Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to “detokenize” encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.

A pairing apparatus according to an exemplary embodiment of the present invention includes: a noise filtering part for filtering a noise on a power line; and a processor for pairing with a pairing target device and performing an authentication by generating a secret key using the filtered noise and by using the generated secret key.

The present invention provides a method, a system, and a device for a hash generation and network traffic detection. It uses a method of storing intermediate calculation results to perform hash calculation for streaming data, and uses a matrix multiplication operation as a strong hash algorithm to reduce memory occupation. The present invention can generate hash in real time in the case of streaming data comprising defects, unordered, and overlapping, which is suitable for detecting files from network traffic, and is applicable to virus detection, intrusion detection, data anti-leakage, network content review, digital forensics, digital rights protection, and other fields.

Disclosed are techniques for determining data relationships between privacy-restricted datapoints, sourced over a computer network, which require data privacy measures concealing at least some datapoints from other clients in the network that the datapoint respectively do not originate from. A first client encrypts a first datapoint with a public key of a public/private encryption scheme and communicates it to the second client along with the public key. The second client encrypts a corresponding second datapoint with the public key, then determines a relationship between the two encrypted datapoints, and communicates the determined relationship to a central client along with the public key. Random noise is encrypted by the central client and added to the determined relationship, then sent together to the first client, followed by decryption by the first client using the private key. The central client extracts the random noise after receiving the decrypted determined relationship.

Methods and systems for performing an operation on at least one homomorphically encrypted ciphertext, the method include determining, by a computing device, a value that is an initial approximation of a result of the operation on the at least one homomorphically encrypted ciphertext; and iteratively improving, by the computing device, the value using a recurrence relation wherein a number of iterations is determined based on a predetermined accuracy to minimize an approximation error.

The number of permutations is reduced when four-party shuffling is performed. Among four secure computation nodes holding first to third shares of data in a secret-shared form, first and second secure computation nodes are selected as resharing nodes, and third and fourth secure computation nodes are selected as receiving nodes. The first and second secure computation nodes perform a mini-shuffle for resharing the shares they each hold by using a permutation that third and fourth receiving nodes do not know. Next, the third and fourth secure computation nodes perform a mini-shuffle for resharing the shares they each hold by using a permutation that first and second receiving nodes do not know.

The present invention relates to a computing device for executing a first cryptographic operation of a cryptographic process on useful input data, said computing device comprising a first processor, a second processor and a selection circuit wherein: —said selection circuit is configured: —for receiving, from an input bus, expanded input data obtained by interleaving dummy input data with said useful input data, —for determining positions of the dummy input data in said expanded input data, —and for extracting said dummy input data and said useful input data from the expanded input data based on said determined positions, —said first processor is configured for executing said first cryptographic operation of said cryptographic process on said extracted useful input data to obtain useful output data, —said second processor is configured for executing a second operation on said extracted dummy input data to obtain dummy output data, said computing device being configured for having said operations executed such that leakage generated by said first cryptographic operation is jammed by leakage generated by the second operation.

Systems and methods of generating a security key for an integrated circuit device include generating a plurality of key bits with a physically unclonable function (PUF) device. The PUF can include a random number generator that can create random bits. The random bits may be stored in a nonvolatile memory. The number of random bits stored in the nonvolatile memory allows for a plurality of challenge and response interactions to obtain a plurality of security keys from the PUF.

Methods, systems, and devices for memory operations are described. First scrambling sequences may be generated for first addresses of a memory device after an occurrence of a first event, where the first addresses may be associated with commands received at the memory device. Portions of the memory array corresponding to the first address may be accessed based on the first scrambling sequences. After an occurrence of a subsequent event, second scrambling sequences may be generated for the first addresses, where the second scrambling sequences may be different than the first set of scrambling sequences. After the occurrence of the subsequent event, the portions of the memory array may be accessed based on the second scrambling sequences.