Devices and techniques for replay protection nonce generation are described herein. A hash, of a first length, can be produced from a first input. A first subset of the hash can be extracted as a selector. A second subset of the hash can be selected using the selector. Here, the second subset has a second length that is less than the first length. The second subset can be transmitted as a nonce for a freshness value in a replay protected communication.

System and method for digitally signing messages using multi-party computation.

The invention presents a solution in which blockchain Transactions are created to implement the functionality of a logic gate. The invention may be implemented on the Bitcoin platform or an alternative blockchain platform. The transaction includes a locking script which comprises instructions selected so as to implement the functionality of a logic gate, such as the XOR gate. When the script is executed (because a second transaction is attempting to spend the output associated with the locking script) the inputs will be processed by the conditional instructions to provide an output of TRUE or FALSE. The inputs are pre-processed by one or more computing agents so that they are evaluated to TRUE or FASLE prior to being used as inputs to the script. The second transaction is transmitted to the blockchain network for validation and, if determined to be valid, it will be written to the blockchain. Validation of the second transaction can be interpreted as a TRUE output. Thus, the locking script of the first transaction provides the functionality of the desired logic gate. The invention provides numerous advantages and can be used in a wide variety of applications, such as for the implementation of control systems and unit.

A computer-implemented includes sending a public key associated with a particular node in a cyclically-ordered set of nodes participating in a blockchain network to an initiator node; receiving, by the particular node from a node immediately previous to the particular node in the cyclically-ordered set, a first value based on public keys associated with each node from the particular node through to the initiator node; determining a locking value based on the first value and the public key associated with the particular node; and preparing using the locking value, a transaction arranged to transmit control of a resource from a source address associated with the particular node to a receiving address of a node immediately subsequent to the particular node. The control of the resource is to be transmitted responsive to satisfaction of an execution condition including supply of an unlocking value corresponding to the locking value.

A method is disclosed for implementing trust Internet of Things (IoT) services in an IoT device and a user device. The IoT device receives from the user device an authentication request comprising a hash value, first encrypted information and second encrypted information, where the IoT device determines whether the user device is successfully authenticated based on determining the user device public key and confirming that the user device public key exists in a list of access permitted user devices of the IoT device.

A device is suggested including a cryptographic module, wherein the device is operable in a secure mode and in a non-secure mode, wherein the cryptographic module is configured in the secure mode by storing a secret key and a seed value in the cryptographic module, and wherein the device is operable in the non-secure mode to generate a signature based on input data utilizing the secret key and the seed value. Also, a method for operating such device is provided.

A device can operate a processor, a primary platform, and a nonvolatile memory that includes a first boot firmware for the processor. The nonvolatile memory can comprise a (i) read-only memory for the processor and (ii) a read and write memory for the primary platform. Upon power up, the processor can load the first boot firmware with a first certificate and first set of cryptographic algorithms to verify a digital signature for a second boot firmware, where the second boot firmware is loaded by the processor after the first boot firmware. The primary platform can securely download a secondary platform bundle (SPB) with a boot update image and a second certificate and second set of cryptographic algorithms. The SPB can replace the first boot firmware with the updated first boot firmware. The processor verifies the second boot firmware with the second certificate and the second set of cryptographic algorithms.

The present disclosure relates to highly secure, high speed encryption methodologies suitable for applications such as media streaming, streamed virtual private network (VPN) services, large file transfers and the like. For example, encryption methodologies as described herein can provide stream ciphers for streaming data from, for example, a media service provider to a plurality of users. Certain configurations provide wire speed single use encryption. The methodologies as described herein are suited for use with blockchain (e.g. Bitcoin) technologies.

A method, system, or apparatus for generating and/or verifying a signature on a message is provided. The method, system, or apparatus at a signer may include receiving a message, generating a security parameter, generating at least two seeds corresponding to at least two servers based on the security parameter, transmitting the at least two seeds to each server of the at least two servers, determine a private key based on the security parameter or the at least two seeds, and generating, on the message, a signature based on the private key. The method, system, or apparatus at a verifier may include receiving, from a signer, a signature on a message, obtaining at least two partial public keys, determining a full public key based on the at least two partial public keys, and authenticating the signature on the message based on the full public key. Other aspects, embodiments, and features are also claimed and described.

A covert channel construction method in a blockchain network includes: sharing, by a first terminal and a second terminal, a secret key and transaction information, and generating a blockchain network address by using the secret key and a standard public key address generation algorithm, wherein the transaction information comprises a permutation mapping table and an information capacity of a single transaction; sending, by the first terminal, information by using an information hiding method, and performing simultaneously, by the first terminal and the second terminal, transaction recording; and monitoring, by the first terminal and the second terminal, whether an account transaction of the blockchain network address exists in a blockchain, if yes, extracting, by the second terminal, the information by using an information extraction method, and after extracting the information, replying to the information by using the information hiding method, thereby enabling communication parties to safely transmit information.