Fault-tolerant aggregation of encrypted data in a star network
First Claim
1. A computer-implemented method for facilitating encrypted-domain aggregation of data in a star network of physical devices, the method comprising:
- receiving, by a computing device comprising a microprocessor, a set of ciphertexts of an input value from each participant of a plurality of participants via the star network, wherein a respective participant in the plurality of participants comprises a microprocessor, wherein the set of ciphertexts from a first participant of a plurality of participants represents respective encrypted polynomial shares of the input value of the first participant, and wherein each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants;
computing an encrypted partial value for the first participant by aggregating in the encrypted-domain a respective ciphertext associated with the first participant received from the plurality of participants, wherein the encrypted partial value is encrypted based on a public key of the first participant;
sending a message comprising the encrypted partial value for each participant to the corresponding participant;
receiving a decrypted partial value representing a decryption of the encrypted partial value from each participant; and
computing a target value based on a subset of the set of decrypted partial values, wherein the subset corresponds to a subset of participants of the plurality of participants;
wherein computing the target value further comprises;
in response to the number of participants being greater than a threshold, determining a set of coefficients of a target polynomial; and
evaluating the target polynomial based on a base value and the coefficients.
6 Assignments
0 Petitions
Accused Products
Abstract
One embodiment provides a system that facilitates encrypted-domain aggregation of data in a star network. During operation, the system receives a set of ciphertexts, representing respective encrypted polynomial shares, of an input value from each participant in a plurality of participants. Each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants. The system computes an encrypted partial value for each participant by aggregating in the encrypted-domain a respective ciphertext associated with that participant received from the plurality of participants and sends a message comprising the encrypted partial value to that participant. This encrypted partial value is encrypted based on a public key of a corresponding participant. The system receives a decrypted partial value from each participant and computes a target value based on a set of decrypted partial values received from a set of participants in the plurality of participants.
17 Citations
20 Claims
-
1. A computer-implemented method for facilitating encrypted-domain aggregation of data in a star network of physical devices, the method comprising:
-
receiving, by a computing device comprising a microprocessor, a set of ciphertexts of an input value from each participant of a plurality of participants via the star network, wherein a respective participant in the plurality of participants comprises a microprocessor, wherein the set of ciphertexts from a first participant of a plurality of participants represents respective encrypted polynomial shares of the input value of the first participant, and wherein each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants; computing an encrypted partial value for the first participant by aggregating in the encrypted-domain a respective ciphertext associated with the first participant received from the plurality of participants, wherein the encrypted partial value is encrypted based on a public key of the first participant; sending a message comprising the encrypted partial value for each participant to the corresponding participant; receiving a decrypted partial value representing a decryption of the encrypted partial value from each participant; and computing a target value based on a subset of the set of decrypted partial values, wherein the subset corresponds to a subset of participants of the plurality of participants; wherein computing the target value further comprises; in response to the number of participants being greater than a threshold, determining a set of coefficients of a target polynomial; and evaluating the target polynomial based on a base value and the coefficients. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer system for facilitating encrypted-domain aggregation of data in a star network of physical devices, the system comprising:
-
processing circuitry; and a storage device storing instructions that when executed by the processing circuitry cause the processing circuitry to perform a method, the method comprising; receiving a set of ciphertexts of an input value from each participant of a plurality of participants via the star network, wherein a respective participant in the plurality of participants comprises a microprocessor, wherein the set of ciphertexts from a first participant of a plurality of participants represents respective encrypted polynomial shares of the input value of the first participant, and wherein each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants; computing an encrypted partial value for the first participant by aggregating in the encrypted-domain a respective ciphertext associated with the first participant received from the plurality of participants, wherein the encrypted partial value is encrypted based on a public key of the first participant; sending a message comprising the encrypted partial value for each participant to the corresponding participant; receiving a decrypted partial value representing a decryption of the encrypted partial value from each participant; and computing a target value based on a subset of the set of decrypted partial values, wherein the subset corresponds to a subset of participants of the plurality of participants; wherein computing the target value further comprises; in response to the number of participants being greater than a threshold, determining a set of coefficients of a target polynomial; and evaluating the target polynomial based on a base value and the coefficients. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable storage medium storing instructions that when executed by a computer, which includes a microprocessor, cause the computer to perform a method for facilitating encrypted-domain aggregation of data in a star network of physical devices, the method comprising:
-
receiving a set of ciphertexts of an input value from each participant of a plurality of participants via the star network, wherein a respective participant in the plurality of participants comprises a microprocessor, wherein the set of ciphertexts from a first participant of a plurality of participants represents respective encrypted polynomial shares of the input value of the first participant, and wherein each ciphertext in the set of ciphertexts is associated with a specific participant in the plurality of participants; computing an encrypted partial value for the first participant by aggregating in the encrypted-domain a respective ciphertext associated with the first participant received from the plurality of participants, wherein the encrypted partial value is encrypted based on a public key of the first participant; sending a message comprising the encrypted partial value for each participant to the corresponding participant; receiving a decrypted partial value representing a decryption of the encrypted partial value from the first participant; and computing a target value based on a subset of the set of decrypted partial values, wherein the subset corresponds to a subset of participants of the plurality of participants; and wherein computing the target value further comprises; in response to the number of participants being greater than a threshold, determining a set of coefficients of a target polynomial; and evaluating the target polynomial based on a base value and the coefficients. - View Dependent Claims (20)
-
Specification