Novel methods of performing statistically receiver private (SRP) string oblivious transfer (OT) are disclosed. Such methods can be used to transfer messages between senders and receivers subject to the conditions of oblivious transfer. These methods can be used as a building block to develop useful cryptographic systems, such as multiparty computation networks. A sender computer and a receiver computer can exchange a first and second oblivious transfer message. Data contained in these messages can be used, by the sender computer, to obfuscate a first message and a second message. The sender computer can transmit (in a third oblivious transfer message), both the first obfuscated message, the second obfuscated message and a group element to a receiver computer. Using the group element, the receiver computer can attempt to de-obfuscate one or both of the obfuscated messages, and can receive either a first message or a second message in the process.

A querying node generates public keys, secret keys, and switch key matrices. A public key associated with a first level and the switch key matrices are sent to a receiving node. The receiving node generates a key-value table, mapping values to keys, and encodes the keys and values using a polynomial ring of a predetermined type. The querying node encodes using a polynomial ring of the same predetermined type, then encrypts a query, using a public key, and sends the query to the receiving node. The receiving node performs a homomorphic comparison of the encrypted, encoded query with each encoded key entry in the encoded key-value store to determine a comparison result. The receiving node sums the results for each of the value entries and returns the summed result to the querying node. The querying node decrypts and decodes the received result using the corresponding secret key.

A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party's non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.

A system includes a server connectable to a client, the server configured to allow the client to acquire a message of an index designated by the client among N messages held by the server where N is an integer of two or more. The server includes a classification unit configured to classify the N messages into M classified messages by contents of the messages; a message encryption unit configured to encrypt each of the M classified messages; a message provision unit configured to provide the M encrypted classified messages to the client; and a key sending unit configured to send the client, by oblivious transfer, a message key for decrypting the classified message corresponding to the message of the index designated by the client.

A secure inference over Deep Neural Networks (DNNs) using secure two-party computation to perform privacy-preserving machine learning. The secure inference uses a particular type of comparison that can be used as a building block for various layers in the DNN including, for example, ReLU activations and divisions. The comparison securely computes a Boolean share of a bit representing whether input value x is less than input value y, where x is held by a user of the DNN, and where y is held by a provider of the DNN. Each party computing system parses their input into leaf strings of multiple bits. This is much more efficient than if the leaf strings were individual bits. Accordingly, the secure inference described herein is more readily adapted for using in complex DNNs.

Example computer-implemented methods and systems for secure random noise generation are disclosed. One example method includes generating, by a first party, n random first bits and n -bit strings. The first party generates, based on the n -bit strings and the n random first bits, n pairs of -bit input messages. The first party performs n 1-out-of-2 oblivious transfers (OTs) of the n pairs of -bit input messages from the first party to a second party. The first party generates, based on the n -bit strings, a first random number. The first party performs, based on the first random number, secure multiparty computation (MPC) that involves the first party and the second party.

Example computer-implemented methods and systems for secure random noise generation are disclosed. One example method includes generating, by a first party, n random first bits and n -bit first strings. The first party generates, based on the n -bit first strings and the n random first bits, n pairs of -bit input messages. The first party receives n pairs of -bit second strings. The first party performs n 1-out-of-2 random oblivious transfers (ROTs) of the n pairs of -bit input messages from the first party to a second party. The first party generates, based on the n -bit first strings, a first random number. The first party performs, based on the first random number, secure multiparty computation (MPC) that involves the first party and the second party.

The present disclosure relates to a method and apparatus for generating a data tuple for secure computation, a medium, and a device. The method is applied to a first participant, and the method includes: separately obtaining a first pseudo-random number pair and a second pseudo-random number pair by jointly executing the R-OT protocol with a second participant twice; and generating a first element slice of a data tuple for secure computation based on the two pseudo-random number pairs, where the data tuple includes the first element slice and a second element slice, and the second element slice is generated by the second participant.

Updatable private set intersection (PSI) protocols allow parties that each have an updatable private set to determine the intersection of their sets after an update without the need to compare each element of each set and without compromising privacy. In some protocols, a first party can determine an update to the intersection by determining an intersection of elements that were previously in the first party's set with elements that were added to the second party's set and determining an intersection of elements that were added to the first party's set with elements that are in the second party's (updated) set. In some protocols, both parties can determine the updated intersection.

There is a need for more effective and efficient secure data transmission. This need can be addressed by, for example, solutions for secure data transmission that utilize secret shares. In one example, a method includes generating a hashed user identifier based on a received user identifier; transmitting the hashed user identifier to an external computing entity; receiving a data retrieval secret share from the external computing entity, in response, transmitting an account identifier and an auditing public key to the external computing entity; and receiving an encrypted data audit secret share from the external computing entity, wherein: (i) the encrypted data audit secret share is based at least in part on a data audit secret share encrypted using the auditing public key, and (ii) the data audit secret share is based at least in part on a secret value.