of integrating existing strong encryption methods into the processing of a .ZIP file to provide a highly secure data container which provides flexibility in the use of symmetric and asymmetric encryption technology. The present invention adapts the well-established .ZIP file format to support higher levels of security and multiple methods of data encryption and key management, thereby producing a highly secure and flexible digital container for electronically storing and transferring confidential data.

Systems and methods for end-to-end encryption and dynamic resizing and encoding into grouped byte channels are described herein. A query is homomorphically encrypted at a client using dynamic channel techniques. The encrypted query is sent without a private key to a server for evaluation over target data to generate encrypted response without decrypting the encrypted query. The result elements of the encrypted response are grouped, co-located, and dynamically resized and encoded into grouped byte channels using the dynamic channel techniques, without decrypting the encrypted query or the encrypted response. The encrypted response is sent to the client where the client uses the private key and channel extraction techniques associated with the dynamic channel techniques to decrypt and perform channel extraction on the encrypted response to obtain the results of the query without revealing the query or results to a target data owner, an observer, or an attacker.

The systems and methods of aggregate signing of digital signatures on multiple messages simultaneously, comprising: receiving two or more digital messages wherein each message is signed using two or more digitally split keys from a private key and the two or more digital signatures of the message using the split key are combined to get a compressed short signature; receiving the compressed short signature for each message; receiving a public key associated with the private key for each message; aggregate signing the messages to output an aggregate signature. The aggregate signature can be further verified against any or all of the messages.

The basic idea of this invention is to send one or more cubesats into orbit, each equipped with a hardware security module. Users would send their transaction to the cubesats which would collect them into blocks, sign them, and send (bounce) them back to earth (and to one another). Bounce Blockchain provides scalability through sharding (transactions will be partitioned over cubesats). Because modern hardware security modules are tamper-resistant (become inoperable if tampered with) or tamper-responsive (erase their keys if tampered with), take their keys from physical processes, and have been validated, socio-technical protocols can ensure that it is infeasible to forge the identity of a hardware security module in a cubesat with another cubesat. If, however, some cubesats are destroyed, the blockchain will continue to execute correctly though some transactions will be lost. New cubesats can be sent up in short order as they are quite cheap to launch. If, in spite of these assurances, some cubesats fail traitorously, the blockchain can survive through algorithms similar to Practical Byzantine Fault Tolerance techniques.

A method includes: obtaining, by a server storing data in a blockchain ledger, compression point information of the blockchain ledger, in which the compression point information includes identification information of a specified data block, a server digital signature, and a user digital signature, in which the compression point information indicates that a specified portion of the blockchain ledger has passed an integrity verification, and in which the specified portion of the blockchain ledger includes data blocks in the blockchain ledger previous to the specified data block in the blockchain ledger; and compressing data of the specified portion of the blockchain ledger.

Systems and methods for efficient fixed-base multi-precision exponentiation are disclosed herein. An example method includes applying a multi-precision exponentiation algorithm to a base number, the multi-precision exponentiation algorithm comprises a pre-generated lookup table used to perform calculations on the base number, the pre-generated lookup table comprising pre-calculated exponentiated values of the base number.

A computer-implemented method for performing authentication includes: determining, by a database server storing data in a blockchain ledger, a target ledger segment on which time service authentication is to be performed; generating a Merkle tree corresponding to the target ledger segment; determining a root hash of the Merkle tree, the root hash of the Merkle tree being based on a block hash of each data block in a set of one or more data blocks; executing a predetermined time capture process in a trusted execution environment to obtain a trusted time from an interface provided by a trusted time service organization; generating a digital signature for the trusted time and the root hash in the trusted execution environment; and generating a time service certificate including the trusted time, the root hash, and the digital signature.

Example embodiments relate to combining hashes of data blocks. The examples disclosed herein calculate a hash value for each data block in a sequence of data blocks. The hash values are combined into a combined value, where the combined value has the same sequence as the sequence of data blocks. A master hash value is then calculated for the combined value.