Systems and methods are provided for performing operations comprising: storing a set of input data; generating a noise distribution based on a two-step function, wherein a height of the two-step function is determined by a privacy parameter, a width of the two-step function is determined by minimizing a variance of the noise distribution, and wherein a mean of the two-step function is determined by a value of the set of input data to be privatized; applying the noise distribution to the set of input data to generate privatized noisy output data; and transmitting the resulting privatized noisy output data in response to a request for a portion of, or a complete set of, the input data.

An obfuscation process is described for obfuscating a cryptographic parameter of cryptographic operations such as calculations used in elliptical curve cryptography and elliptical curve point multiplication. Such obfuscation processes may be used for obfuscating device characteristics that might otherwise disclose information about the cryptographic parameter, cryptographic operations or a cryptographic operations more generally, such as information sometimes gleaned from side channel attacks and lattice attacks.

A substitute box includes a target input terminal, an obfuscation input terminal, a first output terminal and a second output terminal. The target input terminal is configured to receive a target input data. The obfuscation input terminal is configured to receive an obfuscation input data unrelated to a plaintext. The first output terminal is configured to output a first output data. The second output terminal is configured to output a second output data associated with the first output data. The first output data and the second output data are generated according to both the target input data and the obfuscation input data.

Systems and methods are provided for generating noise in user data to generate privatized data. The systems and methods generate the privatized data by performing operations comprising: storing a set of input data; generating a noise distribution based on a two-step function, wherein a height of the two-step function is determined by a privacy parameter, a width of the two-step function is determined by minimizing a variance of the noise distribution, and wherein a mean of the two-step function is determined by a value of the set of input data to be privatized; applying the noise distribution to the set of input data to generate privatized noisy output data; and transmitting the resulting privatized noisy output data in response to a request for a portion of, or a complete set of, the input data.

This disclosure describes systems on a chip (SOCs) that prevent side channel attacks (SCAs). The SoCs of this disclosure concurrently operate multi-round encryption and decryption datapaths according to a combined sequence of encryption rounds and decryption rounds. An example SoC of this disclosure includes an engine configured to encrypt transmission (Tx) channel data using a multi-round encryption datapath, and to decrypt encrypted received (Rx) channel data using a multi-round decryption datapath. The SoC further includes a security processor configured to multiplex the multi-round encryption datapath against the multi-round decryption datapath on a round-by-round basis to generate a mixed sequence of encryption rounds and decryption rounds, and to control the engine to encrypt the Tx channel data and decrypt the encrypted Rx channel data according to the mixed sequence of encryption rounds and decryption rounds.

This disclosure describes systems on a chip (SOCs) that prevent side channel attacks (SCAs). An example SoC of this disclosure includes an engine configured to encrypt transmission (Tx) channel data using an encryption operation set configured with a first polynomial, and to decrypt encrypted received (Rx) channel data using a decryption operation set configured with a second polynomial different from the first polynomial. The SoC further includes a security processor configured to multiplex the encryption operation set against the decryption operation set with a varied sequence of selection inputs on a round-by-round basis to generate a mixed sequence of encryption rounds and decryption rounds, and to control the engine to encrypt the Tx channel data and decrypt the encrypted Rx channel data in a combined datapath according to the mixed sequence of encryption rounds and decryption rounds.

A communication network can include a random number beacon broadcasting a random number stream to multiple computing devices. At least two of those computing devices can generate private keys for secured communication based a subset of random numbers from the random number stream. Other devices do not have access to these private keys even though they have access to the subset of random numbers by virtue of receiving the broadcasted random number stream. The subset of random numbers can be extracted based on a predetermined time known only to the two or more devices, and/or the subset of random numbers can be extracted following detection of a predetermined number sequence in the random number stream known only to the two or more devices. Following a similar concept, a computing device can generate private cryptographic keys from a public random number stream.

In various embodiments, a computer-readable memory medium coupled to a processor is disclosed. The memory medium is configured to store instructions which cause the processor to retrieve a seed value, receive a digital bit stream, generate a stream of random bits, using the seed value as a seed to a pseudo random number generator (PRNG), wherein the stream of random bits contains at least as many bits as the digital bit stream, shuffle bits of the stream of random bits to create a random bit buffer, generate an obfuscated digital bit stream by applying a first exclusive OR (XOR) to the digital bit stream and the random bit buffer, wherein the obfuscated digital bit stream has the same number of bits as the digital bit stream, and provide the obfuscated digital bit stream to the communications interface.

Technologies are disclosed for computing heavy hitter histograms using locally private randomization. Under this strategy, “agents” can each hold a “type” derived from a large dictionary. By performing an algorithm, an estimate of the distribution of data can be obtained. Two algorithms implement embodiments for performing methods involving differential privacy for one or more users, and usually are run in the local model. This means that information is collected from the agents with added noise to hide the agents' individual contributions to the histogram. The result is an accurate enough estimate of the histogram for commercial or other applications relating to the data collection of one or more agents. Specifically, the proposed algorithms improve on the performance (measured in computation and memory requirements at the server and the agent, as well as communication volume) of previously solutions.

Systems and methods for enabling constant plaintext space in bootstrapping in fully homomorphic encryption (FHE) are disclosed. A computer-implemented method for producing an encrypted representation of data includes accessing a set of encoded digits. The method includes applying an inverse linear transformation to the set of encoded digits to obtain a first encoded polynomial. The method includes applying a modulus switching and dot product with bootstrapping key to add an error term to each of the encoded digits in the first polynomial to obtain a second encoded polynomial. The method includes applying a linear transformation to the second encoded polynomial to obtain a first batch encryption. The method includes applying digit extraction to the first batch encryption to obtain a second batch encryption, the second batch encryption corresponding to the set of encoded digits without the error term.