An identity authentication method for a quantum key distribution process includes selecting, by a sender, preparation bases of an identity authentication bit string in accordance with a preset basis vector selection rule; sending, by a sender, quantum states of the identity authentication bit string and quantum states of a randomly generated key bit string by using different wavelengths. The identity authentication bit string is interleaved in the key bit string at a random position and with a random length. The method further includes measuring, by a receiver, the received quantum states in the quantum state information in accordance with the different wavelengths and measurement bases selected according to the preset basis vector selection rule to obtain identity authentication information from the measurement of the identity authentication bit string; and determining, by the receiver, whether the identity authentication information obtained through the measurement corresponds with the preset basis vector selection rule.

A similar-information search method includes obtaining an instruction indicating which of an encrypted search and an unencrypted search a data computation device is to perform; generating an encrypted feature quantity and transmitting the encrypted feature quantity to the data computation device; generating an encrypted similarity value and transmitting the encrypted similarity value; and receiving encrypted reference data from the data computation device and decrypting the encrypted reference data. A homomorphic encryption scheme that makes decryption by the data computation device unsuccessful is used when the encrypted search is performed, whereas an encryption scheme that makes decryption by the data computation device successful is used when the unencrypted search is performed.

Methods for a server include defining a starting element and an element step size. A pad mapping is applied to a data Random Cipher Pad (RCP) to obtain a Key RCP using each element of the Data RCP once in a predetermined non-sequential order. The starting element and the element step size are combined with the Data RCP. The Data RCP is encrypted using the Key RCP to produce a subsequent Data RCP. The subsequent Data RCP is transmitted to another computer. Methods for clients include applying a pad mapping to a Data RCP to obtain a Key RCP using each element of the Data RCP once in a predetermined non-sequential order to develop the Key RCP. The Key RCP is encrypted using the Data RCP to produce a subsequent Key RCP. A data structure is encrypted using the Data RCP to produce an encrypted data structure.

A method is described. The method includes iteratively performing for each position in a result matrix stored in a third register, multiplying a value at a matrix position stored in a first register with a value at a matrix position stored in a second register to obtain a first multiplicative value, where the positions in the first register and the second register are determined by the position in the result matrix and performing an exclusive or (XOR) operation with the first multiplicative value and a value stored at a result matrix position stored in the third register to obtain a result value.

A system for producing a public ring that is fully homomorphically encrypted. The system comprises a processor which generates a first presentation G of a ring, where G=x,y|x.sup.2=0,y.sup.2=0,xy+(p+1)yx=1, where x and y are generators and p is a first private prime number. The system further generates a second presentation H of the ring. H is defined as follows: H=x,y,t|x.sup.2=0,y.sup.2=0,t=m.sub.1yx,xy+m.sub.2yx+t=1. In addition, m.sub.1 and m.sub.2 are positive integers and p+1=m.sub.1+m.sub.2, wherein t is a generator and the first presentation G and the second presentation H are isomorphic. The system further produces a public ring that is fully homomorphically encrypted, where: $\hat{H}=.Math.x,y,t.Math.N.Math.1=1,x^2=1,y^2=0,\mathrm{xyx}=x,\mathrm{yxy}=y,\mathrm{tx}=0,\mathrm{yt}$

In a general aspect, a parameter is refreshed in a lattice-based cryptography system. In some aspects, a first value of a public parameter is obtained. The first value of the public parameter may have been previously used in an execution of a lattice-based cryptography protocol. A second value of the public parameter is generated based on the first value of the public parameter and random information. The second value of the public parameter is used in an execution of the lattice-based cryptography protocol.

A network device (110) is provided which is configured to determine a shared cryptographic key of key length (b) bits shared with a second network device (120) from a polynomial and an identity number of the second network device. A reduction algorithm is used to evaluate the polynomial in the identity number of the second network device and reduce module a public modulus and modulo a key modulus. The reduction algorithm comprises an iteration over the terms of the polynomial. In at least the iteration which iteration is associated with a particular term of the polynomial are comprised a first and second multiplication. The first multiplication is between the identity number and a least significant part of the coefficient of the particular term obtained from the representation of the polynomial, the least significant part of the coefficient being formed by the key length least significant bits of the coefficient of the particular term. The second multiplication is between a second multiplication between the identity number and a further part of the coefficient of the particular term obtained from the representation of the polynomial, the further part of the coefficient being formed by bits of the coefficient of the particular term different from the key length least significant bits, the further part and the least significant part together forming strictly fewer bits than in the coefficient of the particular term of the polynomial.

A computer-implemented authenticated encryption method for converting a plaintext message into a ciphertext message. The method includes dividing the plaintext message into at least two working blocks, each working block having a mathematical relationship to the plaintext message. For each working block, a working block ciphertext is computed as a function of such working block, a deterministic working block initialization vector, and a deterministic working block encryption key. For each working block, a message authentication tag is computed as a function of a deterministic working block message authentication key and at least one of (a) the working block ciphertext computed for such working block and an indication corresponding to the mathematical relationship of such working block to the plaintext message and (b) such working block. The method further includes computing a global message authentication tag as a function of the message authentication tag computed for each working block and a global message authentication key. The ciphertext message comprises the working block ciphertext computed for each working block and the global message authentication tag.

Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions.

A method, an apparatus, and a computer program product for symmetric stream encryption are provided. An encryption chain is obtained from a real random number generator (RRNG) and stored in memory. A vector key is identified based on numbers obtained from a fast, large period pseudo-random number generator. A set of encryption keys are identified from the encryption chain using the vector key. Strings of clear text are encrypted using the encryption keys.