Methods, apparatuses, computer program products, devices and systems are described that carry out accepting device-identifier data corresponding to at least one communication device; accepting network-participation identifier data associated with a verified real-world user associated with the at least one communication device; and assigning a unique identifier at least partly based on the device-identifier data and the network-participation identifier data.

A sender and a receiver includes first and second arrays of coupled oscillators, respectively, that are substantially identically constructed so as to exhibit substantially the same dynamical response to excitation. A chaotic waveform generated at the sender is transmitted to the receiver, which generates a second chaotic waveform, and compares the received waveform with the generated second waveform. If the first and second waveforms match the sender is an authorized sender. An integrated circuit includes an array of coupled oscillators that in combination generate a waveform in response to at least one excitation signal. The array of coupled oscillators represents, in response to application of the excitation signals, a multi-dimensional security key that is shared between the sender of the waveform and the receiver of the waveform.

Techniques for sorting encrypted data within a software as a service (SaaS) environment. Data is encrypted on a per symbol basis with a symbol based encryption module. Sort and search functionality preserving encryption that allows other modules to sort tokens and to search for tokens is provided. Encrypted tokens that have been encrypted by the symbol based encryption module are stored in a database. Access to the encrypted tokens is provided through the SaaS environment.

An inner-product predicate encryption scheme with improved flexibility without a restriction that the dimensions of an attribute vector x.sup..fwdarw. and a predicate vector v.sup..fwdarw. should be equivalent. A ciphertext having an element c.sub.0 and an element c.sub.t for each index t included in a set I.sub.x.fwdarw. is decrypted with a decryption key having an element k.sub.0 and an element k.sub.t for each index t included in a set I.sub.v.fwdarw. by computing a product of pairing operations between corresponding pairs of basis vectors on the element c.sub.0 and the element k.sub.0 and on the element c.sub.t and the element k.sub.t.

One or more implementations of the present specification provide a blockchain-based data authorization method and apparatus. The method can include receiving, by a blockchain node, an authentication transaction submitted by a privacy computing platform, where the authentication transaction queries whether a data user has obtained authorization of target data possessed by a data owner, and in response to determining that the data user has obtained authorization of the target data, executing, by the blockchain node, a smart contract invoked by the authentication transaction to provide an authorization token to the privacy computing platform that instructs the privacy computing platform to obtain the target data, and send a computational result of one or more predetermined computational operations based on the target data to the data user.

Systems and methods that may implement an Oracle-aided protocol for producing and using FHE encrypted data. The systems and methods may initially encrypt and store input data in one encrypted form that is not performed using FHE, which does not substantially increase the size of the data and storage resources required to store the encrypted data. In accordance with the Oracle-aided protocol, the encrypted data is re-encrypted as FHE encrypted data when FHE encrypted data is required.

Systems and methods that may implement an Oracle-aided protocol for producing and using FHE encrypted data. The systems and methods may initially encrypt and store input data in one encrypted form that is not performed using FHE, which does not substantially increase the size of the data and storage resources required to store the encrypted data. In accordance with the Oracle-aided protocol, the encrypted data is re-encrypted as FHE encrypted data when FHE encrypted data is required.

Techniques for reducing compromise of sensitive data in a virtual machine are described. During initiation of a secure string instance of a program module in memory allocated to the virtual machine, the program module can receive sensitive data in plaintext and retrieves parameters sourced from outside the allocated memory. During the execution of the program module, the sensitive data can be encrypted using a key based on the parameters to obtain encrypted data. The program module can overwrite the sensitive data with the encrypted data. The program module can receive a trigger to send a message that is generated using the sensitive data. The encrypted data can be decrypted using the key based on the parameters to obtain the sensitive data. After encryption and decryption, the program module can generate the message using the sensitive data and overwrite the sensitive data and the parameters used to encrypt the sensitive data.

A system for tracking an asset including one or more processing devices that identify a spatial region in a complex number space, the spatial region being associated with the asset, receive a user defined password, identify a plurality of key locations within the spatial region at least in part using the user defined password, calculate key numerical values at each of the plurality of key locations using a defined complex number formula and use the key numerical values to generate an encryption key. The asset can be associated with a user by storing an asset record in a database which is indicative of an asset identifier, the spatial region and an encrypted payload derived using the encryption key.

An apparatus, method, system and computer-readable medium are provided for preserving an encryption of data when confronted by an attack, such as a side channel analysis (SCA) attack based on a statistical analysis. In some embodiments, hardware, software, and/or firmware associated with an encryption calculation may be exercised or accessed during a background operation when an actual or real operation is not taking place. During the background operation, dummy values for data and one or more keys may be input to the hardware. A switching between the real operation and the background operation may take place seamlessly such that measurement of a physical characteristic associated with the hardware is indistinguishable in terms of when the real and background operations are active. In this manner, the secrecy of a key used in connection with the real operation may be preserved.