Secure computation using a server module
First Claim
1. A computing device configured to participate in a multi-party computation over a network, the computing device comprising:
- one or more processing devices configured via computer readable instructions to;
designate a first input wire key to represent a first value for an input wire of a circuit;
designate a second input wire key to represent a second value for the input wire of the circuit;
designate a first output wire key to represent the first value for an output wire of the circuit and a second output wire key to represent the second value for the output wire of the circuit;
determine a concealed input by mapping an input bit of an actual input that has the first value to the first input wire key;
receive, over the network from a second computing device, a first public key and a second public key, the first public key corresponding to the first value and the second public key corresponding to the second value;
encrypt the first input wire key with the first public key to provide a first ciphertext;
encrypt the second input wire key with the second public key to provide a second ciphertext;
provide the concealed input, the first ciphertext, and the second ciphertext over the network to a third computing device, the third computing device using the circuit to compute a computation output, the first input wire key allowing the third computing device to recover a computed output wire key representing an output bit of the computation output;
receive the computation output over the network from the third computing device; and
in an instance when the computed output wire key matches the first output wire key, determine that the output bit of the computation output has the first value.
2 Assignments
0 Petitions
Accused Products
Abstract
A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party'"'"'s non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the serer module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.
40 Citations
20 Claims
-
1. A computing device configured to participate in a multi-party computation over a network, the computing device comprising:
-
one or more processing devices configured via computer readable instructions to; designate a first input wire key to represent a first value for an input wire of a circuit; designate a second input wire key to represent a second value for the input wire of the circuit; designate a first output wire key to represent the first value for an output wire of the circuit and a second output wire key to represent the second value for the output wire of the circuit; determine a concealed input by mapping an input bit of an actual input that has the first value to the first input wire key; receive, over the network from a second computing device, a first public key and a second public key, the first public key corresponding to the first value and the second public key corresponding to the second value; encrypt the first input wire key with the first public key to provide a first ciphertext; encrypt the second input wire key with the second public key to provide a second ciphertext; provide the concealed input, the first ciphertext, and the second ciphertext over the network to a third computing device, the third computing device using the circuit to compute a computation output, the first input wire key allowing the third computing device to recover a computed output wire key representing an output bit of the computation output; receive the computation output over the network from the third computing device; and in an instance when the computed output wire key matches the first output wire key, determine that the output bit of the computation output has the first value. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method performed by a first computing device to participate in a multi-party computation over a network, the method comprising:
by the first computing device; designating different input wire keys to represent different values for different input wires of a circuit; designating different output wire keys to represent the different values for different output wires of the circuit; determining a concealed input by mapping an actual input to selected input wire keys, the concealed input comprising the selected input wire keys; receiving, over the network from a second computing device, different public keys for the different input wire keys, individual public keys received from the second computing device representing individual values for corresponding input wires of the circuit; encrypting the different input wire keys with associated public keys received from the second computing device to obtain ciphertexts; providing the concealed input and the ciphertexts to a third computing device over the network, the third computing device using the circuit, the ciphertexts, and the selected input wire keys of the concealed input to recover a garbled computation output comprising computed output wire keys; receiving the garbled computation output from the third computing device over the network; and recovering a plaintext computation output from the garbled computation output by mapping the computed output wire keys to respective output bit values represented by the computed output wire keys. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
-
17. A computing device for participating in a multi-party computation over a network, the computing device comprising:
-
one or more processing devices configured via computer readable instructions to; designate different input wire keys to represent different values for different input wires of a circuit; designate different output wire keys to represent the different values for different output wires of the circuit; determine a concealed input by mapping input bits of an actual input to selected input wire keys, the concealed input comprising the selected input wire keys; receive, over the network from a second computing device, different public keys for the different input wire keys, individual public keys received from the second computing device representing individual values for corresponding input wires of the circuit; encrypt the different input wire keys with associated public keys received from the second computing device to obtain ciphertexts; provide the concealed input and the ciphertexts over the network to a third computing device, the third computing device using the circuit, the ciphertexts, and the selected input wire keys of the concealed input to recover a garbled computation output comprising computed output wire keys; receive the garbled computation output over the network from the third computing device; and recover a plaintext computation output from the garbled computation output by mapping the computed output wire keys to respective output bit values represented by the computed output wire keys. - View Dependent Claims (18, 19, 20)
-
Specification