A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.

Provided herein is a computer-implemented method, a system, and a non-transitory computer-readable storage medium. The system may be implemented using a blockchain network. The computer-implemented method includes: i) attaching a digital asset of a first entity to an exchange platform; ii) computing a first shared key associated with the digital asset using a key of the first entity and a first key of the exchange platform; iii) generating and broadcasting a first blockchain transaction to a blockchain network; and iv) initiating, by the first entity, transfer of ownership of the digital asset from a first entity to a second entity; v) computing a second key and a second shared key; vi) replacing the first key associated with the exchange platform with the second key associated with the exchange platform; and vii) detaching, by the second entity, the deposit from the exchange platform using the second shared key.

A method and an apparatus for performing verification using a shared key are disclosed. The method includes: receiving, by a first network element, a registration request message from a second network element, where the registration request message includes a user identifier, first network identifier information, and second network identifier information, the second network identifier information is obtained by processing the first network identifier information by using a shared key, and the shared key is a key used between the first network element and the second network element; verifying, by the first network element, the registration request message by using the shared key; and sending, by the first network element, a registration response message to the second network element. When receiving a registration request from a visited network, a home network verifies the registration request message by using a shared key, to avoid a spoofing attack from the visited network.

A system and method for securing application programming interface (API) requests using multi-party digital signatures. The method includes generating, by a first system, at least one first secret share of a plurality of secret shares based on an API secret, wherein the plurality of secret shares includes the at least one first secret share and at least one second secret share, wherein the at least one second secret share is generated by at least one second system; and signing, by the first system, an API request using the at least one first secret share, wherein the API request is further signed by the at least one second system using the at least one second secret share, wherein the API request is signed without revealing any of the at least one first secret share to the at least one second system and without revealing any of the at least one second secret share to the first system.

In a method for cogenerating a shared cryptographic material implemented within a first electronic device, which is connected to a second electronic cogeneration device and to a third electronic cogeneration device, a shared encryption material (pkx) is determined, as a function of a set of cogeneration parameters ECG. The shared encryption material (pkx) is transmitted, and corresponding shared encryption materials (pky, pkz) are received from the other devices. A shared seed (mx) is computed as a function of the shared encryption materials (pkx, pky, pkz) and the set of cogeneration parameters ECG. A masked form (Ox) of said shared seed (mx) is transmitted, and masked forms (Oy, Oz) of corresponding shared seeds (my, mz) are received. A final seed (ad) is computed as a function of the masked forms (Ox, Oy, Oz) of the shared seeds (mx, my, mz) and the set of cogeneration parameters ECG.

The techniques described herein may provide an efficient and secure two-party distributed signing protocol, for example, for the IEEE P1363 standard. For example, in an embodiment, method may comprise generating, at a key generation center, a first partial private cryptographic key for a user ID and a second partial private cryptographic key for the user ID, transmitting the first partial private cryptographic key to a first other device, transmitting the second partial private cryptographic key to a second other device, and generating a distributed cryptographic signature for a message using the first partial private cryptographic key and the second partial private cryptographic key.

A computer-implemented method for managing a life-cycle of at least in parts interdependent cryptographic keys is disclosed. Each of the cryptographic keys is signed and relates to a different one of artifacts. The method comprises creating a key manifest, wherein the key manifest comprises data about determined dependencies of the cryptographic keys at a point in time when one of the artifacts is built encrypting the key manifest with a manifest key, and upon a life-cycle change happening to one out of the group comprising one of the artifacts and one of the interdependent cryptographic keys in the key manifest of the one of the artifacts, the method comprises decrypting the key manifest and invoking an action to a related one out of the group comprising the one of the artifacts and at least one of the interdependent cryptographic keys in accordance with the key manifest.

A secure random number that follows a binomial distribution is generated without performing successive communication. A secure computation apparatus (1.sub.i) generates a share [r].sub.i of a random number r that follows a binomial distribution. A parameter storage unit (10) stores a pseudorandom function PRF, at least one set of a key k.sub.A and a polynomial f.sub.A. A pseudorandom number generating unit (11) obtains a pseudorandom number p.sub.A for each of the keys k.sub.A by computing the pseudorandom function PRF(k.sub.A, a) using the keys k.sub.A. A bit counting unit (12) counts the number r.sub.A of 1s included in each pseudorandom number p.sub.A. A random number share generating unit (13) obtains the sum of products of the number r.sub.A of 1s and an output of the polynomial f.sub.A(i) corresponding to the number r.sub.A of 1s as the share [r].sub.i of the random number r.

Disclosed is a system for managing transparent data encryption of a database. The system comprises an encrypted vault application and an application server. The encrypted vault application stores at least one encryption key for the database. The application server is configured to provide an authorization token to the encrypted vault application after unsealing of the encrypted vault application; receive an access token from the encrypted vault application, after authentication of the application server; provide the access token to the encrypted vault application to receive at least one encryption key therefrom; and communicate the at least one encryption key, via a key talker, to the database; and wherein the database comprises a key listener that listens for the at least one encryption key and provides the at least one encryption key to the database.

An apparatus for providing services, includes: circuitry that: receive, from a communication terminal of a user, a request for obtaining a particular item of one or more items provided by one or more service providers, information on the one or more items being managed on a blockchain system; transmits, to the blockchain system, a request for changing information on a use right of the particular item to indicate transfer of the use right to the user; and provides the particular item to the communication terminal of the user having the use right of the particular item.