An initialization unit generates secret values of vectors p{right arrow over ( )}.sub.0 and r{right arrow over ( )}.sub.0 and a value ρ.sub.0. A first computation unit generates a secret value of a D-fold value of a vector a{right arrow over ( )}.sub.i−1. A second computation unit generates a secret value of a D-fold value of a value γ.sub.i−1. A third computation unit generates a secret value of a value α.sub.i−1. A fourth computation unit generates a secret value of a D-fold value of a vector d{right arrow over ( )}.sub.i. A fifth computation unit generates a secret value of a vector x{right arrow over ( )}.sub.i. A sixth computation unit the generates a secret value of a vector r{right arrow over ( )}.sub.i. A seventh computation unit generates a secret value of a D-fold value of a value ρ.sub.i. An eighth computation unit generates a secret value of a value β.sub.i. A ninth computation unit generates a secret value of a vector p{right arrow over ( )}.sub.i.

Systems, methods, and computer-readable media are disclosed for secure integer comparison using binary trees. A server may receive a first encrypted input and a public encryption key from a client. The server may create a binary tree representing a second encrypted input. The server may evaluate the first encrypted input on the binary tree. The evaluation may comprise computing decision bits along a plurality of paths of the binary tree. The decision bits may then be aggregated along each path of the binary tree and the aggregation stored at a leaf node of each path. The leaf node of each path may be evaluated to obtain a comparison result. The comparison result may be encrypted with the public encryption key. The server may send the comparison result to the client for decryption. The comparison result may indicate whether the first input was larger than the second input.

Methods, systems, and devices for homomorphic encryption. In one implementation, the methods include inputting first data into a recurrent artificial neural network, identifying patterns of activity in the recurrent artificial neural network that are responsive to the input of the secure data, storing second data representing whether the identified patterns of activity comports with topological patterns, and statistically analyzing the second data to draw conclusions about the first data.

This disclosure relates to protecting the confidential information of multiple entities using secure multi-party computation (MPC) and k-anonymity techniques. In some aspects, a method includes receiving, by a first MPC computing system from a client device, a content request including encrypted user group identifiers. Each encrypted user group identifier is encrypted using a first encryption key of a second MPC computing system. For each encrypted user group identifier, a request is transmitted to the second MPC computing system. The request includes the encrypted user group identifier. For each user group identifier that satisfies a k-anonymity, the first MPC computing system receives, from the second MPC computing system, a plaintext value of the user group identifier. The first MPC computing system transmits a selection parameter request to one or more platforms. The selection parameter request includes the plaintext value of the user group identifier.

This document describes systems and techniques for improving the integrity and protecting the security of information in content selection and distribution. In one aspect, a method includes receiving, by a first server of a secure multi-party computation (MFC) system from an application on a user device, a request for a digital component. The request is parsed into distinct sub-requests. Each sub-request is transmitted to a different server. A set of candidate selection values is received from a separate server. The first server performs, in collaboration with one or more second servers of the MFC system, a selection process to generate a selection result for a winning digital component, including merging, the first set of candidate selection values and a set of cached selection values to create a final set of candidate selection values and sorting the final set according to the values of the candidate selection values.

In one implementation, the disclosure provides systems and methods for a multi-party secret sharing protocol that is device specific in that the secret matrix used herein is tied to individual computing devices. Specifically, the method includes determining device channel errors of a plurality of computing devices based on channel impulse response (CIR) of communication channels of the plurality of computing devices, training a linear regression model using the device channel errors to generate learning with error (LWE) secrets for each of the plurality of computing devices, generating a general access structure secret matrix using the LWE secrets from each of the plurality of computing devices, and distributing shares of the general access structure secret matrix to the plurality of computing devices based on a multi-party secret sharing protocol, wherein the multi-party secret sharing protocol provides that the general access structure secret matrix cannot be constructed without shares from an authorized set of the computing devices.

A method for providing encrypted search includes receiving, at a user device associated with a user, a search query for a keyword that appears in one or more encrypted documents stored on an untrusted storage device and accessing a count table to obtain a count of documents that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of documents. The method also includes evaluating a first portion of the DPRF and delegating a remaining second portion of the DPRF to the untrusted storage device which causes the untrusted storage device to evaluate the DPRF and access an encrypted search index associated with the documents. The untrusted storage device determines one or more encrypted documents associated with DPRF and returns, to the user device, an identifier for each encrypted document associated with the DPRF.

According to an aspect, there is provided a method of operating a first computing node to distribute a computation output, the method comprising: determining a first random mask; providing the first random mask as a private input to a computation by a first evaluator node and a second evaluator node; receiving, from each of the first evaluator node and the second evaluator node, a respective masked computation output, wherein each masked computation output is a function of an output of the computation and the first random mask; if the received respective masked computation outputs match, determining the output of the computation from the received masked computation output and the first random mask; and sending information to the first evaluator node and the second evaluator node to enable the first evaluator node and the second evaluator node to determine the output of the computation from the respective masked computation output.

A power is computed at high speed with a small number of communication rounds. A secret computation system that includes three or more secret computation apparatuses computes a share [a.sup.ν] of the ν-th power of data “a” from a share [a] of data “a” while data “a” is concealed. The share [a] of data “a” and an exponent ν are input to an input unit (step S11). A local operation unit computes the p.sup.u-th power of a share [a.sup.t] of the t-th power of data “a” without communication with the other secret computation apparatuses (step S12). A secret computation unit uses secret computation that requires communication with the other secret computation apparatuses to compute a multiplication in which at least one of the multiplicands is $\left[a^{\left(t*p^u\right)}\right],$
the computation result of the local operation unit, to obtain the share [a.sup.ν] (step S13). An output unit outputs the share [a.sup.ν] (step S14).

The present disclosure relates to systems, methods, and computer-readable media for enhancing security of communications between instances of clients and servers while enabling rotation of server certificates (e.g., X.509 certificates). The systems described herein involve updating a client list of server certificates (e.g., a certificate thumbprint) without reconfiguring or re-installing a client and/or server application, starting a new session (e.g., a hypertext transfer protocol secure (HTTPS) session), or deploying new code. The systems described herein may passively or actively update a client list of certificates to enable a client to security verify an identity of a server instance in a non-invasive way that boosts security from man-in-the-middle types of attacks.