A method for performing a key recovery process is disclosed. The method comprises entering, in a user device, a user identifier unique to a user. The user device may then obscure the user identifier to form an obscured user identifier. The user device may then transmit the obscured user identifier to a first and second entity computer. The method may then include the first entity computer generating a first output using the obscured user identifier and a first share, and the second entity computer generates a second output using the obscured user identifier and a second share. As a response to transmitting the obscured identifier, the user device may receive the first output from the first entity computer and the second output from the second entity computer. The user device may then generate a secret key after processing the first output and the second output, completing the key recovery process.

Systems and methods enable two or more data providers that do not trust each other with their data to pool their data for analysis. The systems and methods can translate conventional database SQL queries into secure multiparty computation so that the data providers can analyze their collective data without requiring any of them to disclose private information.

The subject matter discloses a computerized system for securing information, comprising a client application installed on a computerized device, said client application stores a first share of the information, a server communicating with the client application, said server stores a second share of the information, an MPC module installed on the client application and on the server, wherein a request to use the information activates the MPC module, such that computation performed by the MPC module enables use of the information while only a share of the information resides on the server or on the computerized device, wherein the server verifies the identity of the computerized device in response to a request to use the information

The subject matter discloses a computerized system, comprising a computerized device communicating with a third party server, that comprises a memory unit that stores a representation of a Boolean circuit and a processing unit for calculating a result of the Boolean circuit according to a string used as input for the Boolean circuit and calculating a first predefined function on the result of the Boolean circuit. The system also comprises a first auxiliary server communicating with the computerized device, the first auxiliary server comprises a processing unit for calculating a second predefined function on the result of the Boolean circuit received from the computerized device and a second auxiliary server communicating with the computerized device comprises a processing unit for comparing the result of the first predefined function and the result of the second predefined function.

the invention proposes a method and an associated system for authenticating a user, by means of the redundancy present between several images of a video, the method using garbled circuits, named variant garbled circuits, associated with the alternative bits between the images of the video and a garbled circuit named invariant garbled circuit, associated with the invariant bits between the images of the video, so that the invariant garbled circuit only needs to be evaluated a single time.

A method for accessing a device by a user connected to the device and to at least two servers in different networks includes collaboratively generating parts of an authentication ticket on the at least two servers, collaboratively generating parts of a user session key and encrypting a combined user session key, authenticating with the authentication ticket at a distributed ticket granting server by collaboratively decrypting user request information using the combined user session key and comparing its content with the authentication ticket, collaboratively generating an encrypted user-to-device ticket and an encrypted user-to-device session key, and accessing the device by the user using the encrypted user-to-device ticket and the user-to-device session key.

Data processing methods, apparatuses, and computer-readable media are applied to a system including a data provider and N secure multi-party computation (MPC) computation parties. N is an integer greater than 3. In an example method, each MPC computation party obtains a first data component from a data message sent by the data provider. The first data component is a part of a plurality of data components obtained after the data provider splits private data, and the first data component is a logical component. Then, the first data component is converted from the logical component to an arithmetic component, to obtain a second data component, so as to perform MPC processing.

A querying node generates public keys, secret keys, and switch key matrices. A public key associated with a first level and the switch key matrices are sent to a receiving node. The receiving node generates a key-value table, mapping values to keys, and encodes the keys and values using a polynomial ring of a predetermined type. The querying node encodes using a polynomial ring of the same predetermined type, then encrypts a query, using a public key, and sends the query to the receiving node. The receiving node performs a homomorphic comparison of the encrypted, encoded query with each encoded key entry in the encoded key-value store to determine a comparison result. The receiving node sums the results for each of the value entries and returns the summed result to the querying node. The querying node decrypts and decodes the received result using the corresponding secret key.

Techniques are provided for delegating evaluation of pseudorandom functions to a proxy. A delegator delegates evaluation of a pseudorandom function to a proxy, by providing a trapdoor to the proxy based on a secret key k and a predicate P using an algorithm T, wherein the predicate P defines a plurality of values for which the proxy will evaluate the pseudorandom function, wherein the plurality of values comprise a subset of a larger domain of values, and wherein the trapdoor provides an indication to the proxy of the plurality of values. A proxy evaluates a pseudorandom function delegated by a delegator by receiving a trapdoor from the delegator that provides an indication of a plurality of values to be evaluated, wherein the plurality of values comprise a subset of a larger domain of values; and evaluating an algorithm C on the trapdoor to obtain the pseudorandom function value for each of the plurality of values. The trapdoor can be provided to the proxy using a Gordreich, Goldwasser, Micali (GGM) binary tree representation.

Standardized digital signature schemes (e.g., Rivest-Shamir-Adleman (RSA), Digital Signature Algorithm (DSA), Elliptical Curve Digital Signature Algorithm (EC-DSA), etc.) may be employed to prove authenticity of a message containing credentials. Proving possession of valid credentials may be performed using a combination of garbled circuits with message authentication codes (MACs) and proof of knowledge protocols (e.g., Sigma protocol, Schnorr protocol, etc.). Such techniques may allow proving entities to prove possession of valid credentials using standardized signature schemes without revealing those credentials directly to a verifying entity.