A method and an apparatus for hardware security to countermeasure side-channel attacks are provided. The method or apparatus may introduce at least one redundant or partial redundant computation having a similar power dissipation profile or an electromagnetic emission profile when compared to that of a genuine operation for cryptographic devices, and/or to reorder the iterations of operations in a different sequence. The redundant or partial redundant computation may be performed by using a different password key and/or a different raw data (e.g., plaintext). The presence of the redundant or partial redundant computation would make side-channel attacks difficult in the sense that genuine or redundant/partial redundant operations are difficult to be clearly identified, hence serving as a countermeasure for hardware security.

Systems and methods for generating min-increment counting bloom filters to determine count and frequency of device identifiers and attributes in a networking environment are disclosed. The system can maintain a set of data records including device identifiers and attributes associated with device in a network. The system can generate a vector comprising coordinates corresponding to counter registers. The system can identify hash functions to update a counting bloom filter. The system can hash the data records to extract index values pointing to a set of counter registers. The system can increment the positions in the min-increment counting bloom filter corresponding to the minimum values of the counter registers. The system can obtain an aggregated public key comprising a public key. The system can encrypt the counter registers using the aggregated shared key to generate an encrypted vector. The system can transmit the encrypted vector to a networked worker computing device.

A secure enclave may be used to satisfy privacy requirements and audit requirements. Code may be loaded into the secure enclave. The code may generate a predefined report based on data and added noise. The pre-defined report may be subject to audit requirements. The data may be subject to the privacy requirements. The secure enclave may generate an encryption key and a decryption key based on the code. Only the secure enclave may have access to the decryption key. And the secure enclave may allow only a verified copy of the code to access the decryption key. With the added noise, the report may satisfy a pre-defined differential privacy guarantee. Encrypting the code and ensuring that the report satisfies the differential privacy guarantee may satisfy the privacy requirements. Retaining the report, the code, the secure enclave, and the encrypted data may satisfy the audit requirements.

A method is provided for a device participating in a data aggregation service. The device receives, from at least one requesting server, a participant homomorphic encryption key, and a request for data to perform a computation. The device encrypts requested data, including a location identifier, with the participant homomorphic encryption key, and sends, to an aggregation service, the encrypted requested data.

Disclosed are systems, methods, and non-transitory computer-readable medium for securely sharing data computations and algorithms. The method may include: receiving, by one or more processors, at least one algorithm function; generating, by the one or more processors, a protection function using the received algorithm function; generating, by the one or more processors, a Boolean circuit function based on the protection function; receiving, by the one or more processors, at least one encrypted data inputs; evaluating, by the one or more processors, the encrypted data inputs using the generated Boolean circuit function to generate evaluated results; and transmitting, by the one or more processors, the evaluated results.

A method and apparatus of a device that stores an object on a plurality of storage servers is described. In an exemplary embodiment, the device receives an object to be stored and encrypts the object with a first key. The device further creates a plurality of bit vectors from the encrypted object. In addition, the device randomizes the plurality of bit vectors to generate a plurality of randomized bit vectors. Furthermore, the device sends the plurality of randomized bit vectors and the plurality of second keys to the plurality of storage servers, wherein each of the plurality of storage servers stores at least one each of the plurality of randomized bit vectors and the plurality of second keys.

A method, and system for a distributed artificial intelligence architecture may be shown and described. An embodiment may present an exemplary distributed explainable neural network (XNN) architecture, whereby multiple XNNs may be processed in parallel in order to increase performance. The distributed architecture may include a parallel execution step which may combine parallel XNNs into an aggregate model by calculating the average (or weighted average) from the parallel models. A distributed hybrid XNN/XAI architecture may include multiple independent models which can work independently without relying on the full distributed architecture. An exemplary architecture may be useful for large datasets where the training data cannot fit in the CPU/GPU memory of a single machine. The component XNNs can be standard plain XNNs or any XNN/XAI variants such as convolutional XNNs (CNN-XNNs), predictive XNNS (PR-XNNs), and the like, together with the white-box portions of grey-box models like INNs.

A method, a computer program product, and a system for embedding a message in a random value. The method includes generating a random value and applying a hash function to the random value to produce a hash value. Starting with the hash value, the method further includes reapplying the hash function in an iterative or recursive manner, with a new hash value produced by the hash function acting as an initial value that is applied to the hash function for a next iteration, until a bit sequence representing a message is produced in a message hash value. The method further includes utilizing the message hash value as a new random value that can be used by an encryption algorithm.

An apparatus comprises an input register comprising an input polynomial, a processing datapath communicatively coupled to the input register comprising a plurality of compute nodes to perform a number theoretic transform (NTT) algorithm on the input polynomial to generate an output polynomial in NTT format. The plurality of compute nodes comprises at least a first butterfly circuit to perform a series of butterfly calculations on input data and a randomizing circuitry to randomize an order of the series of butterfly calculations.

A blockchain environment may accumulate Merkle values calculated by individual nodal machines. Any nodal machine (such as a miner system) need only be sent Merkle child values as inputs. The nodal machine may then determine a hierarchical Merkle value based only on the Merkle child values provided as the inputs. Because the nodal machine only requires the Merkle child values, the nodal machine is relieved from downloading/storing an entire blockchain. The nodal machine need only download the piece, segment, or portion of interest, which consumes far less memory byte space and requires far less processor time/tasks/cycles/operations. Moreover, because each nodal machine only needs to download a small block/byte portion of the blockchain, network packet traffic is greatly reduced.