Embodiments of the invention include systems and methods for protecting study participant data for aggregate analysis. Aspects include sending a broker encryption key to a plurality of subjects. Aspects also include receiving double-encrypted subject data from the plurality of subjects. Aspects also include decrypting the double-encrypted subject data with a broker decryption key to generate single-encrypted subject data for the plurality of subjects. Aspects also include aggregating the single-encrypted subject data for the plurality of subjects to generate an aggregated single-homomorphically encrypted data set. Aspects also include including a plurality of random factors in the aggregated single-encrypted data set. Aspects also include sending the aggregated single-homomorphically encrypted data set to a researcher.

An electronic device includes one or more processors that perform at least one secure multiparty cryptographic process using a plurality of modules that jointly generate authentication data based on input data. Each of the modules performs that module's part of the secure multiparty cryptographic process using secure data that is not shared outside that module. The processors update the respective secure data of at least two of the modules. The respective secure data of a first module of the at least two of the modules is updated using a modification value, and the respective secure data of a second module of the at least two of the module is updated using the modification value. The updated secure data is arranged so that, for each possible value of the operation data, performance of the secure multiparty computation using the updated secure data generates the same authentication data as performance of the secure multiparty computation using the secure data prior to the step of updating. The device further includes an output interface that transmits to a terminal the generated authentication data. The authentication data is suitable for authorizing the mobile electronic device.

The subject matter discloses a computerized system for authenticating a person requesting access to a physical entity. The system comprises a controller configured to control access to the physical entity, said controller is connected to a biometric acquisition device configured to acquire biometric data of the person. The controller comprises a communication module configured to communicate wirelessly with an electronic device used by the person. The system also comprises a computerized server communicating with the controller or the person's electronic device, said server is configured to provide validation indication of the person using the biometric data and an MPC process performed between at least two of the controller, server and the person's device.

In one set of embodiments, each server executing a secure multi-party computation (MPC) protocol can receive shares of inputs to the MPC protocol from a plurality of clients, where each input is private to each client and where each share is generated from its corresponding input using a threshold secret sharing scheme. Each server can then verify whether the shares of the plurality of inputs are valid/invalid and, for each invalid share, determine whether a client that submitted the invalid share or a server that holds the invalid share is corrupted. If the client that submitted the invalid share is corrupted, each server can ignore the input of that corrupted client during a computation phase of the MPC protocol. Alternatively, if the server that holds the invalid share is corrupted, each server can prevent that corrupted server from participating in the computation phase.

A system and method are disclosed for providing an averaging of models for federated learning and blind learning systems. The method includes selecting, at a server, a generator g and a number p, transmitting, to at least two n client devices, the generator g and the number p, receiving, from each client device i of the at least two client devices, a respective value k.sub.i=g.sup.ri mod p and transmitting the set of respective values k.sub.i to each client device i of the at least two client devices where respective added group of shares are generated on each client device i. The method includes receiving each respective added group of shares from each client device i of the at least two client devices and adding all the respective added group of shares to make a global sum of shares and dividing the global sum of shares by n.

This disclosure relates to a privacy preserving machine learning platform. In one aspect, a method includes receiving, from a client device and by a computing system of multiple multi-party computation (MPC) systems, a first request for user group identifiers that identify user groups to which to add a user. The first request includes a model identifier for a centroid model, first user profile data for a user profile of the user, and a threshold distance. For each user group in a set of user groups corresponding to the model identifier, a centroid for the user group that is determined using a centroid model corresponding to the model identifier is identified. The computing system determines a user group result based at least on the first user profile data, the centroids, and the threshold distance. The user group result is indicative of user group(s) to which to add the user.

There is provided a secure computing server that performs shift operation on secretly distributed shares. The secure computing server may perform the shift operation when a number of significant digits of secret information corresponding to a secretly distributed share is to be reduced.

Methods and systems are presented for providing a secured framework for facilitating electronic transactions using a multi-party computation approach. Under the multi-party computation approach, the task of authenticating a transaction conducted through a user account is distributed among multiple computer nodes. One or more secrets and shares of a secret are distributed among the multiple computer nodes. An authentication process is implemented such that at least a portion of the multiple computer nodes, including one or more required nodes, exceeding a predetermined number of nodes are needed to perform a set of computations using the corresponding secret(s) and/or shares of the secret in order to generate a digital signature for the user account. By verifying the digital signature using a public key of the user account, it can be determined that the participation requirement has been satisfied.

Protecting data privacy in secure multi-party computation and communication is provided. A method of protecting data privacy includes determining a differential privacy configuration, determining a number of iterations based on a first parameter and a second parameter, and for each of the number of iterations generating a random value and a random noise data; generating a first message and a second message; and performing a transfer based on the first message, the second message, and an input data to output one of the first message and the second message. The method also includes generating a first noise data based on the random noise data in each of the number of iterations, generating a first share based on a first dataset and a second dataset, applying the first noise data to the first share, and constructing a result based on the first share and a second share.

Embodiments of the invention relate to a distributed network. The distributed network comprises a replicated system computing cluster comprising system computational units. The system computational units comprise deterministic subunits configured to perform a deterministic and replicated computation across the replicated system computing cluster and non-deterministic subunits for performing non-deterministic computations. The replicated system computing cluster is configured to perform a secure multi-party computation, in particular a computation of a threshold-signature.