Described is a system for cloud-based privacy-preserving navigation operations between multiple parties. The system performs a two-party computation (2PC) between input data related to a current location of a first party and public data stored on a cloud computing infrastructure. Each party individually performs a 2PC on the public data while maintaining privacy of their input data. The system then performs multi-party computations (MPC) between multiple parties and the cloud computing infrastructure. The multiple parties privately update the public data with a result obtained from the 2PC. For the first party, a privacy-preserved navigation result is generated using results obtained from the 2PC and the MPC. The first party is caused to perform a navigation operation based on the privacy-preserved navigation result.

Privacy protection methods, systems, and apparatus, including computer programs encoded on computer storage media, are provided. One of the methods is performed by a second computing device and includes: receiving a data request for object data from a first computing device, wherein the object data is associated with an object and is stored in the second computing device; performing encryption of the object data using a public key associated with the object based on the data request to generate a first ciphertext; obtaining verification data based on the first ciphertext for verifying whether a ciphertext to be verified corresponds to the object data; and sending the verification data to the first computing device for the first computing device to execute a cryptography protocol with a third computing device based on the verification data.

Embodiments are directed towards classifying data. A machine learning (ML) engine may select an ML model that may employ a cryptographic multi-party computation (MPC) protocol based on model preferences, including a parameter model, provided by a client. A randomness engine may be employed to provide random values and other random values based on the MPC protocol such that the random values may be provided to the client and the other random values may be provided to an answer engine. Input values that correspond to fields in the parameter model may be provided by the client such that the input values may be based on the MPC protocol and the random values. The answer engine may be employed to provide partial results to the question based on the ML model, the input values, and the MPC protocol that may be provided to the client.

According to a data analysis method by which time required for data analysis is shortened and practicality is improved, a client terminal requests institution terminals to perform analysis of a matching attribute; each of the institution terminals encrypts an element belonging to the matching attribute within a database and sends the converted data to an outsource terminal; the outsource terminal integrates the plurality of converted data sent from the institution terminals and sends the integrated converted data to the institution terminals; and each of the institution terminals compares each matching attribute of a plurality of the elements within the database of the institution terminal against the integrated converted data, thereby identifying, as a common element, an element associated with the matching attribute and held in common by the institution terminals.

Privacy protection methods, systems, and apparatus, including computer programs encoded on computer storage media, are provided. One of the methods is performed by a first computing device and includes: obtaining a plurality of object IDs, wherein the plurality of object IDs include a target object ID; sending the plurality of object IDs to a second computing device storing a plurality of pieces of data respectively associated with the plurality of object IDs for the second computing device to generate a plurality of ciphertexts respectively based on the plurality of pieces of data; and executing a cryptography protocol with the second computing device to obtain a ciphertext corresponding to the target object ID from the plurality of ciphertexts generated by the second computing device, wherein the target object ID is unknown to the second computing device.

Embodiments of this specification disclose secure multi-party computation for privacy protection. In an implementation, a method includes obtaining a fragment of first gradient data and a fragment of noise data, where the first gradient data is gradient data of a loss function. Based on the fragment of first gradient data by performing secure multi-party computation with another participant, obtaining a fragment of second gradient data, where the second gradient data is gradient data obtained after the first gradient data is clipped. Based on the fragment of second gradient data and the fragment of noise data, determining a fragment of third gradient data, where the third gradient data is the second gradient data with the noise data added. A fragment of a model parameter is determined based on the fragment of third gradient data.

This disclosure is related to devices, systems, and techniques for automatically generating software packages to provide Secure Computation as a Service (SCaaS). For example, a computing device includes processing circuitry configured to receive a set of information comprising an indication of a first party and an indication of a second party. Additionally, the processing circuitry is configured to generate, based on the set of information, a first software package corresponding to the first party, the first software package configured to implement a secure computation, and generate, based on the set of information, a second software package corresponding to the second party, the second software package configured to implement the secure computation. Additionally, the processing circuitry is configured to export the first software package and export the second software package, enabling the first party device and the second party device to perform the secure computation.

A secure computation server apparatus in a secure computation system includes: a table storage part that stores a table of secret shares of the product of a first value and a second value for combinations of shares of possible values of the first value and shares of possible values of the second value; a table shuffle part that shuffles indices of possible values of the first value and indices of possible values of the second value in the table; a multiplication part that selects an element in the table whose indices in the shuffled table match the first and the second values; and a comparative verification part that accepts data that a majority of other secure computation server apparatuses agrees on as a correct value out of a plurality of data received from the other secure computation server apparatuses.

Methods, systems, and apparatus, including computer programs encoded on a computer storage medium. In one aspect, a method includes receiving, from a content distributor, plan data specifying a set of distribution plans that cause distribution of content. Instructions are transmitted to publishers to submit secret shares of a multi-register sketch representing presentations of the content. A notification that the content distributor has requested an analysis of the presentations of the content is sent to a multi-party computing group. A result share of the analysis of the presentation of the content is received from multiple MPC devices in the MPC group. A set of result shares received from the of MPC devices are transmitted to the content distributor.

A method for outsourcing exponentiation in a private group includes executing a query instruction to retrieve a query element stored on an untrusted server by selecting a prime factorization of two or more prime numbers of a modulus associated with the query element stored on the server, obtaining a group element configured to generate a respective one of the prime numbers, generating a series of base values using the prime factorization and the group element, and transmitting the series of base values from the client device to the server. The server is configured to determine an exponentiation of the group element with an exponent stored on the server using the series of base values. The method also includes receiving a result from the server based on the exponentiation of the group element with the exponent.