A method for sharing information has an assertion associated therewith such that the receiving communication device is able to verify the assertion without the sender revealing underlying data demonstrating the validity of the assertion. The assertion is derived from underlying data input to a pre-provisioned first algorithm. The assertion is encapsulated in a first data object by a PGE that controls an environment in which the first algorithm is executed. A first proof is generated that is configured to verify that the first algorithm used the underlying data to produce the assertion when provided to a PVE along with the first data object. The underlying data is excluded from the first proof and the first data object such that privacy of the underlying data is maintained. The information, the first proof and the first data object are sent to the receiving communication device from the sending communication device.

The present disclosure relates to a method method for performing a disjunctive proof for two relations R.sub.0 and R.sub.1. The relation R.sub.0 is between an instance set X.sub.0 and a witness set W.sub.0 and defines a language L(R.sub.0) containing those elements x.sub.0∈X.sub.0 for which there exists a witness w.sub.0 that is related to x.sub.0 in accordance with R.sub.0. The relation R.sub.1 is between an instance set X.sub.1 and a witness set W.sub.1 and defining a language L(R.sub.1) containing those elements x.sub.1∈X.sub.1 for which there exists a witness w.sub.1 that is related to x.sub.1 in accordance with R.sub.1. For proving knowledge of a witness w.sub.b of at least one of instances x.sub.0 and x.sub.1, where b is 0 or 1, of the respective relations R.sub.0 and R.sub.1, the prover may generate using a bijective function a challenge from a simulated challenge c.sub.1-b.

A cell phone is disclosed for acquiring information to be transmitted to a receiving facility and for transmitting such thereto. A capture device captures information from an external source. A processor is provided for associating with the captured information a representation of the date and time of the capture of the information, such that the representation of the date and time information in association with the captured information forms augmented captured information. The processor also places the augmented captured information in association with subscriber information in a transmission of the augmented captured information to a receiving facility requiring such subscriber information. A transmitter transmits the transmission including the augmented captured information and the subscriber information to the receiving facility. An encryptor encrypts the augmented captured information with a symmetrical encryption algorithm to provide encrypted augmented captured information in the transmission with the subscriber information.

A method for recognizing and/or identifying a user (9) with a chip (C) in an electronic identity object storing a digital identity (24), the method comprising steps of: —establishing a wireless or electrical connection between the electronic identity object (C) and a verification terminal (T); —verifying, in the electronic identity object, if the verification terminal is authorized to communicate with the electronic identity object (C), and in response of a positive verification sharing a secret (K): using the shared secret (K) for establishing an encrypted symmetric data link (5) between the electronic identity object and the verification terminal (T); transmitting, through the encrypted data link (5), said digital identity (24) stored in the electronic identity object to the verification terminal (T); and verifying in the verification terminal (T) the authenticity of said digital identity (24).

A biometric scanner apparatus comprising a biometric sensor configured to scan at least a biological sample and receive a unique biometric pattern, a secret data extractor configured to receive the unique biometric pattern from the biometric sensor and generate an output comprising a sample-specific secret, and a sample identifier circuit communicatively connected to the secret data extractor wherein the sample identifier circuit is configured to produce at least an output comprising a secure proof of the sample-specific secret.

The invention relates to distributed ledger technologies such as consensus-based blockchains. Computer-implemented N methods for reducing arithmetic circuits derived from smart contracts are described. The invention is implemented using a blockchain network, which may be, for example, a Bitcoin blockchain. A set of conditions encoded in a first programming language is obtained. The set of conditions is converted into a programmatic set of conditions encoded in a second programming language. The programmatic set of conditions is precompiled into precompiled program code. The precompiled program code is transformed into an arithmetic circuit. The arithmetic circuit is reduced to form a reduced arithmetic circuit, and the reduced arithmetic circuit is stored.

A processor may commit, anonymously, an identity and associated data of a resource producer on a blockchain by an independent gateway. The processor may generate a Merkle tree hash commitment to the blockchain of all resources handled by an aggregator. The processor may execute individual commitments of a resource to a user. The processor may provide a zero-knowledge-proof that proves that the commitment of the identity and associated data of the resource producer and the Merkle tree hash commitment match.

According to examples, a system for enabling user authentication may include a processor and a memory storing instructions. The processor, when executing the instructions, may cause the system to receive user login credentials and initiate a user authentication process by receiving a challenge configured using an attribute of a system including the processor. The processor executes further instructions to determine the attribute value and to derive a zero-knowledge proof in response to the challenge. The zero-knowledge proof is provided to the challenge issuer to access services of one or more applications.

In one embodiment, a brokering service receives, from a requesting device, a request to verify an online claim associated with an online resource. The brokering service identifies, based upon the request, a proving entity for the online claim. The brokering service obtains, from the proving entity, digitally verifiable proof that indicates that the online claim has been securely verified by the proving entity. The brokering service provides the digitally verifiable proof to the requesting device, wherein the digitally verifiable proof causes the requesting device to display an indication that the online claim has been securely verified.

A secure maximum value computation apparatus includes an initialization unit 1 that sets X′=X, a pair creation unit 2 that creates, from among the X′, one or more pairs such that no element is included in two or more pairs, a determination unit 3 that determines, through secure computation, a secret value that is a larger value among [[x.sub.i]]and [[x.sub.i]] included in each of the one or more pairs for each of the one or more pairs that are created, a set updating unit 4 that sets, as a new X′, when there is a secret value that is not included in the one or more pairs in the X′, a set including the secret value that is not included in the one or more pairs in the X′ and the secret value determined by the determination unit, a control unit 5 that performs a control to repeat the above-described processing operations until |X′|=1 holds, and a flag determination unit 6 that determines a flag [[z(x.sub.i)]] (i=1, . . . n) such that [[z(x.sub.g)]]=[[1]] holds when [[x.sub.g]] (g∈[1, n]) is a maximum value and [[z(x.sub.i)]]=[[0]] holds when i≠g holds.