A method of operating a computing apparatus, which includes receiving a signed message including a digital asset xo and a signature {F, H}. A public key associated with a private key that is unknown to the computing apparatus is received, the public key including sp, sq, pij′, qij′, μij and viji=0 to n+λ, j=1 to m, with λ, n and m being predetermined integers. Based on the signature, the public key and the digital asset, it is verified whether the following validation equation holds true:
A method of operating a computing apparatus, which includes receiving a signed message including a digital asset xo and a signature {F, H}. A public key associated with a private key that is unknown to the computing apparatus is received, the public key including sp, sq, pij′, qij′, μij and viji=0 to n+λ, j=1 to m, with λ, n and m being predetermined integers. Based on the signature, the public key and the digital asset, it is verified whether the following validation equation holds true:
∑
i
=
0
n
+
λ
U
i
j
(
H
)
x
0
i
=
∑
i
=
0
n
+
λ
V
i
j
(
F
)
x
0
i
,
j
=
1
to
m
,
where
U
i
j
(
H
)
=
Hp
′
i
j
-
s
p
⌊
H
μ
i
j
/
R
⌋
mod
p
V
i
j
(
F
)
=
Fq
′
i
j
-
s
q
⌊
F
v
i
j
/
R
⌋
mod
p
A method of operating a computing apparatus, which includes receiving a signed message including a digital asset xo and a signature {F, H}. A public key associated with a private key that is unknown to the computing apparatus is received, the public key including sp, sq, pij′, qij′, μij and viji=0 to n+λ, j=1 to m, with λ, n and m being predetermined integers. Based on the signature, the public key and the digital asset, it is verified whether the following validation equation holds true:
∑
i
=
0
n
+
λ
U
i
j
(
H
)
x
0
i
=
∑
i
=
0
n
+
λ
V
i
j
(
F
)
x
0
i
,
j
=
1
to
m
,
where
U
i
j
(
H
)
=
Hp
′
i
j
-
s
p
⌊
H
μ
i
j
/
R
⌋
mod
p
V
i
j
(
F
)
=
Fq
′
i
j
-
s
q
⌊
F
v
i
j
/
R
⌋
mod
p
In case the validation equation holds true for all j=1 to m, it is concluded that the signature was derived from the digital asset and the private key, and the signature is considered authentic.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
0n01λ01λλ that are also data elements of the private key. The value of x is assigned to the digital asset, which is then stored in non-transitory memory or packaged in a message sent over the data network.
Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
λ that are also data elements of the private key. The value of x is assigned to the digital asset, which is then stored in non-transitory memory or packaged in a message sent over the data network.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
Cryptographic methods and systems for key exchange, digital signature and zero-knowledge proof. In the digital signature scenario, there is provided a method of signing a digital document, comprising: obtaining a private cryptographic key associated with the signer; obtaining a digital asset from the digital document; selecting a base data element; computing a plurality of signature data elements from (i) the digital asset, (ii) the base data element and (iii) the private cryptographic key; and transmitting the digital document and the plurality of signature data elements to a recipient over a data network. Provenance of the digital document is confirmable by the recipient carrying out a predefined computation involving the digital document, the signature data elements, a plurality of noise variables and a public cryptographic key corresponding to the private cryptographic key associated with the signer. In the zero-knowledge proof scenario, the digital asset plays the role of a challenge data element.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
A digital processing method, which comprises obtaining a stream of N-bit input data words; obtaining a value k between 0 and M−1, inclusively, where M>1; processing each of the N-bit input data words at least based on the kth of M permutation elements to produce a corresponding N-bit output data word; and outputting a stream of N-bit output data words on a network or storing the stream of the N-bit output data words in a non-transitory storage medium.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
G06F 7/58 - Random or pseudo-random number generators
09 - Scientific and electric apparatus and instruments
37 - Construction and mining; installation and repair services
42 - Scientific, technological and industrial services, research and design
Goods & Services
Downloadable/recorded computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely computer hardware and recorded computer software that implement security controls protecting organizations, individuals and devices from security threats Computer hardware installation Computer software installation, integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Computer services, namely, cloud hosting provider services for securing information in transit and on personal and institutional storage devices
9.
METHODS AND SYSTEMS FOR ENCRYPTION, DECRYPTION, SIGNING, VERIFICATION AND HASHING OF DIGITAL MESSAGES
A process for signing a digital message, comprising: (A) generating an intermediate variable from a plurality of inputs comprising at least: (i) a first public component associated with the sender; (ii) a private component associated with the sender; and (iii) the digital message; (B) generating a signature from a plurality of inputs comprising at least: (i) a second public component associated with the sender; and (ii) the intermediate variable; (C) creating an augmented message for transmission to a remote device, the augmented message including at least: (1) the digital message or an original message from which the digital message is derived; and (2) a fingerprint generated from a plurality of inputs comprising at least: (i) the first public component associated with the sender; (ii) the private component associated with the sender; and (iii) the digital message; and (3) the signature. The augmented message is transmitted or stored in memory.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 21/62 - Protecting access to data via a platform, e.g. using keys or access control rules
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
A method to securely transmit a secret from a sender to a recipient, comprising: (i) computing a first cipher from the secret, at least one noise data element and a first set of public data elements, wherein the first set of public data elements correspond to a first set of recipient-held data elements that are unknown to the sender; (ii) computing a second cipher from the secret, the at least one noise data element and a second set of public data elements, wherein the second set of public data elements correspond to a second set of recipient-held data elements that are unknown to the sender; and (iii) transmitting the first cipher and the second cipher to the recipient; wherein the secret is derivable by a predefined arithmetic computation involving the first cipher, the second cipher, the first set of recipient-held data elements and the second set of recipient-held data elements.
A digital communication method over an optical channel. Bob modulates a coherent optical signal with a random envelope phase φr, known to him and not to Alice, and transmits the modulated coherent optical signal (envelope) over the optical channel to Alice. Alice further modulates the envelope with a key phase φk, based on a secret key and a selected modulation scheme, to create a cipher envelope, and sends the cipher envelope towards Bob along the optical channel. Bob then demodulates a received version of the cipher envelope by removing the random envelope phase φr (known to Bob) and then measures the phase of the resulting demodulated coherent optical signal with the coherent detector to extract, to within a certain margin of error, the key phase φk, from which Alice's secret key can be decoded. Bob then uses the secret key for encrypting messages sent to Alice over any digital network.
A digital communication method over an optical channel. Bob modulates a coherent optical signal with a random envelope phase φr, known to him and not to Alice, and transmits the modulated coherent optical signal (envelope) over the optical channel to Alice. Alice further modulates the envelope with a key phase φk, based on a secret key and a selected modulation scheme, to create a cipher envelope, and sends the cipher envelope towards Bob along the optical channel. Bob then demodulates a received version of the cipher envelope by removing the random envelope phase φr (known to Bob) and then measures the phase of the resulting demodulated coherent optical signal with the coherent detector to extract, to within a certain margin of error, the key phase φk, from which Alice's secret key can be decoded. Bob then uses the secret key for encrypting messages sent to Alice over any digital network.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 29/06 - Communication control; Communication processing characterised by a protocol
A computer-implemented method, which comprises: receiving an input message comprising N-bit input segments, N being an integer greater than one; converting the N-bit input segments into corresponding N-bit output segments using a 2N-by-2N one-to-one mapping stored in a non-transitory storage medium; and generating an output message comprising the N-bit output segments. Also, a computer-implemented method for a recipient to validate a message received from a sender, the message including a first part and a second part. This method comprises receiving a token from a witnessing entity; obtaining a first data element by joint processing of the first part of the message and the token; obtaining a second data element by joint processing of the second part of the message using a key associated with the sender; and validating the message by comparing the first and second data elements.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 29/08 - Transmission control procedure, e.g. data link level control procedure
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
14.
Methods and systems for digital message encoding and signing
A data communication system, in which a sender obtains a set of base data elements; generates a first and a second key from (i) the set of base data elements and (ii) sets of first and second entanglement data elements, the first and second keys comprised of a respective first and second public component and a respective first and second private component. A recipient generates first and second ciphers by encoding a digital message using the first and second public components; and sends the first and second ciphers towards the sender apparatus. The sender then extracts the digital message based on the first and second ciphers, the first and second private components, and the sets of first and second entanglement data elements. The private components are not derivable from the public components or from the ciphers irrespective of computing power. A method of digital signing and verification is also described.
A digital processing method, which comprises obtaining a stream of N-bit input data words; obtaining a value k between 0 and M−1, inclusively, where M>1; processing each of the N-bit input data words at least based on the kth of M permutation elements to produce a corresponding N-bit output data word; and outputting a stream of N-bit output data words on a network or storing the stream of the N-bit output data words in a non-transitory storage medium.
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
A method that comprises storing a secret S in a non-transitory storage medium, wherein the secret S is shared with the recipient device; obtaining a stream of N-bit input data words; obtaining a value k between 0 and M-1, inclusively, where M>1, wherein the value k is obtained based at least in part on the secret S; processing each of the N-bit input data words at least based on the kth of M pemmtation elements to produce a corresponding N-bit output data word by (a) converting each of the N-bit input data words into a corresponding sparse 2N-element input array, (b) processing the sparse 2N-element input array with said kth of M permutation elements to produce a sparse 2N-element output array and (c) converting the sparse 2N-element output array into the corresponding N-bit output data word; and sending a stream of the N-bit output data words to the recipient device over the network.
A digital processing method, which comprises obtaining a stream of N-bit input data words; obtaining a value k between 0 and M-1, inclusively, where M>1; processing each of the N-bit input data words at least based on the kth of M permutation elements to produce a corresponding N-bit output data word; and outputting a stream of N-bit output data words on a network or storing the stream of the N-bit output data words in a non-transitory storage medium.
09 - Scientific and electric apparatus and instruments
37 - Construction and mining; installation and repair services
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely computer hardware and software that implement security controls protecting organizations, individuals and devices from security threats (1) Computer hardware installation services in the field of information security and cybersecurity
(2) Computer software installation, integration and deployment services in the field of information security and cybersecurity, computer hardware integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Operating a cloud service for securing information in transit and on personal and institutional storage devices
A system comprises a sender node and a trust authority, wherein the trust authority is configured to: generate a token from a shared state associated with the sender node; and store the token in association with an identifier; wherein the sender node is configured to generate said token; generate a signature from message data and the token; generate a message from the message data and the signature; send the signature to the trust authority; and send the message to the recipient node; and wherein the trust authority is further configured to: receive a request from the recipient node, the request specifying the identifier; retrieve the token based on the identifier; and send the token to the recipient node in response to the request. Also, a method of generating a shared token, the shared token being configured such that a second token is recoverable by processing the shared token and a first token generated locally.
H03M 7/00 - Conversion of a code where information is represented by a given sequence or number of digits to a code where the same information is represented by a different sequence or number of digits
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
09 - Scientific and electric apparatus and instruments
37 - Construction and mining; installation and repair services
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely computer hardware and software that implement security controls protecting organizations, individuals and devices from security threats (1) Computer hardware installation services in the field of information security and cybersecurity
(2) Computer software installation, integration and deployment services in the field of information security and cybersecurity, computer hardware integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Operating a cloud service for securing information in transit and on personal and institutional storage devices
A computer-implemented method, which comprises: receiving an input message comprising N-bit input segments, N being an integer greater than one; converting the N-bit input segments into corresponding N-bit output segments using a 2N-by-2N one-to-one mapping stored in a non-transitory storage medium; and generating an output message comprising the N-bit output segments. Also, a computer-implemented method for a recipient to validate a message received from a sender, the message including a first part and a second part. This method comprises receiving a token from a witnessing entity; obtaining a first data element by joint processing of the first part of the message and the token; obtaining a second data element by joint processing of the second part of the message using a key associated with the sender; and validating the message by comparing the first and second data elements.
H03M 7/00 - Conversion of a code where information is represented by a given sequence or number of digits to a code where the same information is represented by a different sequence or number of digits
H04L 9/28 - Arrangements for secret or secure communicationsNetwork security protocols using particular encryption algorithm
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
N possible output indexes, and setting bits of a corresponding N-bit output segment so as to represent the value of the output index; and causing transmission of a second bit stream formed using each corresponding first output segment to the second apparatus, where a similar operation is performed to recover the N-bit first input segments.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
H04L 9/06 - Arrangements for secret or secure communicationsNetwork security protocols the encryption apparatus using shift registers or memories for blockwise coding, e.g. D.E.S. systems
H04L 9/30 - Public key, i.e. encryption algorithm being computationally infeasible to invert and users' encryption keys not requiring secrecy
H04L 9/14 - Arrangements for secret or secure communicationsNetwork security protocols using a plurality of keys or algorithms
A computer-implemented method, which comprises: receiving an input message comprising N-bit input segments, N being an integer greater than one; converting the N-bit input segments into corresponding N-bit output segments using a 2N-by-2N one-to-one mapping stored in a non-transitory storage medium; and generating an output message comprising the N-bit output segments. Also, a computer-implemented method for a recipient to validate a message received from a sender, the message including a first part and a second part. This method comprises receiving a token from a witnessing entity; obtaining a first data element by joint processing of the first part of the message and the token; obtaining a second data element by joint processing of the second part of the message using a key associated with the sender; and validating the message by comparing the first and second data elements.
H04L 9/00 - Arrangements for secret or secure communicationsNetwork security protocols
G06Q 20/06 - Private payment circuits, e.g. involving electronic currency used only among participants of a common payment scheme
H03M 7/00 - Conversion of a code where information is represented by a given sequence or number of digits to a code where the same information is represented by a different sequence or number of digits
H04L 7/00 - Arrangements for synchronising receiver with transmitter
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely hardware and software that implement security controls protecting organizations, individuals and devices from security threats. (1) Computer hardware and software installation, integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Operating a cloud service for securing information in transit and on personal and institutional storage devices.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely hardware and software that implement security controls protecting organizations, individuals and devices from security threats. (1) Computer hardware and software installation, integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Operating a cloud service for securing information in transit and on personal and institutional storage devices.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely hardware and software that implement security controls protecting organizations, individuals and devices from security threats. (1) Computer hardware and software installation, integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Operating a cloud service for securing information in transit and on personal and institutional storage devices.
09 - Scientific and electric apparatus and instruments
42 - Scientific, technological and industrial services, research and design
Goods & Services
(1) Computer hardware and software for information security namely, firewall, anti-virus protection, intrusion prevention, network vulnerability assessment, network traffic analysis and security management systems; Information security systems, namely hardware and software that implement security controls protecting organizations, individuals and devices from security threats. (1) Computer hardware and software installation, integration and deployment services in the field of information security and cybersecurity; Consulting, research and development services in the field of Internet and information security; Operating a cloud service for securing information in transit and on personal and institutional storage devices.
