A biometric scanner apparatus comprising a biometric sensor configured to scan at least a biological sample and receive a unique biometric pattern, a secret data extractor configured to receive the unique biometric pattern from the biometric sensor and generate an output comprising a sample-specific secret, and a sample identifier circuit communicatively connected to the secret data extractor wherein the sample identifier circuit is configured to produce at least an output comprising a secure proof of the sample-specific secret.

In a computer-implemented method for signing a message by a user device of a public key infrastructure (PKI) system, the message and a user public key are sent to at least one attestation server and a server signature on the message is received from the attestation server. The server signature attests the validity of the user public key and is bound to the user public key and the message. The message and the server signature are signed with a user private key, thereby providing a user signature on the message. An attestation server and a related computer program product are also provided.

Embodiments of the present specification provide example blockchain-based data processing methods, mediums, and systems. One example method includes obtaining an available Nonce record for a target transaction from a Nonce list. The Nonce list comprises Nonce records, and each Nonce record comprises a version identifier of the Nonce list and a Nonce value. The available Nonce record to the target transaction is added. The target transaction in a blockchain is published. Prompt information indicating that the target transaction is an invalid transaction is received when a version identifier in the available Nonce record does not match the version identifier of the Nonce list; or a notification message indicating that the target transaction is processed is received when the version identifier in the available Nonce record matches the version identifier of the Nonce list and a replay attack detection is successfully performed by matching the available Nonce record with a Nonce record in the Nonce list.

Methods, systems, and apparatus, including a method for determining network measurements. In some aspects, a method includes receiving, by a first aggregation server and from each of multiple client devices, encrypted impression data. A second aggregation server receives, from each of at least a portion of the multiple client devices, encrypted conversion data. The first aggregation server and the second aggregation server perform a multi-party computation process to generate chronological sequences of encrypted impression data and encrypted conversion data and to decrypt the encrypted impression data and the encrypted conversion data.

A voting system has a voter key pair including a voter private key and a voter public key. The voter public key is blinded. A plurality of candidate key pairs is generated. Each candidate key pair includes a candidate private key and a candidate public key. The blinded voter public key is signed with each of the plurality of candidate private keys or a subset of the plurality of candidate private keys to create a plurality of blinded signatures. The plurality of blinded signatures is unblinded to generate a plurality of unblinded signatures valid for the voter public key. A vote is cast using the voter public key and the plurality of unblinded signatures.

A method for auditing an advertisement impression in which a first advertisement was presented in conjunction with first media content is disclosed. The method generally comprises transmitting to a plurality of second computing devices a plurality of randomly generated first cryptographic proofs; receiving, a first message from a second computing device indicating that the first advertisement was presented in conjunction with the first media content; and evaluating the first targeting model for the first advertisement based on the at least one media content classifier.

A computer-implemented method for escrowing secret data in a server of a client-server network, the client-server network comprising: a first client having at least one public and private client key pairs, at least one trusted client having at least one public and private trusted client key pairs, a server having a public and private server key pairs, a blockchain system comprising a plurality of nodes which are configured to store the public keys of the elements of the client-server network. It is also described a computer-implemented method for obtaining secret data of a server wherein the secret data is escrowed with the above computer-implemented method for escrowing secret data in a server. System, computer-readable mediums and computer programs, which are configured to implement or perform said computer-implemented methods, are also described.

A method for seamlessly and automatically granting tailored permission for use and transference of internet data between databases with comprehensive consent is described. The method employs a graph language such as JSON-LD to integrate and employ cryptographically signed Information Sharing Agreements (ISA) between parties. Data is serialized to be easily transferred between databases when appropriate permission is obtained. Granular data exchange under usage control contacts can be automated among any number of parties on the internet. As such, the method provides a means by which users may control not only what may be done with their data, but to what entity or entities the data may be transferred. Advertisements may then be served to the user according to his or her preferences as defined within a web or desktop app, which is then applied to all related ad publishers publishing to the domains visited by the user.

A method is disclosed. The method comprises transmitting, by an access device to a communication device, a resource provider certificate and an access device certificate. Then, establishing a secure channel between the access device and the communication device using data from the resource provider certificate and the access device certificate. Then, transmitting to or receiving data from the communication device using the secure channel.

A method of obtaining digitally signed data is disclosed. The method comprises sending first data (e.sub.2) from at least one of a plurality of first participants to at least one second participant, wherein the first data is based on second data (e) accessible to at least one said first participant, and the second data is inaccessible to the or each said second participant. A digital signature (s.sub.1) of the first data is received from at least one said second participant, and the digital signature of the first data is processed, by a plurality of the first participants, to provide shares of a digital signature (s) of the second data, wherein the digital signature of said second data is accessible by means of a threshold number of said shares and is inaccessible to less than said threshold number of shares.