WO2019059042A1 - 秘密読み込み装置、秘密書き込み装置、それらの方法、およびプログラム - Google Patents
秘密読み込み装置、秘密書き込み装置、それらの方法、およびプログラム Download PDFInfo
- Publication number
- WO2019059042A1 WO2019059042A1 PCT/JP2018/033595 JP2018033595W WO2019059042A1 WO 2019059042 A1 WO2019059042 A1 WO 2019059042A1 JP 2018033595 W JP2018033595 W JP 2018033595W WO 2019059042 A1 WO2019059042 A1 WO 2019059042A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- secret
- vector
- text
- array
- integer
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/46—Secure multiparty computation, e.g. millionaire problem
Definitions
- the present invention relates to cryptographic application technology, and in particular to technology for reading and writing data to an array without revealing the accessed position.
- Non-Patent Document 1 As a method of obtaining a specific calculation result without restoring the encrypted numerical value, there is a method called secret calculation (see, for example, Non-Patent Document 1).
- encryption is performed by distributing fragments of numerical values to three secret calculation devices, and by performing cooperative calculation by three secret calculation devices, addition and subtraction are performed without restoring numerical values.
- the result of constant addition, multiplication, constant multiplication, logical operation (not, logical product, logical sum, exclusive OR), data format conversion (integer, binary number) distributed to three secret computing devices, ie, It can be kept encrypted.
- Non-Patent Document 2 when reading data from an array of size n in constant-stage multiplication, it is necessary to perform multiplication in a number proportional to n.
- communication quantity ⁇ (nm) is required to write m values to the array of size n in constant-step communication.
- An object of the present invention is, in view of the above-described point, to enable efficient data reading from an array without revealing the reading position by a constant stage multiplication with a smaller number of times than in the prior art.
- the secret reading device receives the sequence of the secret text and the secret text of the reading position as an input, and outputs the element of the reading position of the sequence of the secret text.
- the secret reading device is configured to generate a new secret sentence array whose element is the inner product of the vector representing the reading position and the vector based on the secret sentence array. Iterates until it becomes 1 and outputs an array of a new ciphertext with 1 element as the element of the reading position.
- the secret writing device receives the sequence of the secret text, the secret text of the write address and the secret text of the value to be written, and inputs the sequence of the secret text.
- the secret writing device adds the value to an element of the writing address, and adds the inner product of a vector representing the writing address and a vector representing the writing value to the array of secret sentences.
- the secret reading technique of the first aspect of the present invention it is possible to efficiently read data from the array without revealing the reading position by the constant stage multiplication with a smaller number of times than in the prior art.
- the secret write technology of the second aspect of the present invention it is possible to efficiently write data to the array with a smaller amount of communication than in the conventional communication without revealing the write position by constant-stage communication.
- FIG. 1 is a diagram illustrating the functional configuration of the secret reading device.
- FIG. 2 is a diagram illustrating the processing procedure of the secret reading method.
- FIG. 3 is a diagram illustrating a functional configuration of the secret writing device.
- FIG. 4 is a diagram illustrating the processing procedure of the secret writing method.
- a value in which a certain value a is concealed by encryption, secret sharing or the like is referred to as a confidential text of a, and is denoted as [a].
- a is called the plaintext of [a].
- [a] refers to a set of pieces of secret sharing that each secret computing device has.
- the i-th element of the vector a (a 0 , a 1 ,...) Is referred to by a [i].
- the number of elements of the vector a is written as
- the secret reading device of the first embodiment receives the sequence of the secret text and the secret text of the reading position as an input, and outputs the element of the reading position of the sequence of the secret text. At this time, it is repeated to generate a new confidential sentence array having an inner product of the vector representing the reading position and the vector based on the confidential sentence array until the number of elements of the new confidential sentence array becomes 1.
- the present invention is characterized in that an array of a new secret sentence having the number of elements of 1 is read and output as an element of a position.
- the secret reading device 1 of the first embodiment includes an input unit 11, a vector creating unit 12, a compression calculating unit 13, and a reading unit 14 as illustrated in FIG.
- the secret reading method of the first embodiment is realized by the secret reading device 1 performing the processing of each step illustrated in FIG. 2.
- the secret reading device 1 is, for example, a special program configured by reading a special program into a known or dedicated computer having a central processing unit (CPU: Central Processing Unit), a main storage device (RAM: Random Access Memory), etc. Device.
- the secret reading device 1 executes each process, for example, under the control of the central processing unit.
- the data input to the secret reading device 1 and the data obtained by each process are stored, for example, in the main storage device, and the data stored in the main storage device is read out to the central processing unit as necessary. It is used for other processing.
- At least a part of each processing unit of the secret reading device 1 may be configured by hardware such as an integrated circuit.
- the input unit 11 outputs the array of secret sentences [a 0 ] and the secret sentence [x] to the vector creation unit 12.
- step S12 the vector creating unit 12 receives the array of secret sentences [a 0 ] and the secret sentence [x] from the input unit 11, and creates k vectors of secret sentences [v j ].
- k is an integer of 2 or more
- j is an integer of 1 or more and k or less.
- m 1 , m 2 ,..., M k are natural numbers that satisfy n ⁇ m 1 ⁇ m 2 ⁇ ⁇ ⁇ m k
- x j is an integer defined by equation (1)
- each secret text to be input is a share by (t, s) Shamir secret sharing
- (t, s) Shamir secret sharing means that dispersive values obtained by dividing the input plaintext into s pieces are distributed and held in s secret calculation devices, and if any t shares are aligned It is secret sharing such that plaintext can be restored, and less than t shares can not obtain any information on plaintext.
- t is an integer of 1 or more, and s ⁇ 2t-1.
- step S13-1 the compression calculation unit 13 initializes j to 1.
- step S13-2 the compression calculation unit 13 creates a vector [b j, i ] of n j secret sentences using the array [a j -1 ] of secret sentences.
- the number n j of the vector [b j, i ] of the confidential text to be created differs depending on the value of j.
- n j be an integer defined by equation (3)
- i be an integer greater than or equal to 0 and less than n j
- [b j, i ] ([a j-1 [m j i + 0 ]], [a j-1 [m j i + 1]], ..., [a j-1 [m j i + m j -1]]) ( However, ⁇ ⁇
- when the [ As a j-1 [ ⁇ ]] 0), the vector [b j, j ] of the secret sentence is calculated.
- step S13-3 the compression calculation unit 13 calculates the array [a j ] of the confidential text having the inner product of the vector [b j, j ] of the confidential text and the vector [v j ] of the confidential text as the i th element. Do.
- step S13-4 the compression calculation unit 13 determines whether j + 1 is k or less (j + 1 ⁇ k), and increments j by j if j + 1 is k or less (jk j + 1), and the process returns to step S13-2. If j + 1 is larger than k (j + 1> k), an array [a k ] of secret sentences is output. At this time, the array of secret sentences [a k ] is an array having one element.
- step S14 the reading unit 14 outputs the array [a k ] of the confidential text with the element number 1 as the confidential text [a 0 [x]] which is the x-th element of the array [a 0 ] of the confidential text .
- the first embodiment takes advantage of the fact that (t, s) Shamir secret sharing can perform multiplication (inner product) up to k-1 stages in one multiplication and reads the i-th element with a size ⁇
- the point is that it is represented by the inner product of k stages by the vector of (n 1 / k ).
- the size of each vector is O (n 1 / k ) and the calculation of the k ⁇ 1th stage can be performed O (n 1 / k ) times, the total amount of communication is O (n 1 / k Can be suppressed.
- the secret writing device receives the sequence of the secret text, the secret text of the write address and the secret text of the value to be written, and adds the value to the element of the write address of the sequence of the secret text. At this time, the inner product of the vector representing the write address and the vector representing the value to be written is added to the array of the confidential text.
- the secret writing device 2 includes, as illustrated in FIG. 3, an input unit 21, an address resolving unit 22, a vector creating unit 23, and a writing unit 24.
- the secret writing method of the second embodiment is realized by the secret writing device 2 performing the processing of each step illustrated in FIG. 4.
- the secret writing device 2 is, for example, a special program configured by reading a special program into a known or dedicated computer having a central processing unit (CPU: Central Processing Unit), a main storage device (RAM: Random Access Memory), etc. Device.
- the secret writing device 2 executes each process, for example, under the control of the central processing unit.
- the data input to the secret writing device 2 and the data obtained by each process are stored, for example, in the main storage device, and the data stored in the main storage device is read out to the central processing unit as necessary. It is used for other processing.
- At least a part of each processing unit of the secret writing device 2 may be configured by hardware such as an integrated circuit.
- m is an integer of 2 or more
- i is each integer of 0 or more and less than m.
- the input unit 21 outputs the confidential text [x i ] of the write destination address and the confidential text [y i ] of the value to be written to the address resolution section 22.
- the element of 1 be a vector of secret sentences of size n 1 where the other elements are 0, and the vector [q i ] of secret sentences is
- n 1 and n 2 can be expressed by equation (4).
- (t, s) Shamir secret sharing means that dispersive values obtained by dividing the input plaintext into s pieces are distributed and held in s secret calculation devices, and if any t shares are aligned It is secret sharing such that plaintext can be restored, and less than t shares can not obtain any information on plaintext.
- t is an integer of 1 or more, and s ⁇ 2t-1.
- step S23 the vector creating unit 23 sets j to an integer of 0 or more and less than n, selects an element from the vector [w i ] of the secret sentence, and generates a vector [u j ], [v j ] of the secret sentence Do.
- i is an integer of 0 or more and less than m
- j is an integer of 0 or more and less than n
- ⁇ 1 and ⁇ 2 are formula (5).
- step S24 the writing unit 24 sets j as an integer greater than or equal to 0 and less than n, and calculates the inner product of the secret statement vector [u j ] and the secret statement vector [v j ] as j of the secret statement array [a]. It adds to the secrecy sentence [a [j]] which is the second element.
- the value to be written is expressed by the inner product of two vectors so that the value to be added to each address of the write destination can be calculated by the inner product of vectors of size m. is there. Since the inner product can be calculated by communication for one multiplication, the total amount of communication can be suppressed to O (n + m ⁇ n).
- the program describing the processing content can be recorded in a computer readable recording medium.
- a computer readable recording medium any medium such as a magnetic recording device, an optical disc, a magneto-optical recording medium, a semiconductor memory, etc. may be used.
- this program is carried out, for example, by selling, transferring, lending, etc. a portable recording medium such as a DVD, a CD-ROM, etc. in which the program is recorded.
- this program may be stored in a storage device of a server computer, and the program may be distributed by transferring the program from the server computer to another computer via a network.
- a computer that executes such a program first temporarily stores a program recorded on a portable recording medium or a program transferred from a server computer in its own storage device. Then, at the time of execution of the process, this computer reads the program stored in its own storage device and executes the process according to the read program. Further, as another execution form of this program, the computer may read the program directly from the portable recording medium and execute processing according to the program, and further, the program is transferred from the server computer to this computer Each time, processing according to the received program may be executed sequentially.
- ASP Application Service Provider
- the program in the present embodiment includes information provided for processing by a computer that conforms to the program (such as data that is not a direct command to the computer but has a property that defines the processing of the computer).
- the present apparatus is configured by executing a predetermined program on a computer, at least a part of the processing contents may be realized as hardware.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Document Processing Apparatus (AREA)
Abstract
Description
ある値aを暗号化や秘密分散などにより秘匿化した値をaの秘匿文と呼び、[a]と表記する。また、aを[a]の平文と呼ぶ。秘匿化が秘密分散である場合は、[a]により各秘密計算装置が持つ秘密分散の断片の集合を参照する。ベクトルa=(a0, a1, …)のi番目の要素をa[i]により参照する。ベクトルaの要素の数を|a|と表記する。
秘匿文に対する加算、減算、乗算の各演算は、2つの値a, bの秘匿文[a], [b]を入力とし、それぞれa+b, a-b, abの計算結果c1, c2, c3の秘匿文[c1], [c2], [c3]を計算する。これらの演算の実行をそれぞれ次式のように記述する。
2つの値a, bの秘匿文[a], [b]を入力とし、a=bならばc=1、a≠bならばc=0となる秘匿文[c]を計算する処理を次式のように記述する。
第一実施形態の秘密読み込み装置は、秘匿文の配列と読み込み位置の秘匿文とを入力とし、当該秘匿文の配列の当該読み込み位置の要素を出力する。この際、読み込み位置を表現するベクトルと秘匿文の配列に基づくベクトルとの内積を要素とする新たな秘匿文の配列を生成することを新たな秘匿文の配列の要素数が1となるまで繰り返し、要素数が1の新たな秘匿文の配列を読み込み位置の要素として出力することを特徴とする。
第二実施形態の秘密書き込み装置は、秘匿文の配列と書き込み番地の秘匿文と書き込む値の秘匿文とを入力とし、当該秘匿文の配列の当該書き込み番地の要素に当該値を加算する。この際、書き込み番地を表現するベクトルと書き込む値を表現するベクトルとの内積を秘匿文の配列に加算することを特徴とする。
上記実施形態で説明した各装置における各種の処理機能をコンピュータによって実現する場合、各装置が有すべき機能の処理内容はプログラムによって記述される。そして、このプログラムをコンピュータで実行することにより、上記各装置における各種の処理機能がコンピュータ上で実現される。
Claims (13)
- 秘匿文の配列と読み込み位置の秘匿文とを入力とし、当該秘匿文の配列の当該読み込み位置の要素を出力する秘密読み込み装置であって、
上記読み込み位置を表現するベクトルと上記秘匿文の配列に基づくベクトルとの内積を要素とする新たな秘匿文の配列を生成することを上記新たな秘匿文の配列の要素数が1となるまで繰り返し、要素数が1の上記新たな秘匿文の配列を上記読み込み位置の要素として出力する、
秘密読み込み装置。 - 請求項1に記載の秘密読み込み装置であって、
n, kを2以上の整数とし、jを1以上k以下の各整数とし、
上記秘密読み込み装置は、大きさnの秘匿文の配列[a0]=([a0[0]], [a0[1]], …,[a0[n-1]])と読み込み位置xの秘匿文[x]とを入力とし、秘匿文の配列[a0]のx番目の要素である秘匿文[a0[x]]を出力するものであり、
各整数jについて秘匿文[x]を用いて秘匿文のベクトル[vj]を作成するベクトル作成部と、
各整数jについて秘匿文の配列[aj-1]と秘匿文のベクトル[vj]とを用いて秘匿文の配列[aj]を作成する圧縮計算部と、
要素数が1の秘匿文の配列[ak]を秘匿文の配列[a0]のx番目の要素である秘匿文[a0[x]]として出力する読み込み部と、
を含む秘密読み込み装置。 - 秘匿文の配列と読み込み位置の秘匿文とを入力とし、当該秘匿文の配列の当該読み込み位置の要素を出力する秘密読み込み装置が実行する秘密読み込み方法であって、
上記秘密読み込み装置が、上記読み込み位置を表現するベクトルと上記秘匿文の配列に基づくベクトルとの内積を要素とする新たな秘匿文の配列を生成することを上記新たな秘匿文の配列の要素数が1となるまで繰り返し、要素数が1の上記新たな秘匿文の配列を上記読み込み位置の要素として出力する、
秘密読み込み方法。 - 秘匿文の配列と書き込み番地の秘匿文と書き込む値の秘匿文とを入力とし、当該秘匿文の配列の当該書き込み番地の要素に当該値を加算する秘密書き込み装置であって、
上記書き込み番地を表現するベクトルと上記書き込む値を表現するベクトルとの内積を上記秘匿文の配列に加算する、
秘密書き込み装置。 - 請求項7に記載の秘密書き込み装置であって、
n, mを2以上の整数とし、iを0以上m未満の各整数とし、jを0以上n未満の各整数とし、
上記秘密書き込み装置は、大きさnの秘匿文の配列[a]=([a[0]], [a[1]], …,[a[n-1]])と書き込み番地xiの秘匿文[xi]と書き込む値yiの秘匿文[yi]とを入力とし、各整数iについて秘匿文の配列[a]のxi番目の要素である秘匿文[a[xi]]に値yiを加算するものであり、
各整数iについて値yiの書き込み先番地xiを表現する秘匿文のベクトル[wi]を作成する番地分解部と、
各整数jについて秘匿文のベクトル[wi]から要素を選択して秘匿文のベクトル[uj], [vj]を作成するベクトル作成部と、
各整数jについて秘匿文のベクトル[uj]と秘匿文のベクトル[vj]との内積を秘匿文の配列[a]のj番目の要素である秘匿文[a[j]]に加算する書き込み部と、
を含む秘密書き込み装置。 - 秘匿文の配列と書き込み番地の秘匿文と書き込む値の秘匿文とを入力とし、当該秘匿文の配列の当該書き込み番地の要素に当該値を加算する秘密書き込み装置が実行する秘密書き込み方法であって、
上記秘密書き込み装置が、上記書き込み番地を表現するベクトルと上記書き込む値を表現するベクトルとの内積を上記秘匿文の配列に加算する、
秘密書き込み方法。 - 請求項1から5のいずれかに記載の秘密読み込み装置または請求項7から11のいずれかに記載の秘密書き込み装置としてコンピュータを機能させるためのプログラム。
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2018338249A AU2018338249B2 (en) | 2017-09-21 | 2018-09-11 | Secure reading apparatus, secure writing apparatus, method thereof, and program |
US16/648,436 US11514192B2 (en) | 2017-09-21 | 2018-09-11 | Secure reading apparatus, secure writing apparatus, method thereof, and program for reading and writing data in a sequence without revealing an access position |
JP2019543567A JP6825119B2 (ja) | 2017-09-21 | 2018-09-11 | 秘密読み込み装置、秘密書き込み装置、それらの方法、およびプログラム |
EP18859584.7A EP3686870B1 (en) | 2017-09-21 | 2018-09-11 | Secure reading apparatus, secure writing apparatus, method thereof, and program |
CN201880060802.8A CN111133495B (zh) | 2017-09-21 | 2018-09-11 | 秘密读取装置、秘密写入装置、它们的方法以及记录介质 |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2017-181262 | 2017-09-21 | ||
JP2017181263 | 2017-09-21 | ||
JP2017-181263 | 2017-09-21 | ||
JP2017181262 | 2017-09-21 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2019059042A1 true WO2019059042A1 (ja) | 2019-03-28 |
Family
ID=65811173
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2018/033595 WO2019059042A1 (ja) | 2017-09-21 | 2018-09-11 | 秘密読み込み装置、秘密書き込み装置、それらの方法、およびプログラム |
Country Status (6)
Country | Link |
---|---|
US (1) | US11514192B2 (ja) |
EP (1) | EP3686870B1 (ja) |
JP (1) | JP6825119B2 (ja) |
CN (1) | CN111133495B (ja) |
AU (1) | AU2018338249B2 (ja) |
WO (1) | WO2019059042A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2023233569A1 (ja) * | 2022-06-01 | 2023-12-07 | 日本電信電話株式会社 | 秘密検索システム、秘密検索装置、秘密検索方法、プログラム |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140007250A1 (en) * | 2012-06-15 | 2014-01-02 | The Regents Of The University Of California | Concealing access patterns to electronic data storage for privacy |
WO2016019294A1 (en) * | 2014-07-31 | 2016-02-04 | Cornell University | Oblivious parallel random access machine system and methods |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2011150693A (ja) * | 2009-12-22 | 2011-08-04 | Tani Electronics Corp | 情報管理システム、情報管理の方法および装置、暗号化の方法およびプログラム |
WO2012046692A1 (ja) * | 2010-10-06 | 2012-04-12 | 日本電信電話株式会社 | 秘密分散システム、秘密分散装置、秘密分散方法、秘密ソート方法、秘密分散プログラム |
US9064123B2 (en) * | 2011-03-10 | 2015-06-23 | Nippon Telegraph And Telephone Corporation | Secure product-sum combination system, computing apparatus, secure product-sum combination method and program therefor |
JP2014048548A (ja) * | 2012-09-02 | 2014-03-17 | Hiroshima City Univ | 秘匿計算システム、データ処理装置、秘匿計算方法、秘匿計算プログラム、および、記録媒体 |
CN105981088B (zh) * | 2014-01-28 | 2019-05-03 | 日本电信电话株式会社 | 秘密计算方法、秘密计算系统、注册者终端以及记录介质 |
-
2018
- 2018-09-11 AU AU2018338249A patent/AU2018338249B2/en active Active
- 2018-09-11 JP JP2019543567A patent/JP6825119B2/ja active Active
- 2018-09-11 CN CN201880060802.8A patent/CN111133495B/zh active Active
- 2018-09-11 US US16/648,436 patent/US11514192B2/en active Active
- 2018-09-11 EP EP18859584.7A patent/EP3686870B1/en active Active
- 2018-09-11 WO PCT/JP2018/033595 patent/WO2019059042A1/ja unknown
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140007250A1 (en) * | 2012-06-15 | 2014-01-02 | The Regents Of The University Of California | Concealing access patterns to electronic data storage for privacy |
WO2016019294A1 (en) * | 2014-07-31 | 2016-02-04 | Cornell University | Oblivious parallel random access machine system and methods |
Non-Patent Citations (6)
Title |
---|
BOYLE, E. ET AL.: "Large-Scale Secure Computation", CRYPTOLOGY EPRINT ARCHIVE, REPORT 2014/404, 2 June 2014 (2014-06-02), pages 1 - 74, XP061016197, Retrieved from the Internet <URL:https://eprint.iacr.org/2014/404> [retrieved on 20181130] * |
KELLER, M. ET AL.: "Efficient, Oblivious Data Structures for MPC", INTERNATIONAL ASSOCIATION FOR CRYPTOLOGY RESEARCH, CRYPTOLOGY EPRINT ARCHIVE, REPORT 2014/137, 15 August 2014 (2014-08-15), pages 1 - 31, XP047494286, Retrieved from the Internet <URL:https://eprint.iacr.org/2014/137> [retrieved on 20181130] * |
KOJI CHIDAKOKI HAMADADAI IKARASHIKATSUMI TAKAHASHI: "Reconsideration of Lightweight Verifiable Three-party Secure Function Evaluation", CSS, 2010 |
MARCEL KELLERPETER SCHOLL: "Efficient, oblivious data structures for MPC", ADVANCES IN CRYPTOLOGY - ASIACRYPT 2014, VOL. 8874 OF LECTURE NOTES IN COMPUTER SCIENCE, vol. 8874, 2014, pages 506 - 525, XP047494286, DOI: 10.1007/978-3-662-45608-8_27 |
See also references of EP3686870A4 |
TOFT, T.: "Secure Datastructures based on Multiparty Computation", CRYPTOLOGY EPRINT ARCHIVE, REPORT 2011/081, 20 February 2011 (2011-02-20), pages 1 - 15, XP061004690, Retrieved from the Internet <URL:https://eprint. iacr.org/2011/081> [retrieved on 20181130] * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2023233569A1 (ja) * | 2022-06-01 | 2023-12-07 | 日本電信電話株式会社 | 秘密検索システム、秘密検索装置、秘密検索方法、プログラム |
Also Published As
Publication number | Publication date |
---|---|
EP3686870B1 (en) | 2022-07-27 |
US20200218833A1 (en) | 2020-07-09 |
EP3686870A1 (en) | 2020-07-29 |
CN111133495B (zh) | 2023-05-05 |
US11514192B2 (en) | 2022-11-29 |
JP6825119B2 (ja) | 2021-02-03 |
AU2018338249A1 (en) | 2020-03-19 |
JPWO2019059042A1 (ja) | 2020-10-01 |
AU2018338249B2 (en) | 2020-11-26 |
CN111133495A (zh) | 2020-05-08 |
EP3686870A4 (en) | 2021-01-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11164484B2 (en) | Secure computation system, secure computation device, secure computation method, and program | |
CN111512592A (zh) | 转换密钥生成装置、密文转换装置、隐匿信息处理系统、转换密钥生成方法、转换密钥生成程序、密文转换方法和密文转换程序 | |
WO2019102624A1 (ja) | 準同型推論装置、準同型推論方法、準同型推論プログラム及び秘匿情報処理システム | |
JP6583970B2 (ja) | 秘密乱数合成装置、秘密乱数合成方法、およびプログラム | |
US11294633B2 (en) | Secure computation system, secure computation device, secure computation method, and program | |
JP6534778B2 (ja) | 秘密計算システム、秘密計算装置、秘密計算方法、およびプログラム | |
JP7067632B2 (ja) | 秘密シグモイド関数計算システム、秘密ロジスティック回帰計算システム、秘密シグモイド関数計算装置、秘密ロジスティック回帰計算装置、秘密シグモイド関数計算方法、秘密ロジスティック回帰計算方法、プログラム | |
KR20200047002A (ko) | 동형 암호를 이용한 암호문 비교 방법 및 이를 수행하기 위한 장치 | |
JP6585846B2 (ja) | 秘密計算システム、秘密計算装置、秘密計算方法、およびプログラム | |
WO2019059042A1 (ja) | 秘密読み込み装置、秘密書き込み装置、それらの方法、およびプログラム | |
WO2015107780A1 (ja) | 要素複製装置、要素複製方法、およびプログラム | |
CN111108540B (zh) | 秘密读写装置、秘密读写方法、以及记录介质 | |
Lee et al. | Model Parameter Estimation and Inference on Encrypted Domain: Application to Noise Reduction in Encrypted Images | |
WO2020250269A1 (ja) | 秘密除算システム、秘密計算装置、秘密除算方法、およびプログラム | |
Iezzi et al. | Towards Real-World Private Computations with Homomorphic Encryption: Current Solutions and Open Challenges |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18859584 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2019543567 Country of ref document: JP Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2018338249 Country of ref document: AU Date of ref document: 20180911 Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2018859584 Country of ref document: EP Effective date: 20200421 |