Techniques are disclosed to provide enforceable pseudonymous reputation through chained endorsers. In various embodiments, a request associated with a chained endorsement operation is received via a communication interface. A client identity information is extracted from the request. Data comprising or associated with the client identity information is combined with a secret value. A one-way transform of the combined value is performed. A result of the one-way transform is returned to a client with which the chained endorsement operation is associated.

The present invention relates generally to a system and method of querying an anonymized database. More particularly, the invention provides a method and system for querying an anonymized database without the need to decrypt queried data while it's processed. Even more specifically, the invention provides a method and system of anonymizing a database such that it may be queried efficiently in near real time while still retaining the ability to not decrypt requested data while it's being processed.

Within one or more instances of a computing environment where an instance is a self-contained architecture to provide at least one database with corresponding search and file system. User information from the one or more instances of the computing environment is organized as zones. A zone is based on one or more characteristics of corresponding user information that are different than the instance to which the user information belongs. User information is selectively obfuscated prior to transmitting blocks of data including the obfuscated user information. The selective obfuscation is based on zone information for one or more zones to which the user information belongs.

Systems and techniques for securing vehicle privacy in a driving infrastructure are described herein. A vehicle may contact a group identification (ID) issuer to register itself. A group ID may be received from the group ID issuer to indicate acceptance as a member. The vehicle may then contact the driving infrastructure to attach to the driving infrastructure using the group ID to identify the vehicle. In response, the vehicle receives an attachment ID from the driving infrastructure. Here, the attachment ID is used to secure communications between the vehicle and the driving infrastructure.

Systems and methods for preserving privacy in dark pool trading environments are provided. The methods include receiving buy orders that include encrypted buy order information; receiving sell orders that include encrypted sell order information; determining whether at least one received buy order matches with at least one received sell order; and when there is a match, executing a transaction based on the match. The determination is made without revealing the encrypted information to an operator of the dark pool, thereby preserving the confidentiality of the information until the transaction is executed.

Methods, systems, and techniques for private identity verification involve obtaining a cryptographically secure commitment that is generated using a first user identifier and a private user identifier associated with the first user identifier; receiving, from an identity verification system, initial zero knowledge proof messages comprising the commitment; sending, to the identity verification system, a set of cryptographically secure known identifier commitments generated using a set of private user identifiers; receiving, from the identity verification system: (i) a zero knowledge proof response generated using the zero knowledge proof challenge; and (ii) proof that the private user identifier used in the initial zero knowledge proof messages comprises part of the set of private user identifiers; and verifying that the private user identifier used in the initial zero knowledge proof messages comprises part of the set of private user identifiers.

Methods, systems, and apparatus, including a method for preventing fraud. In some aspects, a method includes: receiving, from multiple client devices, a measurement data element that includes a respective group member key and a group identifier for a given conversion as a result of displaying a digital component. Each client device uses a threshold encryption scheme to generate, based at least on network data that includes one or more of impression data or conversion data for the conversion, a group key that defines a secret for encrypting the network data and generate, based on data related to the application, the respective group member key that includes a respective share of the secret. In response to determining that at least the threshold number of measurement data elements having the same group identifier have been received, the network data is decrypted using the group member keys in the received measurement data elements.

There is provided a computer-implemented method for secure linking of anonymized data among computer domains, comprising: at each computer domain at which a data set including a number of data records is stored: identifying a sensitive data element within a data record; applying a cryptographic hash function to the sensitive data element so as to yield a token; replacing the sensitive data element with the token within the data record to yield an anonymized data record of the data set; and transferring to a server computer the anonymized data record of the data set; and at the server computer: iteratively transforming the tokens of the anonym ized data records of each data set to yield a compounded token for each token; and linking the anonymized data records if their compounded tokens match.

Systems and applications are described that use group signature technology to allow for anonymous and/or semi-anonymous feedback while allowing for the application of rules and parameters. The use of group signature technology may serve to potentially mitigate or prevent malicious identification of individuals or entities providing a communication such as feedback. Feedback may range from constructive feedback all the way to the ‘whistleblower’ variety. It may be desirable to identify the individuals as belonging to a particular group or having a particular status or position while maintaining the anonymity of the individuals within the particular group.

An operator for a global total order broadcast domain may send an operation out of band to nodes of participating parties, receive a certificate and a signature on an operation identifier for each participating node, generate a randomness vectors for each party participating in the operation, generate a random symmetric encryption key, encrypt the certificates, the signatures, and the randomness vector for each participating party with the symmetric encryption key, encrypt the symmetric encryption key under each public key for each participating party, and hash the symmetric encryption key, and recording, by the operator, the hashed symmetric encryption key on the global total order broadcast domain.