A method used in a first environment includes obtaining first data to be processed in a second environment, homomorphically encrypting the first data to produce first encrypted data, and providing the first encrypted data to the second environment. The method also includes receiving supplemental data from the second environment, homomorphically encrypting the supplemental data to produce encrypted supplemental data, and providing the encrypted supplemental data to the second environment. The method further includes receiving second encrypted data from the second environment and homomorphically decrypting the second encrypted data to recover data processing results generated in the second environment using the first encrypted data and the encrypted supplemental data.

The invention relates to data protection means and can be used for cooperative computing by two or more parties without revealing to each other the private data used. The technical result is to ensure the privacy of large amounts of data belonging to different parties, and to reduce the amount of memory secured from unauthorized reading during computations. Such an effect is achieved due to forming the first and the second private datasets, where the first and the second private datasets use user identifiers, wherein the first private dataset contains user ratings matched to the user identifiers, and the second private dataset, for each of the user identifiers, contains an array of user identifiers from the social environment of the respective users; by the user identifiers from the social environment of the selected user, computing the social rating of the selected user as a function of the number of users from the social environment and the rating values of the users from the social environment. Wherein the data on social ratings of users are transmitted in encrypted form.

An encryption processing system includes: a first device; second devices; and a third device, wherein the first device generates synthesis keys by selecting public keys of the second devices; generates an intermediate text from confidential texts generated by encrypting secret information by using public keys of the second devices having decryption authority; generates ciphertexts by further encrypting the intermediate text using the synthesis keys; and makes public the ciphertexts, each of the second devices verifies validity of the ciphertexts; generates decryption key fragments by using an own private key; and makes public the decryption key fragments, the third device verifies validity of the decryption key fragments; generates a decryption key by combining decryption key fragments; generates the Intermediate text by decrypting one of the ciphertexts; and makes public the intermediate text, and the second device decrypts the intermediate text using the own private key; and restores the secret information.

An apparatus includes a processor programmed to define an input matrix and kernel matrix based upon the encrypted data, identify an algebraic structure of an encryption method applied to the encrypted data, determine a primitive root of unity in the algebraic structure in response to an input matrix size and a kernel matrix size, transform the input matrix and kernel matrix utilizing the primitive root of unity into a transformed input matrix and a transformed kernel matrix, compute an element-wise multiplication of the transformed input matrix and transformed kernel matrix, apply a reverse discrete Fourier transformation, and output a convolution of the input matrix and the kernel matrix based upon the encrypted data.

Multiple systems may determine neural-network output data and neural-network parameter data and may transmit the data therebetween to train and run the neural-network model to predict an event given input data. A data-provider system may perform a dot-product operation using encrypted data, and a secure-processing component may decrypt and process that data using an activation function to predict an event. Multiple secure-processing components may be used to perform a multiplication operation using homomorphic encrypted data.

An oblivious distributed file system is provided using an oblivious random access machine (ORAM), including an ORAM balanced tree structure, where each node in the tree is configured to store data blocks, the structure including at least two shares. The system also includes at least two ORAM servers, each of the servers configured to communicate with a client ORAM device, and programmed to facilitate storage of a different subset of the shares of the tree structure using a distributed file system and to implement an access procedure of a tree-based ORAM using the tree structure, including a retrieval phase and an eviction phase. In the retrieval phase, the servers utilize an authenticated Private Information Retrieval (PIR) protocol to retrieve data blocks as requested from the client ORAM device. In the eviction phase, the servers utilize a linear secret sharing scheme.

A method and protocol for triple-blind identity mapping that sufficiently address the need to reduce accidental or nefarious attempts to re-identify the underlying identities pseudonymized by current hashing methods are disclosed. The system abates the privacy exposure risk derived from the simple exchange of hashed information, because the referenced actors do not come into possession of the input values required to produce a repeatable function.

Described are a system, method, and computer program product for secure real-time n-party computation. The method includes receiving a first computation input and a first portion of a one-time key from a first computer device, and receiving a second computation input and a second portion of the one-time key from a second computer device. The method also includes generating the one-time key based on the first and second portion of the one-time key, and executing a computation based on the first and second computation input. The method further includes generating an encrypted output by encrypting the computation with the one-time key, and communicating the encrypted output to the first computer device. The method further includes receiving a proof of publication from the first computer device and, in response to receiving the proof of publication, communicating the one-time key to the first computer device.

A method for providing encrypted data on a client, a cloud or the like includes, providing, for each user, a user-specific encryption key for encrypting user-specific plaintext. A common decryption key is computed with a pre-determined f netion using the user-specific encryption keys as input for the function, The function is a polysized function supporting poly-many additions and a single multiplication. Each user-specific plaintext is encrypted with the corresponding user-specific encryption key resulting in user-specific ciphertexts, The encrypting is performed such that encryption is homomorphic in the user-specific plaintext as well in the user-specific encryption keys. A. common ciphertext is computed with the function using the user-specific ciphertexts as input for the function. The common ciphertext and the common decryption key are provided for decryption.

According to an example aspect of the present invention, there is provided a method, comprising: receiving user information provided by a user equipment, associating spatiotemporal information with the user information on the basis of location of at least one wireless access network device in communication with the user equipment, generating a proof of location indication transaction associated with the user information on the basis of the spatiotemporal information, and providing the proof of location indication transaction to a distributed ledger.