This document relates to using secure MPC to select digital components in ways that preserve user privacy and protects the security of data of each party that is involved in the selection process. In one aspect, a method includes performing, by a first server of a secure MPC system in collaboration with one or more second servers of the secure MPC system, a selection process to select a digital component based in part on a selection value for each digital component in the selection process. This includes determining a first secret share of a winner parameter for each digital component in the selection process. The first server determines, for each given digital component in the selection process and in collaboration with the second server(s), a highest other selection value that corresponds to a different digital component that is different from the given digital component.

Broadly speaking, embodiments of the present techniques provide systems and methods for authenticating users using distributed identity documents, and in particular to systems and methods for multi-party authentication of users using distributed identity documents for enhanced security.

The subject matter discloses a system for enforcing correctness of a derivation key, comprising multiple computerized nodes, comprising a storage module configured to store a share of a key used as an input of a function generating the derivation key, a communication module configured to exchange information between the multiple computerized nodes, and a processing module configured to receiving a request to create the derivation key, performing an MPC process between the multiple computerized nodes, said MPC process is performed multiple times, in each time the MPC process comprises receiving the key shares as input, randomly selecting a function, outputting the outputs of the selected function to the multiple computerized nodes, the multiple computerized nodes lack access to the selected function, the multiple computerized nodes perform computations on the received outputs and exchange outputs of the computations to estimate correction of the key shares inputted into the MPC process.

A method for signing a message, comprising performing a first Multi-Party Computation (MPC) process by multiple parties to compute a pseudorandom function, an input of the first MPC process comprises shares of a private signing key, each share is held by each party, the message is an input value to the pseudorandom function. The output of the first MPC process comprises multiple pairs of shares, each party holding a pair of shares, wherein each pair comprises a first value used for the MPC signing process and a second verifying value used for verifying correctness of the values provided by the multiple parties for the MPC signing process, and computing the signature on the message by performing an MPC signing protocol on the message, the MPC signing protocol receives as input shares of the output of the pseudorandom function from the multiple parties, and the message to be signed.

To perform high-speed and efficient processing of determining a correlation between vectors. An information processing system includes: a first information processing device having k number of vectors including secure data as an element; and a second information processing device having m number of vectors including secure data as an element. The first information processing device receives vector information regarding a vector Y selected from the m number of vectors, as encrypted data, from the second information processing device. A data processing unit of the first information processing device sequentially calculates element-based sample identifiers each having a specific common value for each of a plurality of different vectors Y selected from the m number of vectors to one vector X selected from the k number of vectors retained by the first information processing device, and sequentially determines the correlation between the one vector X and each of the plurality of different vectors.

A method for performing secure computations on records, comprising: receiving a request to apply an arithmetic computation on a record; assigning a respective partial record to each of a plurality of computational processes; instructing each of the computational processes sharing a computation scheme to perform the following: submitting the arithmetic computation to the computation scheme to assemble a processed partial record from the respective partial record components; instructing each of the plurality of computational processes to verify an integrity of at least one of the plurality of processed partial records by: broadcasting combined encryptions of one of the plurality of processed partial record components to all other of the plurality of computational processes and analyzing received combined encryptions to detect integrity in the other of the processed partial record components; and when the detected integrity is valid, calculating a response to the request by combining the received processed partial records.

Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for secure multi-party computation. One of the methods includes identifying a trusted input data item that is homomorphically encrypted; generating a message authentication code (MAC) key share; generating a MAC share associated with the trusted input data item, wherein the MAC share is a random number; generating a ciphertext based on the trusted input data item, the MAC key share, and the MAC share; sending the ciphertext to the second computing device, wherein the second computing device uses the ciphertext as a component of a MAC share associated with the secret input data item; and after the multi-party computation is completed by the plurality of computing devices, verifying a result of the multi-party computation based at least in part on the MAC share associated with the secret input data item.

The present invention discloses a method and system for securing digital transactions provided by a person operating a third-party computerized device designed to communicate with a multiparty signing system. The multiparty signing system may comprise a signing subsystem comprising a multiparty signing server designed to receive a request for digital signing and a first subset of end-user nodes designed to sign the digital transaction. The multiparty signing system may also comprise an approving subsystem designed for approving the digital transactions. The approving subsystem may comprise a coordinator and a second subset of end-user nodes for approving the digital transactions.

To detect tampering in secure computation while maintaining confidentiality with a little communication traffic. A random number generation part (11) generates [{right arrow over ()}r.sub.i], [{right arrow over ()}s.sub.i]. A random number multiplication part (12) computes [{right arrow over ()}t.sub.i]:=[{right arrow over ()}r.sub.i{right arrow over ()}s.sub.i]. A secret multiplication part (13) computes [{right arrow over ()}z]:=[{right arrow over ()}x{right arrow over ()}y]. A random number verification part (14) discloses a p.sub.i,jth element of each of [{right arrow over ()}r.sub.i], [{right arrow over ()}s.sub.i], [{right arrow over ()}t.sub.i] and confirms whether the element has integrity as multiplication. A random number substitution part (15) randomly substitutes elements in each of [{right arrow over ()}r.sub.i], [{right arrow over ()}s.sub.i], [{right arrow over ()}t.sub.i] except for the p.sub.i,j-th element to generate [{right arrow over ()}r.sub.i], [{right arrow over ()}s.sub.i], [{right arrow over ()}t.sub.i]. A subtraction value disclosure part (16) computes [{right arrow over ()}x{right arrow over ()}r.sub.i], [{right arrow over ()}x{right arrow over ()}s.sub.i]. A verification value computing part (17) computes [{right arrow over ()}c.sub.i]:=[{right arrow over ()}z]({right arrow over ()}x{right arrow over ()}r.sub.i)[{right arrow over ()}y]({right arrow over ()}y{right arrow over ()}s.sub.i)[{right arrow over ()}r.sub.i][{right arrow over ()}t.sub.i]. A verification value confirmation part (18) confirms that verification values c.sub.i are all zero.

Data storage nodes that participate in a requested data statistical analysis as participant data storage nodes are determined and divided into a plurality of node sets. Data stored in each participant data storage node associated with a particular node set is encrypted, where the encrypted data is divided into a number of fragments at least equal to a number of participant data storage nodes associated with the particular node set. Each participant data storage node sends a portion of the encrypted data to each of the other participant data storage nodes within the particular node set. Each participant data storage node processes received encrypted data and data remaining on the particular participant data storage node to obtain a processing result. Each participant data storage node sends the processing result to a proxy node, wherein the proxy node performs data statistical analysis based on the processing result.