Multivariate encryption systems and methods are provided herein. An example method includes receiving a multivariate input set that includes a plurality of sensitive data objects arranged according to a record template, encrypting the multivariate input set into an encrypted representation, receiving a request for at least a portion of the plurality of sensitive data objects, extracting the at least a portion of the plurality of sensitive data object from the encrypted representation and generating a response message that includes only the at least a portion of the plurality of sensitive data objects that were extracted from the encrypted representation.

A privacy computing-enabled migration method for large-scale persistent data across platforms is provided. By virtue of a sealing key management service SKMS, based on trusted sealing and trusted connection which are the basic functions of privacy computing, large-scale migration of privacy data with low deployment cost, high security and high efficiency can be realized by providing download links to platforms that meet requirements, thus greatly improving the flexibility of data deployment and use and the landing of trusted sealing technology.

Described herein are a system and techniques for enabling biometric authentication without exposing the authorizing entity to sensitive information. In some embodiments, the system receives a biometric template from a user device which is encrypted using a public key associated with the system. The encrypted biometric template is then provided to a second entity along with a biometric identifier. Upon receiving a request to complete a transaction that includes the biometric identifier and a second biometric template, the second entity may encrypt the second biometric template using the same public key associated with the system and perform a comparison between the two encrypted biometric templates. The resulting match result data file is already encrypted and can be provided to the system to determine an extent to which the two biometric templates match.

The present disclosure relates to a system and a method for providing personal information for an online service system. More particularly, the present disclosure relates to a system and a method for providing personal information using a one-time private key based on a blockchain of proof of use, wherein personal information is registered and stored in a distributed manner in a blockchain network, services in online and offline service systems are used by using alternative authentication identification information that is anonymous and includes a public key to access the personal information in the blockchain network, and for membership registration and login, only the alternative authentication identification information is used to receive a service, become a member of a service, and to log in, without providing the personal information.

A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.

A method for confirming a blockchain transaction utilizing output from a transaction still waiting inclusion in a blockchain includes: storing, in a node of a blockchain network, a plurality of waiting blockchain transactions not included in a blockchain associated with the blockchain network; receiving a new blockchain transaction including a transaction amount, destination address, digital signature, and an unspent transaction output, where the unspent transaction output is a reference to one waiting blockchain transactions; validating the new blockchain transaction including confirmation of the one of the waiting blockchain transactions; generating a new block including a block header and a plurality of blockchain data entries including at least the new blockchain transaction and the one of the waiting blockchain transactions; and transmitting the generated new block to a plurality of additional nodes in the blockchain network for confirmation.

In one embodiment, a set of feature vectors can be derived from any biometric data, and then using a deep neural network (DNN) on those one-way homomorphic encryptions (i.e., each biometrics' feature vector) an authentication system can determine matches or execute searches on encrypted data. Each biometrics' feature vector can then be stored and/or used in conjunction with respective classifications, for use in subsequent comparisons without fear of compromising the original biometric data. In various embodiments, the original biometric data is discarded responsive to generating the encrypted values. In another embodiment, the homomorphic encryption enables computations and comparisons on cypher text without decryption of the encrypted feature vectors. Security of such privacy enable biometrics can be increased by implementing an assurance factor (e.g., liveness) to establish a submitted biometric has not been spoofed or faked.

A container includes a user program and data generated by the user program within a regulatory jurisdiction. Before the container leaves the regulatory jurisdiction, the data is validated by the jurisdiction to ensure the data complies with privacy laws of the jurisdiction. Upon ingress to a second regulatory jurisdiction, the data is signed locally to provide for confirmation that the data can leave the second regulatory jurisdiction, since it was not generated within the second jurisdiction. By allowing the user program to move from the first regulatory jurisdiction to a second regulatory jurisdiction, the disclosed embodiments overcome limitations in current solutions that restrict access to local data based on what a public application programming interface (API) can provide. By operating within the regulatory jurisdiction, albeit subject to access controls imposed by that jurisdiction, flexibility in the processing of sensitive data is improved.

One or more implementations of the present specification provide an invoice access method and apparatus based on a blockchain, and an electronic device. The method includes: generating first ciphertext data by encrypting plaintext data of the target invoice based on a first key corresponding to an invoice issuer; generating second ciphertext data by encrypting the plaintext data of the target invoice based on a second key corresponding to an invoice receiver; adding the first ciphertext data and an user identifier of the invoice issuer to the blockchain as related to one another; and adding the second ciphertext data and an user identifier of the invoice receiver to the blockchain as related to one another.

A method for anonymous signature of a message executed by a member entity of a group. The method includes: registering the member entity with an administration entity of the group; generating by the member entity a trace from a trace generator calculated by at least one revocation entity and included in a public key of the group, the trace being invariant relative to the anonymous signatures generated by the member entity in accordance an anonymous signature scheme; blindly obtaining by the member entity a private group key; and generating at least one signature according to the anonymous signature scheme by using the private key, the signature comprising the trace.