A method of applying proof of lottery to select block forgers in a blockchain, comprising performing the following at a certain one of a plurality of computing nodes connected to a blockchain network: (1) transmitting one or more of a plurality of participation transactions submitted by at least some of the plurality of computing nodes for participating in selection process conducted to select forgers from the plurality of computing nodes to forge blocks to be added to the blockchain; (2) determining a respective forger, during each selection process, by applying a selection function to an outcome of a hash function and a plurality of participation transactions extracted from a first subset of blocks preceding the respective block, the hash function is applied to a second subset of blocks preceding the respective block; and (3) forging the respective block in case the certain computing node is selected as the respective forger.

Methods and systems are presented for providing a secured framework for facilitating electronic transactions using a multi-party computation approach. Under the multi-party computation approach, the task of authenticating a transaction conducted through a user account is distributed among multiple computer nodes. One or more secrets and shares of a secret are distributed among the multiple computer nodes. An authentication process is implemented such that at least a portion of the multiple computer nodes, including one or more required nodes, exceeding a predetermined number of nodes are needed to perform a set of computations using the corresponding secret(s) and/or shares of the secret in order to generate a digital signature for the user account. By verifying the digital signature using a public key of the user account, it can be determined that the participation requirement has been satisfied.

Methods and systems are presented for providing a multi-party computation (MPC) framework for dynamically configuring, deploying, and utilizing an MPC system for performing distributed computations. Based on device attributes and network attributes associated with computer nodes that are available to be part of the MPC system, a configuration for the MPC system is determined. The configuration may specify a total number of computer nodes within the MPC system, a minimum number of computer nodes required to participate in performing a computation process, a key distribution mechanism, and a computation processing mechanism. Encryption keys are generated and distributed among the computer nodes based on the key distribution mechanism. Upon receiving a request for performing the computation, updated network attributes are obtained. The configuration of the MPC system is dynamically modified based on the updated network attributes, and the MPC system performs the computations according to the modified configuration.

Methods and systems for managing cryptographic keys in on-premises and cloud computing environments and performing multi-party cryptography are disclosed. A cryptographic key can be retrieved from a hardware security module by a key management computer. The key management computer can generate key shares from the cryptographic key, and securely distribute the key shares to computer nodes or key share databases. The computer nodes can use the key shares in order to perform secure multi-party cryptography.

A computer-implemented method of generating a share of a digital signature of a message, wherein a threshold number of different signature shares from respective participants of a group of participants are required to generate the digital signature, wherein each participant has a respective private key share, the method being performed by a first one of the participants and comprising: generating a first message-independent component and a first message-dependent component, wherein the message-independent component is generated based on a first private key share and wherein the message-dependent component is generated based on the message; causing the first message-independent component to be made available to a coordinator; and causing a first signature share to be made available to the coordinator for generating the signature based on at least the threshold number of signature shares, wherein the first signature share comprises at least the message-dependent component.

Method for computing a logical AND between two chosen bits, xi, xj, held by first and second participants, including a first phase comprising a step in which said first and second participants determine a first correlation variable and a second correlation variable, each determine a random bit, p and q, and transmit, to said server, a value dependent on said random bit p, q, a step in which the server prepares a photon in a first state; a step in which said first participant applies a first transformation V Up to said photon; a step in which the second participant applies a second transformation V Uq to said photon, and a step in which the server performs a third transformation (U*)p+q, measures the state of the photon and determines a third correlation variable; and a second phase comprising a step in which said first and second participants exchange a value u1, u2 dependent on the sum of the random bit, p, q and the chosen bit, xi, xj; and a step in which said first participant computes and delivers a first value a=+xiΛu2, said second participant computes and delivers a second value b=+xjΛu1+u1Λu2 and said server delivers the third correlation value, so that the result of the computation of the logical “and” between said chosen bits may be obtained by summing said first and second values and said third correlation variable.

A method for message authentication includes computing a first secret data and a second secret data using a signing key associated with a first communication message. The method includes splitting the first secret data and the second secret data into shares among a plurality of key holders n for storage at the plurality of key holders n. The method includes receiving a reconstruction request to compute a hash-based message authentication code (HMAC) signature for the first communication message employing the shares from at least t≤n of the plurality of key holders n to compute the signature with a Secure Multi-party Computation (SMC) protocol. Further the method includes computing the signature using the shares from the at least t≤n of the plurality of key holders n as inputs to the SMC protocol in place of the signing key.

This numerical splitting device: acquires a numerical value w and a parameter p; generates a first random number r1 and a second random number r2; computes a third random number r3 based on the numerical value w, parameter p, first random number r1, and second random number r2 according to an expression, r3=w−r1-r2 mod p; computes first to third segments s1, s2, s3 based on the first to third random numbers r1, r2, r3 and the parameter p according to expressions, s1=r1+r2 mod p, s2=r2+r3 mod p, and s3=r3+r1 mod p; and transmits a pair of the first segment s1 and the second random number r2, a pair of the second segment s2 and the third random number r3, and a pair of the third segment s3 and the first random number r1 to first to third secure computation devices, respectively.

Disclosed is a process for testing a suspect model to determine whether it was derived from a source model. An example method includes receiving, from a model owner node, a source model and a fingerprint associated with the source model, receiving a suspect model at a service node, based on a request to test the suspect model, applying the fingerprint to the suspect model to generate an output and, when the output has an accuracy that is equal to or greater than a threshold, determining that the suspect model is derived from the source model. Imperceptible noise can be used to generate the fingerprint which can cause predictable outputs from the source model and a potential derivative thereof.

Privacy protection methods, systems, and apparatus, including computer programs encoded on computer storage media, are provided. One of the methods is performed by a second computing device and includes: receiving a data request for object data from a first computing device, wherein the object data is associated with an object and is stored in the second computing device; performing encryption of the object data using a public key associated with the object based on the data request to generate a first ciphertext; obtaining verification data based on the first ciphertext for verifying whether a ciphertext to be verified corresponds to the object data; and sending the verification data to the first computing device for the first computing device to execute a cryptography protocol with a third computing device based on the verification data.