Multiple systems may determine neural-network output data and neural-network parameter data and may transmit the data therebetween to train and run the neural-network model to predict an event given input data. A data-provider system may perform a dot-product operation using encrypted data, and a secure-processing component may decrypt and process that data using an activation function to predict an event. Multiple secure-processing components may be used to perform a multiplication operation using homomorphic encrypted data.

A networking device continuously and simultaneously receives multiple sign and verify requests, without a priori knowledge of their quantity, type, sequence, length, input data or frequency. The networking device performs the corresponding signature operations and verification operations according to a rule based configuration. Each received sign and verify request is broken into multiple tasks, which are placed into a task pool with priorities, and disassociated from their originating requests and from other tasks. Multiple execution agents (each one a separate general purpose compute unit with its own memory space) repeatedly and simultaneously processes next available tasks from the pool based on priority. Asynchronous worker routines in the agents can pre-calculate certain values for higher level task processing. The output from completed tasks is placed into a repository, and the results in the repository are processed to fulfill the multiple received requests at network line speed.

The present invention relates to data communication systems and protocols utilized in such systems.

An improved method for data encryption has been developed. The method includes storing data, multiple prime numbers and random numbers within an electronic memory storage device. Next, calculating a public number using the multiple prime numbers and providing a public number to a recipient apparatus that has knowledge of the multiple prime numbers. The method then encrypts the stored data with a randomly generated key that is determined with elliptical curve cryptography (ECC) and deletes the randomly generated key after use. Next, the method calculates a common shared secret between the sender and recipient using the prime numbers, a recipient public number and the second random number. The sender and recipient calculate parameters using a key equation based on the randomly generated key and random numbers and a common shared secret. Finally, the recipient calculates the randomly generated key for decryption using the common shared secret, one of the prime numbers, the parameters and the simultaneous equations for decryption of the data.

In a general aspect, a secret generator is used in an elliptic curve cryptography (ECC) scheme. In some aspects, an elliptic curve subgroup is specified by a public generator of an ECC system, and the secret generator is an element of the elliptic curve subgroup. In some instances, the secret generator is used to generate an ECC key pair that includes a public key and a private key, and the private key is used to generate a digital signature based on a message. In some instances, the public key and the secret generator are used to verify the digital signature.

Methods and systems are provided for supporting efficient and secure “Machine-to-Machine” (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

The present disclosure relates to a method and a system for securely accessing a vehicle. The method comprises a preliminary phase, a data exchange phase, and an access phase. The method implements the vehicle, a remote data server, and at least one personal electronic device supplied with a dedicated application. The method implements an elliptic encryption curve, a master key, a primary key, a secondary key, and a tertiary key.

The method utilizes a passport identification number as an element of a homomorphic encryption used to stamp a passport with country entry/exit data to form a digital representation of a subset of information in the passport. As a result, exchange of the digital representation is permitted to allow a selective transfer of information without exposing a user-sensitive passport identification number. The homomorphic encryption comprises a support for exposing a trusted photo and a trusted group containing country travel entry and exit information. The digitally signed passport stamp may then be used to provide verification of the individual by ensuring linkage to that user's passport. The individual's identity and passport verification may occur unconnected, i.e., without having to connect to a central database.

An apparatus includes a processor and a memory operatively coupled to the processor and associated with an instance of a distributed database at a first compute device. The processor is configured to select an anonymous communication path. Each blinded public key from a sequence of blinded public keys associated with the anonymous communication path is associated with a pseudonym of a compute device from a set of compute devices that implement the anonymous communication path. The processor is configured to generate an encrypted message encrypted with a first blinded public key. The processor is configured to generate an encrypted data packet including the encrypted message and a compute device identifier associated with a second compute device. The encrypted data packet is encrypted with a second blinded public key. The processor is configured to send the encrypted data packet to a third compute device.

A method of sharing a secret value is disclosed. The method comprises distributing respective first shares of a first secret value, known to a first participant (P.sub.i), to a plurality of second participants (P.sub.j≠i), wherein said first shares are encrypted by means of at least one private-public key pair comprising a private key and a public key being an elliptic curve generator point multiplied by the private key and wherein a first threshold number of first shares is required in order to enable a second participant to determine the first secret value. At least one second share of a respective second secret value is received from each of a plurality of second participants, wherein the second shares are encrypted by means of at least one private-public key pair comprising a private key and a public key being an elliptic curve generator point multiplied by the private key, and a second threshold number of second shares is required in order to enable a participant other than that second participant to determine the second secret value. A third share of a third secret value is formed from a plurality of second shares, wherein a third threshold number of third shares is required in order to enable the third secret value to be determined.