Server-aided multi-party protocols
First Claim
Patent Images
1. A server system comprising:
- at least one processing unit; and
at least one storage device or volatile or non-volatile memory device storing computer-executable instructions that, when executed by the at least one processing unit, cause the at least one processing unit to;
obtain a first concealed input from a first party,obtain an entirety of a garbled circuit from the first party,obtain a second concealed input from a second party,provide the first concealed input and the second concealed input to computational resources,obtain a first garbled output and a second garbled output from the computational resources,send the first garbled output to the first party, andsend the second garbled output to the second party.
3 Assignments
0 Petitions
Accused Products
Abstract
The disclosed architecture employs techniques that make secure multi-party computation (MPC) practical and scalable. In support of utilizing cloud computing, for example, for evaluating functionality, a third party server can be employed which does not have any input to the computation and does not receive any output from the computation, yet has a vast amount of computational resources. Accordingly, the secure MPC architecture can outsource as much as possible of the computation and communications burden of the parties without the server(s) learning any information about the party inputs.
45 Citations
23 Claims
-
1. A server system comprising:
-
at least one processing unit; and at least one storage device or volatile or non-volatile memory device storing computer-executable instructions that, when executed by the at least one processing unit, cause the at least one processing unit to; obtain a first concealed input from a first party, obtain an entirety of a garbled circuit from the first party, obtain a second concealed input from a second party, provide the first concealed input and the second concealed input to computational resources, obtain a first garbled output and a second garbled output from the computational resources, send the first garbled output to the first party, and send the second garbled output to the second party. - View Dependent Claims (2, 3, 4)
-
-
5. A method performed by a first party using at least one computer processing unit, the method comprising:
-
generating, by the first party, a seed based on execution of a cryptographic protocol by multiple parties that include the first party and a second party; generating, by the first party, an entirety of a garbled circuit, a first concealed input, and a first output table; sending the entirety of the garbled circuit and the first concealed input from the first party to a server configured to apply functionality over inputs of the multiple parties, the inputs including at least the first concealed input and a second concealed input provided to the server by the second party; and obtaining, by the first party, a first garbled output from the server, wherein a first corresponding result is recoverable from the first garbled output using the first output table. - View Dependent Claims (6, 7, 8, 9)
-
-
10. A server system comprising:
-
at least one processing unit; and at least one storage device or volatile or non-volatile memory device storing computer-executable instructions that, when executed by the at least one processing unit, cause the at least one processing unit to; in a first instance; obtain garbled circuits and a first concealed input from a first party; select a subset of the garbled circuits; obtain secrets usable to open the selected subset of garbled circuits; open the subset of the garbled circuits using the secrets to obtain an opened subset of circuits while leaving an individual garbled circuit unopened; verify correct generation of the opened subset of circuits; obtain a second concealed input from a second party; perform a computation on the first concealed input and the second concealed input using the individual garbled circuit that is left unopened to obtain a first concealed output and a second concealed output; and send the first concealed output to the first party and the second concealed output to the second party. - View Dependent Claims (11, 12, 13, 14)
-
-
15. A server system comprising:
-
at least one processing unit; and at least one storage device or volatile or non-volatile memory device storing computer-executable instructions that, when executed by the at least one processing unit, cause the at least one processing unit to; in a first instance; obtain, from a first party, a first garbled circuit and a first concealed input, obtain, from a second party, a second garbled circuit and a second concealed input, perform a comparison of the first garbled circuit to the second garbled circuit to determine whether to perform a computation using at least one of the first garbled circuit or the second garbled circuit, and abort the computation based on the comparison. - View Dependent Claims (16, 17, 18)
-
-
19. A method performed by at least one computer processing unit, the method comprising:
in a first instance; obtaining garbled circuits and a first concealed input from a first party; selecting a subset of the garbled circuits to open; obtaining secrets usable to open the selected subset of garbled circuits; opening the subset of the garbled circuits using the secrets to obtain an opened subset of circuits while leaving an individual garbled circuit unopened; verifying correct generation of the opened subset of circuits; obtaining a second concealed input from a second party; perform a computation on the first concealed input and the second concealed input using the individual garbled circuit that is left unopened to obtain a first concealed output and a second concealed output; and sending the first concealed output to the first party and the second concealed output to the second party. - View Dependent Claims (20, 21, 22, 23)
Specification