Systems and methods for secure communication between devices where one device has a physical unclonable function (“PUF”) array of PUF devices and another device stores data representing characteristics of the PUF array include encryption schemes using repeated application of one-way cryptographic functions to message segments. The devices transmit or receive a processing instruction used to determined PUF devices whose measured characteristics are used to derive encryption keys. Messages are segmented and message information is securely transmitted by repeatedly application of a suitable one-way cryptographic function to each message segment where the number of applications of the function is determined by each message segment. Because both devices may independently generate the same encryption keys (including “public” keys which otherwise would need to be exchanged or published) by either measuring the PUF devices or retrieving data representing characteristics of the PUF devices, communications overhead is reduced and security is improved.

A blockring service system may include a processor and memory, wherein the processor is configured to: receive a blockring request from the at least one user node; parse the request to derive blockring parameters; generate a blockring having a plurality of blocks connected by bonds based on the blockring parameters; and send the blockring to the at least one user node for distribution.

A method (and structure and computer product) to encrypt plaintext data into ciphertext data includes encrypting, using a processor on a computer, plaintext into corresponding ciphertext, using a Property Preserving Encryption (PPE) protocol in which a predefined property is maintained when plaintext values are encrypted into ciphertext values. The predefined property is randomly flipped during encryption to reverse the predefined property in the corresponding ciphertext node. An indication of whether the predefined property has been maintained or reversed is stored as the state of encryption.

In one example in accordance with the present disclosure, a method may receiving a plaintext to be encrypted. The plaintext may include a first block, a second block and a third block. The method may include generating a preliminary ciphertext based on the first block and the second block and generating, using an encryption key, a first ciphertext using an encryption operation receiving the third block and the preliminary ciphertext as inputs. The method may also include generating, using the encryption key, a first finalized ciphertext using the encryption operation receiving the first block and the first ciphertext as inputs and generating, using the encryption key, a second finalized ciphertext using the encryption operation receiving the second block and the first finalized ciphertext as inputs.

The invention relates to a method for performing a multi-party electronic computation using a plurality of evaluating computer systems. The cryptographic security of the multi-party computation is implemented using lattice-based cryptography. Each evaluating computer system receives from each user of a plurality of users an individual input share of an input chosen by the respective user. Furthermore, each evaluating computer system receives from the user a commitment to the received individual input share and an opening information. Each evaluating computer system checks the commitments received to the individual input shares and generates a first lattice-based zero-knowledge proof that all the commitments received are valid commitments to input shares. Each evaluating computer system publishes the first lattice-based zero-knowledge proof. Thus, a verifier may be enabled to verify that all commitments are valid commitments to input shares.

A method for downloading a profile on an embedded universal integrated circuit card (eUICC) of a terminal is provided. The method includes transmitting a profile request containing eUICC authentication information to a profile providing server through a security channel, upon receiving, from the profile providing server, profile-related information generated in response to the profile request, displaying non-encrypted profile information contained in the profile-related information on a screen, identifying whether a user input indicating whether to proceed to download the profile is detected, and downloading the profile, corresponding to the identified user input.

Systems and methods that provide secure analytics using homomorphic and injective format-preserving encryption and an encrypted analytics matrix are disclosed herein. An example method includes encoding an analytic parameter set using a homomorphic encryption scheme as a homomorphic analytic matrix; transmitting a processing set to a server system, the processing set including at least the homomorphic analytic matrix and a keyed hashing function; and receiving a homomorphic encrypted result from the server system, the server system having utilized the homomorphic encryption scheme, the keyed hashing function, and a format preserving encryption scheme to evaluate the homomorphic analytic matrix over a datasource.

Certain aspects of the present disclosure provide techniques for summarizing data in a distributed system. Embodiments include generating an ordered list of blocks by iterating through a first group of blocks of a hash chain starting at a last block of the hash chain and adding each of the first group of blocks of the hash chain to the ordered list. Embodiments further include generating summary data by applying a summary function to the first group of blocks based on the ordered list. The summary function may take the ordered list as an input and provide the summary data of the first group of blocks as an output. Embodiments further include generating a summary block comprising the summary data and adding the summary block to a summary chain.

A fast cryptographic hash of an input file using multiplication and permutation operations in a parallel processing environment. An example method includes updating an internal state for each of a plurality of packets, the packets being read from an input file. Updating the state for a packet can include injecting the packet into an internal state, mixing the bits of the internal state using multiplication, and shuffling the result of the multiplication so that bits with highest quality are permuted to locations that will propagate most widely in a next multiplication operation. The method also includes performing a reduction on the internal state and repeating the update of the internal state, the reduction, and the injecting a second time. The method may further include finalizing the internal state and storing a portion of the final internal state as a cryptographic hash of the input file.

Systems and methods for data authentication can comprise processing a first secret element to generate a first encrypted secret element, processing a second secret element to generate a non-secret element, and processing the first encrypted secret element and the non-secret element to generate an encrypted data block.