Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to detokenize encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

In aspects of high-precision rational number arithmetic in homomorphic encryption, a computing device stores homomorphic encrypted data as a dataset, and implements an encryption application that can encode integers into plaintext polynomials, where the integers are representative of initial data received for encryption. The encryption application can encrypt the plaintext polynomials into ciphertexts of the homomorphic encrypted data, and perform homomorphic operations as rational number arithmetic on the ciphertexts, generating updated ciphertexts while the homomorphic encrypted data remains encrypted. The encryption application can then decrypt the updated ciphertexts to modified plaintext polynomials that can be resolved back to the plaintext polynomials effective to recover the integers that represent the initial data. The encryption application can also decode the modified plaintext polynomials back to the integers effective to recover the initial data in an unencrypted form.

A circuit module of an integrated circuit is located in a first zone of a semiconductor substrate. A decoy cell includes an antenna above a second zone of the semiconductor substrate. The second zone is different from the first zone. A generation circuit operates to generate a decoy electrical signal on the basis of a first electrical signal that is characteristic of an operation of the circuit module and of at least one pseudo-random parameter. The decoy electrical signal is circulated through the antenna so as to generate a decoy electromagnetic radiation.

In aspects of variable relinearization in homomorphic encryption, a computing device stores homomorphic encrypted data as a dataset, and implements an encryption application that can perform a multiplication operation on a ciphertext in the homomorphic encrypted data, where the multiplication operation contributes to increase a noise component in the ciphertext. The encryption application can determine a relinearization amount by which to relinearize the ciphertext after the multiplication operation, where the determination is effective to optimize a noise increase in the ciphertext based at least in part on projected subsequent multiplication operations on the ciphertext. The encryption application can then relinearize the ciphertext utilizing the determined relinearization amount that optimizes the noise increase in the ciphertext for optimal relinearization performance.

An information processing apparatus includes a processor configured to receive, respectively from a plurality of external devices, plural pieces of encrypted data encrypted with a random number sequence. The processor generates parity data by using the received plural pieces of encrypted data. The processor stores the generated parity data in a memory. The processor receives a restoration request for restoring first encrypted data from a first external device among the plurality of external devices. The processor receives, respectively from one or more second external devices among the plurality of external devices other than the first external device, one or more pieces of second encrypted data among the plural pieces of encrypted data other than the first encrypted data. The processor restores the first encrypted data by using the received one or more pieces of second encrypted data and the parity data stored in the memory.

Systems and methods for generating min-increment counting bloom filters to determine count and frequency of device identifiers and attributes in a networking environment are disclosed. The system can maintain a set of data records including device identifiers and attributes associated with device in a network. The system can generate a vector comprising coordinates corresponding to counter registers. The system can identify hash functions to update a counting bloom filter. The system can hash the data records to extract index values pointing to a set of counter registers. The system can increment the positions in the min-increment counting bloom filter corresponding to the minimum values of the counter registers. The system can obtain an aggregated public key comprising a public key. The system can encrypt the counter registers using the aggregated shared key to generate an encrypted vector. The system can transmit the encrypted vector to a networked worker computing device.

Encryption and decryption techniques based on one or more transposition vectors. A secret key is used to generate vectors that describe permutation (or repositioning) of characters within a segment length equal to a length of the transposition vector. The transposition vector is then inherited by the encryption process, which shifts characters and encrypts those characters using a variety of encryption processes, all completely reversible. In one embodiment, one or more auxiliary keys, transmitted as clear text header values, are used as initial values to vary the transposition vectors generated from the secret key, e.g., from encryption-to-encryption. Any number of rounds of encryption can be applied, each having associated headers used to detokenize encryption data and perform rounds to decryption to recover the original data (or parent token information). Format preserving encryption (FPE) techniques are also provided with application to, e.g., payment processing.

A non-interactive protocol is provided for evaluating machine learning models such as decision trees. A client can delegate the evaluation of a machine learning model such as a decision tree to a server by sending an encrypted input and receiving only the encryption of the result. The inputs can be encoded as vector of integers using their binary representation. The server can then evaluate the machine learning model using a homomorphic arithmetic circuit. The homomorphic arithmetic circuit provides an implementation that requires fewer multiplication than a Boolean comparison circuit. Efficient data representations are then combined with different algorithmic optimizations to keep the computational overhead and the communication cost low. Related apparatus, systems, techniques and articles are also described.

Systems and techniques are provided for security processing. For example, a process for security processing may include obtaining a cryptographic input at a cryptographic algorithm execution component; obtaining a first mask and a second mask at the cryptographic algorithm execution component; executing a first logic circuit using the first mask and the cryptographic input to obtain a first output; executing a second logic circuit using the second mask and the cryptographic input to obtain a second output; and performing a comparison of the first output and the second output to determine whether the comparison is a successful comparison.

A digital processing method, which comprises obtaining a stream of N-bit input data words; obtaining a value k between 0 and M?1, inclusively, where M>1; processing each of the N-bit input data words at least based on the kth of M permutation elements to produce a corresponding N-bit output data word; and outputting a stream of N-bit output data words on a network or storing the stream of the N-bit output data words in a non-transitory storage medium.