An area efficient architecture for lattice based key encapsulation and digital signature generation having a co-processor with a polynomial arithmetic submodule configured to process polynomial arithmetic and generate integer values representing polynomial coefficients, a hash submodule operably configured to perform hash operations and to generate pseudorandom numbers, a polynomial format submodule communicatively coupled to the polynomial arithmetic submodule and the hash submodule and operably configured to encode polynomials and decode polynomials, a memory bank communicatively coupled with and operably configured to receive and store temporary values from the polynomial arithmetic submodule, the hash submodule, the polynomial format submodule, and a data interface, and with a control unit operably configured to manage the data interface at selectively controlled time intervals and to utilize the polynomial arithmetic submodule, the hash submodule, and the polynomial format submodule to perform the plurality of cryptographic algorithms for Dilithium-DSA and for Kyber-KEM with the temporary values.

Operational n-state digital circuits and n-state switching operations with n and integer greater than 2 execute Finite Lab-transformed (FLT) n-state switching functions to process n-state signals provided on at least 2 inputs to generate an n-state signal on an output. The FLT is an enhancement of a computer architecture. Cryptographic apparatus and methods apply circuits that are characterized by FLT-ed addition and/or multiplication over finite field GF(n) or by addition and/or multiplication modulo-n that are modified in accordance with reversible n-state inverters, and are no longer known operations. Cryptographic methods processed on FLT modified machine instructions include encryption/decryption, public key generation, and digital signature methods including Post-Quantum methods. They include modification of isogeny based, NTRU based and McEliece based cryptographic machines.

Aspects of associative cryptography key operations are described. In one embodiment, a first cryptographic function is applied to secret data to produce a first encrypted result. The first encrypted result is transmitted by a first device to a second device. The second device applies a second cryptographic function to the first encrypted result to produce a second encrypted result. At this point, the secret data has been encrypted by two different cryptographic functions, each of them being sufficient to secure the secret data from others. The two different cryptographic function can be inversed or removed, in any order, to reveal the secret data. Thus, the first device can apply a first inverse cryptographic function to the second encrypted result to produce a first result, and the second device can apply a second inverse cryptographic function to the first result to decrypt the secret data.

Bitcoins and the underlying blockchain technology are one of the main innovations in building decentralized applications. The effects of quantum computing on this technology are analyzed in general. Provided herein are effective solutions to address security vulnerabilities in a blockchain-based system that can be exploited by a quantum attacker.

Techniques of generating a lattice-based verification matrix and signature vector are disclosed. The method enables a generating device to sample a gadget matrix and then generate a reduced gadget matrix. The generating device may then sample a trapdoor matrix and use the trapdoor matrix and the reduced gadget matrix to generate a verification matrix. A sending device may receive the trapdoor matrix and the verification matrix from the generating device, in addition to receiving a message. The sending device may then use the trapdoor matrix and the verification matrix to generate a signature vector for the message. A verification device can receive the verification matrix, the message, and the signature vector. The verification device may use the verification matrix and the signature vector to verify the message.

A method for checking the identity of a reference individual, the method comprising the following steps, implemented by a checking device: selecting terminals respectively associated with individuals forming part of a set of individuals whose identities are intended to be checked by the checking device, the individual forming part of the set of individuals; sending, to each of the selected terminals, an input datum associated with the reference individual and a request asking the terminal to implement a first cryptographic processing operation producing an output datum from the input datum and from a private key specific to the individual associated with the terminal; receiving each output datum; and implementing a second cryptographic processing operation producing a check result relating to the reference individual from each output datum.

Systems and methods for improving homomorphic encryption are provided. A processor receives an encrypted ciphertext; splits the encrypted ciphertext into a plurality of smaller digits; applies a homomorphic floor function to clear a least significant bit from a current smaller digit; scales down the encrypted ciphertext, using modulus switching, thereby changing the ciphertext modulus to a new modulus; applies a bootstrapping procedure for a sign evaluation function to determine a sign of the scaled down encrypted ciphertext; and transmits the sign with the ciphertext to a server for subsequent use.

Some embodiments relate to a first electronic network node is provided (110) configured for a cryptographic operation. The first network node is configured to receive as input a difficulty parameter (d), and a structure parameter (n), and to obtain a shared matrix (A), the shared matrix being shared a second network node through a communication interface, entries in the shared matrix A being selected modulo a first modulus (q), the shared matrix (A) being a square matrix (k×k) of dimension (k) equal to the difficulty parameter (d) divided by the structure parameter (n), the entries in the shared matrix (A) being polynomials modulo a reduction polynomial (ƒ) of degree equal to the structure parameter (n), said cryptographic operation using the shared matrix.

A method includes receiving a first polynomial and a second polynomial, both of order n−1 and forming d polynomial segments from both the first polynomial and the second polynomial such that each polynomial segment is of order (n/d)−1. The polynomial segments of the first polynomial and the d polynomial segments of the second polynomial are used to form segment products. Each segment product is divided into a first polynomial substructure of order n/d and a second polynomial substructure of order (n/d)−1. A first polynomial substructure containing the first n/d coefficients of a product of the first polynomial and the second polynomial is summed with a second polynomial substructure to form a sum substructure. The sum substructure is used multiple times to determine coefficients of a polynomial representing the modulo x.sup.n+1 of the product of the first polynomial and the second polynomial.

An encryption apparatus (400) generates ciphertext data C of plaintext data x by [C=B.Math.R+E+x.Math.G], using a matrix B included in an encryption key PK used for homomorphic computation, a random-number matrix R, a random-number matrix E, and a tensor product G of a predetermined vector and a predetermined identity matrix. A circuit-confidentiality homomorphic computation apparatus (500) performs the homomorphic computation for the plaintext data x, using the encryption key PK and the ciphertext data C, and generates ciphertext data C.sub.X as a computation result of the homomorphic computation.