Embodiments are directed to elliptic curve cryptography scalar multiplications in a generic field with heavy pipelining between field operations. A bit width is determined of operands in data to be processed by a modular hardware block. It is checked whether the bit width of the operands matches a fixed bit width of the modular hardware block. In response to there being a match, the modular hardware block processes the operands. In response to there being a mismatch, the operands are modified to be accommodated by the fixed bit width of the modular hardware block.

A method for providing Cheon-resistance security for a static elliptic curve Diffie-Hellman cryptosystem (ECDH), the method including providing a system for message communication between a pair of correspondents, a message being exchanged in accordance with ECDH instructions executable on computer processors of the respective correspondents, the ECDH instructions using a curve selected from a plurality of curves, the selecting including choosing a range of curves; selecting, from the range of curves, curves matching a threshold efficiency; excluding, within the selected curves, curves which may include intentional vulnerabilities; and electing, from non-excluded selected curves, a curve with Cheon resistance, the electing comprising a curve from an additive group of order q, wherein q is prime, such that q−1=cr and q+1=ds, where r and s are primes and c and d are integer Cheon cofactors of the group, such that cd≤48.

A method of sharing a first common secret among a plurality of nodes for enabling secure communication for blockchain transactions. The method comprises determining, for at least one first node a plurality of second common secrets, wherein each second common secret is common to the first node and a respective second node, is determined at the first node based on a first private key of the first node and a first public key of the second node and is determined at the second node based on the first private key of the second node and the first public key of the first node. The method further comprises exchanging encrypted shares of the first common secret among the plurality of nodes to enable each of the plurality of nodes to reach a threshold number of shares of the first common secret to access the first common secret.

A method and system are provided for updating an elliptic curve (EC) base point G, with the EC basepoint used in encryption and coding of video data. A candidate base point G is generated that includes additional data used for validation purposes and checked as a valid base point before transmission and use.

Improvements to publish-subscribe protocols are provided, including a method for communicating data in a network comprising publisher devices, a broker and subscriber devices, comprising one of the publisher devices: i-a. receiving a public key from the broker; i-b. determining, based on one or more attributes of data to be published to the broker, whether a sensitivity level of the data is low; and ii. following completion of both of steps i-a and i-b, publishing the data to the broker, wherein: when step i-b results in a determination that the sensitivity level of the data is low, step ii comprises transmitting the data to the broker unencrypted; and when step i-b results in a determination that the sensitivity level of the data is not low, step ii comprises encrypting the data then transmitting resulting encrypted data to the broker, wherein the step of encrypting the data uses the public key.

The invention relates to distributed ledge technologies such as consensus-based blockchains. Computer-implemented methods for a trustless, deterministic state machine are described. The invention is implemented using a blockchain network, which may be, for example, a Bitcoin blockchain. A first transaction validate is received at a node in a blockchain network. The first transaction includes a first script that, as a result of being executed, causes the node to at least obtain a first set of field values of the first transaction, a second set of field values of a second transaction, and an input. The second transaction is obtained. The second transaction includes a second script that includes a set of rules and, as a result of being executed, causes the node to at least verify that the second script matches a third script embedded in the first set of field values, determine, based at least in part on the second set of field values, a current state, and determine, based at least in part on the current state, the input, and the set of rules, a next state. The first transaction is validated as a result of execution of the first script and the second script.

A system and method for executing a record within an immutable sequential data structure, the system including a computing device, the computing device configured to transmit a communication to a remote device, receive a remark from the remote device, retrieve an input related to a user, wherein the input is stored as an encrypted proof-linked assertion on at least an immutable sequential data structure for authorized party access, generate a record as a function of the input, transmit the record to the remote device, and store an executed record within the at least an immutable sequential data structure.

A system and method for preventing use of invalid digital certificates is disclosed. The method comprises receiving, in a validation service from a requesting entity, a cryptographic asset and a request to evaluate the cryptographic asset, the cryptographic asset uniquely assigned to one of the plurality of devices by an associated one of the commercially distinct entities, the request comprising the cryptographic asset, determining an evaluation state of the cryptographic asset at least in part from a database derived from a plurality of public keys currently assigned to the plurality of devices and previously received by the validation service, determining a disposition of the cryptographic asset according to a disposition policy associated with the determined evaluation state and the device and effecting the determined disposition of the cryptographic asset.

The present invention provides a secure method for outsourcing data analysis to a third party without the third party being able to access the data in clear. In the present invention, the client’s data is never written to disk, this feature provides the security. The data is decrypted and processed in the enclave which ensures that the data is secure and hidden at all times when it is visible “in clear”.

Embodiments are directed to selecting a multiplication operation to be scheduled in a first stage of an execution schedule, the multiplication operation meeting a first condition of having no dependency. An addition/subtraction operation is selected to be scheduled in the first stage of the execution schedule responsive to meeting the first condition. A process is performed which includes selecting another multiplication operation to be scheduled in a next stage of the execution schedule responsive to meeting the first condition or a second condition, the second condition including having a dependency that is fulfilled by a previous stage. The process includes selecting another addition/subtraction operation to be scheduled in the next stage of the execution schedule responsive to meeting the first or second condition, and repeating the process until each operation has been scheduled in the execution schedule, where the execution schedule is configured for execution by an arithmetic logic unit.