A caching sub-system downloads and authenticates Resource Public Key Infrastructure (RPKI) cryptographically signed Route Origin Authorizations (ROAs) from a plurality of repositories, forming a VRP set for each repository. When the caching sub-system determines that the VRP count of a VRP set drops to or below a threshold, it substitutes in a last known valid VRP set. A route validating sub-system downloads route information data from one or more global routing tables and calculates the number of valid routes, the number of unknown routes and the number of invalid routes. When the number of valid routes drops to or below a threshold, the route validating sub-system sets an alarm to stop the distribution of VRPs to one or more group of pre-determined routers.

This disclosure involves the notion of using physical objects to generate public key-based authenticators and, in particular, to use everyday physical objects to create a generator seed for a key generator that will use that seed to generate a key pair comprising a public key, and its associated private key. In a preferred approach, the physical object is used to create a digital representation (of the physical object) that, together with some uniqueness associated to the user, gives rise to a key generator seed value. Without knowledge of (a) the physical object itself, (b) how the physical object characteristic is converted (to a digital representation), and (c) the uniqueness value, an attacker cannot reproduce the key generator seed (or the key(s) generated from that seed).

A method for storing data on a storage entity (SE) includes the steps of: (a) dividing a file to be stored into a plurality of chunks by a client; (b) computing a secret key for each of the chunks of the file; (c) computing for each of the chunks a chunk identifier by the client; (d) checking, by the SE, whether one or more of the chunks have already been stored based on the computed chunk identifiers; and (e) it a case where it is determined that one or more of the chunks have not already been stored, performing the following: encoding the corresponding chunks; computing chunk tags for the chunks using the computed secret key; and storing the encoded chunks and the chunk tags.

An apparatus includes a processor and a memory operatively coupled to the processor and associated with an instance of a distributed database at a first compute device. The processor is configured to select an anonymous communication path. Each blinded public key from a sequence of blinded public keys associated with the anonymous communication path is associated with a pseudonym of a compute device from a set of compute devices that implement the anonymous communication path. The processor is configured to generate an encrypted message encrypted with a first blinded public key. The processor is configured to generate an encrypted data packet including the encrypted message and a compute device identifier associated with a second compute device. The encrypted data packet is encrypted with a second blinded public key. The processor is configured to send the encrypted data packet to a third compute device.

In aspects of variable relinearization in homomorphic encryption, a computing device stores homomorphic encrypted data as a dataset, and implements an encryption application that can perform a multiplication operation on a ciphertext in the homomorphic encrypted data, where the multiplication operation contributes to increase a noise component in the ciphertext. The encryption application can determine a relinearization amount by which to relinearize the ciphertext after the multiplication operation, where the determination is effective to optimize a noise increase in the ciphertext based at least in part on projected subsequent multiplication operations on the ciphertext. The encryption application can then relinearize the ciphertext utilizing the determined relinearization amount that optimizes the noise increase in the ciphertext for optimal relinearization performance.

A process selects a public key from a plurality of public keys provided by a message recipient that is to receive an encrypted message. The process establishes an input alphabet for a finite-state machine. The process further constructs the finite-state machine and a language over the input alphabet such that the finite-state machine accepts the language, where the language includes language elements. The process encrypts a language element of the language using the selected public key to provide an encrypted language element. The process electronically transmits the encrypted language element and a specification of the finite-state machine to the message recipient for securely identifying the selected public key to the message recipient. The process encrypts a message using the selected public key to provide the encrypted message. The process also electronically transmits the encrypted message to the message recipient.

Methods, systems, and computer programs for generating cryptographic function parameters are described. In some examples, a solution to a puzzle is obtained. A pseudorandom generator is seeded based on the solution. After seeding the pseudorandom generator, an output from the pseudorandom generator is obtained. A parameter for a cryptographic function is generated. The parameter is generated from the output from the pseudorandom generator.

The present invention relates to a method for electronic signing of a document with a predetermined secret key (x), the method being characterized in that it comprises the implementation of steps of: (a) Drawing a pair formed by a first internal state (s.sub.1.sup.i) and a white-box implementation (WB.sub.i) of a modular arithmetic operation, from among a set of predetermined pairs ({(s.sub.1.sup.i,WB.sub.i)}.sub.i[0,n-1]) each for one nonce (k.sub.i), said first internal state (s.sub.1.sup.i) being a function of the nonce (k.sub.i) and said modular arithmetic operation being a function of the first internal state (s.sub.1.sup.i), of the nonce (k.sub.i) and of the secret key (x); (b) Determining a second internal state (s.sub.2.sup.i) by application of said drawn white-box implementation (WB.sub.i) to a condensate of the document obtained via a given hash function; (c) Generating an electronic signature of the document from the first internal state (s.sub.1.sup.i) of the drawn pair and from the second determined internal state (s.sub.2.sup.i), and deleting the drawn pair of said set of pairs ({(s.sub.1.sup.i,WB.sub.i)}.sub.i[0,n-1]).

The present disclosure provides methods and systems for ensuring the security of a blockchain and associated network, and for enabling the establishment of consensus regarding the state of the blockchain. A method of the disclosure may be implemented by one or more nodes on a blockchain network, using a non-parallelisable algorithm to calculate an output based on a computational difficulty parameter, a hash of at least one blockchain transaction; and/or a hash of at least one blockchain block header. The non-parallelisable, inherently sequential algorithm comprises at least one of the following operations or a combination thereof: a recursive operation, a modular exponentiation and/or a repeated squaring operation.

A method is provided for solving a computational problem that is reducible to a problem of counting solutions to an associated decision problem. The method includes, using a quantum computer, estimating a number of the solutions to the decision problem by determining if there is at least one solution to the decision problem that lies in a pseudo-random set. The method also includes outputting or using the estimated number of the solutions to the decision problem as a solution to the computational problem. Determining if there is at least one solution to the decision problem that lies in the pseudo-random set could include determining if there is a sequence of solutions to the decision problem that, taken together, lies in the pseudo-random set.