Disclosed are systems and techniques for enhanced protection of cryptographic key generation in cryptographic applications. In particular, described is a method and a system that performs the method of obtaining input numbers associated with a cryptographic application, generating masking matrix based on at least one random value, obtaining masked numbers using a matrix product of the MM and the input numbers, determining a greatest common divisor (GCD) of the masked numbers, identifying a GCD of the input numbers, and using the identified GCD to generate a cryptographic key.

A secure digital communications method is provided in which a Certificate Authority generates an improved RSA key pair having a modulus, a public key exponent, a public key, and a private key. The public key exponent can contain descriptive attributes and a digital signature. The digital signature can be responsive to the descriptive attributes and the modulus. A secure session can be established between a first system and a second system, within a secure digital communication protocol. The second system can verify the digital signature to authenticate the public key.

A computing platform implements one or more secure enclaves including a first provisioning enclave to interface with a first provisioning service to obtain a first attestation key from the first provisioning service, a second provisioning enclave to interface with a different, second provisioning service to obtain a second attestation key from the second provisioning service, and a provisioning certification enclave to sign first data from the first provisioning enclave and second data from the second provisioning enclave using a hardware-based provisioning attestation key. The signed first data is used by the first provisioning enclave to authenticate to the first provisioning service to obtain the first attestation key and the signed second data is used by the second provisioning enclave to authenticate to the second provisioning service to obtain the second attestation key.

A method having the steps of obtaining temporal information communicated to a first device; carrying out one or more of the following tests: a test to determine whether the first device is in a state following an initial operation, a battery replacement or other power outage, or a reset, a test to determine whether a deviation between temporal information of the clock and the communicated temporal information is less than or equal to a threshold which is specified, and a test to determine whether the communicated temporal information has the same date as the temporal information of the clock; and synchronizing the clock using the communicated temporal information if all of one or more defined conditions are satisfied, wherein one of the one or more conditions requires that at least one of the one or more tests carried out has a positive result.

A computer generates a first encrypted message by encrypting an unencrypted message for decryption at a receiving device. The computer couples the first encrypted message with addressing data associated with the receiving device to generate a coupled message. The computer generates a second encrypted message by encrypting the coupled message for decryption at a data transmission service. The computer transmits the second encrypted message via the data transmission service to enable the receiving device to read the unencrypted message.

A heterogeneous processing system for federated learning and privacy-preserving computation, including: a serial subsystem configured for distributing processing tasks and configuration information of processing tasks, the processing task indicating performing an operation corresponding to computing mode on one or more operands; and a parallel subsystem configured for, based on the configuration information, selectively obtaining at least one operand of the one or more operands from an intermediate result section on the parallel subsystem while obtaining remaining operand(s) of the one or more operands with respect to the at least one operand from the serial subsystem, and performing the operation on the operands obtained based on the configuration information.

Aspects of the present disclosure involves receiving an input message, generating a first random value that is used to blind the input message to prevent a side-channel analysis (SCA) attack, computing a second random value using the first random value and a factor used to compute the Montgomery form of a blinded input message without performing an explicit Montgomery conversion of the input message, and computing a signature using Montgomery multiplication, of the first random value and the second random value, wherein the signature is resistant to the SCA attack.

The disclosure concerns a method of protecting a calculation on a first number and a second number, including the steps of: generating a third number including at least the bits of the second number, the number of bits of the third number being an integer multiple of a fourth number; dividing the third number into blocks each having the size of the fourth number; successively, for each block of the third number: performing a first operation with a first operator on the contents of a first register and of a second register, and then on the obtained intermediate result and the first number, and placing the result in a third register; and for each bit of the current block, performing a second operation by submitting the content of the third register to a second operator with a function of the rank of the current bit of the third number, and then to the first operator with the content of the first or of the second register according to state “0” or “1” of said bit, and placing the result in the first or second register.

A method and apparatus are provided for secure multiparty computation. A set of first parties is selected from a plurality of first parties for computation. Inputs for computation associated with each party in the set of first parties are divided into shares to be sent to other parties in the set of first parties. The computation on the shares is performed by the set of first parties using multiparty computation functions. In response to a trigger event, shares of the set of first parties are transferred to a set of second parties selected from a plurality of second parties. The computation is completed by the set of second parties using the transferred shares. Finally, the transferred shares are recombined to reveal an output of the computation.

A system and method for certificate validation. The method includes acquiring revocation information associated with one or more revoked certificates from a plurality of certificate authorities, signing the revocation information, and storing the signed revocation information. Further, the method includes receiving a request from a client to connect to a web server. In response to the request, certificate information from the web server is received. The method further includes comparing the certificate information with stored revocation information and terminating a connection between the web server and the client when the certificate information matches a revoked certificate information included in the stored revocation information.