An encryption processing system includes: an encryption data generation device, an encryption processing device, and a processing result utilization device. A first processor of the encryption data generation device is configured to perform preprocessing by generating encrypted data of homomorphic encryption corresponding to data obtained by multiplying plaintext data as a target by a power of a predetermined number of two or more. A second processor of the encryption processing device is configured to perform acquiring the encrypted data, and executing a processing on the encrypted data in an encrypted state to obtain a processing result in the encrypted state. A third processor of the processing result utilization device is configured to perform acquiring the processing result, and postprocessing by decrypting data of the processing result in the encrypted state and by dividing the decrypted data by the power of the predetermined number of two or more.

A server device, a secret equality determination system, a secret equality determination method and a secret equality determination program recording medium are provided which, regardless of the server sharing scheme, can run with no difference in the number of communication rounds, whether carried out with a ring of order 2 or with a ring of an order greater than 2. This server device is provided with a secret shared data generation unit, a data storage unit, a mask unit, a random number share bit-conjunction unit, a random number share generation unit, a determination bit-conjunction unit and a secret shared data restoration unit. The secret shared data generation unit generates secret shared data. The data storage unit stores the secret shared data. The mask unit uses random number secret shared data to mask certain shared data. The random number share generation unit generates random number shares in which random numbers are secretly shared. In parallel with other calculations, the random number share bit-conjunction unit calculates the logical product of the values in which the random numbers are secretly shared. The determination bit-conjunction unit performs a secret equality determination using the value outputted by the random number share bit-conjunction unit.

In a secure multi-party computation (sMPC) system, a super mask is constructed using a set of masks corresponding to a set of data contributors. Each data contributor uses a corresponding different mask to obfuscate the data of the data contributor. a first scaled masked data is formed by applying a first scale factor to first masked data of the first data contributor, the scale factor being computed specifically for the first data contributor from the super mask. A union is constructed of all scaled masked data from all data contributors, including the first scaled masked data. A machine learning (ML) model is trained using the union as training data, where the union continues to keep obfuscated the differently masked data from the different data contributors. The training produces a trained ML model usable in the sMPC with the set of data contributors.

Some embodiments are directed to a computation device configured to verify that an edit script is for transforming a first string to a second string. The edit script has match operations and difference operations as allowed edit operations. The computation device obtains a representation of the edit script and subsequently performs a validation computation. For each match operation, the computation device determines a character at a current position in the first string and a character at a current position in the second string, verifies that they match, increments the current position in the first string by one and increments the current position in the second string by one. For each difference operation, the computation device increments the current position in the first string and/or the current position in the second string by one.

A share [x].sub.i of plaintext x in accordance with Shamir's secret sharing scheme is expressed by N shares [x.sub.0].sub.i, . . . , [x.sub.N1].sub.i, and each share generating device A.sub.i obtains a function value r.sub.i=P.sub.m(i())(s.sub.i) of a seed s.sub.i, obtains a first calculated value .sub.i=(i, i())[x.sub.i()].sub.i+r.sub.i using a Lagrange coefficient (i, i()), a share [x.sub.i()].sub.i, and the function value r.sub.i, and outputs the first calculated value .sub.i to a share generating device A.sub.i(). Each share generating device A.sub.i accepts a second calculated value .sub.i(+), obtains a third calculated value z.sub.i=(i, i(+))[x.sub.i].sub.i+.sub.i(+) using a Lagrange coefficient (i, i(+)), a share [x.sub.i].sub.i, and the second calculated value .sub.i(+), and obtains information containing the seed s.sub.i and the third calculated value z.sub.i as a share SS.sub.i of the plaintext x in secret sharing and outputs the share SS.sub.i.

The invention relates to data protection means and can be used for cooperative computing by two or more parties without revealing to each other the private data used. The technical result is to ensure the privacy of large amounts of data belonging to different parties, and to reduce the amount of memory secured from unauthorized reading during computations. Such an effect is achieved due to forming the first and the second private datasets, where the first and the second private datasets use user identifiers, wherein the first private dataset contains user ratings matched to the user identifiers, and the second private dataset, for each of the user identifiers, contains an array of user identifiers from the social environment of the respective users; by the user identifiers from the social environment of the selected user, computing the social rating of the selected user as a function of the number of users from the social environment and the rating values of the users from the social environment. Wherein the data on social ratings of users are transmitted in encrypted form.

A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.

ML model(s) are created and trained using training data from user(s) to create corresponding trained ML model(s). The training data is in FHE domains, each FHE domain corresponding to an individual one of the user(s). The trained machine learning model(s) are run to perform inferencing using other data from at least one of the user(s). The running of the ML model(s) determines results. The other data is in a corresponding FHE domain of the at least one user. Using at least the results, it is determined which of the following issues is true: the results comprise objectionable material, or at least one of the trained ML model(s) performs prohibited release of information. One or more actions are taken to take to address the issue determined to be true. Methods, apparatus, and computer program product are disclosed.

An encryption system and method that addresses private computation in public clouds and provides the ability to perform operations of encrypted data (including equality determinations and compare for less than operations) are provided.

Disclosed herein are computer-implemented method, system, and computer-program product (computer-readable storage medium) embodiments for benchmarking with statistics in a way that reduces leakage, preserving privacy of participants and secrecy of participant data. An embodiment includes receiving a plurality of encrypted values and computing a composite statistic corresponding to at least a subset of the plurality of encrypted values. An embodiment may further include outputting the at least one composite statistic. The composite statistic may be calculated to be distinct from any encrypted value of the plurality of encrypted values, thereby preserving privacy. Further embodiments may also include generating a comparison between the composite statistic and a given encrypted value of the plurality of encrypted values, as well as outputting a result of the comparison. In some embodiments, encrypted values may be encrypted using at least one encryption key, for example, according to a homomorphic or semi-homomorphic encryption scheme.