A method for performing an encrypted data operation may include generating an encrypted hierarchical path identifier corresponding to a hierarchical data space for at least one plaintext data operation that preserves the hierarchy of the hierarchical data space. The at least one plaintext data operation may correspond to at least one subdivision of the hierarchical data space. The method may further include encrypting the at least one plaintext data operation, and sending a request to perform an encrypted data operation to a server. The request may include the encrypted data operation and the encrypted hierarchical path identifier.

In a computer-implemented method of performing Feistel-network-based block-cipher encryption of plaintext, a block cipher algorithm is implemented based on tracks and S-boxes, and plaintext is split into plaintext portions, wherein the number of plaintext portions is equal to the number of tracks, and the sum of all of the portion sizes is equal to the size of the plaintext. The block cipher is adjustable to fit the size of the plaintext, and the size of the plaintext determines the number of plaintext portions and the size of the individual plaintext portions. The size of the input for the S-box of each track of the block cipher is at least equal to the portion size of the plaintext portion fed into the S-box.

The event of [Probability that the two-parts-become-one]=1.0 is “Two-parts-are-one password”. The event of probability<<1.0 is “Two-parts-are-not-one password”. Even if a password of the service side leaks, it is harmless. The maintenance cost of the password is unnecessary. There exists the decomposition point of responsibility within “Two-parts-are-one password” itself so that it becomes disadvantageous to bring up a lawsuit. No password file and no password backup required in an authentication server segment. The core that has produced these innovative effects is the implementation of Split Knowledge and Dual Control of an active key data; it satisfies PCI DSS version 1.2.1 for the first time in the world.

A method includes receiving, on a computer-implemented system and from user, an identification of data and an identification of an algorithm and, based on a user interaction with the computer-implemented system comprising a one-click interaction or a two-click interaction. Without further user input, the method includes dividing the data into a data first subset and a data second subset, dividing the algorithm (or a Boolean logic gate representation of the algorithm) into an algorithm first subset and an algorithm second subset, running, on the computer-implemented system at a first location, the data first subset with the algorithm first subset to yield a first partial result, running, on the computer-implemented system at a second location separate from the first location, the data second subset with the algorithm second subset to yield a second partial result and outputting a combined result based on the first partial result and the second partial result.

Systems and methods for protecting secret or secure information involved in generation of ciphered data by circuitry. The circuitry includes data paths and key paths that operate to perform cipher operations to generate a plurality of key shares and a plurality of data shares using a key and data as input. The data and the key may be masked by at least one mask. The plurality of key shares may be generated using the key and a first mask. The plurality of data shares are generated using key shares, the data, and a second mask.

Disclosed is a method that includes training, at a client, a part of a deep learning network up to a split layer of the client. Based on an output of the split layer, the method includes completing, at a server, training of the deep learning network by forward propagating the output received at a split layer of the server to a last layer of the server. The server calculates a weighted loss function for the client at the last layer and stores the calculated loss function. After each respective client of a plurality of clients has a respective loss function stored, the server averages the plurality of respective weighted client loss functions and back propagates gradients based on the average loss value from the last layer of the server to the split layer of the server and transmits just the server split layer gradients to the respective clients.

The present invention discloses sequence encryption for refactoring a reconstructed-key: a set of compound logic is used to construct a chaotic computing structure to realize chaotic bit-segment stream sequence encryption. In the present invention, the chaotic computing structure is used to dispatch a bit fetching logic, a bit metabolic logic, a bit reconstruction logic and other computing logic units to pseudo-randomly refactor a construct source and a drive source segment by segment and the drive source is used to pseudo-randomly control the construct source to refactor key bit segments bit by bit so as to construct an infinite non-looping regenerated key bit segment sequence that “a picked construct source bit from staggered positions can be non-metabolized and from duplicated positions must be metabolized”.

A security device may be utilized to provide security measures to an electronic device that may incorporate the security device or be coupled to it. The security measures may comprise authentication (e.g., authentication of devices, users, or activities), and/or encryption measures (e.g., encrypting or decrypting exchanged data). A transaction or access via the security device may be authenticated by communicating an authentication request by the security device to an authentication server, which may generate, in response, a sequence of information requests that are sent to the security device. The security device may then generate, in response, a sequence of responses that are sent to the authentication server, with the sequence of responses comprising a sequence of reported values each of which are unique. The authentication server may then authenticate the security device based on comparing of the sequence of reported values with a sequence of expected values that identifies the security device.

Methods are provided for testing and hardening software applications for the carrying out digital transactions which comprise a white-box implementation of a cryptographic algorithm. The method comprises the following steps: (a) feeding one plaintext of a plurality of plaintexts to the white-box implementation; (b) reading out and storing the contents of the at least one register of the processor stepwise while processing the machine commands of the white-box implementation stepwise; (c) repeating the steps (a) and (b) with a further plaintext of the plurality of plaintexts N-times; and (d) statistically evaluating the contents of the registers and the plaintexts, the intermediate results and/or the ciphertexts generated from the plaintexts by searching for correlations between the contents of the registers and the plaintexts, the intermediate results and/or the ciphertexts generated from the plaintexts to establish the secret key.

Original program code of an app of a mobile operating system is protected by splitting the original program code into several program code segments and encrypting the program code segments. The encrypted program code segments are received in separate files in a mobile computing device, where the encrypted program code segments are loaded in memory of the mobile computing device. The encrypted program code segments are decrypted, and the resulting decrypted program code segments are stored in non-contiguous blocks of memory. The decrypted program code segments are parsed for loading and execution in the mobile computing device, such as by a Dalvik process virtual machine of an ANDROID operating system of the mobile computing device.