Techniques for integrating a trusted execution platform with a multi-party computation framework are disclosed. For example, a method comprises receiving a plurality of keys from a plurality of parties, wherein respective ones of the plurality of keys correspond to respective ones of the plurality of parties. The respective ones of the plurality of keys are used in connection with establishing one or more secure channels for communicating with the respective ones of the plurality of parties. The method further comprises receiving respective data inputs from the respective ones of the plurality of parties over the one or more secure channels, and sending the respective data inputs to a computation function to compute at least one output based on the respective data inputs. The at least one output is sent over the one or more secure channels to at least one party of the plurality of parties.

The present invention relates to methods for secure computation and/or communication. Entangled photons (118) are generated such that each participating party receives a series of optical pulses. Each party has private information (110, 112) which are never transmitted through public or private communication channels. Instead, each party converts their respective private information (110, 112) into measurement bases via an encryption process (114, 116) which are then applied to the entangled photons (118). After the measurement process, e.g., quantum frequency conversion (122, 124), reference indices are announced (124, 126) so that computation can be performed (128) without revealing the private information directly or indirectly.

An aggregate order is efficiently obtained while keeping confidentiality. An inverse permutating part (12) generates a share of a vector representing an inversely permutated cross tabulation by applying inverse permutation to a cross tabulation of a table, the inverse permutation being a permutation which moves elements so that, when the table is grouped based on a key attribute, last elements of each group are sequentially arranged from beginning. A partial summing part (13) computes a prefix sum from the inversely permutated cross tabulation. The order computing part (14) generates a share of a vector representing ascending order within a group from a result of the prefix sum.

A method of performing ordered statistics between at least two parties is disclosed which includes identifying a first dataset (x.sub.A) by a first node (A), identifying a second dataset (x.sub.B) by a second node (B), wherein x.sub.B is unknown to A and x.sub.A is unknown to B, and wherein A is in communication with B, and wherein A and B are in communication with a server (S), A and B each additively splitting each member of their respective datasets into corresponding shares, sharing the corresponding shares with one another, arranging the corresponding shares according to a mutually agreed predetermined order into corresponding ordered shares, shuffling the ordered shares into shuffled shares, re-splitting the shuffled shares into re-split shuffled shares, and performing an ordered statistical operation on the re-split shuffled shares, wherein the steps of shuffle and re-split is based on additions, subtractions but not multiplication and division.

Provided are a group service implementation method and device, an equipment and a storage medium. The specific solution is described below. A service transaction request is acquired. In response to the service transaction request including to-be-authenticated data and a threshold signature, a signature group corresponding to the threshold signature is determined. Group information of the signature group is acquired by querying a blockchain, where the signature group includes at least two members, the at least two members of the signature group are used for authenticating the to-be-authenticated data by adopting secure multi-party computation and generating the threshold signature for the to-be-authenticated data by adopting a signature private key, and the group information includes at least a verification public key of the threshold signature. The threshold signature is verified by adopting the verification public key in the group information.

Techniques for efficient, accurate, and secure computation of a differentially private median of the union of two large confidential datasets are disclosed. In some example embodiments, a computer-implemented method comprises obtaining secret shares of a first dataset of a first entity, secret shares of a second dataset of a second entity, secret shares of gap values for the first dataset, secret shares of gap values for the second dataset, secret shares of probability mass values for the first dataset, and secret shares of probability mass values for the second dataset. The probability mass values may be computed via an exponential mechanism. In some example embodiments, the computer-implemented method further comprises determining a median of a union of the first dataset and the second dataset using an inverse transform sampling algorithm based on the obtained secret shares, and then performing a function of a networked computer system using the determined median.

Disclosed embodiments relate to performing secure and flexible searches of encrypted data. Operations may include maintaining a database of a plurality of sets of encrypted data; receiving a transformed search query for the database, the transformed search query having undergone a transformation process at a client including: identifying a plaintext string in a search query at the client, applying the plaintext string to a language dictionary accessible to the client, receiving, based on the language dictionary, one or more plaintext search strings, and encrypting, at the client, the one or more plaintext search strings; and returning a result based on the transformed search query, the result being based on the encrypted one or more plaintext search strings.

Provided is a secure computation device for computing a comparison operation to two integers without the use of AND/XOR. The secure computation device compares a first integer a and a second integer b when the first integer a and the second integer b, which are 0 or greater and less than 2{circumflex over ( )}k (k being an integer of 1 or greater), are subjected to ring sharing. The secure computation device includes: an addition/subtraction circuitry; a bit decomposition circuitry; and a bit extraction circuitry. The addition/subtraction circuitry uses the first integer a, the second integer b, and 2{circumflex over ( )}k to carry out a predetermined addition or subtraction with ring sharing, and output an added/subtracted result. The bit decomposition circuitry converts the added/subtracted result to bit sharing, and outputs a bit shared result. The bit extraction circuitry extracts a (k+1)-th bit of the bit shared result, and outputs an extracted result.

A method for multiparty computation wherein a plurality of parties each compute a preset function without revealing inputs thereof to others, comprises: each of the parties performing a validation step to validate that computation of the function is carried out correctly, wherein the validation step includes: a first step that prepares a plurality of verified multiplication triples and feeds a multiplication triple to a second step when required; and the second step that consumes a randomly selected multiplication triple generated by the first step, wherein the first step performs shuffling of the generated multiplication triples, in at least one of shuffle in a sequence and shuffle of sequences.

This application provides an authentication credential protection method and system. The protection method includes the following steps: generating authentication secret information based on a lock screen password and hardware secret information of a first device; randomly generating, by the first device, a symmetric key, and using the symmetric key as an encryption key for the authentication secret information; splitting the encryption key into at least two first key segments by using a multi-party data splitting algorithm, where one of the at least two first key segments is stored on the first device; and sending, by the first device, another first key segment to a trusted device. In the foregoing technical solution, the authentication secret information is generated by using the lock screen password and the hardware secret information, increasing information complexity. In addition, different trusted devices are used to store the split key segments, improving security of the encryption key.