Cryptographic authentication is described to improve security in connected vehicle systems and other applications. Identity Based Cryptography and threshold cryptography are among techniques used in some embodiments.

One or more embodiments described herein disclose methods and systems that are directed at providing enhanced privacy, efficiency and security to distributed ledger-based networks (DLNs) via the implementation of zero-knowledge proofs (ZKPs) in the DLNs. ZKPs allow participants of DLNs to make statements on the DLNs about some private information and to prove the truth of the information without having to necessarily reveal the private information publicly. As such, the disclosed methods and systems directed at the ZKP-enabled DLNs provide privacy and efficiency to participants of the DLNs while still allowing the DLNs to remain as consensus-based networks.

Provided is a system, method, and computer program product for anonymizing a plurality of transactions. The method includes receiving a plurality of transaction requests from a plurality of account holders, each transaction request comprising a payee identifier and a payer identifier, generating a plurality of anonymous authorization requests corresponding to the plurality of transaction requests, communicating the plurality of anonymous authorization requests to at least one issuer system or a transaction processing system, receiving a plurality of authorization responses corresponding to the plurality of anonymous authorization requests, determining that a first plurality of transaction requests of the plurality of transaction requests satisfies a threshold, generating a plurality of anonymous payment tokens, each anonymous payment token corresponding to an authorized transaction request of the first plurality of transaction requests, and allocating each anonymous payment token to a corresponding payee identifier.

Systems and methods for providing services are disclosed. One aspect comprises authenticating a user associated with a first service, receiving a selection of a second service, generating an opaque identifier associated with the user and the first service, wherein the opaque identifier facilitates the anonymous collection of data relating to the second service. Another aspect can comprise transmitting the opaque identifier to the second service, and receiving data relating to the second service.

A universal opt-in/opt-out client allows a user to connect to the APIs for various different sites which have the user's data. The universal client orchestrates opting out on any of the site lists provided by default, or sites which the user selects. The universal client enables the user to select total or partial opt-ins or opt-outs with granular control, on one or more web or decentralized sites, where the user may wish to allow some uses of data and access to data but would also like to restrict others. When a user is calibrating their privacy and data settings, a company or site may provide reasons and incentives for the user to allow access to certain data. This allows users to have simultaneous global control over their personal data while enabling the user to receive compensation for the use of their personal data, and allowing companies to have access to better data.

A computer-implemented method includes: determining assets held by a remitter, the assets to be spent in a remittance transaction between the remitter and one or more payees, in which each asset corresponds to a respective asset identifier, a respective asset amount, and a respective asset commitment value; determining a remitter pseudo public key and a remitter pseudo private key; determining a cover party pseudo public key, in which the cover party pseudo public key is obtained based on asset commitment values of assets held by the cover party; and generating a linkable ring signature for the remittance transaction.

An example system receives certificate requests from clients. Each request can indicate a number of computerized devices needing certificates; a timestamp indicating when the request was transmitted; and a client identifier. The system includes a Quality of Service (QoS) manager that: distributes the requests from the clients across client queues, each of the client queues corresponding to a particular client; and divides requests into smaller subgroups of entries corresponding to a subset of the computerized devices needing certificates. The system can also transmit retrieved entries from the client queues to a certificate management service.

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for performing an attestation verification. One of the methods includes sending an attestation request to a relay system node by a relay system controller. The relay system controller receives an attestation evidence of the relay system node from the relay system node. The relay system controller sends the attestation evidence of the relay system node to an attestation verification server. The relay system controller receives an attestation verification report from the attestation verification server. The relay system controller sends the attestation verification report to a relay system smart contract.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for retrieval of data from external data sources for processing within a blockchain network. One of the methods includes receiving a request for data from a data source, the request including plaintext data and encrypted data, the encrypted data including access data and a hash of the plaintext data; transmitting the request to one relay system component external to the blockchain network; receiving a result from the relay system component that is digitally signed using a private key of the relay system component; verifying an integrity of the result based on a public key of the relay system component; and transmitting the result to a user computing device in response to verifying the integrity of the result.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for enhancing blockchain network security. Embodiments include generating a request for data from a data source, the request including plaintext data and encrypted data, the encrypted data including access data and a hash of the plaintext data, transmitting the request to a relay system component external to the blockchain network, receiving a result from the relay system component that is digitally signed using a private key of the relay system component, and verifying an integrity of the result based on a public key of the relay system component and a digital signature of the result.