Described is a system for mobile proactive secret sharing amongst a set of servers. A First protocol distributes a block of secret data among the set of servers, the block of secret data including shares of data. Each server holds one share of data encoding the block of secret data. A Second protocol periodically refreshes shares of data such that each server holds a new share of data that is independent of the previous share of data. A Third protocol reveals the block of secret data. Shares of data are periodically erased to preserve security against the adversary. The Second protocol provides statistical security or non-statistical security against the adversary.

A computer-implemented method for escrowing secret data in a server of a client-server network, the client-server network comprising: a first client having at least one public and private client key pairs, at least one trusted client having at least one public and private trusted client key pairs, a server having a public and private server key pairs, a blockchain system comprising a plurality of nodes which are configured to store the public keys of the elements of the client-server network. It is also described a computer-implemented method for obtaining secret data of a server wherein the secret data is escrowed with the above computer-implemented method for escrowing secret data in a server. System, computer-readable mediums and computer programs, which are configured to implement or perform said computer-implemented methods, are also described.

A processing system includes a processing core and a hardware accelerator communicatively coupled to the processing core. The hardware accelerator includes a random number generator to generate a byte order indicator. The hardware accelerator also includes a first switching module communicatively coupled to the random value indicator generator. The switching module receives an byte sequence in an encryption round of the cryptographic operation and feeds a portion of the input byte sequence to one of a first substitute box (S-box) module or a second S-box module in view of a byte order indicator value generated by the random number generator.

A method includes (a) selecting a first token column or a second token column of a token table as an active token column based upon the value of a current token flag, (b) selecting a row of the token table uniquely associated with a sensitive piece of data, the selected row having a first token field storing a first token value and a second token field storing a second token value, (c) selectively extracting an active token value from the first token field when the first token column is the active token column and from the second token field when the second token column is the active token column, (d) selecting a row of a data table having the extracted active token value within a token field, and (e) causing contents of the selected row of the data table to be displayed to a user over a user interface.

The invention is directed to a system that enables an authentication process that involves secure multi-party computation. The authentication process can be performed between a user device operated by a user and an access device. The user device and the access device may conduct the authentication process such that enrollment information and authentication information input by the user is not transmitted between the devices. Instead, the user device may determine and utilize obfuscated values associated with the authentication information. The user device may also determine an obfuscated authentication function that can be utilized to determine an authentication result without revealing enrollment information and authentication information associated with the user. The user can be authenticated based on the authentication result.

A cryptographic method including: generating by a first device having a datum x an RSA module N; computing by the first device a number C=g.sup.b.sup.axh1, g being an element of sub-group G of order b.sup.d, h1 being an element of sub-group H of order f, and a, b, d, f being integers, b and f being mutually prime, and x and y being less than d/a; sending C to a second device having datum y; computing by the second device D=C.sup.u.Math.b.sup.d−ay(gh3).sup.vh2, u and v being random numbers and h2 and h3 being elements of H, and a first fingerprint (gh3).sup.v; sending to the first device, D and the first fingerprint; computing by the first device (D.sup.f).sup.f′, f′=1/f; obtaining based on (D.sup.f).sup.f′ a second fingerprint; and determining whether x is greater than or equal to y or x is less than y by comparing the first and the second fingerprints.

The invention proposes a method of protection of a Boolean circuit associated with a structural description of the circuit comprising elementary Boolean variables, each represented by one bit, the method comprising the steps consisting in: selecting a set of k elementary Boolean variables of the circuit as a function of predefined selection criteria, constructing a variable x represented by k bits by concatenation of the k selected variables in accordance with a chosen order, determining a binary code C comprising a set of code words and belonging to a given vector space and the supplementary code D of said binary code C as a function of a condition bearing on the dual distance of said supplementary code D, said binary code C having a length n and a size 2.sup.k, where k designates the number of bits representing said variable x; substituting the variable x in the structural description of the Boolean circuit with a protected variable z represented by n bits so that: any operation of writing on the variable x in the circuit is substituted with an operation of writing on the variable z, the variable z being generated by adding the variable x encoded by said code C to a random bit vector y encoded by the supplementary code D, and any operation of reading the variable x in the circuit is substituted with an operation of reading the value of the protected variable z and an operation of decoding said read value of the protected variable z using a decoding matrix J of size (n×k) determined from the binary code C and the supplementary code D of the binary code C.

A value corresponding to an input for a cryptographic operation may be received. The value may blinded by multiplying the value based on an exponentiation of a random number raised to an exponent value that is associated with a public key. A cryptographic operation may be performed based on the blinded value.

Some embodiments provide a method for performing a cryptographic process. The method receives first and second cipher keys. The method generates a set of subkeys corresponding to each of the first and second cipher keys. The set of subkeys for the first cipher key is dependent on the first cipher key and the second cipher key. The method performs the cryptographic process by using the generated sets of subkeys.

Static security credentials are replaced by pseudonyms and session-specific passwords to increase security associated with user login attempts, and specifically to defeat keylogging attacks. For each login event, the system generates unique, session-specific credentials by randomly replacing characters within a given username and password. The random character generation ensures that system login attempts use different combinations of characters, thereby producing a new username and password for every user session. The client side of the system requires only the capability to display an image file, with specialized software/hardware limited to the server side, thereby facilitating the use of the system by a wide range of client devices.