The present disclosure relates to methods, devices, and systems for generating a signature of a message by a first device based on a secret key and a public key. The method includes generating a first parameter based on a first multiplication operation on the secret key and a first random number. The method further includes generating a first electronic signature based on the first parameter and the public key. The method further includes generating a second parameter based on the first random number, a second random number, and the message. The method further includes generating a second electronic signature based on the first parameter, the second parameter, the second random number, and the first electronic signature. The method further includes outputting, to a second device, the message, the first electronic signature, and the second electronic signature.

Various embodiments relate to a method for masked decoding of a polynomial a using an arithmetic sharing a to perform a cryptographic operation in a data processing system using a modulus q, the method for use in a processor of the data processing system, including: subtracting an offset δ from each coefficient of the polynomial a; applying an arithmetic to Boolean (A2B) function on the arithmetic shares of each coefficient a.sub.i of the polynomial a to produce Boolean shares â.sub.i that encode the same secret value a.sub.i; and performing in parallel for all coefficients a shared binary search to determine which of coefficients a.sub.i are greater than a threshold t to produce a Boolean sharing value {circumflex over (b)} of the bitstring b where each bit of b decodes a coefficient of the polynomial a.

Systems and methods are provided for proving plaintext knowledge of a message m, encrypted in a ciphertext, to a verifier computer. The method includes, at a user computer, encrypting the message m via a predetermined encryption scheme to produce a ciphertext u, and generating a plurality l of challenges c.sup.i, i=1 to l, dependent on the ciphertext u. For each challenge c.sup.i, the user computer generates a cryptographic proof Π.sub.2.sup.i comprising that challenge c.sup.i and a zero-knowledge proof of plaintext knowledge of the message m encrypted in the ciphertext u. The user computer sends the ciphertext u and the l proofs Π.sub.2.sup.i to the verifier computer. Each challenge c.sup.i is constrained to a predetermined challenge space C permitting identification, by searching the challenge space C, of an element c.sup.i″ such that the message m can be obtained via a decryption operation using the ciphertext u, the element c.sup.i″, and a decryption key of said encryption scheme.

An apparatus includes a processor and a memory operatively coupled to the processor and associated with an instance of a distributed database at a first compute device. The processor is configured to select an anonymous communication path. Each blinded public key from a sequence of blinded public keys associated with the anonymous communication path is associated with a pseudonym of a compute device from a set of compute devices that implement the anonymous communication path. The processor is configured to generate an encrypted message encrypted with a first blinded public key. The processor is configured to generate an encrypted data packet including the encrypted message and a compute device identifier associated with a second compute device. The encrypted data packet is encrypted with a second blinded public key. The processor is configured to send the encrypted data packet to a third compute device.

An apparatus includes a processor and a memory operatively coupled to the processor and associated with an instance of a distributed database at a first compute device. The processor is configured to select an anonymous communication path. Each blinded public key from a sequence of blinded public keys associated with the anonymous communication path is associated with a pseudonym of a compute device from a set of compute devices that implement the anonymous communication path. The processor is configured to generate an encrypted message encrypted with a first blinded public key. The processor is configured to generate an encrypted data packet including the encrypted message and a compute device identifier associated with a second compute device. The encrypted data packet is encrypted with a second blinded public key. The processor is configured to send the encrypted data packet to a third compute device.

A method for establishing a shared key, includes: determining, by a first device, a braid group B.sub.n having an index n as a public key; selecting, by the first device, a plurality of elements from the braid group B.sub.n to generate a subgroup P, and selecting an element x from the subgroup P as a private key; receiving, by the first device, {y.sup.−1σ.sub.1y,y.sup.−1σ.sub.2y, . . . , y.sup.−1σ.sub.n−1y} sent from a second device; sending, by the first device, {x.sup.−1σ.sub.1x,x.sup.−1σ.sub.2x, . . . , x.sup.−1σ.sub.n−1x} calculated according to the first private key and each element of the public key, to the second device, to allow the second device to replace all occurrences of σ.sub.k in the second private key y with x.sup.−σ.sub.kx to obtain f.sub.y(x.sup.−1σ.sub.1x,x.sup.−1σ.sub.2x, . . . , x.sup.−1σ.sub.n−1x)=x.sup.−1yx and to obtain the shared key x.sup.−1y.sup.−1xy by calculation; and replacing all σ.sub.k in the first private key of the first device with y.sup.−1σ.sub.ky to obtain f.sub.x(y.sup.−1σ.sub.1yy.sup.−1σ.sub.2y, . . . , y.sup.−1σ.sub.n−1y)=y.sup.−1xy, and calculating to obtain the shared key x.sup.−1y.sup.−1xy.

An apparatus includes a processor and a memory operatively coupled to the processor and associated with an instance of a distributed database at a first compute device. The processor is configured to select an anonymous communication path. Each blinded public key from a sequence of blinded public keys associated with the anonymous communication path is associated with a pseudonym of a compute device from a set of compute devices that implement the anonymous communication path. The processor is configured to generate an encrypted message encrypted with a first blinded public key. The processor is configured to generate an encrypted data packet including the encrypted message and a compute device identifier associated with a second compute device. The encrypted data packet is encrypted with a second blinded public key. The processor is configured to send the encrypted data packet to a third compute device.

A first terminal device may receive first address information which is a first IP address of the first communication device from the first communication device by using a communication network to which the first terminal device and a first communication device belong, and a first public key of the first communication device. The first terminal device may send a first authentication request in which the first public key is used to the first communication device with the first address information as a destination, and send first connection information to the first communication device with the first address information as a destination in a case where a first authentication response is received from the first communication device. The first connection information may be used by the first communication device to establish a first wireless connection between the first communication device and an external device.

Aspects of the present disclosure involve a method, a system and a computer readable memory to perform a cryptographic operation that includes identifying a first set of mutually coprime numbers, obtaining a second set of input numbers coprime with a corresponding one of the first set of mutually coprime numbers, obtaining an output number that is a weighted sum of the second set of input numbers, each of the second set of input numbers being taken with a weight comprising a product of all of the first set of mutually coprime numbers except the corresponding one of the first set of mutually coprime numbers, and performing the cryptographic operation using the output number.

A method for establishing a shared key, includes: determining, by a first device, a braid group B.sub.n having an index n as a public key; selecting, by the first device, a plurality of elements from the braid group B.sub.n to generate a subgroup P, and selecting an element x from the subgroup P as a private key; receiving, by the first device, {y.sup.−1σ.sub.1y,y.sup.−1σ.sub.2y, . . . , y.sup.−1σ.sub.n−1y} sent from a second device; sending, by the first device, {x.sup.−1σ.sub.1x,x.sup.−1σ.sub.2x, . . . , x.sup.−1σ.sub.n−1x} calculated according to the first private key and each element of the public key, to the second device, to allow the second device to replace all occurrences of σ.sub.k in the second private key y with x.sup.−σ.sub.kx to obtain f.sub.y(x.sup.−1σ.sub.1x,x.sup.−1σ.sub.2x, . . . , x.sup.−1σ.sub.n−1x)=x.sup.−1yx and to obtain the shared key x.sup.−1y.sup.−1xy by calculation; and replacing all σ.sub.k in the first private key of the first device with y.sup.−1σ.sub.ky to obtain f.sub.x(y.sup.−1σ.sub.1yy.sup.−1σ.sub.2y, . . . , y.sup.−1σ.sub.n−1y)=y.sup.−1xy, and calculating to obtain the shared key x.sup.−1y.sup.−1xy.