A plurality of byte ranges forms a sample for content output from a player device, and includes at least one double-encrypted byte range. The plurality of byte ranges is stored in a secured memory, and the at least one double-encrypted byte range is partially decrypted to generate at least one decrypted singe-encrypted byte range. The plurality of byte ranges is stored in an unsecured memory using the at least one decrypted single-encrypted byte range in place of the at least one double-encrypted byte range.

A system includes circuitry for rewriting blockchains in a non-tamper-evident or tamper-evident operation using a key secret held in portions by multiple individually untrusted parties. The blockchains may include a series of blocks secured by integrity codes that may prevent non-tamper-evident rewrites by non-trusted parties that are not in possession of the key secret or individually-untrusted parties in possession of only a portion of the key secret. In some cases, multiple individually-untrusted parties may combine their portions into the key secret. As a group, the multiple individually-untrusted parties may perform non-tamper-evident operation with respect to at least one integrity code within the blockchain.

In some embodiments, the present invention provides for an exemplary computer system which includes at least: a graphical user interface client; a dedicated application server; the dedicated application server is configured to connect to the graphical user interface client and an electronic source with electronic data records; where the electronic data records include real identification identifiers of real individuals; where the graphical user interface client is configured to generate at a graphical user interface that is configured to receive user authenticating credential information and to conduct a real-time electronic negotiation querying session between the user and the dedicated application server to generate a plurality of non-reversible synthetic electronic data records of a plurality of synthetic individuals, by utilizing at least one statistical technique so that the plurality of non-reversible synthetic electronic data records cannot be used to identify any real individual in the plurality of electronic data records.

A lightweight attribute-based signcryption (ABSC) method for cloud-fog-assisted Internet-of-things: performing, by a central authority, system initialization to generate a system key pair, and disclosing a public key, the public key including a symmetric encryption algorithm (SEA) and a key derivation function (KDF); generating, by the central authority, a decryption key and an outsourcing decryption key based on a decryption attribute set of a data user, and generating a signature key and an outsourcing signature key based on a signature access structure; calling, by a data owner, a fog node for outsourcing signature, performing symmetric encryption on a plaintext based on a symmetric key, and performing ABSC on the symmetric key based on a defined encryption access structure; and calling, by the data user, a fog node for outsourcing signature verification, calling a fog node for outsourcing decryption, and performing symmetric decryption on a ciphertext based on an outsourcing decryption result.

A memory address allocation unit allocates, to each of nodes in a tree structure configured for protecting a memory, a memory address unique to the node. A tag generation unit defines, for each of the nodes in the tree structure, a connection of the memory address and a constant as a nonce, and generates a tag by inputting the nonce and a plaintext of which tampering with is to be detected, or the nonce and a plurality of constants of child nodes of each of the nodes into a message authentication code, the message authentication code being a code by which a partially-updatable tag can be output. A node generation unit uses a constant as a local counter, and generates each of the nodes in the tree structure by combining at least a tag and the local counter.

Operational n-state digital circuits and n-state switching operations with n and integer greater than 2 execute Finite Lab-transformed (FLT) n-state switching functions to process n-state signals provided on at least 2 inputs to generate an n-state signal on an output. The FLT is an enhancement of a computer architecture. Cryptographic apparatus and methods apply circuits that are characterized by FLT-ed addition and/or multiplication over finite field GF(n) or by addition and/or multiplication modulo-n that are modified in accordance with reversible n-state inverters, and are no longer known operations. Cryptographic methods processed on FLT modified machine instructions include encryption/decryption, public key generation, and digital signature methods including Post-Quantum methods. They include modification of isogeny based, NTRU based and McEliece based cryptographic machines.

Disclosed herein are system, method, and computer program product embodiments for encrypting and decrypting a sensitive data item using a zero-knowledge encryption protocol. An embodiment operates by receiving a request to decrypt the sensitive data item from a client. The embodiment retrieves the requested sensitive data item from a data store. The embodiment generates a result set by replacing a ciphertext value of the sensitive data item to be stored in the result set with a placeholder identifier. The embodiment retrieves a data encryption key (DEK) block from a DEK manager, wherein the DEK block comprises a DEK associated with the sensitive data item. The embodiment generates and encrypts a cipher ticket comprising the ciphertext value of the sensitive data item. The embodiment then sends the result set, the cipher ticket, and the DEK block to the client for decryption of the ciphertext value of the sensitive data item.

Methods and systems for implementing a distributed blockchain transaction processing element in a data center are described. A call to a function is received. The call for the function is dispatched to a first runtime environment of a first server. Code is fetched from the blockchain database. The code is executed in the first runtime environment resulting in a blockchain transaction. A copy of the blockchain transaction is written in a storage medium that is locally accessible by the first server. The blockchain transaction is added to a first block. A consensus mechanism is used to determine whether the first block is to be added to the blockchain database; and responsive to determining that the first block is to be added to the blockchain database, the first block is caused to be stored in a persistent storage as part of the blockchain database.

A system converts high level source code into an arithmetic circuit that represents the functionality expressed in the source code, such as a smart contract as used in relation to a blockchain platform. The system processes a portion of high level source code to generate an arithmetic circuit. The arithmetic circuit comprises one or more arithmetic gates arranged to represent at least some of the functionality expressed in the source code.

Systems and methods of authentication and encrypted communication between a server and client devices using independently-generated shared encryptions keys are disclosed. Client devices with arrays of physical-unclonable-function devices are respond to challenges from a server. Characteristics of the arrays are stored by the server during a secure enrollment process. Subsequently, the server issues challenges to the clients. The clients derive encryption keys from their responses to those challenges generated by the clients from characteristics of portions of the arrays specified by the challenges. The clients send messages encrypted with the client-generated encryption keys to the server. The server uses the stored characteristics to independently reproduce the client-generated encryption key. When the server-generated encryption key matches the client-generated key, the clients may be authenticated and the clients can communicate securely with the server without exchanging encryption keys. Ternary PUF characterization schemes may be used to achieve acceptable authentication error rates.