Data is efficiently read from a sequence without a read position being revealed. A secure reading apparatus 1 receives a secret text sequence and a secret text of a read position as input, and outputs an element at the read position of the secret text sequence. A vector creating part (12) creates a vector expressing the read position. A compression computing part (13) repeatedly generates a new secret text sequence in which an inner product of a vector based on the secret text sequence and a vector expressing the read position is set as an element. The reading part (14) outputs the new secret text sequence having the number of elements of one as the element at the read position of the secret text sequence.

The disclosed concepts achieve privacy for data operated on by an algorithm in an efficient manner A method includes receiving a first algorithm subset, receiving a second algorithm subset, generating two shares of a first mathematical set based on the first algorithm subset and transmitting the two shares of the first mathematical set from a first entity to a second entity. The method can include generating two shares of a second mathematical set based on the second algorithm subset, transmitting the two shares of the second mathematical set from the second entity to the first entity, receiving first split data subset of a full data set and receiving a second split data subset of the full data set. The system, based on these subsets of data, generates a first output subset and a second output subset which are combined for the final output.

P.sub.i and P.sub.+ have stored a.sub.+{a.sub.0, a.sub.1, a.sub.2} and b.sub.+{b.sub.0, b.sub.1, b.sub.2} therein, and P.sub.i and P.sub. have stored a.sub.A.sub. and b.sub.B.sub. therein. Here, P.sub.+P.sub.(i+1)mod3, P.sub.=P.sub.(i1)mod3, and a and b are arbitrary values and satisfy a=a.sub.0+a.sub.1+a.sub.2 and b=b.sub.0+b.sub.1+b.sub.2, where A.sub. is a complement of a.sub.+ in {a.sub.0, a.sub.1, a.sub.2} and B.sub. is a complement of b.sub.+ in {b.sub.0, b.sub.1, b.sub.2}. P.sub.i and P.sub.+ share r.sub.+, P.sub.i and P.sub. share r.sub., and P.sub.i calculates c.sub.+=(a.sub.++a.sub.)(b.sub.++b.sub.)a.sub.b.sub.+r.sub.+r.sub.. P.sub.i sends c.sub.+ to P.sub.+.

Various embodiments are generally directed to the providing for mutual authentication and secure distributed processing of multi-party data. In particular, an experiment may be submitted to include the distributed processing of private data owned by multiple distrustful entities. Private data providers may authorize the experiment and securely transfer the private data for processing by trusted computing nodes in a pool of trusted computing nodes.

Described herein are a secure system for sharing private data and related systems and methods for incentivizing and validating private data sharing. In some embodiments, private data providers may register to selectively share private data under controlled sharing conditions. The private data may be cryptographically secured using encryption information corresponding to one or more secure execution environments. To demonstrate to the private data providers that the secure execution environment is secure and trustworthy, attestations demonstrating the security of the secure execution environment may be stored in a distributed ledger (e.g., a public blockchain). Private data users that want access to shared private data may publish applications for operating on the private data to a secure execution environment and publish, in a distributed ledger, an indication that the application is available to receive private data. The distributed ledger may also store sharing conditions under which the private data will be shared.

Provided are methods and systems for performing a secure machine learning analysis over an instance of data. An example method includes acquiring, by a client, an homomorphic encryption scheme, and at least one machine learning model data structure. The method further includes generating, using the encryption scheme, at least one homomorphically encrypted data structure, and sending the encrypted data structure to at least one server. The method includes executing a machine learning model, by the at least one server based on the encrypted data structure to obtain an encrypted result. The method further includes sending, by the server, the encrypted result to the client where the encrypted result is decrypted. The machine learning model includes neural networks and decision trees.

A method, apparatus and system for providing controlled access to data in a distributed computing environment include storing received data to be accessed via the distributed computing environment in at least one storage device, generating at least one integrity data structure identifying at least a storage location of at least a respective portion of the stored data, storing the generated at least one integrity data structure in a block of a blockchain, encrypting the at least one integrity data structure in the block of the blockchain, and selectively providing at least a portion of at least one decryption key for decrypting the encrypted at least one integrity data structure to enable access to the respective portion of the stored data for which the at least one integrity data structure is generated. Additionally, the stored data can be encrypted and a decryption key can be provided for decrypting the stored data.

A computation device accepts a first processing request output from a first external device, executes first processing, which does not involve outputting information to a second external device, of processing based on the first processing request until the first processing request is judged to satisfy a predetermined security level, and executes second processing, which involves outputting information to the second external device, of the processing based on the processing request after the first processing request is judged to satisfy the security level.

A method, apparatus and computer program product to detect whether specific sensitive data of a client is present in a cloud computing infrastructure is implemented without requiring that data be shared with the cloud provider, or that the cloud provider provide the client access to all data in the cloud. Instead of requiring the client to share its database of sensitive information, preferably the client executes a tool that uses a cryptographic protocol, namely, Private Set Intersection (PSI), to enable the client to detect whether their sensitive information is present on the cloud. Any such information identified by the tool is then used to label a document or utterance, send an alert, and/or redact or tokenize the sensitive data.

Described is a system for secure multiparty computation. The system uses a secret sharing protocol to share secrets among servers of a synchronous network. An Open-Semi-Robust protocol or an Open Robust protocol is used to allow the servers to open their shares of secret data. If a server is corrupt, the Open-Robust protocol is used, otherwise, the Open-Semi-Robust protocol is used. A Deal-Semi-Robust protocol or a Deal-Robust protocol is utilized by a server to distribute its shares of secret data among the other servers. If a server is corrupt, the Deal-Robust protocol is used, otherwise, the Deal-Semi-Robust protocol is used. A Recover-Semi-Robust protocol or a Recover-Robust protocol is used to allow servers that were previously corrupted to recover their shares of secret data, such that each uncorrupted server holds correct shares of secret data. If a server is corrupt, the Recover-Robust protocol is used, otherwise, the Recover-Semi-Robust protocol is used.