The invention is directed to a system that enables an authentication process that involves secure multi-party computation. The authentication process can be performed between a user device operated by a user and an access device. The user device and the access device may conduct the authentication process such that enrollment information and authentication information input by the user is not transmitted between the devices. Instead, the user device may determine and utilize obfuscated values associated with the authentication information. The user device may also determine an obfuscated authentication function that can be utilized to determine an authentication result without revealing enrollment information and authentication information associated with the user. The user can be authenticated based on the authentication result.

The present invention concerns a method for processing system logs of a computer system. A system log generator (LG) transmits these system logs to a system log analyser (SIEM) after they have been encrypted by means of a symmetric encryption key and sends the symmetric encryption key in parallel with a homomorphic cryptosystem public key. The system log analyser carries out a transcryption of these logs then a processing thereof in the homomorphic domain. The result of the processing in the homomorphic domain is then transmitted to a security centre (SOC) or even directly to the system log generator to be decrypted there. The security centre can establish a security report or propose a countermeasure before sending it, in form encrypted by the symmetric key, to the system log generator.

A cryptographic method including: generating by a first device having a datum x an RSA module N; computing by the first device a number C=g.sup.b.sup.axh1, g being an element of sub-group G of order b.sup.d, h1 being an element of sub-group H of order f, and a, b, d, f being integers, b and f being mutually prime, and x and y being less than d/a; sending C to a second device having datum y; computing by the second device D=C.sup.u.Math.b.sup.d−ay(gh3).sup.vh2, u and v being random numbers and h2 and h3 being elements of H, and a first fingerprint (gh3).sup.v; sending to the first device, D and the first fingerprint; computing by the first device (D.sup.f).sup.f′, f′=1/f; obtaining based on (D.sup.f).sup.f′ a second fingerprint; and determining whether x is greater than or equal to y or x is less than y by comparing the first and the second fingerprints.

Disclosed are systems and methods for delegating computations of resource-constrained mobile clients, in which multiple servers interact to construct an encrypted program representing a garbled circuit. Implementing the garbled circuit, garbled outputs are returned. Such implementations ensure privacy of each mobile client's data, even if an executing server has been colluded. The garbled circuit provides secure cloud computing for mobile systems by incorporating cryptographically secure pseudo random number generation that enables a mobile client to efficiently retrieve a result of a computation, as well as verify that an evaluator actually performed the computation. Cloud computation and communication complexity are analyzed to demonstrate the feasibility of the proposed system for mobile systems.

An encryption processing system includes: a first device; second devices; and a third device, wherein the first device generates synthesis keys by selecting public keys of the second devices; generates an intermediate text from confidential texts generated by encrypting secret information by using public keys of the second devices having decryption authority; generates ciphertexts by further encrypting the intermediate text using the synthesis keys; and makes public the ciphertexts, each of the second devices verifies validity of the ciphertexts; generates decryption key fragments by using an own private key; and makes public the decryption key fragments, the third device verifies validity of the decryption key fragments; generates a decryption key by combining decryption key fragments; generates the Intermediate text by decrypting one of the ciphertexts; and makes public the intermediate text, and the second device decrypts the intermediate text using the own private key; and restores the secret information.

An apparatus includes a processor programmed to define an input matrix and kernel matrix based upon the encrypted data, identify an algebraic structure of an encryption method applied to the encrypted data, determine a primitive root of unity in the algebraic structure in response to an input matrix size and a kernel matrix size, transform the input matrix and kernel matrix utilizing the primitive root of unity into a transformed input matrix and a transformed kernel matrix, compute an element-wise multiplication of the transformed input matrix and transformed kernel matrix, apply a reverse discrete Fourier transformation, and output a convolution of the input matrix and the kernel matrix based upon the encrypted data.

Disclosed is a method that includes training, at a client, a part of a deep learning network up to a split layer of the client. Based on an output of the split layer, the method includes completing, at a server, training of the deep learning network by forward propagating the output received at a split layer of the server to a last layer of the server. The server calculates a weighted loss function for the client at the last layer and stores the calculated loss function. After each respective client of a plurality of clients has a respective loss function stored, the server averages the plurality of respective weighted client loss functions and back propagates gradients based on the average loss value from the last layer of the server to the split layer of the server and transmits just the server split layer gradients to the respective clients.

The technology disclosed relates to a system and method for assigning participants to groups in a clinical trial. The system includes a federated server configured with group assignability data specifying a plurality of groups assignable to participants in a clinical trial and group distribution data specifying distribution of the participants into groups. The groups include at least one placebo group and one or more treatment groups. The system includes an intervention server configured to generate group encryption keys for encrypting the group assignability data. The system includes edge devices of each of the participants. The edge devices are in communication with the federated server.

Provided herein are system, devices and methods for applying Multi-Party Computation (MPC) to authenticate a user accessing a secure resource using a plurality of computing nodes. The computing nodes, each receiving a respective one of a plurality of encrypted shares created using a plurality of keys to encrypt private data captured by a client device used by the user accessing the secure resource, engage in a secure MPC to compare between the encrypted shares and reference encrypted private data copies also encrypted using the plurality of keys without decrypting the private data since the keys are not available to the computing nodes. The computing nodes compute a match score based on the comparison and transmit it to a controller of the secure resource configured to grant or deny the client device access to the secure resource based on the match score.

The invention proposes a method comprising the calculation of a function written as a product of: a sub-function f.sub.X of a datum of a client unit a sub-function f.sub.Y of a datum of a client unit, and a product of n indexed sub-functions f.sub.i of both data,
the method comprising the steps of: randomly generating, by the server unit, n indexed invertible data r.sub.i from the set with m being a prime number, generating, by the server unit, for each i from 1 to n, a set for which each element is formed by a product of a datum r.sub.i with a possible result of the sub-function of two variables f.sub.i evaluated in both data, applying an oblivious transfer protocol between the client unit and the server unit so that the client unit recovers, for each i from 1 to n, an intermediate datum t.sub.i equal to:

t.sub.i=r.sub.i×f.sub.i(x.sub.i,Y) obtaining, by the client unit a result T from intermediate data such that:

[00001]$T=f_X\left(X^{\prime }\right)\times \underset{i=1}{\overset{n}{.Math.}}.Math..Math.t_i$ obtaining, by the server unit a result R from inverted data such that:

[00002]$R=f_Y\left(Y\right)\times \underset{i=1}{\overset{n}{.Math.}}.Math..Math.r_i^{-1}$ using the results T and R in a cryptographic application.