Secure computation using a server module
First Claim
1. A server computer comprising:
- a server-participant communication module configured to receive;
a first concealed input from a first participant module, the first concealed input having been generated using a fully homomorphic encryption technique, the first concealed input having multiple first components, anda second concealed input from a second participant module, the second concealed input having been generated using the fully homomorphic encryption technique, the second concealed input having multiple second components;
an evaluation module configured to evaluate an arithmetic circuit based on the first concealed input and the second concealed input, and to generate a concealed output; and
a processing device configured to execute the server-participant communication module and the evaluation module,wherein the server-participant communication module is further configured to send the concealed output to the first participant module and the second participant module,wherein the evaluation module is further configured to perform multiple multiplication operations using the multiple first components of the first concealed input, the multiple second components of the second concealed input, and a modifier factor provided by the first participant module or the second participant module, andwherein actual values of the first concealed input, the second concealed input, and the concealed output are not revealed to the server computer.
2 Assignments
0 Petitions
Accused Products
Abstract
A server module evaluates a circuit based on concealed inputs provided by respective participant modules, to provide a concealed output. By virtue of this approach, no party to the transaction (including the sever module) discovers any other party'"'"'s non-concealed inputs. In a first implementation, the server module evaluates a garbled Boolean circuit. This implementation also uses a three-way oblivious transfer technique to provide a concealed input from one of the participant modules to the server module. In a second implementation, the server module evaluates an arithmetic circuit based on ciphertexts that have been produced using a fully homomorphic encryption technique. This implementation modifies multiplication operations that are performed in the evaluation of the arithmetic circuit by a modifier factor; this removes bounds placed on the number of the multiplication operations that can be performed.
-
Citations
17 Claims
-
1. A server computer comprising:
-
a server-participant communication module configured to receive; a first concealed input from a first participant module, the first concealed input having been generated using a fully homomorphic encryption technique, the first concealed input having multiple first components, and a second concealed input from a second participant module, the second concealed input having been generated using the fully homomorphic encryption technique, the second concealed input having multiple second components; an evaluation module configured to evaluate an arithmetic circuit based on the first concealed input and the second concealed input, and to generate a concealed output; and a processing device configured to execute the server-participant communication module and the evaluation module, wherein the server-participant communication module is further configured to send the concealed output to the first participant module and the second participant module, wherein the evaluation module is further configured to perform multiple multiplication operations using the multiple first components of the first concealed input, the multiple second components of the second concealed input, and a modifier factor provided by the first participant module or the second participant module, and wherein actual values of the first concealed input, the second concealed input, and the concealed output are not revealed to the server computer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method performed by a computing device, the method comprising:
-
receiving a first concealed input from a first participant module, the first concealed input having been generated using a fully homomorphic encryption technique, the first concealed input having multiple first components; receiving a second concealed input from a second participant module, the second concealed input having been generated using the fully homomorphic encryption technique, the second concealed input having multiple second components; evaluating an arithmetic circuit based on the first concealed input and the second concealed input to generate a concealed output; and sending the concealed output to the first participant module and the second participant module, wherein the evaluating comprises performing multiple multiplication operations using the multiple first components of the first concealed input, the multiple second components of the second concealed input, and a modifier factor provided by the first participant module or the second participant module, and wherein actual values of the first concealed input, the second concealed input, and the concealed output are not revealed to the computing device. - View Dependent Claims (13, 14, 15)
-
-
16. A hardware storage device or hardware memory device storing instructions which, when executed by a processing device, cause the processing device to perform acts comprising:
-
receiving a first concealed input from a first participant module, the first concealed input having been generated using a fully homomorphic encryption technique, the first concealed input having multiple first components; receiving a second concealed input from a second participant module, the second concealed input having been generated using the fully homomorphic encryption technique, the second concealed input having multiple second components; evaluating an arithmetic circuit based on the first concealed input and the second concealed input to generate a concealed output; and sending the concealed output to the first participant module and the second participant module, wherein the evaluating comprises performing multiple multiplication operations using the multiple first components of the first concealed input, the multiple second components of the second concealed input, and a modifier factor provided by the first participant module or the second participant module, and wherein actual values of the first concealed input, the second concealed input, and the concealed output are not revealed to the processing device. - View Dependent Claims (17)
-
Specification