Provided is a method for securely performing a public key algorithm comprising cryptographic computations using a private key. It includes selecting (S1), by a server device, a set of mutually coprime integers (p1,...,pn) as a base of a Residue Number System (RNS-base B), with n an integer; computing (S2), by said server device, a RNS representation of said private key, said RNS representation of an integer x in [0, P-1], with P the product of every elements of the base, being the list (x1, ...xn) with xi = x mod pi, i being an integer in [1,n]; sending (S3), by said server device, the computed RNS representation to a client device; and performing (S4), by said client device, the cryptographic computations of the public key algorithm in said RNS base using said sent RNS representation.

A method for pairing a key fob with a control unit is provided. The key fob executes an ID authenticated key agreement protocol with a pairing device based on a key fob identification to authenticate one another and to generate a first encryption key. The pairing device encrypts a control unit identification using the first encryption key. The key fob receives the encrypted control unit identification transmitted from the pairing device. The key fob then executes an ID authenticated key agreement protocol with the control unit based on the control unit identification to authenticate one another and to generate a second encryption key. The key fob then receives an operational key transmitted from the control unit that is encrypted with the second encryption key.

Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

A solution for controlling access to a resource such as a digital wallet implemented using a blockchain. Use of the invention during set-up of the wallet can enable subsequent operations to be handled in a secure manner over an insecure channel. An example method comprises splitting a verification element into multiple shares; determining a common secret at multiple nodes in a network; and using the common secret to transmit a share of the verification element between nodes. The shares can be split such that no share is sufficient to determine the verification element and can be stored at separate locations. Upon share unavailability, the share can be retrieved a location accessibility. For safe transmission of the share(s), the common secret is generated at two different nodes independently and used to generate an encryption key for encrypting at least one share of the verification element to be transmitted securely.

Methods and devices that manage the secure distribution of credentials from a group of autonomous specialized nodes to a requesting node. The secure distribution of credentials may uses secret share and a group private key that none of the nodes reconstructs or possesses. The credentials include an identifier for the requesting node and a secret point that the node assembles from portions of the secret point provided by each of a plurality of the specialized nodes, where the secret point is based on the group private key and a map-to-point hash of the requesting node's identifier.

An apparatus for validating an identity of an individual based on biometrics includes a memory and a processor operatively coupled to a distributed database and the memory. The processor is configured to provide biometric data as an input to a predefined hash function to obtain a first biometric hash value. The processor is configured to obtain, using a first pointer to the distributed database, a signed second biometric hash value. The processor is configured to define a certification of the biometric data in response to verifying that a signature of the signed second biometric hash value is associated with the compute device and verifying that the first biometric hash value corresponds with the second biometric hash value. The processor is configured to digitally sign the certification using a private key associated with the processor to produce a signed biometric certification and store the signed biometric certification in the distributed database.

Providing revocation status of at least one associated credential includes providing a primary credential that is at least initially independent of the associated credential, binding the at least one associated credential to the primary credential, and deeming the at least one associated credential to be revoked if the primary credential is revoked. Providing revocation status of at least one associated credential may also include deeming the at least one associated credential to be not revoked if the primary credential is not revoked. Binding may be independent of the contents of the credentials and may be independent of whether any of the credentials authenticate any other ones of the credentials. The at least one associated credential may be provided on an integrated circuit card (ICC). The ICC may be part of a mobile phone or a smart card.

A computer implemented method for anonymous proximity tracing implemented by a plurality of participating devices. The method includes, upon detection by a first participating device of a respective current public key broadcast by a second participating device, at each of the first participating device and second participating device: i. computing a current shared secret; ii. computing first and second tokens parametrized with the current shared secret and a value relating to the first, and respectively second, participating devices; and iii. based on a sorting value, storing the first and second tokens in selected ones of first and second encounter token lists of the first and second participating devices; and selectively uploading at least part of one of the first encounter token list or the second encounter token list by a given participating device to a proximity management server.

A method for deriving a partial signature for a subset of a set of messages. The method includes: receiving the set of messages and a signature of the set, which includes signature elements of the set; generating anonymized elements of the signature; generating a first verification element from messages other than those of the subset; generating a second verification element to prove the first verification element is well formed; and sending, to a verification entity, a partial signature specific to the subset. The partial signature includes a constant number of elements having at least the elements of the signature of the set of anonymized messages, the first verification element and the second verification element. The partial signature is verifiable with only the messages of the subset of messages. The second verification element is a function of derived values calculated from at least the other elements of the partial signature.

A method for secure key exchange. The method comprises receiving a request to certify a key from a communication partner at an interface between an access and tamper resistant circuit block and exposed circuitry. Within the access and tamper resistant circuit block, a first random private key is generated. A corresponding public key of the first random private key is derived, and a cryptographic digest of the public key and attributes associated with the first random private key is generated. The generated cryptographic digest is signed using a second random private key that has been designated for signing by one or more associated attributes. The public key and the signature are then sent to the communication partner via the interface.