A multi-party session key agreement method includes: a test session for exchanging a short-term key between parties of 3 to n peers; and an original session for exchanging a long-term key between the parties who have exchanged the short-term key. Peer (n) that has conducted the test session and the original session has cluster (n) that manages the keys as a result of conducting the sessions, and cluster (n) agrees with a result of the session conducted in peer (n) by communicating with cluster (n+1) of another peer (n+1).

Methods and systems for the use of multi-party computation (MPC) key systems that involve the use of multiple parties, each of which hold respective private data that may be used to evaluate a computation without ever revealing any of the private data held by each party to perform blockchain operations. Using the MPC key systems, the methods and systems generate secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications.

A biometric identification method of an entity including computation of a matching value between biometric data of an entity u and reference biometric data u, by application of a function F to the biometric data. A non-interactive, publicly verifiable computation method is performed wherein representation of the function is obtained by converting an arithmetic circuit into a polynomial representation. A matching value is obtained by evaluating the arithmetic circuit and the reference biometric data as inputs. Proof of correction of the computation execution of the matching values is obtained. Verification of said received proof. The function is encoded with an integer k>1 of a vector of a biometric datum on at least one input wire of the circuit. The function includes at least m scalar products. Evaluation of the circuit is iteratively computed depending on the value of m.

A zero-trust network and methods of using same are disclosed. The network includes a plurality of nodes, some of which are user devices, such as mobile phones, some of which are computer servers. One or more of the nodes includes a directory system. When a server receives an access request by a user device or other node, the directory system is notified of the request. The directory system will contact a number of randomly selected nodes, and if any one of the nodes does not recognize the requesting device, the requesting device will be denied access. If every queried node is able to authenticate the requesting device, the directory system creates a session for the first device to access the server. The directory system can grant access by providing the server and device reciprocating keys. After the session ends, the accessed node is assigned a new identifier.

Some embodiments are directed to a computation device configured to verify that an edit script is for transforming a first string to a second string. The edit script has match operations and difference operations as allowed edit operations. The computation device obtains a representation of the edit script and subsequently performs a validation computation. For each match operation, the computation device determines a character at a current position in the first string and a character at a current position in the second string, verifies that they match, increments the current position in the first string by one and increments the current position in the second string by one. For each difference operation, the computation device increments the current position in the first string and/or the current position in the second string by one.

A method for encoding can include generating a data structure defining a Boolean circuit including a memory storing original data, inputs and outputs, logic gates, and wires interconnecting the inputs, the logic gates and the outputs, the memory including, for each bit of the original data, a memory cell including a logic gate performing a logic operation depending on a value of the bit, the Boolean circuit configured to receive input data for selecting and reading a memory cell, and to provide a binary data of a bit read in the selected memory cell and address data of the bit in the original data. Generating the data structure including: generating a valid data for each binary state of each wires of the Boolean circuit, and computing truth table values of the logic gates as a function of the valid input and output data, and a logical operation of the logic gate.

Data processing is performed while personal information is kept concealed. A registrant terminal splits a registration input password and allocates the split pieces to secure computation servers. The secure computation servers verify whether the password matches. The registrant terminal splits target data and allocates the data shared values to the secure computation servers. The secure computation servers store the data shared values. A user terminal splits a utilization input password and allocates the split pieces to the secure computation servers. The secure computation servers verify whether the password matches. The user terminal sends a data processing request to the secure computation servers. The secure computation servers execute secure computation of the data shared values to generate processing result shared values. The user terminal recovers the processing result from the processing result shared values.

The present disclosure relates to an electronic device which comprises a circuitry configured to authenticate a second electronic device when the circuitry detects based on a privacy preserving algorithm that the two electronic devices are associated with the same body. Furthermore, the present disclosure relates to a method comprising authenticating data communication between a first electronic device and a second electronic device when detecting based on a privacy preserving algorithm that the two electronic devices are associated with the same body.

The subject matter discloses a method for decrypting ciphertext, comprising obtaining multiple shares of a vector representing a secret key in multiple computerized entities, receiving a request to decrypt a ciphertext from an application server, each entity of the multiple computerized entities computes a linear function, the linear function receives as input a share of the vector stored in each entity of the multiple computerized entities and a ciphertext accessible to the entity, performing a plaintext multi-party computation (MPC) process by the multiple computerized entities using the output of the computation performed by each entity independently, computing an output of the linear function receiving the secret key and the ciphertext as input, wherein none of the multiple computerized entities have access to the share stored in another computerized entity.

Described is a system for cloud-based privacy-preserving navigation operations between multiple parties. The system performs a two-party computation (2PC) between input data related to a current location of a first party and public data stored on a cloud computing infrastructure. Each party individually performs a 2PC on the public data while maintaining privacy of their input data. The system then performs multi-party computations (MPC) between multiple parties and the cloud computing infrastructure. The multiple parties privately update the public data with a result obtained from the 2PC. For the first party, a privacy-preserved navigation result is generated using results obtained from the 2PC and the MPC. The first party is caused to perform a navigation operation based on the privacy-preserved navigation result.