The system provides a method of storing the financial data of a consumer in a lockbox on a blockchain. The financial data is written to a lockbox by a writer (e.g. credit bureau, financial institution, data provider). The data is read by a reader (e.g. lender, investor, and the like). The blockchain technology provides security and auditing so that the information can be trusted, and any modifications can be identified and confirmed. The lockbox comprises a smart contract and SMPC group participants.

The subject matter discloses a computerized system for securing data, comprising a first node, comprising a first memory storage configured to store a first share of a cryptographic key and a communication module, a second node, in communication with the first node, comprising a second memory storage configured to store a second share of the cryptographic key, wherein the first share and the second share of the cryptographic key are required to perform a cryptographic operation using a multi-party computation (MPC) process, wherein the second node further comprises a control unit configured to change an operation mode of the second share from enable to disable, wherein the disable operation mode prevents performing the cryptographic operation using the MPC process.

The present invention discloses a method for generating keys and signatures based on multi-party calculation, and relates to the technical field of MPC the algorithm steps. The method for generating the keys and the signatures based on the multi-party calculation includes: generating public keys and sending a request for generating the public keys to the background of Party 0; performing collaborative calculation by Party 0 and Party 1 to obtain public keys through communication; and returning calculation results to a client by Party 0. By the multi-party calculation method, a wallet owner can sign by the keys, and whether a message is signed by the wallet owner through the public keys of a wallet can be verified through the public keys of the wallet. In the process, it is unnecessary to share sensitive information with other parties, and the problem that the keys are easy to lose is solved, thereby preventing properties in the wallet from being lost, and helping more non-technical users to use a blockchain wallet.

Some embodiments of this specification provide a secure multi-party computation method and apparatus. According to the method in these embodiments, first, a TEE node cluster including K TEE nodes is joined based on a quantity N of data owners; then, a trusted execution environment is created in the TEE nodes, and a basic algorithm for secure K-party computation is loaded into the trusted execution environment; next, at least one data fragment is obtained from the trusted execution environment; and finally, secure K-party computation is performed by using the basic algorithm for secure K-party computation and the obtained data fragment.

The present invention executes secure multiplication, in which a computed value, a computation result, and a value during computation cannot be known, while suppressing an overall communication amount. A secure computation system comprises a distribution information generation apparatus that generates, from at least two fixed-point numbers, data distribution values, sign distribution values and carry distribution values by distributing each of the at least two fixed-point numbers using an additive secret sharing scheme, and a secure computation apparatus group including at least two secure computation apparatuses. The secure computation apparatus group comprises a secure digit extender that generates at least two extended fixed-point numbers formed from extended data distribution values, extended sign distribution values and extended carry distribution values, all of which are obtained by extending digit numbers using the data distribution values, the sign distribution values and the carry distribution values of the at least two fixed-point numbers while protecting a security, and a secure multiplier that generates extended data distribution values, extended sign distribution values and extended carry distribution values of an extended multiplication result of multiplying a first extended fixed-point number and a second extended fixed-point number that are generated by said secure digit extender while protecting a security, and adjusts digit numbers of the extended data distribution values of the extended multiplication result to make distribution values of a secure multiplication result.

A method for calculating a function as a sub-function f.sub.X of a datum of a client, a sub-function f.sub.Y of a datum, and a product of n indexed sub-functions f.sub.i of both data by randomly generating, n indexed invertible data r.sub.i from the set with m being a prime number, generating, for each i from 1 to n, a set for which each element is formed by a product of a datum r.sub.i with a possible result of the sub-function of two variables f.sub.i evaluated in both data, applying an oblivious transfer protocol between the client and a server so that the client recovers, for each i an intermediate datum t.sub.i equal to: t.sub.i=r.sub.if.sub.i(x.sub.i,Y), obtaining, by the client a result T from intermediate data such that: T=f.sub.X(X).sub.i=1.sup.nt.sub.i, obtaining, by the server a result R from inverted data such that: R=f.sub.Y(Y).sub.i=1.sup.nr.sub.i.sup.1 using the results in a cryptographic application.

Methods for secure random selection of t client devices from a set of N client devices and methods for secure computation of inputs of t client devices randomly selected from N client devices are described. Such random selection method may include determining an initial binary vector b of weight t by setting the first t bits to one: b.sub.i=1, 1 it, and all further bits to zero: b.sub.i=0, t<iN; each client device i (i=1, . . . , N) of the set of N client devices jointly generating a random binary vector b of weight t in an obfuscated domain on the basis of the initial binary vector b including: determining a position n in the binary vector; determining a random number r in {n,n+1, . . . N}; and, using the random number to swap binary values at positions n and r of the binary vector b.

Data analytics on encrypted data elements is disclosed. One example is a system including a first data system, a second data system, and a data analytics system. The first data system includes a first data element and a first encryption module with a first private key. The second data system includes a plurality of second data elements and a second encryption module with a second private key. The first encryption module and the second encryption module are communicatively linked to one another, to apply, via the first and second private keys, an encryption protocol to the first data element and the plurality of second data elements to encrypt the data elements. The data analytics system maps the encrypted data elements to an analytics space, performs data analytics based on the mapped data elements, and distributes, via a computing device, results of the data analytics to an information retrieval system.

Determination as to whether a nondecreasing sequence exists or not is efficiently made. A sorting part sorts elements of a set P.sub.i in ascending order to generate vectors t.sub.i,i+1 and b.sub.i,i+1. A merging part generates vectors t.sub.0,m and b.sub.0,m by repeating the process of merging vectors (t.sub.i,j, b.sub.i,j) and (t.sub.j,k, b.sub.j,k) to generate (t.sub.i,k, b.sub.i,k). A stable-sorting part generates a vector e by coupling and stably sorting vectors b.sub.i,j and t.sub.j,k. A searching part searches for sets of (, x, y) in which e[] is b.sub.i,j[x] and e[+1] is t.sub.j,k[y] and generates a set X including all x and a set Y including all y. An extracting part sorts t.sub.i,j[x] (xX) in ascending order to generate a vector t.sub.i,k and sorts b.sub.j,k[y] (yY) in ascending order to generate a vector b.sub.i,k. If the length of a vector t.sub.0,m is 0, a determining part outputs a result of determination that indicates the absence of a nondecreasing sequence.

A method for providing self-stabilization of functionality security and privacy to a distributed computer system with self-stabilizing machines, according to which the system periodically and constantly recovers from cyber-attacks performed by an adversary who gained access to the system during a vulnerability window. Then a True Random Number Generator (TRNG) generates a random number from which generating a pair of public and private keys are generated. The public key of the pair is distributed among neighboring machines, to generate a common symmetric secret key. Each machine to exchanges messages with any other machine using messages that are encrypted and decrypted by their established common symmetric secret key, where all keys are generated using random numbers that were generated by the True Random Number Generator.