Systems and methods for interoperable network token processing are provided. A network token system provides a platform that can be leveraged by external entities (e.g., third party wallets, e-commerce merchants, payment enablers/payment service providers, etc.) or internal payment processing network systems that have the need to use the tokens to facilitate payment transactions. A token registry vault can provide interfaces for various token requestors (e.g., mobile device, issuers, merchants, mobile wallet providers, etc.), merchants, acquirers, issuers, and payment processing network systems to request generation, use and management of tokens. The network token system further provides services such as card registration, token generation, token issuance, token authentication and activation, token exchange, and token life-cycle management.

A method of digital radio communication between a first device and a second device is disclosed. An advertising packet is transmitted between first and second devices, wherein the packet includes a first address and a data portion.

Additionally, an encryption key is transmitted between the devices. The first device generates a second address by encrypting an identity value derived from part of the first address using the encryption key and the data portion. The result is encrypted to generate second portion of the second address. The first device then transmits a connection request including the second address. The second device decrypts the second portion and uses the encryption key to determine correspondence with the first portion. If said correspondence is determined, the second device decrypts the first portion using at least the encryption key and compares it to an expected identity value derived from the first address.

There is disclosed an electronic voting system for tamper resistant voting. In some embodiments of a system and/or method for allows a voter to verify that his vote was recorded properly and/or allows public counting of votes by any entity. For example, the system may record information on a distributed ledger that prevents changing of votes. For example, enough data may be available to each voter to check that his vote was recorded properly and/or to substantiate and/or prove if it was not recorded properly. For example, public data may be recorded anonymously such that a third party may be able to access the number of votes, but not the identify of individual voters. Optionally, the individual voter may be supplied a way to substantiate a claim that he voted for either party of the election.

An anonymous attestation cryptographic protocol is provided for enabling a target (device 4) to attest to a predetermined property of the device without needing to reveal its identity to a verifier (8). When obtaining a credential from an issuer (6) to attest to the predetermined property, the credential is validated by an intermediary device (2) which is a separate consumer electronics device to the target device (4) itself. This allows the relatively processor-intensive calculations required for validating the credential to be performed on a separate device (2) from the device (4) for which the attestation has been made, allowing anonymous attestation protocols to be used for lower powered target devices such as sensors in the internet of things.

Disclosed herein are an apparatus and method for processing vehicle data security based on a cloud. The method may include requesting, by a vehicle, a cloud center device to register a cloud-based vehicle data security service; generating, by the cloud center device, cloud-based vehicle data security policies and a pseudonym for the vehicle; requesting, by the cloud center device, an authentication center to generate a pseudonym certificate for the pseudonym and receiving the pseudonym certificate; transmitting, by the cloud center device, the cloud-based vehicle data security policies, the pseudonym, and the pseudonym certificate to the vehicle; generating, by the vehicle, vehicle state information, including accident record information and driving entity information, based on the cloud-based vehicle data security policies and transmitting the same to the cloud center device; and storing, by the cloud center device, the accident record information and the driving entity information in a database for each vehicle.

A method for implementing blockchain-based transactions comprises: determining a transaction amount to be remitted from a blockchain account of a remitter into a blockchain account of a receiver, wherein the blockchain account of the remitter records a homomorphic encryption ciphertext of the remitter's balance, the blockchain account of the receiver records a homomorphic encryption ciphertext of the receiver's balance; generating a homomorphic encryption ciphertext of the transaction amount with respect to the remitter and a homomorphic encryption ciphertext of the transaction amount with respect to the receiver; and submitting to the blockchain a transaction for the homomorphic encryption ciphertext of the transaction amount with respect to the remitter to be subtracted from the homomorphic encryption ciphertext of the remitter's balance and for the homomorphic encryption ciphertext of the transaction amount with respect to the receiver to be added to the homomorphic encryption ciphertext of the receiver's balance.

A computer-implemented information protection method comprises: obtaining a plurality of encrypted transaction amounts associated with transactions among a plurality of accounts, wherein each of the encrypted transaction amounts is associated with one of the accounts that sends or receives one of the transaction amounts, and the encryption of each of the transaction amounts at least conceals whether the one account sends or receives the one of the transaction amounts; generating a sum proof based on the obtained encrypted transaction amounts, the sum proof at least indicating that the transaction amounts are balanced; and transmitting the encrypted transaction amounts and the sum proof to one or more nodes on a blockchain network for the nodes to verify the transactions.

A computer-implemented method according to one embodiment includes obtaining, at an untrusted environment, encrypted data from a storage location, initiating, within the untrusted environment, a performance of one or more secure computations on the encrypted data, and providing, within the untrusted environment, results of performing the one or more secure computations on the encrypted data.

Disclosed are embodiments for information barriers that are conditional on the type of information being communicated. Information barrier polices provided by the disclosed embodiments selectively allow communication between accounts or groups based on characteristics of the content of the communication. For example, communication between a marketing department and an engineering department may be conditional on the communication not including any sensitive information. The determination of whether the communication includes sensitive information is further designed to provide good performance even in environments that maintain substantial portions of data in an offsite or cloud environment, where latencies associated with searching large datastores can be prohibitive.

The invention is a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymised database (DB) from data relating to entities and originating from data sources (DS.sub.i), wherein the data are identified at the data sources (DS.sub.i) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymised database (DB) by pseudonyms (P) assigned to the respective entity identifiers (D) applying a one-to-one mapping, irrespective of the originating data source. According to the invention, one mapper (M) and one key manager (KM) are applied, and a respective pseudonym (P) is generated by the mapper (M), for each encrypted entity identifier (C.sub.i) encrypted by the data source (DS.sub.i), utilizing the mapping cryptographic key (h.sub.i) corresponding to the particular data base (DS.sub.i).