Provided are methods and systems for performing a secure machine learning analysis over an instance of data. An example method includes acquiring, by a client, a homomorphic encryption scheme, and at least one machine learning model data structure. The method further includes generating, using the encryption scheme, at least one homomorphically encrypted data structure, and sending the encrypted data structure to at least one server. The method includes executing a machine learning model, by the at least one server based on the encrypted data structure to obtain an encrypted result. The method further includes sending, by the server, the encrypted result to the client where the encrypted result is decrypted. The machine learning model includes neural networks and decision trees.

Described is a system for jointly generating a random value amongst a set of servers for secure data sharing. The set of servers initiates a randomness generation protocol where each server in the set of servers selects a randomly generated polynomial and broadcasts a cryptographic hash function of the randomly generated polynomial. Each server sends its value of the cryptographic hash function of the randomly generated polynomial to the set of servers. The randomness generation protocol is used in a multi-party computation protocol to ensure a set of data is securely shared electronically amongst the set of servers via a secure, authenticated broadcast channel.

Systems and methods for generating min-increment counting bloom filters to determine count and frequency of device identifiers and attributes in a networking environment are disclosed. The system can maintain a set of data records including device identifiers and attributes associated with device in a network. The system can generate a vector comprising coordinates corresponding to counter registers. The system can identify hash functions to update a counting bloom filter. The system can hash the data records to extract index values pointing to a set of counter registers. The system can increment the positions in the min-increment counting bloom filter corresponding to the minimum values of the counter registers. The system can obtain an aggregated public key comprising a public key. The system can encrypt the counter registers using the aggregated shared key to generate an encrypted vector. The system can transmit the encrypted vector to a networked worker computing device.

A method for providing self-stabilization of functionality security and privacy to a distributed computer system with self-stabilizing machines, according to which the system periodically and constantly recovers from cyber-attacks performed by an adversary who gained access to the system during a vulnerability window. Then a True Random Number Generator (TRNG) generates a random number from which generating a pair of public and private keys are generated. The public key of the pair is distributed among neighboring machines, to generate a common symmetric secret key. Each machine to exchanges messages with any other machine using messages that are encrypted and decrypted by their established common symmetric secret key, where all keys are generated using random numbers that were generated by the True Random Number Generator.

Embodiments of a multi-party secure computation method applicable to any one computing node deployed in a distributed network are provided. A plurality of computing nodes are deployed in the distributed network, the plurality of computing nodes jointly participate in a secure multi-party computation based on respectively held private data, and the computing node that performs the method is connected to a trusted random source. The method includes: obtaining a trusted random number from the trusted random source; performing an operation on the held private data based on the obtained trusted random number to obtain an operation result; and transmitting a computing parameter comprising at least the trusted random number to other computing nodes participating in secure multi-party computation, so that the other computing nodes perform the secure multi-party computation based on collected computing parameters transmitted by the computing nodes participating in the secure multi-party computation.

Fisher's exact test is efficiently computed through secure computation. A computation range determination part determines i.sub.0, i.sub.1, x.sub.0, x.sub.1. A preliminary computation part computes f(x.sub.0), . . . , f(x.sub.1), and generates an array M=(f(x.sub.0), . . . , f(x.sub.1)). A securing part secures the array M, and generates a secure text array <M>=(<f(x.sub.0)>, . . . , <f(x.sub.1)>). A batch-reading part generates a function value secure text (<f(a.sub.i)>, <f(b.sub.i)>, <f(c.sub.i)>, <f(d.sub.i)>) (i.sub.0≤i≤i.sub.1).

Embodiments of a secure multi-party computation method applicable to any computing node deployed in a distributed network are provided. A plurality of computing nodes is deployed in the distributed network. The plurality of computing nodes jointly participates in a secure multi-party computation based on private data respectively held by the computing nodes. The method includes: generating a computing parameter related to private data held by one computing node based on a secure multi-party computation algorithm; transmitting the computing parameter to other computing nodes participating in the secure multi-party computation for the other computing nodes to perform the secure multi-party computation based on collected computing parameters transmitted by the computing nodes participating in the secure multi-party computation; and creating an audit log corresponding to the computing parameter, the audit log recording description information related to the computing parameter.

Calculation time is reduced without degrading approximation accuracy in calculation of a complicated function through secure computation. A secret batch approximation system calculates a concealed text [z] of an approximate value z for a function value y satisfying yj=f(xj) by using a concealed text [x] of a value x as input. g is defined as a polynomial for approximating each section of m sections into which the function f is divided. A parameter acquisition unit acquires a concealed text [a] of a parameter a corresponding to the value x for each integer j that is not less than 1 and not more than n, where aj is defined as a parameter pi corresponding to a section Ri including a value xj. A polynomial calculation unit calculates a polynomial g([x], [a]) by using the concealed text [x] of the value x as input based on the concealed text [a].

A secure joining system is a secure joining system comprising a plurality of secure computation apparatuses; and the plurality of secure computation apparatuses are provided with vector joining parts 11.sub.n, first permutation calculating parts 12.sub.n, first permutation applying parts 13.sub.n, first vector generating parts 14.sub.n, second vector generating parts 15.sub.n, bit-flipping parts 16.sub.n, second permutation calculating parts 17.sub.n, second permutation applying parts 18.sub.n, third vector generating parts 19.sub.n, inverse permutation applying parts 110.sub.n, vector separating parts 111.sub.n, third permutation applying parts 112.sub.n, attribute value permutating parts 113.sub.n and fourth vector generating parts 114.sub.n.

The present disclosure relates to the use of cryptographic techniques to facilitate local decision making at a gateway device (120) interfacing between an operator device (110) and edge devices (130), for example as can be found in Internet of Things infrastructures. Local decision making is facilitated in the context of end to end encryption of data between the edge device and operator device by enabling a function of the data to be computed at the gateway (120) without decrypting the data, for example using Functional Encryption (FE). The gateway determines an action based on the computed function, for example whether to transmit the data to the operator device (110). Examples of edge devices are video surveillance cameras or utility consumption meters but the disclosure is applicable to any edge device that produces data to be transmitted with end to end encryption. The disclosure is also not limited to IoT infrastructures.