A computer implemented system for anonymous electronic verification of location credentials including at least one processor and data storage is described in various embodiments. The system includes cryptographic mechanisms and electronic communication between one or more computing systems that in concert, provide verification of a prover's location credentials in accordance to logical conditions of a verifier's policy without providing additional information to a verifier entity.

Techniques and architectures may be used to provide an environment where a data owner storing private encrypted data in a cloud and a data evaluator may engage in a secure function evaluation on at least a portion of the data. Neither of these involved parties is able to learn anything beyond what the parties already know and what is revealed by the function, even if the parties are actively malicious. Such an environment may be useful for business transactions, research collaborations, or mutually beneficial computations on aggregated private data.

Systems and methods for improved distributed symmetric cryptography are disclosed. A client computer may communicate with a number of cryptographic devices in order to encrypt or decrypt data. Each cryptographic device may possess a secret share and a verification share, which may be used in the process of encrypting or decrypting data. The client computer may generate a commitment and transmit the commitment to the cryptographic devices. Each cryptographic device may generate a partial computation based on the commitment and their respective secret share, and likewise generate a partial signature based on the commitment and their respective verification share. The partial computations and partial signatures may be transmitted to the client computer. The client computer may use the partial computations and partial signatures to generate a cryptographic key and verification signature respectively. The client computer may use the cryptographic key to encrypt or decrypt a message.

The invention relates to a cryptographic method and variants thereof based on homomorphic encryption enabling the evaluation of univariate or multivariate real-valued functions on encrypted data, in order to allow carrying out homomorphic processing on encrypted data more broadly and efficiently.

A system for performing real-time quantum-safe computation of a digital transaction using in a blockchain consensus protocol, comprising a plurality of permissioned verification servers being a plurality of distributed participants that are adapted to create common randomization to all of said participants which remains unrevealed until being used by said participants, by assigning to each participant a unique polynomial having a maximal degree being common to all participants; allowing each participant to select a random value; allowing each participant to send his selected random value to all other participants using a secret sharing scheme based on points on his unique polynomial, such that said secret hides the details of said selected random value and all other participants that receive shares of said selected random value will not be able to reconstruct said selected random value from the received shares; create a pool of all shares of all participants; build a quantum-safe consensus of honest participants, in rounds, by sharing symmetric keys between participants before a consensus round and recovering said keys after each consensus round; during each round, generate common random coins for which a consensus has been obtained, from shares belonging to at least one honest participant in said round, and locking new created coins by a quantum-safe asynchronous Byzantine Fault Tolerance (a BFT)-based blockchain consensus protocol, while the consensus itself provides the consensus ability on transactions in Block(s) for said a BFT protocol; at the end of each round, validate said transaction using the locked common random coin and revealing the secret to all participants.

This document describes systems and techniques for protecting the security of information in content selection and distribution. In one aspect, a method includes receiving, by a first computing system of MPC systems, a digital component request including distributed point functions that represent a secret share of a respective point function that indicates whether a user of the client device is a member of a first user group. Selection values are identified. Each selection value corresponds to a respective digital component, a set of contextual signals, and a respective second user group identifier for a respective second user group to which the respective digital component is eligible to be distributed. A determination is made, for each selection value and using the distributed point functions in a secure MPC process, a candidate parameter that indicates whether the second user group identifier matches a user group that includes the user as a member.

A method of designing a multi-party system in quotient algebra partition-based homomorphic encryption (QAPHE), which is based on the framework of quotient algebra partition (QAP) and the computation of homomorphic encryption (HE), wherein the method comprises: increasing single model provider A to multiple ones, wherein the number of the multiple model providers is L and let A.sub.1≤i≤L and L≥2; increasing single data provider B to multiple ones, wherein the number of the multiple data providers is R and let B.sub.1≤j≤R and R≥2; and encoding plaintexts, each of which is of k.sub.j qubits, from all data providers into ciphertexts respectively; aggregating the ciphertexts by a form of tensor product and generating an encoded state for computation; and preparing a model operation to conduct the encrypted computation via an encoded operator and the encoded state in a cloud. The method can improve the security of public-key/semi-public-key system and be applied to a threshold HE or a multi-key HE to solve actual problems.

A system for securely computing an elliptic curve scalar multiplication in an unsecured environment, including: a secure processor including secure memory, the secure processor configured to: split a secure scalar K into m.sub.2 random values k.sub.i, where i is an integer index; randomly select m.sub.1−m.sub.2 values k.sub.i for the indices m.sub.2<i≦m.sub.1; select m.sub.1 mask values δ.sub.i; compute m.sub.1 residues c.sub.i based upon random residues a.sub.i, δ.sub.π(i).sup.−1, and k.sub.π(i), wherein π(i) is a random permutation; compute m.sub.1 elliptic curve points G.sub.i based upon random residues a.sub.i and an elliptic point to be multiplied; receive m.sub.1 elliptic curve points; and compute the elliptic curve scalar multiplication by combining a portion of the received elliptic curve points and removing the mask values δ.sub.i from the portion of the received elliptic curve points; a memory device; and a processor in communication with the memory device, the processor being configured to: receive m.sub.1 residues c.sub.i and elliptic curve points G.sub.i; compute m.sub.1 elliptic curve points P.sub.i based upon the m.sub.1 residues c.sub.i and elliptic curve points G.sub.i; send the m.sub.1 elliptic curve points P.sub.i to the secure processor.

An equality determination unit obtains [e.sub.i] in which e.sub.i=(e.sub.i,1, . . . , e.sub.i,N) is concealed, e.sub.i in which e.sub.i,j=a.sub.1 is established when x.sub.i,j is k.sub.j and e.sub.i,j=a.sub.0 is established when x.sub.i,j is not k.sub.j, by secure computation using a concealed search target word [x.sub.i] and a concealed search word [k]. A wildcard determination unit obtains [w] in which w=(w.sub.1, . . . , w.sub.N) is concealed, w in which w.sub.j=b.sub.1 is established when k.sub.j is a wildcard character and w.sub.j=b.sub.0 is established when k.sub.j is not a wildcard character, by secure computation using [k]. An OR operation unit obtains [y.sub.i] in which y.sub.i=(y.sub.i,1, . . . , y.sub.i,N) is concealed, y.sub.i in which y.sub.i,j=d.sub.1 is established when at least one of e.sub.i,j=a.sub.1 and w.sub.j=b.sub.1 is satisfied and y.sub.i,j=d.sub.0 is established when at least one of e.sub.i,j=a.sub.1 and w.sub.j=b.sub.1 is not satisfied, by secure computation using [e.sub.i] and [w].

There is provided a requestor device for digital signing of a message, comprising: at least one hardware processor executing a code for: transmitting the message for signing thereof, in a single request session over the network to each one of a plurality of validator devices, wherein a beacon device computes and transmits over a network to each one of a plurality of validator devices a signature-data value computed and signed by the beacon device, receiving in a single response session from each one of the plurality of validator devices, a respective partial-open decrypted value computed for the signature-data value and the message, and aggregating the partial-opens decrypted values received from the plurality of validator devices to compute the digital signature of the message.