A method for performing privacy-preserving or secure multi-party computations enables multiple parties to collaborate to produce a shared result while preserving the privacy of input data contributed by individual parties. The method can produce a result with a specified high degree of precision or accuracy in relation to an exactly accurate plaintext (non-privacy-preserving) computation of the result, without unduly burdensome amounts of inter-party communication. The multi-party computations can include a Fourier series approximation of a continuous function or an approximation of a continuous function using trigonometric polynomials, for example, in training a machine learning classifier using secret shared input data. The multi-party computations can include a secret share reduction that transforms an instance of computed secret shared data stored in floating-point representation into an equivalent, equivalently precise, and equivalently secure instance of computed secret shared data having a reduced memory storage requirement.

Embodiments of the disclosure disclose a system to prevent data of a client from leaking to untrusted parties in a multiparty computation environment. According to one embodiment, in response to a request received at a gateway (e.g., a non-bypassable gateway) of a server from a user device of a user over a network to process user data by an execution service, the system sanitizes the user data by scanning the user data for malicious code. The system selects a trusted execution environment (TEE) worker from a number of TEE workers and initiates an execution of the execution service by the selected TEE worker. The system receives execution results from the selected TEE worker. The system transmits the execution results to the user device of the user over the network.

The present disclosure relates to exchanging data for multi-party computation. In some aspects, a server generates a first random number set, a second random number set, a third random number set, and a fourth random number set based on a first random seed, a second random seed, a third random seed, and a fourth random seed, respectively. The sever generates a fifth random number set and a sixth random number set, respectively, based on the first random number set, the second random number set, the third random number set, and the fourth random number set. The random numbers in the random number sets satisfy a predetermined condition. The server sends the first random seed, the second random seed, and the fifth random number set to a first device. The server sends the third random seed, the fourth random seed, and the sixth random number set to a second device.

Methods, systems, and devices for communications are described. A device or a group of devices may generate data. The group of devices may receive a group profile from a node that identifies the devices to be included, and the group profile may include a function to be evaluated at each of the devices. The node may also provision evaluation parameters which may allow the device to provide authenticated aggregate data to a requesting third party, without sharing the data between the devices, thus concurrently maintaining individual data privacy and data provenance.

Methods, systems, and devices for communications are described. A device or a group of devices may generate data. The group of devices may receive a group profile from a node that identifies the devices to be included, and the group profile may include a function to be evaluated at each of the devices. The node may also provision evaluation parameters which may allow the device to provide authenticated aggregate data to a requesting third party, without sharing the data between the devices and without sharing the data with the node, thus concurrently maintaining individual data privacy and data provenance.

Privacy protection methods, systems, and apparatus, including computer programs encoded on computer storage media, are provided. One of the methods is performed by a second computing device and includes: receiving a data request for object data from a first computing device, wherein the object data is associated with an object and is stored in the second computing device; performing encryption of the object data using a public key associated with the object based on the data request to generate a first ciphertext; obtaining verification data based on the first ciphertext for verifying whether a ciphertext to be verified corresponds to the object data; and sending the verification data to the first computing device for the first computing device to execute a cryptography protocol with a third computing device based on the verification data.

A method for signing a message, comprising performing a first Multi-Party Computation (MPC) process by multiple parties to compute a pseudorandom function, an input of the first MPC process comprises shares of a private signing key, each share is held by each party, the message is an input value to the pseudorandom function. The output of the first MPC process comprises multiple pairs of shares, each party holding a pair of shares, wherein each pair comprises a first value used for the MPC signing process and a second verifying value used for verifying correctness of the values provided by the multiple parties for the MPC signing process, and computing the signature on the message by performing an MPC signing protocol on the message, the MPC signing protocol receives as input shares of the output of the pseudorandom function from the multiple parties, and the message to be signed.

An encryption system and method that addresses private computation in public clouds and provides the ability to perform operations of encrypted data are provided.

In a system having a plurality of servers, a method is executed to perform an encryption scheme. The method includes a server of the plurality of servers receiving a request token to compute a function on a data point, the data point being encrypted as a ciphertext and the request token being based on the ciphertext and the function. The server grants the request to compute the function on the datapoint by sending a function evaluation key, and participates in a distributed decryption protocol for determining a result of computing the function on the data point by sending a master secret key.

A method is performed by a plurality of networked party computing systems configured to perform secure multi-party computations, each computer system having at least one processor and a memory. The method can include creating a secret shared matrix based on secret data of each of the plurality of party computing systems, wherein the secret shared matrix includes a plurality of time-shifted sequences of data from each of an independent time series of data and a dependent time series of data; computing, based on the secret shared matrix and in a secure multi-party computation, a secret shared model for predicting the dependent time series of data based on the independent time series of data; and using the secret shared model to determine a statistic for one of the plurality of time-shifted sequences of data from the independent time series as a predictor of the dependent time series of data.