A system and method of determining an attestation or identity score of a user of a communication device employs metadata stored in a plurality of client devices, such as IoT devices. A request for attestation, comprises a unique identifier associated with the communication device and an input or shared value. The unique identifier is used to identify, in a distributed ledger (blockchain), client devices that are paired with the communication device. Metadata stored in association with each of the client devices is retrieved and compared to the input or shared value, and a sub-identity score is determined based on the extent to which there is a match and the reliability of the client device. The sub-identity scores are combined to obtain an identity score reflecting a confidence level in the user and/or communication device.

A method of storing certified data on a blockchain is disclosed. The method comprises generating a first blockchain transaction (Tx1) having a first output (Output 3) containing a first public key of a first private/public key pair, comprising a first private key and a first public key, of a cryptography system, first data related to the first public key, and a first digital signature applied, by means of a second private key of a second private/public key pair, comprising a second private key and a second public key, of a cryptography system, to the first data and to the first public key. The first blockchain transaction is broadcast to the blockchain.

The disclosure relates to a 5G or 6G communication system for supporting a higher data transmission rate. A method performed by a terminal in a wireless communication system is provided. The method comprises transmitting to a subscription manager discovery service (SM-DS) information indicating a support of a push service, receiving from the SM-DS a list of push services supported by the SM-DS, selecting at least one push service based on the list of push services supported by the SM-DS, generating an embedded Universal Integrated Circuit Card (eUICC) signature based on an indicator indicating at least one selected push service and a push token, and transmitting to the SM-DS the indicator, the push token, and the eUICC signature.

A system and a method are disclosed for enabling cross-chain transactions between a first blockchain and a second blockchain. A certificate for a cross-chain transaction processed by a sidechain is received. Additionally, a verification key associated with the sidechain is received. Moreover, information related to the cross-chain transaction processed by the sidechain is received. Based on the verification key associated with the sidechain, the validity of the certificate is verified using a zero-knowledge proof. In response to determining the validity of the certificate, the cross-chain transaction is processed based on the received information related to the cross-chain transaction processed by the sidechain.

A virtual hardware security module (“HSM”) is used to perform cryptographic operations. The virtual HSM may provision and coordinate requests between one or more HSMs within a fleet of HSMs. A set of cryptographic keys and/or digital certificates may be exchanged between a client and the virtual HSM such that the client and the virtual HSM may communicate with each other via a cryptographically protected communication session. The fleet of HSMs of a virtual HSM may be scaled up or scaled down according to various criteria. Cryptographic key material may be propagated between HSMs of the fleet using a fleet transfer key. Digital certificates may be used to demonstrate that one or more cryptographic keys were generated by a service provider and/or manufacturer.

Disclosed are various examples of utilizing blockchain for tracking and auditing of systems and processes that involve Internet-of-Things (IoT) devices. A command to install an IoT event definition that defines an IoT event for a specified asset type is transmitted. IoT event data that indicates an IoT event has been triggered based on the IoT event definition is received. An IoT event block is recorded to a blockchain, the IoT event block comprising sensor data and an indication that at least one IoT device triggered the IoT event.

A technique for computationally-efficient privacy-preserving homomorphic inferencing against a decision tree. Inferencing is carried out by a server against encrypted data points provided by a client. Fully homomorphic computation is enabled with respect to the decision tree by intelligently configuring the tree and the real number-valued features that are applied to the tree. To that end, and to the extent the decision tree is unbalanced, the server first balances the tree. A cryptographic packing scheme is then applied to the balanced decision tree and, in particular, to one or more entries in at least one of: an encrypted feature set, and a threshold data set, that are to be used during the decision tree evaluation process. Upon receipt of an encrypted data point, homomorphic inferencing on the configured decision tree is performed using a highly-accurate approximation comparator, which implements a “soft” membership recursive computation on real numbers, all in an oblivious manner.

Systems, methods, articles of manufacture, and computer-readable media for verification of medical status using a contactless card. An application may receive a request specifying a subject and a medical condition. The application may receive a cryptogram from a contactless card. The application may receive a decryption result from a server and determine that the server decrypted the cryptogram. The application may receive, from the contactless card, a medical attestation, a digital signature of the medical attestation, and a public key of the digital signature. The application may decrypt the digital signature based on the public key of the digital signature and verify the medical attestation based on the decrypted digital signature. The application may determine, based on the verification of the medical attestation, that the subject is immune to the medical condition. The application may output a result that the subject is immune to the medical condition.

A method for recognizing and/or identifying a user (9) with a chip (C) in an electronic identity object storing a digital identity (24), the method comprising steps of: —establishing a wireless or electrical connection between the electronic identity object (C) and a verification terminal (T); —verifying, in the electronic identity object, if the verification terminal is authorized to communicate with the electronic identity object (C), and in response of a positive verification sharing a secret (K): using the shared secret (K) for establishing an encrypted symmetric data link (5) between the electronic identity object and the verification terminal (T); transmitting, through the encrypted data link (5), said digital identity (24) stored in the electronic identity object to the verification terminal (T); and verifying in the verification terminal (T) the authenticity of said digital identity (24).

A method of managing and verifying a certificate of a terminal is provided. The method includes obtaining certificate information that is usable when downloading and installing a specific bundle corresponding to at least one of a secondary platform bundle family identifier or a secondary platform bundle family custodian identifier, transmitting, to a secondary platform bundle manager, the certificate information corresponding to the at least one of the secondary platform bundle family identifier or the secondary platform bundle family custodian identifier of the specific bundle, and receiving, from the secondary platform bundle manager, at least one of a certificate of the secondary platform bundle manager, certificate information to be used by a smart secure platform (SSP), the secondary platform bundle family identifier, or the secondary platform bundle family custodian identifier.