Techniques for efficient, accurate, and secure computation of a differentially private median of the union of two large confidential datasets are disclosed. In some example embodiments, a computer-implemented method comprises obtaining secret shares of a first dataset of a first entity, secret shares of a second dataset of a second entity, secret shares of gap values for the first dataset, secret shares of gap values for the second dataset, secret shares of probability mass values for the first dataset, and secret shares of probability mass values for the second dataset. The probability mass values may be computed via an exponential mechanism. In some example embodiments, the computer-implemented method further comprises determining a median of a union of the first dataset and the second dataset using an inverse transform sampling algorithm based on the obtained secret shares, and then performing a function of a networked computer system using the determined median.

A secret share value of object data on which secure computation is to be performed is stored in a secure computation device, and a query which requests secure computation or secret share value of the query is input to the secure computation device. The secure computation device performs consistency verification of the secret share value of the object data and consistency verification of the query or the secret share value of the query, obtains a secret share value of a calculation result by performing secure computation in accordance with the query or the secret share value of the query which passed the consistency verification by using the secret share value of the object data which passed the consistency verification, and outputs the secret share value of the calculation result.

This disclosure is related to devices, systems, and techniques for automatically generating software packages to provide Secure Computation as a Service (SCaaS). For example, a computing device includes processing circuitry configured to receive a set of information comprising an indication of a first party and an indication of a second party. Additionally, the processing circuitry is configured to generate, based on the set of information, a first software package corresponding to the first party, the first software package configured to implement a secure computation, and generate, based on the set of information, a second software package corresponding to the second party, the second software package configured to implement the secure computation. Additionally, the processing circuitry is configured to export the first software package and export the second software package, enabling the first party device and the second party device to perform the secure computation.

According to an aspect, there is provided a computer-implemented method of operating a first node. The first node has an algorithm for evaluating input data from another node, with the input data having a plurality of different attributes. The method comprises receiving, from a second node, a proposal for the evaluation of a first set of input data by the algorithm; estimating the performance of the algorithm in evaluating the first set of input data based on the proposal; and outputting, to the second node, an indication of the estimated performance of the algorithm. A corresponding first node is also provided.

A computer node comprising multiple software modules may receive a cryptographic key from a hardware security module. The computer node may use the cryptographic key to produce two key portions, which are distributed to two software modules. These software modules and an optional additional software module may use the key portions in order to encrypt an initial message. The key portions and their locations in memory are periodically updated in order to provide improved cryptographic security.

A secret computation system is a secret computation system for performing computation while keeping data concealed, and comprises a cyphertext generation device that generates cyphertext by encrypting the data, a secret computation device that generates encrypted basic statistics by performing secret computation of predetermined basic statistics using the cyphertext while keeping the cyphertext concealed, and a computation device that generates decrypted basic statistics by decrypting the encrypted basic statistics and performs predetermined computation using the decrypted basic statistics.

A system may include a plurality of matching block cipher devices, and a hardware state machine communicatively coupled to each of the plurality of matching block cipher devices. Each of the plurality of matching block cipher devices can be independently invoked by the hardware state machine such that the hardware state machine causes two or more of the plurality of matching block cipher devices to selectively perform a block-cipher-based symmetric cryptographic operation in a redundant mode or a parallel mode. The block-cipher-based symmetric cryptographic operation may be associated with securing a communication channel of an automotive system.

Data storage nodes that participate in a requested data statistical analysis as participant data storage nodes are determined and divided into a plurality of node sets. Data stored in each participant data storage node associated with a particular node set is encrypted, where the encrypted data is divided into a number of fragments at least equal to a number of participant data storage nodes associated with the particular node set. Each participant data storage node sends a portion of the encrypted data to each of the other participant data storage nodes within the particular node set. Each participant data storage node processes received encrypted data and data remaining on the particular participant data storage node to obtain a processing result. Each participant data storage node sends the processing result to a proxy node, wherein the proxy node performs data statistical analysis based on the processing result.

Certain aspects of the present disclosure provide techniques for performing computations on encrypted data. One example method generally includes obtaining, at a computing device, encrypted data, wherein the encrypted data is encrypted using fully homomorphic encryption and performing at least one computation on the encrypted data while the encrypted data remains encrypted. The method further includes identifying a clear data operation to perform on the encrypted data and transmitting, from the computing device to a server, a request to perform the clear data operation on the encrypted data, wherein the request includes the encrypted data. The method further includes receiving, at the computing device in response to the request, encrypted output from the server, wherein the encrypted output is of the same size and the same format for all encrypted data transmitted to the server.

Methods, systems, and apparatus, including computer programs encoded on computer storage media, for training a multi-party secure logistic regression model (SLRM). One of the methods includes receiving, at a plurality of secure computation nodes (SCNs), a plurality of random numbers from a random number provider; encrypting, at each SCN, data stored at the SCN using the received random numbers; iteratively updating a secure logistic regression model (SLRM) by using the encrypted data from each SCN; and after iteratively updating the SLRM, outputting a result of the SLRM, wherein the result is configured to enable a service to be performed by each SCN.