In one embodiment, a set of feature vectors can be derived from any biometric data, and then using a deep neural network (“DNN”) on those one-way homomorphic encryptions (i.e., each biometrics' feature vector) can determine matches or execute searches on encrypted data. Each biometrics' feature vector can then be stored and/or used in conjunction with respective classifications, for use in subsequent comparisons without fear of compromising the original biometric data. In various embodiments, the original biometric data is discarded responsive to generating the encrypted values. In another embodiment, the homomorphic encryption enables computations and comparisons on cypher text without decryption. This improves security over conventional approaches. Searching biometrics in the clear on any system, represents a significant security vulnerability. In various examples described herein, only the one-way encrypted biometric data is available on a given device. Various embodiments restrict execution to occur on encrypted biometrics for any matching or searching.

Some embodiments are directed to a system for selectively disclosing attributes and data entries of a record. An issuer device generates a digital signature on a message comprising the attributes and a secret record identifier, and digital signatures on messages comprising respective data entries and each comprising the secret record identifier. The record, secret record identifier, and signatures are provided to a selector device. The selector device selectively discloses attributes and data entries of the record to a receiver device, proving authenticity by means of a zero-knowledge proof of knowledge of the signature on the attributes and signatures on respective data entries. The receiver device verifies the proof with respect to the public key of the issuer and the received attributes and data entries.

Some embodiments enable distributing data (e.g., recorded video, photographs, recorded audio, etc.) to a plurality of users in a manner which preserves the privacy of the respective users. Some embodiments leverage homomorphic encryption and proxy re-encryption techniques to manipulate the respective data so that selected portions of it are revealed according to an identity of the user currently accessing the respective data.

Exemplary embodiments relate to techniques for anonymizing information in an end-to-end (E2E) encrypted environment; the information may include, for example, statistical data about unique page/message views, view counts, view time, what users selected on the message or page, etc. Exemplary embodiments may prevent an E2E system server from being able to identify which user is associated with which record. Various examples are described, including an embodiment in which an originating client generates the data, encrypts it, and sends it to a random contact. The contact decrypts the data, re-encrypts it, and sends it to another random contact. The procedure continues for a set amount of time or for a set number of hops. Other embodiments relate to wrapping the data in various layers of encryption and sending the data to clients in a chain. The encrypted layers prevent clients along the chain from being able to view the anonymized data.

A member of a group in a blockchain network may generate a public key and a private key, request a blockchain network group certificate, associated with the private key, from a blockchain network certificate authority, and distribute a private key to members of the group.

Methods are provided for minting and distributing quantities of cryptographically generated data based on the quality of received biological datasets. Computer readable media, computing apparatuses, and systems are also provided.

A network terminal, e.g., LTE or 5G, can connect to a home network via a serving network. The terminal can have a terminal identifier (TID), such as an IMEI or other PEI, and a network subscriber can have a subscriber identifier (SID), such as an IMSI or other SUPI. In some nonlimiting examples, a network node can determine that a SID and a TID are authorized for joint use and, in response, transmit authorization information. In some nonlimiting examples, a network node can receive an attach request having verification data and encrypted identification data. The network node can receive decrypted identity data and determine that the identity data corresponds with the verification data. In some nonlimiting examples, the terminal can send an attach request comprising encrypted SID and TID data, and a cryptographic hash, to a network node.

Among other things, we describe systems and method for implementing data security in an autonomous vehicle system. The systems and methods can include inter-process communication security via key management, in which asymmetric cryptography and other validation techniques are used to validate data received from sensors. The systems and method can also include penetrative testing, in which valid sensor inputs are modified and transmitted throughout a distributed network through one or more sensors.

The invention is a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymised database (DB) from data relating to entities and originating from data sources (DS.sub.i), wherein the data are identified at the data sources (DS.sub.i) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymised database (DB) by pseudonyms (P) assigned to the respective entity identifiers (D) applying a one-to-one mapping, irrespective of the originating data source. According to the invention, more than one mapper (M.sub.j) is applied, and a respective pseudonym (P) is generated by sequentially performing, in a permutation of the mappers (M.sub.j), a number k of mappings utilizing the mapping cryptographic keys (h.sub.ij) of the mappers (M.sub.j) belonging to the particular data source (DS.sub.i) on each encrypted entity identifier (C.sub.i0) encrypted by the data source (DS.sub.i).

The invention is a cryptographic pseudonym mapping method for an anonymous data sharing system, the method being adapted for generating a pseudonymised database (DB) from data relating to entities and originating from data sources (DS.sub.i), wherein the data are identified at the data sources (DS.sub.i) by entity identifiers (D) of the respective entities, and wherein the data are identified in the pseudonymised database (DB) by pseudonyms (P) assigned to the respective entity identifiers (D) applying a one-to-one mapping, irrespective of the originating data source. According to the invention, one mapper (M) and one key manager (KM) are applied, and a respective pseudonym (P) is generated by the mapper (M), for each encrypted entity identifier (C.sub.i) encrypted by the data source (DS.sub.i), utilizing the mapping cryptographic key (h.sub.i) corresponding to the particular data base (DS.sub.i).