A method for providing encrypted search includes receiving, at a user device associated with a user, a search query for a keyword that appears in one or more encrypted documents stored on an untrusted storage device and accessing a count table to obtain a count of documents that include the keyword. The method also includes generating a delegatable pseudorandom function (DPRF) based on the keyword, a private cryptographic key, and the count of documents. The method also includes evaluating a first portion of the DPRF and delegating a remaining second portion of the DPRF to the untrusted storage device which causes the untrusted storage device to evaluate the DPRF and access an encrypted search index associated with the documents. The untrusted storage device determines one or more encrypted documents associated with DPRF and returns, to the user device, an identifier for each encrypted document associated with the DPRF.

A secure authentication method includes: deriving a distributed LSH value using secret LSH, taking a first distributed feature amount which is a feature amount of user information distributed through a secret distribution method and encrypted LSH parameters as inputs; deriving a distributed hash value using a secret unidirectional function, taking the distributed LSH value and a distributed key as inputs; decoding the hash value by reversing distribution of the distributed hash value; selecting, from a secret hash table storing sets of a hash value as an index and a distributed feature amount as a data string, a set including a hash value matching the decoded hash value; computing, in secret, similarity between the distributed feature amount in the set and the first distributed feature amount; deriving, in secret, a user authentication result based on the similarity computed; and outputting the derived authentication result.

A first terminal holds first encrypted data encrypted by using a first key by a first encryption scheme having deterministic and commutativity, a second terminal holds second encrypted data encrypted by using a second key by the first encryption scheme, the first terminal transmits the first encrypted data to the second terminal, the second terminal transmits the second encrypted data to the first terminal, the first terminal generates third encrypted data by encrypting the second encrypted data by using the first key by the first encryption scheme, the third encrypted data is transmitted to the second terminal, the second terminal decrypts the third encrypted data with the second key, and calculates a common part between the second encrypted data and the decrypted third encrypted data, and transmits the common part to the first terminal, and the first terminal decrypts the common part with the first key.

Multiple systems may determine neural-network output data and neural-network parameter data and may transmit the data therebetween to train and run the neural-network model to predict an event given input data. A data-provider system may perform a dot-product operation using encrypted data, and a secure-processing component may decrypt and process that data using an activation function to predict an event. Multiple secure-processing components may be used to perform a multiplication operation using homomorphic encrypted data.

Users of a multisignature wallet can customize keys to initiate various transactions. As a user specifies roles to customize keys, a smart contract is updated to associate the roles with the keys, where the customized keys are then associated with the user's multisignature wallet. The user may perform transactions by signing using the key or an address of the key, where a transaction can be processed upon verifying the key and its role. Additionally, a privacy service can facilitate blockchain transactions initiated using a key of a multisignature wallet. The privacy service receives a transaction signed by a key of the multisignature wallet and identifies a proxy wallet using the key. The privacy service validates and signs the transaction, which is then sent to a proxy wallet. The proxy wallet can cause a blockchain transaction to be executed.

Users of a multisignature wallet can customize keys to initiate various transactions. As a user specifies roles to customize keys, a smart contract is updated to associate the roles with the keys, where the customized keys are then associated with the user's multisignature wallet. The user may perform transactions by signing using the key or an address of the key, where a transaction can be processed upon verifying the key and its role. Additionally, a privacy service can facilitate blockchain transactions initiated using a key of a multisignature wallet. The privacy service receives a transaction signed by a key of the multisignature wallet and identifies a proxy wallet using the key. The privacy service validates and signs the transaction, which is then sent to a proxy wallet. The proxy wallet can cause a blockchain transaction to be executed.

Textual masking for multiparty computation is provided. The method comprises receiving masked input data from a number of contributors, wherein the input data from each contributor has a unique contributor mask value. A unique analyst mask factor is received for each contributor, computed by an analyst as a difference between a uniform analyst mask value and the contributor mask value. An API call is received from the analyst to aggregate the input data from the contributors. The respective analyst mask factors are added to the input data from the contributors, and the data is aggregated and shuffled. Computational results received from the analyst based on the aggregated input data are published. In response to API calls from the contributors, the analyst mask factors are removed from the computational results, wherein computational results received by each contributor are masked only by the respective contributor mask value.

An oblivious distributed file system is provided using an oblivious random access machine (ORAM), including an ORAM balanced tree structure, where each node in the tree is configured to store data blocks, the structure including at least two shares. The system also includes at least two ORAM servers, each of the servers configured to communicate with a client ORAM device, and programmed to facilitate storage of a different subset of the shares of the tree structure using a distributed file system and to implement an access procedure of a tree-based ORAM using the tree structure, including a retrieval phase and an eviction phase. In the retrieval phase, the servers utilize an authenticated Private Information Retrieval (PIR) protocol to retrieve data blocks as requested from the client ORAM device. In the eviction phase, the servers utilize a linear secret sharing scheme.

The described technology is generally directed towards secure collaborative processing of private inputs. A secure execution engine can process encrypted data contributed by multiple parties, without revealing the encrypted data to any of the parties. The encrypted data can be processed according to any program written in a high-level programming language, while the secure execution engine handles cryptographic processing.

A method and apparatus for private information retrieval from a database, wherein the retrieval includes providing a covering vector for a plurality of database entries of the database. The covering vector is defined such that an inner product of the covering vector is zero with more than one member of a covering vector family that includes the covering vector. The retrieval includes generating database queries based on the covering vector and transmitting the database queries to at least two servers. An identical copy of the database may be stored on each of the at least two servers. Shares are received in response to the query, and these shares are aggregated, and a reconstruction algorithm executes to reconstruct the query results.