A method of operating a first node to generate a secret key for encrypting wireless transmissions between the first node and a second node. The method comprises receiving a first training signal comprising a plurality of subcarriers from the second node and constructing a matrix from the frequency responses of each of the plurality of subcarriers of the first training signal at the first node. A singular value decomposition of the matrix is computed; and a secret key is derived from one or more singular vectors of the singular value decomposition.

A method performs cryptographic operations on data in a processing device. An iterative operation between a first operand formed by a given number of words and a second operand using a secret key is performed. The iterative operation includes, for each bit of the secret key, applying one of a first set operations and a second set of operations to the first operand and to the second operand depending on of the bit, and conditionally swapping words of the first and the second operand based on a control bit value obtained by applying a logic XOR function to a random bit.

Disclosed herein are methods, systems, and apparatus for processing blockchain-based guarantee information. One of the methods includes receiving a first cyphertext of a first digital document specifying a guarantee from a first computing device associated with at least a first guarantor and one or more zero-knowledge proofs (ZKPs) related to one or more values associated with the guarantee, and the first digital document specifies one or more predetermined conditions of executing the guarantee; verifying that the one or more ZKPs are correct; storing the first cyphertext to a blockchain based on performing a consensus algorithm; receiving a first message from a second computing device associated with a beneficiary or a representative of the beneficiary.

A method including receiving, at multiple cloud computing servers, multiple streaming data sets for the same sensing task each from a respective client device. The streaming data set from each client device comprises sensed data sensed by one or more sensors of said client device. The streaming data sets are encrypted. Each respective streaming data set from a respective client device is divided into multiple streaming data set portions, each to be received at a respective one of the cloud computing server. The method also includes processing, at each respective cloud computing server, the corresponding streaming data set portions received to generate a corresponding share of a result for the sensing task. The method also includes encrypting, at each respective one of the cloud computing servers, the corresponding share of the result; and facilitating creation or update of a blockchain based on the encrypted shares of the result.

A secret key value that is inaccessible to software is scrambled according to registers consisting of one-time programmable (OTP) bits. A first OTP register is used to change the scrambling of the secret key value whenever a lifecycle event occurs. A second OTP register is used to undo the change in the scrambling of the secret key. A third OTP register is used to affect a permanent change to the scrambling of the secret key. The scrambled values of the secret key (whether changed or unchanged) are used as seeds to produce keys for cryptographic operations by a device.

Systems, methods, and computer-readable media for achieving privacy for both data and an algorithm that operates on the data. A system can involve receiving an algorithm from an algorithm provider and receiving data from a data provider, dividing the algorithm into a first algorithm subset and a second algorithm subset and dividing the data into a first data subset and a second data subset, sending the first algorithm subset and the first data subset to the algorithm provider and sending the second algorithm subset and the second data subset to the data provider, receiving a first partial result from the algorithm provider based on the first algorithm subset and first data subset and receiving a second partial result from the data provider based on the second algorithm subset and the second data subset, and determining a combined result based on the first partial result and the second partial result.

Embodiments of the disclosure provide blockchain-implemented methods and systems for secure data transfer and/or storage via the use of data hiding (e.g. steganography algorithms, watermarking etc). In accordance with one aspect, a data hiding algorithm is applied multiple times to a portion of secret data to embed it in a cover file. This constructs layers of hidden data, e.g. secret data hidden in an image that is then used as secret data in a further cover file and so on. Each layer can incorporate encryption and authentication techniques to further enhance security. The final layer or a compressed version is provided within a blockchain transaction. Additionally or alternatively, the secret data can be split into a plurality of shares. This can be achieved using a splitting scheme such as, for example Shamir's Secret Sharing Scheme. Different shares of the secret data can then be encrypted before being hidden within a cover file. Different cover files can hide different shares, preferably each share being provided on the blockchain in a different transaction. To access the secret data, all of the cover files need to be identified and accessed from the blockchain, the relevant steganography, compression and encryption technique(s) applied to each, and then the secret data is reconstructed.

The bit decomposition unit (11) generates a bit representation lap {a.sub.0}, . . . , {a.sub.λ−1} of a. A first bit sequence generator (12) calculates {a′.sub.i}={a.sub.i}∨{a.sub.i+1} to generate {a′.sub.0}, . . . , {a′.sub.λ′−1}. A flag sequence generator (13) generates {x.sub.0}, . . . , {x.sub.λ′−1} indicating a most significant bit of {a′.sub.0}, . . . , {a′.sub.λ′−1}. A normalization multiplier generator (14) generates [c′] by bit-connecting {x.sub.λ′−1}, . . . , {x.sub.0}. A second bit sequence generator (15) sets {a″.sub.i}={a.sub.2i} to generate {a″.sub.0}, . . . . A flag calculator (16) sums {x.sub.j}{a′.sub.j} to calculate a share value {r}. A normalization unit (18) calculates [b]: =[c′][c′][2a] when r=1 and [b]: =[c′][c′][a] when r=0. A inverse square root calculator (19) calculates [w]: =[1/√b]*√2 when r=1, and [w]: =[1/√b] when r=0. An inverse normalization unit (20) multiplies [1/√a]: =[w][c′].

A flag sequence generator (12) generates {x.sub.0}, . . . , {x.sub.λ−11} indicating a msb of a. A bit sequence generator (13) calculates {y.sub.i}:={x.sub.2i} XOR {x.sub.2i+1} to generate {y.sub.0}, . . . , {y.sub.λ′−1}. A flag calculator (14) calculates an exclusive logical sum of all {x.sub.j} to calculate [r] for each odd j. A public value multiplier setting-unit (16) sets r′ that becomes √2 when λ is an odd and 1 when λ is an even. A normalization multiplier generator (17) bit-connects {y.sub.0}, . . . to generate [c′]. A normalization multiplier generator (18) bit-connects {x.sub.λ−1}, . . . to generate [c]. A normalizer (19) calculates [b]:=[a][c]. A square root calculator (20) calculates [w]:=[√b]*(r′/√2) when r=1, and [w′]:=[√b]*r′ when r=0. An inverse normalizer (21) calculates [w][c′] and performs λ′ bits right-shift.

A computer-implemented method for providing a system-specific secret to a computing system having a plurality of computing components is disclosed. The method includes storing permanently a component-specific import key as part of a computing component and storing the component-specific import key in a manufacturing-side storage system. Upon a request for the system-specific secret for a computing system, the method includes identifying the computing component comprised in the computing system, retrieving a record relating to the identified computing component, determining the system-specific secret protected by a hardware security module and determining a system-specific auxiliary key. Furthermore, the method includes encrypting the system-specific auxiliary key with the retrieved component-specific import key, thereby creating a auxiliary key bundle, encrypting the system-specific secret and storing the auxiliary key bundle and a system record in a storage medium of the computing system.