SECURE COMPUTING SYSTEM, SECURE COMPUTING METHOD, SECURE COMPUTING APPARATUS, AND PROGRAM THEREFOR
First Claim
1. A secure computing system that obtains a computation result f(mA) of a logic circuit function f for a first input value mA while concealing the first input value mA, comprising:
- a first secure computing apparatus;
a second secure computing apparatus that stores said logic circuit function f; and
a third secure computing apparatus,wherein said third secure computing apparatus includes;
means of generating data Wb associated with each bit b of a segment t that satisfies a relation mA=s*t for said first input value mA and an operator * and data W(1-b) associated with an inversion bit (1-b) of said bit b;
means of transmitting said data Wb to said first secure computing apparatus; and
means of transmitting data W including said data Wb and said data W(1-b) to said second secure computing apparatus without identifying the association between said bit b and said inversion bit (1-b) and said data Wb and said data W(1-b),said second secure computing apparatus includes;
means of using a segment s that satisfies the relation mA=s*t, said logic circuit function f and said data W to generate data T in which a logic circuit function f(s*X) is concealed, said logic circuit function f(s*X) being obtained by substituting said segment s into said logic circuit function f, said computation result f(mA) being determined from said data T and said data Wb;
means of transmitting said data T to said first secure computing apparatus, andsaid first secure computing apparatus includes;
means of receiving said data T and said data Wb; and
means of obtaining said computation result f(mA) using said data T and said data Wb.
1 Assignment
0 Petitions
Accused Products
Abstract
A third secure computing apparatus generates data Wb associated with each bit b of a segment t that satisfies a relation mA=s*t for a first input value mA and an operator * and data W(1-b) associated with an inversion bit (1-b) of the bit b, transmits the data Wb to a first secure computing apparatus, and transmits data W including the data Wb and the data W(1-b) to a second secure computing apparatus. The second secure computing apparatus uses a segment s that satisfies the relation mA=s*t, a logic circuit function f and the data W to generate data T in which a logic circuit function f(s*X), which is the logic circuit function fin which the segment s is substituted, is concealed, and transmits the data T to the first secure computing apparatus. A computation result f(mA) can be determined from the data T and the data Wb. The first secure computing apparatus obtains the computation result f(mA) using the data T and the data Wb.
-
Citations
25 Claims
-
1. A secure computing system that obtains a computation result f(mA) of a logic circuit function f for a first input value mA while concealing the first input value mA, comprising:
-
a first secure computing apparatus; a second secure computing apparatus that stores said logic circuit function f; and a third secure computing apparatus, wherein said third secure computing apparatus includes; means of generating data Wb associated with each bit b of a segment t that satisfies a relation mA=s*t for said first input value mA and an operator * and data W(1-b) associated with an inversion bit (1-b) of said bit b; means of transmitting said data Wb to said first secure computing apparatus; and means of transmitting data W including said data Wb and said data W(1-b) to said second secure computing apparatus without identifying the association between said bit b and said inversion bit (1-b) and said data Wb and said data W(1-b), said second secure computing apparatus includes; means of using a segment s that satisfies the relation mA=s*t, said logic circuit function f and said data W to generate data T in which a logic circuit function f(s*X) is concealed, said logic circuit function f(s*X) being obtained by substituting said segment s into said logic circuit function f, said computation result f(mA) being determined from said data T and said data Wb; means of transmitting said data T to said first secure computing apparatus, and said first secure computing apparatus includes; means of receiving said data T and said data Wb; and means of obtaining said computation result f(mA) using said data T and said data Wb. - View Dependent Claims (2, 3, 4)
-
-
5. A secure computing apparatus, comprising:
-
means of receiving a segment t that satisfies a relation mA=s*t for a first input value mA and an operator*; means of generating data Wb associated with each bit b of said segment t and data W(1-b) associated with an inversion bit (1-b) of said bit b; means of transmitting said data Wb to another secure computing apparatus that obtains a computation result f(mA) of a logic circuit function f for said first input value mA; and means of transmitting data W including said data Wb and said data W(1-b) to another secure computing apparatus that receives a segment s that satisfies the relation mA=s*t without identifying the association between said bit b and said inversion bit (1-b) and said data Wb and said data W(1-b).
-
-
6. A secure computing apparatus, comprising:
-
means of receiving a segment s that satisfies a relation mA=s*t for a first input value mA and an operator*; means of using said segment s, a logic circuit function f and data W to generate data T in which a logic circuit function f(s*X) is concealed, said logic circuit function f(s*X) being obtained by substituting said segment s into said logic circuit function f, a computation result f(mA) of said logic circuit function f for said first input value mA being determined from said data T and said data Wb; and means of transmitting said data T to another secure computing apparatus that obtains said computation result f(mA).
-
-
7. A secure computing method that obtains a computation result f(mA) of a logic circuit function f for a first input value mA with a first, a second and a third secure computing apparatus while concealing the first input value mA, comprising:
-
(A) a step of generating data Wb associated with each bit b of a segment t that satisfies a relation mA=s*t for said first input value mA and an operator * and data W(1-b) associated with an inversion bit (1-b) of said bit b in said third secure computing apparatus; (B) a step of transmitting said data Wb to said first secure computing apparatus from said third secure computing apparatus; (C) a step of transmitting data W including said data Wb and said data W(1-b) to said second secure computing apparatus without identifying the association between said bit b and said inversion bit (1-b) and said data Wb and said data W(1-b) from said third secure computing apparatus; (D) a step of using a segment s that satisfies the relation mA=s*t, said logic circuit function f and said data W to generate data T in which a logic circuit function f(s*X) is concealed, said logic circuit function f(s*X) being obtained by substituting said segment s into said logic circuit function f, said computation result f(mA) being determined from said data T and said data Wb, in said second secure computing apparatus; (E) a step of transmitting said data T to said first secure computing apparatus from said second secure computing apparatus; (F) a step of receiving said data T and said data Wb by said first secure computing apparatus; and (G) a step of obtaining said computation result f(mA) using said data T and said data Wb in said first secure computing apparatus. - View Dependent Claims (8, 9)
-
-
10. A secure computing system that obtains a computation result f(m) of a logic circuit function f(x) for an input value m while concealing the input value m, comprising:
-
a first secure computing apparatus that stores said logic circuit function f(x); and a second secure computing apparatus, wherein said first secure computing apparatus includes; means of receiving a segment B of said input value m, the input value m having been divided into a segment A and the segment B; and means of using said logic circuit function f(x) and said segment B to generate data T in which said logic circuit function f(x) is concealed, said computation result f(m) being determined from the data T and said segment A, and said second secure computing apparatus includes; means of receiving said segment A and said data T; and means of obtaining said computation result f(m) using said segment A and said data T. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A secure computing apparatus, comprising:
-
means of receiving a segment B of said input value m, the input value m having been divided into a segment A and the segment B; and means of using a logic circuit function f(x) and said segment B to generate data T in which said logic circuit function f(x) is concealed, computation result f(m) being determined from the data T and said segment A; and means of transmitting said data T to another secure computing apparatus that receives said segment A. - View Dependent Claims (25)
-
-
18. A secure computing method that obtains a computation result f(m) of a logic circuit function f(x) for an input value m while concealing the input value m, comprising:
-
(A) a step of receiving a segment B of said input value m, the input value m having been divided into a segment A and the segment B, by said first secure computing apparatus; (B) a step of using said logic circuit function f(x) stored in said first secure computing apparatus and said segment B to generate data T in which said logic circuit function f(x) is concealed, said computation result f(m) being determined from the data T and said segment A, in said first secure computing apparatus; (C) a step of receiving said segment A and said data T by said second secure computing apparatus; and (D) a step of obtaining said computation result f(m) using said segment A and said data T in said second secure computing apparatus. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
Specification