Systems and methods are described for encrypting amounts and asset types of a verifiable transaction on a blockchain ledger. For each asset, an asset tag is blinded, multiplied by the amount of the asset, and the product is blinded again to create an encrypted amount of the asset. Both encrypted amount of the asset and a corresponding generated output value are within a value range, and the sum of the encrypted input value and the encrypted output value equals zero. Rangeproofs for each of the encrypted output values are associated with a different public key. Each public key is signed with a ring signature based on a public key of a recipient. A second ring signature is used to verify each asset tag, where the private key of the second ring signature for each asset is a difference between a first blinding value and an output coefficient.

Methods, systems, and techniques for private identity verification involve obtaining a cryptographically secure commitment that is generated using a first user identifier and a private user identifier associated with the first user identifier; receiving, from an identity verification system, initial zero knowledge proof messages comprising the commitment; sending, to the identity verification system, a set of cryptographically secure known identifier commitments generated using a set of private user identifiers; receiving, from the identity verification system: (i) a zero knowledge proof response generated using the zero knowledge proof challenge; and (ii) proof that the private user identifier used in the initial zero knowledge proof messages comprises part of the set of private user identifiers; and verifying that the private user identifier used in the initial zero knowledge proof messages comprises part of the set of private user identifiers.

A method and apparatus for the creation of simulated records from a small sample data set with configurable levels of variability, the creation of simulated data from an encrypted token that uniquely identifies an individual, and the creation of simulated values using as the basis retained data (birth years, 3-digit zip areas, gender, etc.) from the de-identification process.

A method for ensuring precedence for the processing of a blockchain transaction to prevent loss of cryptographic currency includes receiving a new blockchain transaction by a blockchain node in a blockchain network, confirming the new blockchain transaction including identifying a precedence transaction that was previously conducted and stored in the blockchain that involves both blockchain wallets included in the new blockchain transaction, including the new blockchain transaction in a new block that is generated, and distributing the new block to additional nodes in the blockchain network for confirmation and addition to the blockchain.

Electronic voting including a registration authority server, an election authority server, and a voter-host computer connected to an electronic identity card associated with a voter casting a vote. The registration authority server computer and the secure electronic identity card establish a first cross-domain unlinkable pseudonym for the secure electronic identification token, the first cross-domain unlinkable pseudonym being unique to the electronic identity card and the registration authority. The registration authority writes a vote-eligibility attribute on the electronic identity card. The election authority server computer retrieves a second cross-domain unlinkable pseudonym and the vote-eligibility attribute from the electronic identity card, the second cross-domain unlinkable pseudonym being associated with the election authority, and writes an attribute on the electronic identity card indicative of receipt of a vote cast by the voter.

A method for anonymously identifying a security module by a server. The method includes: receiving, from the module, a request for the address of a server managing subscription data of an operator, the request including a current identification value of the module, which depends on an identifier of the module and a current date; searching for the current identification value in at least one set of identification values, the set being associated with an operator and including, for a given module, a plurality of identification values, which are calculated depending on the identifier of the module and a date, the date varying for the plurality of identification values of the set between a start date and an end date; and sending, to the security module, the address of the server managing subscription data associated with the operator when the current identification value appears in the set of identification values.

A node includes processing circuitry configured to encrypt first network data including a first tenant identifier using a first cryptographic key to generate first encrypted data and anonymize the first encrypted data to generate anonymized data where the anonymizing of the first encrypted data includes segmenting the first encrypted data and the anonymizing of the first encrypted data preserving relationships among the first network data associated with the first tenant identifier, encrypt the anonymized data using a second cryptographic key to generate encrypted anonymized data, transmit the encrypted anonymized data, at least one analysis parameter, at least one security policy and instructions to analyze the encrypted anonymized data using the at least one analysis parameter, the at least one security policy and the second cryptographic key, receive analysis data resulting from the analysis of the encrypted anonymized data, and determine verification results from the received analysis data.

According to an example aspect of the present invention, there is provided a method, comprising: defining a delivery identifier for delivery of goods from a sender to a receiver, defining a relay for the delivery of goods, selecting one or more sender couriers to send the goods to the relay and/or selecting one or more receiver couriers to receive the goods from the relay, generating for the goods delivery a smart contract comprising cryptographic tokens for confirming delivery, wherein the smart contract is a computerized transaction protocol and is configured to validate delivery of the goods on the basis of tokens from the couriers, providing the smart contract for the goods delivery to the distributed network, and providing the cryptographic tokens, the delivery identifier and an identifier of the relay to the selected one or more couriers.

The present disclosure relates to a trustworthy data exchange. Embodiments include receiving, from a device, a query, wherein the query comprises a question. Embodiments include identifying particular information related to the query. Embodiments include receiving credentials from a user for retrieving the particular information related to the query. Embodiments include retrieving, using the credentials, the particular information related to the query from one or more data repositories that are part of a distributed database comprising an immutable data store that maintains a verifiable history of changes to information stored in the distributed database. Embodiments include determining, based on the particular information related to the query, an answer to the query. Embodiments include providing the answer to the device.

An authentication technique is disclosed that uses a distributed secure listing of transactions that includes encrypted data that can be used to authenticate a principal to a verifier.