ENCRYPTION

Is a variant of elliptic curve cryptography, where a pairing is a special map defined over elliptic curves. Generally, elliptic curves is defined so that pairing is not efficiently computable since elliptic curve cryptography is broken if pairing is efficiently computable. As the importance of pairing grows, elliptic curves where pairing is efficiently computable are studied and the special curves called pairing-friendly curves are proposed. Thanks to the characteristics of pairing, it can be applied to construct several cryptographic algorithms and protocols such as identity-based encryption (IBE), attribute-based encryption (ABE), authenticated key exchange (AKE), short signatures and so on.

Weil-pairing - Wikipedia

IETF on pairing-friendly curves - several applications using pairing-based cryptography are standardized and implemented.

IETF issues RFCs for pairing-based cryptography such as identity-based cryptography, certificateless signatures, Sakai-Kasahara Key Encryption (SAKKE), and Identity-Based Authenticated Key Exchange (IBAKE), SAKKE is applied to Multimedia Internet KEYing (MIKEY) and used in 3GPP
Pairing-based key agreement protocols are standardized in ISO/IEC 11770-3:2015, which contains a key agreement scheme by Joux, identity-based key agreement schemes by Smart-Chen-Cheng and by Fujioka-Suzuki-Ustaoglu.
MIRACL implements M-Pin, a multi-factor authentication protocol. M-Pin protocol includes a kind of zero-knowledge proof, where pairing is used for its construction.
Trusted Computing Group (TCG) specifies ECDAA (Elliptic Curve Direct Anonymous Attestation) in the specification of Trusted Platform Module (TPM). ECDAA is a protocol for proving the attestation held by a TPM to a verifier without revealing the attestation held by that TPM. Pairing is used for constructing ECDAA.
FIDO Alliance and W3C also published ECDAA algorithm similar to TCG.
Zcash implements their zero-knowledge proof algorithm named zk-SNARKs (Zero-Knowledge Succinct Non-Interactive Argument of Knowledge), used for protecting privacy of transactions of Zcash. T hey use pairing for constructing zk-SNARKS.
Cloudflare introduced Geo Key Manager to restrict distribution of customers' private keys to the subset of their data centers. To achieve this functionality, attribute-based encryption is used based on pairing.
DFINITY utilized threshold signature scheme to generate the decentralized random beacons. They constructed a BLS signature-based scheme, which is based on pairings.
In Ethereum 2.0, project Prysm applies signature aggregation for scalability benefits by leveraging DFINITY's random-beacon chain playground. Their codes are published on GitHub.

NTRU encryption

NTRU is an open source public-key cryptosystem that uses lattice-based cryptography to encrypt and decrypt data. It consists of two algorithms: NTRUEncrypt, which is used for encryption, and NTRUSign, which is used for digital signatures. Unlike other popular public-key cryptosystems, it is resistant to attacks using Shor's algorithm. NTRUEncrypt was patented, but it was placed in the public domain in 2017. NTRUSign is patented, but it can be used by software under the GPL.

NTRU is an abbreviation for "Nth degree truncated polynomial ring units."

NTRU - Wikipedia

1996 by Jeffrey Hoffstein, Jill Pipher, and Joseph H. Silverman
2016, Daniel Bernstein, Chitchanok Chuengsatiansup, Tanja Lange and Christine van Vredendaal released NTRU Prime

XTR encryption

XTR is an algorithm for public-key encryption, relying on the difficulty of the DLP. XTR stands for 'ECSTR', which is an abbreviation for Efficient and Compact Subgroup Trace Representation. It relies on the difficulty of solving Discrete Logarithm related problems in the full multiplicative group of a finite field. Unlike many cryptographic protocols that are based on the generator of the full multiplicative group of a finite field, XTR uses the generator g of a relatively small subgroup of some prime order q of a subgroup.

XTR - WikipediaLenstra Verheul

Authenticated encryption

Authenticated encryption (AE) and authenticated encryption with associated data (AEAD) are forms of encryption which simultaneously assure the confidentiality and authenticity of data.

Six different authenticated encryption modes (namely OCB 2.0, Key Wrap, CCM, EAX, Encrypt-then-MAC (EtM), and GCM) have been standardized in ISO/IEC 19772:2009. More authenticated encryption methods were developed in response to NIST solicitation.

Basics

AEGIS Hongjun-Preneel - 2013

Homomorphic encryption

Homomorphic encryption is a form of encryption that allows computation on ciphertexts, generating an encrypted result which, when decrypted, matches the result of the operations as if they had been performed on the plaintext.

Basics

Homomorphic encryption - Wikipedia
Homomorphic encryption consortium - a consortium of industry, government and academia to standardise homomorphic encryption

Systems

Paillier - Wikipedia

Invented by and named after Pascal Paillier in 1999
Is a probabilistic asymmetric algorithm for public key cryptography
Based on the problem of computing n-th residue classes, i.e. the decisional composite residuosity assumption
Is an additive homomorphic cryptosystem; this means that, given only the public key and the encryption of m₁ and m₂ , one can compute the encryption of m₁ + m₂.

MPC

Secure multi-party computation (also known as secure computation, multi-party computation (MPC), or privacy-preserving computation) is a subfield of cryptography with the goal of creating methods for parties to jointly compute a function over their inputs while keeping those inputs private. Unlike traditional cryptographic tasks, where cryptography assures security and integrity of communication or storage and the adversary is outside the system of participants (an eavesdropper on the sender and receiver), the cryptography in this model protects participants' privacy from each other.

Related to Shamir's 'How to share a secret'.