Implementations of this specification provide methods and apparatuses for oblivious data transfer between computing devices. An example method includes receiving, by a second computing device, an oblivious transfer from a first computing device. The first computing device splits feature data in a feature dataset into a plurality of sub-data and uses the plurality of sub-data as input, and the second computing device uses label data in a label dataset as input. The second computing device selects target sub-data from the plurality of sub-data input by the first computing device, and determines a first summation result of the selected target sub-data. The second computing device receives from the first computing device a second summation result of the one or more splitting parameters in the splitting parameter set, and calculates a statistical indicator based on the first summation result and the second summation result.

A method for re-keying an encrypted data file, the data file being stored chunkwise on a storage entity (SE), data file chunks being encrypted with a global secret, and the method being performed in a memory available to a computing device, includes partially updating a global secret for encryption data for a data chunk to be re-keyed such that an output of a non-interactive oblivious key exchange is used to identify the private key of the data chunk to be re-keyed with a new private key; and reencrypting the data chunk to be re-keyed with the updated global secret.

According to one aspect, there is provided a server for use in evaluating a monitoring function to determine if a trigger condition is satisfied. The server comprises a processing unit and a memory unit. The memory unit is for storing a current monitoring state (Ss) of the server or an encrypted current monitoring state (S) of the monitoring function, the current monitoring state (Ss) of the server relating to the current monitoring state (S) of the monitoring function that is based on an evaluation of one or more previous events. The processing unit is configured to receive an indication of a first event from a first client node and evaluate the monitoring function to determine if the first event satisfies the trigger condition. The evaluation is performed using a privacy-preserving computation (PPC), with the server providing the current monitoring state (Ss) of the server as a first private input to the PPC or the encrypted current monitoring state (S) of the monitoring function as a first input to the PPC, and the first client node providing the first event or an encryption thereof as a private input to the PPC. The evaluation of the monitoring function provides an encrypted updated monitoring state (S′) of the monitoring function or an updated monitoring state (Ss′) of the server as an output of the monitoring function and an indication of whether the first event satisfies the trigger condition.

A method for cryptographic key provisioning includes, via a main authentication server (MAS), generating a first secret key and registering a client by performing a first portion of a first instance of a distributed threshold oblivious pseudo-random function. The first instance of the function results in the client obtaining a root secret key and the MAS obtaining a corresponding root public key. The method includes authenticating the client to the MAS by performing a first portion of a second instance of the distributed threshold oblivious pseudo-random function. The second instance of the function results in the client obtaining the root secret key. Information stored by the client, the first secret key, and a second secret key generated by a support authentication server are inputs to at least one of the first and second instances of the distributed threshold oblivious pseudo-random function.

A system includes a first plurality of blockchain nodes including first network nodes external to a vehicle and second network nodes internal to the vehicle, the first plurality of blockchain nodes maintaining a first distributed blockchain ledger; and a first computing device. The first computing device is programmed to transmit a first request to the first plurality of blockchain nodes requesting access to a vehicle network via a communications access port in the vehicle; demonstrate a first proof of work by responding to a second request from the first plurality of blockchain nodes; and receive, based on a first majority of the first network nodes and the second network nodes in the first plurality of blockchain nodes accepting the first request, first authorization specifying access to the vehicle access via the communications access port.

Implementations of this specification provide methods and apparatuses for oblivious data transfer between computing devices. An example method includes receiving, by a second computing device, an oblivious transfer from a first computing device. The first computing device splits feature data in a feature dataset into a plurality of sub-data and uses the plurality of sub-data as input, and the second computing device uses label data in a label dataset as input. The second computing device selects target sub-data from the plurality of sub-data input by the first computing device, and determines a first summation result of the selected target sub-data. The second computing device receives from the first computing device a second summation result of the one or more splitting parameters in the splitting parameter set, and calculates a statistical indicator based on the first summation result and the second summation result.

Methods are provided for discovering related attributes with respect to an element in a customer data record, based on provided associations and for generating new associations between various elements of the customer data record. In these method, the context service system obtains, from a subscriber, a lookup request including a first blinded attribute. The first blinded attribute is obtained by applying an oblivious pseudo random function (OPRF) to a first element of a data record. The method further includes the context service system identifying at least one second blinded attribute associated with the first blinded attribute in a shared data partition of the context service system and providing, to the subscriber, at least one second element of the data record associated with the at least one second blinded attribute.

A method for performing spacetime-constrained oblivious transfer between various laboratories of a first party A and various laboratories of a second party B. The method includes providing the spacetime-constrained oblivious transfer to satisfy various conditions. The method further includes encoding, by the laboratories of the first party A, various messages in a quantum state selected from various non-orthogonal quantum states. The method further includes transmitting, by the laboratories of the first party A, the quantum state to a first laboratory of the second party B. The method further includes applying, by the first laboratory of the second party B, a quantum measurement on the quantum state to obtain a classical measurement outcome. The method further includes transmitting, by the first laboratory of the second party B, the classical measurement outcome to the laboratories of the second party B.

A method of communicating a secret (k.sub.0, k.sub.1) on the Bitcoin blockchain is disclosed. The method comprises sending information identifying secrets selectable by the recipient and receiving a first public key (U.sub.i) of an elliptic curve cryptography system, corresponding to a first secret (S.sub.i) selected for access by the recipient and for which a first private key (m) is accessible to the recipient. A second public key (U.sub.1-i) is received, corresponding to a second secret not selected for access by the recipient, wherein a corresponding second private key is not available to the recipient. First and second secrets encrypted by means of the respective first and second public keys (X.sub.0, X.sub.1) are sent to the recipient, wherein the first secret is accessible to the recipient by means of the first private key, the second secret is inaccessible to the recipient, and the sender is unable to distinguish between the first and second secrets.

A method for performing spacetime-constrained oblivious transfer between various laboratories of a first party A and various laboratories of a second party B. The method includes providing the spacetime-constrained oblivious transfer to satisfy various conditions. The method further includes encoding, by the laboratories of the first party A, various messages in a quantum state selected from various non-orthogonal quantum states. The method further includes transmitting, by the laboratories of the first party A, the quantum state to a first laboratory of the second party B. The method further includes applying, by the first laboratory of the second party B, a quantum measurement on the quantum state to obtain a classical measurement outcome. The method further includes transmitting, by the first laboratory of the second party B, the classical measurement outcome to the laboratories of the second party B.