A secure computation system for secure exponentiation involving a non-secret base and a secret exponent comprises at least four secure computation server apparatuses connected to each other via a network, and each of the secure computation server apparatuses has: a reshare part that outputs reshares for an input including at least a share of the exponent by an operation closed within each of the secure computation server apparatuses; and a multiplication part that performs the secure exponentiation by executing multiplication using shares obtained by having the reshare part reshare the exponent that has been decomposed into additions of shares of the exponent.

Data file storage systems and methods that bind a local portable data storage device to remote data storage space with an emergent data file storage system. Data files and directory nodes are associated with data aspect pairs, each comprised of a series of interdependent blocks of characteristically high-entropy data. Blocks of data comprising a remote data aspect are transferred to remote data aspect storage locations. A single block of data comprising a local data aspect is transferred separately to the local portable data storage device. Neither a local data aspect nor a remote data aspect contains information about the corresponding data file or directory node.

Data file storage systems and methods that bind a local portable data storage device to remote data storage space with an emergent data file storage system. Data files and directory nodes are associated with data aspect pairs, each comprised of a series of interdependent blocks of characteristically high-entropy data. Blocks of data comprising a remote data aspect are transferred to remote data aspect storage locations. A single block of data comprising a local data aspect is transferred separately to the local portable data storage device. Neither a local data aspect nor a remote data aspect contains information about the corresponding data file or directory node.

The techniques described in the detailed description above enable the manufacturing of circuits with increased performance and efficiency when performing division by a constant number. One embodiment provides circuitry including an input circuit to receive an input value including a plurality of bits, a logarithmic tree coupled with the input circuit, the logarithmic tree configured to compute an array of values based on a plurality of multi-bit groups of the plurality of bits of the input value, each value in the array of values includes a modulus of a corresponding multi-bit group with respect to the constant, a binary array adder to compute a quotient of the division operation based on the array of values, the input value, and the constant, and an output circuit to output the quotient.

A binary logic circuit for determining the ratio x/d in accordance with a rounding scheme, where x is a variable integer input of bit length w and d is a fixed positive integer of the form 2.sup.n1, the binary logic circuit being configured to form the ratio as a plurality of bit slices, the bit slices collectively representing the ratio, wherein the binary logic circuit is configured to generate each bit slice according to a first modulo operation for calculating mod(2.sup.n1) of a respective bit selection of the input x and in dependence on a check for a carry bit, wherein the binary logic circuit is configured to, responsive to the check, selectively combine a carry bit with the result of the first modulo operation.

A computer-implemented method includes receiving performing a fused modular multiply and add operation to compute d=((a*b)+c) % p, wherein a, b, and c, are provided as a set of operands. A first multiply-and-accumulate unit computes a binary multiplication to compute a*b. A second multiply-and-accumulate unit computes a first intermediate result by updating a result of the binary multiplication using p. An accumulator of a third multiply-and-accumulate unit is initialized with c. The third multiply-and-accumulate unit computes a second intermediate result using the first intermediate result and c. An adder unit subtracts a portion of the second intermediate result from a portion of the result of the binary multiplication. The output of the adder is provided as a result of the fused modular multiply and add operation.

The present description concerns a method comprising masking, based on a digital algorithm, by a processing device, a sensitive data item, the masking comprising dividing the data item into a number n greater than or equal to 2 of shares, such that their arithmetic sum, modulo an integer q associated with the digital algorithm, is equal to the value of the data item, applying a compression operation to each of the n data shares, comprising applying a rounding operation to each of the n data shares, resulting in n integer rounding values, and applying a pseudo-fractional operation to each of the n data shares, resulting in n pseudo-fractional values, and generating n corrected compressed data shares by applying a correction operation to each of the rounding n values, based on the n pseudo-fractional values.

According to various embodiments, a security device is provided comprising a modular reducer configured to perform a modulo reduction by a modulus of each binary number of a sequence of binary numbers forming a data word, wherein each binary number consists of n bits by one or more first iterations comprising, in reaction to a first detector of the security device detecting that the most significant bit (MSB) of the binary number is set, changing the binary number by deleting its MSB and adding the difference between 2.sup.n1 and the modulus to the binary number, followed by one or more second iterations comprising, in reaction to a second detector of the security device detecting that the MSB of the sum of the binary number with the difference between 2.sup.n1 and the modulus is set, setting the binary number to that sum, wherein the MSB of the sum is deleted.