An approximate function calculation apparatus includes: a first error upper bound calculating unit which obtains an upper bound of a first error of an approximation of a function f(x) by the function g.sub.b(x) in a section [x.sub.0, b]; an expansion position calculating unit which obtains an expansion position b′ that represents a maximum b at which the upper bound of the first error; a second error upper bound calculating unit which obtains an upper bound of a second error of an approximation of the function f(x) by a function g.sub.b′(x) in a section [b′, x.sub.2]; a right end position calculating unit which calculates a right end position x.sub.2′ that represents a maximum x.sub.2 at which the upper bound of the second error; and a control unit which repeats processing of the respective units with a section [x.sub.2′, x.sub.1] as the section D.

Systems and methods of managing a shared cryptographic account for a first user and at least one second user in a blockchain based computer network, including: generating, by a first computing device of the first user, a first share of a cryptographic key, generating, by a server, a corresponding second share of the cryptographic key, wherein the cryptographic key corresponds to a public key and private key pair, and wherein the private key is configured to decrypt shares of the cryptographic key that are encrypted by the public key, generating a group ID for a group of users of the shared cryptographic account, distributing, by the server, the first share among each of the at least one second user, and enforcing a signing logic scheme for users of the group when signing with the shared cryptographic account.

Method, apparatus, and computer program are disclosed for operating drones or other mobile computers in sensitive environments, where the drones are exposed to attacks with updates, incorrect/malicious commands or even being joined by malicious drones pretending to be part of the drone swarm or group. The method includes leveraging both trusted computing capabilities and that each individual drone can decide on the level of assurance and trust of any other drone we can construct a consensus algorithm such that if a drone wishes to perform a sensitive operation then all drones can attest that drone and decided on its level of assurance.

A method for generating energy-optimized travel routes for a motor vehicle includes one or more of the following: receiving an origin destination (OD) of the motor vehicle and an encrypted energy consumption database of the motor vehicle; generating N candidate routes for the OD; evaluating encrypted energy consumption over a route using an encrypted energy consumption database; applying at least one of homomorphic addition function or homomorphic multiplication function to the encrypted energy consumption data; and returning N candidate routes and their encrypted energy consumption to a client.

A computerized system and method for symmetric encryption and decryption using two machines, the method including obtaining a message and an initialization vector on a first machine, sending the initialization vector to a second machine, where said second machine stores an encryption key for a Key Derivation Function (KDF), generating a derived key on the second machine by applying the KDF receiving as input both the encryption key and the initialization vector, sending the derived key from the second machine to the first machine, and encrypting the message using the derived key on the first machine.

An information processing system capable of processing the encrypted data efficiently is provided. The information processing system of the present invention includes: a key management unit configured to manage a system key; a storage unit configured to store an encryption data encrypted by the system key; and a processing execution unit configured to temporarily construct a virtual execution environment protected from a standard execution environment and decrypt the encryption data in the virtual execution environment based on the system key acquired from the key management unit.

Encrypted first data and encrypted second data may be received, where each data is from different client servers. A request to perform an operation with the first data and the second data may be received. Whether the operation is authorized to be performed with the first data and the second data at an enclave may be verified. In response to verifying that the operation is authorized to be performed with the first data and the second data at the enclave, the encrypted first data and the encrypted second data may be decrypted to the first data and the second data, respectively. Furthermore, the operation may be performed with the first data and the second data at the enclave.

A system and method are disclosed for comparing private sets of data. The method includes encoding first elements of a first data set such that each element of the first data set is assigned a respective number in a first table, encoding second elements of a second data set such that each element of the second data set is assigned a respective number in a second table, applying a private compare function to compute an equality of each row of the first table and the second table to yield an analysis and, based on the analysis, generating a unique index of similar elements between the first data set and the second data set.

Systems and methods for threshold authenticated encryption are provided. A collection of cryptographic devices may encrypt or decrypt a message, provided that a threshold number of those devices participate in the encryption process. One cryptographic device may generate a commitment message and transmit it to the other selected devices. Those devices may each perform a partial computation using the commitment message, and transmit the partial computations back to the encrypting or decrypting device. The encrypting or decrypting device may use those partial computations to produce a cryptographic key, which may then be used to encrypt or decrypt the message.

This application relates to a node group-based data processing method performed by a first node in the node group, and includes: constructing, according to a first user identifier, a mapping relationship for mapping the first user identifier to a target value; performing homomorphic encryption on a mapping parameter of the mapping relationship, to obtain a mapping parameter ciphertext, and transferring the mapping parameter ciphertext to the second node in the node group; receiving the reference value and the fragment information returned by the second node; and maintaining, when a result obtained after homomorphic decryption is performed on the reference value is consistent with the target value, the fragment information returned corresponding to the reference value, and triggering the first node to collect fragment information maintained in each first node, to aggregate the collected fragment information to obtain a user identifier intersection set of the node group.