Method and System for enhanced privacy in privacy-preserving identity solutions. The technology provides for a redirect of a request to generate a proof of an attribute from a service provider to a separator. The separator removes source identification from the attribute-proof request and redirects the attribute-proof request, free of original source identification, to a credential issuer which issues the credential. A security device of the user generates a presentation token from the privacy-preserving credential and presents the presentation token to the service provider as proof of the attribute. Other systems and methods are disclosed.

A method for automatically converting electronic data is disclosed. The method comprises scanning a source data table containing data fields; determining a feature for each of the data fields of the source data table; comparing the feature for each of the data fields with a feature rule for identifying user-identity-containing data fields in the source data table; identifying a first data field of the source data table as containing user identity when the feature of the first data field matches the feature rule; identifying a second data field of the source data table as containing no user identity when the feature of the second data field fails to match the feature rule; converting the source data table by replacing data items of the first data field in the source data table identified as containing user identity with corresponding third-party user accounts, and keeping the second data field in the source data table identified as not containing user identity unaltered; and storing the converted data table in a storage medium.

The invention is a data management method for an anonymous data sharing system, comprising the steps of receiving a data supply from a data source (10), the data supply comprising an anonymous data source identifier, an entity identifier encrypted with the private encryption key of the data source (10), and data associated with the entity. The method further comprises mapping the encrypted entity identifier to a common anonymous entity identifier by applying a classifier key associated with the data source identifier in such a manner that for every entity identifier the following applies: by encrypting said entity identifier with the private encryption key of any data source (10) and by mapping it using the classifier key associated with the identifier of the data source, the same common anonymous entity identifier is obtained, wherein the data associated with the entity are stored in a database (12) in a manner that said data are assigned to the common anonymous identifier. The invention also relates to a registration method, to a data manager, and to an anonymous data sharing system comprising same.

In some implementations, a device may provide a data structure storing first data, wherein the first data indirectly identifies second data, and wherein the second data identifies a particular individual. The device may obtain, from the data structure, the first data. The device may generate a cryptographically random value using a secure generator. The device may combine the first data and the cryptographically random value to generate hashing input data. The device may perform, using a hashing algorithm, a hashing operation on the hashing input data to generate de-identified first data, wherein re-identification of the de-identified first data requires knowledge of at least the first data, the cryptographically random value, and the de-identified first data. The device may perform an action using the de-identified first data.

A voting system comprises at least one voting machine comprising: at least one voting machine processor performing voting machine operations comprising initializing a vote blockchain with a vote blockchain genesis block, the vote blockchain genesis block comprising a voting machine identifier and a genesis block hash value; creating a data structure comprising a plurality of votes and a hash value of a preceding block; determining a new block hash value of the data structure; appending a new block comprising the data structure and the new block hash value to the vote blockchain; and storing the vote blockchain in the at least one voting machine memory.

A network terminal, e.g., LTE or 5G, can connect to a home network via a serving network. The terminal can have a terminal identifier (TID), such as an IMEI or other PEI, and a network subscriber can have a subscriber identifier (SID), such as an IMSI or other SUPI. In some nonlimiting examples, a network node can determine that a SID and a TID are authorized for joint use and, in response, transmit authorization information. In some nonlimiting examples, a network node can receive an attach request having verification data and encrypted identification data. The network node can receive decrypted identity data and determine that the identity data corresponds with the verification data. In some nonlimiting examples, the terminal can send an attach request comprising encrypted SID and TID data, and a cryptographic hash, to a network node.

In one embodiment, a set of feature vectors can be derived from any biometric data, and then using a deep neural network (“DNN”) on those one-way homomorphic encryptions (i.e., each biometrics' feature vector) an authentication system can determine matches or execute searches on encrypted data. Each biometrics' feature vector can then be stored and/or used in conjunction with respective classifications, for use in subsequent comparisons without fear of compromising the original biometric data. In various embodiments, the original biometric data is discarded responsive to generating the encrypted values. In another embodiment, the homomorphic encryption enables computations and comparisons on cypher text without decryption of the encrypted feature vectors. Security of such privacy enable biometrics can be increased by implementing an assurance factor (e.g., liveness) to establish a submitted biometric has not been spoofed or faked.

Exemplary embodiments relate to techniques for anonymizing information in an end-to-end (E2E) encrypted environment; the information may include, for example, statistical data about unique page/message views, view counts, view time, what users selected on the message or page, etc. Exemplary embodiments may prevent an E2E system server from being able to identify which user is associated with which record. Various examples are described, including an embodiment in which an originating client generates the data, encrypts it, and sends it to a random contact. The contact decrypts the data, re-encyrpts it, and sends it to another random contact. The procedure continues for a set amount of time or for a set number of hops. Other embodiments relate to wrapping the data in various layers of encryption and sending the data to clients in a chain. The encrypted layers prevent clients along the chain from being able to view the anonymized data.

A computer-implemented method is for providing processed data. In an embodiment, the method includes receiving, by a first encryption entity, first plaintext data including a matrix of numbers; determining, by the first encryption entity, an encryption key including an integer matrix; homomorphically encrypting, by the first encryption entity, the first plaintext data based on a matrix multiplication of the first plaintext data and the encryption key, to generate first encrypted data; sending, by the first encryption entity, the first encrypted data to a processing entity; receiving, by a decryption entity, encrypted processed data from the processing entity, the encrypted processed data being based on the first encrypted data; decrypting, by the decryption entity, the encrypted processed data based on a matrix multiplication of the processed data and an inverse of the encryption key, to generate processed data; and providing, by the decryption entity, the processed data.

Systems and applications are described that use group signature technology to allow for anonymous and/or semi-anonymous feedback while allowing for the application of rules and parameters. The use of group signature technology may serve to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback. Feedback may range from constructive feedback all the way to the ‘whistleblower’ variety. It may be desirable to identify the individuals as belonging to a particular group or having a particular status or position while maintaining the anonymity of the individuals within the particular group.