Methods and apparatus for code-based asymmetric cryptosystem using Quasi-Cyclic Moderate-Density Parity-Check (QC-MDPC) error correcting codes. Specifically, the method and apparatus generalizes the framework of (QC-MDPC) Code-Based (CB) cryptography from the binary domain (Galois Field of two elements) to an arbitrary size of Galois Field and provides an apparatus for implementing the cryptosystem with a simplified computational complexity of key generation, encryption, and decryption components of the cryptosystems and reduced sizes of the public and private security keys.

This invention pertains to secure communications between multiple parties and/or secure computation or data transmission between multiple computers or multiple vehicles. This invention provides a secure method for three or more parties to establish one or more shared secrets between all parties. In some embodiments, there are less than 40 parties and in other embodiments there are more than 1 million parties that establish a shared secret. In some embodiments, establishing a shared secret among multiple parties provides a method for a secure conference call. In some embodiments, a shared secret is established with multiple computer nodes across the whole earth to help provide a secure Internet infrastructure that can reliably and securely route Internet traffic. In some embodiments, a shared secret is established so that self-driving vehicles may securely communicate and securely coordinate their motion to avoid collisions. In some embodiments, a shared secret is established with multiple computer nodes that participate as a network, performing blockchain computations.

Elliptic Curve Cryptography (ECC) can provide security against quantum computers that could feasibly determine private keys from public keys. A server communicating with a device can store and use PKI keys comprising server private key ss, device public key Sd, and device ephemeral public key Ed. The device can store and use the corresponding PKI keys, such as server public key Ss. The key use can support all of (i) mutual authentication, (ii) forward secrecy, and (iii) shared secret key exchange. The server and the device can conduct an ECDHE key exchange with the PKI keys to mutually derive a symmetric ciphering key K1. The device can encrypt a device public key PK.Device with K1 and send to the server as a first ciphertext. The server can encrypt a server public key PK.Network with at least K1 and send to the device as a second ciphertext.

A system and method for the generation of composite private keys are provided. First and second bitstreams are retrieved from an addressable cryptographic table by deriving addresses in the addressable cryptographic table from an initial instruction, accessing first and second bit values stored at addresses belonging to the derived addresses in the addressable cryptographic table, and outputting the first bit values as the first bitstream and the second bit values as the second bitstream. The first bitstream is concatenated with data from the first bitstream to form a data stream having a desired length and the second bitstream is concatenated with data from the second bitstream to form a selector stream having the desired length. A first composite encryption key having a length longer than the first and second bitstreams is formed by selecting values of the data stream identified by corresponding bit values of the selector stream.

A device for performing multi-key homomorphic encryption includes a public key generator configured to generate a public key by using a secret key for each client, and a multiplication key generator configured to generate a multiplication key by reusing a public key protection error used in the generating of the public key. By reducing the size of the multiplication key by reusing the public key protection error, the operation time and memory may be reduced.

An encryption method includes: calculating a second random matrix using a first random matrix and a secret key, and generating a ciphertext corresponding to a message using the second random matrix. The generating of the ciphertext includes: performing a rounding process for sending the generated ciphertext to a smaller modulus area. The generating of the ciphertext includes performing message encryption without Gaussian sampling.

An encoder includes a computer readable storage medium storing program instructions, and a processor executing the program instructions, the processor configured to generate a key, estimate a network capacity, and encode each bit of the key using a random matrix of a selected rank and the estimated network capacity for secure transmission of the key through a network.

Disclosed is a ciphertext calculation method. The ciphertext calculation method comprises the steps of: receiving a comparative calculation command for a plurality of ciphertexts of the same type; performing a calculation by reflecting the plurality of ciphertexts of the same type on a synthesis function corresponding to the comparative calculation command; and outputting the calculated ciphertexts of the same type.

A cryptanalysis method comprising:

(A) Performing a ciphertext-only direct cryptanalysis of A5/1 and
(B) Using results of Step (A) to facilitate the decryption and/or encryption of further communications that are consistent with encryption using the session key and/or decryption using the session key, wherein the cryptanalysis considers part of the bits of the session key to have a known fixed value, and wherein the cryptanalysis finds the session key. An efficient known plaintext attack on AS/2 comprises trying all the possible values for R4, and for each such value solving the linearized system of equations that describe the output;
The solution of the equations gives the internal state of RI, R2, and R3;
Together with R4, this gives the full internal state which gives a suggestion for the key.

Methods and systems described herein authenticate a user and help secure transaction. A display screen presents images that are difficult for malware to recognize but a person can recognize. In at least one embodiment, a person communicates transaction information using visual images received from the service provider system. In at least one embodiment, a user selects a sequence of visual images as a means of authenticating the user and logging into a financial account or other corporate account.

In some embodiments, methods and systems are provided for determining whether to grant access, by generating and displaying visual images on a screen that the user can recognize, and select. In an embodiment, a user presses his or her finger or fingers on a display screen to select images as a method for authenticating and protecting communication from malware.

In an embodiment, non-determinism in hardware helps unpredictably vary the image selected, the image location, generate noise in the image, or change the shape or texture of the image. In some embodiments, visual image authentication helps Alice and Bob detect if Eve has launched a man-in-the-middle attack on their key exchange.