A method for performing a secure comparison between a first secret data and a second secret data, including: receiving, by a processor of a first party, encrypted bits of the second secret data y from a second party, where is an integer; computing the Hamming weight h of first secret data x, wherein x has bits; computing the value of a first comparison bit .sub.A such that .sub.A=0 when h>/2, .sub.A=1 when h</2, and .sub.A is randomly selected when h=/2; forming a set of /2 indexes that includes at least the indexes i where x.sub.i=.sub.A; selecting random invertible scalars r.sub.i for each i in and computing c*.sub.i

The disclosed computer-implemented method for altering time data may include (i) identifying an untrusted executable that is capable of making queries to an operating system of the computing device, (ii) intercepting a request by the untrusted executable to query a system clock of the operating system of the computing device for a current time, (iii) calculating an offset value for the current time that is within a predetermined margin of the current time, and (iv) providing, in response to the request, the untrusted executable with the offset value for the current time instead of the current time. Various other methods, systems, and computer-readable media are also disclosed.

A method for encrypting data with a provided key. The method includes generating a plurality of keys; processing the data in a plurality of rounds, with each round including: performing a first logical combination of the data with a first key; first permuting the first logically combined data based on a first defined permutation; performing a first substitution on the first permuted data; second permuting the first substituted data based on a second defined permutation; performing a second logical combination of the second permuted data with a permuted second key; and performing a second substitution on the second logically combined data. Further, performing a penultimate logical combination of the second substituted data with a penultimate key, permuting the penultimate logically combined data, performing a final substitution of the permuted data, and performing a final logical combination of the final substituted data with a last key.

A user device may receive (e.g., when proximate to the first access device), from an intervening device, device identification data for a first access device. A message may be received from a second access device via the intervening device. The message may include a digital signature generated based at least in part on second access device identification data. The user device may validate the message utilizing the digital signature and a public key. If the message is invalid, the user device may discard the message. If the message is valid, (e.g., unaltered), the user device may determine that the user has not confirmed an intent to interact with the second access device and may terminate a[n] further interaction with the second access device accordingly.

An object is to prevent eavesdropping in quantum key distribution. A photon detector outputs an output current indicating a result of detecting a quantum signal. A current-voltage conversion unit converts the output current into an output voltage signal. An analog-to-digital converter outputs an output voltage signal obtained by analog-digital conversion of the output voltage signal. A signal processing unit performs predetermined signal processing on the output voltage signal, and outputs a photon detection signal indicating a result of detecting the quantum signal. When a time difference between a timing at which the quantum signal is incident into the photon detector and a reference timing determined based on a clock signal is not within a determination range, the photon detection signal is not output from the signal processing unit.

The present disclosure relates to a method for securing an execution of an algorithm of a cryptographic process comprising several operations Oj with n,j integers and j in [0 . . . n1], to be executed each once for a complete execution of said algorithm and which may be executed independently, said method being performed by a processor of a cryptographic device and comprising, for one execution of said algorithm, repeating the following steps, until each of said several operations has been executed at least once: drawing at random an operation to be executed among all several operations comprised in the algorithm, executing said drawn operation.

Apparatus and method for enacting data security in a cryptographic processing system, such as a data storage device. In some embodiments, a timer circuit is initiated to denote an elapsed time interval of predetermined duration responsive to a function call by an initiator circuit to perform a selected cryptographic function upon input data. The selected cryptographic function is executed to generate output data which are temporarily stored in a memory location during a waiting period prior to a conclusion of the elapsed time interval. Additional functions may be performed during the waiting period. A notification from the timer circuit is received at the conclusion of the elapsed time interval, and the output data are transferred from the memory to the initiator circuit. In this way, a timing attack may be defended against by configuring the selected cryptographic function to have the same overall execution time for different input data sets.

A modular reduction calculation on a first number and a second number is protected from side-channel attacks, such as timing attacks. A first intermediate modular reduction result is calculated. A value corresponding to four times the first number is added to the first intermediate modular reduction result, generating a second intermediate modular reduction result. A value corresponding to the first number multiplied by a most significant word of the second intermediate modular reduction result plus 1, is subtracted from the second intermediate modular reduction result, generating a third intermediate modular reduction result. A cryptographic operation is performed using a result of the modular reduction calculation.

A multivariate signature method for resisting key recovery attack, which establishes a new signature verification condition by adding additional value of signature. The verification condition implies verification of internal information x and y, thereby effectively resisting key recovery attack generated by the existence of equivalence key. Specifically, the method includes the three stages of data preprocessing, signature generation and signature verification. The invention is a signature authentication method based on polynomial equations of a plurality of variables in a finite field, which can effectively resist the key recovery attack, provide the basic technical support for the information security and the establishment of the trust system in the quantum computer era, and provide a secure digital signature option in the quantum era. The present invention is especially suitable for use under application condition which has limited storage and processing time, such as smart cards, wireless sensor networks and dynamic RFID tags.

Techniques for mitigating timing attacks via dynamically scaled time dilation are provided. According to one set of embodiments, a computer system can enable time dilation with respect to a program, where the time dilation causes the program to observe a dilated view of time relative to real time. Then, while the time dilation is enabled, the computer system can track a count of application programming interface (API) calls or callbacks made by a program within each of a series of time buckets and, based on counts tracked for a range of recent time buckets, scale up or scale down a degree of the time dilation.